_   _ ____  _
                              ___| | | |  _ \| |
                             / __| | | | |_) | |
                            | (__| |_| |  _ <| |___
                             \___|\___/|_| \_\_____|

                                  Changelog

Version 7.75.0 (3 Feb 2021)

Daniel Stenberg (3 Feb 2021)
- RELEASE-NOTES: synced

- THANKS: added contributors from 7.75.0

- copyright: fix year ranges in need of updates

- TODO: remove items for next SONAME bump etc
  
  We want to avoid that completely, so we don't plan for things after such
  an event.

- [Jay Satiro brought this change]

  ngtcp2: Fix build error due to change in ngtcp2_settings
  
  - Separate ngtcp2_transport_params.
  
  ngtcp2/ngtcp2@05d7adc made ngtcp2_transport_params separate from
  ngtcp2_settings.
  
  ngtcp2 master is required to build curl with http3 support.
  
  Closes #6554

- vtls: remove md5sum
  
  As it is not used anymore.
  
  Reported-by: Jacob Hoffman-Andrews
  Bug: https://curl.se/mail/lib-2021-02/0000.html
  
  Closes #6557

- [Alessandro Ghedini brought this change]

  quiche: don't use primary_ip / primary_port
  
  Closes #6555

Alessandro Ghedini (1 Feb 2021)
- travis: enable quiche's FFI feature

Daniel Stenberg (30 Jan 2021)
- [Dmitry Wagin brought this change]

  http: improve AWS HTTP v4 Signature auth
  
  - Add support services without region and service prefixes in
  the URL endpoint (ex. Min.IO, GCP, Yandex Cloud, Mail.Ru Cloud Solutions, etc)
  by providing region and service parameters via aws-sigv4 option.
  - Add [:region[:service]] suffix to aws-sigv4 option;
  - Fix memory allocation errors.
  - Refactor memory management.
  - Use Curl_http_method instead() STRING_CUSTOMREQUEST.
  - Refactor canonical headers generating.
  - Remove repeated sha256_to_hex() usage.
  - Add some docs fixes.
  - Add some codestyle fixes.
  - Add overloaded strndup() for debug - curl_dbg_strndup().
  - Update tests.
  
  Closes #6524

- hyper: fix CONNECT to set 'data' as userdata
  
  Follow-up to 14e075d1a7fd

- [Layla brought this change]

  connect: fix compile errors in `Curl_conninfo_local`
  
  .. for the `#else` (`!HAVE_GETSOCKNAME`) case
  
  Fixes https://github.com/curl/curl/issues/6548
  Closes #6549
  
  Signed-off-by: Layla <layla@insightfulvr.com>

- [Michał Antoniak brought this change]

  transfer: fix GCC 10 warning with flag '-Wint-in-bool-context'
  
  ... and return the error code from the Curl_mime_rewind call.
  
  Closes #6537

- [Michał Antoniak brought this change]

  avoid warning: enum constant in boolean context

- copyright: fix missing year (range) updates

- RELEASE-NOTES: synced

- openssl: lowercase the hostname before using it for SNI
  
  ... because it turns out several servers out there don't actually behave
  correctly otherwise in spite of the fact that the SNI field is
  specifically said to be case insensitive in RFC 6066 section 3.
  
  Reported-by: David Earl
  Fixes #6540
  Closes #6543

- KNOWN_BUGS: cmake: ExternalProject_Add does not set CURL_CA_PATH
  
  Closes #6313

- KNOWN_BUGS: Multi perform hangs waiting for threaded resolver
  
  Closes #4852

- KNOWN_BUGS: "pulseUI VPN client" is known to be buggy
  
  First entry in the new section "applications" for known problems in
  libcurl using applications.
  
  Closes #6306

- tool_writeout: make %{errormsg} blank for no errors
  
  Closes #6539

Jay Satiro (27 Jan 2021)
- [Gisle Vanem brought this change]

  build: fix djgpp builds
  
  - Update build instructions in packages/DOS/README
  
  - Extend 'VPATH' with 'vquic' and 'vssh'.
  
  - Allow 'Makefile.dist' to build both 'lib' and 'src'.
  
  - Allow using the Windows hosted djgpp cross compiler to build for MSDOS
    under Windows.
  
  - 'USE_SSL' -> 'USE_OPENSSL'
  
  - Added a 'link_EXE' macro. Etc, etc.
  
  - Linking 'curl.exe' needs '$(CURLX_CFILES)' too.
  
  - Do not pick-up '../lib/djgpp/*.o' files. Recompile locally.
  
  - Generate a gzipped 'tool_hugehelp.c' if 'USE_ZLIB=1'.
  
  - Remove 'djgpp-clean'
  
  - Adapt to new C-ares directory structure
  
  - Use conditional variable assignments
  
  Clarify the 'conditional variable assignment' in 'common.dj'.
  
  Closes https://github.com/curl/curl/pull/6382

Daniel Stenberg (27 Jan 2021)
- [Ikko Ashimine brought this change]

  hyper: fix typo in c-hyper.c
  
  settting -> setting
  
  Closes #6538

- libssh2: fix CURL_LIBSSH2_DEBUG-enabled build
  
  Follow-up to 2dcc940959772a
  
  Reported-by: Gisle Vanem
  Bug: https://github.com/curl/curl/commit/2dcc940959772a652f6813fb6bd3092095a4877b#commitcomment-46420088

Jay Satiro (27 Jan 2021)
- asyn-thread: fix build for when getaddrinfo missing
  
  This is a follow-up to 8315343 which several days ago moved the resolver
  pointer into the async struct but did not update the code that uses it
  when getaddrinfo is not present.
  
  Closes https://github.com/curl/curl/pull/6536

Daniel Stenberg (27 Jan 2021)
- urldata: move 'ints' to the end of 'connectdata'
  
  To optimize storage slightly.
  
  Closes #6534

- urldata: store ip version in a single byte
  
  Closes #6534

- urldata: remove duplicate 'upkeep_interval_ms' from connectdata
  
  ... and rely only on the value already set in Curl_easy.
  
  Closes #6534

- urldata: remove 'local_ip' from the connectdata struct
  
  As the info is already stored in the transfer handle anyway, there's no
  need to carry around a duplicate buffer for the life-time of the handle.
  
  Closes #6534

- urldata: remove duplicate port number storage
  
  ... and use 'int' for ports. We don't use 'unsigned short' since -1 is
  still often used internally to signify "unknown value" and 0 - 65535 are
  all valid port numbers.
  
  Closes #6534

- urldata: remove the duplicate 'ip_addr_str' field
  
  ... as the numerical IP address is already stored and kept in 'primary_ip'.
  
  Closes #6534

- select: convert Curl_select() to private static function
  
  The old function should not be used anywhere anymore (the only remaining
  gskit use has to be fixed to instead use Curl_poll or none at all).
  
  The static function version is now called our_select() and is only built
  if necessary.
  
  Closes #6531

- Curl_chunker: shrink the struct
  
  ... by removing a field, converting the hex index into a byte and
  rearranging the order. Cuts it down from 48 bytes to 32 on x86_64.
  
  Closes #6527

- curl: include the file name in --xattr/--remote-time error msgs

- curl: s/config->global/global/ in single_transfer()

- curl: move fprintf outputs to warnf
  
  For setting and getting time of the download. To make the outputs
  respect --silent etc.
  
  Reported-by: Viktor Szakats
  Fixes #6533
  Closes #6535

- [Tatsuhiro Tsujikawa brought this change]

  ngtcp2: Fix http3 upload stall
  
  Closes #6521

- [Tatsuhiro Tsujikawa brought this change]

  ngtcp2: Fix stack buffer overflow
  
  Closes #6521

- warnless.h: remove the prototype for curlx_ultosi
  
  Follow-up to 217552503ff3

- warnless: remove curlx_ultosi
  
  ... not used anywhere
  
  Closes #6530

- [Patrick Monnerat brought this change]

  lib: remove conn->data uses
  
  Closes #6515

- pingpong: remove the 'conn' struct member
  
  ... as it's superfluous now when Curl_easy is passed in and we can
  derive the connection from that instead and avoid the duplicate copy.
  
  Closes #6525

- hostip/proxy: remove conn->data use
  
  Closes #6513

- url: reduce conn->data references
  
  ... there are a few left but let's keep them to last
  
  Closes #6512

- scripts/singleuse: add curl_easy_option*

Jay Satiro (25 Jan 2021)
- test410: fix for windows
  
  - Pass the very long request header via file instead of command line.
  
  Prior to this change the 49k very long request header string was passed
  via command line and on Windows that is too long so it was truncated and
  the test would fail (specifically msys CI).
  
  Closes https://github.com/curl/curl/pull/6516

Daniel Stenberg (25 Jan 2021)
- libssh2: move data from connection object to transfer object
  
  Readdir data, filenames and attributes are strictly related to the
  transfer and not the connection. This also reduces the total size of the
  fixed connectdata struct.
  
  Closes #6519

- RELEASE-NOTES: synced

- [Patrick Monnerat brought this change]

  lib: remove conn->data uses
  
  Closes #6499

- hyper: remove the conn->data references
  
  Closes #6508

- travis: build ngtcp2 --with-gnutls
  
  ... since they disable it by default since a few days back.
  
  Closes #6506
  Fixes #6493

- hostip: remove conn->data from resolver functions
  
  This also moves the 'async' struct from the connectdata struct into the
  Curl_easy struct, which seems like a better home for it.
  
  Closes #6497

Jay Satiro (22 Jan 2021)
- strerror: skip errnum >= 0 assertion on windows
  
  On Windows an error number may be greater than INT_MAX and negative once
  cast to int.
  
  The assertion is checked only in debug builds.
  
  Closes https://github.com/curl/curl/pull/6504

Daniel Stenberg (21 Jan 2021)
- doh: make Curl_doh_is_resolved survive a NULL pointer
  
  ... if Curl_doh() returned a NULL, this function gets called anyway as
  in a asynch procedure. Then the doh struct pointer is NULL and signifies
  an OOM situation.
  
  Follow-up to 6246a1d8c6776

- wolfssh: remove conn->data references
  
  ... and repair recent build breakage
  
  Closes #6507

- http: empty reply connection are not left intact
  
  ... so mark the connection as closed in this condition to prevent that
  verbose message to wrongly appear.
  
  Reported-by: Matt Holt
  Bug: https://twitter.com/mholt6/status/1352130240265375744
  Closes #6503

- chunk/encoding: remove conn->data references
  
  ... by anchoring more functions on Curl_easy instead of connectdata
  
  Closes #6498

Jay Satiro (20 Jan 2021)
- [Erik Olsson brought this change]

  lib: save a bit of space with some structure packing
  
  - Reorder some internal struct members so that less padding is used.
  
  This is an attempt at saving a bit of space by packing some structs
  (using pahole to find the holes) where it might make sense to do
  so without losing readability.
  
  I.e., I tried to avoid separating fields that seem grouped
  together (like the cwd... fields in struct ftp_conn for instance).
  Also abstained from touching fields behind conditional macros as
  that quickly can get complicated.
  
  Closes https://github.com/curl/curl/pull/6483

Daniel Stenberg (20 Jan 2021)
- INSTALL.md: fix typo
  
  Found-by: Marcel Raad

- [Fabian Keil brought this change]

  http: get CURLOPT_REQUEST_TARGET working with a HTTP proxy
  
  Added test 1613 to verify.
  
  Closes #6490

- Merge branch 'bagder/curl_range-data-conn'

- ftp: remove conn->data leftover

- curl_range: remove conn->data
  
  Closes #6496

- INSTALL: now at 85 operating systems

- quiche: fix unused parameter ‘conn’
  
  Follow-up to 2bdec0b3

- transfer: fix ‘conn’ undeclared mistake for iconv build
  
  Follow-up to 219d9f8620d

- doh: allocate state struct on demand
  
  ... instead of having it static within the Curl_easy struct. This takes
  away 1176 bytes (18%) from the Curl_easy struct that aren't used very
  often and instead makes the code allocate it when needed.
  
  Closes #6492

- socks: use the download buffer instead
  
  The SOCKS code now uses the generic download buffer for temporary
  storage during the connection procedure, instead of having its own
  private 600 byte buffer that adds to the connectdata struct size. This
  works fine because this point the buffer is allocated but is not use for
  download yet since the connection hasn't completed.
  
  This reduces the connection struct size by 22% on a 64bit arch!
  
  The SOCKS buffer needs to be at least 600 bytes, and the download buffer
  is guaranteed to never be smaller than 1000 bytes.
  
  Closes #6491

- urldata: make magic be the first struct field
  
  By making the `magic` identifier the same size and at the same place
  within the structs (easy, multi, share), libcurl will be able to more
  reliably detect and safely error out if an application passes in the
  wrong handle to APIs. Easier to detect and less likely to cause crashes
  if done.
  
  Such mixups can't be detected at compile-time due to them being
  typedefed void pointers - unless `CURL_STRICTER` is defined.
  
  Closes #6484

- http_chunks: correct and clarify a comment on hexnumber length
  
  ... and also rename the define for max length.
  
  Closes #6489

- curl_path: remove conn->data use
  
  Closes #6487

- transfer: remove conn->data use
  
  Closes #6486

- quic: remove conn->data use
  
  Closes #6485

- [Fabian Keil brought this change]

  Add test1181: Proxy request with --proxy-header "Connection: Keep-Alive"

- [Fabian Keil brought this change]

  Add test1180: Proxy request with -H "Proxy-Connection: Keep-Alive"
  
  At the moment the test fails as curl sends two Proxy-Connection
  headers.

- c-hyper: avoid duplicated Proxy-Connection headers

- http: make providing Proxy-Connection header not cause duplicated headers
  
  Fixes test 1180
  
  Bug: https://curl.se/mail/lib-2021-01/0095.html
  Reported-by: Fabian Keil
  Closes #6472

- runtests: preprocess DISABLED to allow conditionals
  
  ... with this function provided, we can disable tests for specific
  environments and setups directly within this file.
  
  Closes #6477

- runtests: turn preprocessing into a separate function
  
  ... and remove all other variable substitutions as they're now done once
  and for all in the preprocessor.

- lib/Makefile.inc: convert to listing each file on its own line
  
  ... to make it diff friendlier and easier to read.
  
  Closes #6448

- ftplistparser: remove use of conn->data
  
  Closes #6482

- lib: more conn->data cleanups
  
  Closes #6479

- [Patrick Monnerat brought this change]

  vtls: reduce conn->data use
  
  Closes #6474

- hyper: deliver data to application with Curl_client_write
  
  ... just as the native code path does. Avoids sending too large data
  chunks in the callback and more.
  
  Reported-by: Gisle Vanem
  Fixes #6462
  Closes #6473

- gopher: remove accidental conn->data leftover

- libssh: avoid plain free() of libssh-memory
  
  Since curl's own memory debugging system redefines free() calls to track
  and fiddle with memory, it cannot be used on memory allocated by 3rd
  party libraries.
  
  Third party libraries SHOULD NOT require free() to release allocated
  resources for this reason - and libs can use separate healp allocators
  on some systems (like Windows) so free() doesn't necessarily work
  anyway.
  
  Filed as an issue with libssh: https://bugs.libssh.org/T268
  
  Closes #6481

- send: assert that Curl_write_plain() has a ->conn when called
  
  To help catch bad invokes.
  
  Closes #6476

- test410: verify HTTPS GET with a 49K request header
  
  skip test 410 for mesalink in the CI as it otherwise hangs "forever"

- lib: pass in 'struct Curl_easy *' to most functions
  
  ... in most cases instead of 'struct connectdata *' but in some cases in
  addition to.
  
  - We mostly operate on transfers and not connections.
  
  - We need the transfer handle to log, store data and more. Everything in
    libcurl is driven by a transfer (the CURL * in the public API).
  
  - This work clarifies and separates the transfers from the connections
    better.
  
  - We should avoid "conn->data". Since individual connections can be used
    by many transfers when multiplexing, making sure that conn->data
    points to the current and correct transfer at all times is difficult
    and has been notoriously error-prone over the years. The goal is to
    ultimately remove the conn->data pointer for this reason.
  
  Closes #6425

Emil Engler (17 Jan 2021)
- docs: fix typos in NEW-PROTOCOL.md
  
  This fixes a misspelled "it" and a grammatically wrong "-ing" suffix.
  
  Closes #6471

Daniel Stenberg (16 Jan 2021)
- RELEASE-NOTES: synced

Jay Satiro (16 Jan 2021)
- [Razvan Cojocaru brought this change]

  cmake: expose CURL_DISABLE_OPENSSL_AUTO_LOAD_CONFIG
  
  This does for cmake builds what --disable-openssl-auto-load-config
  does for autoconf builds.
  
