From 8d07d458bd54da457b571c9cee118ab26e675602 Mon Sep 17 00:00:00 2001 From: Rim Date: Tue, 29 Apr 2025 02:51:27 -0400 Subject: [PATCH] chore: fix deps --- .gitignore | 4 +- deps/GSL/.github/ISSUE_TEMPLATE/bug_report.md | 29 + deps/GSL/.github/workflows/android.yml | 59 + deps/GSL/.github/workflows/cmake/action.yml | 56 + .../.github/workflows/cmake_find_package.yml | 25 + deps/GSL/.github/workflows/compilers.yml | 115 + deps/GSL/.github/workflows/ios.yml | 52 + deps/GSL/CMakeLists.txt | 48 + deps/GSL/CONTRIBUTING.md | 29 + deps/GSL/README.md | 220 + deps/GSL/SECURITY.md | 41 + deps/GSL/ThirdPartyNotices.txt | 41 + deps/GSL/docs/headers.md | 884 ++ deps/GSL/include/CMakeLists.txt | 13 + deps/GSL/tests/CMakeLists.txt | 319 + deps/asmjit/.github/FUNDING.yml | 1 + .../.github/ISSUE_TEMPLATE/01_bug_report.yml | 42 + .../ISSUE_TEMPLATE/02_feature_request.yml | 18 + .../ISSUE_TEMPLATE/03_help_question.yml | 18 + .../ISSUE_TEMPLATE/99_other_issues.yml | 11 + .../.github/workflows/build-config.json | 25 + deps/asmjit/.github/workflows/build.yml | 232 + deps/asmjit/CMakeLists.txt | 687 ++ deps/asmjit/CONTRIBUTING.md | 102 + deps/asmjit/LICENSE.md | 17 + deps/asmjit/README.md | 70 + deps/asmjit/db/LICENSE.md | 26 + deps/asmjit/db/README.md | 21 + deps/curl/.github/CODEOWNERS | 3 + deps/curl/.github/CONTRIBUTING.md | 29 + deps/curl/.github/FUNDING.yml | 6 + .../.github/ISSUE_TEMPLATE/bug_report.yml | 55 + deps/curl/.github/ISSUE_TEMPLATE/config.yml | 18 + deps/curl/.github/ISSUE_TEMPLATE/docs.yml | 32 + deps/curl/.github/dependabot.yml | 10 + deps/curl/.github/labeler.yml | 531 + deps/curl/.github/lock.yml | 12 + deps/curl/.github/scripts/badwords.pl | 79 + deps/curl/.github/scripts/badwords.txt | 73 + deps/curl/.github/scripts/binarycheck.pl | 115 + deps/curl/.github/scripts/binarycheck.sums | 16 + deps/curl/.github/scripts/cleancmd.pl | 119 + deps/curl/.github/scripts/cmp-config.pl | 136 + deps/curl/.github/scripts/cmp-pkg-config.sh | 49 + .../curl/.github/scripts/codespell-ignore.txt | 16 + deps/curl/.github/scripts/distfiles.sh | 57 + deps/curl/.github/scripts/shellcheck.sh | 10 + deps/curl/.github/scripts/spacecheck.pl | 153 + deps/curl/.github/scripts/spellcheck.curl | 151 + deps/curl/.github/scripts/spellcheck.words | 979 ++ deps/curl/.github/scripts/spellcheck.yaml | 32 + .../.github/scripts/trimmarkdownheader.pl | 41 + deps/curl/.github/scripts/verify-examples.pl | 110 + deps/curl/.github/scripts/verify-synopsis.pl | 84 + deps/curl/.github/scripts/yamlcheck.sh | 13 + deps/curl/.github/scripts/yamlcheck.yaml | 17 + deps/curl/.github/stale.yml | 21 + .../.github/workflows/appveyor-status.yml | 41 + deps/curl/.github/workflows/checkdocs.yml | 159 + deps/curl/.github/workflows/checksrc.yml | 120 + .../.github/workflows/configure-vs-cmake.yml | 149 + deps/curl/.github/workflows/curl-for-win.yml | 163 + deps/curl/.github/workflows/distcheck.yml | 194 + deps/curl/.github/workflows/fuzz.yml | 46 + .../workflows/hacktoberfest-accepted.yml | 68 + deps/curl/.github/workflows/http3-linux.yml | 519 + deps/curl/.github/workflows/label.yml | 26 + deps/curl/.github/workflows/linux-old.yml | 148 + deps/curl/.github/workflows/linux.yml | 709 ++ deps/curl/.github/workflows/macos.yml | 508 + deps/curl/.github/workflows/non-native.yml | 729 ++ deps/curl/.github/workflows/windows.yml | 956 ++ deps/curl/CHANGES.md | 12 + deps/curl/CMakeLists.txt | 2512 +++++ deps/curl/GIT-INFO.md | 28 + deps/curl/LICENSES/BSD-3-Clause.txt | 11 + deps/curl/LICENSES/BSD-4-Clause-UC.txt | 15 + deps/curl/LICENSES/ISC.txt | 12 + deps/curl/LICENSES/curl.txt | 22 + deps/curl/README.md | 68 + deps/curl/SECURITY.md | 29 + deps/curl/docs/ALTSVC.md | 43 + deps/curl/docs/BINDINGS.md | 148 + deps/curl/docs/BUG-BOUNTY.md | 94 + deps/curl/docs/BUGS.md | 270 + deps/curl/docs/CIPHERS-TLS12.md | 336 + deps/curl/docs/CIPHERS.md | 273 + deps/curl/docs/CMakeLists.txt | 46 + deps/curl/docs/CODE_OF_CONDUCT.md | 38 + deps/curl/docs/CODE_REVIEW.md | 174 + deps/curl/docs/CONTRIBUTE.md | 307 + deps/curl/docs/CURL-DISABLE.md | 191 + deps/curl/docs/CURLDOWN.md | 168 + deps/curl/docs/DEPRECATE.md | 59 + deps/curl/docs/DISTROS.md | 286 + deps/curl/docs/EARLY-RELEASE.md | 73 + deps/curl/docs/ECH.md | 478 + deps/curl/docs/EXPERIMENTAL.md | 90 + deps/curl/docs/FEATURES.md | 249 + deps/curl/docs/GOVERNANCE.md | 202 + deps/curl/docs/HELP-US.md | 94 + deps/curl/docs/HISTORY.md | 486 + deps/curl/docs/HSTS.md | 48 + deps/curl/docs/HTTP-COOKIES.md | 171 + deps/curl/docs/HTTP3.md | 439 + deps/curl/docs/HTTPSRR.md | 100 + deps/curl/docs/INFRASTRUCTURE.md | 193 + deps/curl/docs/INSTALL | 9 + deps/curl/docs/INSTALL-CMAKE.md | 560 + deps/curl/docs/INSTALL.md | 667 ++ deps/curl/docs/INTERNALS.md | 63 + deps/curl/docs/IPFS.md | 133 + deps/curl/docs/MAIL-ETIQUETTE.md | 258 + deps/curl/docs/MANUAL.md | 1008 ++ deps/curl/docs/README.md | 18 + deps/curl/docs/RELEASE-PROCEDURE.md | 141 + deps/curl/docs/ROADMAP.md | 17 + deps/curl/docs/RUSTLS.md | 36 + deps/curl/docs/SECURITY-ADVISORY.md | 135 + deps/curl/docs/SPONSORS.md | 55 + deps/curl/docs/SSL-PROBLEMS.md | 97 + deps/curl/docs/SSLCERTS.md | 123 + deps/curl/docs/TheArtOfHttpScripting.md | 712 ++ deps/curl/docs/URL-SYNTAX.md | 395 + deps/curl/docs/VERSIONS.md | 63 + deps/curl/docs/VULN-DISCLOSURE-POLICY.md | 339 + deps/curl/docs/cmdline-opts/CMakeLists.txt | 42 + deps/curl/docs/cmdline-opts/MANPAGE.md | 118 + deps/curl/docs/cmdline-opts/_AUTHORS.md | 5 + deps/curl/docs/cmdline-opts/_BUGS.md | 5 + deps/curl/docs/cmdline-opts/_DESCRIPTION.md | 11 + deps/curl/docs/cmdline-opts/_ENVIRONMENT.md | 114 + deps/curl/docs/cmdline-opts/_EXITCODES.md | 203 + deps/curl/docs/cmdline-opts/_FILES.md | 6 + deps/curl/docs/cmdline-opts/_GLOBBING.md | 40 + deps/curl/docs/cmdline-opts/_NAME.md | 4 + deps/curl/docs/cmdline-opts/_OPTIONS.md | 33 + deps/curl/docs/cmdline-opts/_OUTPUT.md | 11 + deps/curl/docs/cmdline-opts/_PROGRESS.md | 25 + deps/curl/docs/cmdline-opts/_PROTOCOLS.md | 53 + deps/curl/docs/cmdline-opts/_PROXYPREFIX.md | 22 + deps/curl/docs/cmdline-opts/_SEEALSO.md | 5 + deps/curl/docs/cmdline-opts/_SYNOPSIS.md | 5 + deps/curl/docs/cmdline-opts/_URL.md | 28 + deps/curl/docs/cmdline-opts/_VARIABLES.md | 44 + deps/curl/docs/cmdline-opts/_VERSION.md | 15 + deps/curl/docs/cmdline-opts/_WWW.md | 4 + .../docs/cmdline-opts/abstract-unix-socket.md | 21 + deps/curl/docs/cmdline-opts/alt-svc.md | 28 + deps/curl/docs/cmdline-opts/anyauth.md | 30 + deps/curl/docs/cmdline-opts/append.md | 23 + deps/curl/docs/cmdline-opts/aws-sigv4.md | 30 + deps/curl/docs/cmdline-opts/basic.md | 23 + deps/curl/docs/cmdline-opts/ca-native.md | 38 + deps/curl/docs/cmdline-opts/cacert.md | 46 + deps/curl/docs/cmdline-opts/capath.md | 29 + deps/curl/docs/cmdline-opts/cert-status.md | 25 + deps/curl/docs/cmdline-opts/cert-type.md | 26 + deps/curl/docs/cmdline-opts/cert.md | 60 + deps/curl/docs/cmdline-opts/ciphers.md | 25 + deps/curl/docs/cmdline-opts/compressed-ssh.md | 19 + deps/curl/docs/cmdline-opts/compressed.md | 27 + deps/curl/docs/cmdline-opts/config.md | 84 + .../curl/docs/cmdline-opts/connect-timeout.md | 28 + deps/curl/docs/cmdline-opts/connect-to.md | 40 + deps/curl/docs/cmdline-opts/continue-at.md | 32 + deps/curl/docs/cmdline-opts/cookie-jar.md | 39 + deps/curl/docs/cmdline-opts/cookie.md | 62 + deps/curl/docs/cmdline-opts/create-dirs.md | 26 + .../docs/cmdline-opts/create-file-mode.md | 23 + deps/curl/docs/cmdline-opts/crlf.md | 19 + deps/curl/docs/cmdline-opts/crlfile.md | 21 + deps/curl/docs/cmdline-opts/curves.md | 28 + deps/curl/docs/cmdline-opts/data-ascii.md | 21 + deps/curl/docs/cmdline-opts/data-binary.md | 32 + deps/curl/docs/cmdline-opts/data-raw.md | 21 + deps/curl/docs/cmdline-opts/data-urlencode.md | 51 + deps/curl/docs/cmdline-opts/data.md | 49 + deps/curl/docs/cmdline-opts/delegation.md | 30 + deps/curl/docs/cmdline-opts/digest.md | 23 + deps/curl/docs/cmdline-opts/disable-eprt.md | 32 + deps/curl/docs/cmdline-opts/disable-epsv.md | 30 + deps/curl/docs/cmdline-opts/disable.md | 20 + .../cmdline-opts/disallow-username-in-url.md | 18 + deps/curl/docs/cmdline-opts/dns-interface.md | 23 + deps/curl/docs/cmdline-opts/dns-ipv4-addr.md | 23 + deps/curl/docs/cmdline-opts/dns-ipv6-addr.md | 23 + deps/curl/docs/cmdline-opts/dns-servers.md | 24 + .../curl/docs/cmdline-opts/doh-cert-status.md | 26 + deps/curl/docs/cmdline-opts/doh-insecure.md | 27 + deps/curl/docs/cmdline-opts/doh-url.md | 30 + deps/curl/docs/cmdline-opts/dump-ca-embed.md | 25 + deps/curl/docs/cmdline-opts/dump-header.md | 35 + deps/curl/docs/cmdline-opts/ech.md | 52 + deps/curl/docs/cmdline-opts/egd-file.md | 23 + deps/curl/docs/cmdline-opts/engine.md | 22 + deps/curl/docs/cmdline-opts/etag-compare.md | 30 + deps/curl/docs/cmdline-opts/etag-save.md | 25 + .../docs/cmdline-opts/expect100-timeout.md | 25 + deps/curl/docs/cmdline-opts/fail-early.md | 32 + deps/curl/docs/cmdline-opts/fail-with-body.md | 27 + deps/curl/docs/cmdline-opts/fail.md | 35 + deps/curl/docs/cmdline-opts/false-start.md | 23 + deps/curl/docs/cmdline-opts/form-escape.md | 19 + deps/curl/docs/cmdline-opts/form-string.md | 23 + deps/curl/docs/cmdline-opts/form.md | 145 + deps/curl/docs/cmdline-opts/ftp-account.md | 20 + .../cmdline-opts/ftp-alternative-to-user.md | 23 + .../curl/docs/cmdline-opts/ftp-create-dirs.md | 20 + deps/curl/docs/cmdline-opts/ftp-method.md | 36 + deps/curl/docs/cmdline-opts/ftp-pasv.md | 26 + deps/curl/docs/cmdline-opts/ftp-port.md | 51 + deps/curl/docs/cmdline-opts/ftp-pret.md | 21 + .../docs/cmdline-opts/ftp-skip-pasv-ip.md | 24 + .../docs/cmdline-opts/ftp-ssl-ccc-mode.md | 22 + deps/curl/docs/cmdline-opts/ftp-ssl-ccc.md | 22 + .../curl/docs/cmdline-opts/ftp-ssl-control.md | 20 + deps/curl/docs/cmdline-opts/get.md | 28 + deps/curl/docs/cmdline-opts/globoff.md | 22 + .../cmdline-opts/happy-eyeballs-timeout-ms.md | 28 + .../docs/cmdline-opts/haproxy-clientip.md | 33 + .../docs/cmdline-opts/haproxy-protocol.md | 23 + deps/curl/docs/cmdline-opts/head.md | 23 + deps/curl/docs/cmdline-opts/header.md | 68 + deps/curl/docs/cmdline-opts/help.md | 39 + deps/curl/docs/cmdline-opts/hostpubmd5.md | 21 + deps/curl/docs/cmdline-opts/hostpubsha256.md | 23 + deps/curl/docs/cmdline-opts/hsts.md | 32 + deps/curl/docs/cmdline-opts/http0.9.md | 27 + deps/curl/docs/cmdline-opts/http1.0.md | 22 + deps/curl/docs/cmdline-opts/http1.1.md | 21 + .../cmdline-opts/http2-prior-knowledge.md | 29 + deps/curl/docs/cmdline-opts/http2.md | 33 + deps/curl/docs/cmdline-opts/http3-only.md | 32 + deps/curl/docs/cmdline-opts/http3.md | 35 + .../cmdline-opts/ignore-content-length.md | 23 + deps/curl/docs/cmdline-opts/insecure.md | 41 + deps/curl/docs/cmdline-opts/interface.md | 51 + deps/curl/docs/cmdline-opts/ip-tos.md | 27 + deps/curl/docs/cmdline-opts/ipfs-gateway.md | 40 + deps/curl/docs/cmdline-opts/ipv4.md | 24 + deps/curl/docs/cmdline-opts/ipv6.md | 28 + deps/curl/docs/cmdline-opts/json.md | 42 + .../docs/cmdline-opts/junk-session-cookies.md | 22 + deps/curl/docs/cmdline-opts/keepalive-cnt.md | 27 + deps/curl/docs/cmdline-opts/keepalive-time.md | 30 + deps/curl/docs/cmdline-opts/key-type.md | 20 + deps/curl/docs/cmdline-opts/key.md | 34 + deps/curl/docs/cmdline-opts/krb.md | 23 + deps/curl/docs/cmdline-opts/libcurl.md | 21 + deps/curl/docs/cmdline-opts/limit-rate.md | 37 + deps/curl/docs/cmdline-opts/list-only.md | 43 + deps/curl/docs/cmdline-opts/local-port.md | 21 + .../docs/cmdline-opts/location-trusted.md | 26 + deps/curl/docs/cmdline-opts/location.md | 41 + deps/curl/docs/cmdline-opts/login-options.md | 32 + deps/curl/docs/cmdline-opts/mail-auth.md | 21 + deps/curl/docs/cmdline-opts/mail-from.md | 20 + .../docs/cmdline-opts/mail-rcpt-allowfails.md | 28 + deps/curl/docs/cmdline-opts/mail-rcpt.md | 28 + deps/curl/docs/cmdline-opts/manual.md | 20 + deps/curl/docs/cmdline-opts/max-filesize.md | 34 + deps/curl/docs/cmdline-opts/max-redirs.md | 21 + deps/curl/docs/cmdline-opts/max-time.md | 30 + deps/curl/docs/cmdline-opts/metalink.md | 18 + deps/curl/docs/cmdline-opts/mptcp.md | 31 + deps/curl/docs/cmdline-opts/negotiate.md | 28 + deps/curl/docs/cmdline-opts/netrc-file.md | 24 + deps/curl/docs/cmdline-opts/netrc-optional.md | 19 + deps/curl/docs/cmdline-opts/netrc.md | 38 + deps/curl/docs/cmdline-opts/next.md | 33 + deps/curl/docs/cmdline-opts/no-alpn.md | 26 + deps/curl/docs/cmdline-opts/no-buffer.md | 24 + deps/curl/docs/cmdline-opts/no-clobber.md | 28 + deps/curl/docs/cmdline-opts/no-keepalive.md | 22 + deps/curl/docs/cmdline-opts/no-npn.md | 26 + .../docs/cmdline-opts/no-progress-meter.md | 22 + deps/curl/docs/cmdline-opts/no-sessionid.md | 25 + deps/curl/docs/cmdline-opts/noproxy.md | 33 + deps/curl/docs/cmdline-opts/ntlm-wb.md | 22 + deps/curl/docs/cmdline-opts/ntlm.md | 28 + deps/curl/docs/cmdline-opts/oauth2-bearer.md | 25 + deps/curl/docs/cmdline-opts/output-dir.md | 26 + deps/curl/docs/cmdline-opts/output.md | 62 + .../docs/cmdline-opts/parallel-immediate.md | 25 + deps/curl/docs/cmdline-opts/parallel-max.md | 22 + deps/curl/docs/cmdline-opts/parallel.md | 32 + deps/curl/docs/cmdline-opts/pass.md | 20 + deps/curl/docs/cmdline-opts/path-as-is.md | 19 + deps/curl/docs/cmdline-opts/pinnedpubkey.md | 45 + deps/curl/docs/cmdline-opts/post301.md | 24 + deps/curl/docs/cmdline-opts/post302.md | 24 + deps/curl/docs/cmdline-opts/post303.md | 22 + deps/curl/docs/cmdline-opts/preproxy.md | 33 + deps/curl/docs/cmdline-opts/progress-bar.md | 26 + deps/curl/docs/cmdline-opts/proto-default.md | 26 + deps/curl/docs/cmdline-opts/proto-redir.md | 27 + deps/curl/docs/cmdline-opts/proto.md | 48 + deps/curl/docs/cmdline-opts/proxy-anyauth.md | 20 + deps/curl/docs/cmdline-opts/proxy-basic.md | 21 + .../curl/docs/cmdline-opts/proxy-ca-native.md | 30 + deps/curl/docs/cmdline-opts/proxy-cacert.md | 28 + deps/curl/docs/cmdline-opts/proxy-capath.md | 31 + .../curl/docs/cmdline-opts/proxy-cert-type.md | 26 + deps/curl/docs/cmdline-opts/proxy-cert.md | 26 + deps/curl/docs/cmdline-opts/proxy-ciphers.md | 27 + deps/curl/docs/cmdline-opts/proxy-crlfile.md | 23 + deps/curl/docs/cmdline-opts/proxy-digest.md | 20 + deps/curl/docs/cmdline-opts/proxy-header.md | 38 + deps/curl/docs/cmdline-opts/proxy-http2.md | 24 + deps/curl/docs/cmdline-opts/proxy-insecure.md | 30 + deps/curl/docs/cmdline-opts/proxy-key-type.md | 22 + deps/curl/docs/cmdline-opts/proxy-key.md | 21 + .../curl/docs/cmdline-opts/proxy-negotiate.md | 21 + deps/curl/docs/cmdline-opts/proxy-ntlm.md | 20 + deps/curl/docs/cmdline-opts/proxy-pass.md | 21 + .../docs/cmdline-opts/proxy-pinnedpubkey.md | 31 + .../docs/cmdline-opts/proxy-service-name.md | 20 + .../cmdline-opts/proxy-ssl-allow-beast.md | 29 + .../proxy-ssl-auto-client-cert.md | 20 + .../docs/cmdline-opts/proxy-tls13-ciphers.md | 33 + .../docs/cmdline-opts/proxy-tlsauthtype.md | 24 + .../docs/cmdline-opts/proxy-tlspassword.md | 25 + deps/curl/docs/cmdline-opts/proxy-tlsuser.md | 23 + deps/curl/docs/cmdline-opts/proxy-tlsv1.md | 20 + deps/curl/docs/cmdline-opts/proxy-user.md | 29 + deps/curl/docs/cmdline-opts/proxy.md | 62 + deps/curl/docs/cmdline-opts/proxy1.0.md | 25 + deps/curl/docs/cmdline-opts/proxytunnel.md | 24 + deps/curl/docs/cmdline-opts/pubkey.md | 25 + deps/curl/docs/cmdline-opts/quote.md | 90 + deps/curl/docs/cmdline-opts/random-file.md | 22 + deps/curl/docs/cmdline-opts/range.md | 61 + deps/curl/docs/cmdline-opts/rate.md | 46 + deps/curl/docs/cmdline-opts/raw.md | 19 + deps/curl/docs/cmdline-opts/referer.md | 27 + .../docs/cmdline-opts/remote-header-name.md | 39 + .../curl/docs/cmdline-opts/remote-name-all.md | 20 + deps/curl/docs/cmdline-opts/remote-name.md | 42 + deps/curl/docs/cmdline-opts/remote-time.md | 21 + .../curl/docs/cmdline-opts/remove-on-error.md | 23 + deps/curl/docs/cmdline-opts/request-target.md | 25 + deps/curl/docs/cmdline-opts/request.md | 57 + deps/curl/docs/cmdline-opts/resolve.md | 50 + .../docs/cmdline-opts/retry-all-errors.md | 40 + .../docs/cmdline-opts/retry-connrefused.md | 19 + deps/curl/docs/cmdline-opts/retry-delay.md | 21 + deps/curl/docs/cmdline-opts/retry-max-time.md | 23 + deps/curl/docs/cmdline-opts/retry.md | 31 + deps/curl/docs/cmdline-opts/sasl-authzid.md | 25 + deps/curl/docs/cmdline-opts/sasl-ir.md | 17 + deps/curl/docs/cmdline-opts/service-name.md | 19 + deps/curl/docs/cmdline-opts/show-error.md | 19 + deps/curl/docs/cmdline-opts/show-headers.md | 33 + deps/curl/docs/cmdline-opts/silent.md | 25 + deps/curl/docs/cmdline-opts/skip-existing.md | 22 + deps/curl/docs/cmdline-opts/socks4.md | 36 + deps/curl/docs/cmdline-opts/socks4a.md | 35 + deps/curl/docs/cmdline-opts/socks5-basic.md | 19 + .../docs/cmdline-opts/socks5-gssapi-nec.md | 20 + .../cmdline-opts/socks5-gssapi-service.md | 18 + deps/curl/docs/cmdline-opts/socks5-gssapi.md | 20 + .../curl/docs/cmdline-opts/socks5-hostname.md | 34 + deps/curl/docs/cmdline-opts/socks5.md | 36 + deps/curl/docs/cmdline-opts/speed-limit.md | 23 + deps/curl/docs/cmdline-opts/speed-time.md | 25 + .../curl/docs/cmdline-opts/ssl-allow-beast.md | 27 + .../docs/cmdline-opts/ssl-auto-client-cert.md | 21 + deps/curl/docs/cmdline-opts/ssl-no-revoke.md | 19 + deps/curl/docs/cmdline-opts/ssl-reqd.md | 31 + .../cmdline-opts/ssl-revoke-best-effort.md | 20 + deps/curl/docs/cmdline-opts/ssl-sessions.md | 35 + deps/curl/docs/cmdline-opts/ssl.md | 35 + deps/curl/docs/cmdline-opts/sslv2.md | 24 + deps/curl/docs/cmdline-opts/sslv3.md | 24 + deps/curl/docs/cmdline-opts/stderr.md | 21 + deps/curl/docs/cmdline-opts/styled-output.md | 23 + .../cmdline-opts/suppress-connect-headers.md | 23 + deps/curl/docs/cmdline-opts/tcp-fastopen.md | 19 + deps/curl/docs/cmdline-opts/tcp-nodelay.md | 21 + deps/curl/docs/cmdline-opts/telnet-option.md | 28 + deps/curl/docs/cmdline-opts/tftp-blksize.md | 21 + .../curl/docs/cmdline-opts/tftp-no-options.md | 20 + deps/curl/docs/cmdline-opts/time-cond.md | 34 + deps/curl/docs/cmdline-opts/tls-earlydata.md | 45 + deps/curl/docs/cmdline-opts/tls-max.md | 44 + deps/curl/docs/cmdline-opts/tls13-ciphers.md | 31 + deps/curl/docs/cmdline-opts/tlsauthtype.md | 23 + deps/curl/docs/cmdline-opts/tlspassword.md | 22 + deps/curl/docs/cmdline-opts/tlsuser.md | 22 + deps/curl/docs/cmdline-opts/tlsv1.0.md | 22 + deps/curl/docs/cmdline-opts/tlsv1.1.md | 23 + deps/curl/docs/cmdline-opts/tlsv1.2.md | 23 + deps/curl/docs/cmdline-opts/tlsv1.3.md | 25 + deps/curl/docs/cmdline-opts/tlsv1.md | 24 + deps/curl/docs/cmdline-opts/tr-encoding.md | 19 + deps/curl/docs/cmdline-opts/trace-ascii.md | 31 + deps/curl/docs/cmdline-opts/trace-config.md | 27 + deps/curl/docs/cmdline-opts/trace-ids.md | 19 + deps/curl/docs/cmdline-opts/trace-time.md | 19 + deps/curl/docs/cmdline-opts/trace.md | 30 + deps/curl/docs/cmdline-opts/unix-socket.md | 19 + deps/curl/docs/cmdline-opts/upload-file.md | 53 + deps/curl/docs/cmdline-opts/upload-flags.md | 24 + deps/curl/docs/cmdline-opts/url-query.md | 32 + deps/curl/docs/cmdline-opts/url.md | 49 + deps/curl/docs/cmdline-opts/use-ascii.md | 22 + deps/curl/docs/cmdline-opts/user-agent.md | 29 + deps/curl/docs/cmdline-opts/user.md | 50 + deps/curl/docs/cmdline-opts/variable.md | 110 + deps/curl/docs/cmdline-opts/verbose.md | 60 + deps/curl/docs/cmdline-opts/version.md | 137 + deps/curl/docs/cmdline-opts/vlan-priority.md | 23 + deps/curl/docs/cmdline-opts/write-out.md | 350 + deps/curl/docs/cmdline-opts/xattr.md | 23 + deps/curl/docs/curl-config.md | 124 + deps/curl/docs/examples/CMakeLists.txt | 43 + deps/curl/docs/examples/README.md | 41 + deps/curl/docs/internals/BUFQ.md | 187 + deps/curl/docs/internals/BUFREF.md | 86 + deps/curl/docs/internals/CHECKSRC.md | 190 + deps/curl/docs/internals/CLIENT-READERS.md | 132 + deps/curl/docs/internals/CLIENT-WRITERS.md | 123 + deps/curl/docs/internals/CODE_STYLE.md | 363 + .../curl/docs/internals/CONNECTION-FILTERS.md | 308 + deps/curl/docs/internals/DYNBUF.md | 145 + deps/curl/docs/internals/HASH.md | 188 + deps/curl/docs/internals/LLIST.md | 195 + deps/curl/docs/internals/MQTT.md | 53 + deps/curl/docs/internals/MULTI-EV.md | 127 + deps/curl/docs/internals/NEW-PROTOCOL.md | 116 + deps/curl/docs/internals/README.md | 12 + deps/curl/docs/internals/SPLAY.md | 111 + deps/curl/docs/internals/STRPARSE.md | 230 + deps/curl/docs/internals/TLS-SESSIONS.md | 163 + deps/curl/docs/internals/WEBSOCKET.md | 133 + deps/curl/docs/libcurl/ABI.md | 68 + deps/curl/docs/libcurl/CMakeLists.txt | 88 + deps/curl/docs/libcurl/curl_easy_cleanup.md | 79 + deps/curl/docs/libcurl/curl_easy_duphandle.md | 75 + deps/curl/docs/libcurl/curl_easy_escape.md | 92 + deps/curl/docs/libcurl/curl_easy_getinfo.md | 445 + deps/curl/docs/libcurl/curl_easy_header.md | 165 + deps/curl/docs/libcurl/curl_easy_init.md | 76 + .../curl/docs/libcurl/curl_easy_nextheader.md | 103 + .../docs/libcurl/curl_easy_option_by_id.md | 56 + .../docs/libcurl/curl_easy_option_by_name.md | 55 + .../docs/libcurl/curl_easy_option_next.md | 92 + deps/curl/docs/libcurl/curl_easy_pause.md | 146 + deps/curl/docs/libcurl/curl_easy_perform.md | 88 + deps/curl/docs/libcurl/curl_easy_recv.md | 106 + deps/curl/docs/libcurl/curl_easy_reset.md | 59 + deps/curl/docs/libcurl/curl_easy_send.md | 98 + deps/curl/docs/libcurl/curl_easy_setopt.md | 1371 +++ .../docs/libcurl/curl_easy_ssls_export.md | 172 + .../docs/libcurl/curl_easy_ssls_import.md | 90 + deps/curl/docs/libcurl/curl_easy_strerror.md | 62 + deps/curl/docs/libcurl/curl_easy_unescape.md | 76 + deps/curl/docs/libcurl/curl_easy_upkeep.md | 87 + deps/curl/docs/libcurl/curl_escape.md | 65 + deps/curl/docs/libcurl/curl_formadd.md | 319 + deps/curl/docs/libcurl/curl_formfree.md | 83 + deps/curl/docs/libcurl/curl_formget.md | 75 + deps/curl/docs/libcurl/curl_free.md | 55 + deps/curl/docs/libcurl/curl_getdate.md | 134 + deps/curl/docs/libcurl/curl_getenv.md | 60 + deps/curl/docs/libcurl/curl_global_cleanup.md | 82 + deps/curl/docs/libcurl/curl_global_init.md | 133 + .../curl/docs/libcurl/curl_global_init_mem.md | 102 + deps/curl/docs/libcurl/curl_global_sslset.md | 141 + deps/curl/docs/libcurl/curl_global_trace.md | 200 + deps/curl/docs/libcurl/curl_mime_addpart.md | 75 + deps/curl/docs/libcurl/curl_mime_data.md | 86 + deps/curl/docs/libcurl/curl_mime_data_cb.md | 178 + deps/curl/docs/libcurl/curl_mime_encoder.md | 110 + deps/curl/docs/libcurl/curl_mime_filedata.md | 99 + deps/curl/docs/libcurl/curl_mime_filename.md | 89 + deps/curl/docs/libcurl/curl_mime_free.md | 70 + deps/curl/docs/libcurl/curl_mime_headers.md | 88 + deps/curl/docs/libcurl/curl_mime_init.md | 77 + deps/curl/docs/libcurl/curl_mime_name.md | 77 + deps/curl/docs/libcurl/curl_mime_subparts.md | 93 + deps/curl/docs/libcurl/curl_mime_type.md | 96 + deps/curl/docs/libcurl/curl_mprintf.md | 290 + .../docs/libcurl/curl_multi_add_handle.md | 94 + deps/curl/docs/libcurl/curl_multi_assign.md | 87 + deps/curl/docs/libcurl/curl_multi_cleanup.md | 76 + deps/curl/docs/libcurl/curl_multi_fdset.md | 129 + .../docs/libcurl/curl_multi_get_handles.md | 80 + .../curl/docs/libcurl/curl_multi_info_read.md | 105 + deps/curl/docs/libcurl/curl_multi_init.md | 64 + deps/curl/docs/libcurl/curl_multi_perform.md | 113 + deps/curl/docs/libcurl/curl_multi_poll.md | 147 + .../docs/libcurl/curl_multi_remove_handle.md | 79 + deps/curl/docs/libcurl/curl_multi_setopt.md | 133 + deps/curl/docs/libcurl/curl_multi_socket.md | 88 + .../docs/libcurl/curl_multi_socket_action.md | 125 + .../docs/libcurl/curl_multi_socket_all.md | 68 + deps/curl/docs/libcurl/curl_multi_strerror.md | 54 + deps/curl/docs/libcurl/curl_multi_timeout.md | 95 + deps/curl/docs/libcurl/curl_multi_wait.md | 126 + deps/curl/docs/libcurl/curl_multi_waitfds.md | 112 + deps/curl/docs/libcurl/curl_multi_wakeup.md | 97 + .../docs/libcurl/curl_pushheader_byname.md | 85 + .../docs/libcurl/curl_pushheader_bynum.md | 72 + deps/curl/docs/libcurl/curl_share_cleanup.md | 60 + deps/curl/docs/libcurl/curl_share_init.md | 59 + deps/curl/docs/libcurl/curl_share_setopt.md | 74 + deps/curl/docs/libcurl/curl_share_strerror.md | 53 + deps/curl/docs/libcurl/curl_slist_append.md | 78 + deps/curl/docs/libcurl/curl_slist_free_all.md | 64 + deps/curl/docs/libcurl/curl_strequal.md | 59 + deps/curl/docs/libcurl/curl_strnequal.md | 62 + deps/curl/docs/libcurl/curl_unescape.md | 72 + deps/curl/docs/libcurl/curl_url.md | 67 + deps/curl/docs/libcurl/curl_url_cleanup.md | 57 + deps/curl/docs/libcurl/curl_url_dup.md | 59 + deps/curl/docs/libcurl/curl_url_get.md | 248 + deps/curl/docs/libcurl/curl_url_set.md | 274 + deps/curl/docs/libcurl/curl_url_strerror.md | 56 + deps/curl/docs/libcurl/curl_version.md | 49 + deps/curl/docs/libcurl/curl_version_info.md | 413 + deps/curl/docs/libcurl/curl_ws_meta.md | 171 + deps/curl/docs/libcurl/curl_ws_recv.md | 132 + deps/curl/docs/libcurl/curl_ws_send.md | 135 + deps/curl/docs/libcurl/libcurl-easy.md | 54 + deps/curl/docs/libcurl/libcurl-env-dbg.md | 149 + deps/curl/docs/libcurl/libcurl-env.md | 102 + deps/curl/docs/libcurl/libcurl-errors.md | 764 ++ deps/curl/docs/libcurl/libcurl-multi.md | 181 + deps/curl/docs/libcurl/libcurl-security.md | 499 + deps/curl/docs/libcurl/libcurl-share.md | 65 + deps/curl/docs/libcurl/libcurl-thread.md | 120 + deps/curl/docs/libcurl/libcurl-tutorial.md | 1458 +++ deps/curl/docs/libcurl/libcurl-url.md | 163 + deps/curl/docs/libcurl/libcurl-ws.md | 135 + deps/curl/docs/libcurl/libcurl.md | 250 + deps/curl/docs/libcurl/opts/CMakeLists.txt | 37 + .../libcurl/opts/CURLINFO_ACTIVESOCKET.md | 84 + .../libcurl/opts/CURLINFO_APPCONNECT_TIME.md | 73 + .../opts/CURLINFO_APPCONNECT_TIME_T.md | 74 + .../curl/docs/libcurl/opts/CURLINFO_CAINFO.md | 70 + .../curl/docs/libcurl/opts/CURLINFO_CAPATH.md | 73 + .../docs/libcurl/opts/CURLINFO_CERTINFO.md | 110 + .../libcurl/opts/CURLINFO_CONDITION_UNMET.md | 82 + .../libcurl/opts/CURLINFO_CONNECT_TIME.md | 69 + .../libcurl/opts/CURLINFO_CONNECT_TIME_T.md | 72 + .../docs/libcurl/opts/CURLINFO_CONN_ID.md | 72 + .../opts/CURLINFO_CONTENT_LENGTH_DOWNLOAD.md | 76 + .../CURLINFO_CONTENT_LENGTH_DOWNLOAD_T.md | 69 + .../opts/CURLINFO_CONTENT_LENGTH_UPLOAD.md | 75 + .../opts/CURLINFO_CONTENT_LENGTH_UPLOAD_T.md | 68 + .../libcurl/opts/CURLINFO_CONTENT_TYPE.md | 77 + .../docs/libcurl/opts/CURLINFO_COOKIELIST.md | 84 + .../libcurl/opts/CURLINFO_EARLYDATA_SENT_T.md | 78 + .../libcurl/opts/CURLINFO_EFFECTIVE_METHOD.md | 74 + .../libcurl/opts/CURLINFO_EFFECTIVE_URL.md | 70 + .../docs/libcurl/opts/CURLINFO_FILETIME.md | 79 + .../docs/libcurl/opts/CURLINFO_FILETIME_T.md | 80 + .../libcurl/opts/CURLINFO_FTP_ENTRY_PATH.md | 76 + .../docs/libcurl/opts/CURLINFO_HEADER_SIZE.md | 67 + .../libcurl/opts/CURLINFO_HTTPAUTH_AVAIL.md | 77 + .../libcurl/opts/CURLINFO_HTTPAUTH_USED.md | 79 + .../libcurl/opts/CURLINFO_HTTP_CONNECTCODE.md | 67 + .../libcurl/opts/CURLINFO_HTTP_VERSION.md | 63 + .../docs/libcurl/opts/CURLINFO_LASTSOCKET.md | 84 + .../docs/libcurl/opts/CURLINFO_LOCAL_IP.md | 75 + .../docs/libcurl/opts/CURLINFO_LOCAL_PORT.md | 74 + .../libcurl/opts/CURLINFO_NAMELOOKUP_TIME.md | 70 + .../opts/CURLINFO_NAMELOOKUP_TIME_T.md | 71 + .../libcurl/opts/CURLINFO_NUM_CONNECTS.md | 67 + .../docs/libcurl/opts/CURLINFO_OS_ERRNO.md | 72 + .../opts/CURLINFO_POSTTRANSFER_TIME_T.md | 73 + .../libcurl/opts/CURLINFO_PRETRANSFER_TIME.md | 75 + .../opts/CURLINFO_PRETRANSFER_TIME_T.md | 77 + .../docs/libcurl/opts/CURLINFO_PRIMARY_IP.md | 75 + .../libcurl/opts/CURLINFO_PRIMARY_PORT.md | 69 + .../docs/libcurl/opts/CURLINFO_PRIVATE.md | 70 + .../docs/libcurl/opts/CURLINFO_PROTOCOL.md | 79 + .../libcurl/opts/CURLINFO_PROXYAUTH_AVAIL.md | 78 + .../libcurl/opts/CURLINFO_PROXYAUTH_USED.md | 82 + .../docs/libcurl/opts/CURLINFO_PROXY_ERROR.md | 107 + .../opts/CURLINFO_PROXY_SSL_VERIFYRESULT.md | 80 + .../libcurl/opts/CURLINFO_QUEUE_TIME_T.md | 72 + .../libcurl/opts/CURLINFO_REDIRECT_COUNT.md | 64 + .../libcurl/opts/CURLINFO_REDIRECT_TIME.md | 72 + .../libcurl/opts/CURLINFO_REDIRECT_TIME_T.md | 74 + .../libcurl/opts/CURLINFO_REDIRECT_URL.md | 71 + .../docs/libcurl/opts/CURLINFO_REFERER.md | 69 + .../libcurl/opts/CURLINFO_REQUEST_SIZE.md | 65 + .../libcurl/opts/CURLINFO_RESPONSE_CODE.md | 74 + .../docs/libcurl/opts/CURLINFO_RETRY_AFTER.md | 78 + .../libcurl/opts/CURLINFO_RTSP_CLIENT_CSEQ.md | 63 + .../libcurl/opts/CURLINFO_RTSP_CSEQ_RECV.md | 63 + .../libcurl/opts/CURLINFO_RTSP_SERVER_CSEQ.md | 67 + .../libcurl/opts/CURLINFO_RTSP_SESSION_ID.md | 68 + .../curl/docs/libcurl/opts/CURLINFO_SCHEME.md | 73 + .../libcurl/opts/CURLINFO_SIZE_DOWNLOAD.md | 79 + .../libcurl/opts/CURLINFO_SIZE_DOWNLOAD_T.md | 72 + .../docs/libcurl/opts/CURLINFO_SIZE_UPLOAD.md | 75 + .../libcurl/opts/CURLINFO_SIZE_UPLOAD_T.md | 68 + .../libcurl/opts/CURLINFO_SPEED_DOWNLOAD.md | 75 + .../libcurl/opts/CURLINFO_SPEED_DOWNLOAD_T.md | 69 + .../libcurl/opts/CURLINFO_SPEED_UPLOAD.md | 73 + .../libcurl/opts/CURLINFO_SPEED_UPLOAD_T.md | 67 + .../docs/libcurl/opts/CURLINFO_SSL_ENGINES.md | 69 + .../libcurl/opts/CURLINFO_SSL_VERIFYRESULT.md | 79 + .../opts/CURLINFO_STARTTRANSFER_TIME.md | 73 + .../opts/CURLINFO_STARTTRANSFER_TIME_T.md | 75 + .../docs/libcurl/opts/CURLINFO_TLS_SESSION.md | 83 + .../docs/libcurl/opts/CURLINFO_TLS_SSL_PTR.md | 183 + .../docs/libcurl/opts/CURLINFO_TOTAL_TIME.md | 71 + .../libcurl/opts/CURLINFO_TOTAL_TIME_T.md | 72 + .../docs/libcurl/opts/CURLINFO_USED_PROXY.md | 71 + .../docs/libcurl/opts/CURLINFO_XFER_ID.md | 72 + .../CURLMOPT_CHUNK_LENGTH_PENALTY_SIZE.md | 63 + .../CURLMOPT_CONTENT_LENGTH_PENALTY_SIZE.md | 62 + .../docs/libcurl/opts/CURLMOPT_MAXCONNECTS.md | 75 + .../opts/CURLMOPT_MAX_CONCURRENT_STREAMS.md | 61 + .../opts/CURLMOPT_MAX_HOST_CONNECTIONS.md | 80 + .../opts/CURLMOPT_MAX_PIPELINE_LENGTH.md | 66 + .../opts/CURLMOPT_MAX_TOTAL_CONNECTIONS.md | 77 + .../docs/libcurl/opts/CURLMOPT_PIPELINING.md | 85 + .../opts/CURLMOPT_PIPELINING_SERVER_BL.md | 72 + .../opts/CURLMOPT_PIPELINING_SITE_BL.md | 68 + .../docs/libcurl/opts/CURLMOPT_PUSHDATA.md | 89 + .../libcurl/opts/CURLMOPT_PUSHFUNCTION.md | 150 + .../docs/libcurl/opts/CURLMOPT_SOCKETDATA.md | 81 + .../libcurl/opts/CURLMOPT_SOCKETFUNCTION.md | 142 + .../docs/libcurl/opts/CURLMOPT_TIMERDATA.md | 77 + .../libcurl/opts/CURLMOPT_TIMERFUNCTION.md | 109 + .../opts/CURLOPT_ABSTRACT_UNIX_SOCKET.md | 73 + .../libcurl/opts/CURLOPT_ACCEPTTIMEOUT_MS.md | 63 + .../libcurl/opts/CURLOPT_ACCEPT_ENCODING.md | 120 + .../libcurl/opts/CURLOPT_ADDRESS_SCOPE.md | 65 + deps/curl/docs/libcurl/opts/CURLOPT_ALTSVC.md | 125 + .../docs/libcurl/opts/CURLOPT_ALTSVC_CTRL.md | 101 + deps/curl/docs/libcurl/opts/CURLOPT_APPEND.md | 68 + .../docs/libcurl/opts/CURLOPT_AUTOREFERER.md | 79 + .../docs/libcurl/opts/CURLOPT_AWS_SIGV4.md | 129 + .../docs/libcurl/opts/CURLOPT_BUFFERSIZE.md | 86 + deps/curl/docs/libcurl/opts/CURLOPT_CAINFO.md | 95 + .../docs/libcurl/opts/CURLOPT_CAINFO_BLOB.md | 95 + deps/curl/docs/libcurl/opts/CURLOPT_CAPATH.md | 85 + .../libcurl/opts/CURLOPT_CA_CACHE_TIMEOUT.md | 92 + .../docs/libcurl/opts/CURLOPT_CERTINFO.md | 101 + .../opts/CURLOPT_CHUNK_BGN_FUNCTION.md | 154 + .../docs/libcurl/opts/CURLOPT_CHUNK_DATA.md | 104 + .../opts/CURLOPT_CHUNK_END_FUNCTION.md | 84 + .../libcurl/opts/CURLOPT_CLOSESOCKETDATA.md | 77 + .../opts/CURLOPT_CLOSESOCKETFUNCTION.md | 88 + .../libcurl/opts/CURLOPT_CONNECTTIMEOUT.md | 89 + .../libcurl/opts/CURLOPT_CONNECTTIMEOUT_MS.md | 90 + .../docs/libcurl/opts/CURLOPT_CONNECT_ONLY.md | 89 + .../docs/libcurl/opts/CURLOPT_CONNECT_TO.md | 119 + .../CURLOPT_CONV_FROM_NETWORK_FUNCTION.md | 120 + .../opts/CURLOPT_CONV_FROM_UTF8_FUNCTION.md | 113 + .../opts/CURLOPT_CONV_TO_NETWORK_FUNCTION.md | 116 + deps/curl/docs/libcurl/opts/CURLOPT_COOKIE.md | 95 + .../docs/libcurl/opts/CURLOPT_COOKIEFILE.md | 103 + .../docs/libcurl/opts/CURLOPT_COOKIEJAR.md | 95 + .../docs/libcurl/opts/CURLOPT_COOKIELIST.md | 141 + .../libcurl/opts/CURLOPT_COOKIESESSION.md | 77 + .../libcurl/opts/CURLOPT_COPYPOSTFIELDS.md | 84 + deps/curl/docs/libcurl/opts/CURLOPT_CRLF.md | 64 + .../curl/docs/libcurl/opts/CURLOPT_CRLFILE.md | 91 + deps/curl/docs/libcurl/opts/CURLOPT_CURLU.md | 81 + .../libcurl/opts/CURLOPT_CUSTOMREQUEST.md | 142 + .../docs/libcurl/opts/CURLOPT_DEBUGDATA.md | 88 + .../libcurl/opts/CURLOPT_DEBUGFUNCTION.md | 220 + .../libcurl/opts/CURLOPT_DEFAULT_PROTOCOL.md | 91 + .../docs/libcurl/opts/CURLOPT_DIRLISTONLY.md | 91 + .../opts/CURLOPT_DISALLOW_USERNAME_IN_URL.md | 70 + .../libcurl/opts/CURLOPT_DNS_CACHE_TIMEOUT.md | 91 + .../libcurl/opts/CURLOPT_DNS_INTERFACE.md | 76 + .../libcurl/opts/CURLOPT_DNS_LOCAL_IP4.md | 75 + .../libcurl/opts/CURLOPT_DNS_LOCAL_IP6.md | 75 + .../docs/libcurl/opts/CURLOPT_DNS_SERVERS.md | 80 + .../opts/CURLOPT_DNS_SHUFFLE_ADDRESSES.md | 74 + .../opts/CURLOPT_DNS_USE_GLOBAL_CACHE.md | 74 + .../opts/CURLOPT_DOH_SSL_VERIFYHOST.md | 92 + .../opts/CURLOPT_DOH_SSL_VERIFYPEER.md | 104 + .../opts/CURLOPT_DOH_SSL_VERIFYSTATUS.md | 79 + .../curl/docs/libcurl/opts/CURLOPT_DOH_URL.md | 100 + deps/curl/docs/libcurl/opts/CURLOPT_ECH.md | 110 + .../docs/libcurl/opts/CURLOPT_EGDSOCKET.md | 47 + .../docs/libcurl/opts/CURLOPT_ERRORBUFFER.md | 106 + .../opts/CURLOPT_EXPECT_100_TIMEOUT_MS.md | 66 + .../docs/libcurl/opts/CURLOPT_FAILONERROR.md | 76 + .../docs/libcurl/opts/CURLOPT_FILETIME.md | 78 + .../docs/libcurl/opts/CURLOPT_FNMATCH_DATA.md | 82 + .../libcurl/opts/CURLOPT_FNMATCH_FUNCTION.md | 90 + .../libcurl/opts/CURLOPT_FOLLOWLOCATION.md | 152 + .../docs/libcurl/opts/CURLOPT_FORBID_REUSE.md | 71 + .../libcurl/opts/CURLOPT_FRESH_CONNECT.md | 70 + .../curl/docs/libcurl/opts/CURLOPT_FTPPORT.md | 99 + .../docs/libcurl/opts/CURLOPT_FTPSSLAUTH.md | 78 + .../docs/libcurl/opts/CURLOPT_FTP_ACCOUNT.md | 71 + .../opts/CURLOPT_FTP_ALTERNATIVE_TO_USER.md | 71 + .../opts/CURLOPT_FTP_CREATE_MISSING_DIRS.md | 88 + .../libcurl/opts/CURLOPT_FTP_FILEMETHOD.md | 88 + .../libcurl/opts/CURLOPT_FTP_SKIP_PASV_IP.md | 74 + .../docs/libcurl/opts/CURLOPT_FTP_SSL_CCC.md | 80 + .../docs/libcurl/opts/CURLOPT_FTP_USE_EPRT.md | 77 + .../docs/libcurl/opts/CURLOPT_FTP_USE_EPSV.md | 75 + .../docs/libcurl/opts/CURLOPT_FTP_USE_PRET.md | 68 + .../libcurl/opts/CURLOPT_GSSAPI_DELEGATION.md | 67 + .../opts/CURLOPT_HAPPY_EYEBALLS_TIMEOUT_MS.md | 73 + .../libcurl/opts/CURLOPT_HAPROXYPROTOCOL.md | 66 + .../libcurl/opts/CURLOPT_HAPROXY_CLIENT_IP.md | 71 + deps/curl/docs/libcurl/opts/CURLOPT_HEADER.md | 82 + .../docs/libcurl/opts/CURLOPT_HEADERDATA.md | 91 + .../libcurl/opts/CURLOPT_HEADERFUNCTION.md | 137 + .../docs/libcurl/opts/CURLOPT_HEADEROPT.md | 83 + deps/curl/docs/libcurl/opts/CURLOPT_HSTS.md | 92 + .../docs/libcurl/opts/CURLOPT_HSTSREADDATA.md | 71 + .../libcurl/opts/CURLOPT_HSTSREADFUNCTION.md | 105 + .../libcurl/opts/CURLOPT_HSTSWRITEDATA.md | 71 + .../libcurl/opts/CURLOPT_HSTSWRITEFUNCTION.md | 109 + .../docs/libcurl/opts/CURLOPT_HSTS_CTRL.md | 80 + .../libcurl/opts/CURLOPT_HTTP09_ALLOWED.md | 70 + .../libcurl/opts/CURLOPT_HTTP200ALIASES.md | 83 + .../docs/libcurl/opts/CURLOPT_HTTPAUTH.md | 167 + .../curl/docs/libcurl/opts/CURLOPT_HTTPGET.md | 73 + .../docs/libcurl/opts/CURLOPT_HTTPHEADER.md | 199 + .../docs/libcurl/opts/CURLOPT_HTTPPOST.md | 106 + .../libcurl/opts/CURLOPT_HTTPPROXYTUNNEL.md | 77 + .../opts/CURLOPT_HTTP_CONTENT_DECODING.md | 64 + .../opts/CURLOPT_HTTP_TRANSFER_DECODING.md | 62 + .../docs/libcurl/opts/CURLOPT_HTTP_VERSION.md | 125 + .../opts/CURLOPT_IGNORE_CONTENT_LENGTH.md | 79 + .../docs/libcurl/opts/CURLOPT_INFILESIZE.md | 91 + .../libcurl/opts/CURLOPT_INFILESIZE_LARGE.md | 87 + .../docs/libcurl/opts/CURLOPT_INTERFACE.md | 95 + .../libcurl/opts/CURLOPT_INTERLEAVEDATA.md | 74 + .../opts/CURLOPT_INTERLEAVEFUNCTION.md | 104 + .../docs/libcurl/opts/CURLOPT_IOCTLDATA.md | 78 + .../libcurl/opts/CURLOPT_IOCTLFUNCTION.md | 109 + .../docs/libcurl/opts/CURLOPT_IPRESOLVE.md | 85 + .../docs/libcurl/opts/CURLOPT_ISSUERCERT.md | 84 + .../libcurl/opts/CURLOPT_ISSUERCERT_BLOB.md | 95 + .../opts/CURLOPT_KEEP_SENDING_ON_ERROR.md | 70 + .../docs/libcurl/opts/CURLOPT_KEYPASSWD.md | 81 + .../docs/libcurl/opts/CURLOPT_KRBLEVEL.md | 74 + .../docs/libcurl/opts/CURLOPT_LOCALPORT.md | 66 + .../libcurl/opts/CURLOPT_LOCALPORTRANGE.md | 69 + .../libcurl/opts/CURLOPT_LOGIN_OPTIONS.md | 87 + .../libcurl/opts/CURLOPT_LOW_SPEED_LIMIT.md | 72 + .../libcurl/opts/CURLOPT_LOW_SPEED_TIME.md | 69 + .../docs/libcurl/opts/CURLOPT_MAIL_AUTH.md | 80 + .../docs/libcurl/opts/CURLOPT_MAIL_FROM.md | 73 + .../docs/libcurl/opts/CURLOPT_MAIL_RCPT.md | 87 + .../opts/CURLOPT_MAIL_RCPT_ALLOWFAILS.md | 86 + .../docs/libcurl/opts/CURLOPT_MAXAGE_CONN.md | 73 + .../docs/libcurl/opts/CURLOPT_MAXCONNECTS.md | 77 + .../docs/libcurl/opts/CURLOPT_MAXFILESIZE.md | 73 + .../libcurl/opts/CURLOPT_MAXFILESIZE_LARGE.md | 75 + .../libcurl/opts/CURLOPT_MAXLIFETIME_CONN.md | 75 + .../docs/libcurl/opts/CURLOPT_MAXREDIRS.md | 74 + .../opts/CURLOPT_MAX_RECV_SPEED_LARGE.md | 72 + .../opts/CURLOPT_MAX_SEND_SPEED_LARGE.md | 74 + .../docs/libcurl/opts/CURLOPT_MIMEPOST.md | 82 + .../docs/libcurl/opts/CURLOPT_MIME_OPTIONS.md | 101 + deps/curl/docs/libcurl/opts/CURLOPT_NETRC.md | 145 + .../docs/libcurl/opts/CURLOPT_NETRC_FILE.md | 70 + .../opts/CURLOPT_NEW_DIRECTORY_PERMS.md | 68 + .../libcurl/opts/CURLOPT_NEW_FILE_PERMS.md | 64 + deps/curl/docs/libcurl/opts/CURLOPT_NOBODY.md | 80 + .../docs/libcurl/opts/CURLOPT_NOPROGRESS.md | 67 + .../curl/docs/libcurl/opts/CURLOPT_NOPROXY.md | 94 + .../docs/libcurl/opts/CURLOPT_NOSIGNAL.md | 78 + .../libcurl/opts/CURLOPT_OPENSOCKETDATA.md | 94 + .../opts/CURLOPT_OPENSOCKETFUNCTION.md | 141 + .../docs/libcurl/opts/CURLOPT_PASSWORD.md | 75 + .../docs/libcurl/opts/CURLOPT_PATH_AS_IS.md | 80 + .../libcurl/opts/CURLOPT_PINNEDPUBLICKEY.md | 155 + .../docs/libcurl/opts/CURLOPT_PIPEWAIT.md | 80 + deps/curl/docs/libcurl/opts/CURLOPT_PORT.md | 74 + deps/curl/docs/libcurl/opts/CURLOPT_POST.md | 104 + .../docs/libcurl/opts/CURLOPT_POSTFIELDS.md | 130 + .../libcurl/opts/CURLOPT_POSTFIELDSIZE.md | 73 + .../opts/CURLOPT_POSTFIELDSIZE_LARGE.md | 74 + .../docs/libcurl/opts/CURLOPT_POSTQUOTE.md | 80 + .../docs/libcurl/opts/CURLOPT_POSTREDIR.md | 87 + .../docs/libcurl/opts/CURLOPT_PREQUOTE.md | 84 + .../docs/libcurl/opts/CURLOPT_PREREQDATA.md | 75 + .../libcurl/opts/CURLOPT_PREREQFUNCTION.md | 128 + .../docs/libcurl/opts/CURLOPT_PRE_PROXY.md | 88 + .../curl/docs/libcurl/opts/CURLOPT_PRIVATE.md | 74 + .../docs/libcurl/opts/CURLOPT_PROGRESSDATA.md | 82 + .../libcurl/opts/CURLOPT_PROGRESSFUNCTION.md | 132 + .../docs/libcurl/opts/CURLOPT_PROTOCOLS.md | 110 + .../libcurl/opts/CURLOPT_PROTOCOLS_STR.md | 90 + deps/curl/docs/libcurl/opts/CURLOPT_PROXY.md | 164 + .../docs/libcurl/opts/CURLOPT_PROXYAUTH.md | 77 + .../docs/libcurl/opts/CURLOPT_PROXYHEADER.md | 86 + .../libcurl/opts/CURLOPT_PROXYPASSWORD.md | 74 + .../docs/libcurl/opts/CURLOPT_PROXYPORT.md | 74 + .../docs/libcurl/opts/CURLOPT_PROXYTYPE.md | 103 + .../libcurl/opts/CURLOPT_PROXYUSERNAME.md | 74 + .../docs/libcurl/opts/CURLOPT_PROXYUSERPWD.md | 75 + .../docs/libcurl/opts/CURLOPT_PROXY_CAINFO.md | 102 + .../libcurl/opts/CURLOPT_PROXY_CAINFO_BLOB.md | 95 + .../docs/libcurl/opts/CURLOPT_PROXY_CAPATH.md | 85 + .../libcurl/opts/CURLOPT_PROXY_CRLFILE.md | 91 + .../libcurl/opts/CURLOPT_PROXY_ISSUERCERT.md | 88 + .../opts/CURLOPT_PROXY_ISSUERCERT_BLOB.md | 98 + .../libcurl/opts/CURLOPT_PROXY_KEYPASSWD.md | 79 + .../opts/CURLOPT_PROXY_PINNEDPUBLICKEY.md | 137 + .../opts/CURLOPT_PROXY_SERVICE_NAME.md | 69 + .../libcurl/opts/CURLOPT_PROXY_SSLCERT.md | 90 + .../libcurl/opts/CURLOPT_PROXY_SSLCERTTYPE.md | 84 + .../opts/CURLOPT_PROXY_SSLCERT_BLOB.md | 89 + .../docs/libcurl/opts/CURLOPT_PROXY_SSLKEY.md | 84 + .../libcurl/opts/CURLOPT_PROXY_SSLKEYTYPE.md | 75 + .../libcurl/opts/CURLOPT_PROXY_SSLKEY_BLOB.md | 89 + .../libcurl/opts/CURLOPT_PROXY_SSLVERSION.md | 134 + .../opts/CURLOPT_PROXY_SSL_CIPHER_LIST.md | 108 + .../libcurl/opts/CURLOPT_PROXY_SSL_OPTIONS.md | 123 + .../opts/CURLOPT_PROXY_SSL_VERIFYHOST.md | 94 + .../opts/CURLOPT_PROXY_SSL_VERIFYPEER.md | 96 + .../opts/CURLOPT_PROXY_TLS13_CIPHERS.md | 101 + .../opts/CURLOPT_PROXY_TLSAUTH_PASSWORD.md | 78 + .../opts/CURLOPT_PROXY_TLSAUTH_TYPE.md | 85 + .../opts/CURLOPT_PROXY_TLSAUTH_USERNAME.md | 78 + .../opts/CURLOPT_PROXY_TRANSFER_MODE.md | 70 + deps/curl/docs/libcurl/opts/CURLOPT_PUT.md | 95 + .../docs/libcurl/opts/CURLOPT_QUICK_EXIT.md | 64 + deps/curl/docs/libcurl/opts/CURLOPT_QUOTE.md | 172 + .../docs/libcurl/opts/CURLOPT_RANDOM_FILE.md | 47 + deps/curl/docs/libcurl/opts/CURLOPT_RANGE.md | 98 + .../docs/libcurl/opts/CURLOPT_READDATA.md | 80 + .../docs/libcurl/opts/CURLOPT_READFUNCTION.md | 126 + .../libcurl/opts/CURLOPT_REDIR_PROTOCOLS.md | 120 + .../opts/CURLOPT_REDIR_PROTOCOLS_STR.md | 99 + .../curl/docs/libcurl/opts/CURLOPT_REFERER.md | 71 + .../libcurl/opts/CURLOPT_REQUEST_TARGET.md | 75 + .../curl/docs/libcurl/opts/CURLOPT_RESOLVE.md | 132 + .../opts/CURLOPT_RESOLVER_START_DATA.md | 72 + .../opts/CURLOPT_RESOLVER_START_FUNCTION.md | 90 + .../docs/libcurl/opts/CURLOPT_RESUME_FROM.md | 82 + .../libcurl/opts/CURLOPT_RESUME_FROM_LARGE.md | 81 + .../libcurl/opts/CURLOPT_RTSP_CLIENT_CSEQ.md | 64 + .../docs/libcurl/opts/CURLOPT_RTSP_REQUEST.md | 141 + .../libcurl/opts/CURLOPT_RTSP_SERVER_CSEQ.md | 63 + .../libcurl/opts/CURLOPT_RTSP_SESSION_ID.md | 72 + .../libcurl/opts/CURLOPT_RTSP_STREAM_URI.md | 76 + .../libcurl/opts/CURLOPT_RTSP_TRANSPORT.md | 69 + .../docs/libcurl/opts/CURLOPT_SASL_AUTHZID.md | 80 + .../curl/docs/libcurl/opts/CURLOPT_SASL_IR.md | 75 + .../docs/libcurl/opts/CURLOPT_SEEKDATA.md | 71 + .../docs/libcurl/opts/CURLOPT_SEEKFUNCTION.md | 106 + .../opts/CURLOPT_SERVER_RESPONSE_TIMEOUT.md | 77 + .../CURLOPT_SERVER_RESPONSE_TIMEOUT_MS.md | 79 + .../docs/libcurl/opts/CURLOPT_SERVICE_NAME.md | 74 + deps/curl/docs/libcurl/opts/CURLOPT_SHARE.md | 90 + .../docs/libcurl/opts/CURLOPT_SOCKOPTDATA.md | 74 + .../libcurl/opts/CURLOPT_SOCKOPTFUNCTION.md | 133 + .../docs/libcurl/opts/CURLOPT_SOCKS5_AUTH.md | 70 + .../libcurl/opts/CURLOPT_SOCKS5_GSSAPI_NEC.md | 65 + .../opts/CURLOPT_SOCKS5_GSSAPI_SERVICE.md | 73 + .../libcurl/opts/CURLOPT_SSH_AUTH_TYPES.md | 70 + .../libcurl/opts/CURLOPT_SSH_COMPRESSION.md | 66 + .../libcurl/opts/CURLOPT_SSH_HOSTKEYDATA.md | 80 + .../opts/CURLOPT_SSH_HOSTKEYFUNCTION.md | 105 + .../opts/CURLOPT_SSH_HOST_PUBLIC_KEY_MD5.md | 76 + .../CURLOPT_SSH_HOST_PUBLIC_KEY_SHA256.md | 76 + .../docs/libcurl/opts/CURLOPT_SSH_KEYDATA.md | 78 + .../libcurl/opts/CURLOPT_SSH_KEYFUNCTION.md | 155 + .../libcurl/opts/CURLOPT_SSH_KNOWNHOSTS.md | 78 + .../opts/CURLOPT_SSH_PRIVATE_KEYFILE.md | 78 + .../opts/CURLOPT_SSH_PUBLIC_KEYFILE.md | 77 + .../curl/docs/libcurl/opts/CURLOPT_SSLCERT.md | 98 + .../docs/libcurl/opts/CURLOPT_SSLCERTTYPE.md | 82 + .../docs/libcurl/opts/CURLOPT_SSLCERT_BLOB.md | 89 + .../docs/libcurl/opts/CURLOPT_SSLENGINE.md | 78 + .../libcurl/opts/CURLOPT_SSLENGINE_DEFAULT.md | 71 + deps/curl/docs/libcurl/opts/CURLOPT_SSLKEY.md | 80 + .../docs/libcurl/opts/CURLOPT_SSLKEYTYPE.md | 86 + .../docs/libcurl/opts/CURLOPT_SSLKEY_BLOB.md | 91 + .../docs/libcurl/opts/CURLOPT_SSLVERSION.md | 160 + .../libcurl/opts/CURLOPT_SSL_CIPHER_LIST.md | 115 + .../docs/libcurl/opts/CURLOPT_SSL_CTX_DATA.md | 132 + .../libcurl/opts/CURLOPT_SSL_CTX_FUNCTION.md | 176 + .../libcurl/opts/CURLOPT_SSL_EC_CURVES.md | 72 + .../libcurl/opts/CURLOPT_SSL_ENABLE_ALPN.md | 64 + .../libcurl/opts/CURLOPT_SSL_ENABLE_NPN.md | 70 + .../libcurl/opts/CURLOPT_SSL_FALSESTART.md | 64 + .../docs/libcurl/opts/CURLOPT_SSL_OPTIONS.md | 131 + .../opts/CURLOPT_SSL_SESSIONID_CACHE.md | 70 + .../libcurl/opts/CURLOPT_SSL_VERIFYHOST.md | 124 + .../libcurl/opts/CURLOPT_SSL_VERIFYPEER.md | 102 + .../libcurl/opts/CURLOPT_SSL_VERIFYSTATUS.md | 71 + deps/curl/docs/libcurl/opts/CURLOPT_STDERR.md | 67 + .../libcurl/opts/CURLOPT_STREAM_DEPENDS.md | 79 + .../libcurl/opts/CURLOPT_STREAM_DEPENDS_E.md | 82 + .../libcurl/opts/CURLOPT_STREAM_WEIGHT.md | 82 + .../opts/CURLOPT_SUPPRESS_CONNECT_HEADERS.md | 102 + .../docs/libcurl/opts/CURLOPT_TCP_FASTOPEN.md | 68 + .../libcurl/opts/CURLOPT_TCP_KEEPALIVE.md | 77 + .../docs/libcurl/opts/CURLOPT_TCP_KEEPCNT.md | 77 + .../docs/libcurl/opts/CURLOPT_TCP_KEEPIDLE.md | 76 + .../libcurl/opts/CURLOPT_TCP_KEEPINTVL.md | 75 + .../docs/libcurl/opts/CURLOPT_TCP_NODELAY.md | 77 + .../libcurl/opts/CURLOPT_TELNETOPTIONS.md | 74 + .../docs/libcurl/opts/CURLOPT_TFTP_BLKSIZE.md | 65 + .../libcurl/opts/CURLOPT_TFTP_NO_OPTIONS.md | 80 + .../libcurl/opts/CURLOPT_TIMECONDITION.md | 74 + .../curl/docs/libcurl/opts/CURLOPT_TIMEOUT.md | 91 + .../docs/libcurl/opts/CURLOPT_TIMEOUT_MS.md | 66 + .../docs/libcurl/opts/CURLOPT_TIMEVALUE.md | 71 + .../libcurl/opts/CURLOPT_TIMEVALUE_LARGE.md | 73 + .../libcurl/opts/CURLOPT_TLS13_CIPHERS.md | 101 + .../libcurl/opts/CURLOPT_TLSAUTH_PASSWORD.md | 77 + .../docs/libcurl/opts/CURLOPT_TLSAUTH_TYPE.md | 81 + .../libcurl/opts/CURLOPT_TLSAUTH_USERNAME.md | 76 + .../docs/libcurl/opts/CURLOPT_TRAILERDATA.md | 61 + .../libcurl/opts/CURLOPT_TRAILERFUNCTION.md | 113 + .../docs/libcurl/opts/CURLOPT_TRANSFERTEXT.md | 67 + .../libcurl/opts/CURLOPT_TRANSFER_ENCODING.md | 70 + .../libcurl/opts/CURLOPT_UNIX_SOCKET_PATH.md | 91 + .../libcurl/opts/CURLOPT_UNRESTRICTED_AUTH.md | 87 + .../opts/CURLOPT_UPKEEP_INTERVAL_MS.md | 84 + deps/curl/docs/libcurl/opts/CURLOPT_UPLOAD.md | 99 + .../libcurl/opts/CURLOPT_UPLOAD_BUFFERSIZE.md | 82 + .../docs/libcurl/opts/CURLOPT_UPLOAD_FLAGS.md | 100 + deps/curl/docs/libcurl/opts/CURLOPT_URL.md | 148 + .../docs/libcurl/opts/CURLOPT_USERAGENT.md | 70 + .../docs/libcurl/opts/CURLOPT_USERNAME.md | 92 + .../curl/docs/libcurl/opts/CURLOPT_USERPWD.md | 101 + .../curl/docs/libcurl/opts/CURLOPT_USE_SSL.md | 94 + .../curl/docs/libcurl/opts/CURLOPT_VERBOSE.md | 73 + .../libcurl/opts/CURLOPT_WILDCARDMATCH.md | 113 + .../docs/libcurl/opts/CURLOPT_WRITEDATA.md | 66 + .../libcurl/opts/CURLOPT_WRITEFUNCTION.md | 139 + .../docs/libcurl/opts/CURLOPT_WS_OPTIONS.md | 77 + .../docs/libcurl/opts/CURLOPT_XFERINFODATA.md | 82 + .../libcurl/opts/CURLOPT_XFERINFOFUNCTION.md | 126 + .../libcurl/opts/CURLOPT_XOAUTH2_BEARER.md | 79 + .../docs/libcurl/opts/CURLSHOPT_LOCKFUNC.md | 76 + .../curl/docs/libcurl/opts/CURLSHOPT_SHARE.md | 120 + .../docs/libcurl/opts/CURLSHOPT_UNLOCKFUNC.md | 71 + .../docs/libcurl/opts/CURLSHOPT_UNSHARE.md | 83 + .../docs/libcurl/opts/CURLSHOPT_USERDATA.md | 61 + deps/curl/docs/mk-ca-bundle.md | 127 + deps/curl/include/README.md | 20 + deps/curl/lib/CMakeLists.txt | 304 + deps/curl/packages/README.md | 12 + .../packages/vms/curl_gnv_build_steps.txt | 290 + .../packages/vms/curl_release_note_start.txt | 77 + .../packages/vms/pcsi_gnv_curl_file_list.txt | 125 + deps/curl/projects/README.md | 152 + deps/curl/src/CMakeLists.txt | 134 + deps/curl/tests/CI.md | 97 + deps/curl/tests/CMakeLists.txt | 115 + deps/curl/tests/FILEFORMAT.md | 732 ++ deps/curl/tests/README.md | 269 + deps/curl/tests/certs/CMakeLists.txt | 46 + deps/curl/tests/cmake/CMakeLists.txt | 85 + deps/curl/tests/http/CMakeLists.txt | 56 + deps/curl/tests/http/README.md | 150 + deps/curl/tests/http/clients/CMakeLists.txt | 48 + deps/curl/tests/http/requirements.txt | 30 + deps/curl/tests/libtest/CMakeLists.txt | 90 + deps/curl/tests/requirements.txt | 26 + deps/curl/tests/runtests.md | 313 + deps/curl/tests/server/CMakeLists.txt | 72 + deps/curl/tests/testcurl.md | 138 + deps/curl/tests/unit/CMakeLists.txt | 60 + deps/curl/tests/unit/README.md | 73 + deps/curl/winbuild/README.md | 202 + deps/discord-rpc/CMakeLists.txt | 56 + deps/discord-rpc/README.md | 158 + deps/discord-rpc/documentation/hard-mode.md | 164 + .../ProjectSettings/ProjectVersion.txt | 1 + .../examples/send-presence/CMakeLists.txt | 21 + deps/discord-rpc/src/CMakeLists.txt | 147 + deps/imgui/.github/FUNDING.yml | 1 + deps/imgui/.github/issue_template.md | 46 + deps/imgui/.github/pull_request_template.md | 6 + deps/imgui/.github/workflows/build.yml | 507 + deps/imgui/.github/workflows/scheduled.yml | 15 + .../.github/workflows/static-analysis.yml | 77 + deps/imgui/LICENSE.txt | 21 + deps/imgui/docs/BACKENDS.md | 144 + deps/imgui/docs/CHANGELOG.txt | 3578 ++++++ deps/imgui/docs/EXAMPLES.md | 242 + deps/imgui/docs/FAQ.md | 676 ++ deps/imgui/docs/FONTS.md | 397 + deps/imgui/docs/README.md | 243 + deps/imgui/docs/TODO.txt | 403 + deps/imgui/examples/README.txt | 9 + .../imgui/examples/example_allegro5/README.md | 36 + .../example_android_opengl3/CMakeLists.txt | 40 + .../examples/example_apple_metal/README.md | 10 + .../example_emscripten_opengl3/README.md | 26 + .../example_emscripten_wgpu/README.md | 24 + .../example_emscripten_wgpu/web/index.html | 80 + .../example_glfw_vulkan/CMakeLists.txt | 44 + .../examples/example_sdl_opengl2/README.md | 29 + .../examples/example_sdl_opengl3/README.md | 29 + .../example_sdl_sdlrenderer/README.md | 25 + deps/imgui/examples/libs/glfw/COPYING.txt | 22 + deps/imgui/examples/libs/usynergy/README.txt | 8 + deps/imgui/misc/README.txt | 23 + deps/imgui/misc/cpp/README.txt | 13 + deps/imgui/misc/debuggers/README.txt | 16 + deps/imgui/misc/freetype/README.md | 37 + deps/libtomcrypt/.github/ISSUE_TEMPLATE.md | 30 + .../.github/PULL_REQUEST_TEMPLATE.md | 13 + deps/libtomcrypt/.github/workflows/main.yml | 131 + deps/libtomcrypt/CMakeLists.txt | 444 + deps/libtomcrypt/README.md | 204 + deps/libtomcrypt/demos/CMakeLists.txt | 93 + deps/libtomcrypt/notes/base64_tv.txt | 35 + deps/libtomcrypt/notes/ccm_tv.txt | 2334 ++++ deps/libtomcrypt/notes/cipher_tv.txt | 2713 +++++ deps/libtomcrypt/notes/eax_tv.txt | 696 ++ deps/libtomcrypt/notes/ecc_tv.txt | 5348 +++++++++ deps/libtomcrypt/notes/gcm_tv.txt | 344 + deps/libtomcrypt/notes/hash_tv.txt | 6090 +++++++++++ deps/libtomcrypt/notes/hashsum_tv.txt | 34 + deps/libtomcrypt/notes/hmac_tv.txt | 6090 +++++++++++ deps/libtomcrypt/notes/lrw_tv.txt | 126 + deps/libtomcrypt/notes/ocb3_tv.txt | 354 + deps/libtomcrypt/notes/ocb_tv.txt | 696 ++ deps/libtomcrypt/notes/omac_tv.txt | 696 ++ deps/libtomcrypt/notes/pmac_tv.txt | 696 ++ .../notes/rsa-testvectors/oaep-int.txt | 369 + .../notes/rsa-testvectors/oaep-vect.txt | 2212 ++++ .../rsa-testvectors/pkcs1v15crypt-vectors.txt | 9709 +++++++++++++++++ .../rsa-testvectors/pkcs1v15sign-vectors.txt | 9049 +++++++++++++++ .../notes/rsa-testvectors/pss-int.txt | 162 + .../notes/rsa-testvectors/pss-vect.txt | 2581 +++++ .../notes/rsa-testvectors/readme.txt | 22 + deps/libtomcrypt/notes/tech0001.txt | 73 + deps/libtomcrypt/notes/tech0002.txt | 52 + deps/libtomcrypt/notes/tech0003.txt | 52 + deps/libtomcrypt/notes/tech0004.txt | 91 + deps/libtomcrypt/notes/tech0005.txt | 20 + deps/libtomcrypt/notes/tech0006.txt | 91 + deps/libtomcrypt/notes/tech0007.txt | 5 + deps/libtomcrypt/src/misc/crypt/crypt.c | 577 + .../libtomcrypt/src/misc/crypt/crypt_argchk.c | 17 + .../src/misc/crypt/crypt_cipher_descriptor.c | 15 + .../src/misc/crypt/crypt_cipher_is_valid.c | 24 + .../src/misc/crypt/crypt_constants.c | 290 + .../src/misc/crypt/crypt_find_cipher.c | 29 + .../src/misc/crypt/crypt_find_cipher_any.c | 38 + .../src/misc/crypt/crypt_find_cipher_id.c | 28 + .../src/misc/crypt/crypt_find_hash.c | 28 + .../src/misc/crypt/crypt_find_hash_any.c | 37 + .../src/misc/crypt/crypt_find_hash_id.c | 28 + .../src/misc/crypt/crypt_find_hash_oid.c | 23 + .../src/misc/crypt/crypt_find_prng.c | 29 + deps/libtomcrypt/src/misc/crypt/crypt_fsa.c | 45 + .../src/misc/crypt/crypt_hash_descriptor.c | 15 + .../src/misc/crypt/crypt_hash_is_valid.c | 24 + deps/libtomcrypt/src/misc/crypt/crypt_inits.c | 81 + .../src/misc/crypt/crypt_ltc_mp_descriptor.c | 6 + .../src/misc/crypt/crypt_prng_descriptor.c | 14 + .../src/misc/crypt/crypt_prng_is_valid.c | 24 + .../misc/crypt/crypt_prng_rng_descriptor.c | 7 + .../misc/crypt/crypt_register_all_ciphers.c | 104 + .../misc/crypt/crypt_register_all_hashes.c | 96 + .../src/misc/crypt/crypt_register_all_prngs.c | 38 + .../src/misc/crypt/crypt_register_cipher.c | 42 + .../src/misc/crypt/crypt_register_hash.c | 42 + .../src/misc/crypt/crypt_register_prng.c | 42 + deps/libtomcrypt/src/misc/crypt/crypt_sizes.c | 354 + .../src/misc/crypt/crypt_unregister_cipher.c | 33 + .../src/misc/crypt/crypt_unregister_hash.c | 32 + .../src/misc/crypt/crypt_unregister_prng.c | 32 + deps/libtomcrypt/tests/CMakeLists.txt | 60 + deps/libtomcrypt/tests/rsa-pkcs8/README.txt | 29 + deps/libtommath/.github/workflows/deploy.yml | 47 + deps/libtommath/.github/workflows/main.yml | 225 + deps/libtommath/CMakeLists.txt | 317 + deps/libtommath/README.md | 70 + deps/libtommath/changes.txt | 508 + deps/libtommath/demo/CMakeLists.txt | 66 + deps/libtommath/etc/2kprime.1 | 2 + deps/libtommath/mtest/logtab.h | 24 + deps/libtommath/mtest/mpi-config.h | 90 + deps/libtommath/mtest/mpi-types.h | 20 + deps/libtommath/mtest/mpi.c | 3987 +++++++ deps/libtommath/mtest/mpi.h | 233 + deps/libtommath/mtest/mtest.c | 370 + deps/lua/README.md | 7 + deps/minhook/AUTHORS.txt | 8 + deps/minhook/CMakeLists.txt | 141 + deps/minhook/LICENSE.txt | 81 + deps/minhook/README.md | 87 + deps/rapidjson/CHANGELOG.md | 158 + deps/rapidjson/CMakeLists.txt | 257 + deps/rapidjson/bin/data/abcde.txt | 1 + deps/rapidjson/bin/data/readme.txt | 1 + deps/rapidjson/bin/draft-04/schema | 150 + deps/rapidjson/bin/jsonchecker/readme.txt | 3 + deps/rapidjson/bin/jsonschema/.gitignore | 1 + deps/rapidjson/bin/jsonschema/.travis.yml | 4 + deps/rapidjson/bin/jsonschema/LICENSE | 19 + deps/rapidjson/bin/jsonschema/README.md | 148 + .../bin/jsonschema/bin/jsonschema_suite | 283 + .../remotes/folder/folderInteger.json | Bin 0 -> 25 bytes .../bin/jsonschema/remotes/integer.json | Bin 0 -> 25 bytes .../bin/jsonschema/remotes/subSchemas.json | Bin 0 -> 110 bytes .../tests/draft3/additionalItems.json | Bin 0 -> 2257 bytes .../tests/draft3/additionalProperties.json | Bin 0 -> 2745 bytes .../bin/jsonschema/tests/draft3/default.json | Bin 0 -> 1273 bytes .../jsonschema/tests/draft3/dependencies.json | Bin 0 -> 2989 bytes .../bin/jsonschema/tests/draft3/disallow.json | Bin 0 -> 1936 bytes .../jsonschema/tests/draft3/divisibleBy.json | Bin 0 -> 1544 bytes .../bin/jsonschema/tests/draft3/enum.json | Bin 0 -> 1964 bytes .../bin/jsonschema/tests/draft3/extends.json | Bin 0 -> 2591 bytes .../bin/jsonschema/tests/draft3/items.json | Bin 0 -> 1136 bytes .../bin/jsonschema/tests/draft3/maxItems.json | Bin 0 -> 706 bytes .../jsonschema/tests/draft3/maxLength.json | Bin 0 -> 895 bytes .../bin/jsonschema/tests/draft3/maximum.json | Bin 0 -> 1063 bytes .../bin/jsonschema/tests/draft3/minItems.json | Bin 0 -> 693 bytes .../jsonschema/tests/draft3/minLength.json | Bin 0 -> 886 bytes .../bin/jsonschema/tests/draft3/minimum.json | Bin 0 -> 1063 bytes .../tests/draft3/optional/bignum.json | Bin 0 -> 3075 bytes .../tests/draft3/optional/format.json | Bin 0 -> 6751 bytes .../tests/draft3/optional/jsregex.json | Bin 0 -> 463 bytes .../draft3/optional/zeroTerminatedFloats.json | Bin 0 -> 384 bytes .../bin/jsonschema/tests/draft3/pattern.json | Bin 0 -> 857 bytes .../tests/draft3/patternProperties.json | Bin 0 -> 3365 bytes .../jsonschema/tests/draft3/properties.json | Bin 0 -> 2881 bytes .../bin/jsonschema/tests/draft3/ref.json | Bin 0 -> 4385 bytes .../jsonschema/tests/draft3/refRemote.json | Bin 0 -> 1961 bytes .../bin/jsonschema/tests/draft3/required.json | Bin 0 -> 1282 bytes .../bin/jsonschema/tests/draft3/type.json | Bin 0 -> 13217 bytes .../jsonschema/tests/draft3/uniqueItems.json | Bin 0 -> 2613 bytes .../tests/draft4/additionalItems.json | Bin 0 -> 2282 bytes .../tests/draft4/additionalProperties.json | Bin 0 -> 2745 bytes .../bin/jsonschema/tests/draft4/allOf.json | Bin 0 -> 3025 bytes .../bin/jsonschema/tests/draft4/anyOf.json | Bin 0 -> 1608 bytes .../bin/jsonschema/tests/draft4/default.json | Bin 0 -> 1273 bytes .../jsonschema/tests/draft4/definitions.json | Bin 0 -> 854 bytes .../jsonschema/tests/draft4/dependencies.json | Bin 0 -> 3139 bytes .../bin/jsonschema/tests/draft4/enum.json | Bin 0 -> 1975 bytes .../bin/jsonschema/tests/draft4/items.json | Bin 0 -> 1136 bytes .../bin/jsonschema/tests/draft4/maxItems.json | Bin 0 -> 706 bytes .../jsonschema/tests/draft4/maxLength.json | Bin 0 -> 896 bytes .../tests/draft4/maxProperties.json | Bin 0 -> 759 bytes .../bin/jsonschema/tests/draft4/maximum.json | Bin 0 -> 1063 bytes .../bin/jsonschema/tests/draft4/minItems.json | Bin 0 -> 693 bytes .../jsonschema/tests/draft4/minLength.json | Bin 0 -> 886 bytes .../tests/draft4/minProperties.json | Bin 0 -> 725 bytes .../bin/jsonschema/tests/draft4/minimum.json | Bin 0 -> 1063 bytes .../jsonschema/tests/draft4/multipleOf.json | Bin 0 -> 1525 bytes .../bin/jsonschema/tests/draft4/not.json | Bin 0 -> 2266 bytes .../bin/jsonschema/tests/draft4/oneOf.json | Bin 0 -> 1607 bytes .../tests/draft4/optional/bignum.json | Bin 0 -> 3075 bytes .../tests/draft4/optional/format.json | Bin 0 -> 4608 bytes .../draft4/optional/zeroTerminatedFloats.json | Bin 0 -> 384 bytes .../bin/jsonschema/tests/draft4/pattern.json | Bin 0 -> 857 bytes .../tests/draft4/patternProperties.json | Bin 0 -> 3365 bytes .../jsonschema/tests/draft4/properties.json | Bin 0 -> 2881 bytes .../bin/jsonschema/tests/draft4/ref.json | Bin 0 -> 4366 bytes .../jsonschema/tests/draft4/refRemote.json | Bin 0 -> 1961 bytes .../bin/jsonschema/tests/draft4/required.json | Bin 0 -> 923 bytes .../bin/jsonschema/tests/draft4/type.json | Bin 0 -> 9298 bytes .../jsonschema/tests/draft4/uniqueItems.json | Bin 0 -> 2613 bytes deps/rapidjson/bin/jsonschema/tox.ini | 8 + deps/rapidjson/bin/types/readme.txt | 1 + deps/rapidjson/contrib/natvis/README.md | 7 + deps/rapidjson/doc/CMakeLists.txt | 27 + deps/rapidjson/doc/diagram/makefile | 8 + deps/rapidjson/doc/dom.md | 281 + deps/rapidjson/doc/dom.zh-cn.md | 285 + deps/rapidjson/doc/encoding.md | 146 + deps/rapidjson/doc/encoding.zh-cn.md | 152 + deps/rapidjson/doc/faq.md | 289 + deps/rapidjson/doc/faq.zh-cn.md | 290 + deps/rapidjson/doc/features.md | 106 + deps/rapidjson/doc/features.zh-cn.md | 103 + deps/rapidjson/doc/internals.md | 368 + deps/rapidjson/doc/internals.zh-cn.md | 363 + deps/rapidjson/doc/npm.md | 31 + deps/rapidjson/doc/performance.md | 26 + deps/rapidjson/doc/performance.zh-cn.md | 26 + deps/rapidjson/doc/pointer.md | 234 + deps/rapidjson/doc/pointer.zh-cn.md | 234 + deps/rapidjson/doc/sax.md | 509 + deps/rapidjson/doc/sax.zh-cn.md | 487 + deps/rapidjson/doc/schema.md | 513 + deps/rapidjson/doc/schema.zh-cn.md | 237 + deps/rapidjson/doc/stream.md | 429 + deps/rapidjson/doc/stream.zh-cn.md | 429 + deps/rapidjson/doc/tutorial.md | 536 + deps/rapidjson/doc/tutorial.zh-cn.md | 535 + deps/rapidjson/example/CMakeLists.txt | 46 + deps/rapidjson/license.txt | 57 + deps/rapidjson/readme.md | 210 + deps/rapidjson/readme.zh-cn.md | 152 + deps/rapidjson/test/CMakeLists.txt | 20 + deps/rapidjson/test/perftest/CMakeLists.txt | 28 + deps/rapidjson/test/unittest/CMakeLists.txt | 95 + .../rapidjson/thirdparty/gtest/CMakeLists.txt | 33 + .../thirdparty/gtest/CONTRIBUTING.md | 160 + deps/rapidjson/thirdparty/gtest/README.md | 122 + .../gtest/googlemock/CMakeLists.txt | 242 + .../thirdparty/gtest/googlemock/README.md | 344 + .../gtest/googlemock/build-aux/.keep | 0 .../gtest/googlemock/docs/CheatSheet.md | 564 + .../gtest/googlemock/docs/CookBook.md | 3660 +++++++ .../gtest/googlemock/docs/DesignDoc.md | 280 + .../gtest/googlemock/docs/Documentation.md | 15 + .../gtest/googlemock/docs/ForDummies.md | 447 + .../docs/FrequentlyAskedQuestions.md | 627 ++ .../gtest/googlemock/docs/KnownIssues.md | 19 + .../thirdparty/gtest/googlemock/make/Makefile | 101 + .../test/gmock_output_test_golden.txt | 317 + .../gtest/googletest/CMakeLists.txt | 312 + .../thirdparty/gtest/googletest/README.md | 341 + .../gtest/googletest/docs/Pkgconfig.md | 146 + .../gtest/googletest/docs/PumpManual.md | 177 + .../gtest/googletest/docs/XcodeGuide.md | 93 + .../gtest/googletest/docs/advanced.md | 2416 ++++ .../thirdparty/gtest/googletest/docs/faq.md | 1092 ++ .../gtest/googletest/docs/primer.md | 536 + .../gtest/googletest/docs/samples.md | 14 + .../thirdparty/gtest/googletest/make/Makefile | 82 + .../gtest/googletest/scripts/test/Makefile | 59 + .../test/gtest_output_test_golden_lin.txt | 781 ++ deps/sol2/.github/ISSUE_TEMPLATE.md | 16 + deps/sol2/.github/workflows/macos.yml | 33 + deps/sol2/.github/workflows/ubuntu.yml | 33 + deps/sol2/.github/workflows/windows.yml | 38 + deps/sol2/CMakeLists.txt | 312 + deps/sol2/CONTRIBUTING.md | 27 + deps/sol2/CONTRIBUTORS.md | 27 + deps/sol2/LICENSE.txt | 20 + deps/sol2/README.md | 161 + deps/sol2/documentation/CMakeLists.txt | 103 + deps/sol2/documentation/requirements.txt | 3 + deps/sol2/examples/CMakeLists.txt | 118 + .../examples/customization/CMakeLists.txt | 64 + .../examples/interop/LuaBridge/CMakeLists.txt | 62 + .../examples/interop/kaguya/CMakeLists.txt | 61 + .../examples/interop/luwra/CMakeLists.txt | 61 + .../examples/interop/tolua/CMakeLists.txt | 63 + .../require_dll_example/CMakeLists.txt | 134 + deps/sol2/meson_options.txt | 3 + deps/sol2/single/CMakeLists.txt | 55 + deps/sol2/tests/CMakeLists.txt | 95 + deps/sol2/tests/config_tests/CMakeLists.txt | 26 + .../function_pointers/CMakeLists.txt | 40 + .../integer_value_fits/CMakeLists.txt | 40 + .../tests/container_exhaustive/CMakeLists.txt | 34 + deps/sol2/tests/coroutines/CMakeLists.txt | 40 + deps/sol2/tests/enum/CMakeLists.txt | 32 + deps/sol2/tests/environment/CMakeLists.txt | 32 + deps/sol2/tests/exceptions/CMakeLists.txt | 52 + deps/sol2/tests/inclusion/CMakeLists.txt | 57 + deps/sol2/tests/lua_lifetime/CMakeLists.txt | 34 + deps/sol2/tests/numerics/CMakeLists.txt | 34 + .../regression_tests/1011/CMakeLists.txt | 45 + .../tests/regression_tests/CMakeLists.txt | 26 + .../regression_tests/simple/CMakeLists.txt | 45 + deps/sol2/tests/run_time/CMakeLists.txt | 41 + deps/sol2/tests/utility/CMakeLists.txt | 34 + deps/stb/.github/CONTRIBUTING.md | 32 + ...e-doesn-t-load-specific-image-correctly.md | 15 + .../.github/ISSUE_TEMPLATE/2-bug_report.md | 24 + .../ISSUE_TEMPLATE/3-feature_request.md | 20 + deps/stb/.github/ISSUE_TEMPLATE/config.yml | 5 + deps/stb/.github/PULL_REQUEST_TEMPLATE.md | 6 + deps/stb/.github/workflows/ci-fuzz.yml | 23 + deps/stb/README.md | 184 + deps/stb/data/herringbone/license.txt | 4 + deps/stb/deprecated/stretchy_buffer.txt | 28 + deps/stb/docs/other_libs.md | 1 + deps/stb/docs/stb_howto.txt | 185 + deps/stb/docs/stb_voxel_render_interview.md | 173 + deps/stb/docs/why_public_domain.md | 117 + deps/stb/tests/caveview/README.md | 85 + deps/stb/tests/oversample/README.md | 94 + deps/stb/tests/oversample/oversample.exe | Bin 0 -> 54272 bytes deps/stb/tools/README.footer.md | 135 + deps/stb/tools/README.header.md | 22 + deps/udis86/BuildVS2010/README.txt | 8 + deps/zlib/.github/workflows/c-std.yml | 230 + deps/zlib/.github/workflows/cmake.yml | 112 + deps/zlib/.github/workflows/configure.yml | 136 + deps/zlib/.github/workflows/fuzz.yml | 25 + deps/zlib/.github/workflows/msys-cygwin.yml | 77 + deps/zlib/CMakeLists.txt | 330 + deps/zlib/Makefile | 5 + deps/zlib/README-cmake.md | 83 + deps/zlib/contrib/ada/readme.txt | 65 + deps/zlib/contrib/blast/test.txt | 1 + deps/zlib/contrib/delphi/readme.txt | 76 + deps/zlib/contrib/dotzlib/LICENSE_1_0.txt | 23 + deps/zlib/contrib/dotzlib/readme.txt | 58 + deps/zlib/contrib/minizip/CMakeLists.txt | 380 + .../contrib/minizip/MiniZip64_Changes.txt | 6 + deps/zlib/contrib/minizip/MiniZip64_info.txt | 74 + deps/zlib/contrib/minizip/minizip.pc.txt | 13 + deps/zlib/contrib/minizip/test/CMakeLists.txt | 121 + deps/zlib/contrib/pascal/readme.txt | 76 + deps/zlib/contrib/testzlib/testzlib.txt | 10 + deps/zlib/contrib/vstudio/readme.txt | 81 + deps/zlib/doc/algorithm.txt | 209 + deps/zlib/doc/rfc1950.txt | 619 ++ deps/zlib/doc/rfc1951.txt | 955 ++ deps/zlib/doc/rfc1952.txt | 675 ++ deps/zlib/doc/txtvsbin.txt | 107 + deps/zlib/old/visual-basic.txt | 160 + deps/zlib/test/CMakeLists.txt | 265 + deps/zlib/win32/DLL_FAQ.txt | 381 + deps/zlib/win32/README-WIN32.txt | 103 + deps/zlib/win32/VisualC.txt | 3 + deps/zlib/zconf.h | 544 + .../zstd/.github/ISSUE_TEMPLATE/bug_report.md | 35 + .../.github/ISSUE_TEMPLATE/feature_request.md | 20 + deps/zstd/.github/dependabot.yml | 6 + .../.github/workflows/android-ndk-build.yml | 39 + deps/zstd/.github/workflows/commit.yml | 104 + .../zstd/.github/workflows/dev-long-tests.yml | 310 + .../.github/workflows/dev-short-tests.yml | 739 ++ deps/zstd/.github/workflows/nightly.yml | 38 + .../workflows/publish-release-artifacts.yml | 73 + deps/zstd/.github/workflows/release_check.yml | 64 + deps/zstd/.github/workflows/scorecards.yml | 64 + .../.github/workflows/windows-artifacts.yml | 81 + deps/zstd/CODE_OF_CONDUCT.md | 5 + deps/zstd/CONTRIBUTING.md | 489 + deps/zstd/README.md | 237 + deps/zstd/SECURITY.md | 15 + deps/zstd/TESTING.md | 43 + deps/zstd/build/README.md | 56 + deps/zstd/build/VS_scripts/README.md | 64 + deps/zstd/build/cmake/CMakeLists.txt | 228 + deps/zstd/build/cmake/README.md | 146 + deps/zstd/build/cmake/contrib/CMakeLists.txt | 13 + .../cmake/contrib/gen_html/CMakeLists.txt | 30 + .../build/cmake/contrib/pzstd/CMakeLists.txt | 39 + deps/zstd/build/cmake/lib/CMakeLists.txt | 295 + deps/zstd/build/cmake/programs/CMakeLists.txt | 144 + deps/zstd/build/cmake/tests/CMakeLists.txt | 118 + deps/zstd/build/meson/README.md | 38 + deps/zstd/build/meson/meson_options.txt | 36 + deps/zstd/build/single_file_libs/README.md | 33 + .../build/single_file_libs/examples/README.md | 11 + deps/zstd/contrib/VS2005/README.md | 3 + deps/zstd/contrib/docker/README.md | 20 + .../externalSequenceProducer/README.md | 14 + deps/zstd/contrib/gen_html/README.md | 31 + deps/zstd/contrib/largeNbDicts/README.md | 33 + deps/zstd/contrib/linux-kernel/README.md | 14 + deps/zstd/contrib/match_finders/README.md | 42 + deps/zstd/contrib/pzstd/README.md | 56 + deps/zstd/contrib/seekable_format/README.md | 42 + .../zstd_seekable_compression_format.md | 116 + deps/zstd/doc/README.md | 26 + deps/zstd/doc/decompressor_errata.md | 148 + deps/zstd/doc/decompressor_permissive.md | 80 + deps/zstd/doc/educational_decoder/README.md | 36 + deps/zstd/doc/zstd_compression_format.md | 1771 +++ deps/zstd/examples/README.md | 46 + deps/zstd/lib/README.md | 253 + deps/zstd/lib/dll/example/README.md | 63 + deps/zstd/programs/README.md | 344 + deps/zstd/programs/zstd.1.md | 714 ++ deps/zstd/programs/zstdgrep.1.md | 30 + deps/zstd/programs/zstdless.1.md | 16 + deps/zstd/tests/README.md | 184 + deps/zstd/tests/cli-tests/README.md | 258 + deps/zstd/tests/fuzz/README.md | 161 + .../fuzz/seq_prod_fuzz_example/README.md | 12 + deps/zstd/tests/regression/README.md | 28 + deps/zstd/zlibWrapper/README.md | 163 + 1375 files changed, 195792 insertions(+), 3 deletions(-) create mode 100644 deps/GSL/.github/ISSUE_TEMPLATE/bug_report.md create mode 100644 deps/GSL/.github/workflows/android.yml create mode 100644 deps/GSL/.github/workflows/cmake/action.yml create mode 100644 deps/GSL/.github/workflows/cmake_find_package.yml create mode 100644 deps/GSL/.github/workflows/compilers.yml create mode 100644 deps/GSL/.github/workflows/ios.yml create mode 100644 deps/GSL/CMakeLists.txt create mode 100644 deps/GSL/CONTRIBUTING.md create mode 100644 deps/GSL/README.md create mode 100644 deps/GSL/SECURITY.md create mode 100644 deps/GSL/ThirdPartyNotices.txt create mode 100644 deps/GSL/docs/headers.md create mode 100644 deps/GSL/include/CMakeLists.txt create mode 100644 deps/GSL/tests/CMakeLists.txt create mode 100644 deps/asmjit/.github/FUNDING.yml create mode 100644 deps/asmjit/.github/ISSUE_TEMPLATE/01_bug_report.yml create mode 100644 deps/asmjit/.github/ISSUE_TEMPLATE/02_feature_request.yml create mode 100644 deps/asmjit/.github/ISSUE_TEMPLATE/03_help_question.yml create mode 100644 deps/asmjit/.github/ISSUE_TEMPLATE/99_other_issues.yml create mode 100644 deps/asmjit/.github/workflows/build-config.json create mode 100644 deps/asmjit/.github/workflows/build.yml create mode 100644 deps/asmjit/CMakeLists.txt create mode 100644 deps/asmjit/CONTRIBUTING.md create mode 100644 deps/asmjit/LICENSE.md create mode 100644 deps/asmjit/README.md create mode 100644 deps/asmjit/db/LICENSE.md create mode 100644 deps/asmjit/db/README.md create mode 100644 deps/curl/.github/CODEOWNERS create mode 100644 deps/curl/.github/CONTRIBUTING.md create mode 100644 deps/curl/.github/FUNDING.yml create mode 100644 deps/curl/.github/ISSUE_TEMPLATE/bug_report.yml create mode 100644 deps/curl/.github/ISSUE_TEMPLATE/config.yml create mode 100644 deps/curl/.github/ISSUE_TEMPLATE/docs.yml create mode 100644 deps/curl/.github/dependabot.yml create mode 100644 deps/curl/.github/labeler.yml create mode 100644 deps/curl/.github/lock.yml create mode 100644 deps/curl/.github/scripts/badwords.pl create mode 100644 deps/curl/.github/scripts/badwords.txt create mode 100644 deps/curl/.github/scripts/binarycheck.pl create mode 100644 deps/curl/.github/scripts/binarycheck.sums create mode 100644 deps/curl/.github/scripts/cleancmd.pl create mode 100644 deps/curl/.github/scripts/cmp-config.pl create mode 100644 deps/curl/.github/scripts/cmp-pkg-config.sh create mode 100644 deps/curl/.github/scripts/codespell-ignore.txt create mode 100644 deps/curl/.github/scripts/distfiles.sh create mode 100644 deps/curl/.github/scripts/shellcheck.sh create mode 100644 deps/curl/.github/scripts/spacecheck.pl create mode 100644 deps/curl/.github/scripts/spellcheck.curl create mode 100644 deps/curl/.github/scripts/spellcheck.words create mode 100644 deps/curl/.github/scripts/spellcheck.yaml create mode 100644 deps/curl/.github/scripts/trimmarkdownheader.pl create mode 100644 deps/curl/.github/scripts/verify-examples.pl create mode 100644 deps/curl/.github/scripts/verify-synopsis.pl create mode 100644 deps/curl/.github/scripts/yamlcheck.sh create mode 100644 deps/curl/.github/scripts/yamlcheck.yaml create mode 100644 deps/curl/.github/stale.yml create mode 100644 deps/curl/.github/workflows/appveyor-status.yml create mode 100644 deps/curl/.github/workflows/checkdocs.yml create mode 100644 deps/curl/.github/workflows/checksrc.yml create mode 100644 deps/curl/.github/workflows/configure-vs-cmake.yml