  Closes https://github.com/curl/curl/pull/6435

Daniel Stenberg (15 Jan 2021)
- test1918: verify curl_easy_option_by_name() and curl_easy_option_by_id()
  
  ... and as a practical side-effect, make sure that the
  Curl_easyopts_check() function is asserted in debug builds, which we
  want to detect mismatches between the options list in easyoptions.c and
  the options in curl.h
  
  Found-by: Gisle Vanem
  Bug: https://github.com/curl/curl/commit/08e8455dddc5e48e58a12ade3815c01ae3da3b64#commitcomment-45991815
  
  Closes #6461

- [Gisle Vanem brought this change]

  easyoptions: add the missing AWS_SIGV4
  
  Follow-up from AWS_SIGV4

- schannel_verify: fix safefree call typo
  
  Follow-up from e87ad71d1ba00519
  
  Closes #6459

- mime: make sure setting MIMEPOST to NULL resets properly
  
  ... so that a function can first use MIMEPOST and then set it to NULL to
  reset it back to a blank POST.
  
  Added test 584 to verify the fix.
  
  Reported-by: Christoph M. Becker
  
  Fixes #6455
  Closes #6456

- multi: set the PRETRANSFER time-stamp when we switch to PERFORM
  
  ... instead of at end of the DO state. This makes the timer more
  accurate for the protocols that use the DOING state (such as FTP), and
  simplifies how the function (now called init_perform) is called.
  
  The timer will then include the entire procedure up to PERFORM -
  including all instructions for getting the transfer started.
  
  Closes #6454

- CURLINFO_PRETRANSFER_TIME.3: clarify
  
  ... the timer *does* include the instructions for getting the remote
  file.
  
  Ref: #6452
  Closes #6453

- [Gisle Vanem brought this change]

  schannel: plug a memory-leak
  
  ... when built without -DUNICODE.
  
  Closes #6457

Jay Satiro (14 Jan 2021)
- gitattributes: Set batch files to CRLF line endings on checkout
  
  If a batch file is run without CRLF line endings (ie LF-only) then
  arbitrary behavior may occur. I consider that a bug in Windows, however
  the effects can be serious enough (eg unintended code executed) that
  we're fixing it in the repo by requiring CRLF line endings for batch
  files on checkout.
  
  Prior to this change the checked-out line endings of batch files were
  dependent on a user's git preferences. On Windows it is common for git
  users to have automatic CRLF conversion enabled (core.autocrlf true),
  but those users that don't would run into this behavior.
  
  For example a user has reported running the Visual Studio project
  generator batch file (projects/generate.bat) and it looped forever.
  Output showed that the Windows OS interpreter was occasionally jumping
  to arbitrary points in the batch file and executing commands. This
  resulted in unintended files being removed (a removal sequence called)
  and looping forever.
  
  Ref: https://serverfault.com/q/429594
  Ref: https://stackoverflow.com/q/232651
  Ref: https://www.dostips.com/forum/viewtopic.php?t=8988
  Ref: https://git-scm.com/docs/gitattributes#_checking_out_and_checking_in
  Ref: https://git-scm.com/book/en/v2/Customizing-Git-Git-Configuration#_core_autocrlf
  
  Bug: https://github.com/curl/curl/discussions/6427
  Reported-by: Ganesh Kamath
  
  Closes https://github.com/curl/curl/pull/6442

Daniel Stenberg (14 Jan 2021)
- tool_operate: spellfix a comment

- ROADMAP: refreshed
  
  o removed HSTS - already implemented
  o added HTTPS RR records
  o mention HTTP/3 completion

- http_chunks: remove Curl_ prefix from static functions

- transfer: remove Curl_ prefix from static functions

- tftp: remove Curl_ prefix from static functions

- multi: remove Curl_ prefix from static functions

- ldap: remove Curl_ prefix from static functions

- doh: remove Curl_ prefix from static functions

- asyn-ares: remove Curl_ prefix from static functions

- vtls: remove Curl_ prefix from static functions

- bearssl: remove Curl_ prefix from static functions

- mbedtls: remove Curl_ prefix from static functions

- wolfssl: remove Curl_ prefix from static functions

- nss: remove Curl_ prefix from static functions

- gnutls: remove Curl_ prefix from static functions

- openssl: remove Curl_ prefix from static functions
  
  ... as we reserve this prefix to library-wide functions.
  
  Closes #6443

- nss: get the run-time version instead of build-time
  
  Closes #6445

Jay Satiro (12 Jan 2021)
- tool_doswin: Restore original console settings on CTRL signal
  
  - Move Windows terminal init code from tool_main to tool_doswin.
  
  - Restore the original console settings on CTRL+C and CTRL+BREAK.
  
  Background: On Windows the curl tool changes the console settings to
  enable virtual terminal processing (eg color output) if supported
  (ie Win 10). The original settings are restored on exit but prior to
  this change were not restored in the case of the CTRL signals.
  
  Windows VT behavior varies depending on console/powershell/terminal;
  refer to the discussion in #6226.
  
  Assisted-by: Rich Turner
  
  Closes https://github.com/curl/curl/pull/6226

Daniel Stenberg (12 Jan 2021)
- gen.pl: fix perl syntax
  
  Follow-up to 324cf1d2e

- [Emil Engler brought this change]

  help: update to current codebase
  
  This commit bumps the help to the current state of the project.
  
  Closes #6437

- [Emil Engler brought this change]

  docs: fix line length bug in gen.pl
  
  The script warns if the length of $opt and $desc is > 78. However, these
  two variables are on totally separate lines so the check makes no sense.
  Also the $bitmask field is totally forgotten. Currently this leads to
  two warnings within `--resolve` and `--aws-sigv4`.
  
  Closes #6438

- [Emil Engler brought this change]

  docs: fix wrong documentation in help.d
  
  curl does not list all categories when you invoke "--help" without any
  parameters.
  
  Closes #6436

- aws-sigv4.d: polish the wording
  
  Make it shorter and imperative form
  
  Closes #6439

- [Fabian Keil brought this change]

  misc: fix typos
  
  Bug: https://curl.se/mail/lib-2021-01/0063.html
  Closes #6434

- multi_runsingle: bail out early on data->conn == NULL
  
  As that's a significant error condition and scan-build warns for NULL
  pointer dereferences if we don't.
  
  Closes #6433

- multi: skip DONE state if there's no connection left for ftp wildcard
  
  ... to avoid running in that state with data->conn being NULL.

- libssh2: fix "Value stored to 'readdir_len' is never read"
  
  Detected by scan-build

- connect: mark intentional ignores of setsockopt return values
  
  Pointed out by Coverity
  
  Closes #6431

Jay Satiro (11 Jan 2021)
- http_proxy: Fix CONNECT chunked encoding race condition
  
  - During the end-of-headers response phase do not mark the tunnel
    complete unless the response body was completely parsed/ignored.
  
  Prior to this change if the entirety of a CONNECT response with chunked
  encoding was not received by the time the final header was parsed then
  the connection would be marked done prematurely, before all the chunked
  data could be read in and ignored (since this is what we do with any
  CONNECT response body) and the connection could not be used.
  
  Bug: https://curl.se/mail/lib-2021-01/0033.html
  Reported-by: Fabian Keil
  
  Closes https://github.com/curl/curl/pull/6432

Daniel Stenberg (11 Jan 2021)
- RELEASE-NOTES: synced

- url: if IDNA conversion fails, fallback to Transitional
  
  This improves IDNA2003 compatiblity.
  
  Reported-by: Bubu on github
  Fixes #6423
  Closes #6428

- travis: make the Hyper build from its master branch
  
  Closes #6430

- http: make 'authneg' also work for Hyper
  
  When doing a request with a request body expecting a 401/407 back, that
  initial request is sent with a zero content-length. Test 177 and more.
  
  Closes #6424

Jay Satiro (8 Jan 2021)
- cmake: Add an option to disable libidn2
  
  New option USE_LIBIDN2 defaults to ON for libidn2 detection. Prior to
  this change libidn2 detection could not be turned off in cmake builds.
  
  Reported-by: William A Rowe Jr
  
  Fixes https://github.com/curl/curl/issues/6361
  Closes https://github.com/curl/curl/pull/6362

Daniel Stenberg (8 Jan 2021)
- HYPER: no longer needs the special branch

- test179: use consistent header line endings
  
  ... to make "Hyper mode" work better.

- file: don't provide content-length for directories
  
  ... as it is misleading.
  
  Ref #6379
  Closes #6421

- TODO: Directory listing for FILE:
  
  Ref #6379

- curl.h: add CURLPROTO_GOPHERS as own protocol identifier
  
  Follow-up to a1f06f32b860, to make sure it can be handled separately
  from plain gopher.
  
  Closes #6418

- http: have CURLOPT_FAILONERROR fail after all headers
  
  ... so that Retry-After and other meta-content can still be used.
  
  Added 1634 to verify. Adjusted test 194 and 281 since --fail now also
  includes the header-terminating CRLF in the output before it exits.
  
  Fixes #6408
  Closes #6409

- global_init: debug builds allocates a byte in init
  
  ... to make build tools/valgrind warn if no curl_global_cleanup is
  called.
  
  This is conditionally only done for debug builds with the env variable
  CURL_GLOBAL_INIT set.
  
  Closes #6410

- lib/unit tests: add missing curl_global_cleanup() calls

- travis: adapt to Hyper build change
  
  Closes #6419

- pretransfer: setup the User-Agent header here
  
  ... and not in the connection setup, as for multiplexed transfers the
  connection setup might be skipped and then the transfer would end up
  without the set user-agent!
  
  Reported-by: Flameborn on github
  Assisted-by: Andrey Gursky
  Assisted-by: Jay Satiro
  Assisted-by: Mike Gelfand
  Fixes #6312
  Closes #6417

- test66: disable with Hyper
  
  ...as Hyper doesn't support HTTP/0.9

- c-hyper: poll the tasks until end correctly
  
  ... makes test 36 work.
  
  Closes #6412

- [Gergely Nagy brought this change]

  mk-ca-bundle.pl: deterministic output when using -t
  
  Printing trust purposes are now sorted, making the output deterministic
  when running on the same input certdata.txt.
  
  Closes #6413

- KNOWN_BUGS: fixed "wolfSSL lacks support for renegotiation"
  
  Fixed by #6411

- [Himanshu Gupta brought this change]

  wolfssl: add SECURE_RENEGOTIATION support
  
  Closes #6411

- RELEASE-NOTES: synced

- wolfssl: update copyright year range
  
  Follow-up to 7de2e96535e9

- c-hyper: make CURLE_GOT_NOTHING work
  
  Test 30
  
  Closes #6407

- http_proxy: make CONNECT work with the Hyper backend
  
  Makes test 80 run
  
  Closes #6406

- TODO: --fail-with-body perchance?

Jay Satiro (4 Jan 2021)
- tool_operate: fix the suppression logic of some error messages
  
  - Fix the failed truncation and failed writing body error messages to
    not be shown unless error messages are shown. (ie the user has
    specified -sS, or has not specified -s).
  
  - Also prefix same error messages with "curl: ", for example:
    curl: (23) Failed to truncate, exiting
  
  Prior to this change the failed truncation error messages would be shown
  if not -s, but did not account for -sS which should show.
  
  Prior to this change the failed writing body error messages would be
  shown always.
  
  Ref: https://curl.se/docs/manpage.html#-S
  
  Bug: https://curl.se/mail/archive-2020-12/0017.html
  Reported-by: Hongyi Zhao
  
  Closes https://github.com/curl/curl/pull/6402

- wolfssl: Support wolfSSL builds missing TLS 1.1
  
  The wolfSSL TLS library defines NO_OLD_TLS in some of their build
  configurations and that causes the library to be built without TLS 1.1.
  For example if MD5 is explicitly disabled when building wolfSSL then
  that defines NO_OLD_TLS and the library is built without TLS 1.1 [1].
  
  Prior to this change attempting to build curl with a wolfSSL that was
  built with NO_OLD_TLS would cause a build link error undefined reference
  to wolfTLSv1_client_method.
  
  [1]: https://github.com/wolfSSL/wolfssl/blob/v4.5.0-stable/configure.ac#L2366
  
  Bug: https://curl.se/mail/lib-2020-12/0121.html
  Reported-by: Julian Montes
  
  Closes https://github.com/curl/curl/pull/6388

Daniel Stenberg (4 Jan 2021)
- test1633: set appropriate name
  
  "--retry with a 429 response and Retry-After:"

- travis: limit the tests with quiche builds to HTTPS and FTPS only
  
  ... since it runs into the 50 minute time limit too often otherwise.
  
  Closes #6403

- HISTORY: added dates to early history
  
  Mostly thanks to this archived web page for urlget:
  
  https://web.archive.org/web/19980216125115/http://www.inf.ufrgs.br/~sagula/urlget.html

- httpauth: make multi-request auth work with custom port
  
  When doing HTTP authentication and a port number set with CURLOPT_PORT,
  the code would previously have the URL's port number override as if it
  had been a redirect to an absolute URL.
  
  Added test 1568 to verify.
  
  Reported-by: UrsusArctos on github
  Fixes #6397
  Closes #6400

- [Emil Engler brought this change]

  language: s/behaviour/behavior/g
  
  We currently use both spellings the british "behaviour" and the american
  "behavior". However "behavior" is more used in the project so I think
  it's worth dropping the british name.
  
  Closes #6395

- cmdline-opts/retry.d: mention response code 429 as well
  
  Reported-by: Cherish98
  Bug: https://curl.se/mail/archive-2020-12/0018.html

- docs/HYPER.md: mention outstanding issues
  
  To make it more obvious to users what doesn't work (yet)
  
  Closes #6389

- COPYING/configure: bump copyright year range

- c-hyper: add timecondition to the request
  
  Test 77-78
  
  Closes #6391

- c-hyper: make Digest and NTLM work
  
  Test 64, 65, 67, 68, 69, 70, 72
  
  Closes #6390

- examples/curlgtk.c: fix the copyright year range
  
  ... and make private functions static.

- [Olaf Hering brought this change]

  docs/examples: adjust prototypes for CURLOPT_READFUNCTION
  
  The type of the buffer in curl_read_callback is 'char *', not 'void *'.
  
  Signed-off-by: Olaf Hering <olaf@aepfle.de>
  Closes #6392

- examples: fix more empty expression statement has no effect
  
  Follow-up to 26e46617b9

- cleanup: fix two empty expression statement has no effect
  
  Follow-up to 26e46617b9

- configure: set -Wextra-semi-stmt for clang with --enable-debug
  
  To have it properly complain on empty statements with no effect.
  
  Ref: #6376
  Closes #6378

- tests/unit: fix empty statements with no effect
  
  ... by making macros use "do {} while(0)"

- [Paul Groke brought this change]

  dns: extend CURLOPT_RESOLVE syntax for adding non-permanent entries
  
  Extend the syntax of CURLOPT_RESOLVE strings: allow using a '+' prefix
  (similar to the existing '-' prefix for removing entries) to add
  DNS cache entries that will time out just like entries that are added
  by libcurl itself.
  
  Append " (non-permanent)" to info log message in case a non-permanent
  entry is added.
  
  Adjust relevant comments to reflect the new behavior.
  
  Adjust documentation.
  
  Extend unit1607 to test the new functionality.
  
  Closes #6294

- schannel: fix "empty expression statement has no effect"
  
  Bug: https://github.com/curl/curl/commit/8ab78f720ae478d533e30b202baec4b451741579#commitcomment-45445950
  Reported-by: Gisle Vanem
  Closes #6381

- [Denis Laxalde brought this change]

  docs: remove redundant "better" in --fail help
  
  Closes #6385

- [Kevin Ushey brought this change]

  curl.1: fix typo microsft -> microsoft
  
  Closes #6380

- [XhmikosR brought this change]

  misc: assorted typo fixes
  
  Closes #6375

- RELEASE-NOTES: synced

- tool_operate: avoid NULL dereference of first_arg
  
  Follow-up to 6a5e020d4d2b04a
  Identified by OSS-Fuzz
  Bug: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=28999
  Closes #6377

- misc: fix "warning: empty expression statement has no effect"
  
  Turned several macros into do-while(0) style to allow their use to work
  find with semicolon.
  
  Bug: https://github.com/curl/curl/commit/08e8455dddc5e48e58a12ade3815c01ae3da3b64#commitcomment-45433279
  Follow-up to 08e8455dddc5e4
  Reported-by: Gisle Vanem
  Closes #6376

- KNOWN_BUGS: 6.10 curl never completes Negotiate over HTTP
  
  Closes #5235
  Closes #6370

- writeout: fix NULL dereference for "this url"
  
  Detected by torture test 1029
  
  Follow-up to 7a90ddf88f5a
  
  Closes #6374

- failf: remove newline from formatting strings
  
  ... as failf adds one itself.
  
  Also: add an assert() to failf() that triggers on a newline in the
  format string!
  