create mode 100644 deps/curl/.github/workflows/curl-for-win.yml create mode 100644 deps/curl/.github/workflows/distcheck.yml create mode 100644 deps/curl/.github/workflows/fuzz.yml create mode 100644 deps/curl/.github/workflows/hacktoberfest-accepted.yml create mode 100644 deps/curl/.github/workflows/http3-linux.yml create mode 100644 deps/curl/.github/workflows/label.yml create mode 100644 deps/curl/.github/workflows/linux-old.yml create mode 100644 deps/curl/.github/workflows/linux.yml create mode 100644 deps/curl/.github/workflows/macos.yml create mode 100644 deps/curl/.github/workflows/non-native.yml create mode 100644 deps/curl/.github/workflows/windows.yml create mode 100644 deps/curl/CHANGES.md create mode 100644 deps/curl/CMakeLists.txt create mode 100644 deps/curl/GIT-INFO.md create mode 100644 deps/curl/LICENSES/BSD-3-Clause.txt create mode 100644 deps/curl/LICENSES/BSD-4-Clause-UC.txt create mode 100644 deps/curl/LICENSES/ISC.txt create mode 100644 deps/curl/LICENSES/curl.txt create mode 100644 deps/curl/README.md create mode 100644 deps/curl/SECURITY.md create mode 100644 deps/curl/docs/ALTSVC.md create mode 100644 deps/curl/docs/BINDINGS.md create mode 100644 deps/curl/docs/BUG-BOUNTY.md create mode 100644 deps/curl/docs/BUGS.md create mode 100644 deps/curl/docs/CIPHERS-TLS12.md create mode 100644 deps/curl/docs/CIPHERS.md create mode 100644 deps/curl/docs/CMakeLists.txt create mode 100644 deps/curl/docs/CODE_OF_CONDUCT.md create mode 100644 deps/curl/docs/CODE_REVIEW.md create mode 100644 deps/curl/docs/CONTRIBUTE.md create mode 100644 deps/curl/docs/CURL-DISABLE.md create mode 100644 deps/curl/docs/CURLDOWN.md create mode 100644 deps/curl/docs/DEPRECATE.md create mode 100644 deps/curl/docs/DISTROS.md create mode 100644 deps/curl/docs/EARLY-RELEASE.md create mode 100644 deps/curl/docs/ECH.md create mode 100644 deps/curl/docs/EXPERIMENTAL.md create mode 100644 deps/curl/docs/FEATURES.md create mode 100644 deps/curl/docs/GOVERNANCE.md create mode 100644 deps/curl/docs/HELP-US.md create mode 100644 deps/curl/docs/HISTORY.md create mode 100644 deps/curl/docs/HSTS.md create mode 100644 deps/curl/docs/HTTP-COOKIES.md create mode 100644 deps/curl/docs/HTTP3.md create mode 100644 deps/curl/docs/HTTPSRR.md create mode 100644 deps/curl/docs/INFRASTRUCTURE.md create mode 100644 deps/curl/docs/INSTALL create mode 100644 deps/curl/docs/INSTALL-CMAKE.md create mode 100644 deps/curl/docs/INSTALL.md create mode 100644 deps/curl/docs/INTERNALS.md create mode 100644 deps/curl/docs/IPFS.md create mode 100644 deps/curl/docs/MAIL-ETIQUETTE.md create mode 100644 deps/curl/docs/MANUAL.md create mode 100644 deps/curl/docs/README.md create mode 100644 deps/curl/docs/RELEASE-PROCEDURE.md create mode 100644 deps/curl/docs/ROADMAP.md create mode 100644 deps/curl/docs/RUSTLS.md create mode 100644 deps/curl/docs/SECURITY-ADVISORY.md create mode 100644 deps/curl/docs/SPONSORS.md create mode 100644 deps/curl/docs/SSL-PROBLEMS.md create mode 100644 deps/curl/docs/SSLCERTS.md create mode 100644 deps/curl/docs/TheArtOfHttpScripting.md create mode 100644 deps/curl/docs/URL-SYNTAX.md create mode 100644 deps/curl/docs/VERSIONS.md create mode 100644 deps/curl/docs/VULN-DISCLOSURE-POLICY.md create mode 100644 deps/curl/docs/cmdline-opts/CMakeLists.txt create mode 100644 deps/curl/docs/cmdline-opts/MANPAGE.md create mode 100644 deps/curl/docs/cmdline-opts/_AUTHORS.md create mode 100644 deps/curl/docs/cmdline-opts/_BUGS.md create mode 100644 deps/curl/docs/cmdline-opts/_DESCRIPTION.md create mode 100644 deps/curl/docs/cmdline-opts/_ENVIRONMENT.md create mode 100644 deps/curl/docs/cmdline-opts/_EXITCODES.md create mode 100644 deps/curl/docs/cmdline-opts/_FILES.md create mode 100644 deps/curl/docs/cmdline-opts/_GLOBBING.md create mode 100644 deps/curl/docs/cmdline-opts/_NAME.md create mode 100644 deps/curl/docs/cmdline-opts/_OPTIONS.md create mode 100644 deps/curl/docs/cmdline-opts/_OUTPUT.md create mode 100644 deps/curl/docs/cmdline-opts/_PROGRESS.md create mode 100644 deps/curl/docs/cmdline-opts/_PROTOCOLS.md create mode 100644 deps/curl/docs/cmdline-opts/_PROXYPREFIX.md create mode 100644 deps/curl/docs/cmdline-opts/_SEEALSO.md create mode 100644 deps/curl/docs/cmdline-opts/_SYNOPSIS.md create mode 100644 deps/curl/docs/cmdline-opts/_URL.md create mode 100644 deps/curl/docs/cmdline-opts/_VARIABLES.md create mode 100644 deps/curl/docs/cmdline-opts/_VERSION.md create mode 100644 deps/curl/docs/cmdline-opts/_WWW.md create mode 100644 deps/curl/docs/cmdline-opts/abstract-unix-socket.md create mode 100644 deps/curl/docs/cmdline-opts/alt-svc.md create mode 100644 deps/curl/docs/cmdline-opts/anyauth.md create mode 100644 deps/curl/docs/cmdline-opts/append.md create mode 100644 deps/curl/docs/cmdline-opts/aws-sigv4.md create mode 100644 deps/curl/docs/cmdline-opts/basic.md create mode 100644 deps/curl/docs/cmdline-opts/ca-native.md create mode 100644 deps/curl/docs/cmdline-opts/cacert.md create mode 100644 deps/curl/docs/cmdline-opts/capath.md create mode 100644 deps/curl/docs/cmdline-opts/cert-status.md create mode 100644 deps/curl/docs/cmdline-opts/cert-type.md create mode 100644 deps/curl/docs/cmdline-opts/cert.md create mode 100644 deps/curl/docs/cmdline-opts/ciphers.md create mode 100644 deps/curl/docs/cmdline-opts/compressed-ssh.md create mode 100644 deps/curl/docs/cmdline-opts/compressed.md create mode 100644 deps/curl/docs/cmdline-opts/config.md create mode 100644 deps/curl/docs/cmdline-opts/connect-timeout.md create mode 100644 deps/curl/docs/cmdline-opts/connect-to.md create mode 100644 deps/curl/docs/cmdline-opts/continue-at.md create mode 100644 deps/curl/docs/cmdline-opts/cookie-jar.md create mode 100644 deps/curl/docs/cmdline-opts/cookie.md create mode 100644 deps/curl/docs/cmdline-opts/create-dirs.md create mode 100644 deps/curl/docs/cmdline-opts/create-file-mode.md create mode 100644 deps/curl/docs/cmdline-opts/crlf.md create mode 100644 deps/curl/docs/cmdline-opts/crlfile.md create mode 100644 deps/curl/docs/cmdline-opts/curves.md create mode 100644 deps/curl/docs/cmdline-opts/data-ascii.md create mode 100644 deps/curl/docs/cmdline-opts/data-binary.md create mode 100644 deps/curl/docs/cmdline-opts/data-raw.md create mode 100644 deps/curl/docs/cmdline-opts/data-urlencode.md create mode 100644 deps/curl/docs/cmdline-opts/data.md create mode 100644 deps/curl/docs/cmdline-opts/delegation.md create mode 100644 deps/curl/docs/cmdline-opts/digest.md create mode 100644 deps/curl/docs/cmdline-opts/disable-eprt.md create mode 100644 deps/curl/docs/cmdline-opts/disable-epsv.md create mode 100644 deps/curl/docs/cmdline-opts/disable.md create mode 100644 deps/curl/docs/cmdline-opts/disallow-username-in-url.md create mode 100644 deps/curl/docs/cmdline-opts/dns-interface.md create mode 100644 deps/curl/docs/cmdline-opts/dns-ipv4-addr.md create mode 100644 deps/curl/docs/cmdline-opts/dns-ipv6-addr.md create mode 100644 deps/curl/docs/cmdline-opts/dns-servers.md create mode 100644 deps/curl/docs/cmdline-opts/doh-cert-status.md create mode 100644 deps/curl/docs/cmdline-opts/doh-insecure.md create mode 100644 deps/curl/docs/cmdline-opts/doh-url.md create mode 100644 deps/curl/docs/cmdline-opts/dump-ca-embed.md create mode 100644 deps/curl/docs/cmdline-opts/dump-header.md create mode 100644 deps/curl/docs/cmdline-opts/ech.md create mode 100644 deps/curl/docs/cmdline-opts/egd-file.md create mode 100644 deps/curl/docs/cmdline-opts/engine.md create mode 100644 deps/curl/docs/cmdline-opts/etag-compare.md create mode 100644 deps/curl/docs/cmdline-opts/etag-save.md create mode 100644 deps/curl/docs/cmdline-opts/expect100-timeout.md create mode 100644 deps/curl/docs/cmdline-opts/fail-early.md create mode 100644 deps/curl/docs/cmdline-opts/fail-with-body.md create mode 100644 deps/curl/docs/cmdline-opts/fail.md create mode 100644 deps/curl/docs/cmdline-opts/false-start.md create mode 100644 deps/curl/docs/cmdline-opts/form-escape.md create mode 100644 deps/curl/docs/cmdline-opts/form-string.md create mode 100644 deps/curl/docs/cmdline-opts/form.md create mode 100644 deps/curl/docs/cmdline-opts/ftp-account.md create mode 100644 deps/curl/docs/cmdline-opts/ftp-alternative-to-user.md create mode 100644 deps/curl/docs/cmdline-opts/ftp-create-dirs.md create mode 100644 deps/curl/docs/cmdline-opts/ftp-method.md create mode 100644 deps/curl/docs/cmdline-opts/ftp-pasv.md create mode 100644 deps/curl/docs/cmdline-opts/ftp-port.md create mode 100644 deps/curl/docs/cmdline-opts/ftp-pret.md create mode 100644 deps/curl/docs/cmdline-opts/ftp-skip-pasv-ip.md create mode 100644 deps/curl/docs/cmdline-opts/ftp-ssl-ccc-mode.md create mode 100644 deps/curl/docs/cmdline-opts/ftp-ssl-ccc.md create mode 100644 deps/curl/docs/cmdline-opts/ftp-ssl-control.md create mode 100644 deps/curl/docs/cmdline-opts/get.md create mode 100644 deps/curl/docs/cmdline-opts/globoff.md create mode 100644 deps/curl/docs/cmdline-opts/happy-eyeballs-timeout-ms.md create mode 100644 deps/curl/docs/cmdline-opts/haproxy-clientip.md create mode 100644 deps/curl/docs/cmdline-opts/haproxy-protocol.md create mode 100644 deps/curl/docs/cmdline-opts/head.md create mode 100644 deps/curl/docs/cmdline-opts/header.md create mode 100644 deps/curl/docs/cmdline-opts/help.md create mode 100644 deps/curl/docs/cmdline-opts/hostpubmd5.md create mode 100644 deps/curl/docs/cmdline-opts/hostpubsha256.md create mode 100644 deps/curl/docs/cmdline-opts/hsts.md create mode 100644 deps/curl/docs/cmdline-opts/http0.9.md create mode 100644 deps/curl/docs/cmdline-opts/http1.0.md create mode 100644 deps/curl/docs/cmdline-opts/http1.1.md create mode 100644 deps/curl/docs/cmdline-opts/http2-prior-knowledge.md create mode 100644 deps/curl/docs/cmdline-opts/http2.md create mode 100644 deps/curl/docs/cmdline-opts/http3-only.md create mode 100644 deps/curl/docs/cmdline-opts/http3.md create mode 100644 deps/curl/docs/cmdline-opts/ignore-content-length.md create mode 100644 deps/curl/docs/cmdline-opts/insecure.md create mode 100644 deps/curl/docs/cmdline-opts/interface.md create mode 100644 deps/curl/docs/cmdline-opts/ip-tos.md create mode 100644 deps/curl/docs/cmdline-opts/ipfs-gateway.md create mode 100644 deps/curl/docs/cmdline-opts/ipv4.md create mode 100644 deps/curl/docs/cmdline-opts/ipv6.md create mode 100644 deps/curl/docs/cmdline-opts/json.md create mode 100644 deps/curl/docs/cmdline-opts/junk-session-cookies.md create mode 100644 deps/curl/docs/cmdline-opts/keepalive-cnt.md create mode 100644 deps/curl/docs/cmdline-opts/keepalive-time.md create mode 100644 deps/curl/docs/cmdline-opts/key-type.md create mode 100644 deps/curl/docs/cmdline-opts/key.md create mode 100644 deps/curl/docs/cmdline-opts/krb.md create mode 100644 deps/curl/docs/cmdline-opts/libcurl.md create mode 100644 deps/curl/docs/cmdline-opts/limit-rate.md create mode 100644 deps/curl/docs/cmdline-opts/list-only.md create mode 100644 deps/curl/docs/cmdline-opts/local-port.md create mode 100644 deps/curl/docs/cmdline-opts/location-trusted.md create mode 100644 deps/curl/docs/cmdline-opts/location.md create mode 100644 deps/curl/docs/cmdline-opts/login-options.md create mode 100644 deps/curl/docs/cmdline-opts/mail-auth.md create mode 100644 deps/curl/docs/cmdline-opts/mail-from.md create mode 100644 deps/curl/docs/cmdline-opts/mail-rcpt-allowfails.md create mode 100644 deps/curl/docs/cmdline-opts/mail-rcpt.md create mode 100644 deps/curl/docs/cmdline-opts/manual.md create mode 100644 deps/curl/docs/cmdline-opts/max-filesize.md create mode 100644 deps/curl/docs/cmdline-opts/max-redirs.md create mode 100644 deps/curl/docs/cmdline-opts/max-time.md create mode 100644 deps/curl/docs/cmdline-opts/metalink.md create mode 100644 deps/curl/docs/cmdline-opts/mptcp.md create mode 100644 deps/curl/docs/cmdline-opts/negotiate.md create mode 100644 deps/curl/docs/cmdline-opts/netrc-file.md create mode 100644 deps/curl/docs/cmdline-opts/netrc-optional.md create mode 100644 deps/curl/docs/cmdline-opts/netrc.md create mode 100644 deps/curl/docs/cmdline-opts/next.md create mode 100644 deps/curl/docs/cmdline-opts/no-alpn.md create mode 100644 deps/curl/docs/cmdline-opts/no-buffer.md create mode 100644 deps/curl/docs/cmdline-opts/no-clobber.md create mode 100644 deps/curl/docs/cmdline-opts/no-keepalive.md create mode 100644 deps/curl/docs/cmdline-opts/no-npn.md create mode 100644 deps/curl/docs/cmdline-opts/no-progress-meter.md create mode 100644 deps/curl/docs/cmdline-opts/no-sessionid.md create mode 100644 deps/curl/docs/cmdline-opts/noproxy.md create mode 100644 deps/curl/docs/cmdline-opts/ntlm-wb.md create mode 100644 deps/curl/docs/cmdline-opts/ntlm.md create mode 100644 deps/curl/docs/cmdline-opts/oauth2-bearer.md create mode 100644 deps/curl/docs/cmdline-opts/output-dir.md create mode 100644 deps/curl/docs/cmdline-opts/output.md create mode 100644 deps/curl/docs/cmdline-opts/parallel-immediate.md create mode 100644 deps/curl/docs/cmdline-opts/parallel-max.md create mode 100644 deps/curl/docs/cmdline-opts/parallel.md create mode 100644 deps/curl/docs/cmdline-opts/pass.md create mode 100644 deps/curl/docs/cmdline-opts/path-as-is.md create mode 100644 deps/curl/docs/cmdline-opts/pinnedpubkey.md create mode 100644 deps/curl/docs/cmdline-opts/post301.md create mode 100644 deps/curl/docs/cmdline-opts/post302.md create mode 100644 deps/curl/docs/cmdline-opts/post303.md create mode 100644 deps/curl/docs/cmdline-opts/preproxy.md create mode 100644 deps/curl/docs/cmdline-opts/progress-bar.md create mode 100644 deps/curl/docs/cmdline-opts/proto-default.md create mode 100644 deps/curl/docs/cmdline-opts/proto-redir.md create mode 100644 deps/curl/docs/cmdline-opts/proto.md create mode 100644 deps/curl/docs/cmdline-opts/proxy-anyauth.md create mode 100644 deps/curl/docs/cmdline-opts/proxy-basic.md create mode 100644 deps/curl/docs/cmdline-opts/proxy-ca-native.md create mode 100644 deps/curl/docs/cmdline-opts/proxy-cacert.md create mode 100644 deps/curl/docs/cmdline-opts/proxy-capath.md create mode 100644 deps/curl/docs/cmdline-opts/proxy-cert-type.md create mode 100644 deps/curl/docs/cmdline-opts/proxy-cert.md create mode 100644 deps/curl/docs/cmdline-opts/proxy-ciphers.md create mode 100644 deps/curl/docs/cmdline-opts/proxy-crlfile.md create mode 100644 deps/curl/docs/cmdline-opts/proxy-digest.md create mode 100644 deps/curl/docs/cmdline-opts/proxy-header.md create mode 100644 deps/curl/docs/cmdline-opts/proxy-http2.md create mode 100644 deps/curl/docs/cmdline-opts/proxy-insecure.md create mode 100644 deps/curl/docs/cmdline-opts/proxy-key-type.md create mode 100644 deps/curl/docs/cmdline-opts/proxy-key.md create mode 100644 deps/curl/docs/cmdline-opts/proxy-negotiate.md create mode 100644 deps/curl/docs/cmdline-opts/proxy-ntlm.md create mode 100644 deps/curl/docs/cmdline-opts/proxy-pass.md create mode 100644 deps/curl/docs/cmdline-opts/proxy-pinnedpubkey.md create mode 100644 deps/curl/docs/cmdline-opts/proxy-service-name.md create mode 100644 deps/curl/docs/cmdline-opts/proxy-ssl-allow-beast.md create mode 100644 deps/curl/docs/cmdline-opts/proxy-ssl-auto-client-cert.md create mode 100644 deps/curl/docs/cmdline-opts/proxy-tls13-ciphers.md create mode 100644 deps/curl/docs/cmdline-opts/proxy-tlsauthtype.md create mode 100644 deps/curl/docs/cmdline-opts/proxy-tlspassword.md create mode 100644 deps/curl/docs/cmdline-opts/proxy-tlsuser.md create mode 100644 deps/curl/docs/cmdline-opts/proxy-tlsv1.md create mode 100644 deps/curl/docs/cmdline-opts/proxy-user.md create mode 100644 deps/curl/docs/cmdline-opts/proxy.md create mode 100644 deps/curl/docs/cmdline-opts/proxy1.0.md create mode 100644 deps/curl/docs/cmdline-opts/proxytunnel.md create mode 100644 deps/curl/docs/cmdline-opts/pubkey.md create mode 100644 deps/curl/docs/cmdline-opts/quote.md create mode 100644 deps/curl/docs/cmdline-opts/random-file.md create mode 100644 deps/curl/docs/cmdline-opts/range.md create mode 100644 deps/curl/docs/cmdline-opts/rate.md create mode 100644 deps/curl/docs/cmdline-opts/raw.md create mode 100644 deps/curl/docs/cmdline-opts/referer.md create mode 100644 deps/curl/docs/cmdline-opts/remote-header-name.md create mode 100644 deps/curl/docs/cmdline-opts/remote-name-all.md create mode 100644 deps/curl/docs/cmdline-opts/remote-name.md create mode 100644 deps/curl/docs/cmdline-opts/remote-time.md create mode 100644 deps/curl/docs/cmdline-opts/remove-on-error.md create mode 100644 deps/curl/docs/cmdline-opts/request-target.md create mode 100644 deps/curl/docs/cmdline-opts/request.md create mode 100644 deps/curl/docs/cmdline-opts/resolve.md create mode 100644 deps/curl/docs/cmdline-opts/retry-all-errors.md create mode 100644 deps/curl/docs/cmdline-opts/retry-connrefused.md create mode 100644 deps/curl/docs/cmdline-opts/retry-delay.md create mode 100644 deps/curl/docs/cmdline-opts/retry-max-time.md create mode 100644 deps/curl/docs/cmdline-opts/retry.md create mode 100644 deps/curl/docs/cmdline-opts/sasl-authzid.md create mode 100644 deps/curl/docs/cmdline-opts/sasl-ir.md create mode 100644 deps/curl/docs/cmdline-opts/service-name.md create mode 100644 deps/curl/docs/cmdline-opts/show-error.md create mode 100644 deps/curl/docs/cmdline-opts/show-headers.md create mode 100644 deps/curl/docs/cmdline-opts/silent.md create mode 100644 deps/curl/docs/cmdline-opts/skip-existing.md create mode 100644 deps/curl/docs/cmdline-opts/socks4.md create mode 100644 deps/curl/docs/cmdline-opts/socks4a.md create mode 100644 deps/curl/docs/cmdline-opts/socks5-basic.md create mode 100644 deps/curl/docs/cmdline-opts/socks5-gssapi-nec.md create mode 100644 deps/curl/docs/cmdline-opts/socks5-gssapi-service.md create mode 100644 deps/curl/docs/cmdline-opts/socks5-gssapi.md create mode 100644 deps/curl/docs/cmdline-opts/socks5-hostname.md create mode 100644 deps/curl/docs/cmdline-opts/socks5.md create mode 100644 deps/curl/docs/cmdline-opts/speed-limit.md create mode 100644 deps/curl/docs/cmdline-opts/speed-time.md create mode 100644 deps/curl/docs/cmdline-opts/ssl-allow-beast.md create mode 100644 deps/curl/docs/cmdline-opts/ssl-auto-client-cert.md create mode 100644 deps/curl/docs/cmdline-opts/ssl-no-revoke.md create mode 100644 deps/curl/docs/cmdline-opts/ssl-reqd.md create mode 100644 deps/curl/docs/cmdline-opts/ssl-revoke-best-effort.md create mode 100644 deps/curl/docs/cmdline-opts/ssl-sessions.md create mode 100644 deps/curl/docs/cmdline-opts/ssl.md create mode 100644 deps/curl/docs/cmdline-opts/sslv2.md create mode 100644 deps/curl/docs/cmdline-opts/sslv3.md create mode 100644 deps/curl/docs/cmdline-opts/stderr.md create mode 100644 deps/curl/docs/cmdline-opts/styled-output.md create mode 100644 deps/curl/docs/cmdline-opts/suppress-connect-headers.md create mode 100644 deps/curl/docs/cmdline-opts/tcp-fastopen.md create mode 100644 deps/curl/docs/cmdline-opts/tcp-nodelay.md create mode 100644 deps/curl/docs/cmdline-opts/telnet-option.md create mode 100644 deps/curl/docs/cmdline-opts/tftp-blksize.md create mode 100644 deps/curl/docs/cmdline-opts/tftp-no-options.md create mode 100644 deps/curl/docs/cmdline-opts/time-cond.md create mode 100644 deps/curl/docs/cmdline-opts/tls-earlydata.md create mode 100644 deps/curl/docs/cmdline-opts/tls-max.md create mode 100644 deps/curl/docs/cmdline-opts/tls13-ciphers.md create mode 100644 deps/curl/docs/cmdline-opts/tlsauthtype.md create mode 100644 deps/curl/docs/cmdline-opts/tlspassword.md create mode 100644 deps/curl/docs/cmdline-opts/tlsuser.md create mode 100644 deps/curl/docs/cmdline-opts/tlsv1.0.md create mode 100644 deps/curl/docs/cmdline-opts/tlsv1.1.md create mode 100644 deps/curl/docs/cmdline-opts/tlsv1.2.md create mode 100644 deps/curl/docs/cmdline-opts/tlsv1.3.md create mode 100644 deps/curl/docs/cmdline-opts/tlsv1.md create mode 100644 deps/curl/docs/cmdline-opts/tr-encoding.md create mode 100644 deps/curl/docs/cmdline-opts/trace-ascii.md create mode 100644 deps/curl/docs/cmdline-opts/trace-config.md create mode 100644 deps/curl/docs/cmdline-opts/trace-ids.md create mode 100644 deps/curl/docs/cmdline-opts/trace-time.md create mode 100644 deps/curl/docs/cmdline-opts/trace.md create mode 100644 deps/curl/docs/cmdline-opts/unix-socket.md create mode 100644 deps/curl/docs/cmdline-opts/upload-file.md create mode 100644 deps/curl/docs/cmdline-opts/upload-flags.md create mode 100644 deps/curl/docs/cmdline-opts/url-query.md create mode 100644 deps/curl/docs/cmdline-opts/url.md create mode 100644 deps/curl/docs/cmdline-opts/use-ascii.md create mode 100644 deps/curl/docs/cmdline-opts/user-agent.md create mode 100644 deps/curl/docs/cmdline-opts/user.md create mode 100644 deps/curl/docs/cmdline-opts/variable.md create mode 100644 deps/curl/docs/cmdline-opts/verbose.md create mode 100644 deps/curl/docs/cmdline-opts/version.md create mode 100644 deps/curl/docs/cmdline-opts/vlan-priority.md create mode 100644 deps/curl/docs/cmdline-opts/write-out.md create mode 100644 deps/curl/docs/cmdline-opts/xattr.md create mode 100644 deps/curl/docs/curl-config.md create mode 100644 deps/curl/docs/examples/CMakeLists.txt create mode 100644 deps/curl/docs/examples/README.md create mode 100644 deps/curl/docs/internals/BUFQ.md create mode 100644 deps/curl/docs/internals/BUFREF.md create mode 100644 deps/curl/docs/internals/CHECKSRC.md create mode 100644 deps/curl/docs/internals/CLIENT-READERS.md create mode 100644 deps/curl/docs/internals/CLIENT-WRITERS.md create mode 100644 deps/curl/docs/internals/CODE_STYLE.md create mode 100644 deps/curl/docs/internals/CONNECTION-FILTERS.md create mode 100644 deps/curl/docs/internals/DYNBUF.md create mode 100644 deps/curl/docs/internals/HASH.md create mode 100644 deps/curl/docs/internals/LLIST.md create mode 100644 deps/curl/docs/internals/MQTT.md create mode 100644 deps/curl/docs/internals/MULTI-EV.md create mode 100644 deps/curl/docs/internals/NEW-PROTOCOL.md create mode 100644 deps/curl/docs/internals/README.md create mode 100644 deps/curl/docs/internals/SPLAY.md create mode 100644 deps/curl/docs/internals/STRPARSE.md create mode 100644 deps/curl/docs/internals/TLS-SESSIONS.md create mode 100644 deps/curl/docs/internals/WEBSOCKET.md create mode 100644 deps/curl/docs/libcurl/ABI.md create mode 100644 deps/curl/docs/libcurl/CMakeLists.txt create mode 100644 deps/curl/docs/libcurl/curl_easy_cleanup.md create mode 100644 deps/curl/docs/libcurl/curl_easy_duphandle.md create mode 100644 deps/curl/docs/libcurl/curl_easy_escape.md create mode 100644 deps/curl/docs/libcurl/curl_easy_getinfo.md create mode 100644 deps/curl/docs/libcurl/curl_easy_header.md create mode 100644 deps/curl/docs/libcurl/curl_easy_init.md create mode 100644 deps/curl/docs/libcurl/curl_easy_nextheader.md create mode 100644 deps/curl/docs/libcurl/curl_easy_option_by_id.md create mode 100644 deps/curl/docs/libcurl/curl_easy_option_by_name.md create mode 100644 deps/curl/docs/libcurl/curl_easy_option_next.md create mode 100644 deps/curl/docs/libcurl/curl_easy_pause.md create mode 100644 deps/curl/docs/libcurl/curl_easy_perform.md create mode 100644 deps/curl/docs/libcurl/curl_easy_recv.md create mode 100644 deps/curl/docs/libcurl/curl_easy_reset.md create mode 100644 deps/curl/docs/libcurl/curl_easy_send.md create mode 100644 deps/curl/docs/libcurl/curl_easy_setopt.md create mode 100644 deps/curl/docs/libcurl/curl_easy_ssls_export.md create mode 100644 deps/curl/docs/libcurl/curl_easy_ssls_import.md create mode 100644 deps/curl/docs/libcurl/curl_easy_strerror.md create mode 100644 deps/curl/docs/libcurl/curl_easy_unescape.md create mode 100644 deps/curl/docs/libcurl/curl_easy_upkeep.md create mode 100644 deps/curl/docs/libcurl/curl_escape.md create mode 100644 deps/curl/docs/libcurl/curl_formadd.md create mode 100644 deps/curl/docs/libcurl/curl_formfree.md create mode 100644 deps/curl/docs/libcurl/curl_formget.md create mode 100644 deps/curl/docs/libcurl/curl_free.md create mode 100644 deps/curl/docs/libcurl/curl_getdate.md create mode 100644 deps/curl/docs/libcurl/curl_getenv.md create mode 100644 deps/curl/docs/libcurl/curl_global_cleanup.md create mode 100644 deps/curl/docs/libcurl/curl_global_init.md create mode 100644 deps/curl/docs/libcurl/curl_global_init_mem.md create mode 100644 deps/curl/docs/libcurl/curl_global_sslset.md create mode 100644 deps/curl/docs/libcurl/curl_global_trace.md create mode 100644 deps/curl/docs/libcurl/curl_mime_addpart.md create mode 100644 deps/curl/docs/libcurl/curl_mime_data.md create mode 100644 deps/curl/docs/libcurl/curl_mime_data_cb.md create mode 100644 deps/curl/docs/libcurl/curl_mime_encoder.md create mode 100644 deps/curl/docs/libcurl/curl_mime_filedata.md create mode 100644 deps/curl/docs/libcurl/curl_mime_filename.md create mode 100644 deps/curl/docs/libcurl/curl_mime_free.md create mode 100644 deps/curl/docs/libcurl/curl_mime_headers.md create mode 100644 deps/curl/docs/libcurl/curl_mime_init.md create mode 100644 deps/curl/docs/libcurl/curl_mime_name.md create mode 100644 deps/curl/docs/libcurl/curl_mime_subparts.md create mode 100644 deps/curl/docs/libcurl/curl_mime_type.md create mode 100644 deps/curl/docs/libcurl/curl_mprintf.md create mode 100644 deps/curl/docs/libcurl/curl_multi_add_handle.md create mode 100644 deps/curl/docs/libcurl/curl_multi_assign.md create mode 100644 deps/curl/docs/libcurl/curl_multi_cleanup.md create mode 100644 deps/curl/docs/libcurl/curl_multi_fdset.md create mode 100644 deps/curl/docs/libcurl/curl_multi_get_handles.md create mode 100644 deps/curl/docs/libcurl/curl_multi_info_read.md create mode 100644 deps/curl/docs/libcurl/curl_multi_init.md create mode 100644 deps/curl/docs/libcurl/curl_multi_perform.md create mode 100644 deps/curl/docs/libcurl/curl_multi_poll.md create mode 100644 deps/curl/docs/libcurl/curl_multi_remove_handle.md create mode 100644 deps/curl/docs/libcurl/curl_multi_setopt.md create mode 100644 deps/curl/docs/libcurl/curl_multi_socket.md create mode 100644 deps/curl/docs/libcurl/curl_multi_socket_action.md create mode 100644 deps/curl/docs/libcurl/curl_multi_socket_all.md create mode 100644 deps/curl/docs/libcurl/curl_multi_strerror.md create mode 100644 deps/curl/docs/libcurl/curl_multi_timeout.md create mode 100644 deps/curl/docs/libcurl/curl_multi_wait.md create mode 100644 deps/curl/docs/libcurl/curl_multi_waitfds.md create mode 100644 deps/curl/docs/libcurl/curl_multi_wakeup.md create mode 100644 deps/curl/docs/libcurl/curl_pushheader_byname.md create mode 100644 deps/curl/docs/libcurl/curl_pushheader_bynum.md create mode 100644 deps/curl/docs/libcurl/curl_share_cleanup.md create mode 100644 deps/curl/docs/libcurl/curl_share_init.md create mode 100644 deps/curl/docs/libcurl/curl_share_setopt.md create mode 100644 deps/curl/docs/libcurl/curl_share_strerror.md create mode 100644 deps/curl/docs/libcurl/curl_slist_append.md create mode 100644 deps/curl/docs/libcurl/curl_slist_free_all.md create mode 100644 deps/curl/docs/libcurl/curl_strequal.md create mode 100644 deps/curl/docs/libcurl/curl_strnequal.md create mode 100644 deps/curl/docs/libcurl/curl_unescape.md create mode 100644 deps/curl/docs/libcurl/curl_url.md create mode 100644 deps/curl/docs/libcurl/curl_url_cleanup.md create mode 100644 deps/curl/docs/libcurl/curl_url_dup.md create mode 100644 deps/curl/docs/libcurl/curl_url_get.md create mode 100644 deps/curl/docs/libcurl/curl_url_set.md create mode 100644 deps/curl/docs/libcurl/curl_url_strerror.md create mode 100644 deps/curl/docs/libcurl/curl_version.md create mode 100644 deps/curl/docs/libcurl/curl_version_info.md create mode 100644 deps/curl/docs/libcurl/curl_ws_meta.md create mode 100644 deps/curl/docs/libcurl/curl_ws_recv.md create mode 100644 deps/curl/docs/libcurl/curl_ws_send.md create mode 100644 deps/curl/docs/libcurl/libcurl-easy.md create mode 100644 deps/curl/docs/libcurl/libcurl-env-dbg.md create mode 100644 deps/curl/docs/libcurl/libcurl-env.md create mode 100644 deps/curl/docs/libcurl/libcurl-errors.md create mode 100644 deps/curl/docs/libcurl/libcurl-multi.md create mode 100644 deps/curl/docs/libcurl/libcurl-security.md create mode 100644 deps/curl/docs/libcurl/libcurl-share.md create mode 100644 deps/curl/docs/libcurl/libcurl-thread.md create mode 100644 deps/curl/docs/libcurl/libcurl-tutorial.md create mode 100644 deps/curl/docs/libcurl/libcurl-url.md create mode 100644 deps/curl/docs/libcurl/libcurl-ws.md create mode 100644 deps/curl/docs/libcurl/libcurl.md create mode 100644 deps/curl/docs/libcurl/opts/CMakeLists.txt create mode 100644 deps/curl/docs/libcurl/opts/CURLINFO_ACTIVESOCKET.md create mode 100644 deps/curl/docs/libcurl/opts/CURLINFO_APPCONNECT_TIME.md create mode 100644 deps/curl/docs/libcurl/opts/CURLINFO_APPCONNECT_TIME_T.md create mode 100644 deps/curl/docs/libcurl/opts/CURLINFO_CAINFO.md create mode 100644 deps/curl/docs/libcurl/opts/CURLINFO_CAPATH.md create mode 100644 deps/curl/docs/libcurl/opts/CURLINFO_CERTINFO.md create mode 100644 deps/curl/docs/libcurl/opts/CURLINFO_CONDITION_UNMET.md create mode 100644 deps/curl/docs/libcurl/opts/CURLINFO_CONNECT_TIME.md create mode 100644 deps/curl/docs/libcurl/opts/CURLINFO_CONNECT_TIME_T.md create mode 100644 deps/curl/docs/libcurl/opts/CURLINFO_CONN_ID.md create mode 100644 deps/curl/docs/libcurl/opts/CURLINFO_CONTENT_LENGTH_DOWNLOAD.md create mode 100644 deps/curl/docs/libcurl/opts/CURLINFO_CONTENT_LENGTH_DOWNLOAD_T.md create mode 100644 deps/curl/docs/libcurl/opts/CURLINFO_CONTENT_LENGTH_UPLOAD.md create mode 100644 deps/curl/docs/libcurl/opts/CURLINFO_CONTENT_LENGTH_UPLOAD_T.md create mode 100644 deps/curl/docs/libcurl/opts/CURLINFO_CONTENT_TYPE.md create mode 100644 deps/curl/docs/libcurl/opts/CURLINFO_COOKIELIST.md create mode 100644 deps/curl/docs/libcurl/opts/CURLINFO_EARLYDATA_SENT_T.md create mode 100644 deps/curl/docs/libcurl/opts/CURLINFO_EFFECTIVE_METHOD.md create mode 100644 deps/curl/docs/libcurl/opts/CURLINFO_EFFECTIVE_URL.md create mode 100644 deps/curl/docs/libcurl/opts/CURLINFO_FILETIME.md create mode 100644 deps/curl/docs/libcurl/opts/CURLINFO_FILETIME_T.md create mode 100644 deps/curl/docs/libcurl/opts/CURLINFO_FTP_ENTRY_PATH.md create mode 100644 deps/curl/docs/libcurl/opts/CURLINFO_HEADER_SIZE.md create mode 100644 deps/curl/docs/libcurl/opts/CURLINFO_HTTPAUTH_AVAIL.md create mode 100644 deps/curl/docs/libcurl/opts/CURLINFO_HTTPAUTH_USED.md create mode 100644 deps/curl/docs/libcurl/opts/CURLINFO_HTTP_CONNECTCODE.md create mode 100644 deps/curl/docs/libcurl/opts/CURLINFO_HTTP_VERSION.md create mode 100644 deps/curl/docs/libcurl/opts/CURLINFO_LASTSOCKET.md create mode 100644 deps/curl/docs/libcurl/opts/CURLINFO_LOCAL_IP.md create mode 100644 deps/curl/docs/libcurl/opts/CURLINFO_LOCAL_PORT.md create mode 100644 deps/curl/docs/libcurl/opts/CURLINFO_NAMELOOKUP_TIME.md create mode 100644 deps/curl/docs/libcurl/opts/CURLINFO_NAMELOOKUP_TIME_T.md create mode 100644 deps/curl/docs/libcurl/opts/CURLINFO_NUM_CONNECTS.md create mode 100644 deps/curl/docs/libcurl/opts/CURLINFO_OS_ERRNO.md create mode 100644 deps/curl/docs/libcurl/opts/CURLINFO_POSTTRANSFER_TIME_T.md create mode 100644 deps/curl/docs/libcurl/opts/CURLINFO_PRETRANSFER_TIME.md create mode 100644 deps/curl/docs/libcurl/opts/CURLINFO_PRETRANSFER_TIME_T.md create mode 100644 deps/curl/docs/libcurl/opts/CURLINFO_PRIMARY_IP.md create mode 100644 deps/curl/docs/libcurl/opts/CURLINFO_PRIMARY_PORT.md create mode 100644 deps/curl/docs/libcurl/opts/CURLINFO_PRIVATE.md create mode 100644 deps/curl/docs/libcurl/opts/CURLINFO_PROTOCOL.md create mode 100644 deps/curl/docs/libcurl/opts/CURLINFO_PROXYAUTH_AVAIL.md create mode 100644 deps/curl/docs/libcurl/opts/CURLINFO_PROXYAUTH_USED.md create mode 100644 deps/curl/docs/libcurl/opts/CURLINFO_PROXY_ERROR.md create mode 100644 deps/curl/docs/libcurl/opts/CURLINFO_PROXY_SSL_VERIFYRESULT.md create mode 100644 deps/curl/docs/libcurl/opts/CURLINFO_QUEUE_TIME_T.md create mode 100644 deps/curl/docs/libcurl/opts/CURLINFO_REDIRECT_COUNT.md create mode 100644 deps/curl/docs/libcurl/opts/CURLINFO_REDIRECT_TIME.md create mode 100644 deps/curl/docs/libcurl/opts/CURLINFO_REDIRECT_TIME_T.md create mode 100644 deps/curl/docs/libcurl/opts/CURLINFO_REDIRECT_URL.md create mode 100644 deps/curl/docs/libcurl/opts/CURLINFO_REFERER.md create mode 100644 deps/curl/docs/libcurl/opts/CURLINFO_REQUEST_SIZE.md create mode 100644 deps/curl/docs/libcurl/opts/CURLINFO_RESPONSE_CODE.md create mode 100644 deps/curl/docs/libcurl/opts/CURLINFO_RETRY_AFTER.md create mode 100644 deps/curl/docs/libcurl/opts/CURLINFO_RTSP_CLIENT_CSEQ.md create mode 100644 deps/curl/docs/libcurl/opts/CURLINFO_RTSP_CSEQ_RECV.md create mode 100644 deps/curl/docs/libcurl/opts/CURLINFO_RTSP_SERVER_CSEQ.md create mode 100644 deps/curl/docs/libcurl/opts/CURLINFO_RTSP_SESSION_ID.md create mode 100644 deps/curl/docs/libcurl/opts/CURLINFO_SCHEME.md create mode 100644 deps/curl/docs/libcurl/opts/CURLINFO_SIZE_DOWNLOAD.md create mode 100644 deps/curl/docs/libcurl/opts/CURLINFO_SIZE_DOWNLOAD_T.md create mode 100644 deps/curl/docs/libcurl/opts/CURLINFO_SIZE_UPLOAD.md create mode 100644 deps/curl/docs/libcurl/opts/CURLINFO_SIZE_UPLOAD_T.md create mode 100644 deps/curl/docs/libcurl/opts/CURLINFO_SPEED_DOWNLOAD.md create mode 100644 deps/curl/docs/libcurl/opts/CURLINFO_SPEED_DOWNLOAD_T.md create mode 100644 deps/curl/docs/libcurl/opts/CURLINFO_SPEED_UPLOAD.md create mode 100644 deps/curl/docs/libcurl/opts/CURLINFO_SPEED_UPLOAD_T.md create mode 100644 deps/curl/docs/libcurl/opts/CURLINFO_SSL_ENGINES.md create mode 100644 deps/curl/docs/libcurl/opts/CURLINFO_SSL_VERIFYRESULT.md create mode 100644 deps/curl/docs/libcurl/opts/CURLINFO_STARTTRANSFER_TIME.md create mode 100644 deps/curl/docs/libcurl/opts/CURLINFO_STARTTRANSFER_TIME_T.md create mode 100644 deps/curl/docs/libcurl/opts/CURLINFO_TLS_SESSION.md create mode 100644 deps/curl/docs/libcurl/opts/CURLINFO_TLS_SSL_PTR.md create mode 100644 deps/curl/docs/libcurl/opts/CURLINFO_TOTAL_TIME.md create mode 100644 deps/curl/docs/libcurl/opts/CURLINFO_TOTAL_TIME_T.md create mode 100644 deps/curl/docs/libcurl/opts/CURLINFO_USED_PROXY.md create mode 100644 deps/curl/docs/libcurl/opts/CURLINFO_XFER_ID.md create mode 100644 deps/curl/docs/libcurl/opts/CURLMOPT_CHUNK_LENGTH_PENALTY_SIZE.md create mode 100644 deps/curl/docs/libcurl/opts/CURLMOPT_CONTENT_LENGTH_PENALTY_SIZE.md create mode 100644 deps/curl/docs/libcurl/opts/CURLMOPT_MAXCONNECTS.md create mode 100644 deps/curl/docs/libcurl/opts/CURLMOPT_MAX_CONCURRENT_STREAMS.md create mode 100644 deps/curl/docs/libcurl/opts/CURLMOPT_MAX_HOST_CONNECTIONS.md create mode 100644 deps/curl/docs/libcurl/opts/CURLMOPT_MAX_PIPELINE_LENGTH.md create mode 100644 deps/curl/docs/libcurl/opts/CURLMOPT_MAX_TOTAL_CONNECTIONS.md create mode 100644 deps/curl/docs/libcurl/opts/CURLMOPT_PIPELINING.md create mode 100644 deps/curl/docs/libcurl/opts/CURLMOPT_PIPELINING_SERVER_BL.md create mode 100644 deps/curl/docs/libcurl/opts/CURLMOPT_PIPELINING_SITE_BL.md create mode 100644 deps/curl/docs/libcurl/opts/CURLMOPT_PUSHDATA.md create mode 100644 deps/curl/docs/libcurl/opts/CURLMOPT_PUSHFUNCTION.md create mode 100644 deps/curl/docs/libcurl/opts/CURLMOPT_SOCKETDATA.md create mode 100644 deps/curl/docs/libcurl/opts/CURLMOPT_SOCKETFUNCTION.md create mode 100644 deps/curl/docs/libcurl/opts/CURLMOPT_TIMERDATA.md create mode 100644 deps/curl/docs/libcurl/opts/CURLMOPT_TIMERFUNCTION.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_ABSTRACT_UNIX_SOCKET.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_ACCEPTTIMEOUT_MS.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_ACCEPT_ENCODING.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_ADDRESS_SCOPE.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_ALTSVC.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_ALTSVC_CTRL.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_APPEND.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_AUTOREFERER.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_AWS_SIGV4.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_BUFFERSIZE.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_CAINFO.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_CAINFO_BLOB.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_CAPATH.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_CA_CACHE_TIMEOUT.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_CERTINFO.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_CHUNK_BGN_FUNCTION.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_CHUNK_DATA.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_CHUNK_END_FUNCTION.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_CLOSESOCKETDATA.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_CLOSESOCKETFUNCTION.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_CONNECTTIMEOUT.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_CONNECTTIMEOUT_MS.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_CONNECT_ONLY.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_CONNECT_TO.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_CONV_FROM_NETWORK_FUNCTION.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_CONV_FROM_UTF8_FUNCTION.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_CONV_TO_NETWORK_FUNCTION.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_COOKIE.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_COOKIEFILE.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_COOKIEJAR.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_COOKIELIST.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_COOKIESESSION.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_COPYPOSTFIELDS.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_CRLF.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_CRLFILE.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_CURLU.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_CUSTOMREQUEST.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_DEBUGDATA.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_DEBUGFUNCTION.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_DEFAULT_PROTOCOL.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_DIRLISTONLY.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_DISALLOW_USERNAME_IN_URL.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_DNS_CACHE_TIMEOUT.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_DNS_INTERFACE.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_DNS_LOCAL_IP4.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_DNS_LOCAL_IP6.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_DNS_SERVERS.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_DNS_SHUFFLE_ADDRESSES.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_DNS_USE_GLOBAL_CACHE.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_DOH_SSL_VERIFYHOST.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_DOH_SSL_VERIFYPEER.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_DOH_SSL_VERIFYSTATUS.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_DOH_URL.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_ECH.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_EGDSOCKET.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_ERRORBUFFER.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_EXPECT_100_TIMEOUT_MS.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_FAILONERROR.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_FILETIME.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_FNMATCH_DATA.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_FNMATCH_FUNCTION.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_FOLLOWLOCATION.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_FORBID_REUSE.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_FRESH_CONNECT.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_FTPPORT.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_FTPSSLAUTH.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_FTP_ACCOUNT.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_FTP_ALTERNATIVE_TO_USER.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_FTP_CREATE_MISSING_DIRS.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_FTP_FILEMETHOD.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_FTP_SKIP_PASV_IP.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_FTP_SSL_CCC.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_FTP_USE_EPRT.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_FTP_USE_EPSV.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_FTP_USE_PRET.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_GSSAPI_DELEGATION.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_HAPPY_EYEBALLS_TIMEOUT_MS.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_HAPROXYPROTOCOL.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_HAPROXY_CLIENT_IP.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_HEADER.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_HEADERDATA.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_HEADERFUNCTION.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_HEADEROPT.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_HSTS.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_HSTSREADDATA.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_HSTSREADFUNCTION.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_HSTSWRITEDATA.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_HSTSWRITEFUNCTION.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_HSTS_CTRL.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_HTTP09_ALLOWED.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_HTTP200ALIASES.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_HTTPAUTH.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_HTTPGET.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_HTTPHEADER.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_HTTPPOST.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_HTTPPROXYTUNNEL.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_HTTP_CONTENT_DECODING.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_HTTP_TRANSFER_DECODING.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_HTTP_VERSION.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_IGNORE_CONTENT_LENGTH.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_INFILESIZE.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_INFILESIZE_LARGE.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_INTERFACE.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_INTERLEAVEDATA.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_INTERLEAVEFUNCTION.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_IOCTLDATA.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_IOCTLFUNCTION.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_IPRESOLVE.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_ISSUERCERT.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_ISSUERCERT_BLOB.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_KEEP_SENDING_ON_ERROR.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_KEYPASSWD.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_KRBLEVEL.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_LOCALPORT.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_LOCALPORTRANGE.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_LOGIN_OPTIONS.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_LOW_SPEED_LIMIT.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_LOW_SPEED_TIME.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_MAIL_AUTH.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_MAIL_FROM.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_MAIL_RCPT.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_MAIL_RCPT_ALLOWFAILS.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_MAXAGE_CONN.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_MAXCONNECTS.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_MAXFILESIZE.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_MAXFILESIZE_LARGE.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_MAXLIFETIME_CONN.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_MAXREDIRS.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_MAX_RECV_SPEED_LARGE.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_MAX_SEND_SPEED_LARGE.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_MIMEPOST.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_MIME_OPTIONS.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_NETRC.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_NETRC_FILE.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_NEW_DIRECTORY_PERMS.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_NEW_FILE_PERMS.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_NOBODY.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_NOPROGRESS.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_NOPROXY.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_NOSIGNAL.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_OPENSOCKETDATA.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_OPENSOCKETFUNCTION.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_PASSWORD.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_PATH_AS_IS.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_PINNEDPUBLICKEY.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_PIPEWAIT.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_PORT.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_POST.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_POSTFIELDS.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_POSTFIELDSIZE.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_POSTFIELDSIZE_LARGE.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_POSTQUOTE.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_POSTREDIR.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_PREQUOTE.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_PREREQDATA.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_PREREQFUNCTION.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_PRE_PROXY.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_PRIVATE.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_PROGRESSDATA.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_PROGRESSFUNCTION.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_PROTOCOLS.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_PROTOCOLS_STR.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_PROXY.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_PROXYAUTH.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_PROXYHEADER.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_PROXYPASSWORD.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_PROXYPORT.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_PROXYTYPE.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_PROXYUSERNAME.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_PROXYUSERPWD.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_PROXY_CAINFO.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_PROXY_CAINFO_BLOB.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_PROXY_CAPATH.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_PROXY_CRLFILE.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_PROXY_ISSUERCERT.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_PROXY_ISSUERCERT_BLOB.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_PROXY_KEYPASSWD.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_PROXY_PINNEDPUBLICKEY.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_PROXY_SERVICE_NAME.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_PROXY_SSLCERT.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_PROXY_SSLCERTTYPE.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_PROXY_SSLCERT_BLOB.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_PROXY_SSLKEY.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_PROXY_SSLKEYTYPE.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_PROXY_SSLKEY_BLOB.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_PROXY_SSLVERSION.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_PROXY_SSL_CIPHER_LIST.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_PROXY_SSL_OPTIONS.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_PROXY_SSL_VERIFYHOST.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_PROXY_SSL_VERIFYPEER.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_PROXY_TLS13_CIPHERS.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_PROXY_TLSAUTH_PASSWORD.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_PROXY_TLSAUTH_TYPE.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_PROXY_TLSAUTH_USERNAME.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_PROXY_TRANSFER_MODE.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_PUT.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_QUICK_EXIT.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_QUOTE.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_RANDOM_FILE.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_RANGE.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_READDATA.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_READFUNCTION.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_REDIR_PROTOCOLS.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_REDIR_PROTOCOLS_STR.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_REFERER.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_REQUEST_TARGET.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_RESOLVE.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_RESOLVER_START_DATA.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_RESOLVER_START_FUNCTION.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_RESUME_FROM.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_RESUME_FROM_LARGE.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_RTSP_CLIENT_CSEQ.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_RTSP_REQUEST.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_RTSP_SERVER_CSEQ.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_RTSP_SESSION_ID.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_RTSP_STREAM_URI.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_RTSP_TRANSPORT.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_SASL_AUTHZID.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_SASL_IR.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_SEEKDATA.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_SEEKFUNCTION.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_SERVER_RESPONSE_TIMEOUT.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_SERVER_RESPONSE_TIMEOUT_MS.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_SERVICE_NAME.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_SHARE.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_SOCKOPTDATA.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_SOCKOPTFUNCTION.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_SOCKS5_AUTH.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_SOCKS5_GSSAPI_NEC.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_SOCKS5_GSSAPI_SERVICE.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_SSH_AUTH_TYPES.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_SSH_COMPRESSION.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_SSH_HOSTKEYDATA.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_SSH_HOSTKEYFUNCTION.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_SSH_HOST_PUBLIC_KEY_MD5.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_SSH_HOST_PUBLIC_KEY_SHA256.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_SSH_KEYDATA.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_SSH_KEYFUNCTION.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_SSH_KNOWNHOSTS.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_SSH_PRIVATE_KEYFILE.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_SSH_PUBLIC_KEYFILE.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_SSLCERT.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_SSLCERTTYPE.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_SSLCERT_BLOB.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_SSLENGINE.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_SSLENGINE_DEFAULT.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_SSLKEY.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_SSLKEYTYPE.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_SSLKEY_BLOB.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_SSLVERSION.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_SSL_CIPHER_LIST.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_SSL_CTX_DATA.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_SSL_CTX_FUNCTION.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_SSL_EC_CURVES.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_SSL_ENABLE_ALPN.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_SSL_ENABLE_NPN.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_SSL_FALSESTART.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_SSL_OPTIONS.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_SSL_SESSIONID_CACHE.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_SSL_VERIFYHOST.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_SSL_VERIFYPEER.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_SSL_VERIFYSTATUS.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_STDERR.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_STREAM_DEPENDS.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_STREAM_DEPENDS_E.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_STREAM_WEIGHT.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_SUPPRESS_CONNECT_HEADERS.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_TCP_FASTOPEN.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_TCP_KEEPALIVE.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_TCP_KEEPCNT.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_TCP_KEEPIDLE.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_TCP_KEEPINTVL.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_TCP_NODELAY.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_TELNETOPTIONS.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_TFTP_BLKSIZE.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_TFTP_NO_OPTIONS.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_TIMECONDITION.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_TIMEOUT.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_TIMEOUT_MS.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_TIMEVALUE.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_TIMEVALUE_LARGE.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_TLS13_CIPHERS.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_TLSAUTH_PASSWORD.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_TLSAUTH_TYPE.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_TLSAUTH_USERNAME.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_TRAILERDATA.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_TRAILERFUNCTION.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_TRANSFERTEXT.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_TRANSFER_ENCODING.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_UNIX_SOCKET_PATH.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_UNRESTRICTED_AUTH.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_UPKEEP_INTERVAL_MS.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_UPLOAD.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_UPLOAD_BUFFERSIZE.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_UPLOAD_FLAGS.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_URL.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_USERAGENT.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_USERNAME.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_USERPWD.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_USE_SSL.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_VERBOSE.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_WILDCARDMATCH.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_WRITEDATA.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_WRITEFUNCTION.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_WS_OPTIONS.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_XFERINFODATA.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_XFERINFOFUNCTION.md create mode 100644 deps/curl/docs/libcurl/opts/CURLOPT_XOAUTH2_BEARER.md create mode 100644 deps/curl/docs/libcurl/opts/CURLSHOPT_LOCKFUNC.md create mode 100644 deps/curl/docs/libcurl/opts/CURLSHOPT_SHARE.md create mode 100644 deps/curl/docs/libcurl/opts/CURLSHOPT_UNLOCKFUNC.md create mode 100644 deps/curl/docs/libcurl/opts/CURLSHOPT_UNSHARE.md create mode 100644 deps/curl/docs/libcurl/opts/CURLSHOPT_USERDATA.md create mode 100644 deps/curl/docs/mk-ca-bundle.md create mode 100644 deps/curl/include/README.md create mode 100644 deps/curl/lib/CMakeLists.txt create mode 100644 deps/curl/packages/README.md create mode 100644 deps/curl/packages/vms/curl_gnv_build_steps.txt create mode 100644 deps/curl/packages/vms/curl_release_note_start.txt create mode 100644 deps/curl/packages/vms/pcsi_gnv_curl_file_list.txt create mode 100644 deps/curl/projects/README.md create mode 100644 deps/curl/src/CMakeLists.txt create mode 100644 deps/curl/tests/CI.md create mode 100644 deps/curl/tests/CMakeLists.txt create mode 100644 deps/curl/tests/FILEFORMAT.md create mode 100644 deps/curl/tests/README.md create mode 100644 deps/curl/tests/certs/CMakeLists.txt create mode 100644 deps/curl/tests/cmake/CMakeLists.txt create mode 100644 deps/curl/tests/http/CMakeLists.txt create mode 100644 deps/curl/tests/http/README.md create mode 100644 deps/curl/tests/http/clients/CMakeLists.txt create mode 100644 deps/curl/tests/http/requirements.txt create mode 100644 deps/curl/tests/libtest/CMakeLists.txt create mode 100644 deps/curl/tests/requirements.txt create mode 100644 deps/curl/tests/runtests.md create mode 100644 deps/curl/tests/server/CMakeLists.txt create mode 100644 deps/curl/tests/testcurl.md create mode 100644 deps/curl/tests/unit/CMakeLists.txt create mode 100644 deps/curl/tests/unit/README.md create mode 100644 deps/curl/winbuild/README.md create mode 100644 deps/discord-rpc/CMakeLists.txt create mode 100644 deps/discord-rpc/README.md create mode 100644 deps/discord-rpc/documentation/hard-mode.md create mode 100644 deps/discord-rpc/examples/button-clicker/ProjectSettings/ProjectVersion.txt create mode 100644 deps/discord-rpc/examples/send-presence/CMakeLists.txt create mode 100644 deps/discord-rpc/src/CMakeLists.txt create mode 100644 deps/imgui/.github/FUNDING.yml create mode 100644 deps/imgui/.github/issue_template.md create mode 100644 deps/imgui/.github/pull_request_template.md create mode 100644 deps/imgui/.github/workflows/build.yml create mode 100644 deps/imgui/.github/workflows/scheduled.yml create mode 100644 deps/imgui/.github/workflows/static-analysis.yml create mode 100644 deps/imgui/LICENSE.txt create mode 100644 deps/imgui/docs/BACKENDS.md create mode 100644 deps/imgui/docs/CHANGELOG.txt create mode 100644 deps/imgui/docs/EXAMPLES.md create mode 100644 deps/imgui/docs/FAQ.md create mode 100644 deps/imgui/docs/FONTS.md create mode 100644 deps/imgui/docs/README.md create mode 100644 deps/imgui/docs/TODO.txt create mode 100644 deps/imgui/examples/README.txt create mode 100644 deps/imgui/examples/example_allegro5/README.md create mode 100644 deps/imgui/examples/example_android_opengl3/CMakeLists.txt create mode 100644 deps/imgui/examples/example_apple_metal/README.md create mode 100644 deps/imgui/examples/example_emscripten_opengl3/README.md create mode 100644 deps/imgui/examples/example_emscripten_wgpu/README.md create mode 100644 deps/imgui/examples/example_emscripten_wgpu/web/index.html create mode 100644 deps/imgui/examples/example_glfw_vulkan/CMakeLists.txt create mode 100644 deps/imgui/examples/example_sdl_opengl2/README.md create mode 100644 deps/imgui/examples/example_sdl_opengl3/README.md create mode 100644 deps/imgui/examples/example_sdl_sdlrenderer/README.md create mode 100644 deps/imgui/examples/libs/glfw/COPYING.txt create mode 100644 deps/imgui/examples/libs/usynergy/README.txt create mode 100644 deps/imgui/misc/README.txt create mode 100644 deps/imgui/misc/cpp/README.txt create mode 100644 deps/imgui/misc/debuggers/README.txt create mode 100644 deps/imgui/misc/freetype/README.md create mode 100644 deps/libtomcrypt/.github/ISSUE_TEMPLATE.md create mode 100644 deps/libtomcrypt/.github/PULL_REQUEST_TEMPLATE.md create mode 100644 deps/libtomcrypt/.github/workflows/main.yml create mode 100644 deps/libtomcrypt/CMakeLists.txt create mode 100644 deps/libtomcrypt/README.md create mode 100644 deps/libtomcrypt/demos/CMakeLists.txt create mode 100644 deps/libtomcrypt/notes/base64_tv.txt create mode 100644 deps/libtomcrypt/notes/ccm_tv.txt create mode 100644 deps/libtomcrypt/notes/cipher_tv.txt create mode 100644 deps/libtomcrypt/notes/eax_tv.txt create mode 100644 deps/libtomcrypt/notes/ecc_tv.txt create mode 100644 deps/libtomcrypt/notes/gcm_tv.txt create mode 100644 deps/libtomcrypt/notes/hash_tv.txt create mode 100644 deps/libtomcrypt/notes/hashsum_tv.txt create mode 100644 deps/libtomcrypt/notes/hmac_tv.txt create mode 100644 deps/libtomcrypt/notes/lrw_tv.txt create mode 100644 deps/libtomcrypt/notes/ocb3_tv.txt create mode 100644 deps/libtomcrypt/notes/ocb_tv.txt create mode 100644 deps/libtomcrypt/notes/omac_tv.txt create mode 100644 deps/libtomcrypt/notes/pmac_tv.txt create mode 100644 deps/libtomcrypt/notes/rsa-testvectors/oaep-int.txt create mode 100644 deps/libtomcrypt/notes/rsa-testvectors/oaep-vect.txt create mode 100644 deps/libtomcrypt/notes/rsa-testvectors/pkcs1v15crypt-vectors.txt create mode 100644 deps/libtomcrypt/notes/rsa-testvectors/pkcs1v15sign-vectors.txt create mode 100644 deps/libtomcrypt/notes/rsa-testvectors/pss-int.txt create mode 100644 deps/libtomcrypt/notes/rsa-testvectors/pss-vect.txt create mode 100644 deps/libtomcrypt/notes/rsa-testvectors/readme.txt create mode 100644 deps/libtomcrypt/notes/tech0001.txt create mode 100644 deps/libtomcrypt/notes/tech0002.txt create mode 100644 deps/libtomcrypt/notes/tech0003.txt create mode 100644 deps/libtomcrypt/notes/tech0004.txt create mode 100644 deps/libtomcrypt/notes/tech0005.txt create mode 100644 deps/libtomcrypt/notes/tech0006.txt create mode 100644 deps/libtomcrypt/notes/tech0007.txt create mode 100644 deps/libtomcrypt/src/misc/crypt/crypt.c create mode 100644 deps/libtomcrypt/src/misc/crypt/crypt_argchk.c create mode 100644 deps/libtomcrypt/src/misc/crypt/crypt_cipher_descriptor.c create mode 100644 deps/libtomcrypt/src/misc/crypt/crypt_cipher_is_valid.c create mode 100644 deps/libtomcrypt/src/misc/crypt/crypt_constants.c create mode 100644 deps/libtomcrypt/src/misc/crypt/crypt_find_cipher.c create mode 100644 deps/libtomcrypt/src/misc/crypt/crypt_find_cipher_any.c create mode 100644 deps/libtomcrypt/src/misc/crypt/crypt_find_cipher_id.c create mode 100644 deps/libtomcrypt/src/misc/crypt/crypt_find_hash.c create mode 100644 deps/libtomcrypt/src/misc/crypt/crypt_find_hash_any.c create mode 100644 deps/libtomcrypt/src/misc/crypt/crypt_find_hash_id.c create mode 100644 deps/libtomcrypt/src/misc/crypt/crypt_find_hash_oid.c create mode 100644 deps/libtomcrypt/src/misc/crypt/crypt_find_prng.c create mode 100644 deps/libtomcrypt/src/misc/crypt/crypt_fsa.c create mode 100644 deps/libtomcrypt/src/misc/crypt/crypt_hash_descriptor.c create mode 100644 deps/libtomcrypt/src/misc/crypt/crypt_hash_is_valid.c create mode 100644 deps/libtomcrypt/src/misc/crypt/crypt_inits.c create mode 100644 deps/libtomcrypt/src/misc/crypt/crypt_ltc_mp_descriptor.c create mode 100644 deps/libtomcrypt/src/misc/crypt/crypt_prng_descriptor.c create mode 100644 deps/libtomcrypt/src/misc/crypt/crypt_prng_is_valid.c create mode 100644 deps/libtomcrypt/src/misc/crypt/crypt_prng_rng_descriptor.c create mode 100644 deps/libtomcrypt/src/misc/crypt/crypt_register_all_ciphers.c create mode 100644 deps/libtomcrypt/src/misc/crypt/crypt_register_all_hashes.c create mode 100644 deps/libtomcrypt/src/misc/crypt/crypt_register_all_prngs.c create mode 100644 deps/libtomcrypt/src/misc/crypt/crypt_register_cipher.c create mode 100644 deps/libtomcrypt/src/misc/crypt/crypt_register_hash.c create mode 100644 deps/libtomcrypt/src/misc/crypt/crypt_register_prng.c create mode 100644 deps/libtomcrypt/src/misc/crypt/crypt_sizes.c create mode 100644 deps/libtomcrypt/src/misc/crypt/crypt_unregister_cipher.c create mode 100644 deps/libtomcrypt/src/misc/crypt/crypt_unregister_hash.c create mode 100644 deps/libtomcrypt/src/misc/crypt/crypt_unregister_prng.c create mode 100644 deps/libtomcrypt/tests/CMakeLists.txt create mode 100644 deps/libtomcrypt/tests/rsa-pkcs8/README.txt create mode 100644 deps/libtommath/.github/workflows/deploy.yml create mode 100644 deps/libtommath/.github/workflows/main.yml create mode 100644 deps/libtommath/CMakeLists.txt create mode 100644 deps/libtommath/README.md create mode 100644 deps/libtommath/changes.txt create mode 100644 deps/libtommath/demo/CMakeLists.txt create mode 100644 deps/libtommath/etc/2kprime.1 create mode 100644 deps/libtommath/mtest/logtab.h create mode 100644 deps/libtommath/mtest/mpi-config.h create mode 100644 deps/libtommath/mtest/mpi-types.h create mode 100644 deps/libtommath/mtest/mpi.c create mode 100644 deps/libtommath/mtest/mpi.h create mode 100644 deps/libtommath/mtest/mtest.c create mode 100644 deps/lua/README.md create mode 100644 deps/minhook/AUTHORS.txt create mode 100644 deps/minhook/CMakeLists.txt create mode 100644 deps/minhook/LICENSE.txt create mode 100644 deps/minhook/README.md create mode 100644 deps/rapidjson/CHANGELOG.md create mode 100644 deps/rapidjson/CMakeLists.txt create mode 100644 deps/rapidjson/bin/data/abcde.txt create mode 100644 deps/rapidjson/bin/data/readme.txt create mode 100644 deps/rapidjson/bin/draft-04/schema create mode 100644 deps/rapidjson/bin/jsonchecker/readme.txt create mode 100644 deps/rapidjson/bin/jsonschema/.gitignore create mode 100644 deps/rapidjson/bin/jsonschema/.travis.yml create mode 100644 deps/rapidjson/bin/jsonschema/LICENSE create mode 100644 deps/rapidjson/bin/jsonschema/README.md create mode 100644 deps/rapidjson/bin/jsonschema/bin/jsonschema_suite create mode 100644 deps/rapidjson/bin/jsonschema/remotes/folder/folderInteger.json create mode 100644 deps/rapidjson/bin/jsonschema/remotes/integer.json create mode 100644 deps/rapidjson/bin/jsonschema/remotes/subSchemas.json create mode 100644 deps/rapidjson/bin/jsonschema/tests/draft3/additionalItems.json create mode 100644 deps/rapidjson/bin/jsonschema/tests/draft3/additionalProperties.json create mode 100644 deps/rapidjson/bin/jsonschema/tests/draft3/default.json create mode 100644 deps/rapidjson/bin/jsonschema/tests/draft3/dependencies.json create mode 100644 deps/rapidjson/bin/jsonschema/tests/draft3/disallow.json create mode 100644 deps/rapidjson/bin/jsonschema/tests/draft3/divisibleBy.json create mode 100644 deps/rapidjson/bin/jsonschema/tests/draft3/enum.json create mode 100644 deps/rapidjson/bin/jsonschema/tests/draft3/extends.json create mode 100644 deps/rapidjson/bin/jsonschema/tests/draft3/items.json create mode 100644 deps/rapidjson/bin/jsonschema/tests/draft3/maxItems.json create mode 100644 deps/rapidjson/bin/jsonschema/tests/draft3/maxLength.json create mode 100644 deps/rapidjson/bin/jsonschema/tests/draft3/maximum.json create mode 100644 deps/rapidjson/bin/jsonschema/tests/draft3/minItems.json create mode 100644 deps/rapidjson/bin/jsonschema/tests/draft3/minLength.json create mode 100644 deps/rapidjson/bin/jsonschema/tests/draft3/minimum.json create mode 100644 deps/rapidjson/bin/jsonschema/tests/draft3/optional/bignum.json create mode 100644 deps/rapidjson/bin/jsonschema/tests/draft3/optional/format.json create mode 100644 deps/rapidjson/bin/jsonschema/tests/draft3/optional/jsregex.json create mode 100644 deps/rapidjson/bin/jsonschema/tests/draft3/optional/zeroTerminatedFloats.json create mode 100644 deps/rapidjson/bin/jsonschema/tests/draft3/pattern.json create mode 100644 deps/rapidjson/bin/jsonschema/tests/draft3/patternProperties.json create mode 100644 deps/rapidjson/bin/jsonschema/tests/draft3/properties.json create mode 100644 deps/rapidjson/bin/jsonschema/tests/draft3/ref.json create mode 100644 deps/rapidjson/bin/jsonschema/tests/draft3/refRemote.json create mode 100644 deps/rapidjson/bin/jsonschema/tests/draft3/required.json create mode 100644 deps/rapidjson/bin/jsonschema/tests/draft3/type.json create mode 100644 deps/rapidjson/bin/jsonschema/tests/draft3/uniqueItems.json create mode 100644 deps/rapidjson/bin/jsonschema/tests/draft4/additionalItems.json create mode 100644 deps/rapidjson/bin/jsonschema/tests/draft4/additionalProperties.json create mode 100644 deps/rapidjson/bin/jsonschema/tests/draft4/allOf.json create mode 100644 deps/rapidjson/bin/jsonschema/tests/draft4/anyOf.json create mode 100644 deps/rapidjson/bin/jsonschema/tests/draft4/default.json create mode 100644 deps/rapidjson/bin/jsonschema/tests/draft4/definitions.json create mode 100644 deps/rapidjson/bin/jsonschema/tests/draft4/dependencies.json create mode 100644 deps/rapidjson/bin/jsonschema/tests/draft4/enum.json create mode 100644 deps/rapidjson/bin/jsonschema/tests/draft4/items.json create mode 100644 deps/rapidjson/bin/jsonschema/tests/draft4/maxItems.json create mode 100644 deps/rapidjson/bin/jsonschema/tests/draft4/maxLength.json create mode 100644 deps/rapidjson/bin/jsonschema/tests/draft4/maxProperties.json create mode 100644 deps/rapidjson/bin/jsonschema/tests/draft4/maximum.json create mode 100644 deps/rapidjson/bin/jsonschema/tests/draft4/minItems.json create mode 100644 