  Closes #6365

- [XhmikosR brought this change]

  CI: fix warning with the latest versions
  
  `git checkout HEAD^2` is no longer needed
  
  Closes #6369

- INSTALL: update the list known OSes and CPU archs curl has run on
  
  Closes #6366

- [Cherish98 brought this change]

  curl: fix handling of -q option
  
  The match of the "-q" option (short for "--disable") should:
  a) allow concatenation with other single-letters; and
  b) be case-sensitive, lest confusing with "-Q" ("--quote")
  
  Closes #6364

- tests/badsymbols.pl: ignore stand-alone single hash lines
  
  Bug: https://curl.se/mail/lib-2020-12/0084.html
  Reported-by: Dennis Clarke
  Assisted-by: Jay Satiro
  
  Closes #6355

- curl_easy_pause.3: add multiplexed pause effects
  
  and generally refresh and update. Remove details for ancient versions.
  
  Reviewed-by: Jay Satiro
  Closes #6360

Jay Satiro (22 Dec 2020)
- curl_easy_pause.3: fix man page reference
  
  Follow-up to ac9a724 from earlier today.
  
  Ref: https://github.com/curl/curl/pull/6359

Daniel Stenberg (22 Dec 2020)
- EXPERIMENTAL: add the Hyper backend to the list
  
  ... of current experimental features in curl.

- speedcheck: exclude paused transfers
  
  Paused transfers should not be stopped due to slow speed even when
  CURLOPT_LOW_SPEED_LIMIT is set. Additionally, the slow speed timer is
  now reset when the transfer is unpaused - as otherwise it would easily
  just trigger immediately after unpausing.
  
  Reported-by: Harry Sintonen
  Fixes #6358
  Closes #6359

- h2: do not wait for RECV on paused transfers
  
  ... as the socket might be readable all the time when paused and thus
  causing a busy-loop.
  
  Reported-by: Harry Sintonen
  Reviewed-by: Jay Satiro
  Fixes #6356
  Closes #6357

- RELEASE-NOTES: synced

- cmdline-opts/gen.pl: return hard on errors
  
  ... as the warnings tend to go unnoticed otherwise!
  
  Closes #6354

- examples/libtest: add .checksrc to dist
  
  ... so that (auto)builds from tarballs also get the correct instructions.
  
  Fixes #6176
  Closes #6353

- test: verify new --write-out variables
  
  Extended test 1029 and added 1188

- test970: adapted to the new internal order of variables

- curl: add variables to --write-out
  
  In particular, these ones can help a user to create its own error
  message when one or transfers fail.
  
  writeout: add 'onerror', 'url', 'urlnum', 'exitcode', 'errormsg'
  
  onerror - lets a user only show the rest on non-zero exit codes
  
  url - the input URL used for this transfer
  
  urlnum - the numerical URL counter (0 indexed) for this transfer
  
  exitcode - the numerical exit code for the transfer
  
  errormsg - obvious
  
  Reported-by: Earnestly on github
  Fixes #6199
  Closes #6207

- [Matthias Gatto brought this change]

  tests: add very simple AWS HTTP v4 Signature test
  
  Signed-off-by: Matthias Gatto <matthias.gatto@outscale.com>

- [Matthias Gatto brought this change]

  docs: add AWS HTTP v4 Signature

- [Matthias Gatto brought this change]

  tool: add AWS HTTP v4 Signature support
  
  Signed-off-by: Matthias Gatto <matthias.gatto@outscale.com>

- [Matthias Gatto brought this change]

  http: Make the call to v4 signature
  
  This patch allow to call the v4 signature introduce in previous commit
  
  Signed-off-by: Matthias Gatto <matthias.gatto@outscale.com>

- [Matthias Gatto brought this change]

  http: introduce AWS HTTP v4 Signature
  
  It is a security process for HTTP.
  
  It doesn't seems to be standard, but it is used by some cloud providers.
  
  Aws:
  https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html
  Outscale:
  https://wiki.outscale.net/display/EN/Creating+a+Canonical+Request
  GCP (I didn't test that this code work with GCP though):
  https://cloud.google.com/storage/docs/access-control/signing-urls-manually
  
  most of the code is in lib/http_v4_signature.c
  
  Information require by the algorithm:
  - The URL
  - Current time
  -  some prefix that are append to some of the signature parameters.
  
  The data extracted from the URL are: the URI, the region,
  the host and the API type
  
  example:
  https://api.eu-west-2.outscale.com/api/latest/ReadNets
          ~~~ ~~~~~~~~               ~~~~~~~~~~~~~~~~~~~
          ^       ^                          ^
         /         \                        URI
     API type     region
  
  Small description of the algorithm:
  - make canonical header using content type, the host, and the date
  - hash the post data
  - make canonical_request using custom request, the URI,
    the get data, the canonical header, the signed header
    and post data hash
  - hash canonical_request
  - make str_to_sign using one of the prefix pass in parameter,
    the date, the credential scope and the canonical_request hash
  - compute hmac from date, using secret key as key.
  - compute hmac from region, using above hmac as key
  - compute hmac from api_type, using above hmac as key
  - compute hmac from request_type, using above hmac as key
  - compute hmac from str_to_sign using above hmac as key
  - create Authorization header using above hmac, prefix pass in parameter,
    the date, and above hash
  
  Signed-off-by: Matthias Gatto <matthias.gatto@outscale.com>
  
  Closes #5703

- [Matthias Gatto brought this change]

  http: add hmac support for sha256
  
  It seems current hmac implementation use md5 for the hash,
  V4 signature require sha256, so I've added the needed struct in
  this commit.
  
  I've added the functions that do the hmac in v4 signature file
  as a static function ,in the next patch of the serie,
  because it's used only by this file.
  
  Signed-off-by: Matthias Gatto <matthias.gatto@outscale.com>

- [Cristian Rodríguez brought this change]

  connect: on linux, enable reporting of all ICMP errors on UDP sockets
  
  The linux kernel does not report all ICMP errors back to userspace due
  to historical reasons.
  
  IP*_RECVERR sockopt must be turned on to have the correct behaviour
  which is to pass all ICMP errors to userspace.
  
  See https://bugzilla.kernel.org/show_bug.cgi?id=202355
  
  Closes #6341

- curl: add --create-file-mode [mode]
  
  This option sets the (octal) mode to use for the remote file when one is
  created, using the SFTP, SCP or FILE protocols. When not set, the
  default is 0644.
  
  Closes #6244

- c-hyper: fix compiler warnings
  
  Identified by clang on windows.
  
  Reported-by: Gisle Vanem
  Bug: 58974d25d8173aec154e593ed9d866da566c9811
  
  Closes #6351

- KNOWN_BUGS: Remote recursive folder creation with SFTP
  
  Closes #5204

Jay Satiro (20 Dec 2020)
- badsymbols.pl: Add verbose mode -v
  
  Use -v as the first option to enable verbose mode which will show source
  input, extracted symbol and line info. For example:
  
  Source: ./../include/curl/typecheck-gcc.h
  Symbol: curlcheck_socket_info(info)
  Line #423: #define curlcheck_socket_info(info)                     \
  
  Ref: https://curl.se/mail/lib-2020-12/0084.html
  
  Closes https://github.com/curl/curl/pull/6349

- KNOWN_BUGS: Secure Transport disabling hostname validation also disables SNI
  
  That behavior is a limitation of Apple's Secure Transport.
  
  Reported-by: Cory Benfield
  Reported-by: Ian Spence
  Confirmed-by: Nick Zitzmann
  
  Ref: https://github.com/curl/curl/issues/998
  
  Closes https://github.com/curl/curl/issues/6347
  Closes https://github.com/curl/curl/pull/6348

Daniel Stenberg (18 Dec 2020)
- TODO: alt-svc should fallback if alt-svc doesn't work
  
  Closes #4908

- travis: restrict the openssl3 job to only run https and ftps tests
  
  ... as it runs too long otherwise and the other tests are verified in
  other builds anyway.
  
  Closes #6345

- build: repair http disabled but mqtt enabled build
  
  ... as the mqtt code reuses the "method" originally used for HTTP.
  
  Closes #6344

- [Jon Wilkes brought this change]

  cookie: avoid the C1001 internal compiler error with MSVC 14
  
  Fixes #6112
  Closes #6135

- RELEASE-NOTES: synced

- mqtt: handle POST/PUBLISH without a set POSTFIELDSIZE
  
  Detected by OSS-Fuzz
  Bug: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=28735
  
  Added test 1916 and 1917 to verify.
  
  Closes #6338

- travis: add CI job for Hyper build

- tests: updated tests for Hyper

- lib: introduce c-hyper for using Hyper
  
  ... as an alternative HTTP backend within libcurl.

- tool_setopt: provide helper output in debug builds
  
  ... for when setopt() returns error.

- setopt: adjust to Hyper and disabled HTTP builds

- rtsp: disable if Hyper is used

- getinfo: build with disabled HTTP support

- version: include hyper version

- docs: add HYPER.md

- configure: add --with-hyper
  
  As the first (optional) HTTP backend alternative instead of native
  
  Close #6110

- test1522: add debug tracing
  
  I used this to track down some issues and I figured I could just as well
  keep this extra logging in here for future needs.
  
  Closes #6331

- http: show the request as headers even when split-sending
  
  When the initial request isn't possible to send in its entirety, the
  remainder of request would be delivered to the debug callback as data
  and would wrongly be counted internally as body-bytes sent.
  
  Extended test 1295 to verify.
  
  Closes #6328

- multi: when erroring in TOOFAST state, act as for PERFORM
  
  When failing in TOOFAST, the multi_done() wasn't called so the same
  cleanup and handling wasn't done like when it fails in PERFORM, which in
  the case of FTP could mean that the control connection wouldn't be
  marked as "dead" for the CURLE_ABORTED_BY_CALLBACK case. Which caused
  ftp_disconnect() to use it to send "QUIT", which could end up waiting
  for a response a long time before giving up!
  
  Reported-by: Tomas Berger
  Fixes #6333
  Closes #6337

- cmake: enable gophers correctly in curl-config
  
  Closes #6336

- test1198/9: add two mqtt publish tests without payload lengths
  
  Closes #6335

- tests/mqttd: extract the client id from the correct offset
  
  Closes #6334

- TODO: Prevent terminal injection when writing to terminal
  
  Closes #6150

- Revert "CI/github: work-around for brew breakage on macOS"
  
  This reverts commit 4cbb17a2cbbbe6337142d39479e21c3990b9c22f.
  
  ... as the work-around now causes failures.
  
  Closes #6332

- examples: remove superfluous asterisk uses
  
  ... for function pointers. Breaks in ancient compilers.

- RELEASE-NOTES: synced

- test1272: fix line ending
  
  Follow-up to f24784f9143

- URL-SYNTAX: add gophers details

- test1272: test gophers

- runtests: add support for gophers, gopher over TLS

- [parazyd brought this change]

  gopher: Implement secure gopher protocol.
  
  This commit introduces a "gophers" handler inside the gopher protocol if
  USE_SSL is defined. This protocol is no different than the usual gopher
  prococol, with the added TLS encapsulation upon connecting. The protocol
  has been adopted in the gopher community, and many people have enabled
  TLS in their gopher daemons like geomyidae(8), and clients, like clic(1)
  and hurl(1).
  
  I have not implemented test units for this protocol because my knowledge
  of Perl is sub-par. However, for someone more knowledgeable it might be
  fairly trivial, because the same test that tests the plain gopher
  protocol can be used for "gophers" just by adding a TLS listener.
  
  Signed-off-by: parazyd <parazyd@dyne.org>
  
  Closes #6208

- TODO: Package curl for Windows in a signed installer
  
  Closes #5424

- mqtt: deal with 0 byte reads correctly
  
  OSS-Fuzz found it
  Bug: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=28676
  
  Closes #6327

- BUG-BOUNTY: minor language update
  
  ... and remove the wording about entries from before 2019 as the "within
  12 months" is still there and covers that.
  
  Closes #6318

- tooĺ_writeout: fix the -w time output units
  
  Fix regression from commit fc813f80e1bcac (#6248) that changed the unit
  to microseconds instead of seconds with fractions
  
  Reported-by: 不确定
  Fixes #6321
  Closes #6322

- quiche: remove fprintf() leftover

Jay Satiro (14 Dec 2020)
- KNOWN_BUGS: SHA-256 digest not supported in Windows SSPI builds
  
  Closes https://github.com/curl/curl/issues/6302

- digest_sspi: Show InitializeSecurityContext errors in verbose mode
  
  The error is shown with infof rather than failf so that the user will
  see the extended error message information only in verbose mode, and
  will still see the standard CURLE_AUTH_ERROR message. For example:
  
  ---
  
  * schannel: InitializeSecurityContext failed: SEC_E_QOP_NOT_SUPPORTED
  (0x8009030A) - The per-message Quality of Protection is not supported by
  the security package
  * multi_done
  * Connection #1 to host 127.0.0.1 left intact
  curl: (94) An authentication function returned an error
  
  ---
  
  Ref: https://github.com/curl/curl/issues/6302
  
  Closes https://github.com/curl/curl/pull/6315

Daniel Stenberg (13 Dec 2020)
- URL-SYNTAX: add default port numbers and IDNA details
  
  Closes #6316

- URL-SYNTAX: mention how FILE:// access can access network on windows
  
  Closes #6314

Jay Satiro (12 Dec 2020)
- URL-SYNTAX: Document default SMTP port 25
  
  Note that ports 25 and 587 are common ports for smtp, the former being
  the default.
  
  Closes https://github.com/curl/curl/pull/6310

Daniel Stenberg (12 Dec 2020)
- CURLOPT_URL.3: remove scheme specific details
  
  ... that are now found in URL-SYNTAX.md
  
  Closes #6307

Dan Fandrich (12 Dec 2020)
- docs: Fix some typos
  
  [skip ci]

Daniel Stenberg (12 Dec 2020)
- URL-SYNTAX: mention all supported schemes
  
  Closes #6311

- [Douglas R. Reno brought this change]

  URL-SYNTAX.md: minor language improvements
  
  Closes #6308

- docs/URL-SYNTAX: the URL syntax curl accepts and works with
  
  Closes #6285

- [0xflotus brought this change]

  docs: enable syntax highlighting in several docs files
  
  ... for better readability
  
  Closes #6286

- test1564/1565: require the 'wakeup' feature to run
  
  Fixes #6299
  Fixes #6300
  Closes #6301

- runtests: add 'wakeup' as a feature

- tests/server/disabled: add "wakeup"
  
  To allow the test suite to know if wakeup support is disabled in the
  build.

- lib1564/5: verify that curl_multi_wakeup returns OK

- tests: make --libcurl tests only test FTP options if ftp enabled
  
  Adjust six --libcurl tests to only check the FTP option if FTP is
  actually present in the build.
  
  Fixes #6303
  Closes #6305

- runtests.pl: fix "uninitialized value" warning
  
  follow-up to e12825c642a88774

- runtests: add support for %if [feature] conditions
  
  ... to make tests run differently or expect different results depending
  on what features that are present or not in curl.
  
  Bonus: initial minor 'Hyper' awareness but nothing is using that yet
  
  Closes #6304

- [Jon Rumsey brought this change]

  OS400: update ccsidcurl.c
  
  Add 'struct' to cast and declaration of cfcdata to fix compilation
  error.
  
  Fixes #6292
  Closes #6297

- ngtcp2: make it build it current master again
  
  Closes #6296

- [Cristian Rodríguez brought this change]

  connect: defer port selection until connect() time
  
  If supported, defer port selection until connect() time
  if --interface is given and source port is 0.
  
  Reproducer:
  
  * start fast webserver on port 80
  * starve system of ephemeral ports
  $  sysctl net.ipv4.ip_local_port_range="60990 60999"
  
  * start a curl/libcurl "crawler"
  $curl --keepalive --parallel --parallel-immediate --head --interface
  127.0.0.2 "http://127.0.0.[1-254]/file[001-002].txt"
  
  current result:
  (possible some successful data)
  curl: (45) bind failed with errno 98: Address already in use
  
  result after patch:
  (complete success or few connections failing, higlhy depending on load)
  
  Fail only when all the possible 4-tuple combinations are exhausted,
  which is impossible to do when port is selected at bind() time becuse
  the kernel does not know if socket will be listen()'ed on or connect'ed
  yet.
  
  Closes #6295

- [Hans-Christian Noren Egtvedt brought this change]

  connect: zero variable on stack to silence valgrind complaint
  
  Valgrind will complain that ssrem buffer usage if not explicit
  initialized, hence initialize it to zero.
  
  This completes the change intially started in commit 2c0d7212151 ('ftp:
  retry getpeername for FTP with TCP_FASTOPEN') where the ssloc buffer has
  a similar memset to zero.
  
  Signed-off-by: Hans-Christian Noren Egtvedt <hegtvedt@cisco.com>
  Closes #6289

- RELEASE-NOTES: synced
  
  start over on the next release cycle

Version 7.74.0 (9 Dec 2020)

Daniel Stenberg (9 Dec 2020)
- RELEASE-NOTES: synced
  
  for 7.74.0

- docs: unify protocol lists
  
  We boast support for 25 transfer protocols. Make sure the lists are
  consistent
  
  Closes #5384

#***************************************************************************
#                                  _   _ ____  _
#  Project                     ___| | | |  _ \| |
#                             / __| | | | |_) | |
#                            | (__| |_| |  _ <| |___
#                             \___|\___/|_| \_\_____|
#
# Copyright (C) 1998 - 2021, Daniel Stenberg, <daniel@haxx.se>, et al.
#
# This software is licensed as described in the file COPYING, which
# you should have received as part of this distribution. The terms
# are also available at https://curl.se/docs/copyright.html.
#
# You may opt to use, copy, modify, merge, publish, distribute and/or sell
# copies of the Software, and permit persons to whom the Software is

option(CMAKE_USE_WOLFSSL "enable wolfSSL for SSL/TLS" OFF)

set(openssl_default ON)
if(WIN32 OR CMAKE_USE_SECTRANSP OR CMAKE_USE_SCHANNEL OR CMAKE_USE_MBEDTLS OR CMAKE_USE_NSS OR CMAKE_USE_WOLFSSL)
  set(openssl_default OFF)
endif()
option(CMAKE_USE_OPENSSL "Use OpenSSL code. Experimental" ${openssl_default})
option(CURL_DISABLE_OPENSSL_AUTO_LOAD_CONFIG "Disable automatic loading of OpenSSL configuration" OFF)

count_true(enabled_ssl_options_count
  CMAKE_USE_SCHANNEL
  CMAKE_USE_SECTRANSP
  CMAKE_USE_OPENSSL
  CMAKE_USE_MBEDTLS
  CMAKE_USE_BEARSSL

if(NOT CURL_DISABLE_LDAPS)
  check_include_file_concat("ldap_ssl.h" HAVE_LDAP_SSL_H)
  check_include_file_concat("ldapssl.h"  HAVE_LDAPSSL_H)
endif()

# Check for idn
option(USE_LIBIDN2 "Use libidn2 for IDN support" ON)
set(HAVE_LIBIDN2 OFF)
if(USE_LIBIDN2)
  check_library_exists_concat("idn2" idn2_lookup_ul HAVE_LIBIDN2)
endif()

# Check for symbol dlopen (same as HAVE_LIBDL)
check_library_exists("${CURL_LIBS}" dlopen "" HAVE_DLOPEN)

set(HAVE_LIBZ OFF)
set(HAVE_ZLIB_H OFF)
set(USE_ZLIB OFF)

# TODO check HAVE_LDAP_SSL (in autoconf this is enabled with --enable-ldaps)
_add_if("LDAPS"         NOT CURL_DISABLE_LDAPS AND
                        ((USE_OPENLDAP AND SSL_ENABLED) OR
                        (NOT USE_OPENLDAP AND HAVE_LDAP_SSL)))
_add_if("DICT"          NOT CURL_DISABLE_DICT)
_add_if("TFTP"          NOT CURL_DISABLE_TFTP)
_add_if("GOPHER"        NOT CURL_DISABLE_GOPHER)
_add_if("GOPHERS"       NOT CURL_DISABLE_GOPHER AND SSL_ENABLED)
_add_if("POP3"          NOT CURL_DISABLE_POP3)
_add_if("POP3S"         NOT CURL_DISABLE_POP3 AND SSL_ENABLED)
_add_if("IMAP"          NOT CURL_DISABLE_IMAP)
_add_if("IMAPS"         NOT CURL_DISABLE_IMAP AND SSL_ENABLED)
_add_if("SMB"           NOT CURL_DISABLE_SMB AND use_ntlm)
_add_if("SMBS"          NOT CURL_DISABLE_SMB AND SSL_ENABLED AND use_ntlm)
_add_if("SMTP"          NOT CURL_DISABLE_SMTP)

COPYRIGHT AND PERMISSION NOTICE

Copyright (c) 1996 - 2021, Daniel Stenberg, <daniel@haxx.se>, and many
contributors, see the THANKS file.

All rights reserved.

Permission to use, copy, modify, and distribute this software for any purpose
with or without fee is hereby granted, provided that the above copyright
notice and this permission notice appear in all copies.

#***************************************************************************
#                                  _   _ ____  _
#  Project                     ___| | | |  _ \| |
#                             / __| | | | |_) | |
#                            | (__| |_| |  _ <| |___
#                             \___|\___/|_| \_\_____|
#
# Copyright (C) 1998 - 2021, Daniel Stenberg, <daniel@haxx.se>, et al.
#
# This software is licensed as described in the file COPYING, which
# you should have received as part of this distribution. The terms
# are also available at https://curl.se/docs/copyright.html.
#
# You may opt to use, copy, modify, merge, publish, distribute and/or sell
# copies of the Software, and permit persons to whom the Software is

STRIP = @STRIP@
SUPPORT_FEATURES = @SUPPORT_FEATURES@
SUPPORT_PROTOCOLS = @SUPPORT_PROTOCOLS@
USE_ARES = @USE_ARES@
USE_BEARSSL = @USE_BEARSSL@
USE_GNUTLS = @USE_GNUTLS@
USE_GNUTLS_NETTLE = @USE_GNUTLS_NETTLE@
USE_HYPER = @USE_HYPER@
USE_LIBRTMP = @USE_LIBRTMP@
USE_LIBSSH = @USE_LIBSSH@
USE_LIBSSH2 = @USE_LIBSSH2@
USE_MBEDTLS = @USE_MBEDTLS@
USE_MESALINK = @USE_MESALINK@
USE_NGHTTP2 = @USE_NGHTTP2@
USE_NGHTTP3 = @USE_NGHTTP3@

 $(VC14_LIBVCXPROJ) $(VC14_SRCVCXPROJ) $(VC15_LIBVCXPROJ) $(VC15_SRCVCXPROJ)

bin_SCRIPTS = curl-config
SUBDIRS = lib src
DIST_SUBDIRS = $(SUBDIRS) tests packages scripts include docs
pkgconfigdir = $(libdir)/pkgconfig
pkgconfig_DATA = libcurl.pc
LIB_VAUTH_CFILES = \
  vauth/cleartext.c     \
  vauth/cram.c          \
  vauth/digest.c        \
  vauth/digest_sspi.c   \
  vauth/krb5_gssapi.c   \
  vauth/krb5_sspi.c     \
  vauth/ntlm.c          \
  vauth/ntlm_sspi.c     \
  vauth/oauth2.c        \
  vauth/spnego_gssapi.c \
  vauth/spnego_sspi.c   \
  vauth/vauth.c

LIB_VAUTH_HFILES = \
  vauth/digest.h        \
  vauth/ntlm.h          \
  vauth/vauth.h

LIB_VTLS_CFILES = \
  vtls/bearssl.c            \
  vtls/gskit.c              \
  vtls/gtls.c               \
  vtls/keylog.c             \
  vtls/mbedtls.c            \
  vtls/mbedtls_threadlock.c \
  vtls/mesalink.c           \
  vtls/nss.c                \
  vtls/openssl.c            \
  vtls/schannel.c           \
  vtls/schannel_verify.c    \
  vtls/sectransp.c          \
  vtls/vtls.c               \
  vtls/wolfssl.c

LIB_VTLS_HFILES = \
  vtls/bearssl.h            \
  vtls/gskit.h              \
  vtls/gtls.h               \
  vtls/keylog.h             \
  vtls/mbedtls.h            \
  vtls/mbedtls_threadlock.h \
  vtls/mesalink.h           \
  vtls/nssg.h               \
  vtls/openssl.h            \
  vtls/schannel.h           \
  vtls/sectransp.h          \
  vtls/vtls.h               \
  vtls/wolfssl.h

LIB_VQUIC_CFILES = \
  vquic/ngtcp2.c   \
  vquic/quiche.c   \
  vquic/vquic.c

LIB_VQUIC_HFILES = \
  vquic/ngtcp2.h   \
  vquic/quiche.h   \
  vquic/vquic.h

LIB_VSSH_CFILES = \
  vssh/libssh.c    \
  vssh/libssh2.c   \
  vssh/wolfssh.c

LIB_VSSH_HFILES = \
  vssh/ssh.h

LIB_CFILES = \
  altsvc.c           \
  amigaos.c          \
  asyn-ares.c        \
  asyn-thread.c      \
  base64.c           \
  c-hyper.c          \
  conncache.c        \
  connect.c          \
  content_encoding.c \
  cookie.c           \
  curl_addrinfo.c    \
  curl_ctype.c       \
  curl_des.c         \
  curl_endian.c      \
  curl_fnmatch.c     \
  curl_get_line.c    \
  curl_gethostname.c \
  curl_gssapi.c      \
  curl_memrchr.c     \
  curl_multibyte.c   \
  curl_ntlm_core.c   \
  curl_ntlm_wb.c     \
  curl_path.c        \
  curl_range.c       \
  curl_rtmp.c        \
  curl_sasl.c        \
  curl_sspi.c        \
  curl_threads.c     \
  dict.c             \
  doh.c              \
  dotdot.c           \
  dynbuf.c           \
  easy.c             \
  easygetopt.c       \
  easyoptions.c      \
  escape.c           \
  file.c             \
  fileinfo.c         \
  formdata.c         \
  ftp.c              \
  ftplistparser.c    \
  getenv.c           \
  getinfo.c          \
  gopher.c           \
  hash.c             \
  hmac.c             \
  hostasyn.c         \
  hostcheck.c        \
  hostip.c           \
  hostip4.c          \
  hostip6.c          \
  hostsyn.c          \
  hsts.c             \
  http.c             \
  http2.c            \
  http_chunks.c      \
  http_digest.c      \
  http_negotiate.c   \
  http_ntlm.c        \
  http_proxy.c       \
  http_aws_sigv4.c   \
  idn_win32.c        \
  if2ip.c            \
  imap.c             \
  inet_ntop.c        \
  inet_pton.c        \
  krb5.c             \
  ldap.c             \
  llist.c            \
  md4.c              \
  md5.c              \
  memdebug.c         \
  mime.c             \
  mprintf.c          \
  mqtt.c             \
  multi.c            \
  netrc.c            \
  non-ascii.c        \
  nonblock.c         \
  openldap.c         \
  parsedate.c        \
  pingpong.c         \
  pop3.c             \
  progress.c         \
  psl.c              \
  rand.c             \
  rename.c           \
  rtsp.c             \
  select.c           \
  sendf.c            \
  setopt.c           \
  sha256.c           \
  share.c            \
  slist.c            \
  smb.c              \
  smtp.c             \
  socketpair.c       \
  socks.c            \
  socks_gssapi.c     \
  socks_sspi.c       \
  speedcheck.c       \
  splay.c            \
  strcase.c          \
  strdup.c           \
  strerror.c         \
  strtok.c           \
  strtoofft.c        \
  system_win32.c     \
  telnet.c           \
  tftp.c             \
  timeval.c          \
  transfer.c         \
  url.c              \
  urlapi.c           \
  version.c          \
  version_win32.c    \
  warnless.c         \
  wildcard.c         \
  x509asn1.c

LIB_HFILES = \
  altsvc.h           \
  amigaos.h          \
  arpa_telnet.h      \
  asyn.h             \
  c-hyper.h          \
  conncache.h        \
  connect.h          \
  content_encoding.h \
  cookie.h           \
  curl_addrinfo.h    \
  curl_base64.h      \
  curl_ctype.h       \
  curl_des.h         \
  curl_endian.h      \
  curl_fnmatch.h     \
  curl_get_line.h    \
  curl_gethostname.h \
  curl_gssapi.h      \
  curl_hmac.h        \
  curl_krb5.h        \
  curl_ldap.h        \
  curl_md4.h         \
  curl_md5.h         \
  curl_memory.h      \
  curl_memrchr.h     \
  curl_multibyte.h   \
  curl_ntlm_core.h   \
  curl_ntlm_wb.h     \
  curl_path.h        \
  curl_printf.h      \
  curl_range.h       \
  curl_rtmp.h        \
  curl_sasl.h        \
  curl_setup.h       \
  curl_setup_once.h  \
  curl_sha256.h      \
  curl_sspi.h        \
  curl_threads.h     \
  curlx.h            \
  dict.h             \
  doh.h              \
  dotdot.h           \
  dynbuf.h           \
  easyif.h           \
  easyoptions.h      \
  escape.h           \
  file.h             \
  fileinfo.h         \
  formdata.h         \
  ftp.h              \
  ftplistparser.h    \
  getinfo.h          \
  gopher.h           \
  hash.h             \
  hostcheck.h        \
  hostip.h           \
  hsts.h             \
  http.h             \
  http2.h            \
  http_chunks.h      \
  http_digest.h      \
  http_negotiate.h   \
  http_ntlm.h        \
  http_proxy.h       \
  http_aws_sigv4.h   \
  if2ip.h            \
  imap.h             \
  inet_ntop.h        \
  inet_pton.h        \
  llist.h            \
  memdebug.h         \
  mime.h             \
  mqtt.h             \
  multihandle.h      \
  multiif.h          \
  netrc.h            \
  non-ascii.h        \
  nonblock.h         \
  parsedate.h        \
  pingpong.h         \
  pop3.h             \
  progress.h         \
  psl.h              \
  quic.h             \
  rand.h             \
  rename.h           \
  rtsp.h             \
  select.h           \
  sendf.h            \
  setopt.h           \
  setup-vms.h        \
  share.h            \
  sigpipe.h          \
  slist.h            \
  smb.h              \
  smtp.h             \
  sockaddr.h         \
  socketpair.h       \
  socks.h            \
  speedcheck.h       \
  splay.h            \
  strcase.h          \
  strdup.h           \
  strerror.h         \
  strtok.h           \
  strtoofft.h        \
  system_win32.h     \
  telnet.h           \
  tftp.h             \
  timeval.h          \
  transfer.h         \
  url.h              \
  urlapi-int.h       \
  urldata.h          \
  version_win32.h    \
  warnless.h         \
  wildcard.h         \
  x509asn1.h

LIB_RCFILES = libcurl.rc
CSOURCES = $(LIB_CFILES) $(LIB_VAUTH_CFILES) $(LIB_VTLS_CFILES) \
  $(LIB_VQUIC_CFILES) $(LIB_VSSH_CFILES)

HHEADERS = $(LIB_HFILES) $(LIB_VAUTH_HFILES) $(LIB_VTLS_HFILES) \
  $(LIB_VQUIC_HFILES) $(LIB_VSSH_HFILES)

curl and libcurl 7.75.0

 Public curl releases:         197
 Command line options:         237
 curl_easy_setopt() options:   285
 Public functions in libcurl:  85
 Contributors:                 2322

This release includes the following changes:

 o curl: add --create-file-mode [mode] [28]
 o curl: add new variables to --write-out [25]
 o dns: extend CURLOPT_RESOLVE syntax for adding non-permanent entries [53]
 o gopher: implement secure gopher protocol [2]
 o http: add Hyper as new optional HTTP backend [24]
 o http: introduce AWS HTTP v4 Signature support [26]