deps/rapidjson/bin/jsonschema/tests/draft4/minLength.json create mode 100644 deps/rapidjson/bin/jsonschema/tests/draft4/minProperties.json create mode 100644 deps/rapidjson/bin/jsonschema/tests/draft4/minimum.json create mode 100644 deps/rapidjson/bin/jsonschema/tests/draft4/multipleOf.json create mode 100644 deps/rapidjson/bin/jsonschema/tests/draft4/not.json create mode 100644 deps/rapidjson/bin/jsonschema/tests/draft4/oneOf.json create mode 100644 deps/rapidjson/bin/jsonschema/tests/draft4/optional/bignum.json create mode 100644 deps/rapidjson/bin/jsonschema/tests/draft4/optional/format.json create mode 100644 deps/rapidjson/bin/jsonschema/tests/draft4/optional/zeroTerminatedFloats.json create mode 100644 deps/rapidjson/bin/jsonschema/tests/draft4/pattern.json create mode 100644 deps/rapidjson/bin/jsonschema/tests/draft4/patternProperties.json create mode 100644 deps/rapidjson/bin/jsonschema/tests/draft4/properties.json create mode 100644 deps/rapidjson/bin/jsonschema/tests/draft4/ref.json create mode 100644 deps/rapidjson/bin/jsonschema/tests/draft4/refRemote.json create mode 100644 deps/rapidjson/bin/jsonschema/tests/draft4/required.json create mode 100644 deps/rapidjson/bin/jsonschema/tests/draft4/type.json create mode 100644 deps/rapidjson/bin/jsonschema/tests/draft4/uniqueItems.json create mode 100644 deps/rapidjson/bin/jsonschema/tox.ini create mode 100644 deps/rapidjson/bin/types/readme.txt create mode 100644 deps/rapidjson/contrib/natvis/README.md create mode 100644 deps/rapidjson/doc/CMakeLists.txt create mode 100644 deps/rapidjson/doc/diagram/makefile create mode 100644 deps/rapidjson/doc/dom.md create mode 100644 deps/rapidjson/doc/dom.zh-cn.md create mode 100644 deps/rapidjson/doc/encoding.md create mode 100644 deps/rapidjson/doc/encoding.zh-cn.md create mode 100644 deps/rapidjson/doc/faq.md create mode 100644 deps/rapidjson/doc/faq.zh-cn.md create mode 100644 deps/rapidjson/doc/features.md create mode 100644 deps/rapidjson/doc/features.zh-cn.md create mode 100644 deps/rapidjson/doc/internals.md create mode 100644 deps/rapidjson/doc/internals.zh-cn.md create mode 100644 deps/rapidjson/doc/npm.md create mode 100644 deps/rapidjson/doc/performance.md create mode 100644 deps/rapidjson/doc/performance.zh-cn.md create mode 100644 deps/rapidjson/doc/pointer.md create mode 100644 deps/rapidjson/doc/pointer.zh-cn.md create mode 100644 deps/rapidjson/doc/sax.md create mode 100644 deps/rapidjson/doc/sax.zh-cn.md create mode 100644 deps/rapidjson/doc/schema.md create mode 100644 deps/rapidjson/doc/schema.zh-cn.md create mode 100644 deps/rapidjson/doc/stream.md create mode 100644 deps/rapidjson/doc/stream.zh-cn.md create mode 100644 deps/rapidjson/doc/tutorial.md create mode 100644 deps/rapidjson/doc/tutorial.zh-cn.md create mode 100644 deps/rapidjson/example/CMakeLists.txt create mode 100644 deps/rapidjson/license.txt create mode 100644 deps/rapidjson/readme.md create mode 100644 deps/rapidjson/readme.zh-cn.md create mode 100644 deps/rapidjson/test/CMakeLists.txt create mode 100644 deps/rapidjson/test/perftest/CMakeLists.txt create mode 100644 deps/rapidjson/test/unittest/CMakeLists.txt create mode 100644 deps/rapidjson/thirdparty/gtest/CMakeLists.txt create mode 100644 deps/rapidjson/thirdparty/gtest/CONTRIBUTING.md create mode 100644 deps/rapidjson/thirdparty/gtest/README.md create mode 100644 deps/rapidjson/thirdparty/gtest/googlemock/CMakeLists.txt create mode 100644 deps/rapidjson/thirdparty/gtest/googlemock/README.md create mode 100644 deps/rapidjson/thirdparty/gtest/googlemock/build-aux/.keep create mode 100644 deps/rapidjson/thirdparty/gtest/googlemock/docs/CheatSheet.md create mode 100644 deps/rapidjson/thirdparty/gtest/googlemock/docs/CookBook.md create mode 100644 deps/rapidjson/thirdparty/gtest/googlemock/docs/DesignDoc.md create mode 100644 deps/rapidjson/thirdparty/gtest/googlemock/docs/Documentation.md create mode 100644 deps/rapidjson/thirdparty/gtest/googlemock/docs/ForDummies.md create mode 100644 deps/rapidjson/thirdparty/gtest/googlemock/docs/FrequentlyAskedQuestions.md create mode 100644 deps/rapidjson/thirdparty/gtest/googlemock/docs/KnownIssues.md create mode 100644 deps/rapidjson/thirdparty/gtest/googlemock/make/Makefile create mode 100644 deps/rapidjson/thirdparty/gtest/googlemock/test/gmock_output_test_golden.txt create mode 100644 deps/rapidjson/thirdparty/gtest/googletest/CMakeLists.txt create mode 100644 deps/rapidjson/thirdparty/gtest/googletest/README.md create mode 100644 deps/rapidjson/thirdparty/gtest/googletest/docs/Pkgconfig.md create mode 100644 deps/rapidjson/thirdparty/gtest/googletest/docs/PumpManual.md create mode 100644 deps/rapidjson/thirdparty/gtest/googletest/docs/XcodeGuide.md create mode 100644 deps/rapidjson/thirdparty/gtest/googletest/docs/advanced.md create mode 100644 deps/rapidjson/thirdparty/gtest/googletest/docs/faq.md create mode 100644 deps/rapidjson/thirdparty/gtest/googletest/docs/primer.md create mode 100644 deps/rapidjson/thirdparty/gtest/googletest/docs/samples.md create mode 100644 deps/rapidjson/thirdparty/gtest/googletest/make/Makefile create mode 100644 deps/rapidjson/thirdparty/gtest/googletest/scripts/test/Makefile create mode 100644 deps/rapidjson/thirdparty/gtest/googletest/test/gtest_output_test_golden_lin.txt create mode 100644 deps/sol2/.github/ISSUE_TEMPLATE.md create mode 100644 deps/sol2/.github/workflows/macos.yml create mode 100644 deps/sol2/.github/workflows/ubuntu.yml create mode 100644 deps/sol2/.github/workflows/windows.yml create mode 100644 deps/sol2/CMakeLists.txt create mode 100644 deps/sol2/CONTRIBUTING.md create mode 100644 deps/sol2/CONTRIBUTORS.md create mode 100644 deps/sol2/LICENSE.txt create mode 100644 deps/sol2/README.md create mode 100644 deps/sol2/documentation/CMakeLists.txt create mode 100644 deps/sol2/documentation/requirements.txt create mode 100644 deps/sol2/examples/CMakeLists.txt create mode 100644 deps/sol2/examples/customization/CMakeLists.txt create mode 100644 deps/sol2/examples/interop/LuaBridge/CMakeLists.txt create mode 100644 deps/sol2/examples/interop/kaguya/CMakeLists.txt create mode 100644 deps/sol2/examples/interop/luwra/CMakeLists.txt create mode 100644 deps/sol2/examples/interop/tolua/CMakeLists.txt create mode 100644 deps/sol2/examples/require_dll_example/CMakeLists.txt create mode 100644 deps/sol2/meson_options.txt create mode 100644 deps/sol2/single/CMakeLists.txt create mode 100644 deps/sol2/tests/CMakeLists.txt create mode 100644 deps/sol2/tests/config_tests/CMakeLists.txt create mode 100644 deps/sol2/tests/config_tests/function_pointers/CMakeLists.txt create mode 100644 deps/sol2/tests/config_tests/integer_value_fits/CMakeLists.txt create mode 100644 deps/sol2/tests/container_exhaustive/CMakeLists.txt create mode 100644 deps/sol2/tests/coroutines/CMakeLists.txt create mode 100644 deps/sol2/tests/enum/CMakeLists.txt create mode 100644 deps/sol2/tests/environment/CMakeLists.txt create mode 100644 deps/sol2/tests/exceptions/CMakeLists.txt create mode 100644 deps/sol2/tests/inclusion/CMakeLists.txt create mode 100644 deps/sol2/tests/lua_lifetime/CMakeLists.txt create mode 100644 deps/sol2/tests/numerics/CMakeLists.txt create mode 100644 deps/sol2/tests/regression_tests/1011/CMakeLists.txt create mode 100644 deps/sol2/tests/regression_tests/CMakeLists.txt create mode 100644 deps/sol2/tests/regression_tests/simple/CMakeLists.txt create mode 100644 deps/sol2/tests/run_time/CMakeLists.txt create mode 100644 deps/sol2/tests/utility/CMakeLists.txt create mode 100644 deps/stb/.github/CONTRIBUTING.md create mode 100644 deps/stb/.github/ISSUE_TEMPLATE/1-stb_image-doesn-t-load-specific-image-correctly.md create mode 100644 deps/stb/.github/ISSUE_TEMPLATE/2-bug_report.md create mode 100644 deps/stb/.github/ISSUE_TEMPLATE/3-feature_request.md create mode 100644 deps/stb/.github/ISSUE_TEMPLATE/config.yml create mode 100644 deps/stb/.github/PULL_REQUEST_TEMPLATE.md create mode 100644 deps/stb/.github/workflows/ci-fuzz.yml create mode 100644 deps/stb/README.md create mode 100644 deps/stb/data/herringbone/license.txt create mode 100644 deps/stb/deprecated/stretchy_buffer.txt create mode 100644 deps/stb/docs/other_libs.md create mode 100644 deps/stb/docs/stb_howto.txt create mode 100644 deps/stb/docs/stb_voxel_render_interview.md create mode 100644 deps/stb/docs/why_public_domain.md create mode 100644 deps/stb/tests/caveview/README.md create mode 100644 deps/stb/tests/oversample/README.md create mode 100644 deps/stb/tests/oversample/oversample.exe create mode 100644 deps/stb/tools/README.footer.md create mode 100644 deps/stb/tools/README.header.md create mode 100644 deps/udis86/BuildVS2010/README.txt create mode 100644 deps/zlib/.github/workflows/c-std.yml create mode 100644 deps/zlib/.github/workflows/cmake.yml create mode 100644 deps/zlib/.github/workflows/configure.yml create mode 100644 deps/zlib/.github/workflows/fuzz.yml create mode 100644 deps/zlib/.github/workflows/msys-cygwin.yml create mode 100644 deps/zlib/CMakeLists.txt create mode 100644 deps/zlib/Makefile create mode 100644 deps/zlib/README-cmake.md create mode 100644 deps/zlib/contrib/ada/readme.txt create mode 100644 deps/zlib/contrib/blast/test.txt create mode 100644 deps/zlib/contrib/delphi/readme.txt create mode 100644 deps/zlib/contrib/dotzlib/LICENSE_1_0.txt create mode 100644 deps/zlib/contrib/dotzlib/readme.txt create mode 100644 deps/zlib/contrib/minizip/CMakeLists.txt create mode 100644 deps/zlib/contrib/minizip/MiniZip64_Changes.txt create mode 100644 deps/zlib/contrib/minizip/MiniZip64_info.txt create mode 100644 deps/zlib/contrib/minizip/minizip.pc.txt create mode 100644 deps/zlib/contrib/minizip/test/CMakeLists.txt create mode 100644 deps/zlib/contrib/pascal/readme.txt create mode 100644 deps/zlib/contrib/testzlib/testzlib.txt create mode 100644 deps/zlib/contrib/vstudio/readme.txt create mode 100644 deps/zlib/doc/algorithm.txt create mode 100644 deps/zlib/doc/rfc1950.txt create mode 100644 deps/zlib/doc/rfc1951.txt create mode 100644 deps/zlib/doc/rfc1952.txt create mode 100644 deps/zlib/doc/txtvsbin.txt create mode 100644 deps/zlib/old/visual-basic.txt create mode 100644 deps/zlib/test/CMakeLists.txt create mode 100644 deps/zlib/win32/DLL_FAQ.txt create mode 100644 deps/zlib/win32/README-WIN32.txt create mode 100644 deps/zlib/win32/VisualC.txt create mode 100644 deps/zlib/zconf.h create mode 100644 deps/zstd/.github/ISSUE_TEMPLATE/bug_report.md create mode 100644 deps/zstd/.github/ISSUE_TEMPLATE/feature_request.md create mode 100644 deps/zstd/.github/dependabot.yml create mode 100644 deps/zstd/.github/workflows/android-ndk-build.yml create mode 100644 deps/zstd/.github/workflows/commit.yml create mode 100644 deps/zstd/.github/workflows/dev-long-tests.yml create mode 100644 deps/zstd/.github/workflows/dev-short-tests.yml create mode 100644 deps/zstd/.github/workflows/nightly.yml create mode 100644 deps/zstd/.github/workflows/publish-release-artifacts.yml create mode 100644 deps/zstd/.github/workflows/release_check.yml create mode 100644 deps/zstd/.github/workflows/scorecards.yml create mode 100644 deps/zstd/.github/workflows/windows-artifacts.yml create mode 100644 deps/zstd/CODE_OF_CONDUCT.md create mode 100644 deps/zstd/CONTRIBUTING.md create mode 100644 deps/zstd/README.md create mode 100644 deps/zstd/SECURITY.md create mode 100644 deps/zstd/TESTING.md create mode 100644 deps/zstd/build/README.md create mode 100644 deps/zstd/build/VS_scripts/README.md create mode 100644 deps/zstd/build/cmake/CMakeLists.txt create mode 100644 deps/zstd/build/cmake/README.md create mode 100644 deps/zstd/build/cmake/contrib/CMakeLists.txt create mode 100644 deps/zstd/build/cmake/contrib/gen_html/CMakeLists.txt create mode 100644 deps/zstd/build/cmake/contrib/pzstd/CMakeLists.txt create mode 100644 deps/zstd/build/cmake/lib/CMakeLists.txt create mode 100644 deps/zstd/build/cmake/programs/CMakeLists.txt create mode 100644 deps/zstd/build/cmake/tests/CMakeLists.txt create mode 100644 deps/zstd/build/meson/README.md create mode 100644 deps/zstd/build/meson/meson_options.txt create mode 100644 deps/zstd/build/single_file_libs/README.md create mode 100644 deps/zstd/build/single_file_libs/examples/README.md create mode 100644 deps/zstd/contrib/VS2005/README.md create mode 100644 deps/zstd/contrib/docker/README.md create mode 100644 deps/zstd/contrib/externalSequenceProducer/README.md create mode 100644 deps/zstd/contrib/gen_html/README.md create mode 100644 deps/zstd/contrib/largeNbDicts/README.md create mode 100644 deps/zstd/contrib/linux-kernel/README.md create mode 100644 deps/zstd/contrib/match_finders/README.md create mode 100644 deps/zstd/contrib/pzstd/README.md create mode 100644 deps/zstd/contrib/seekable_format/README.md create mode 100644 deps/zstd/contrib/seekable_format/zstd_seekable_compression_format.md create mode 100644 deps/zstd/doc/README.md create mode 100644 deps/zstd/doc/decompressor_errata.md create mode 100644 deps/zstd/doc/decompressor_permissive.md create mode 100644 deps/zstd/doc/educational_decoder/README.md create mode 100644 deps/zstd/doc/zstd_compression_format.md create mode 100644 deps/zstd/examples/README.md create mode 100644 deps/zstd/lib/README.md create mode 100644 deps/zstd/lib/dll/example/README.md create mode 100644 deps/zstd/programs/README.md create mode 100644 deps/zstd/programs/zstd.1.md create mode 100644 deps/zstd/programs/zstdgrep.1.md create mode 100644 deps/zstd/programs/zstdless.1.md create mode 100644 deps/zstd/tests/README.md create mode 100644 deps/zstd/tests/cli-tests/README.md create mode 100644 deps/zstd/tests/fuzz/README.md create mode 100644 deps/zstd/tests/fuzz/seq_prod_fuzz_example/README.md create mode 100644 deps/zstd/tests/regression/README.md create mode 100644 deps/zstd/zlibWrapper/README.md diff --git a/.gitignore b/.gitignore index 073411c4..567609b1 100644 --- a/.gitignore +++ b/.gitignore @@ -1,3 +1 @@ -.vs -.vscode -build*/* +build/ diff --git a/deps/GSL/.github/ISSUE_TEMPLATE/bug_report.md b/deps/GSL/.github/ISSUE_TEMPLATE/bug_report.md new file mode 100644 index 00000000..be72e493 --- /dev/null +++ b/deps/GSL/.github/ISSUE_TEMPLATE/bug_report.md @@ -0,0 +1,29 @@ +--- +name: Bug report +about: Create a report to help us improve +title: '' +labels: 'Status: Open, Type: Bug' +assignees: '' + +--- + +**Describe the bug** +A clear and concise description of what the bug is. + +**To Reproduce** +```c++ +#include + +// your repro here: ... +``` + +**Expected behavior** +A clear and concise description of what you expected to happen. + +**Spec (please complete the following information):** + - OS: [e.g. Windows] + - Compiler: [e.g. MSVC] + - C++ Version: [e.g. C++20] + +**Additional context** +Add any other context about the problem here. diff --git a/deps/GSL/.github/workflows/android.yml b/deps/GSL/.github/workflows/android.yml new file mode 100644 index 00000000..97259a83 --- /dev/null +++ b/deps/GSL/.github/workflows/android.yml @@ -0,0 +1,59 @@ +name: CI_Android + +concurrency: + group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }} + cancel-in-progress: true + +on: + push: + branches: [ main ] + pull_request: + branches: [ main ] + +jobs: + Android: + runs-on: macos-latest-large + defaults: + run: + working-directory: build + steps: + - uses: actions/checkout@v4 + + - name: Create build directory + run: mkdir -p build + working-directory: . + + - uses: actions/setup-java@v4 + with: + java-version: 8 + distribution: zulu + + - name: Start Emulator + run: | + echo "y" | $ANDROID_HOME/tools/bin/sdkmanager --install 'system-images;android-24;default;x86_64' + echo "no" | $ANDROID_HOME/tools/bin/avdmanager create avd -n xamarin_android_emulator -k 'system-images;android-24;default;x86_64' --force + $ANDROID_HOME/emulator/emulator -list-avds + echo "Starting emulator..." + nohup $ANDROID_HOME/emulator/emulator -no-audio -no-snapshot -avd xamarin_android_emulator &> /dev/null & + echo "Emulator starting in background" + + - name: Configure + run: cmake -DCMAKE_TOOLCHAIN_FILE=$ANDROID_NDK_LATEST_HOME/build/cmake/android.toolchain.cmake -DANDROID_PLATFORM=16 -DANDROID_ABI=x86_64 -DCMAKE_BUILD_TYPE=Debug .. + + - name: Build + run: cmake --build . --parallel + + - name: Wait for emulator ready + timeout-minutes: 2 + run: | + $ANDROID_HOME/platform-tools/adb wait-for-device shell 'while [[ -z $(getprop sys.boot_completed | tr -d '\r') ]]; do sleep 10; done; input keyevent 82' + $ANDROID_HOME/platform-tools/adb devices + $ANDROID_HOME/platform-tools/adb shell getprop ro.product.cpu.abi + + - name: Deploy tests + run: | + adb push tests /data/local/tmp + adb shell find /data/local/tmp/tests -maxdepth 1 -exec chmod +x {} \\\; + + - name: Test + run: adb shell find /data/local/tmp/tests -name "*_tests" -maxdepth 1 -exec {} \\\; diff --git a/deps/GSL/.github/workflows/cmake/action.yml b/deps/GSL/.github/workflows/cmake/action.yml new file mode 100644 index 00000000..0ac09bfa --- /dev/null +++ b/deps/GSL/.github/workflows/cmake/action.yml @@ -0,0 +1,56 @@ +name: Composite CMake +inputs: + cmake_generator: + required: false + type: string + default: 'Unix Makefiles' + cmake_build_type: + required: true + type: string + default: '' + cmake_cxx_compiler: + required: false + type: string + gsl_cxx_standard: + required: true + type: number + extra_cmake_args: + required: false + type: string + default: '' + build_cmd: + required: true + type: string + default: 'make' + test_cmd: + required: false + type: string + default: 'make test' + shell: + required: false + type: string + default: 'bash' + + +runs: + using: composite + steps: + - name: Create build directory + run: mkdir build + shell: ${{ inputs.shell }} + + - name: Configure CMake + working-directory: build + run: cmake -G "${{ inputs.cmake_generator }}" -DCMAKE_BUILD_TYPE=${{ inputs.cmake_build_type }} -DCMAKE_CXX_COMPILER=${{ inputs.cmake_cxx_compiler }} -DGSL_CXX_STANDARD=${{ inputs.gsl_cxx_standard }} -DCI_TESTING:BOOL=ON -DCMAKE_VERBOSE_MAKEFILE:BOOL=ON -Werror=dev ${{ inputs.extra_cmake_args }} .. + shell: ${{ inputs.shell }} + + - name: Build + working-directory: build + run: ${{ inputs.build_cmd }} + shell: ${{ inputs.shell }} + + - name: Test + working-directory: build + run: ${{ inputs.test_cmd }} + shell: ${{ inputs.shell }} + diff --git a/deps/GSL/.github/workflows/cmake_find_package.yml b/deps/GSL/.github/workflows/cmake_find_package.yml new file mode 100644 index 00000000..fd2f7a81 --- /dev/null +++ b/deps/GSL/.github/workflows/cmake_find_package.yml @@ -0,0 +1,25 @@ +name: cmake_find_package +on: + push: + branches: [ main ] + pull_request: + branches: [ main ] + +jobs: + cmake-find-package: + name: Build ${{ matrix.os }} + runs-on: ${{ matrix.os }} + strategy: + matrix: + os: [ ubuntu-latest, macos-latest ] + steps: + - uses: actions/checkout@v4 + - uses: lukka/get-cmake@latest + with: + cmakeVersion: 3.14.0 + - name: Configure GSL + run: cmake -S . -B build -G "Ninja" -D GSL_TEST=OFF -D CMAKE_INSTALL_PREFIX=${GITHUB_WORKSPACE}/build/install + - name: Install GSL + run: cmake --build build --target install + - name: Test GSL find_package support + run: cmake -S tests/ -B build/tests_find_package -G "Ninja" -D CMAKE_PREFIX_PATH=${GITHUB_WORKSPACE}/build/install -D CMAKE_BUILD_TYPE=Release diff --git a/deps/GSL/.github/workflows/compilers.yml b/deps/GSL/.github/workflows/compilers.yml new file mode 100644 index 00000000..38575835 --- /dev/null +++ b/deps/GSL/.github/workflows/compilers.yml @@ -0,0 +1,115 @@ +name: Compiler Integration Tests + +concurrency: + group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }} + cancel-in-progress: true + +on: + push: + branches: [ main ] + pull_request: + branches: [ main ] + +# These jobs are correlated with the officially supported compilers +# and toolsets. If you change any versions, please update README.md. + +jobs: + gcc: + strategy: + matrix: + gcc_version: [ 12, 13, 14 ] + build_type: [ Debug, Release ] + cxx_version: [ 14, 17, 20, 23 ] + exclude: + # https://github.com/google/googletest/issues/4232 + # Looks like GoogleTest is not interested in making version 1.14 + # work with gcc-12. + - gcc_version: 12 + cxx_version: 20 + - gcc_version: 12 + cxx_version: 23 + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + + - name: Run CMake (configure, build, test) + uses: ./.github/workflows/cmake + with: + cmake_build_type: ${{ matrix.build_type }} + cmake_cxx_compiler: g++-${{ matrix.gcc_version }} + gsl_cxx_standard: ${{ matrix.cxx_version }} + + clang: + strategy: + matrix: + clang_version: [ 16, 17, 18 ] + build_type: [ Debug, Release ] + cxx_version: [ 14, 17, 20, 23 ] + exclude: + # https://github.com/llvm/llvm-project/issues/93734 + # Looks like clang fixed this issue in clang-18, but won't backport + # the fix. + - clang_version: 17 + cxx_version: 23 + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + + - name: Run CMake (configure, build, test) + uses: ./.github/workflows/cmake + with: + cmake_build_type: ${{ matrix.build_type }} + cmake_cxx_compiler: clang++-${{ matrix.clang_version }} + gsl_cxx_standard: ${{ matrix.cxx_version }} + + xcode: + strategy: + matrix: + xcode_version: [ '15.4' ] + build_type: [ Debug, Release ] + cxx_version: [ 14, 17, 20, 23 ] + runs-on: macos-latest + steps: + - uses: actions/checkout@v4 + + - name: select xcode version + run: sudo xcode-select -s /Applications/Xcode_${{ matrix.xcode_version }}.app + + - name: Run CMake (configure, build, test) + uses: ./.github/workflows/cmake + with: + cmake_build_type: ${{ matrix.build_type }} + cmake_cxx_compiler: clang++ + gsl_cxx_standard: ${{ matrix.cxx_version }} + + VisualStudio: + strategy: + matrix: + generator: [ 'Visual Studio 16 2019', 'Visual Studio 17 2022' ] + image: [ windows-2019, windows-2022 ] + build_type: [ Debug, Release ] + extra_args: [ '', '-T ClangCL' ] + cxx_version: [ 14, 17, 20, 23 ] + exclude: + - generator: 'Visual Studio 17 2022' + image: windows-2019 + - generator: 'Visual Studio 16 2019' + image: windows-2022 + - generator: 'Visual Studio 16 2019' + cxx_version: 23 + runs-on: ${{ matrix.image }} + steps: + - uses: actions/checkout@v4 + - uses: microsoft/setup-msbuild@v2 + + - name: Run CMake (configure, build, test) + uses: ./.github/workflows/cmake + with: + cmake_generator: ${{ matrix.generator }} + cmake_build_type: ${{ matrix.build_type }} + gsl_cxx_standard: ${{ matrix.cxx_version }} + extra_cmake_args: ${{ matrix.extra_args }} + build_cmd: msbuild GSL.sln + test_cmd: ctest . --output-on-failure --no-compress-output + shell: pwsh + diff --git a/deps/GSL/.github/workflows/ios.yml b/deps/GSL/.github/workflows/ios.yml new file mode 100644 index 00000000..89627a17 --- /dev/null +++ b/deps/GSL/.github/workflows/ios.yml @@ -0,0 +1,52 @@ +name: CI_iOS +on: + push: + branches: [ main ] + pull_request: + branches: [ main ] + +jobs: + iOS: + runs-on: macos-latest + defaults: + run: + working-directory: build + steps: + - uses: actions/checkout@v4 + + - name: Create build directory + run: mkdir -p build + working-directory: . + + - name: Configure + run: | + cmake \ + -Werror=dev \ + -GXcode \ + -DCMAKE_SYSTEM_NAME=iOS \ + "-DCMAKE_OSX_ARCHITECTURES=arm64;x86_64" \ + -DCMAKE_OSX_DEPLOYMENT_TARGET=9 \ + -DCMAKE_TRY_COMPILE_TARGET_TYPE=STATIC_LIBRARY \ + "-DMACOSX_BUNDLE_GUI_IDENTIFIER=GSL.\$(EXECUTABLE_NAME)" \ + -DMACOSX_BUNDLE_BUNDLE_VERSION=3.1.0 \ + -DMACOSX_BUNDLE_SHORT_VERSION_STRING=3.1.0 \ + .. + + - name: Build + run: cmake --build . --parallel `sysctl -n hw.ncpu` --config Release -- -sdk iphonesimulator + + - name: Start simulator + run: | + RUNTIME=`xcrun simctl list runtimes iOS -j|jq '.runtimes|last.identifier'` + UDID=`xcrun simctl list devices iPhone available -j|jq -r ".devices[$RUNTIME]|last.udid"` + xcrun simctl bootstatus $UDID -b + + - name: Test + run: | + for TEST in `find tests/Release-iphonesimulator -depth 1 -name "*.app"` + do + xcrun simctl install booted $TEST + TEST_ID=`plutil -convert json -o - $TEST/Info.plist|jq -r ".CFBundleIdentifier"` + xcrun simctl launch --console booted $TEST_ID + xcrun simctl uninstall booted $TEST_ID + done diff --git a/deps/GSL/CMakeLists.txt b/deps/GSL/CMakeLists.txt new file mode 100644 index 00000000..b1d24e5f --- /dev/null +++ b/deps/GSL/CMakeLists.txt @@ -0,0 +1,48 @@ +cmake_minimum_required(VERSION 3.14...3.16) + +project(GSL VERSION 4.1.0 LANGUAGES CXX) + +add_library(GSL INTERFACE) +add_library(Microsoft.GSL::GSL ALIAS GSL) + +# https://cmake.org/cmake/help/latest/variable/PROJECT_IS_TOP_LEVEL.html +string(COMPARE EQUAL ${CMAKE_CURRENT_SOURCE_DIR} ${CMAKE_SOURCE_DIR} PROJECT_IS_TOP_LEVEL) + +option(GSL_INSTALL "Generate and install GSL target" ${PROJECT_IS_TOP_LEVEL}) +option(GSL_TEST "Build and perform GSL tests" ${PROJECT_IS_TOP_LEVEL}) + +# The implementation generally assumes a platform that implements C++14 support +target_compile_features(GSL INTERFACE "cxx_std_14") + +# Setup include directory +add_subdirectory(include) + +target_sources(GSL INTERFACE $) + +if (GSL_TEST) + enable_testing() + add_subdirectory(tests) +endif() + +if (GSL_INSTALL) + include(GNUInstallDirs) + include(CMakePackageConfigHelpers) + + install(DIRECTORY "${PROJECT_SOURCE_DIR}/include/gsl" DESTINATION ${CMAKE_INSTALL_INCLUDEDIR}) + + set(export_name "Microsoft.GSLConfig") + set(namespace "Microsoft.GSL::") + set(cmake_files_install_dir ${CMAKE_INSTALL_DATADIR}/cmake/Microsoft.GSL) + + install(TARGETS GSL EXPORT ${export_name} INCLUDES DESTINATION ${CMAKE_INSTALL_INCLUDEDIR}) + install(EXPORT ${export_name} NAMESPACE ${namespace} DESTINATION ${cmake_files_install_dir}) + export(TARGETS GSL NAMESPACE ${namespace} FILE ${export_name}.cmake) + + set(gls_config_version "${CMAKE_CURRENT_BINARY_DIR}/Microsoft.GSLConfigVersion.cmake") + + write_basic_package_version_file(${gls_config_version} COMPATIBILITY SameMajorVersion ARCH_INDEPENDENT) + + install(FILES ${gls_config_version} DESTINATION ${cmake_files_install_dir}) + + install(FILES GSL.natvis DESTINATION ${cmake_files_install_dir}) +endif() diff --git a/deps/GSL/CONTRIBUTING.md b/deps/GSL/CONTRIBUTING.md new file mode 100644 index 00000000..e28f534e --- /dev/null +++ b/deps/GSL/CONTRIBUTING.md @@ -0,0 +1,29 @@ +## Contributing to the Guidelines Support Library + +The Guidelines Support Library (GSL) contains functions and types that are suggested for use by the +[C++ Core Guidelines](https://github.com/isocpp/CppCoreGuidelines). GSL design changes are made only as a result of modifications to the Guidelines. + +GSL is accepting contributions that improve or refine any of the types in this library as well as ports to other platforms. Changes should have an issue +tracking the suggestion that has been approved by the maintainers. Your pull request should include a link to the bug that you are fixing. If you've submitted +a PR, please post a comment in the associated issue to avoid duplication of effort. + +## Legal +You will need to complete a Contributor License Agreement (CLA). Briefly, this agreement testifies that you are granting us and the community permission to +use the submitted change according to the terms of the project's license, and that the work being submitted is under appropriate copyright. + +Please submit a Contributor License Agreement (CLA) before submitting a pull request. You may visit https://cla.microsoft.com to sign digitally. + +## Housekeeping +Your pull request should: + +* Include a description of what your change intends to do +* Be a child commit of a reasonably recent commit in the **main** branch + * Requests need not be a single commit, but should be a linear sequence of commits (i.e. no merge commits in your PR) +* It is desirable, but not necessary, for the tests to pass at each commit. Please see [README.md](./README.md) for instructions to build the test suite. +* Have clear commit messages + * e.g. "Fix issue", "Add tests for type", etc. +* Include appropriate tests + * Tests should include reasonable permutations of the target fix/change + * Include baseline changes with your change + * All changed code must have 100% code coverage +* To avoid line ending issues, set `autocrlf = input` and `whitespace = cr-at-eol` in your git configuration diff --git a/deps/GSL/README.md b/deps/GSL/README.md new file mode 100644 index 00000000..d896052c --- /dev/null +++ b/deps/GSL/README.md @@ -0,0 +1,220 @@ +# GSL: Guidelines Support Library +[![CI](https://github.com/Microsoft/GSL/actions/workflows/compilers.yml/badge.svg)](https://github.com/microsoft/GSL/actions/workflows/compilers.yml?query=branch%3Amain) +[![vcpkg](https://img.shields.io/vcpkg/v/ms-gsl)](https://vcpkg.io/en/package/ms-gsl) + +The Guidelines Support Library (GSL) contains functions and types that are suggested for use by the +[C++ Core Guidelines](https://github.com/isocpp/CppCoreGuidelines) maintained by the [Standard C++ Foundation](https://isocpp.org). +This repo contains Microsoft's implementation of GSL. + +The entire implementation is provided inline in the headers under the [gsl](./include/gsl) directory. The implementation generally assumes a platform that implements C++14 support. + +While some types have been broken out into their own headers (e.g. [gsl/span](./include/gsl/span)), +it is simplest to just include [gsl/gsl](./include/gsl/gsl) and gain access to the entire library. + +> NOTE: We encourage contributions that improve or refine any of the types in this library as well as ports to +other platforms. Please see [CONTRIBUTING.md](./CONTRIBUTING.md) for more information about contributing. + +# Project Code of Conduct +This project has adopted the [Microsoft Open Source Code of Conduct](https://opensource.microsoft.com/codeofconduct/). For more information see the [Code of Conduct FAQ](https://opensource.microsoft.com/codeofconduct/faq/) or contact [opencode@microsoft.com](mailto:opencode@microsoft.com) with any additional questions or comments. + +# Usage of Third Party Libraries +This project makes use of the [Google Test](https://github.com/google/googletest) testing library. Please see the [ThirdPartyNotices.txt](./ThirdPartyNotices.txt) file for details regarding the licensing of Google Test. + +# Supported features +## Microsoft GSL implements the following from the C++ Core Guidelines: + +Feature | Supported? | Description +-------------------------------------------------------------------------|:----------:|------------- +[**1. Views**][cg-views] | | +[owner](docs/headers.md#user-content-H-pointers-owner) | ☑ | An alias for a raw pointer +[not_null](docs/headers.md#user-content-H-pointers-not_null) | ☑ | Restricts a pointer/smart pointer to hold non-null values +[span](docs/headers.md#user-content-H-span-span) | ☑ | A view over a contiguous sequence of memory. Based on the standardized version of `std::span`, however `gsl::span` enforces bounds checking. +span_p | ☐ | Spans a range starting from a pointer to the first place for which the predicate is true +[basic_zstring](docs/headers.md#user-content-H-zstring) | ☑ | A pointer to a C-string (zero-terminated array) with a templated char type +[zstring](docs/headers.md#user-content-H-zstring) | ☑ | An alias to `basic_zstring` with dynamic extent and a char type of `char` +[czstring](docs/headers.md#user-content-H-zstring) | ☑ | An alias to `basic_zstring` with dynamic extent and a char type of `const char` +[wzstring](docs/headers.md#user-content-H-zstring) | ☑ | An alias to `basic_zstring` with dynamic extent and a char type of `wchar_t` +[cwzstring](docs/headers.md#user-content-H-zstring) | ☑ | An alias to `basic_zstring` with dynamic extent and a char type of `const wchar_t` +[u16zstring](docs/headers.md#user-content-H-zstring) | ☑ | An alias to `basic_zstring` with dynamic extent and a char type of `char16_t` +[cu16zstring](docs/headers.md#user-content-H-zstring) | ☑ | An alias to `basic_zstring` with dynamic extent and a char type of `const char16_t` +[u32zstring](docs/headers.md#user-content-H-zstring) | ☑ | An alias to `basic_zstring` with dynamic extent and a char type of `char32_t` +[cu32zstring](docs/headers.md#user-content-H-zstring) | ☑ | An alias to `basic_zstring` with dynamic extent and a char type of `const char32_t` +[**2. Owners**][cg-owners] | | +stack_array | ☐ | A stack-allocated array +dyn_array | ☐ | A heap-allocated array +[**3. Assertions**][cg-assertions] | | +[Expects](docs/headers.md#user-content-H-assert-expects) | ☑ | A precondition assertion; on failure it terminates +[Ensures](docs/headers.md#user-content-H-assert-ensures) | ☑ | A postcondition assertion; on failure it terminates +[**4. Utilities**][cg-utilities] | | +move_owner | ☐ | A helper function that moves one `owner` to the other +[final_action](docs/headers.md#user-content-H-util-final_action) | ☑ | A RAII style class that invokes a functor on its destruction +[finally](docs/headers.md#user-content-H-util-finally) | ☑ | A helper function instantiating [final_action](docs/headers.md#user-content-H-util-final_action) +[GSL_SUPPRESS](docs/headers.md#user-content-H-assert-gsl_suppress) | ☑ | A macro that takes an argument and turns it into `[[gsl::suppress(x)]]` or `[[gsl::suppress("x")]]` +[[implicit]] | ☐ | A "marker" to put on single-argument constructors to explicitly make them non-explicit +[index](docs/headers.md#user-content-H-util-index) | ☑ | A type to use for all container and array indexing (currently an alias for `std::ptrdiff_t`) +[narrow](docs/headers.md#user-content-H-narrow-narrow) | ☑ | A checked version of `narrow_cast`; it can throw [narrowing_error](docs/headers.md#user-content-H-narrow-narrowing_error) +[narrow_cast](docs/headers.md#user-content-H-util-narrow_cast) | ☑ | A narrowing cast for values and a synonym for `static_cast` +[narrowing_error](docs/headers.md#user-content-H-narrow-narrowing_error) | ☑ | A custom exception type thrown by [narrow](docs/headers.md#user-content-H-narrow-narrow) +[**5. Concepts**][cg-concepts] | ☐ | + +## The following features do not exist in or have been removed from the C++ Core Guidelines: +Feature | Supported? | Description +-----------------------------------|:----------:|------------- +[strict_not_null](docs/headers.md#user-content-H-pointers-strict_not_null) | ☑ | A stricter version of [not_null](docs/headers.md#user-content-H-pointers-not_null) with explicit constructors +multi_span | ☐ | Deprecated. Multi-dimensional span. +strided_span | ☐ | Deprecated. Support for this type has been discontinued. +basic_string_span | ☐ | Deprecated. Like `span` but for strings with a templated char type +string_span | ☐ | Deprecated. An alias to `basic_string_span` with a char type of `char` +cstring_span | ☐ | Deprecated. An alias to `basic_string_span` with a char type of `const char` +wstring_span | ☐ | Deprecated. An alias to `basic_string_span` with a char type of `wchar_t` +cwstring_span | ☐ | Deprecated. An alias to `basic_string_span` with a char type of `const wchar_t` +u16string_span | ☐ | Deprecated. An alias to `basic_string_span` with a char type of `char16_t` +cu16string_span | ☐ | Deprecated. An alias to `basic_string_span` with a char type of `const char16_t` +u32string_span | ☐ | Deprecated. An alias to `basic_string_span` with a char type of `char32_t` +cu32string_span | ☐ | Deprecated. An alias to `basic_string_span` with a char type of `const char32_t` + +## The following features have been adopted by WG21. They are deprecated in GSL. +Feature | Deprecated Since | Notes +------------------------------------------------------------------|------------------|------ +[unique_ptr](docs/headers.md#user-content-H-pointers-unique_ptr) | C++11 | Use std::unique_ptr instead. +[shared_ptr](docs/headers.md#user-content-H-pointers-shared_ptr) | C++11 | Use std::shared_ptr instead. +[byte](docs/headers.md#user-content-H-byte-byte) | C++17 | Use std::byte instead. +joining_thread | C++20 (Note: Not yet implemented in GSL) | Use std::jthread instead. + +This is based on [CppCoreGuidelines semi-specification](https://github.com/isocpp/CppCoreGuidelines/blob/master/CppCoreGuidelines.md#gsl-guidelines-support-library). + +[cg-views]: https://github.com/isocpp/CppCoreGuidelines/blob/master/CppCoreGuidelines.md#gslview-views +[cg-owners]: https://github.com/isocpp/CppCoreGuidelines/blob/master/CppCoreGuidelines.md#gslowner-ownership-pointers +[cg-assertions]: https://github.com/isocpp/CppCoreGuidelines/blob/master/CppCoreGuidelines.md#gslassert-assertions +[cg-utilities]: https://github.com/isocpp/CppCoreGuidelines/blob/master/CppCoreGuidelines.md#gslutil-utilities +[cg-concepts]: https://github.com/isocpp/CppCoreGuidelines/blob/master/CppCoreGuidelines.md#gslconcept-concepts + +# Quick Start +## Supported Compilers / Toolsets +The GSL officially supports recent major versions of Visual Studio with both MSVC and LLVM, GCC, Clang, and XCode with Apple-Clang. +For each of these major versions, the GSL officially supports C++14, C++17, C++20, and C++23 (when supported by the compiler). +Below is a table showing the versions currently being tested (also see [.github/workflows/compilers.yml](the workflow).) + +Compiler |Toolset Versions Currently Tested +:------- |--: + GCC | 12, 13, 14 + XCode | 14.3.1, 15.4 + Clang | 16, 17, 18 + Visual Studio with MSVC | VS2019, VS2022 + Visual Studio with LLVM | VS2019, VS2022 + +--- +If you successfully port GSL to another platform, we would love to hear from you! +- Submit an issue specifying the platform and target. +- Consider contributing your changes by filing a pull request with any necessary changes. +- If at all possible, add a CI/CD step and add the button to the table below! + +Target | CI/CD Status +:------- | -----------: +iOS | [![CI_iOS](https://github.com/microsoft/GSL/workflows/CI_iOS/badge.svg?branch=main)](https://github.com/microsoft/GSL/actions/workflows/ios.yml?query=branch%3Amain) +Android | [![CI_Android](https://github.com/microsoft/GSL/workflows/CI_Android/badge.svg?branch=main)](https://github.com/microsoft/GSL/actions/workflows/android.yml?query=branch%3Amain) + +Note: These CI/CD steps are run with each pull request, however failures in them are non-blocking. + +## Building the tests +To build the tests, you will require the following: + +* [CMake](http://cmake.org), version 3.14 or later to be installed and in your PATH. + +These steps assume the source code of this repository has been cloned into a directory named `c:\GSL`. + +1. Create a directory to contain the build outputs for a particular architecture (we name it `c:\GSL\build-x86` in this example). + + cd GSL + md build-x86 + cd build-x86 + +2. Configure CMake to use the compiler of your choice (you can see a list by running `cmake --help`). + + cmake -G "Visual Studio 15 2017" c:\GSL + +3. Build the test suite (in this case, in the Debug configuration, Release is another good choice). + + cmake --build . --config Debug + +4. Run the test suite. + + ctest -C Debug + +All tests should pass - indicating your platform is fully supported and you are ready to use the GSL types! + +## Building GSL - Using vcpkg + +You can download and install GSL using the [vcpkg](https://github.com/Microsoft/vcpkg) dependency manager: + + git clone https://github.com/Microsoft/vcpkg.git + cd vcpkg + ./bootstrap-vcpkg.sh + ./vcpkg integrate install + vcpkg install ms-gsl + +The GSL port in vcpkg is kept up to date by Microsoft team members and community contributors. If the version is out of date, please [create an issue or pull request](https://github.com/Microsoft/vcpkg) on the vcpkg repository. + +## Using the libraries +As the types are entirely implemented inline in headers, there are no linking requirements. + +You can copy the [gsl](./include/gsl) directory into your source tree so it is available +to your compiler, then include the appropriate headers in your program. + +Alternatively set your compiler's *include path* flag to point to the GSL development folder (`c:\GSL\include` in the example above) or installation folder (after running the install). Eg. + +MSVC++ + + /I c:\GSL\include + +GCC/clang + + -I$HOME/dev/GSL/include + +Include the library using: + + #include + +## Usage in CMake + +The library provides a Config file for CMake, once installed it can be found via `find_package`. + +Which, when successful, will add library target called `Microsoft.GSL::GSL` which you can use via the usual +`target_link_libraries` mechanism. + +```cmake +find_package(Microsoft.GSL CONFIG REQUIRED) + +target_link_libraries(foobar PRIVATE Microsoft.GSL::GSL) +``` + +### FetchContent + +If you are using CMake version 3.11+ you can use the official [FetchContent module](https://cmake.org/cmake/help/latest/module/FetchContent.html). +This allows you to easily incorporate GSL into your project. + +```cmake +# NOTE: This example uses CMake version 3.14 (FetchContent_MakeAvailable). +# Since it streamlines the FetchContent process +cmake_minimum_required(VERSION 3.14) + +include(FetchContent) + +FetchContent_Declare(GSL + GIT_REPOSITORY "https://github.com/microsoft/GSL" + GIT_TAG "v4.1.0" + GIT_SHALLOW ON +) + +FetchContent_MakeAvailable(GSL) + +target_link_libraries(foobar PRIVATE Microsoft.GSL::GSL) +``` + +## Debugging visualization support + +For Visual Studio users, the file [GSL.natvis](./GSL.natvis) in the root directory of the repository can be added to your project if you would like more helpful visualization of GSL types in the Visual Studio debugger than would be offered by default. + +## See Also + +For information on [Microsoft Gray Systems Lab (GSL)](https://aka.ms/gsl) of applied data management and system research see . diff --git a/deps/GSL/SECURITY.md b/deps/GSL/SECURITY.md new file mode 100644 index 00000000..869fdfe2 --- /dev/null +++ b/deps/GSL/SECURITY.md @@ -0,0 +1,41 @@ + + +## Security + +Microsoft takes the security of our software products and services seriously, which includes all source code repositories managed through our GitHub organizations, which include [Microsoft](https://github.com/Microsoft), [Azure](https://github.com/Azure), [DotNet](https://github.com/dotnet), [AspNet](https://github.com/aspnet), [Xamarin](https://github.com/xamarin), and [our GitHub organizations](https://opensource.microsoft.com/). + +If you believe you have found a security vulnerability in any Microsoft-owned repository that meets [Microsoft's definition of a security vulnerability](https://aka.ms/opensource/security/definition), please report it to us as described below. + +## Reporting Security Issues + +**Please do not report security vulnerabilities through public GitHub issues.** + +Instead, please report them to the Microsoft Security Response Center (MSRC) at [https://msrc.microsoft.com/create-report](https://aka.ms/opensource/security/create-report). + +If you prefer to submit without logging in, send email to [secure@microsoft.com](mailto:secure@microsoft.com). If possible, encrypt your message with our PGP key; please download it from the [Microsoft Security Response Center PGP Key page](https://aka.ms/opensource/security/pgpkey). + +You should receive a response within 24 hours. If for some reason you do not, please follow up via email to ensure we received your original message. Additional information can be found at [microsoft.com/msrc](https://aka.ms/opensource/security/msrc). + +Please include the requested information listed below (as much as you can provide) to help us better understand the nature and scope of the possible issue: + + * Type of issue (e.g. buffer overflow, SQL injection, cross-site scripting, etc.) + * Full paths of source file(s) related to the manifestation of the issue + * The location of the affected source code (tag/branch/commit or direct URL) + * Any special configuration required to reproduce the issue + * Step-by-step instructions to reproduce the issue + * Proof-of-concept or exploit code (if possible) + * Impact of the issue, including how an attacker might exploit the issue + +This information will help us triage your report more quickly. + +If you are reporting for a bug bounty, more complete reports can contribute to a higher bounty award. Please visit our [Microsoft Bug Bounty Program](https://aka.ms/opensource/security/bounty) page for more details about our active programs. + +## Preferred Languages + +We prefer all communications to be in English. + +## Policy + +Microsoft follows the principle of [Coordinated Vulnerability Disclosure](https://aka.ms/opensource/security/cvd). + + diff --git a/deps/GSL/ThirdPartyNotices.txt b/deps/GSL/ThirdPartyNotices.txt new file mode 100644 index 00000000..552b254c --- /dev/null +++ b/deps/GSL/ThirdPartyNotices.txt @@ -0,0 +1,41 @@ + +THIRD-PARTY SOFTWARE NOTICES AND INFORMATION +Do Not Translate or Localize + +GSL: Guidelines Support Library incorporates third party material from the projects listed below. + +------------------------------------------------------------------------------- +Software: Google Test +Owner: Google Inc. +Source URL: github.com/google/googletest +License: BSD 3 - Clause +Text: + Copyright 2008, Google Inc. + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are + met: + + * Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + * Redistributions in binary form must reproduce the above + copyright notice, this list of conditions and the following disclaimer + in the documentation and/or other materials provided with the + distribution. + * Neither the name of Google Inc. nor the names of its + contributors may be used to endorse or promote products derived from + this software without specific prior written permission. + + THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR + A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT + OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT + LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +------------------------------------------------------------------------------- diff --git a/deps/GSL/docs/headers.md b/deps/GSL/docs/headers.md new file mode 100644 index 00000000..498340f1 --- /dev/null +++ b/deps/GSL/docs/headers.md @@ -0,0 +1,884 @@ +The Guidelines Support Library (GSL) interface is very lightweight and exposed via a header-only library. This document attempts to document all of the headers and their exposed classes and functions. + +Types and functions are exported in the namespace `gsl`. + +See [GSL: Guidelines support library](https://isocpp.github.io/CppCoreGuidelines/CppCoreGuidelines#S-gsl) + +# Headers + +- [``](#user-content-H-algorithms) +- [``](#user-content-H-assert) +- [``](#user-content-H-byte) +- [``](#user-content-H-gsl) +- [``](#user-content-H-narrow) +- [``](#user-content-H-pointers) +- [``](#user-content-H-span) +- [``](#user-content-H-span_ext) +- [``](#user-content-H-zstring) +- [``](#user-content-H-util) + +## `` + +This header contains some common algorithms that have been wrapped in GSL safety features. + +- [`gsl::copy`](#user-content-H-algorithms-copy) + +### `gsl::copy` + +```cpp +template +void copy(span src, span dest); +``` + +This function copies the content from the `src` [`span`](#user-content-H-span-span) to the `dest` [`span`](#user-content-H-span-span). It [`Expects`](#user-content-H-assert-expects) +that the destination `span` is at least as large as the source `span`. + +## `` + +This header contains some macros used for contract checking and suppressing code analysis warnings. + +See [GSL.assert: Assertions](https://isocpp.github.io/CppCoreGuidelines/CppCoreGuidelines#SS-assertions) + +- [`GSL_SUPPRESS`](#user-content-H-assert-gsl_suppress) +- [`Expects`](#user-content-H-assert-expects) +- [`Ensures`](#user-content-H-assert-ensures) + +### `GSL_SUPPRESS` + +This macro can be used to suppress a code analysis warning. + +The core guidelines request tools that check for the rules to respect suppressing a rule by writing +`[[gsl::suppress(tag)]]` or `[[gsl::suppress(tag, justification: "message")]]`. + +Clang does not use exactly that syntax, but requires `tag` to be put in double quotes `[[gsl::suppress("tag")]]`. + +For portable code you can use `GSL_SUPPRESS(tag)`. + +See [In.force: Enforcement](https://isocpp.github.io/CppCoreGuidelines/CppCoreGuidelines#inforce-enforcement). + +### `Expects` + +This macro can be used for expressing a precondition. If the precondition is not held, then `std::terminate` will be called. + +See [I.6: Prefer `Expects()` for expressing preconditions](https://isocpp.github.io/CppCoreGuidelines/CppCoreGuidelines#i6-prefer-expects-for-expressing-preconditions) + +### `Ensures` + +This macro can be used for expressing a postcondition. If the postcondition is not held, then `std::terminate` will be called. + +See [I.8: Prefer `Ensures()` for expressing postconditions](https://isocpp.github.io/CppCoreGuidelines/CppCoreGuidelines#i8-prefer-ensures-for-expressing-postconditions) + +## `` + +This header contains the definition of a byte type, implementing `std::byte` before it was standardized into C++17. + +- [`gsl::byte`](#user-content-H-byte-byte) + +### `gsl::byte` + +If `GSL_USE_STD_BYTE` is defined to be `1`, then `gsl::byte` will be an alias to `std::byte`. +If `GSL_USE_STD_BYTE` is defined to be `0`, then `gsl::byte` will be a distinct type that implements the concept of byte. +If `GSL_USE_STD_BYTE` is not defined, then the header file will check if `std::byte` is available (C\+\+17 or higher). If yes, +`gsl::byte` will be an alias to `std::byte`, otherwise `gsl::byte` will be a distinct type that implements the concept of byte. + +⚠ Take care when linking projects that were compiled with different language standards (before C\+\+17 and C\+\+17 or higher). +If you do so, you might want to `#define GSL_USE_STD_BYTE 0` to a fixed value to be sure that both projects use exactly +the same type. Otherwise you might get linker errors. + +See [SL.str.5: Use `std::byte` to refer to byte values that do not necessarily represent characters](https://isocpp.github.io/CppCoreGuidelines/CppCoreGuidelines#Rstr-byte) + +### Non-member functions + +```cpp +template ::value, bool> = true> +constexpr byte& operator<<=(byte& b, IntegerType shift) noexcept; + +template ::value, bool> = true> +constexpr byte operator<<(byte b, IntegerType shift) noexcept; + +template ::value, bool> = true> +constexpr byte& operator>>=(byte& b, IntegerType shift) noexcept; + +template ::value, bool> = true> +constexpr byte operator>>(byte b, IntegerType shift) noexcept; +``` + +Left or right shift a `byte` by a given number of bits. + +```cpp +constexpr byte& operator|=(byte& l, byte r) noexcept; +constexpr byte operator|(byte l, byte r) noexcept; +``` + +Bitwise "or" of two `byte`s. + +```cpp +constexpr byte& operator&=(byte& l, byte r) noexcept; +constexpr byte operator&(byte l, byte r) noexcept; +``` + +Bitwise "and" of two `byte`s. + +```cpp +constexpr byte& operator^=(byte& l, byte r) noexcept; +constexpr byte operator^(byte l, byte r) noexcept; +``` + +Bitwise xor of two `byte`s. + +```cpp +constexpr byte operator~(byte b) noexcept; +``` + +Bitwise negation of a `byte`. Flips all bits. Zeroes become ones, ones become zeroes. + +```cpp +template ::value, bool> = true> +constexpr IntegerType to_integer(byte b) noexcept; +``` + +Convert the given `byte` value to an integral type. + +```cpp +template +constexpr byte to_byte(T t) noexcept; +``` + +Convert the given value to a `byte`. The template requires `T` to be an `unsigned char` so that no data loss can occur. +If you want to convert an integer constant to a `byte` you probably want to call `to_byte()`. + +```cpp +template +constexpr byte to_byte() noexcept; +``` + +Convert the given value `I` to a `byte`. The template requires `I` to be in the valid range 0..255 for a `gsl::byte`. + +## `` + +This header is a convenience header that includes all other [GSL headers](#user-content-H). +Since `` requires exceptions, it will only be included if exceptions are enabled. + +## `` + +This header contains utility functions and classes, for narrowing casts, which require exceptions. The narrowing-related utilities that don't require exceptions are found inside [util](#user-content-H-util). + +See [GSL.util: Utilities](https://isocpp.github.io/CppCoreGuidelines/CppCoreGuidelines#SS-utilities) + +- [`gsl::narrowing_error`](#user-content-H-narrow-narrowing_error) +- [`gsl::narrow`](#user-content-H-narrow-narrow) + +### `gsl::narrowing_error` + +`gsl::narrowing_error` is the exception thrown by [`gsl::narrow`](#user-content-H-narrow-narrow) when a narrowing conversion fails. It is derived from `std::exception`. + +### `gsl::narrow` + +`gsl::narrow(x)` is a named cast that does a `static_cast(x)` for narrowing conversions with no signedness promotions. +If the argument `x` cannot be represented in the target type `T`, then the function throws a [`gsl::narrowing_error`](#user-content-H-narrow-narrowing_error) (e.g., `narrow(-42)` and `narrow(300)` throw). + +Note: compare [`gsl::narrow_cast`](#user-content-H-util-narrow_cast) in header [util](#user-content-H-util). + +See [ES.46: Avoid lossy (narrowing, truncating) arithmetic conversions](https://isocpp.github.io/CppCoreGuidelines/CppCoreGuidelines#Res-narrowing) and [ES.49: If you must use a cast, use a named cast](https://isocpp.github.io/CppCoreGuidelines/CppCoreGuidelines#Res-casts-named) + +## `` + +This header contains some pointer types. + +See [GSL.view](https://isocpp.github.io/CppCoreGuidelines/CppCoreGuidelines#SS-views) + +- [`gsl::unique_ptr`](#user-content-H-pointers-unique_ptr) +- [`gsl::shared_ptr`](#user-content-H-pointers-shared_ptr) +- [`gsl::owner`](#user-content-H-pointers-owner) +- [`gsl::not_null`](#user-content-H-pointers-not_null) +- [`gsl::strict_not_null`](#user-content-H-pointers-strict_not_null) + +### `gsl::unique_ptr` + +`gsl::unique_ptr` is an alias to `std::unique_ptr`. + +See [GSL.owner: Ownership pointers](https://isocpp.github.io/CppCoreGuidelines/CppCoreGuidelines#SS-ownership) + +### `gsl::shared_ptr` + +`gsl::shared_ptr` is an alias to `std::shared_ptr`. + +See [GSL.owner: Ownership pointers](https://isocpp.github.io/CppCoreGuidelines/CppCoreGuidelines#SS-ownership) + +### `gsl::owner` + +`gsl::owner` is designed as a safety mechanism for code that must deal directly with raw pointers that own memory. Ideally such code should be restricted to the implementation of low-level abstractions. `gsl::owner` can also be used as a stepping point in converting legacy code to use more modern RAII constructs such as smart pointers. +`T` must be a pointer type (`std::is_pointer`). + +A `gsl::owner` is a typedef to `T`. It adds no runtime overhead whatsoever, as it is purely syntactic and does not add any runtime checks. Instead, it serves as an annotation for static analysis tools which check for memory safety, and as a code comprehension guide for human readers. + +See Enforcement section of [C.31: All resources acquired by a class must be released by the class’s destructor](https://isocpp.github.io/CppCoreGuidelines/CppCoreGuidelines#Rc-dtor-release). + +### `gsl::not_null` + +`gsl::not_null` restricts a pointer or smart pointer to only hold non-null values. It has no size overhead over `T`. + +The checks for ensuring that the pointer is not null are done in the constructor. There is no overhead when retrieving or dereferencing the checked pointer. +When a nullptr check fails, `std::terminate` is called. + +See [F.23: Use a `not_null` to indicate that “null” is not a valid value](https://isocpp.github.io/CppCoreGuidelines/CppCoreGuidelines#Rf-nullptr) + +#### Member Types + +```cpp +using element_type = T; +``` + +The type of the pointer or smart pointer that is managed by this object. + +#### Member functions + +##### Construct/Copy + +```cpp +template ::value>> +constexpr not_null(U&& u); + +template ::value>> +constexpr not_null(T u); +``` + +Constructs a `gsl_owner` from a pointer that is convertible to `T` or that is a `T`. It [`Expects`](#user-content-H-assert-expects) that the provided pointer is not `== nullptr`. + +```cpp +template ::value>> +constexpr not_null(const not_null& other); +``` + +Constructs a `gsl_owner` from another `gsl_owner` where the other pointer is convertible to `T`. It [`Expects`](#user-content-H-assert-expects) that the provided pointer is not `== nullptr`. + +```cpp +not_null(const not_null& other) = default; +not_null& operator=(const not_null& other) = default; +``` + +Copy construction and assignment. + +```cpp +not_null(std::nullptr_t) = delete; +not_null& operator=(std::nullptr_t) = delete; +``` + +Construction from `std::nullptr_t` and assignment of `std::nullptr_t` are explicitly deleted. + +##### Modifiers + +```cpp +not_null& operator++() = delete; +not_null& operator--() = delete; +not_null operator++(int) = delete; +not_null operator--(int) = delete; +not_null& operator+=(std::ptrdiff_t) = delete; +not_null& operator-=(std::ptrdiff_t) = delete; +``` + +Explicitly deleted operators. Pointers point to single objects ([I.13: Do not pass an array as a single pointer](http://isocpp.github.io/CppCoreGuidelines/CppCoreGuidelines#Ri-array)), so don't allow these operators. + +##### Observers + +```cpp +constexpr details::value_or_reference_return_t get() const; +constexpr operator T() const { return get(); } +``` + +Get the underlying pointer. + +```cpp +constexpr decltype(auto) operator->() const { return get(); } +constexpr decltype(auto) operator*() const { return *get(); } +``` + +Dereference the underlying pointer. + +```cpp +void operator[](std::ptrdiff_t) const = delete; +``` + +Array index operator is explicitly deleted. Pointers point to single objects ([I.13: Do not pass an array as a single pointer](http://isocpp.github.io/CppCoreGuidelines/CppCoreGuidelines#Ri-array)), so don't allow treating them as an array. + +```cpp +void swap(not_null& other) { std::swap(ptr_, other.ptr_); } +``` + +Swaps contents with another `gsl::not_null` object. + +#### Non-member functions + +```cpp +template +auto make_not_null(T&& t) noexcept; +``` + +Creates a `gsl::not_null` object, deducing the target type from the type of the argument. + +```cpp +template ::value && std::is_move_constructible::value, bool> = true> +void swap(not_null& a, not_null& b); +``` + +Swaps the contents of two `gsl::not_null` objects. + +```cpp +template +auto operator==(const not_null& lhs, + const not_null& rhs) noexcept(noexcept(lhs.get() == rhs.get())) + -> decltype(lhs.get() == rhs.get()); +template +auto operator!=(const not_null& lhs, + const not_null& rhs) noexcept(noexcept(lhs.get() != rhs.get())) + -> decltype(lhs.get() != rhs.get()); +template +auto operator<(const not_null& lhs, + const not_null& rhs) noexcept(noexcept(lhs.get() < rhs.get())) + -> decltype(lhs.get() < rhs.get()); +template +auto operator<=(const not_null& lhs, + const not_null& rhs) noexcept(noexcept(lhs.get() <= rhs.get())) + -> decltype(lhs.get() <= rhs.get()); +template +auto operator>(const not_null& lhs, + const not_null& rhs) noexcept(noexcept(lhs.get() > rhs.get())) + -> decltype(lhs.get() > rhs.get()); +template +auto operator>=(const not_null& lhs, + const not_null& rhs) noexcept(noexcept(lhs.get() >= rhs.get())) + -> decltype(lhs.get() >= rhs.get()); +``` + +Comparison of pointers that are convertible to each other. + +##### Input/Output + +```cpp +template +std::ostream& operator<<(std::ostream& os, const not_null& val); +``` + +Performs stream output on a `not_null` pointer, invoking `os << val.get()`. This function is only available when `GSL_NO_IOSTREAMS` is not defined. + +##### Modifiers + +```cpp +template +std::ptrdiff_t operator-(const not_null&, const not_null&) = delete; +template +not_null operator-(const not_null&, std::ptrdiff_t) = delete; +template +not_null operator+(const not_null&, std::ptrdiff_t) = delete; +template +not_null operator+(std::ptrdiff_t, const not_null&) = delete; +``` + +Addition and subtraction are explicitly deleted. Pointers point to single objects ([I.13: Do not pass an array as a single pointer](http://isocpp.github.io/CppCoreGuidelines/CppCoreGuidelines#Ri-array)), so don't allow these operators. + +##### STL integration + +```cpp +template +struct std::hash> { ... }; +``` + +Specialization of `std::hash` for `gsl::not_null`. + +### `gsl::strict_not_null` + +`strict_not_null` is the same as [`not_null`](#user-content-H-pointers-not_null) except that the constructors are `explicit`. + +The free function that deduces the target type from the type of the argument and creates a `gsl::strict_not_null` object is `gsl::make_strict_not_null`. + +## `` + +This header file exports the class `gsl::span`, a bounds-checked implementation of `std::span`. + +- [`gsl::span`](#user-content-H-span-span) + +### `gsl::span` + +```cpp +template +class span; +``` + +`gsl::span` is a view over memory. It does not own the memory and is only a way to access contiguous sequences of objects. +The extent can be either a fixed size or [`gsl::dynamic_extent`](#user-content-H-span_ext-dynamic_extent). + +The `gsl::span` is based on the standardized version of `std::span` which was added to C++20. Originally, the plan was to +deprecate `gsl::span` when `std::span` finished standardization, however that plan changed when the runtime bounds checking +was removed from `std::span`'s design. + +The only difference between `gsl::span` and `std::span` is that `gsl::span` strictly enforces runtime bounds checking. +Any violations of the bounds check results in termination of the program. +Like `gsl::span`, `gsl::span`'s iterators also differ from `std::span`'s iterator in that all access operations are bounds checked. + +#### Which version of span should I use? + +##### Use `gsl::span` if + +- you want to guarantee bounds safety in your project. + - All data accessing operations use bounds checking to ensure you are only accessing valid memory. +- your project uses C++14 or C++17. + - `std::span` is not available as it was not introduced into the STL until C++20. + +##### Use `std::span` if + +- your project is C++20 and you need the performance offered by `std::span`. + +#### Types + +```cpp +using element_type = ElementType; +using value_type = std::remove_cv_t; +using size_type = std::size_t; +using pointer = element_type*; +using const_pointer = const element_type*; +using reference = element_type&; +using const_reference = const element_type&; +using difference_type = std::ptrdiff_t; + +using iterator = details::span_iterator; +using reverse_iterator = std::reverse_iterator; +``` + +#### Member functions + +```cpp +constexpr span() noexcept; +``` + +Constructs an empty `span`. This constructor is only available if `Extent` is 0 or [`gsl::dynamic_extent`](#user-content-H-span_ext-dynamic_extent). +`span::data()` will return `nullptr`. + +```cpp +constexpr explicit(Extent != gsl::dynamic_extent) span(pointer ptr, size_type count) noexcept; +``` + +Constructs a `span` from a pointer and a size. If `Extent` is not [`gsl::dynamic_extent`](#user-content-H-span_ext-dynamic_extent), +then the constructor [`Expects`](#user-content-H-assert-expects) that `count == Extent`. + +```cpp +constexpr explicit(Extent != gsl::dynamic_extent) span(pointer firstElem, pointer lastElem) noexcept; +``` + +Constructs a `span` from a pointer to the begin and the end of the data. If `Extent` is not [`gsl::dynamic_extent`](#user-content-H-span_ext-dynamic_extent), +then the constructor [`Expects`](#user-content-H-assert-expects) that `lastElem - firstElem == Extent`. + +```cpp +template +constexpr span(element_type (&arr)[N]) noexcept; +``` + +Constructs a `span` from a C style array. This overload is available if `Extent ==`[`gsl::dynamic_extent`](#user-content-H-span_ext-dynamic_extent) +or `N == Extent`. + +```cpp +template +constexpr span(std::array& arr) noexcept; + +template +constexpr span(const std::array& arr) noexcept; +``` + +Constructs a `span` from a `std::array`. These overloads are available if `Extent ==`[`gsl::dynamic_extent`](#user-content-H-span_ext-dynamic_extent) +or `N == Extent`, and if the array can be interpreted as a `ElementType` array. + +```cpp +template +constexpr explicit(Extent != gsl::dynamic_extent) span(Container& cont) noexcept; + +template +constexpr explicit(Extent != gsl::dynamic_extent) span(const Container& cont) noexcept; +``` + +Constructs a `span` from a container. These overloads are available if `Extent ==`[`gsl::dynamic_extent`](#user-content-H-span_ext-dynamic_extent) +or `N == Extent`, and if the container can be interpreted as a contiguous `ElementType` array. + +```cpp +constexpr span(const span& other) noexcept = default; +``` + +Copy constructor. + +```cpp +template +explicit(Extent != gsl::dynamic_extent && OtherExtent == dynamic_extent) +constexpr span(const span& other) noexcept; +``` + +Constructs a `span` from another `span`. This constructor is available if `OtherExtent == Extent || Extent ==`[`gsl::dynamic_extent`](#user-content-H-span_ext-dynamic_extent)` || OtherExtent ==`[`gsl::dynamic_extent`](#user-content-H-span_ext-dynamic_extent) +and if `ElementType` and `OtherElementType` are compatible. + +If `Extent !=`[`gsl::dynamic_extent`](#user-content-H-span_ext-dynamic_extent) and `OtherExtent ==`[`gsl::dynamic_extent`](#user-content-H-span_ext-dynamic_extent), +then the constructor [`Expects`](#user-content-H-assert-expects) that `other.size() == Extent`. + +```cpp +constexpr span& operator=(const span& other) noexcept = default; +``` + +Copy assignment + +```cpp +template +constexpr span first() const noexcept; + +constexpr span first(size_type count) const noexcept; + +template +constexpr span last() const noexcept; + +constexpr span last(size_type count) const noexcept; +``` + +Return a subspan of the first/last `Count` elements. [`Expects`](#user-content-H-assert-expects) that `Count` does not exceed the `span`'s size. + +```cpp +template +constexpr auto subspan() const noexcept; + +constexpr span +subspan(size_type offset, size_type count = dynamic_extent) const noexcept; +``` + +Return a subspan starting at `offset` and having size `count`. [`Expects`](#user-content-H-assert-expects) that `offset` does not exceed the `span`'s size, +and that `offset == `[`gsl::dynamic_extent`](#user-content-H-span_ext-dynamic_extent) or `offset + count` does not exceed the `span`'s size. +If `count` is `gsl::dynamic_extent`, the number of elements in the subspan is `size() - offset`. + +```cpp +constexpr size_type size() const noexcept; + +constexpr size_type size_bytes() const noexcept; +``` + +Returns the size respective the size in bytes of the `span`. + +```cpp +constexpr bool empty() const noexcept; +``` + +Is the `span` empty? + +```cpp +constexpr reference operator[](size_type idx) const noexcept; +``` + +Returns a reference to the element at the given index. [`Expects`](#user-content-H-assert-expects) that `idx` is less than the `span`'s size. + +```cpp +constexpr reference front() const noexcept; +constexpr reference back() const noexcept; +``` + +Returns a reference to the first/last element in the `span`. [`Expects`](#user-content-H-assert-expects) that the `span` is not empty. + +```cpp +constexpr pointer data() const noexcept; +``` + +Returns a pointer to the beginning of the contained data. + +```cpp +constexpr iterator begin() const noexcept; +constexpr iterator end() const noexcept; +constexpr reverse_iterator rbegin() const noexcept; +constexpr reverse_iterator rend() const noexcept; +``` + +Returns an iterator to the first/last normal/reverse iterator. + +```cpp +template +span(Type (&)[Extent]) -> span; + +template +span(std::array&) -> span; + +template +span(const std::array&) -> span; + +template ().data())>> +span(Container&) -> span; + +template ().data())>> +span(const Container&) -> span; +``` + +Deduction guides. + +```cpp +template +span::value> +as_bytes(span s) noexcept; + +template +span::value> +as_writable_bytes(span s) noexcept; +``` + +Converts a `span` into a `span` of `byte`s. + +`as_writable_bytes` will only be available for non-const `ElementType`s. + +## `` + +This file is a companion for and included by [``](#user-content-H-span), and should not be used on its own. It contains useful features that aren't part of the `std::span` API as found inside the STL `` header (with the exception of [`gsl::dynamic_extent`](#user-content-H-span_ext-dynamic_extent), which is included here due to implementation constraints). + +- [`gsl::dynamic_extent`](#user-content-H-span_ext-dynamic_extent) +- [`gsl::span`](#user-content-H-span_ext-span) +- [`gsl::span` comparison operators](#user-content-H-span_ext-span_comparison_operators) +- [`gsl::make_span`](#user-content-H-span_ext-make_span) +- [`gsl::at`](#user-content-H-span_ext-at) +- [`gsl::ssize`](#user-content-H-span_ext-ssize) +- [`gsl::span` iterator functions](#user-content-H-span_ext-span_iterator_functions) + +### `gsl::dynamic_extent` + +Defines the extent value to be used by all `gsl::span` with dynamic extent. + +Note: `std::dynamic_extent` is exposed by the STL `` header and so ideally `gsl::dynamic_extent` would be under [``](#user-content-H-span), but to avoid cyclic dependency issues it is under `` instead. + +### `gsl::span` + +```cpp +template +class span; +``` + +Forward declaration of `gsl::span`. + +### `gsl::span` comparison operators + +```cpp +template +constexpr bool operator==(span l, span r); +template +constexpr bool operator!