This release includes the following bugfixes:

 o badsymbols.pl: add verbose mode -v [31]
 o badsymbols.pl: ignore stand-alone single hash lines [40]
 o BUG-BOUNTY: minor language updates [5]

 o build: fix djgpp builds [84]
 o cleanup: fix empty expression statement has no effect
 o cmake: Add an option to disable libidn2 [48]
 o cmake: enable gophers correctly in curl-config [10]
 o cmake: expose CURL_DISABLE_OPENSSL_AUTO_LOAD_CONFIG [32]
 o cmdline-opts/gen.pl: return hard on errors [11]
 o cmdline-opts/retry.d: mention response code 429 as well [47]
 o configure: set -Wextra-semi-stmt for clang with --enable-debug [52]
 o connect: defer port selection until connect() time [22]
 o connect: mark intentional ignores of setsockopt return values [75]
 o connect: on linux, enable reporting of all ICMP errors on UDP sockets [27]
 o connect: zero variable on stack to silence valgrind complaint [23]
 o cookie: avoid the C1001 internal compiler error with MSVC 14 [36]
 o curl.1: fix typo microsft -> microsoft [56]

 o curl: fix handling of -q option [39]
 o curl: include the file name in --xattr/--remote-time error msgs
 o curl: move fprintf outputs to warnf [105]
 o Curl_chunker: shrink the struct [104]
 o curl_easy_pause.3: add multiplexed pause effects [41]
 o CURLINFO_PRETRANSFER_TIME.3: clarify [61]
 o CURLOPT_URL.3: remove scheme specific details [12]
 o digest_sspi: Show InitializeSecurityContext errors in verbose mode [8]
 o docs/examples: adjust prototypes for CURLOPT_READFUNCTION [51]
 o docs/URL-SYNTAX: the URL syntax curl accepts and works with [15]
 o docs: enable syntax highlighting in several docs files [16]







 o docs: fix line length bug in gen.pl [70]

 o docs: fix typos in NEW-PROTOCOL.md [102]



 o docs: fix wrong documentation in help.d [71]
 o docs: remove redundant "better" in --fail help [55]
 o doh: allocate state struct on demand [85]
 o examples/libtest: add .checksrc to dist [14]
 o examples: remove superfluous asterisk uses
 o failf: remove newline from formatting strings [35]
 o file: don't provide content-length for directories [49]
 o getinfo: build with disabled HTTP support


 o gitattributes: Set batch files to CRLF line endings on checkout [65]
 o h2: do not wait for RECV on paused transfers [43]
 o HISTORY: added dates to early history
 o http: empty reply connection are not left intact [80]
 o http: get CURLOPT_REQUEST_TARGET working with a HTTP proxy [83]
 o http: have CURLOPT_FAILONERROR fail after all headers [54]
 o http: make providing Proxy-Connection header not cause duplicated headers [92]
 o http: show the request as headers even when split-sending [7]
 o http_chunks: correct and clarify a comment on hexnumber length [88]
 o http_proxy: Fix CONNECT chunked encoding race condition [76]

 o httpauth: make multi-request auth work with custom port [45]
 o INSTALL: now at 85 operating systems
 o INSTALL: update the list known OSes and CPU archs curl has run on [38]
 o lib/unit tests: add missing curl_global_cleanup() calls
 o lib1564/5: verify that curl_multi_wakeup returns OK
 o lib: pass in 'struct Curl_easy *' to most functions [101]
 o lib: remove Curl_ prefix from many static functions [66]
 o lib: save a bit of space with some structure packing [82]
 o libssh2: fix "Value stored to 'readdir_len' is never read"
 o libssh2: move data from connection object to transfer object [114]
 o libssh: avoid plain free() of libssh-memory [99]
 o mime: make sure setting MIMEPOST to NULL resets properly [58]
 o misc: assorted typo fixes [57]
 o misc: fix "warning: empty expression statement has no effect" [30]
 o misc: fix typos [73]
 o mk-ca-bundle.pl: deterministic output when using -t [62]
 o mqtt: deal with 0 byte reads correctly [4]

 o mqtt: handle POST/PUBLISH without a set POSTFIELDSIZE [1]
 o multi: set the PRETRANSFER time-stamp when we switch to PERFORM [59]
 o multi: skip DONE state if there's no connection left for ftp wildcard
 o multi: when erroring in TOOFAST state, act as for PERFORM [9]
 o multi_runsingle: bail out early on data->conn == NULL [74]
 o ngtcp2: Fix http3 upload stall [106]
 o ngtcp2: Fix stack buffer overflow [107]
 o ngtcp2: make it build it current master again [21]
 o nss: get the run-time version instead of build-time [67]


 o openssl: lowercase the hostname before using it for SNI [46]



 o OS400: update ccsidcurl.c [20]

 o pretransfer: setup the User-Agent header here [60]
 o quiche: remove fprintf() leftover


 o Revert "CI/github: work-around for brew breakage on macOS" [17]
 o runtests: add 'wakeup' as a feature
 o runtests: add support for %if [feature] conditions [19]

 o runtests: preprocess DISABLED to allow conditionals [93]
 o schannel: plug a memory-leak [64]
 o schannel_verify: fix safefree call typo [50]
 o select: convert Curl_select() to private static function [103]


 o socks: use the download buffer instead [86]

 o speedcheck: exclude paused transfers [42]
 o strerror: skip errnum >= 0 assertion on windows [78]
 o test1522: add debug tracing [3]
 o test1633: set appropriate name
 o test179: use consistent header line endings
 o test410: verify HTTPS GET with a 49K request header
 o tests/mqttd: extract the client id from the correct offset [13]
 o tests: make --libcurl tests only test FTP options if ftp enabled [18]

 o tool_doswin: Restore original console settings on CTRL signal [68]

 o tool_operate: fix the suppression logic of some error messages [33]

 o tool_operate: spellfix a comment
 o tooĺ_writeout: fix the -w time output units [6]
 o transfer: fix GCC 10 warning with flag '-Wint-in-bool-context' [79]
 o travis: build ngtcp2 --with-gnutls [72]
 o travis: limit the tests with quiche builds to HTTPS and FTPS only [44]

 o travis: restrict the openssl3 job to only run https and ftps tests [34]
 o url: if IDNA conversion fails, fallback to Transitional [29]
 o urldata: make magic be the first struct field [87]
 o urldata: remove 'local_ip' from the connectdata struct [97]
 o urldata: remove duplicate 'upkeep_interval_ms' from connectdata [96]
 o urldata: remove duplicate port number storage [98]
 o urldata: remove the duplicate 'ip_addr_str' field [100]
 o urldata: store ip version in a single byte [95]
 o vtls: remove md5sum [69]
 o warnless: remove curlx_ultosi [108]
 o wolfssl: add SECURE_RENEGOTIATION support [63]
 o wolfssl: Support wolfSSL builds missing TLS 1.1 [37]

This release includes the following known bugs:

 o see docs/KNOWN_BUGS (https://curl.se/docs/knownbugs.html)

This release would not have looked like this without help, code, reports and
advice from friends like these:

  0xflotus on github, Alessandro Ghedini, Andrey Gursky, Bubu on github,
  Cherish98 on github, Christoph M. Becker, Cory Benfield, Cristian Rodríguez,

  Dan Fandrich, Daniel Stenberg, David Earl, Denis Laxalde, Dennis Clarke,
  Dmitry Wagin, Douglas R. Reno, Earnestly on github, Emil Engler, Erik Olsson,
  Fabian Keil, Flameborn on github, Ganesh Kamath, Gergely Nagy, Gisle Vanem,
  Hans-Christian Noren Egtvedt, Harry Sintonen, Himanshu Gupta, Hongyi Zhao,
  Ian Spence, Ikko Ashimine, Jacob Hoffman-Andrews, Jeremy Thibault,
  Jon Rumsey, Jon Wilkes, Julian Montes, Kevin Ushey, Marcel Raad,
  Matthias Gatto, Matt Holt, Michał Antoniak, Mike Gelfand, Mike Tzou,
  Nick Zitzmann, Olaf Hering, parazyd on github, Patrick Monnerat, Paul Groke,

  Ray Satiro, Razvan Cojocaru, Rich Turner, Sai Ram Kunala, Sean McArthur,

  Tatsuhiro Tsujikawa, Tomas Berger, UrsusArctos on github, Viktor Szakats,
  William A. Rowe Jr, XhmikosR on github, 不确定
  (58 contributors)

        Thanks! (and sorry if I forgot to mention someone)

References to bug reports and discussions on issues:

 [1] = https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=28735
 [2] = https://curl.se/bug/?i=6208
 [3] = https://curl.se/bug/?i=6331
 [4] = https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=28676
 [5] = https://curl.se/bug/?i=6318
 [6] = https://curl.se/bug/?i=6321
 [7] = https://curl.se/bug/?i=6328
 [8] = https://curl.se/bug/?i=6315
 [9] = https://curl.se/bug/?i=6333
 [10] = https://curl.se/bug/?i=6336
 [11] = https://curl.se/bug/?i=6354
 [12] = https://curl.se/bug/?i=6307
 [13] = https://curl.se/bug/?i=6334
 [14] = https://curl.se/bug/?i=6176
 [15] = https://curl.se/bug/?i=6285
 [16] = https://curl.se/bug/?i=6286
 [17] = https://curl.se/bug/?i=6332
 [18] = https://curl.se/bug/?i=6303
 [19] = https://curl.se/bug/?i=6304
 [20] = https://curl.se/bug/?i=6292
 [21] = https://curl.se/bug/?i=6296
 [22] = https://curl.se/bug/?i=6295
 [23] = https://curl.se/bug/?i=6289
 [24] = https://curl.se/bug/?i=6110
 [25] = https://curl.se/bug/?i=6199
 [26] = https://curl.se/bug/?i=5703
 [27] = https://curl.se/bug/?i=6341
 [28] = https://curl.se/bug/?i=6244
 [29] = https://curl.se/bug/?i=6423
 [30] = https://github.com/curl/curl/commit/08e8455dddc5e48e58a12ade3815c01ae3da3b64#commitcomment-45433279
 [31] = https://curl.se/bug/?i=6349
 [32] = https://curl.se/bug/?i=6435
 [33] = https://curl.se/mail/archive-2020-12/0017.html
 [34] = https://curl.se/bug/?i=6345
 [35] = https://curl.se/bug/?i=6365
 [36] = https://curl.se/bug/?i=6112
 [37] = https://curl.se/mail/lib-2020-12/0121.html
 [38] = https://curl.se/bug/?i=6366
 [39] = https://curl.se/bug/?i=6364
 [40] = https://curl.se/mail/lib-2020-12/0084.html
 [41] = https://curl.se/bug/?i=6360
 [42] = https://curl.se/bug/?i=6358
 [43] = https://curl.se/bug/?i=6356
 [44] = https://curl.se/bug/?i=6403
 [45] = https://curl.se/bug/?i=6397
 [46] = https://curl.se/bug/?i=6540
 [47] = https://curl.se/mail/archive-2020-12/0018.html
 [48] = https://curl.se/bug/?i=6361
 [49] = https://curl.se/bug/?i=6421
 [50] = https://curl.se/bug/?i=6459
 [51] = https://curl.se/bug/?i=6392
 [52] = https://curl.se/bug/?i=6378
 [53] = https://curl.se/bug/?i=6294
 [54] = https://curl.se/bug/?i=6408
 [55] = https://curl.se/bug/?i=6385
 [56] = https://curl.se/bug/?i=6380
 [57] = https://curl.se/bug/?i=6375
 [58] = https://curl.se/bug/?i=6455
 [59] = https://curl.se/bug/?i=6454
 [60] = https://curl.se/bug/?i=6312
 [61] = https://curl.se/bug/?i=6453
 [62] = https://curl.se/bug/?i=6413
 [63] = https://curl.se/bug/?i=6411
 [64] = https://curl.se/bug/?i=6457
 [65] = https://github.com/curl/curl/discussions/6427
 [66] = https://curl.se/bug/?i=6443
 [67] = https://curl.se/bug/?i=6445
 [68] = https://curl.se/bug/?i=6226
 [69] = https://curl.se/bug/?i=6557
 [70] = https://curl.se/bug/?i=6438
 [71] = https://curl.se/bug/?i=6436
 [72] = https://curl.se/bug/?i=6493
 [73] = https://curl.se/mail/lib-2021-01/0063.html
 [74] = https://curl.se/bug/?i=6433
 [75] = https://curl.se/bug/?i=6431
 [76] = https://curl.se/mail/lib-2021-01/0033.html

 [78] = https://curl.se/bug/?i=6504
 [79] = https://curl.se/bug/?i=6537
 [80] = https://twitter.com/mholt6/status/1352130240265375744
 [82] = https://curl.se/bug/?i=6483
 [83] = https://curl.se/bug/?i=6490
 [84] = https://curl.se/bug/?i=6382
 [85] = https://curl.se/bug/?i=6492
 [86] = https://curl.se/bug/?i=6491
 [87] = https://curl.se/bug/?i=6484
 [88] = https://curl.se/bug/?i=6489
 [92] = https://curl.se/mail/lib-2021-01/0095.html
 [93] = https://curl.se/bug/?i=6477
 [95] = https://curl.se/bug/?i=6534
 [96] = https://curl.se/bug/?i=6534
 [97] = https://curl.se/bug/?i=6534
 [98] = https://curl.se/bug/?i=6534
 [99] = https://curl.se/bug/?i=6481
 [100] = https://curl.se/bug/?i=6534
 [101] = https://curl.se/bug/?i=6425
 [102] = https://curl.se/bug/?i=6471
 [103] = https://curl.se/bug/?i=6531
 [104] = https://curl.se/bug/?i=6527
 [105] = https://curl.se/bug/?i=6533
 [106] = https://curl.se/bug/?i=6521
 [107] = https://curl.se/bug/?i=6521
 [108] = https://curl.se/bug/?i=6530
 [114] = https://curl.se/bug/?i=6519

#***************************************************************************
#                                  _   _ ____  _
#  Project                     ___| | | |  _ \| |
#                             / __| | | | |_) | |
#                            | (__| |_| |  _ <| |___
#                             \___|\___/|_| \_\_____|
#
# Copyright (C) 1998 - 2021, Daniel Stenberg, <daniel@haxx.se>, et al.
#
# This software is licensed as described in the file COPYING, which
# you should have received as part of this distribution. The terms
# are also available at https://curl.se/docs/copyright.html.
#
# You may opt to use, copy, modify, merge, publish, distribute and/or sell
# copies of the Software, and permit persons to whom the Software is

  AC_MSG_RESULT([$tst_lib_xnet_required])
])


dnl CURL_CHECK_AIX_ALL_SOURCE
dnl -------------------------------------------------
dnl Provides a replacement of traditional AC_AIX with
dnl an uniform behavior across all autoconf versions,
dnl and with our own placement rules.

AC_DEFUN([CURL_CHECK_AIX_ALL_SOURCE], [
  AH_VERBATIM([_ALL_SOURCE],
    [/* Define to 1 if OS is AIX. */
#ifndef _ALL_SOURCE
#  undef _ALL_SOURCE

#! /bin/sh
# Guess values for system-dependent variables and create Makefiles.
# Generated by GNU Autoconf 2.69 for curl -.
#
# Report bugs to <a suitable curl mailing list: https://curl.se/mail/>.
#
#
# Copyright (C) 1992-1996, 1998-2012 Free Software Foundation, Inc.
#
#
# This configure script is free software; the Free Software Foundation
# gives unlimited permission to copy, distribute and modify it.
#
# Copyright (c) 1998 - 2021 Daniel Stenberg, <daniel@haxx.se>
# This configure script may be copied, distributed and modified under the
# terms of the curl license; see COPYING for more details

## -------------------------------- ##
##  XC_CONFIGURE_PREAMBLE ver: 1.0  ##
## -------------------------------- ##

USE_MANUAL_FALSE
USE_MANUAL_TRUE
MANOPT
NROFF
PERL
FISH_FUNCTIONS_DIR
ZSH_FUNCTIONS_DIR
USE_HYPER
USE_QUICHE
USE_NGHTTP3
USE_NGTCP2_CRYPTO_GNUTLS
USE_NGTCP2_CRYPTO_OPENSSL
USE_NGTCP2
USE_NGHTTP2
IDN_ENABLED

enable_versioned_symbols
with_winidn
with_libidn2
with_nghttp2
with_ngtcp2
with_nghttp3
with_quiche
with_hyper
with_zsh_functions_dir
with_fish_functions_dir
enable_threaded_resolver
enable_pthreads
enable_verbose
enable_sspi
enable_crypto_auth

  --without-nghttp2       Disable nghttp2 usage
  --with-ngtcp2=PATH      Enable ngtcp2 usage
  --without-ngtcp2        Disable ngtcp2 usage
  --with-nghttp3=PATH     Enable nghttp3 usage
  --without-nghttp3       Disable nghttp3 usage
  --with-quiche=PATH      Enable quiche usage
  --without-quiche        Disable quiche usage
  --with-hyper=PATH       Enable hyper usage
  --without-hyper         Disable hyper usage
  --with-zsh-functions-dir=PATH
                          Install zsh completions to PATH
  --without-zsh-functions-dir
                          Do not install zsh completions
  --with-fish-functions-dir=PATH
                          Install fish completions to PATH
  --without-fish-functions-dir

curl configure -
generated by GNU Autoconf 2.69

Copyright (C) 2012 Free Software Foundation, Inc.
This configure script is free software; the Free Software Foundation
gives unlimited permission to copy, distribute and modify it.

Copyright (c) 1998 - 2021 Daniel Stenberg, <daniel@haxx.se>
This configure script may be copied, distributed and modified under the
terms of the curl license; see COPYING for more details
_ACEOF
  exit
fi

## ------------------------ ##

  curl_ldaps_msg="no      (--enable-ldaps)"
   curl_rtsp_msg="no      (--enable-rtsp)"
   curl_rtmp_msg="no      (--with-librtmp)"
  curl_mtlnk_msg="no      (--with-libmetalink)"
    curl_psl_msg="no      (--with-libpsl)"
 curl_altsvc_msg="enabled";
    ssl_backends=
     curl_h1_msg="enabled (--with-hyper)"
     curl_h2_msg="no      (--with-nghttp2)"
     curl_h3_msg="no      (--with-ngtcp2, --with-quiche)"

enable_altsvc="yes"

INITIAL_LDFLAGS=$LDFLAGS
INITIAL_LIBS=$LIBS

    darwin1.*)
      _lt_dar_allow_undefined='$wl-flat_namespace $wl-undefined ${wl}suppress' ;;
    darwin*) # darwin 5.x on
      # if running on 10.5 or later, the deployment target defaults
      # to the OS version, if on x86, and 10.4, the deployment
      # target defaults to 10.4. Don't you love it?
      case ${MACOSX_DEPLOYMENT_TARGET-10.0},$host in
	10.0,*86*-darwin8*|10.0,*-darwin[912]*)
	  _lt_dar_allow_undefined='$wl-undefined ${wl}dynamic_lookup' ;;
	10.[012][,.]*)
	  _lt_dar_allow_undefined='$wl-flat_namespace $wl-undefined ${wl}suppress' ;;
	10.*|11.*)
	  _lt_dar_allow_undefined='$wl-undefined ${wl}dynamic_lookup' ;;
      esac
    ;;
  esac
    if test yes = "$lt_cv_apple_cc_single_mod"; then
      _lt_dar_single_mod='$single_module'
    fi

    if test "$ac_var_match_word" = "no"; then
      ac_var_added_warnings="$ac_var_added_warnings -W$warning"
    fi
  done
    tmp_CFLAGS="$tmp_CFLAGS $ac_var_added_warnings"
  squeeze tmp_CFLAGS


    ac_var_added_warnings=""
  for warning in extra-semi-stmt; do

  ac_var_match_word="no"
  for word1 in $CFLAGS; do
    for word2 in -Wno-$warning -W$warning; do
      if test "$word1" = "$word2"; then
        ac_var_match_word="yes"
      fi
    done
  done

    if test "$ac_var_match_word" = "no"; then
      ac_var_added_warnings="$ac_var_added_warnings -W$warning"
    fi
  done
    tmp_CFLAGS="$tmp_CFLAGS $ac_var_added_warnings"
  squeeze tmp_CFLAGS

          fi
        fi
        ;;
        #
      DEC_C)
        #
        if test "$want_warnings" = "yes"; then

$as_echo "#define CURL_DISABLE_RTSP 1" >>confdefs.h

       CURL_DISABLE_RTSP=1


$as_echo "#define CURL_DISABLE_ALTSVC 1" >>confdefs.h

       curl_h1_msg="no      (--enable-http, --with-hyper)"
       curl_altsvc_msg="no";
       enable_altsvc="no"
       ;;
  *)   { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
$as_echo "yes" >&6; }
       ;;
  esac

    ;;
  *)
        want_h2="yes"
    want_h2_path="$withval/lib/pkgconfig"
    ;;
esac


if test X"$want_h2" != Xno; then
    CLEANLDFLAGS="$LDFLAGS"
  CLEANCPPFLAGS="$CPPFLAGS"
  CLEANLIBS="$LIBS"


    if test -n "$PKG_CONFIG"; then

    fi
  fi

fi


OPT_TCP2="yes"


if test "x$disable_http" = "xyes"; then
  # without HTTP, ngtcp2 is no use
  OPT_TCP2="no"
fi

  else
        if test X"$want_quiche" != Xdefault; then
                  as_fn_error $? "--with-quiche was specified but could not find quiche pkg-config file." "$LINENO" 5
    fi
  fi
fi


OPT_HYPER="yes"

if test "x$disable_http" = "xyes"; then
  # without HTTP, hyper is of no use
  OPT_HYPER="no"
fi


# Check whether --with-hyper was given.
if test "${with_hyper+set}" = set; then :
  withval=$with_hyper; OPT_HYPER=$withval
fi

case "$OPT_HYPER" in
  no)
        want_hyper="no"
    ;;
  yes)
        want_hyper="default"
    want_hyper_path=""
    ;;
  *)
        want_hyper="yes"
    want_hyper_path="$withval"
    ;;
esac

if test X"$want_hyper" != Xno; then
    CLEANLDFLAGS="$LDFLAGS"
  CLEANCPPFLAGS="$CPPFLAGS"
  CLEANLIBS="$LIBS"


    if test -n "$PKG_CONFIG"; then
      PKGCONFIG="$PKG_CONFIG"
    else
      if test -n "$ac_tool_prefix"; then
  # Extract the first word of "${ac_tool_prefix}pkg-config", so it can be a program name with args.
set dummy ${ac_tool_prefix}pkg-config; ac_word=$2
{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
$as_echo_n "checking for $ac_word... " >&6; }
if ${ac_cv_path_PKGCONFIG+:} false; then :
  $as_echo_n "(cached) " >&6
else
  case $PKGCONFIG in
  [\\/]* | ?:[\\/]*)
  ac_cv_path_PKGCONFIG="$PKGCONFIG" # Let the user override the test with a path.
  ;;
  *)
  as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
as_dummy="$PATH:/usr/bin:/usr/local/bin"
for as_dir in $as_dummy
do
  IFS=$as_save_IFS
  test -z "$as_dir" && as_dir=.
    for ac_exec_ext in '' $ac_executable_extensions; do
  if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
    ac_cv_path_PKGCONFIG="$as_dir/$ac_word$ac_exec_ext"
    $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
    break 2
  fi
done
  done
IFS=$as_save_IFS

  ;;
esac
fi
PKGCONFIG=$ac_cv_path_PKGCONFIG
if test -n "$PKGCONFIG"; then
  { $as_echo "$as_me:${as_lineno-$LINENO}: result: $PKGCONFIG" >&5
$as_echo "$PKGCONFIG" >&6; }
else
  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
$as_echo "no" >&6; }
fi


fi
if test -z "$ac_cv_path_PKGCONFIG"; then
  ac_pt_PKGCONFIG=$PKGCONFIG
  # Extract the first word of "pkg-config", so it can be a program name with args.
set dummy pkg-config; ac_word=$2
{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
$as_echo_n "checking for $ac_word... " >&6; }
if ${ac_cv_path_ac_pt_PKGCONFIG+:} false; then :
  $as_echo_n "(cached) " >&6
else
  case $ac_pt_PKGCONFIG in
  [\\/]* | ?:[\\/]*)
  ac_cv_path_ac_pt_PKGCONFIG="$ac_pt_PKGCONFIG" # Let the user override the test with a path.
  ;;
  *)
  as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
as_dummy="$PATH:/usr/bin:/usr/local/bin"
for as_dir in $as_dummy
do
  IFS=$as_save_IFS
  test -z "$as_dir" && as_dir=.
    for ac_exec_ext in '' $ac_executable_extensions; do
  if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
    ac_cv_path_ac_pt_PKGCONFIG="$as_dir/$ac_word$ac_exec_ext"
    $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
    break 2
  fi
done
  done
IFS=$as_save_IFS

  ;;
esac
fi
ac_pt_PKGCONFIG=$ac_cv_path_ac_pt_PKGCONFIG
if test -n "$ac_pt_PKGCONFIG"; then
  { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_pt_PKGCONFIG" >&5
$as_echo "$ac_pt_PKGCONFIG" >&6; }
else
  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
$as_echo "no" >&6; }
fi

  if test "x$ac_pt_PKGCONFIG" = x; then
    PKGCONFIG="no"
  else
    case $cross_compiling:$ac_tool_warned in
yes:)
{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5
$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;}
ac_tool_warned=yes ;;
esac
    PKGCONFIG=$ac_pt_PKGCONFIG
  fi
else
  PKGCONFIG="$ac_cv_path_PKGCONFIG"
fi

    fi

    if test "x$PKGCONFIG" != "xno"; then
      { $as_echo "$as_me:${as_lineno-$LINENO}: checking for hyper options with pkg-config" >&5
$as_echo_n "checking for hyper options with pkg-config... " >&6; }
            itexists=`
    if test -n "$want_hyper_path"; then
      PKG_CONFIG_LIBDIR="$want_hyper_path"
      export PKG_CONFIG_LIBDIR
    fi
         $PKGCONFIG --exists hyper >/dev/null 2>&1 && echo 1`

      if test -z "$itexists"; then
                        PKGCONFIG="no"
        { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
$as_echo "no" >&6; }
      else
        { $as_echo "$as_me:${as_lineno-$LINENO}: result: found" >&5
$as_echo "found" >&6; }
      fi
    fi


  if test "$PKGCONFIG" != "no" ; then
    LIB_HYPER=`
    if test -n "$want_hyper_path"; then
      PKG_CONFIG_LIBDIR="$want_hyper_path"
      export PKG_CONFIG_LIBDIR
    fi

      $PKGCONFIG --libs-only-l hyper`
    CPP_HYPER=`
    if test -n "$want_hyper_path"; then
      PKG_CONFIG_LIBDIR="$want_hyper_path"
      export PKG_CONFIG_LIBDIR
    fi
       $PKGCONFIG --cflags-only-I hyper`
    LD_HYPER=`
    if test -n "$want_hyper_path"; then
      PKG_CONFIG_LIBDIR="$want_hyper_path"
      export PKG_CONFIG_LIBDIR
    fi

      $PKGCONFIG --libs-only-L hyper`
  else
        LIB_HYPER="-lhyper"
    if test X"$want_hyper" != Xdefault; then
      CPP_HYPER=-I"$want_hyper_path/capi/include"
      LD_HYPER="-L$want_hyper_path/target/debug"
    fi
  fi
  if test -n "$LIB_HYPER"; then
    { $as_echo "$as_me:${as_lineno-$LINENO}: -l is $LIB_HYPER" >&5
$as_echo "$as_me: -l is $LIB_HYPER" >&6;}
    { $as_echo "$as_me:${as_lineno-$LINENO}: -I is $CPP_HYPER" >&5
$as_echo "$as_me: -I is $CPP_HYPER" >&6;}
    { $as_echo "$as_me:${as_lineno-$LINENO}: -L is $LD_HYPER" >&5
$as_echo "$as_me: -L is $LD_HYPER" >&6;}

    LDFLAGS="$LDFLAGS $LD_HYPER"
    CPPFLAGS="$CPPFLAGS $CPP_HYPER"
    LIBS="$LIB_HYPER $LIBS"

    if test "x$cross_compiling" != "xyes"; then
      DIR_HYPER=`echo $LD_HYPER | $SED -e 's/^-L//'`
    fi

    { $as_echo "$as_me:${as_lineno-$LINENO}: checking for hyper_io_new in -lhyper" >&5
$as_echo_n "checking for hyper_io_new in -lhyper... " >&6; }
if ${ac_cv_lib_hyper_hyper_io_new+:} false; then :
  $as_echo_n "(cached) " >&6
else
  ac_check_lib_save_LIBS=$LIBS
LIBS="-lhyper  $LIBS"
cat confdefs.h - <<_ACEOF >conftest.$ac_ext
/* end confdefs.h.  */


#ifdef __cplusplus
extern "C"
#endif
char hyper_io_new ();
int main (void)
{
return hyper_io_new ();
 ;
 return 0;
}
_ACEOF
if ac_fn_c_try_link "$LINENO"; then :
  ac_cv_lib_hyper_hyper_io_new=yes
else
  ac_cv_lib_hyper_hyper_io_new=no
fi
rm -f core conftest.err conftest.$ac_objext \
    conftest$ac_exeext conftest.$ac_ext
LIBS=$ac_check_lib_save_LIBS
fi
{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_hyper_hyper_io_new" >&5
$as_echo "$ac_cv_lib_hyper_hyper_io_new" >&6; }
if test "x$ac_cv_lib_hyper_hyper_io_new" = xyes; then :

       for ac_header in hyper.h
do :
  ac_fn_c_check_header_mongrel "$LINENO" "hyper.h" "ac_cv_header_hyper_h" "$ac_includes_default"
if test "x$ac_cv_header_hyper_h" = xyes; then :
  cat >>confdefs.h <<_ACEOF
#define HAVE_HYPER_H 1
_ACEOF
 experimental="$experimental Hyper"
          { $as_echo "$as_me:${as_lineno-$LINENO}: Hyper support is experimental" >&5
$as_echo "$as_me: Hyper support is experimental" >&6;}
          curl_h1_msg="enabled (Hyper)"
          curl_h2_msg=$curl_h1_msg
          HYPER_ENABLED=1

$as_echo "#define USE_HYPER 1" >>confdefs.h

          USE_HYPER=1

          CURL_LIBRARY_PATH="$CURL_LIBRARY_PATH:$DIR_HYPER"
          export CURL_LIBRARY_PATH
          { $as_echo "$as_me:${as_lineno-$LINENO}: Added $DIR_HYPER to CURL_LIBRARY_PATH" >&5
$as_echo "$as_me: Added $DIR_HYPER to CURL_LIBRARY_PATH" >&6;}
fi

done


else
          LDFLAGS=$CLEANLDFLAGS
        CPPFLAGS=$CLEANCPPFLAGS
        LIBS=$CLEANLIBS

fi

  fi
fi



OPT_ZSH_FPATH=default

# Check whether --with-zsh-functions-dir was given.
if test "${with_zsh_functions_dir+set}" = set; then :
  withval=$with_zsh_functions_dir; OPT_ZSH_FPATH=$withval

  fi
fi

if test "x$USE_TLS_SRP" = "x1"; then
  SUPPORT_FEATURES="$SUPPORT_FEATURES TLS-SRP"
fi

if test "x$USE_NGHTTP2" = "x1" -o "x$USE_HYPER" = "x1"; then
  SUPPORT_FEATURES="$SUPPORT_FEATURES HTTP2"
fi

if test "x$USE_NGTCP2" = "x1" -o "x$USE_QUICHE" = "x1"; then
  SUPPORT_FEATURES="$SUPPORT_FEATURES HTTP3"
fi

  SUPPORT_PROTOCOLS="$SUPPORT_PROTOCOLS DICT"
fi
if test "x$CURL_DISABLE_TFTP" != "x1"; then
  SUPPORT_PROTOCOLS="$SUPPORT_PROTOCOLS TFTP"
fi
if test "x$CURL_DISABLE_GOPHER" != "x1"; then
  SUPPORT_PROTOCOLS="$SUPPORT_PROTOCOLS GOPHER"
  if test "x$SSL_ENABLED" = "x1"; then
    SUPPORT_PROTOCOLS="$SUPPORT_PROTOCOLS GOPHERS"
  fi
fi
if test "x$CURL_DISABLE_MQTT" != "x1"; then
  SUPPORT_PROTOCOLS="$SUPPORT_PROTOCOLS MQTT"
fi
if test "x$CURL_DISABLE_POP3" != "x1"; then
  SUPPORT_PROTOCOLS="$SUPPORT_PROTOCOLS POP3"
  if test "x$SSL_ENABLED" = "x1"; then

  LDAP:             ${curl_ldap_msg}
  LDAPS:            ${curl_ldaps_msg}
  RTSP:             ${curl_rtsp_msg}
  RTMP:             ${curl_rtmp_msg}
  Metalink:         ${curl_mtlnk_msg}
  PSL:              ${curl_psl_msg}
  Alt-svc:          ${curl_altsvc_msg}
  HTTP1:            ${curl_h1_msg}
  HTTP2:            ${curl_h2_msg}
  HTTP3:            ${curl_h3_msg}
  ECH:              ${curl_ech_msg}
  Protocols:        ${SUPPORT_PROTOCOLS}
  Features:         ${SUPPORT_FEATURES}
" >&5
$as_echo "$as_me: Configured to build curl/libcurl:

  LDAP:             ${curl_ldap_msg}
  LDAPS:            ${curl_ldaps_msg}
  RTSP:             ${curl_rtsp_msg}
  RTMP:             ${curl_rtmp_msg}
  Metalink:         ${curl_mtlnk_msg}
  PSL:              ${curl_psl_msg}
  Alt-svc:          ${curl_altsvc_msg}
  HTTP1:            ${curl_h1_msg}
  HTTP2:            ${curl_h2_msg}
  HTTP3:            ${curl_h3_msg}
  ECH:              ${curl_ech_msg}
  Protocols:        ${SUPPORT_PROTOCOLS}
  Features:         ${SUPPORT_FEATURES}
" >&6;}
if test -n "$experimental"; then
 cat >&2 << _EOF
  WARNING: $experimental enabled but marked EXPERIMENTAL. Use with caution!
_EOF
fi

#***************************************************************************
#                                  _   _ ____  _
#  Project                     ___| | | |  _ \| |
#                             / __| | | | |_) | |
#                            | (__| |_| |  _ <| |___
#                             \___|\___/|_| \_\_____|
#
# Copyright (C) 1998 - 2021, Daniel Stenberg, <daniel@haxx.se>, et al.
#
# This software is licensed as described in the file COPYING, which
# you should have received as part of this distribution. The terms
# are also available at https://curl.se/docs/copyright.html.
#
# You may opt to use, copy, modify, merge, publish, distribute and/or sell
# copies of the Software, and permit persons to whom the Software is

AC_INIT([curl], [-], [a suitable curl mailing list: https://curl.se/mail/])

XC_OVR_ZZ50
XC_OVR_ZZ60
CURL_OVERRIDE_AUTOCONF

dnl configure script copyright
AC_COPYRIGHT([Copyright (c) 1998 - 2021 Daniel Stenberg, <daniel@haxx.se>
This configure script may be copied, distributed and modified under the
terms of the curl license; see COPYING for more details])

AC_CONFIG_SRCDIR([lib/urldata.h])
AC_CONFIG_HEADERS(lib/curl_config.h)
AC_CONFIG_MACRO_DIR([m4])
AM_MAINTAINER_MODE

  curl_ldaps_msg="no      (--enable-ldaps)"
   curl_rtsp_msg="no      (--enable-rtsp)"
   curl_rtmp_msg="no      (--with-librtmp)"
  curl_mtlnk_msg="no      (--with-libmetalink)"
    curl_psl_msg="no      (--with-libpsl)"
 curl_altsvc_msg="enabled";
    ssl_backends=
     curl_h1_msg="enabled (--with-hyper)"
     curl_h2_msg="no      (--with-nghttp2)"
     curl_h3_msg="no      (--with-ngtcp2, --with-quiche)"

enable_altsvc="yes"

dnl
dnl Save some initial values the user might have provided
dnl
INITIAL_LDFLAGS=$LDFLAGS

       disable_http="yes"
       AC_MSG_WARN([disable HTTP disables FTP over proxy and RTSP])
       AC_SUBST(CURL_DISABLE_HTTP, [1])
       AC_DEFINE(CURL_DISABLE_RTSP, 1, [to disable RTSP])
       AC_SUBST(CURL_DISABLE_RTSP, [1])
       dnl toggle off alt-svc too when HTTP is disabled
       AC_DEFINE(CURL_DISABLE_ALTSVC, 1, [disable alt-svc])
       curl_h1_msg="no      (--enable-http, --with-hyper)"
       curl_altsvc_msg="no";
       enable_altsvc="no"
       ;;
  *)   AC_MSG_RESULT(yes)
       ;;
  esac ],
       AC_MSG_RESULT(yes)

  *)
    dnl --with-nghttp2 option used with path
    want_h2="yes"
    want_h2_path="$withval/lib/pkgconfig"
    ;;
esac


if test X"$want_h2" != Xno; then
  dnl backup the pre-nghttp2 variables
  CLEANLDFLAGS="$LDFLAGS"
  CLEANCPPFLAGS="$CPPFLAGS"
  CLEANLIBS="$LIBS"

  CURL_CHECK_PKGCONFIG(libnghttp2, $want_h2_path)

fi

dnl **********************************************************************
dnl Check for ngtcp2 (QUIC)
dnl **********************************************************************

OPT_TCP2="yes"


if test "x$disable_http" = "xyes"; then
  # without HTTP, ngtcp2 is no use
  OPT_TCP2="no"
fi

AC_ARG_WITH(ngtcp2,

    if test X"$want_quiche" != Xdefault; then
      dnl To avoid link errors, we do not allow --with-quiche without
      dnl a pkgconfig file
      AC_MSG_ERROR([--with-quiche was specified but could not find quiche pkg-config file.])
    fi
  fi
fi

dnl **********************************************************************
dnl Check for Hyper
dnl **********************************************************************

OPT_HYPER="yes"

if test "x$disable_http" = "xyes"; then
  # without HTTP, hyper is of no use
  OPT_HYPER="no"
fi

AC_ARG_WITH(hyper,
AC_HELP_STRING([--with-hyper=PATH],[Enable hyper usage])
AC_HELP_STRING([--without-hyper],[Disable hyper usage]),
  [OPT_HYPER=$withval])
case "$OPT_HYPER" in
  no)
    dnl --without-hyper option used
    want_hyper="no"
    ;;
  yes)
    dnl --with-hyper option used without path
    want_hyper="default"
    want_hyper_path=""
    ;;
  *)
    dnl --with-hyper option used with path
    want_hyper="yes"
    want_hyper_path="$withval"
    ;;
esac

if test X"$want_hyper" != Xno; then
  dnl backup the pre-hyper variables
  CLEANLDFLAGS="$LDFLAGS"
  CLEANCPPFLAGS="$CPPFLAGS"
  CLEANLIBS="$LIBS"

  CURL_CHECK_PKGCONFIG(hyper, $want_hyper_path)

  if test "$PKGCONFIG" != "no" ; then
    LIB_HYPER=`CURL_EXPORT_PCDIR([$want_hyper_path])
      $PKGCONFIG --libs-only-l hyper`
    CPP_HYPER=`CURL_EXPORT_PCDIR([$want_hyper_path]) dnl
      $PKGCONFIG --cflags-only-I hyper`
    LD_HYPER=`CURL_EXPORT_PCDIR([$want_hyper_path])
      $PKGCONFIG --libs-only-L hyper`
  else
    dnl no hyper pkg-config found
    LIB_HYPER="-lhyper"
    if test X"$want_hyper" != Xdefault; then
      CPP_HYPER=-I"$want_hyper_path/capi/include"
      LD_HYPER="-L$want_hyper_path/target/debug"
    fi
  fi
  if test -n "$LIB_HYPER"; then
    AC_MSG_NOTICE([-l is $LIB_HYPER])
    AC_MSG_NOTICE([-I is $CPP_HYPER])
    AC_MSG_NOTICE([-L is $LD_HYPER])

    LDFLAGS="$LDFLAGS $LD_HYPER"
    CPPFLAGS="$CPPFLAGS $CPP_HYPER"
    LIBS="$LIB_HYPER $LIBS"

    if test "x$cross_compiling" != "xyes"; then
      DIR_HYPER=`echo $LD_HYPER | $SED -e 's/^-L//'`
    fi

    AC_CHECK_LIB(hyper, hyper_io_new,
      [
       AC_CHECK_HEADERS(hyper.h,
          experimental="$experimental Hyper"
          AC_MSG_NOTICE([Hyper support is experimental])
          curl_h1_msg="enabled (Hyper)"
          curl_h2_msg=$curl_h1_msg
          HYPER_ENABLED=1
          AC_DEFINE(USE_HYPER, 1, [if hyper is in use])
          AC_SUBST(USE_HYPER, [1])
          CURL_LIBRARY_PATH="$CURL_LIBRARY_PATH:$DIR_HYPER"
          export CURL_LIBRARY_PATH
          AC_MSG_NOTICE([Added $DIR_HYPER to CURL_LIBRARY_PATH]),
       )
      ],
        dnl not found, revert back to clean variables
        LDFLAGS=$CLEANLDFLAGS
        CPPFLAGS=$CLEANCPPFLAGS
        LIBS=$CLEANLIBS
    )
  fi
fi


dnl **********************************************************************
dnl Check for zsh completion path
dnl **********************************************************************

OPT_ZSH_FPATH=default
AC_ARG_WITH(zsh-functions-dir,

  fi
fi

if test "x$USE_TLS_SRP" = "x1"; then
  SUPPORT_FEATURES="$SUPPORT_FEATURES TLS-SRP"
fi

if test "x$USE_NGHTTP2" = "x1" -o "x$USE_HYPER" = "x1"; then
  SUPPORT_FEATURES="$SUPPORT_FEATURES HTTP2"
fi

if test "x$USE_NGTCP2" = "x1" -o "x$USE_QUICHE" = "x1"; then
  SUPPORT_FEATURES="$SUPPORT_FEATURES HTTP3"
fi

  SUPPORT_PROTOCOLS="$SUPPORT_PROTOCOLS DICT"
fi
if test "x$CURL_DISABLE_TFTP" != "x1"; then
  SUPPORT_PROTOCOLS="$SUPPORT_PROTOCOLS TFTP"
fi
if test "x$CURL_DISABLE_GOPHER" != "x1"; then
  SUPPORT_PROTOCOLS="$SUPPORT_PROTOCOLS GOPHER"
  if test "x$SSL_ENABLED" = "x1"; then
    SUPPORT_PROTOCOLS="$SUPPORT_PROTOCOLS GOPHERS"
  fi
fi
if test "x$CURL_DISABLE_MQTT" != "x1"; then
  SUPPORT_PROTOCOLS="$SUPPORT_PROTOCOLS MQTT"
fi
if test "x$CURL_DISABLE_POP3" != "x1"; then
  SUPPORT_PROTOCOLS="$SUPPORT_PROTOCOLS POP3"
  if test "x$SSL_ENABLED" = "x1"; then

  LDAP:             ${curl_ldap_msg}
  LDAPS:            ${curl_ldaps_msg}
  RTSP:             ${curl_rtsp_msg}
  RTMP:             ${curl_rtmp_msg}
  Metalink:         ${curl_mtlnk_msg}
  PSL:              ${curl_psl_msg}
  Alt-svc:          ${curl_altsvc_msg}
  HTTP1:            ${curl_h1_msg}
  HTTP2:            ${curl_h2_msg}
  HTTP3:            ${curl_h3_msg}
  ECH:              ${curl_ech_msg}
  Protocols:        ${SUPPORT_PROTOCOLS}
  Features:         ${SUPPORT_FEATURES}
])
if test -n "$experimental"; then
 cat >&2 << _EOF
  WARNING: $experimental enabled but marked EXPERIMENTAL. Use with caution!
_EOF
fi

This bounty is relying on funds from sponsors. If you use curl professionally,
consider help funding this! See
[https://opencollective.com/curl](https://opencollective.com/curl) for
details.

# What are the reward amounts?

The curl project offers monetary compensation for reported and published
security vulnerabilities. The amount of money that is rewarded depends on how
serious the flaw is determined to be.

We offer reward money *up to* a certain amount per severity. The curl security
team determines the severity of each reported flaw on a case by case basis and
the exact amount rewarded to the reporter is then decided.

The vulnerability has to be fixed and publicly announced (by the curl project)
before a bug bounty will be considered.

Bounties need to be requested within twelve months from the publication of the
vulnerability.





# Product vulnerabilities only

This bug bounty only concerns the curl and libcurl products and thus their
respective source codes - when running on existing hardware. It does not
include documentation, websites, or other infrastructure.

The curl security team is the sole arbiter if a reported flaw is subject to a
bounty or not.

# How are vulnerabilities graded?

The grading of each reported vulnerability that makes a reward claim will be
performed by the curl security team. The grading will be based on the CVSS
(Common Vulnerability Scoring System) 3.0.

Make extra precautions and verify that memory buffers that need a terminating
zero always have exactly that. Buffers *without* a zero terminator must not be
used as input to string functions.

# Commit messages

Tightly coupled with a code review is making sure that the commit message is
good. It is the responsibility of the person who merges the code to make sure
that the commit message follows our standard (detailed in the
[CONTRIBUTE.md](CONTRIBUTE.md) document). This includes making sure the PR
identifies related issues and giving credit to reporters and helpers.

library-global symbols.

## Indenting

We use only spaces for indentation, never TABs. We use two spaces for each new
open brace.

```c
if(something_is_true) {
  while(second_statement == fine) {
    moo();
  }
}
```

## Comments

Since we write C89 code, **//** comments are not allowed. They weren't
introduced in the C standard until C99. We use only **/* comments */**.

```c
/* this is a comment */
```

## Long lines

Source code in curl may never be wider than 79 columns and there are two
reasons for maintaining this even in the modern era of very large and high
resolution screens:

## Braces

In if/while/do/for expressions, we write the open brace on the same line as
the keyword and we then set the closing brace on the same indentation level as
the initial keyword. Like this:

```c
if(age < 40) {
  /* clearly a youngster */
}
```

You may omit the braces if they would contain only a one-line statement:

```c
if(!x)
  continue;
```

For functions the opening brace should be on a separate line:

```c
int main(int argc, char **argv)
{
  return 1;
}
```

## 'else' on the following line

When adding an **else** clause to a conditional expression using braces, we
add it on a new line after the closing brace. Like this:

```c
if(age < 40) {
  /* clearly a youngster */
}
else {
  /* probably grumpy */
}
```

## No space before parentheses

When writing expressions using if/while/do/for, there shall be no space
between the keyword and the open parenthesis. Like this:

```c
while(1) {
  /* loop forever */
}
```

## Use boolean conditions

Rather than test a conditional value such as a bool against TRUE or FALSE, a
pointer against NULL or != NULL and an int against zero or not zero in
if/while conditions we prefer:

```c
result = do_something();
if(!result) {
  /* something went wrong */
  return result;
}
```

## No assignments in conditions

To increase readability and reduce complexity of conditionals, we avoid
assigning variables within if/while conditions. We frown upon this style:

```c
if((ptr = malloc(100)) == NULL)
  return NULL;
```

and instead we encourage the above version to be spelled out more clearly:

```c
ptr = malloc(100);
if(!ptr)
  return NULL;
```

## New block on a new line

We never write multiple statements on the same source line, even for very
short if() conditions.

```c
if(a)
  return TRUE;
else if(b)
  return FALSE;
```

and NEVER:

```c
if(a) return TRUE;
else if(b) return FALSE;
```

## Space around operators

Please use spaces on both sides of operators in C expressions.  Postfix **(),
[], ->, ., ++, --** and Unary **+, - !, ~, &** operators excluded they should
have no space.

Examples:

```c
bla = func();
who = name[0];
age += 1;
true = !false;
size += -2 + 3 * (a + b);
ptr->member = a++;
struct.field = b--;
ptr = &address;
contents = *pointer;
complement = ~bits;
empty = (!*string) ? TRUE : FALSE;
```

## No parentheses for return values

We use the 'return' statement without extra parentheses around the value:

```c
int works(void)
{
  return TRUE;
}
```

## Parentheses for sizeof arguments

When using the sizeof operator in code, we prefer it to be written with
parentheses around its argument:

```c
int size = sizeof(int);
```

## Column alignment

Some statements cannot be completed on a single line because the line would be
too long, the statement too hard to read, or due to other style guidelines
above. In such a case the statement will span multiple lines.

If a continuation line is part of an expression or sub-expression then you
should align on the appropriate column so that it's easy to tell what part of
the statement it is. Operators should not start continuation lines. In other
cases follow the 2-space indent guideline. Here are some examples from
libcurl:

```c
if(Curl_pipeline_wanted(handle->multi, CURLPIPE_HTTP1) &&
   (handle->set.httpversion != CURL_HTTP_VERSION_1_0) &&
   (handle->set.httpreq == HTTPREQ_GET ||
    handle->set.httpreq == HTTPREQ_HEAD))
  /* didn't ask for HTTP/1.0 and a GET or HEAD */
  return TRUE;
```

If no parenthesis, use the default indent:

```c
data->set.http_disable_hostname_check_before_authentication =
  (0 != va_arg(param, long)) ? TRUE : FALSE;
```

Function invoke with an open parenthesis:

```c
if(option) {
  result = parse_login_details(option, strlen(option),
                               (userp ? &user : NULL),
                               (passwdp ? &passwd : NULL),
                               NULL);
}
```

Align with the "current open" parenthesis:

```c
DEBUGF(infof(data, "Curl_pp_readresp_ %d bytes of trailing "
             "server response left\n",
             (int)clipamount));
```

## Platform dependent code

Use **#ifdef HAVE_FEATURE** to do conditional code. We avoid checking for
particular operating systems or hardware in the #ifdef lines. The HAVE_FEATURE
shall be generated by the configure script for unix-like systems and they are
hard-coded in the `config-[system].h` files for the others.

We also encourage use of macros/functions that possibly are empty or defined
to constants when libcurl is built without that feature, to make the code
seamless. Like this example where the **magic()** function works differently
depending on a build-time conditional:

```c
#ifdef HAVE_MAGIC
void magic(int a)
{
  return a + 2;
}
#else
#define magic(x) 1
#endif

int content = magic(3);
```

## No typedefed structs

Use structs by all means, but do not typedef them. Use the `struct name` way
of identifying them:

```c
struct something {
   void *valid;
   size_t way_to_write;
};
struct something instance;
```

**Not okay**:

```c
typedef struct {
   void *wrong;
   size_t way_to_write;
} something;
something instance;
```

# dynbuf

This is the internal module for creating and handling "dynamic buffers". This
means buffers that can be appended to, dynamically and grow in size to adapt.

There will always be a terminating zero put at the end of the dynamic buffer.

The `struct dynbuf` is used to hold data for each instance of a dynamic
buffer. The members of that struct **MUST NOT** be accessed or modified
without using the dedicated dynbuf API.

## init

```c
void Curl_dyn_init(struct dynbuf *s, size_t toobig);
```

This inits a struct to use for dynbuf and it can't fail. The `toobig` value
**must** be set to the maximum size we allow this buffer instance to grow to.
The functions below will return `CURLE_OUT_OF_MEMORY` when hitting this limit.

## free

```c
void Curl_dyn_free(struct dynbuf *s);
```

Free the associated memory and clean up. After a free, the `dynbuf` struct can
be re-used to start appending new data to.

## addn

```c
CURLcode Curl_dyn_addn(struct dynbuf *s, const void *mem, size_t len);
```

Append arbitrary data of a given length to the end of the buffer.

## add

```c
CURLcode Curl_dyn_add(struct dynbuf *s, const char *str);
```

Append a C string to the end of the buffer.

## addf

```c
CURLcode Curl_dyn_addf(struct dynbuf *s, const char *fmt, ...);
```

Append a `printf()`-style string to the end of the buffer.

## vaddf

```c
CURLcode Curl_dyn_vaddf(struct dynbuf *s, const char *fmt, va_list ap);
```

Append a `vprintf()`-style string to the end of the buffer.

## reset

```c
void Curl_dyn_reset(struct dynbuf *s);
```

Reset the buffer length, but leave the allocation.

## tail

```c
CURLcode Curl_dyn_tail(struct dynbuf *s, size_t length);
```

Keep `length` bytes of the buffer tail (the last `length` bytes of the
buffer). The rest of the buffer is dropped. The specified `length` must not be
larger than the buffer length.

## ptr

```c
char *Curl_dyn_ptr(const struct dynbuf *s);
```

Returns a `char *` to the buffer if it has a length, otherwise a NULL. Since
the buffer may be reallocated, this pointer should not be trusted or used
anymore after the next buffer manipulation call.

## uptr

```c
unsigned char *Curl_dyn_uptr(const struct dynbuf *s);
```

Returns an `unsigned char *` to the buffer if it has a length, otherwise a
NULL. Since the buffer may be reallocated, this pointer should not be trusted
or used anymore after the next buffer manipulation call.

## len

```c
size_t Curl_dyn_len(const struct dynbuf *s);
```

Returns the length of the buffer in bytes. Does not include the terminating
zero byte.

4. **We reserve the right to change behavior** of the feature without sticking
   to our API/ABI rules as we do for regular features, as long as it is marked
   experimental.
5. Experimental features are clearly marked so in documentation. Beware.

## Experimental features right now

 - The Hyper HTTP backend
 - HTTP/3 support and options
 - CURLSSLOPT_NATIVE_CA (No configure option, feature built in when supported)
 - HSTS support and options

  4.19 Why doesn't curl return an error when the network cable is unplugged?
  4.20 curl doesn't return error for HTTP non-200 responses!

 5. libcurl Issues
  5.1 Is libcurl thread-safe?
  5.2 How can I receive all data into a large memory chunk?
  5.3 How do I fetch multiple files with libcurl?
  5.4 Does libcurl do Winsock initialization on win32 systems?
  5.5 Does CURLOPT_WRITEDATA and CURLOPT_READDATA work on win32 ?
  5.6 What about Keep-Alive or persistent connections?
  5.7 Link errors when building libcurl on Windows!
  5.8 libcurl.so.X: open failed: No such file or directory
  5.9 How does libcurl resolve host names?
  5.10 How do I prevent libcurl from writing the response to stdout?
  5.11 How do I make libcurl not receive the whole HTTP response?

  choose to ignore it and return the full document anyway.

  4.12 Why do I get "certificate verify failed" ?

  When you invoke curl and get an error 60 error back it means that curl
  couldn't verify that the server's certificate was good. curl verifies the
  certificate using the CA cert bundle and verifying for which names the
  certificate has been granted.

  To completely disable the certificate verification, use -k. This does
  however enable man-in-the-middle attacks and makes the transfer INSECURE.
  We strongly advice against doing this for more than experiments.

  If you get this failure with a CA cert bundle installed and used, the
  server's certificate might not be signed by one of the CA's in yout CA
  store. It might for example be self-signed. You then correct this problem by
  obtaining a valid CA cert for the server. Or again, decrease the security by

  libcurl will potentially internally use threads for name resolving, if it
  was built to work like that, but in those cases it'll create the child
  threads by itself and they will only be used and then killed internally by
  libcurl and never exposed to the outside.

6. License Issues

  curl and libcurl are released under a MIT/X derivative license. The license is
  very liberal and should not impose a problem for your project. This section
  is just a brief summary for the cases we get the most questions. (Parts of
  this section was much enhanced by Bjorn Reese.)

  We are not lawyers and this is not legal advice. You should probably consult
  one if you want true and accurate legal insights without our prejudice. Note
  especially that this section concerns the libcurl license only; compiling in
  features of libcurl that depend on other libraries (e.g. OpenSSL) may affect
  the licensing obligations of your application.

  6.1 I have a GPL program, can I use the libcurl library?

  Yes!

  Since libcurl may be distributed under the MIT/X derivative license, it can be
  used together with GPL in any software.

  6.2 I have a closed-source program, can I use the libcurl library?

  Yes!

  libcurl does not put any restrictions on the program that uses the library.

  The LGPL license doesn't clash with other licenses.

  6.5 Can I modify curl/libcurl for my program and keep the changes secret?

  Yes!

  The MIT/X derivative license practically allows you to do almost anything with
  the sources, on the condition that the copyright texts in the sources are
  left intact.

  6.6 Can you please change the curl/libcurl license to XXXX?

  No.

enough. Simple issues get handled very fast.

If you're looking for a smaller or simpler task in the project to help out
with as an entry-point into the project, perhaps because you are a newcomer or
even maybe not a terribly experienced developer, here's our advice:

 - Read through this document to get a grasp on a general approach to use
 - Consider adding a test case for something not currently tested (correctly)
 - Consider updating or adding documentation
 - One way to get your feet wet gently in the project, is to participate in an
   existing issue/PR and help out by reproducing the issue, review the code in
   the PR etc.

## Help wanted

How curl Became Like This
=========================

Towards the end of 1996, Daniel Stenberg was spending time writing an IRC bot
for an Amiga related channel on EFnet. He then came up with the idea to make
currency-exchange calculations available to Internet Relay Chat (IRC)
users. All the necessary data were published on the Web; he just needed to
automate their retrieval.

1996
----

On November 11, 1996 the Brazilian developer Rafael Sagula wrote and released
HttpGet version 0.1.

Daniel extended this existing command-line open-source tool. After a few minor

adjustments, it did just what he needed. The first release with Daniel's
additions was 0.2, released on December 17, 1996. Daniel quickly became the
new maintainer of the project.

1997
----

HttpGet 0.3 was released in January 1997 and now it accepted HTTP URLs on the
command line.

HttpGet 1.0 was released on April 8th 1997 with brand new HTTP proxy support.

We soon found and fixed support for getting currencies over GOPHER.  Once FTP
download support was added, the name of the project was changed and urlget 2.0
was released in August 1997. The http-only days were already passed.

Version 2.2 was released on August 14 1997 and introduced support to build for
and run on Windows and Solaris.

November 24 1997: Version 3.1 added FTP upload support.

Version 3.5 added support for HTTP POST.

1998
----

February 4: urlget 3.10

February 9: urlget 3.11

March 14: urlget 3.12 added proxy authentication.

The project slowly grew bigger. With upload capabilities, the name was once
again misleading and a second name change was made. On March 20, 1998 curl 4
was released. (The version numbering from the previous names was kept.)


(Unrelated to this project a company called Curl Corporation registered a US
trademark on the name "CURL" on May 18 1998. That company had then already
registered the curl.com domain back in November of the previous year. All this
was revealed to us much later.)

SSL support was added, powered by the SSLeay library.

HTTP/2 with curl
================

[HTTP/2 Spec](https://www.rfc-editor.org/rfc/rfc7540.txt)
[http2 explained](https://daniel.haxx.se/http2/)

Build prerequisites
-------------------
  - nghttp2
  - OpenSSL, libressl, BoringSSL, NSS, GnuTLS, mbedTLS, wolfSSL or Schannel
    with a new enough version.

[nghttp2](https://nghttp2.org/)
-------------------------------

libcurl uses this 3rd party library for the low level protocol handling
parts. The reason for this is that HTTP/2 is much more complex at that layer

## build

Build quiche and BoringSSL:

     % git clone --recursive https://github.com/cloudflare/quiche
     % cd quiche
     % cargo build --release --features ffi,pkg-config-meta,qlog
     % mkdir deps/boringssl/src/lib
     % ln -vnf $(find target/release -name libcrypto.a -o -name libssl.a) deps/boringssl/src/lib/

Build curl:

     % cd ..
     % git clone https://github.com/curl/curl

# Hyper

Hyper is a separate HTTP library written in Rust. curl can be told to use this
library as a backend to deal with HTTP.

## Experimental!

Hyper support in curl is considered **EXPERIMENTAL** until further notice. It
needs to be explicitly enabled at build-time.

Further development and tweaking of the Hyper backend support in curl will
happen in in the master branch using pull-requests, just like ordinary
changes.

## Hyper version

The C API for Hyper is brand new and under development. This description
assumes that you get and build that C API off [the branch in Hyper's git
repository](https://github.com/hyperium/hyper/tree/hyper-capi).

## build curl with hyper

Build hyper and enable the C API:

     % git clone https://github.com/hyperium/hyper
     % cd hyper
     % RUSTFLAGS="--cfg hyper_unstable_ffi" cargo build --features client,http1,http2,ffi

Build curl to use hyper's C API:

     % git clone https://github.com/curl/curl
     % cd curl
     % ./buildconf
     % ./configure --with-hyper=<hyper dir>
     % make

# using Hyper internally

Hyper is a low level HTTP transport library. curl itself provides all HTTP
headers and Hyper provides all received headers back to curl.

Therefore, most of the "header logic" in curl as in responding to and acting
on specific input and output headers are done the same way in curl code.

The API in Hyper delivers received HTTP headers as (cleaned up) name=value
pairs, making it impossible for curl to know the exact byte representation
over the wire with Hyper.

## Remaining issues

This backend is still not feature complete with the native backend. Areas that
still need attention and verification include:

- multiplexed HTTP/2
- h2 Upgrade:
- pausing transfers
- co-exist with a HTTP/3 build
- receiving HTTP/1 trailers
- sending HTTP/1 trailers
- accept-encoding
- transfer encoding
- alt-svc
- hsts
- DoH ([#6389](https://github.com/curl/curl/issues/6389))

 If you get linkage errors read section 5.7 of the FAQ document.

## MingW32

Make sure that MinGW32's bin dir is in the search path, for example:

```cmd
set PATH=c:\mingw32\bin;%PATH%
```

then run `mingw32-make mingw32` in the root dir. There are other
make targets available to build libcurl with more features, use:

 - `mingw32-make mingw32-zlib` to build with Zlib support;
 - `mingw32-make mingw32-ssl-zlib` to build with SSL and Zlib enabled;
 - `mingw32-make mingw32-ssh2-ssl-zlib` to build with SSH2, SSL, Zlib;
 - `mingw32-make mingw32-ssh2-ssl-sspi-zlib` to build with SSH2, SSL, Zlib
   and SSPI support.

If you have any problems linking libraries or finding header files, be sure
to verify that the provided `Makefile.m32` files use the proper paths, and
adjust as necessary. It is also possible to override these paths with
environment variables, for example:

```cmd
set ZLIB_PATH=c:\zlib-1.2.8
set OPENSSL_PATH=c:\openssl-1.0.2c
set LIBSSH2_PATH=c:\libssh2-1.6.0
```

It is also possible to build with other LDAP SDKs than MS LDAP; currently
it is possible to build with native Win32 OpenLDAP, or with the Novell CLDAP
SDK. If you want to use these you need to set these vars:

```cmd
set LDAP_SDK=c:\openldap
set USE_LDAP_OPENLDAP=1
```

or for using the Novell SDK:

```cmd
set USE_LDAP_NOVELL=1
```

If you want to enable LDAPS support then set LDAPS=1.

## Cygwin

Almost identical to the unix installation. Run the configure script in the
curl source tree root with `sh configure`. Make sure you have the `sh`

you set the `MACOSX_DEPLOYMENT_TARGET` environmental variable to an earlier
version of macOS prior to building curl, then curl will use the new Secure
Transport API on Mountain Lion and later, and fall back on the older API when
the same curl binary is executed on older cats. For example, running these
commands in curl's directory in the shell will build the code such that it
will run on cats as old as OS X 10.6 ("Snow Leopard") (using bash):

```bash
export MACOSX_DEPLOYMENT_TARGET="10.6"
./configure --with-secure-transport
make
```

# Android

When building curl for Android it's recommended to use a Linux environment
since using curl's `configure` script is the easiest way to build curl
for Android. Before you can build curl for Android, you need to install the
Android NDK first. This can be done using the SDK Manager that is part of
Android Studio. Once you have installed the Android NDK, you need to figure out
where it has been installed and then set up some environment variables before
launching `configure`. On macOS, those variables could look like this to compile
for `aarch64` and API level 29:

```bash
export NDK=~/Library/Android/sdk/ndk/20.1.5948944
export HOST_TAG=darwin-x86_64
export TOOLCHAIN=$NDK/toolchains/llvm/prebuilt/$HOST_TAG
export AR=$TOOLCHAIN/bin/aarch64-linux-android-ar
export AS=$TOOLCHAIN/bin/aarch64-linux-android-as
export CC=$TOOLCHAIN/bin/aarch64-linux-android29-clang
export CXX=$TOOLCHAIN/bin/aarch64-linux-android29-clang++
export LD=$TOOLCHAIN/bin/aarch64-linux-android-ld
export RANLIB=$TOOLCHAIN/bin/aarch64-linux-android-ranlib
export STRIP=$TOOLCHAIN/bin/aarch64-linux-android-strip
```

When building on Linux or targeting other API levels or architectures, you need
to adjust those variables accordingly. After that you can build curl like this:

    ./configure --host aarch64-linux-android --with-pic --disable-shared

Note that this won't give you SSL/TLS support. If you need SSL/TLS, you have

Set environment variables to point to the cross-compile toolchain and call
configure with any options you need.  Be sure and specify the `--host` and
`--build` parameters at configuration time.  The following script is an
example of cross-compiling for the IBM 405GP PowerPC processor using the
toolchain from MonteVista for Hardhat Linux.

```bash
#! /bin/sh

export PATH=$PATH:/opt/hardhat/devkit/ppc/405/bin
export CPPFLAGS="-I/opt/hardhat/devkit/ppc/405/target/usr/include"
export AR=ppc_405-ar
export AS=ppc_405-as
export LD=ppc_405-ld
export RANLIB=ppc_405-ranlib
export CC=ppc_405-gcc
export NM=ppc_405-nm

./configure --target=powerpc-hardhat-linux
    --host=powerpc-hardhat-linux
    --build=i586-pc-linux-gnu
    --prefix=/opt/hardhat/devkit/ppc/405/target/usr/local
    --exec-prefix=/usr/local
```

You may also need to provide a parameter like `--with-random=/dev/urandom` to
configure as it cannot detect the presence of a random number generating
device for a target system.  The `--prefix` parameter specifies where curl
will be installed.  If `configure` completes successfully, do `make` and `make
install` as usual.

 - `--disable-cookies`          !cookies
 - `--disable-manual`           !--manual
 - `--disable-proxy`            !HTTP\ proxy !proxytunnel !SOCKS4 !SOCKS5

# PORTS

This is a probably incomplete list of known CPU architectures and operating
systems that curl has been compiled for. If you know a system curl compiles
and runs on, that isn't listed, please let us know!






## 85 Operating Systems



































AIX, AmigaOS, Android, Aros, BeOS, Blackberry 10, Blackberry Tablet OS, Cell



OS, ChromeOS, Cisco IOS, Cygwin, Dragonfly BSD, eCOS, FreeBSD, FreeDOS,

FreeRTOS, Fuchsia, Garmin OS, Genode, Haiku, HardenedBSD, HP-UX, Hurd,

Illumos, Integrity, iOS, ipadOS, IRIX, LineageOS, Linux, Lua RTOS, Mac OS 9,
macOS, Mbed, Micrium, MINIX, MorphOS, MPE/iX, MS-DOS, NCR MP-RAS, NetBSD,


Netware, Nintendo Switch, NonStop OS, NuttX, OpenBSD, OpenStep, Orbis OS,
OS/2, OS/400, OS21, Plan 9, PlayStation Portable, QNX, Qubes OS, ReactOS,
Redox, RICS OS, Sailfish OS, SCO Unix, Serenity, SINIX-Z, Solaris, SunOS,
Syllable OS, Symbian, Tizen, TPF, Tru64, tvOS, ucLinux, Ultrix, UNICOS,
UnixWare, VMS, vxWorks, WebOS, Wii system software, Windows, Windows CE, Xbox
System, z/OS, z/TPF, z/VM, z/VSE



## 22 CPU Architectures




Alpha, ARC, ARM, AVR32, Cell, HP-PA, Itanium, m68k, MicroBlaze, MIPS, Nios,



OpenRISC, POWER, PowerPC, RISC-V, s390, SH4, SPARC, VAX, x86, x86-64, Xtensa