=(span l, span r); +template +constexpr bool operator<(span l, span r); +template +constexpr bool operator<=(span l, span r); +template +constexpr bool operator>(span l, span r); +template +constexpr bool operator>=(span l, span r); +``` + +The comparison operators for two `span`s lexicographically compare the elements in the `span`s. + +### `gsl::make_span` + +```cpp +template +constexpr span make_span(ElementType* ptr, typename span::size_type count); +template +constexpr span make_span(ElementType* firstElem, ElementType* lastElem); +template +constexpr span make_span(ElementType (&arr)[N]) noexcept; +template +constexpr span make_span(Container& cont); +template +constexpr span make_span(const Container& cont); +``` + +Utility function for creating a `span` with [`gsl::dynamic_extent`](#user-content-H-span_ext-dynamic_extent) from +- pointer and length, +- pointer to start and pointer to end, +- a C style array, or +- a container. + +### `gsl::at` + +```cpp +template +constexpr ElementType& at(span s, index i); +``` + +The function `gsl::at` offers a safe way to access data with index bounds checking. + +This is the specialization of [`gsl::at`](#user-content-H-util-at) for [`span`](#user-content-H-span-span). It returns a reference to the `i`th element and +[`Expects`](#user-content-H-assert-expects) that the provided index is within the bounds of the `span`. + +Note: `gsl::at` supports indexes up to `PTRDIFF_MAX`. + +### `gsl::ssize` + +```cpp +template +constexpr std::ptrdiff_t ssize(const span& s) noexcept; +``` + +Return the size of a [`span`](#user-content-H-span-span) as a `ptrdiff_t`. + +### `gsl::span` iterator functions + +```cpp +template +constexpr typename span::iterator +begin(const span& s) noexcept; + +template +constexpr typename span::iterator +end(const span& s) noexcept; + +template +constexpr typename span::reverse_iterator +rbegin(const span& s) noexcept; + +template +constexpr typename span::reverse_iterator +rend(const span& s) noexcept; + +template +constexpr typename span::iterator +cbegin(const span& s) noexcept; + +template +constexpr typename span::iterator +cend(const span& s) noexcept; + +template +constexpr typename span::reverse_iterator +crbegin(const span& s) noexcept; + +template +constexpr typename span::reverse_iterator +crend(const span& s) noexcept; +``` + +Free functions for getting a non-const/const begin/end normal/reverse iterator for a [`span`](#user-content-H-span-span). + +## `` + +This header exports a family of `*zstring` types. + +A `gsl::XXzstring` is a typedef to `T`. It adds no checks whatsoever, it is just for having a syntax to describe +that a pointer points to a zero terminated C style string. This helps static code analysis, and it helps human readers. + +`basic_zstring` is a pointer to a C-string (zero-terminated array) with a templated char type. Used to implement the rest of the `*zstring` family. +`zstring` is a zero terminated `char` string. +`czstring` is a const zero terminated `char` string. +`wzstring` is a zero terminated `wchar_t` string. +`cwzstring` is a const zero terminated `wchar_t` string. +`u16zstring` is a zero terminated `char16_t` string. +`cu16zstring` is a const zero terminated `char16_t` string. +`u32zstring` is a zero terminated `char32_t` string. +`cu32zstring` is a const zero terminated `char32_t` string. + +See [GSL.view](https://isocpp.github.io/CppCoreGuidelines/CppCoreGuidelines#SS-views) and [SL.str.3: Use zstring or czstring to refer to a C-style, zero-terminated, sequence of characters](https://isocpp.github.io/CppCoreGuidelines/CppCoreGuidelines#Rstr-zstring). + +## `` + +This header contains utility functions and classes. This header works without exceptions being available. The parts that require +exceptions being available are in their own header file [narrow](#user-content-H-narrow). + +See [GSL.util: Utilities](https://isocpp.github.io/CppCoreGuidelines/CppCoreGuidelines#SS-utilities) + +- [`gsl::narrow_cast`](#user-content-H-util-narrow_cast) +- [`gsl::final_action`](#user-content-H-util-final_action) +- [`gsl::at`](#user-content-H-util-at) + +### `gsl::index` + +An alias to `std::ptrdiff_t`. It serves as the index type for all container indexes/subscripts/sizes. + +### `gsl::narrow_cast` + +`gsl::narrow_cast(x)` is a named cast that is identical to a `static_cast(x)`. It exists to make clear to static code analysis tools and to human readers that a lossy conversion is acceptable. + +Note: compare the throwing version [`gsl::narrow`](#user-content-H-narrow-narrow) in header [narrow](#user-content-H-narrow). + +See [ES.46: Avoid lossy (narrowing, truncating) arithmetic conversions](https://isocpp.github.io/CppCoreGuidelines/CppCoreGuidelines#Res-narrowing) and [ES.49: If you must use a cast, use a named cast](https://isocpp.github.io/CppCoreGuidelines/CppCoreGuidelines#Res-casts-named) + +### `gsl::final_action` + +```cpp +template +class final_action { ... }; +``` + +`final_action` allows you to ensure something gets run at the end of a scope. + +See [E.19: Use a final_action object to express cleanup if no suitable resource handle is available](https://isocpp.github.io/CppCoreGuidelines/CppCoreGuidelines#Re-finally) + +#### Member functions + +```cpp +explicit final_action(const F& ff) noexcept; +explicit final_action(F&& ff) noexcept; +``` + +Construct an object with the action to invoke in the destructor. + +```cpp +~final_action() noexcept; +``` + +The destructor will call the action that was passed in the constructor. + +```cpp +final_action(final_action&& other) noexcept; +final_action(const final_action&) = delete; +void operator=(const final_action&) = delete; +void operator=(final_action&&) = delete; +``` + +Move construction is allowed. Copy construction is deleted. Copy and move assignment are also explicitly deleted. + +#### Non-member functions +```cpp +template +auto finally(F&& f) noexcept; +``` + +Creates a `gsl::final_action` object, deducing the template argument type from the type of the argument. + +### `gsl::at` + +The function `gsl::at` offers a safe way to access data with index bounds checking. + +Note: `gsl::at` supports indexes up to `PTRDIFF_MAX`. + +See [ES.42: Keep use of pointers simple and straightforward](https://isocpp.github.io/CppCoreGuidelines/CppCoreGuidelines#Res-ptr) + +```cpp +template +constexpr T& at(T (&arr)[N], const index i); +``` + +This overload returns a reference to the `i`s element of a C style array `arr`. It [`Expects`](#user-content-H-assert-expects) that the provided index is within the bounds of the array. + +```cpp +template +constexpr auto at(Cont& cont, const index i) -> decltype(cont[cont.size()]); +``` + +This overload returns a reference to the `i`s element of the container `cont`. It [`Expects`](#user-content-H-assert-expects) that the provided index is within the bounds of the array. + +```cpp +template +constexpr T at(const std::initializer_list cont, const index i); +``` + +This overload returns a reference to the `i`s element of the initializer list `cont`. It [`Expects`](#user-content-H-assert-expects) that the provided index is within the bounds of the array. + +```cpp +template +constexpr auto at(std::span sp, const index i) -> decltype(sp[sp.size()]); +``` + +This overload returns a reference to the `i`s element of the `std::span` `sp`. It [`Expects`](#user-content-H-assert-expects) that the provided index is within the bounds of the array. + +For [`gsl::at`](#user-content-H-span_ext-at) for [`gsl::span`](#user-content-H-span-span) see header [`span_ext`](#user-content-H-span_ext). + +```cpp +template ::value && std::is_move_constructible::value>> +void swap(T& a, T& b); +``` + +Swaps the contents of two objects. Exists only to specialize `gsl::swap(gsl::not_null&, gsl::not_null&)`. diff --git a/deps/GSL/include/CMakeLists.txt b/deps/GSL/include/CMakeLists.txt new file mode 100644 index 00000000..fe4eed91 --- /dev/null +++ b/deps/GSL/include/CMakeLists.txt @@ -0,0 +1,13 @@ +# Add include folders to the library and targets that consume it +# the SYSTEM keyword suppresses warnings for users of the library +# +# By adding this directory as an include directory the user gets a +# namespace effect. +# +# IE: +# #include +if(PROJECT_IS_TOP_LEVEL) + target_include_directories(GSL INTERFACE $) +else() + target_include_directories(GSL SYSTEM INTERFACE $) +endif() diff --git a/deps/GSL/tests/CMakeLists.txt b/deps/GSL/tests/CMakeLists.txt new file mode 100644 index 00000000..1f2bf7a5 --- /dev/null +++ b/deps/GSL/tests/CMakeLists.txt @@ -0,0 +1,319 @@ +cmake_minimum_required(VERSION 3.14...3.16) + +project(GSLTests LANGUAGES CXX) + +set(GSL_CXX_STANDARD "14" CACHE STRING "Use c++ standard") + +set(CMAKE_CXX_STANDARD ${GSL_CXX_STANDARD}) +set(CMAKE_CXX_EXTENSIONS OFF) +set(CMAKE_CXX_STANDARD_REQUIRED ON) + +include(FindPkgConfig) +include(ExternalProject) + +# will make visual studio generated project group files +set_property(GLOBAL PROPERTY USE_FOLDERS ON) + +if(CI_TESTING AND GSL_CXX_STANDARD EQUAL 20) + add_compile_definitions(FORCE_STD_SPAN_TESTS=1) +endif() + +if(IOS) + add_compile_definitions(GTEST_HAS_DEATH_TEST=1 IOS_PROCESS_DELAY_WORKAROUND=1) +endif() + +pkg_search_module(GTestMain gtest_main) +if (NOT GTestMain_FOUND) + # No pre-installed GTest is available, try to download it using Git. + find_package(Git REQUIRED QUIET) + + configure_file(CMakeLists.txt.in googletest-download/CMakeLists.txt) + execute_process( + COMMAND ${CMAKE_COMMAND} -G "${CMAKE_GENERATOR}" . + RESULT_VARIABLE result + WORKING_DIRECTORY ${CMAKE_CURRENT_BINARY_DIR}/googletest-download + ) + if(result) + message(FATAL_ERROR "CMake step for googletest failed: ${result}") + endif() + + execute_process( + COMMAND ${CMAKE_COMMAND} --build . + RESULT_VARIABLE result + WORKING_DIRECTORY ${CMAKE_CURRENT_BINARY_DIR}/googletest-download + ) + if(result) + message(FATAL_ERROR "CMake step for googletest failed: ${result}") + endif() + + set(gtest_force_shared_crt ON CACHE BOOL "" FORCE) + set(GTestMain_LIBRARIES gtest_main) + + add_subdirectory( + ${CMAKE_CURRENT_BINARY_DIR}/googletest-src + ${CMAKE_CURRENT_BINARY_DIR}/googletest-build + EXCLUDE_FROM_ALL + ) +endif() + +if (CMAKE_CURRENT_SOURCE_DIR STREQUAL CMAKE_SOURCE_DIR) + find_package(Microsoft.GSL CONFIG REQUIRED) + enable_testing() + + if (NOT DEFINED Microsoft.GSL_VERSION) + message(FATAL_ERROR "Microsoft.GSL_VERSION not defined!") + endif() + + message(STATUS "Microsoft.GSL_VERSION = ${Microsoft.GSL_VERSION}") +endif() + +if (MSVC AND (GSL_CXX_STANDARD GREATER_EQUAL 17)) + set(GSL_CPLUSPLUS_OPT -Zc:__cplusplus -permissive-) +endif() + +include(CheckCXXCompilerFlag) +# this interface adds compile options to how the tests are run +# please try to keep entries ordered =) +add_library(gsl_tests_config INTERFACE) +if(MSVC) # MSVC or simulating MSVC + target_compile_options(gsl_tests_config INTERFACE + ${GSL_CPLUSPLUS_OPT} + /EHsc + /W4 + /WX + $<$: + /wd4996 # Use of function or classes marked [[deprecated]] + /wd26409 # CppCoreCheck - GTest + /wd26426 # CppCoreCheck - GTest + /wd26440 # CppCoreCheck - GTest + /wd26446 # CppCoreCheck - prefer gsl::at() + /wd26472 # CppCoreCheck - use gsl::narrow(_cast) + /wd26481 # CppCoreCheck - use span instead of pointer arithmetic + $<$,1920>: # VS2015 + /wd4189 # variable is initialized but not referenced + $<$>: # Release, RelWithDebInfo + /wd4702 # Unreachable code + > + > + > + $<$: + -Weverything + -Wfloat-equal + -Wno-c++98-compat + -Wno-c++98-compat-pedantic + -Wno-covered-switch-default # GTest + -Wno-deprecated-declarations # Allow tests for [[deprecated]] elements + -Wno-global-constructors # GTest + -Wno-language-extension-token # GTest gtest-port.h + -Wno-missing-braces + -Wno-missing-prototypes + -Wno-shift-sign-overflow # GTest gtest-port.h + -Wno-undef # GTest + -Wno-used-but-marked-unused # GTest EXPECT_DEATH + -Wno-switch-default # GTest EXPECT_DEATH + $<$: # no support for [[maybe_unused]] + -Wno-unused-member-function + -Wno-unused-variable + $<$,15.0.1>: + -Wno-deprecated # False positive in MSVC Clang 15.0.1 raises a C++17 warning + > + > + > + ) + check_cxx_compiler_flag("-Wno-reserved-identifier" WARN_RESERVED_ID) + if (WARN_RESERVED_ID) + target_compile_options(gsl_tests_config INTERFACE "-Wno-reserved-identifier") + endif() +else() + target_compile_options(gsl_tests_config INTERFACE + -fno-strict-aliasing + -Wall + -Wcast-align + -Wconversion + -Wctor-dtor-privacy + -Werror + -Wextra + -Wpedantic + -Wshadow + -Wsign-conversion + -Wfloat-equal + -Wno-deprecated-declarations # Allow tests for [[deprecated]] elements + $<$,$>: + -Weverything + -Wno-c++98-compat + -Wno-c++98-compat-pedantic + -Wno-missing-braces + -Wno-covered-switch-default # GTest + -Wno-global-constructors # GTest + -Wno-missing-prototypes + -Wno-padded + -Wno-switch-default + -Wno-unknown-attributes + -Wno-used-but-marked-unused # GTest EXPECT_DEATH + -Wno-weak-vtables + $<$: # no support for [[maybe_unused]] + -Wno-unused-member-function + -Wno-unused-variable + > + > + $<$: + $<$,4.99>,$,6>>: + $<$:-Wno-undefined-func-template> + > + $<$,$,$>>: + -Wno-zero-as-null-pointer-constant # failing Clang Ubuntu 20.04 tests, seems to be a bug with clang 10.0.0 + # and clang 11.0.0. (operator< is being re-written by the compiler + # as operator<=> and raising the warning) + > + > + $<$: + $<$,9.1>,$,10>>: + $<$:-Wno-undefined-func-template> + > + > + $<$: + -Wdouble-promotion # float implicit to double + -Wlogical-op # suspicious uses of logical operators + $<$,6>>: + -Wduplicated-cond # duplicated if-else conditions + -Wmisleading-indentation + -Wnull-dereference + $<$: # no support for [[maybe_unused]] + -Wno-unused-variable + > + > + $<$,7>>: + -Wduplicated-branches # identical if-else branches + > + > + ) +endif(MSVC) +check_cxx_compiler_flag("-Wno-unsafe-buffer-usage" WARN_UNSAFE_BUFFER) +if (WARN_UNSAFE_BUFFER) + # This test uses very greedy heuristics such as "no pointer arithmetic on raw buffer" + target_compile_options(gsl_tests_config INTERFACE "-Wno-unsafe-buffer-usage") +endif() + +# for tests to find the gtest header +target_include_directories(gsl_tests_config SYSTEM INTERFACE + googletest/googletest/include +) + +add_executable(gsl_tests + algorithm_tests.cpp + assertion_tests.cpp + at_tests.cpp + byte_tests.cpp + notnull_tests.cpp + owner_tests.cpp + pointers_tests.cpp + span_compatibility_tests.cpp + span_ext_tests.cpp + span_tests.cpp + strict_notnull_tests.cpp + + utils_tests.cpp +) + +target_link_libraries(gsl_tests + Microsoft.GSL::GSL + gsl_tests_config + ${GTestMain_LIBRARIES} +) +add_test(gsl_tests gsl_tests) + +# No exception tests + +foreach(flag_var + CMAKE_CXX_FLAGS CMAKE_CXX_FLAGS_DEBUG CMAKE_CXX_FLAGS_RELEASE + CMAKE_CXX_FLAGS_MINSIZEREL CMAKE_CXX_FLAGS_RELWITHDEBINFO) + STRING (REGEX REPLACE "/EHsc" "" ${flag_var} "${${flag_var}}") +endforeach(flag_var) + +# this interface adds compile options to how the tests are run +# please try to keep entries ordered =) +add_library(gsl_tests_config_noexcept INTERFACE) +if(MSVC) # MSVC or simulating MSVC + target_compile_definitions(gsl_tests_config_noexcept INTERFACE + _HAS_EXCEPTIONS=0 # disable exceptions in the Microsoft STL + ) + target_compile_options(gsl_tests_config_noexcept INTERFACE + ${GSL_CPLUSPLUS_OPT} + /W4 + /WX + $<$: + /wd4577 + /wd4702 + /wd26440 # CppCoreCheck - GTest + /wd26446 # CppCoreCheck - prefer gsl::at() + > + $<$: + -Weverything + -Wfloat-equal + -Wno-c++98-compat + -Wno-c++98-compat-pedantic + -Wno-missing-prototypes + -Wno-unknown-attributes + $<$: + $<$,15.0.1>: + -Wno-deprecated # False positive in MSVC Clang 15.0.1 raises a C++17 warning + > + > + > + ) + check_cxx_compiler_flag("-Wno-reserved-identifier" WARN_RESERVED_ID) + if (WARN_RESERVED_ID) + target_compile_options(gsl_tests_config_noexcept INTERFACE "-Wno-reserved-identifier") + endif() +else() + target_compile_options(gsl_tests_config_noexcept INTERFACE + -fno-exceptions + -fno-strict-aliasing + -Wall + -Wcast-align + -Wconversion + -Wctor-dtor-privacy + -Werror + -Wextra + -Wpedantic + -Wshadow + -Wsign-conversion + -Wfloat-equal + $<$,$>: + -Weverything + -Wno-c++98-compat + -Wno-c++98-compat-pedantic + -Wno-missing-prototypes + -Wno-unknown-attributes + -Wno-weak-vtables + > + $<$: + -Wdouble-promotion # float implicit to double + -Wlogical-op # suspicious uses of logical operators + -Wuseless-cast # casting to its own type + $<$,6>>: + -Wduplicated-cond # duplicated if-else conditions + -Wmisleading-indentation + -Wnull-dereference + > + $<$,7>>: + -Wduplicated-branches # identical if-else branches + > + $<$,8>>: + -Wcast-align=strict # increase alignment (i.e. char* to int*) + > + > + ) +endif(MSVC) +check_cxx_compiler_flag("-Wno-unsafe-buffer-usage" WARN_UNSAFE_BUFFER) +if (WARN_UNSAFE_BUFFER) + # This test uses very greedy heuristics such as "no pointer arithmetic on raw buffer" + target_compile_options(gsl_tests_config_noexcept INTERFACE "-Wno-unsafe-buffer-usage") +endif() + +add_executable(gsl_noexcept_tests no_exception_ensure_tests.cpp) +target_link_libraries(gsl_noexcept_tests + Microsoft.GSL::GSL + gsl_tests_config_noexcept +) +add_test(gsl_noexcept_tests gsl_noexcept_tests) diff --git a/deps/asmjit/.github/FUNDING.yml b/deps/asmjit/.github/FUNDING.yml new file mode 100644 index 00000000..4098a26d --- /dev/null +++ b/deps/asmjit/.github/FUNDING.yml @@ -0,0 +1 @@ +github: kobalicek diff --git a/deps/asmjit/.github/ISSUE_TEMPLATE/01_bug_report.yml b/deps/asmjit/.github/ISSUE_TEMPLATE/01_bug_report.yml new file mode 100644 index 00000000..ba173b42 --- /dev/null +++ b/deps/asmjit/.github/ISSUE_TEMPLATE/01_bug_report.yml @@ -0,0 +1,42 @@ +name: Bug Report +description: File a bug report +body: + - type: markdown + attributes: + value: | + Before you hit the submit button: + * Please see our [Contribution Guidelines](https://github.com/asmjit/asmjit/blob/master/CONTRIBUTING.md). + * Make sure that you use a recent AsmJit (master branch) before filing a bug report. + * Make sure that you use logging and error handling features to collect as much information as possible, if applicable. + - type: textarea + id: issue-description + attributes: + label: Issue Description + description: Please share a clear and concise description of the issue and optionally provide reproducibility information and output from AsmJit's logger. + placeholder: Description + validations: + required: true + - type: dropdown + id: operating-system + attributes: + label: Operating System + multiple: true + options: + - Not specified / possibly all + - Windows + - Linux + - Mac + - Android + - Other + - type: dropdown + id: target-architecture + attributes: + label: Architecture + multiple: true + options: + - Not specified + - X86 / X86_64 + - AArch32 + - AArch64 + - RISC-V + - Other diff --git a/deps/asmjit/.github/ISSUE_TEMPLATE/02_feature_request.yml b/deps/asmjit/.github/ISSUE_TEMPLATE/02_feature_request.yml new file mode 100644 index 00000000..f1e9f3db --- /dev/null +++ b/deps/asmjit/.github/ISSUE_TEMPLATE/02_feature_request.yml @@ -0,0 +1,18 @@ +name: Feature Request +description: Request a new feature or enhancement +labels: [enhancement] +body: + - type: markdown + attributes: + value: | + Before you hit the submit button: + * Please see our [Contribution Guidelines](https://github.com/asmjit/asmjit/blob/master/CONTRIBUTING.md). + * Make sure that you use a recent AsmJit (master branch) before filing a feature request. + - type: textarea + id: issue-description + attributes: + label: Issue Description + description: Please share a clear and concise description of a new feature or enhancement. + placeholder: Description + validations: + required: true diff --git a/deps/asmjit/.github/ISSUE_TEMPLATE/03_help_question.yml b/deps/asmjit/.github/ISSUE_TEMPLATE/03_help_question.yml new file mode 100644 index 00000000..8d829edc --- /dev/null +++ b/deps/asmjit/.github/ISSUE_TEMPLATE/03_help_question.yml @@ -0,0 +1,18 @@ +name: Help & Questions +description: Ask a question or get help +labels: [question] +body: + - type: markdown + attributes: + value: | + Before you hit the submit button: + * Please see our [Contribution Guidelines](https://github.com/asmjit/asmjit/blob/master/CONTRIBUTING.md). + * [Gitter Chat](https://app.gitter.im/#/room/#asmjit:gitter.im) is usually faster to get answers. + * If you need a help, please include as much information as possible to make it clear what the intend is. + - type: textarea + id: issue-description + attributes: + label: Details + description: The description of the problem or question. + validations: + required: true diff --git a/deps/asmjit/.github/ISSUE_TEMPLATE/99_other_issues.yml b/deps/asmjit/.github/ISSUE_TEMPLATE/99_other_issues.yml new file mode 100644 index 00000000..4f4e36e0 --- /dev/null +++ b/deps/asmjit/.github/ISSUE_TEMPLATE/99_other_issues.yml @@ -0,0 +1,11 @@ +name: Other Issues +description: Something that doesn't fit the other categories +body: + - type: textarea + id: issue-description + attributes: + label: Issue Description + description: Please share a clear and concise description of the issue. + placeholder: Description + validations: + required: true diff --git a/deps/asmjit/.github/workflows/build-config.json b/deps/asmjit/.github/workflows/build-config.json new file mode 100644 index 00000000..e72d8e31 --- /dev/null +++ b/deps/asmjit/.github/workflows/build-config.json @@ -0,0 +1,25 @@ +{ + "diagnostics": { + "asan": { "definitions": ["ASMJIT_SANITIZE=address"] }, + "ubsan": { "definitions": ["ASMJIT_SANITIZE=undefined"] }, + "msan": { "definitions": ["ASMJIT_SANITIZE=memory"] } + }, + + "valgrind_arguments": [ + "--leak-check=full", + "--show-reachable=yes", + "--track-origins=yes" + ], + + "tests": [ + { "optional": true, "cmd": ["asmjit_test_unit", "--quick"] }, + { "optional": true, "cmd": ["asmjit_test_assembler"] }, + { "optional": true, "cmd": ["asmjit_test_assembler", "--validate"] }, + { "optional": true, "cmd": ["asmjit_test_emitters"] }, + { "optional": true, "cmd": ["asmjit_test_execute"] }, + { "optional": true, "cmd": ["asmjit_test_compiler"] }, + { "optional": true, "cmd": ["asmjit_test_instinfo"] }, + { "optional": true, "cmd": ["asmjit_test_x86_sections"] }, + { "optional": true, "cmd": ["asmjit_test_perf", "--quick"] } + ] +} diff --git a/deps/asmjit/.github/workflows/build.yml b/deps/asmjit/.github/workflows/build.yml new file mode 100644 index 00000000..77a927c7 --- /dev/null +++ b/deps/asmjit/.github/workflows/build.yml @@ -0,0 +1,232 @@ +name: "Build" +on: + push: + pull_request: + +concurrency: + group: ${{github.ref}} + cancel-in-progress: ${{github.ref != 'refs/heads/master'}} + +defaults: + run: + shell: bash + +jobs: + source-check: + name: "source check" + runs-on: ubuntu-latest + + steps: + - name: "Checkout" + uses: actions/checkout@v4 + + - name: "Setup node.js" + uses: actions/setup-node@v4 + with: + node-version: "*" + + - name: "Check Enumerations" + run: | + cd tools + node enumgen.js --verify + + build: + strategy: + fail-fast: false + matrix: + include: + - { title: "diag-analyze" , host: "ubuntu-latest" , arch: "x64" , cc: "clang-18", conf: "Debug" , diagnostics: "analyze-build" } + - { title: "diag-asan" , host: "ubuntu-latest" , arch: "x64" , cc: "clang-18", conf: "Release", diagnostics: "asan", defs: "ASMJIT_TEST=1" } + - { title: "diag-msan" , host: "ubuntu-latest" , arch: "x64" , cc: "clang-18", conf: "Release", diagnostics: "msan", defs: "ASMJIT_TEST=1" } + - { title: "diag-ubsan" , host: "ubuntu-latest" , arch: "x64" , cc: "clang-18", conf: "Release", diagnostics: "ubsan", defs: "ASMJIT_TEST=1" } + - { title: "diag-hardened" , host: "ubuntu-latest" , arch: "x64" , cc: "clang-18", conf: "Release", diagnostics: "hardened", defs: "ASMJIT_TEST=1" } + - { title: "diag-valgrind" , host: "ubuntu-24.04" , arch: "x64" , cc: "clang-18", conf: "Release", diagnostics: "valgrind", defs: "ASMJIT_TEST=1" } + + - { title: "no-deprecated" , host: "ubuntu-latest" , arch: "x64" , cc: "clang-18", conf: "Release", defs: "ASMJIT_TEST=1,ASMJIT_NO_DEPRECATED=1" } + - { title: "no-intrinsics" , host: "ubuntu-latest" , arch: "x64" , cc: "clang-18", conf: "Release", defs: "ASMJIT_TEST=1,ASMJIT_NO_INTRINSICS=1" } + - { title: "no-logging" , host: "ubuntu-latest" , arch: "x64" , cc: "clang-18", conf: "Release", defs: "ASMJIT_TEST=1,ASMJIT_NO_LOGGING=1" } + - { title: "no-logging-text" , host: "ubuntu-latest" , arch: "x64" , cc: "clang-18", conf: "Release", defs: "ASMJIT_TEST=1,ASMJIT_NO_LOGGING=1,ASMJIT_NO_TEXT=1" } + - { title: "no-builder" , host: "ubuntu-latest" , arch: "x64" , cc: "clang-18", conf: "Release", defs: "ASMJIT_TEST=1,ASMJIT_NO_BUILDER=1" } + - { title: "no-compiler" , host: "ubuntu-latest" , arch: "x64" , cc: "clang-18", conf: "Release", defs: "ASMJIT_TEST=1,ASMJIT_NO_COMPILER=1" } + - { title: "no-introspection", host: "ubuntu-latest" , arch: "x64" , cc: "clang-18", conf: "Release", defs: "ASMJIT_TEST=1,ASMJIT_NO_COMPILER=1,ASMJIT_NO_INTROSPECTION=1" } + - { title: "no-jit" , host: "ubuntu-latest" , arch: "x64" , cc: "clang-18", conf: "Release", defs: "ASMJIT_TEST=1,ASMJIT_NO_JIT=1" } + - { title: "no-validation" , host: "ubuntu-latest" , arch: "x64" , cc: "clang-18", conf: "Release", defs: "ASMJIT_TEST=1,ASMJIT_NO_VALIDATION=1" } + - { title: "no-x86" , host: "ubuntu-latest" , arch: "x64" , cc: "clang-18", conf: "Release", defs: "ASMJIT_TEST=1,ASMJIT_NO_X86=1" } + - { title: "no-aarch64" , host: "ubuntu-latest" , arch: "x64" , cc: "clang-18", conf: "Release", defs: "ASMJIT_TEST=1,ASMJIT_NO_AARCH64=1" } + + - { title: "lang-c++17" , host: "ubuntu-latest" , arch: "x64" , cc: "clang-18", conf: "Debug" , defs: "ASMJIT_TEST=1,CMAKE_CXX_FLAGS=-std=c++17" } + - { title: "lang-c++20" , host: "ubuntu-latest" , arch: "x64" , cc: "clang-18", conf: "Debug" , defs: "ASMJIT_TEST=1,CMAKE_CXX_FLAGS=-std=c++20" } + - { title: "lang-c++23" , host: "ubuntu-latest" , arch: "x64" , cc: "clang-18", conf: "Debug" , defs: "ASMJIT_TEST=1,CMAKE_CXX_FLAGS=-std=c++23" } + + - { title: "linux" , host: "ubuntu-22.04" , arch: "x86" , cc: "gcc-9" , conf: "Debug" , defs: "ASMJIT_TEST=1" } + - { title: "linux" , host: "ubuntu-22.04" , arch: "x86" , cc: "gcc-9" , conf: "Release", defs: "ASMJIT_TEST=1" } + - { title: "linux" , host: "ubuntu-22.04" , arch: "x64" , cc: "gcc-9" , conf: "Debug" , defs: "ASMJIT_TEST=1" } + - { title: "linux" , host: "ubuntu-22.04" , arch: "x64" , cc: "gcc-9" , conf: "Release", defs: "ASMJIT_TEST=1" } + - { title: "linux" , host: "ubuntu-22.04" , arch: "x86" , cc: "gcc-10" , conf: "Debug" , defs: "ASMJIT_TEST=1" } + - { title: "linux" , host: "ubuntu-22.04" , arch: "x86" , cc: "gcc-10" , conf: "Release", defs: "ASMJIT_TEST=1" } + - { title: "linux" , host: "ubuntu-22.04" , arch: "x64" , cc: "gcc-10" , conf: "Debug" , defs: "ASMJIT_TEST=1" } + - { title: "linux" , host: "ubuntu-22.04" , arch: "x64" , cc: "gcc-10" , conf: "Release", defs: "ASMJIT_TEST=1" } + - { title: "linux" , host: "ubuntu-22.04" , arch: "x86" , cc: "gcc-11" , conf: "Debug" , defs: "ASMJIT_TEST=1" } + - { title: "linux" , host: "ubuntu-22.04" , arch: "x86" , cc: "gcc-11" , conf: "Release", defs: "ASMJIT_TEST=1" } + - { title: "linux" , host: "ubuntu-22.04" , arch: "x64" , cc: "gcc-11" , conf: "Debug" , defs: "ASMJIT_TEST=1" } + - { title: "linux" , host: "ubuntu-22.04" , arch: "x64" , cc: "gcc-11" , conf: "Release", defs: "ASMJIT_TEST=1" } + - { title: "linux" , host: "ubuntu-22.04" , arch: "x86" , cc: "gcc-12" , conf: "Debug" , defs: "ASMJIT_TEST=1" } + - { title: "linux" , host: "ubuntu-22.04" , arch: "x86" , cc: "gcc-12" , conf: "Release", defs: "ASMJIT_TEST=1" } + - { title: "linux" , host: "ubuntu-22.04" , arch: "x64" , cc: "gcc-12" , conf: "Debug" , defs: "ASMJIT_TEST=1" } + - { title: "linux" , host: "ubuntu-22.04" , arch: "x64" , cc: "gcc-12" , conf: "Release", defs: "ASMJIT_TEST=1" } + - { title: "linux" , host: "ubuntu-22.04" , arch: "x86" , cc: "gcc-13" , conf: "Debug" , defs: "ASMJIT_TEST=1" } + - { title: "linux" , host: "ubuntu-22.04" , arch: "x86" , cc: "gcc-13" , conf: "Release", defs: "ASMJIT_TEST=1" } + - { title: "linux" , host: "ubuntu-22.04" , arch: "x64" , cc: "gcc-13" , conf: "Debug" , defs: "ASMJIT_TEST=1" } + - { title: "linux" , host: "ubuntu-22.04" , arch: "x64" , cc: "gcc-13" , conf: "Release", defs: "ASMJIT_TEST=1" } + - { title: "linux" , host: "ubuntu-22.04" , arch: "x86" , cc: "clang-11", conf: "Debug" , defs: "ASMJIT_TEST=1" } + - { title: "linux" , host: "ubuntu-22.04" , arch: "x86" , cc: "clang-11", conf: "Release", defs: "ASMJIT_TEST=1" } + - { title: "linux" , host: "ubuntu-22.04" , arch: "x64" , cc: "clang-11", conf: "Debug" , defs: "ASMJIT_TEST=1" } + - { title: "linux" , host: "ubuntu-22.04" , arch: "x64" , cc: "clang-11", conf: "Release", defs: "ASMJIT_TEST=1" } + - { title: "linux" , host: "ubuntu-22.04" , arch: "x86" , cc: "clang-12", conf: "Debug" , defs: "ASMJIT_TEST=1" } + - { title: "linux" , host: "ubuntu-22.04" , arch: "x86" , cc: "clang-12", conf: "Release", defs: "ASMJIT_TEST=1" } + - { title: "linux" , host: "ubuntu-22.04" , arch: "x64" , cc: "clang-12", conf: "Debug" , defs: "ASMJIT_TEST=1" } + - { title: "linux" , host: "ubuntu-22.04" , arch: "x64" , cc: "clang-12", conf: "Release", defs: "ASMJIT_TEST=1" } + - { title: "linux" , host: "ubuntu-22.04" , arch: "x86" , cc: "clang-13", conf: "Debug" , defs: "ASMJIT_TEST=1" } + - { title: "linux" , host: "ubuntu-22.04" , arch: "x86" , cc: "clang-13", conf: "Release", defs: "ASMJIT_TEST=1" } + - { title: "linux" , host: "ubuntu-22.04" , arch: "x64" , cc: "clang-13", conf: "Debug" , defs: "ASMJIT_TEST=1" } + - { title: "linux" , host: "ubuntu-22.04" , arch: "x64" , cc: "clang-13", conf: "Release", defs: "ASMJIT_TEST=1" } + - { title: "linux" , host: "ubuntu-22.04" , arch: "x86" , cc: "clang-14", conf: "Debug" , defs: "ASMJIT_TEST=1" } + - { title: "linux" , host: "ubuntu-22.04" , arch: "x86" , cc: "clang-14", conf: "Release", defs: "ASMJIT_TEST=1" } + - { title: "linux" , host: "ubuntu-22.04" , arch: "x64" , cc: "clang-14", conf: "Debug" , defs: "ASMJIT_TEST=1" } + - { title: "linux" , host: "ubuntu-22.04" , arch: "x64" , cc: "clang-14", conf: "Release", defs: "ASMJIT_TEST=1" } + - { title: "linux" , host: "ubuntu-22.04" , arch: "x86" , cc: "clang-15", conf: "Debug" , defs: "ASMJIT_TEST=1" } + - { title: "linux" , host: "ubuntu-22.04" , arch: "x86" , cc: "clang-15", conf: "Release", defs: "ASMJIT_TEST=1" } + - { title: "linux" , host: "ubuntu-22.04" , arch: "x64" , cc: "clang-15", conf: "Debug" , defs: "ASMJIT_TEST=1" } + - { title: "linux" , host: "ubuntu-22.04" , arch: "x64" , cc: "clang-15", conf: "Release", defs: "ASMJIT_TEST=1" } + - { title: "linux" , host: "ubuntu-22.04" , arch: "x86" , cc: "clang-16", conf: "Debug" , defs: "ASMJIT_TEST=1" } + - { title: "linux" , host: "ubuntu-22.04" , arch: "x86" , cc: "clang-16", conf: "Release", defs: "ASMJIT_TEST=1" } + - { title: "linux" , host: "ubuntu-22.04" , arch: "x64" , cc: "clang-16", conf: "Debug" , defs: "ASMJIT_TEST=1" } + - { title: "linux" , host: "ubuntu-22.04" , arch: "x64" , cc: "clang-16", conf: "Release", defs: "ASMJIT_TEST=1" } + - { title: "linux" , host: "ubuntu-22.04" , arch: "x86" , cc: "clang-17", conf: "Debug" , defs: "ASMJIT_TEST=1" } + - { title: "linux" , host: "ubuntu-22.04" , arch: "x86" , cc: "clang-17", conf: "Release", defs: "ASMJIT_TEST=1" } + - { title: "linux" , host: "ubuntu-22.04" , arch: "x64" , cc: "clang-17", conf: "Debug" , defs: "ASMJIT_TEST=1" } + - { title: "linux" , host: "ubuntu-22.04" , arch: "x64" , cc: "clang-17", conf: "Release", defs: "ASMJIT_TEST=1" } + - { title: "linux" , host: "ubuntu-22.04" , arch: "x86" , cc: "clang-18", conf: "Debug" , defs: "ASMJIT_TEST=1" } + - { title: "linux" , host: "ubuntu-22.04" , arch: "x86" , cc: "clang-18", conf: "Release", defs: "ASMJIT_TEST=1" } + - { title: "linux" , host: "ubuntu-22.04" , arch: "x64" , cc: "clang-18", conf: "Debug" , defs: "ASMJIT_TEST=1" } + - { title: "linux" , host: "ubuntu-22.04" , arch: "x64" , cc: "clang-18", conf: "Release", defs: "ASMJIT_TEST=1" } + - { title: "macos" , host: "macos-13" , arch: "x64" , cc: "gcc-14" , conf: "Debug" , defs: "ASMJIT_TEST=1" } + - { title: "macos" , host: "macos-13" , arch: "x64" , cc: "gcc-14" , conf: "Release", defs: "ASMJIT_TEST=1" } + - { title: "macos" , host: "macos-13" , arch: "x64" , cc: "clang" , conf: "Debug" , defs: "ASMJIT_TEST=1" } + - { title: "macos" , host: "macos-13" , arch: "x64" , cc: "clang" , conf: "Release", defs: "ASMJIT_TEST=1" } + - { title: "macos" , host: "macos-14" , arch: "arm64" , cc: "clang" , conf: "Debug" , defs: "ASMJIT_TEST=1" } + - { title: "macos" , host: "macos-14" , arch: "arm64" , cc: "clang" , conf: "Release", defs: "ASMJIT_TEST=1" } + - { title: "windows" , host: "windows-2019" , arch: "x86" , cc: "vs2019" , conf: "Debug" , defs: "ASMJIT_TEST=1" } + - { title: "windows" , host: "windows-2019" , arch: "x86" , cc: "vs2019" , conf: "Release", defs: "ASMJIT_TEST=1" } + - { title: "windows" , host: "windows-2019" , arch: "x64" , cc: "vs2019" , conf: "Debug" , defs: "ASMJIT_TEST=1" } + - { title: "windows" , host: "windows-2019" , arch: "x64" , cc: "vs2019" , conf: "Release", defs: "ASMJIT_TEST=1" } + - { title: "windows" , host: "windows-2022" , arch: "x86" , cc: "vs2022" , conf: "Debug" , defs: "ASMJIT_TEST=1" } + - { title: "windows" , host: "windows-2022" , arch: "x86" , cc: "vs2022" , conf: "Release", defs: "ASMJIT_TEST=1" } + - { title: "windows" , host: "windows-2022" , arch: "x64" , cc: "vs2022" , conf: "Debug" , defs: "ASMJIT_TEST=1" } + - { title: "windows" , host: "windows-2022" , arch: "x64" , cc: "vs2022" , conf: "Release", defs: "ASMJIT_TEST=1" } + + # Cross compiled, cannot run tests (Windows/ARM64). + - { title: "windows" , host: "windows-2022" , arch: "arm64" , cc: "vs2022" , conf: "Debug" , defs: "ASMJIT_TEST=0" } + - { title: "windows" , host: "windows-2022" , arch: "arm64" , cc: "vs2022" , conf: "Release", defs: "ASMJIT_TEST=0" } + + # Cross compiled, cannot run tests (Windows/UWP). + - { title: "windows/uwp" , host: "windows-2022" , arch: "x64" , cc: "vs2022" , conf: "Release", defs: "ASMJIT_TEST=0,CMAKE_SYSTEM_NAME=WindowsStore,CMAKE_SYSTEM_VERSION=10.0,CMAKE_CXX_FLAGS=-D_WIN32_WINNT=0x0A00" } + + - { title: "freebsd" , host: "ubuntu-latest" , arch: "x64" , cc: "clang" , conf: "Release", vm: "freebsd", vm_ver: "14.1", defs: "ASMJIT_TEST=1" } + - { title: "freebsd" , host: "ubuntu-latest" , arch: "arm64" , cc: "clang" , conf: "Release", vm: "freebsd", vm_ver: "14.1", defs: "ASMJIT_TEST=1" } + - { title: "netbsd" , host: "ubuntu-latest" , arch: "x64" , cc: "clang" , conf: "Release", vm: "netbsd" , vm_ver: "10.0", defs: "ASMJIT_TEST=1" } + - { title: "netbsd" , host: "ubuntu-latest" , arch: "arm64" , cc: "clang" , conf: "Release", vm: "netbsd" , vm_ver: "10.0", defs: "ASMJIT_TEST=1" } + - { title: "openbsd" , host: "ubuntu-latest" , arch: "x64" , cc: "clang" , conf: "Release", vm: "openbsd", vm_ver: "7.4" , defs: "ASMJIT_TEST=1" } + - { title: "openbsd" , host: "ubuntu-latest" , arch: "arm64" , cc: "clang" , conf: "Release", vm: "openbsd", vm_ver: "7.4" , defs: "ASMJIT_TEST=1" } + + - { title: "debian" , host: "ubuntu-latest" , arch: "arm/v7" , cc: "clang" , conf: "Release", vm: "debian:unstable", defs: "ASMJIT_TEST=1" } + - { title: "debian" , host: "ubuntu-latest" , arch: "arm64" , cc: "clang" , conf: "Release", vm: "debian:unstable", defs: "ASMJIT_TEST=1" } + - { title: "debian" , host: "ubuntu-latest" , arch: "riscv64", cc: "clang" , conf: "Release", vm: "debian:unstable", defs: "ASMJIT_TEST=1" } + - { title: "debian" , host: "ubuntu-latest" , arch: "ppc64le", cc: "clang" , conf: "Release", vm: "debian:unstable", defs: "ASMJIT_TEST=1" } + + name: "${{matrix.title}}/${{matrix.arch}}, ${{matrix.cc}} ${{matrix.conf}}" + runs-on: "${{matrix.host}}" + + steps: + - name: "Checkout" + uses: actions/checkout@v4 + with: + path: "source" + + - name: "Checkout Build Actions" + uses: actions/checkout@v4 + with: + repository: build-actions/build-actions + path: "build-actions" + + - name: "Python" + uses: actions/setup-python@v5 + with: + python-version: "3.x" + + - name: QEMU + if: ${{matrix.vm && !matrix.vm_ver}} + uses: docker/setup-qemu-action@v3 + with: + platforms: linux/${{matrix.arch}} + + - name: "Build & Test - Native" + if: ${{!matrix.vm}} + run: python build-actions/action.py + --source-dir=source + --config=source/.github/workflows/build-config.json + --compiler=${{matrix.cc}} + --diagnostics=${{matrix.diagnostics}} + --architecture=${{matrix.arch}} + --problem-matcher=auto + --build-type=${{matrix.conf}} + --build-defs=${{matrix.defs}} + + - name: "Build & Test - Cross Platform Actions" + if: ${{matrix.vm && matrix.vm_ver}} + uses: cross-platform-actions/action@master + with: + operating_system: ${{matrix.vm}} + architecture: ${{matrix.arch}} + version: ${{matrix.vm_ver}} + sync_files: "runner-to-vm" + shutdown_vm: false + shell: bash + run: | + set -e + + PATH="/usr/sbin:/usr/pkg/sbin:/usr/pkg/bin:$PATH:$(pwd)/build-actions" + CI_NETBSD_USE_PKGIN=1 + + export PATH + export CI_NETBSD_USE_PKGIN + + sh ./build-actions/prepare-environment.sh + python3 build-actions/action.py \ + --source-dir=source \ + --config=source/.github/workflows/build-config.json \ + --compiler=${{matrix.cc}} \ + --diagnostics=${{matrix.diagnostics}} \ + --architecture=${{matrix.arch}} \ + --problem-matcher=auto \ + --build-type=${{matrix.conf}} \ + --build-defs=${{matrix.defs}} + + - name: "Build & Test - Docker + QEMU" + if: ${{matrix.vm && !matrix.vm_ver}} + run: | + docker run \ + --rm \ + -v $(pwd):/${{github.workspace}} \ + -w ${{github.workspace}}/build-actions \ + --platform linux/${{matrix.arch}} \ + ${{matrix.vm}} \ + bash action.sh \ + --source-dir=../source \ + --config=../source/.github/workflows/build-config.json \ + --compiler=${{matrix.cc}} \ + --diagnostics=${{matrix.diagnostics}} \ + --architecture=${{matrix.arch}} \ + --problem-matcher=auto \ + --build-type=${{matrix.conf}} \ + --build-defs=${{matrix.defs}} diff --git a/deps/asmjit/CMakeLists.txt b/deps/asmjit/CMakeLists.txt new file mode 100644 index 00000000..aa6df9d6 --- /dev/null +++ b/deps/asmjit/CMakeLists.txt @@ -0,0 +1,687 @@ +cmake_minimum_required(VERSION 3.19 FATAL_ERROR) + +# Don't create a project if it was already created by another CMakeLists.txt. This makes +# it possible to support both add_subdirectory() and include() ways of using AsmJit as a +# dependency. +if (NOT CMAKE_PROJECT_NAME OR "${CMAKE_PROJECT_NAME}" STREQUAL "asmjit") + project(asmjit CXX) +endif() + +include(CheckCXXCompilerFlag) +include(CheckCXXSourceCompiles) +include(GNUInstallDirs) + +# AsmJit - Configuration - Build +# ============================== + +if (NOT DEFINED ASMJIT_TEST) + set(ASMJIT_TEST FALSE) +endif() + +if (NOT DEFINED ASMJIT_EMBED) + set(ASMJIT_EMBED FALSE) +endif() + +if (NOT DEFINED ASMJIT_STATIC) + set(ASMJIT_STATIC ${ASMJIT_EMBED}) +endif() + +if (NOT DEFINED ASMJIT_SANITIZE) + set(ASMJIT_SANITIZE FALSE) +endif() + +if (NOT DEFINED ASMJIT_NO_CUSTOM_FLAGS) + set(ASMJIT_NO_CUSTOM_FLAGS FALSE) +endif() + +if (NOT DEFINED ASMJIT_NO_NATVIS) + set(ASMJIT_NO_NATVIS FALSE) +endif() + +# EMBED implies STATIC. +if (ASMJIT_EMBED AND NOT ASMJIT_STATIC) + set(ASMJIT_STATIC TRUE) +endif() + +# AsmJit - Configuration - Backend +# ================================ + +if (NOT DEFINED ASMJIT_NO_X86) + set(ASMJIT_NO_X86 FALSE) +endif() + +if (NOT DEFINED ASMJIT_NO_AARCH64) + set(ASMJIT_NO_AARCH64 FALSE) +endif() + +if (NOT DEFINED ASMJIT_NO_FOREIGN) + set(ASMJIT_NO_FOREIGN FALSE) +endif() + +# AsmJit - Configuration - Features +# ================================= + +if (NOT DEFINED ASMJIT_NO_DEPRECATED) + set(ASMJIT_NO_DEPRECATED FALSE) +endif() + +if (NOT DEFINED ASMJIT_NO_SHM_OPEN) + set(ASMJIT_NO_SHM_OPEN FALSE) +endif() + +if (NOT DEFINED ASMJIT_NO_JIT) + set(ASMJIT_NO_JIT FALSE) +endif() + +if (NOT DEFINED ASMJIT_NO_TEXT) + set(ASMJIT_NO_TEXT FALSE) +endif() + +if (NOT DEFINED ASMJIT_NO_LOGGING) + set(ASMJIT_NO_LOGGING ${ASMJIT_NO_TEXT}) +endif() + +if (NOT DEFINED ASMJIT_NO_VALIDATION) + set(ASMJIT_NO_VALIDATION FALSE) +endif() + +if (NOT DEFINED ASMJIT_NO_INTROSPECTION) + set(ASMJIT_NO_INTROSPECTION FALSE) +endif() + +if (NOT DEFINED ASMJIT_NO_BUILDER) + set(ASMJIT_NO_BUILDER FALSE) +endif() + +if (NOT DEFINED ASMJIT_NO_COMPILER) + if (ASMJIT_NO_BUILDER OR ASMJIT_NO_INTROSPECTION) + set(ASMJIT_NO_COMPILER TRUE) + else() + set(ASMJIT_NO_COMPILER FALSE) + endif() +endif() + +# AsmJit - Configuration - CMake Introspection +# ============================================ + +set(ASMJIT_DIR "${CMAKE_CURRENT_LIST_DIR}" CACHE PATH "Location of 'asmjit'") +set(ASMJIT_TEST "${ASMJIT_TEST}" CACHE BOOL "Build 'asmjit' test applications") +set(ASMJIT_EMBED "${ASMJIT_EMBED}" CACHE BOOL "Embed 'asmjit' library (no targets)") +set(ASMJIT_STATIC "${ASMJIT_STATIC}" CACHE BOOL "Build 'asmjit' library as static") +set(ASMJIT_SANITIZE "${ASMJIT_SANITIZE}" CACHE STRING "Build with sanitizers: 'address', 'undefined', etc...") +set(ASMJIT_NO_NATVIS "${ASMJIT_NO_NATVIS}" CACHE BOOL "Disable natvis support (embedding asmjit.natvis in PDB)") +set(ASMJIT_NO_CUSTOM_FLAGS "${ASMJIT_NO_CUSTOM_FLAGS}" CACHE BOOL "Disable extra compilation flags added by AsmJit to its targets") + +set(ASMJIT_NO_X86 "${ASMJIT_NO_X86}" CACHE BOOL "Disable X86/X64 backend") +set(ASMJIT_NO_AARCH64 "${ASMJIT_NO_AARCH64}" CACHE BOOL "Disable AArch64 backend") +set(ASMJIT_NO_FOREIGN "${ASMJIT_NO_FOREIGN}" CACHE BOOL "Disable all foreign architectures (enables only a target architecture)") + +set(ASMJIT_NO_DEPRECATED "${ASMJIT_NO_DEPRECATED}" CACHE BOOL "Disable deprecated API at build time") +set(ASMJIT_NO_SHM_OPEN "${ASMJIT_NO_SHM_OPEN}" CACHE BOOL "Disable the use of shm_open() even on platforms where it's supported") +set(ASMJIT_NO_JIT "${ASMJIT_NO_JIT}" CACHE BOOL "Disable VirtMem, JitAllocator, and JitRuntime at build time") +set(ASMJIT_NO_TEXT "${ASMJIT_NO_TEXT}" CACHE BOOL "Disable textual representation of instructions, enums, cpu features, ...") +set(ASMJIT_NO_LOGGING "${ASMJIT_NO_LOGGING}" CACHE BOOL "Disable logging features at build time") +set(ASMJIT_NO_VALIDATION "${ASMJIT_NO_VALIDATION}" CACHE BOOL "Disable instruction validation API at build time") +set(ASMJIT_NO_INTROSPECTION "${ASMJIT_NO_INTROSPECTION}" CACHE BOOL "Disable instruction introspection API at build time") +set(ASMJIT_NO_BUILDER "${ASMJIT_NO_BUILDER}" CACHE BOOL "Disable Builder emitter at build time") +set(ASMJIT_NO_COMPILER "${ASMJIT_NO_COMPILER}" CACHE BOOL "Disable Compiler emitter at build time") + +# AsmJit - Project +# ================ + +set(ASMJIT_INCLUDE_DIRS "${ASMJIT_DIR}/src") # Include directory is the same as source dir. +set(ASMJIT_DEPS "") # AsmJit dependencies (libraries) for the linker. +set(ASMJIT_LIBS "") # Dependencies of libs/apps that want to use AsmJit. +set(ASMJIT_CFLAGS "") # Public compiler flags. +set(ASMJIT_PRIVATE_CFLAGS "") # Private compiler flags independent of build type. +set(ASMJIT_PRIVATE_CFLAGS_DBG "") # Private compiler flags used by debug builds. +set(ASMJIT_PRIVATE_CFLAGS_REL "") # Private compiler flags used by release builds. +set(ASMJIT_SANITIZE_CFLAGS "") # Compiler flags required by currently enabled sanitizers. +set(ASMJIT_SANITIZE_LFLAGS "") # Linker flags required by currently enabled sanitizers. + +# AsmJit - Utilities +# ================== + +function(asmjit_detect_cflags out) + set(out_array ${${out}}) + foreach(flag ${ARGN}) + string(REGEX REPLACE "[+]" "x" flag_signature "${flag}") + string(REGEX REPLACE "[-=:;/.\]" "_" flag_signature "${flag_signature}") + check_cxx_compiler_flag(${flag} "__CxxFlag_${flag_signature}") + if (${__CxxFlag_${flag_signature}}) + list(APPEND out_array "${flag}") + endif() + endforeach() + set(${out} "${out_array}" PARENT_SCOPE) +endfunction() + +# Support for various sanitizers provided by C/C++ compilers. +function(asmjit_detect_sanitizers out) + set(_out_array ${${out}}) + set(_flags "") + + foreach(_arg ${ARGN}) + string(REPLACE "," ";" _arg "${_arg}") + list(APPEND _flags ${_arg}) + endforeach() + + foreach(_flag ${_flags}) + if (NOT "${_flag}" MATCHES "^-fsanitize=") + SET(_flag "-fsanitize=${_flag}") + endif() + + # Sanitizers also require link flags, see CMAKE_REQUIRED_FLAGS. + set(CMAKE_REQUIRED_FLAGS "${_flag}") + asmjit_detect_cflags(_out_array ${_flag}) + unset(CMAKE_REQUIRED_FLAGS) + endforeach() + + set(${out} "${_out_array}" PARENT_SCOPE) +endfunction() + +function(asmjit_add_target target target_type) + set(single_val "") + set(multi_val SOURCES LIBRARIES CFLAGS CFLAGS_DBG CFLAGS_REL) + cmake_parse_arguments("X" "" "${single_val}" "${multi_val}" ${ARGN}) + + if ("${target_type}" MATCHES "^(EXECUTABLE|TEST)$") + add_executable(${target} ${X_SOURCES}) + else() + add_library(${target} ${target_type} ${X_SOURCES}) + endif() + + set_target_properties(${target} + PROPERTIES + DEFINE_SYMBOL "" + CXX_VISIBILITY_PRESET hidden) + target_compile_options(${target} PRIVATE ${X_CFLAGS} ${ASMJIT_SANITIZE_CFLAGS} $<$:${X_CFLAGS_DBG}> $<$>:${X_CFLAGS_REL}>) + target_compile_features(${target} PUBLIC cxx_std_11) + target_link_options(${target} PRIVATE ${ASMJIT_PRIVATE_LFLAGS}) + target_link_libraries(${target} PRIVATE ${X_LIBRARIES}) + + if ("${target_type}" STREQUAL "TEST") + add_test(NAME ${target} COMMAND ${target}) + endif() +endfunction() + +# AsmJit - Compiler Support +# ========================= + +# We will have to keep this most likely forever as some users may still be using it. +set(ASMJIT_INCLUDE_DIR "${ASMJIT_INCLUDE_DIRS}") + +if (NOT ASMJIT_NO_CUSTOM_FLAGS) + if ("${CMAKE_CXX_COMPILER_ID}" STREQUAL "MSVC" OR "x${CMAKE_CXX_COMPILER_FRONTEND_VARIANT}" STREQUAL "xMSVC") + list(APPEND ASMJIT_PRIVATE_CFLAGS + -MP # [+] Multi-Process Compilation. + -GF # [+] Eliminate duplicate strings. + -Zc:__cplusplus # [+] Conforming __cplusplus definition. + -Zc:inline # [+] Remove unreferenced COMDAT. + -Zc:strictStrings # [+] Strict const qualification of string literals. + -Zc:threadSafeInit- # [-] Thread-safe statics. + -W4) # [+] Warning level 4. + + list(APPEND ASMJIT_PRIVATE_CFLAGS_DBG + -GS) # [+] Buffer security-check. + + list(APPEND ASMJIT_PRIVATE_CFLAGS_REL + -GS- # [-] Buffer security-check. + -O2 # [+] Favor speed over size. + -Oi) # [+] Generate intrinsic functions. + elseif ("${CMAKE_CXX_COMPILER_ID}" MATCHES "^(GNU|Clang|AppleClang)$") + list(APPEND ASMJIT_PRIVATE_CFLAGS -Wall -Wextra -Wconversion) + list(APPEND ASMJIT_PRIVATE_CFLAGS -fno-math-errno) + list(APPEND ASMJIT_PRIVATE_CFLAGS_REL -O2) + + # -fno-semantic-interposition is not available on apple - the compiler issues a warning, which is not detected. + if ("${CMAKE_CXX_COMPILER_ID}" STREQUAL "AppleClang") + asmjit_detect_cflags(ASMJIT_PRIVATE_CFLAGS -fno-threadsafe-statics) + else() + asmjit_detect_cflags(ASMJIT_PRIVATE_CFLAGS -fno-threadsafe-statics -fno-semantic-interposition) + endif() + + # The following flags can save few bytes in the resulting binary. + asmjit_detect_cflags(ASMJIT_PRIVATE_CFLAGS_REL + -fmerge-all-constants # Merge all constants even if it violates ISO C++. + -fno-enforce-eh-specs) # Don't enforce termination if noexcept function throws. + endif() +endif() + +# Support for sanitizers. +if (ASMJIT_SANITIZE) + asmjit_detect_sanitizers(ASMJIT_SANITIZE_CFLAGS ${ASMJIT_SANITIZE}) + if (ASMJIT_SANITIZE_CFLAGS) + message("-- Enabling sanitizers: '${ASMJIT_SANITIZE_CFLAGS}'") + + # Linker must receive the same flags as the compiler when it comes to sanitizers. + set(ASMJIT_SANITIZE_LFLAGS ${ASMJIT_SANITIZE_CFLAGS}) + + # Don't omit frame pointer if sanitizers are enabled. + if ("${CMAKE_CXX_COMPILER_ID}" STREQUAL "MSVC" OR "x${CMAKE_CXX_COMPILER_FRONTEND_VARIANT}" STREQUAL "xMSVC") + list(APPEND ASMJIT_SANITIZE_CFLAGS -Oy-) + else() + list(APPEND ASMJIT_SANITIZE_CFLAGS -fno-omit-frame-pointer -g) + endif() + + list(APPEND ASMJIT_PRIVATE_CFLAGS ${ASMJIT_SANITIZE_CFLAGS}) + list(APPEND ASMJIT_PRIVATE_LFLAGS ${ASMJIT_SANITIZE_LFLAGS}) + endif() +endif() + +if (WIN32) + # Dependency: nothing extra at the moment. +elseif ("${CMAKE_SYSTEM_NAME}" STREQUAL "Android") + # Dependency: libc is the only required library on Android as it also provides libthread. + message("-- Dependency: adding libc (Android target detected)") + list(APPEND ASMJIT_DEPS c) +elseif ("${CMAKE_SYSTEM_NAME}" STREQUAL "Haiku") + # Dependency: libroot is used by Haiku instead of libc, so link to libroot and libpthread. + message("-- Dependency: adding libroot and libpthread (Haiku target detected)") + list(APPEND ASMJIT_DEPS root pthread) +else() + # Dependency: libc is always required. + message("-- Dependency: adding libc (Linux, BSD, or other UNIX/POSIX environment)") + list(APPEND ASMJIT_DEPS c) + + # Dependency: pthread (required so AsmJit can use pthread_lock). + check_cxx_source_compiles(" + #include + int main() { + pthread_mutex_t m; + pthread_mutex_init(&m, nullptr); + return pthread_mutex_destroy(&m); + } + " ASMJIT_LIBC_HAS_LIBPTHREAD) + if (ASMJIT_LIBC_HAS_LIBPTHREAD) + message("-- Dependency: libpthread provided by libc (not linking to libpthread)") + else() + message("-- Dependency: libpthread not provided by libc, linking to libpthread") + list(APPEND ASMJIT_DEPS pthread) + endif() + + # Dependency: shm_open (required so AsmJit can use shm_open on supported platforms). + if ("${CMAKE_SYSTEM_NAME}" MATCHES "^(Linux|NetBSD)$" AND NOT ASMJIT_NO_SHM_OPEN) + check_cxx_source_compiles(" + #include + int main() { + const char file_name[1] {}; + return shm_open(file_name, 0, 0); + } + " ASMJIT_LIBC_HAS_LIBRT) + if (ASMJIT_LIBC_HAS_LIBRT) + message("-- Dependency: shm_open provided by libc (not linking to librt)") + else() + message("-- Dependency: shm_open not provided by libc, linking to librt") + list(APPEND ASMJIT_DEPS rt) + endif() + endif() +endif() + +set(ASMJIT_LIBS ${ASMJIT_DEPS}) +if (NOT ASMJIT_EMBED) + list(INSERT ASMJIT_LIBS 0 asmjit) +endif() + +if (ASMJIT_EMBED) + set(ASMJIT_TARGET_TYPE "EMBED") +elseif (ASMJIT_STATIC) + set(ASMJIT_TARGET_TYPE "STATIC") +else() + set(ASMJIT_TARGET_TYPE "SHARED") +endif() + +foreach(build_option # AsmJit build options. + ASMJIT_STATIC + ASMJIT_NO_DEPRECATED + # AsmJit backends selection. + ASMJIT_NO_X86 + ASMJIT_NO_AARCH64 + ASMJIT_NO_FOREIGN + # AsmJit features selection. + ASMJIT_NO_JIT + ASMJIT_NO_TEXT + ASMJIT_NO_LOGGING + ASMJIT_NO_INTROSPECTION + ASMJIT_NO_VALIDATION + ASMJIT_NO_BUILDER + ASMJIT_NO_COMPILER) + if (${build_option}) + List(APPEND ASMJIT_CFLAGS "-D${build_option}") + List(APPEND ASMJIT_PRIVATE_CFLAGS "-D${build_option}") + endif() +endforeach() + +# AsmJit - Linker Support +# ======================= + +if (WIN32) + if (CMAKE_LINKER MATCHES "link\\.exe" OR CMAKE_LINKER MATCHES "lld-link\\.exe") + set(ASMJIT_LINKER_SUPPORTS_NATVIS TRUE) + endif() +endif() + +# AsmJit - Source +# =============== + +set(ASMJIT_SRC_LIST + asmjit/asmjit.h + asmjit/asmjit-scope-begin.h + asmjit/asmjit-scope-end.h + + asmjit/core.h + asmjit/core/api-build_p.h + asmjit/core/api-config.h + asmjit/core/archtraits.cpp + asmjit/core/archtraits.h + asmjit/core/archcommons.h + asmjit/core/assembler.cpp + asmjit/core/assembler.h + asmjit/core/builder.cpp + asmjit/core/builder.h + asmjit/core/codebuffer.h + asmjit/core/codeholder.cpp + asmjit/core/codeholder.h + asmjit/core/codewriter.cpp + asmjit/core/codewriter_p.h + asmjit/core/compiler.cpp + asmjit/core/compiler.h + asmjit/core/compilerdefs.h + asmjit/core/constpool.cpp + asmjit/core/constpool.h + asmjit/core/cpuinfo.cpp + asmjit/core/cpuinfo.h + asmjit/core/emithelper.cpp + asmjit/core/emithelper_p.h + asmjit/core/emitter.cpp + asmjit/core/emitter.h + asmjit/core/emitterutils.cpp + asmjit/core/emitterutils_p.h + asmjit/core/environment.cpp + asmjit/core/environment.h + asmjit/core/errorhandler.cpp + asmjit/core/errorhandler.h + asmjit/core/formatter.cpp + asmjit/core/formatter.h + asmjit/core/func.cpp + asmjit/core/func.h + asmjit/core/funcargscontext.cpp + asmjit/core/funcargscontext_p.h + asmjit/core/globals.cpp + asmjit/core/globals.h + asmjit/core/inst.cpp + asmjit/core/inst.h + asmjit/core/instdb.cpp + asmjit/core/instdb_p.h + asmjit/core/jitallocator.cpp + asmjit/core/jitallocator.h + asmjit/core/jitruntime.cpp + asmjit/core/jitruntime.h + asmjit/core/logger.cpp + asmjit/core/logger.h + asmjit/core/misc_p.h + asmjit/core/operand.cpp + asmjit/core/operand.h + asmjit/core/osutils.cpp + asmjit/core/osutils.h + asmjit/core/osutils_p.h + asmjit/core/raassignment_p.h + asmjit/core/rabuilders_p.h + asmjit/core/radefs_p.h + asmjit/core/ralocal.cpp + asmjit/core/ralocal_p.h + asmjit/core/rapass.cpp + asmjit/core/rapass_p.h + asmjit/core/rastack.cpp + asmjit/core/rastack_p.h + asmjit/core/string.cpp + asmjit/core/string.h + asmjit/core/support.cpp + asmjit/core/support.h + asmjit/core/target.cpp + asmjit/core/target.h + asmjit/core/type.cpp + asmjit/core/type.h + asmjit/core/virtmem.cpp + asmjit/core/virtmem.h + asmjit/core/zone.cpp + asmjit/core/zone.h + asmjit/core/zonehash.cpp + asmjit/core/zonehash.h + asmjit/core/zonelist.cpp + asmjit/core/zonelist.h + asmjit/core/zonestack.cpp + asmjit/core/zonestack.h + asmjit/core/zonestring.h + asmjit/core/zonetree.cpp + asmjit/core/zonetree.h + asmjit/core/zonevector.cpp + asmjit/core/zonevector.h + + asmjit/a64.h + asmjit/arm.h + asmjit/arm/armformatter.cpp + asmjit/arm/armformatter_p.h + asmjit/arm/armglobals.h + asmjit/arm/armoperand.h + asmjit/arm/armutils.h + asmjit/arm/a64archtraits_p.h + asmjit/arm/a64assembler.cpp + asmjit/arm/a64assembler.h + asmjit/arm/a64builder.cpp + asmjit/arm/a64builder.h + asmjit/arm/a64compiler.cpp + asmjit/arm/a64compiler.h + asmjit/arm/a64emithelper.cpp + asmjit/arm/a64emithelper_p.h + asmjit/arm/a64emitter.h + asmjit/arm/a64formatter.cpp + asmjit/arm/a64formatter_p.h + asmjit/arm/a64func.cpp + asmjit/arm/a64func_p.h + asmjit/arm/a64globals.h + asmjit/arm/a64instapi.cpp + asmjit/arm/a64instapi_p.h + asmjit/arm/a64instdb.cpp + asmjit/arm/a64instdb.h + asmjit/arm/a64operand.cpp + asmjit/arm/a64operand.h + asmjit/arm/a64rapass.cpp + asmjit/arm/a64rapass_p.h + + asmjit/x86.h + asmjit/x86/x86archtraits_p.h + asmjit/x86/x86assembler.cpp + asmjit/x86/x86assembler.h + asmjit/x86/x86builder.cpp + asmjit/x86/x86builder.h + asmjit/x86/x86compiler.cpp + asmjit/x86/x86compiler.h + asmjit/x86/x86emithelper.cpp + asmjit/x86/x86emithelper_p.h + asmjit/x86/x86emitter.h + asmjit/x86/x86formatter.cpp + asmjit/x86/x86formatter_p.h + asmjit/x86/x86func.cpp + asmjit/x86/x86func_p.h + asmjit/x86/x86globals.h + asmjit/x86/x86instdb.cpp + asmjit/x86/x86instdb.h + asmjit/x86/x86instdb_p.h + asmjit/x86/x86instapi.cpp + asmjit/x86/x86instapi_p.h + asmjit/x86/x86operand.cpp + asmjit/x86/x86operand.h + asmjit/x86/x86rapass.cpp + asmjit/x86/x86rapass_p.h +) + +if (MSVC AND NOT ASMJIT_NO_NATVIS) + list(APPEND ASMJIT_SRC_LIST asmjit.natvis) +endif() + +set(ASMJIT_SRC "") +foreach(src_file ${ASMJIT_SRC_LIST}) + set(src_file "${ASMJIT_DIR}/src/${src_file}") + list(APPEND ASMJIT_SRC ${src_file}) + + if ("${src_file}" MATCHES "\\.natvis") + if (ASMJIT_LINKER_SUPPORTS_NATVIS) + list(APPEND ASMJIT_PRIVATE_LFLAGS "-natvis:${src_file}") + endif() + endif() +endforeach() + +source_group(TREE "${ASMJIT_DIR}" FILES ${ASMJIT_SRC}) + +# AsmJit - Summary +# ================ + +message("** AsmJit Summary **") +message(" ASMJIT_DIR=${ASMJIT_DIR}") +message(" ASMJIT_TEST=${ASMJIT_TEST}") +message(" ASMJIT_TARGET_TYPE=${ASMJIT_TARGET_TYPE}") +message(" ASMJIT_DEPS=${ASMJIT_DEPS}") +message(" ASMJIT_LIBS=${ASMJIT_LIBS}") +message(" ASMJIT_CFLAGS=${ASMJIT_CFLAGS}") +message(" ASMJIT_PRIVATE_CFLAGS=${ASMJIT_PRIVATE_CFLAGS}") +message(" ASMJIT_PRIVATE_CFLAGS_DBG=${ASMJIT_PRIVATE_CFLAGS_DBG}") +message(" ASMJIT_PRIVATE_CFLAGS_REL=${ASMJIT_PRIVATE_CFLAGS_REL}") + +# AsmJit - Targets +# ================ + +if (NOT ASMJIT_EMBED) + # Add AsmJit target. + asmjit_add_target(asmjit "${ASMJIT_TARGET_TYPE}" + SOURCES ${ASMJIT_SRC} + LIBRARIES ${ASMJIT_DEPS} + CFLAGS ${ASMJIT_PRIVATE_CFLAGS} + CFLAGS_DBG ${ASMJIT_PRIVATE_CFLAGS_DBG} + CFLAGS_REL ${ASMJIT_PRIVATE_CFLAGS_REL}) + + target_compile_options(asmjit INTERFACE ${ASMJIT_CFLAGS}) + target_include_directories(asmjit BEFORE INTERFACE + $ + $) + + # Create an asmjit::asmjit alias. + add_library(asmjit::asmjit ALIAS asmjit) + + # Add AsmJit install instructions (library and public headers). + if (NOT ASMJIT_NO_INSTALL) + install(TARGETS asmjit + EXPORT asmjit-config + RUNTIME DESTINATION "${CMAKE_INSTALL_BINDIR}" + ARCHIVE DESTINATION "${CMAKE_INSTALL_LIBDIR}" + LIBRARY DESTINATION "${CMAKE_INSTALL_LIBDIR}" + INCLUDES DESTINATION "${CMAKE_INSTALL_INCLUDEDIR}") + install(EXPORT asmjit-config + NAMESPACE asmjit:: + DESTINATION "${CMAKE_INSTALL_LIBDIR}/cmake/asmjit") + + foreach(_src_file ${ASMJIT_SRC_LIST}) + if ("${_src_file}" MATCHES "\\.h$" AND NOT "${_src_file}" MATCHES "_p\\.h$") + get_filename_component(_src_dir ${_src_file} PATH) + install(FILES "${ASMJIT_DIR}/src/${_src_file}" DESTINATION "${CMAKE_INSTALL_INCLUDEDIR}/${_src_dir}") + endif() + endforeach() + endif() + + # Add AsmJit tests. + if (ASMJIT_TEST) + enable_testing() + + # Special target that always uses embedded AsmJit. + asmjit_add_target(asmjit_test_unit TEST + SOURCES ${ASMJIT_SRC} + test/asmjit_test_unit.cpp + test/broken.cpp + test/broken.h + LIBRARIES ${ASMJIT_DEPS} + CFLAGS ${ASMJIT_PRIVATE_CFLAGS} + -DASMJIT_TEST + -DASMJIT_STATIC + CFLAGS_DBG ${ASMJIT_PRIVATE_CFLAGS_DBG} + CFLAGS_REL ${ASMJIT_PRIVATE_CFLAGS_REL}) + target_include_directories(asmjit_test_unit BEFORE PRIVATE ${ASMJIT_INCLUDE_DIRS}) + + asmjit_add_target(asmjit_test_assembler TEST + SOURCES test/asmjit_test_assembler.cpp + test/asmjit_test_assembler.h + test/asmjit_test_assembler_a64.cpp + test/asmjit_test_assembler_x64.cpp + test/asmjit_test_assembler_x86.cpp + LIBRARIES asmjit::asmjit + CFLAGS ${ASMJIT_PRIVATE_CFLAGS} + CFLAGS_DBG ${ASMJIT_PRIVATE_CFLAGS_DBG} + CFLAGS_REL ${ASMJIT_PRIVATE_CFLAGS_REL}) + + asmjit_add_target(asmjit_test_perf EXECUTABLE + SOURCES test/asmjit_test_perf.cpp + test/asmjit_test_perf_a64.cpp + test/asmjit_test_perf_x86.cpp + SOURCES test/asmjit_test_perf.h + LIBRARIES asmjit::asmjit + CFLAGS ${ASMJIT_PRIVATE_CFLAGS} + CFLAGS_DBG ${ASMJIT_PRIVATE_CFLAGS_DBG} + CFLAGS_REL ${ASMJIT_PRIVATE_CFLAGS_REL}) + + foreach(_target asmjit_test_emitters + asmjit_test_execute + asmjit_test_x86_sections) + asmjit_add_target(${_target} TEST + SOURCES test/${_target}.cpp + LIBRARIES asmjit::asmjit + CFLAGS ${ASMJIT_PRIVATE_CFLAGS} + CFLAGS_DBG ${ASMJIT_PRIVATE_CFLAGS_DBG} + CFLAGS_REL ${ASMJIT_PRIVATE_CFLAGS_REL}) + endforeach() + + if (NOT ASMJIT_NO_INTROSPECTION) + asmjit_add_target(asmjit_test_instinfo TEST + SOURCES test/asmjit_test_instinfo.cpp + LIBRARIES asmjit::asmjit + CFLAGS ${ASMJIT_PRIVATE_CFLAGS} + CFLAGS_DBG ${ASMJIT_PRIVATE_CFLAGS_DBG} + CFLAGS_REL ${ASMJIT_PRIVATE_CFLAGS_REL}) + endif() + + if (NOT (ASMJIT_NO_BUILDER OR ASMJIT_NO_COMPILER)) + # Vectorcall tests and XMM tests require at least SSE2 in 32-bit mode (in 64-bit mode it's implicit). + # Some compilers don't like passing -msse2 for 64-bit targets, and some compilers targeting non-x86 + # would pass "-msse2" compile flag check, but with a warning not detected by CMake. Thus, verify that + # our target is really 32-bit X86 and only use -msse2 or -arch:SSE2 flags when necessary. + set(ASMJIT_SSE2_CFLAGS "") + + check_cxx_source_compiles(" + #if defined(_M_IX86) || defined(__X86__) || defined(__i386__) + int target_is_32_bit_x86() { return 1; } + #else + // Compile error... + #endif + + int main() { + return target_is_32_bit_x86(); + } + " ASMJIT_TARGET_IS_32_BIT_X86) + + if (ASMJIT_TARGET_IS_32_BIT_X86) + if ("${CMAKE_CXX_COMPILER_ID}" STREQUAL "MSVC" OR "x${CMAKE_CXX_COMPILER_FRONTEND_VARIANT}" STREQUAL "xMSVC") + asmjit_detect_cflags(ASMJIT_SSE2_CFLAGS "-arch:SSE2") + else() + asmjit_detect_cflags(ASMJIT_SSE2_CFLAGS "-msse2") + endif() + endif() + asmjit_add_target(asmjit_test_compiler TEST + SOURCES test/asmjit_test_compiler.cpp + test/asmjit_test_compiler.h + test/asmjit_test_compiler_a64.cpp + test/asmjit_test_compiler_x86.cpp + LIBRARIES asmjit::asmjit + CFLAGS ${ASMJIT_PRIVATE_CFLAGS} ${ASMJIT_SSE2_CFLAGS} + CFLAGS_DBG ${ASMJIT_PRIVATE_CFLAGS_DBG} + CFLAGS_REL ${ASMJIT_PRIVATE_CFLAGS_REL}) + endif() + + endif() +endif() diff --git a/deps/asmjit/CONTRIBUTING.md b/deps/asmjit/CONTRIBUTING.md new file mode 100644 index 00000000..54f5047b --- /dev/null +++ b/deps/asmjit/CONTRIBUTING.md @@ -0,0 +1,102 @@ +## How to Contribute to AsmJit + +### Did you find a bug or something isn't working as expected? + + * Please use [Issues](https://github.com/asmjit/asmjit/issues) page to report bugs or create a [pull request](https://github.com/asmjit/asmjit/pulls) if you have already fixed it. + + * Make sure that when a bug is reported it provides as much information as possible to make it easy to either reproduce it locally or to at least guess where the problem could be. AsmJit is a low-level tool, which makes it very easy to emit code that would crash or not work as intended when executed. Always use AsmJit's [Logging](https://asmjit.com/doc/group__asmjit__logging.html) and [Error Handling](https://asmjit.com/doc/group__asmjit__error__handling.html) features first to analyze whether there is not a simple to catch bug in your own code. + + * Don't be afraid to ask for help if you don't know how to solve a particular problem or in case it's unclear how to do it. The community would help if the problem is well described and has a solution. In general we always try to at least improve the documentation in case it doesn't provide enough information and users must ask for help. + +### Asking questions + + * We prefer GitHub issues to be used for reporting bugs or feature requests, but it's still okay to ask questions there as well. However, please consider joining our [Gitter Chat](https://app.gitter.im/#/room/#asmjit:gitter.im) to ask questions; it has an active community that can quickly respond. + +### Suggesting feature requests + + * It's very likely that when using AsmJit you have found something that AsmJit doesn't provide, which would be handy to have as a built-in. The [Issues](https://github.com/asmjit/asmjit/issues) page can be used to submit feature requests, but please keep in mind that AsmJit is a relatively small project and not all requested features will be accepted, especially if they are non-trivial, time consuming to implement, or the scope of the feature doesn't match AsmJit goals. + + * If you have already implemented the feature you are suggesting, please open a [pull request](https://github.com/asmjit/asmjit/pulls). + + * Ports (requesting new AsmJit backends) can be reported as feature requests, but only by people that are willing to work on them as creating new ports takes a lot of time. + +### Suggesting a documentation enhancement + + * [AsmJit's documentation](https://asmjit.com/doc/index.html) is auto-generated from source code, so if you would like to improve it just open a [pull request](https://github.com/asmjit/asmjit/pulls) with your changes. The documentation uses [Doxygen](https://www.doxygen.nl/) as a front-end, so you can use `\ref` keyword to create links and other Doxygen keywords to enhance the documentation. + +### Suggesting a website content enhancement + + * [AsmJit's website](https://asmjit.com) is also generated, but not from public sources at the moment. If you did find an issue on the website you can either use contact information on the [support page](https://asmjit.com/support.html) or to discuss the change on our [Gitter Chat](https://app.gitter.im/#/room/#asmjit:gitter.im). Alternatively, opening a regular issue is also okay. + + +## Coding Style & Consistency + + * If you decide to open a pull request, make sure that the code you submit uses the same convention as the rest of the code. We prefer keeping the code consistent. + + * [.editorconfig](./.editorconfig) should help with basic settings. + + * Initially, AsmJit coding style was based on Google C++ Style Guide, but it has diverged from it. + + * Include guards use `_H_INCLUDED` format. + + * `asmjit` namespace must be open by `ASMJIT_BEGIN_NAMESPACE` and closed by `ASMJIT_END_NAMESPACE` + + * `asmjit::xxx` (backend specific) nested namespace must be open by `ASMJIT_BEGIN_SUB_NAMESPACE(xxx)` and closed by `ASMJIT_END_SUB_NAMESPACE`. + + * Opening bracket is on the same line, like `struct Something {`, `if (condition) {`, etc... + + * The code uses a soft limit of 120 characters per line (including documentation), but it's not enforced and it's okay to use more when it makes sense (for example defining tables, etc...). + + * Since AsmJit doesn't use Exceptions nor RTTI the code cannot use containers provided by the C++ standard library. In general, we try to only use a bare minimum from the C++ standard library to make it viable to use AsmJit even in C code bases where JIT complier is implemented in C++ ([Erlang](https://www.erlang.org/) can be seen as a great example). + +## Testing + + * AsmJit uses a minimalist unit testing framework to write unit tests to avoid third-party dependencies. + + * At the moment tests are in the same file as the implementation and are only compiled when `ASMJIT_TEST` macro is defined. + + * Use `-DASMJIT_TEST=1` when invoking [CMake](https://cmake.org/) to compile AsmJit tests. + + * Unit tests are compiled to a single `asmjit_test_unit[.exe]` executable. + + * Other tests have their own executables based on what is tested. + + * Always add assembler tests when adding new instructions, see [asmjit_test_assembler_x64.cpp](./test/asmjit_test_assembler_x64.cpp) and [asmjit_test_assembler_a64.cpp](./test/asmjit_test_assembler_a64.cpp) for more details. + +## Pull Request Messages + + * If a change fixes a bug the message should should start with `[bug]`. + + * If a change fixes or enhances documentation it should start with `[doc]`. + + * If a change fixes or enhances our CI it should start with `[ci]`. + + * If a change breaks ABI it must start with `[abi]`. + + * Otherwise there is no suggested prefix. + +## ABI Changes + + * ABI changes happen, but they are usually accumulated and committed within a short time window to not break it often. In general we prefer to break ABI once a year, or once 6 months if there is something that has a high priority. There are no hard rules though. + + * AsmJit uses an `inline namespace`, which should make it impossible to link to AsmJit library that is ABI incompatible. When ABI break happens both AsmJit version and ABI namespace are changed, see [asmjit/core/api-config.h](./src/asmjit/core/api-config.h) for more details. + + * What is an ABI break? + + * Modifying a public struct/class in a way that its functionality is altered and/or its size is changed + + * Adding/removing virtual functions to/from classes, respectively + + * Changing a signature of a public function or a class member function (for example adding a parameter). + + * Changing the value of an enum or global constant (for example instructions are now sorted by name, so adding a new instruction breaks ABI) + + * Possibly more, but these were the most common... + + * What is not ABI break? + + * Extending the functionality by using reserved members of a struct/class + + * Adding new API including new structs and classes + + * Changing anything that is internal and that doesn't leak to public headers diff --git a/deps/asmjit/LICENSE.md b/deps/asmjit/LICENSE.md new file mode 100644 index 00000000..d87dbf9b --- /dev/null +++ b/deps/asmjit/LICENSE.md @@ -0,0 +1,17 @@ +Copyright (c) 2008-2024 The AsmJit Authors + +This software is provided 'as-is', without any express or implied +warranty. In no event will the authors be held liable for any damages +arising from the use of this software. + +Permission is granted to anyone to use this software for any purpose, +including commercial applications, and to alter it and redistribute it +freely, subject to the following restrictions: + +1. The origin of this software must not be misrepresented; you must not + claim that you wrote the original software. If you use this software + in a product, an acknowledgment in the product documentation would be + appreciated but is not required. +2. Altered source versions must be plainly marked as such, and must not be + misrepresented as being the original software. +3. This notice may not be removed or altered from any source distribution. diff --git a/deps/asmjit/README.md b/deps/asmjit/README.md new file mode 100644 index 00000000..ee0c7200 --- /dev/null +++ b/deps/asmjit/README.md @@ -0,0 +1,70 @@ +AsmJit +------ + +AsmJit is a lightweight library for machine code generation written in C++ language. + + * [Official Home Page (asmjit.com)](https://asmjit.com) + * [Official Repository (asmjit/asmjit)](https://github.com/asmjit/asmjit) + * [Public Chat Channel](https://app.gitter.im/#/room/#asmjit:gitter.im) + * [Zlib License](./LICENSE.md) + +See [asmjit.com](https://asmjit.com) page for more details, examples, and documentation. + +Documentation +------------- + + * [Documentation Index](https://asmjit.com/doc/index.html) + * [Build Instructions](https://asmjit.com/doc/group__asmjit__build.html) + +Contributing +------------ + + * See [CONTRIBUTING](./CONTRIBUTING.md) page for more details + +Breaking Changes +---------------- + +Breaking the API is sometimes inevitable, what to do? + + * See [Breaking Changes Guide](https://asmjit.com/doc/group__asmjit__breaking__changes.html), which is now part of AsmJit documentation + * See asmjit tests, they always compile and provide implementation of many use-cases: + * [asmjit_test_emitters.cpp](./test/asmjit_test_emitters.cpp) - Tests that demonstrate the purpose of emitters + * [asmjit_test_assembler_x86.cpp](./test/asmjit_test_assembler_x86.cpp) - Tests targeting AsmJit's Assembler (x86/x64) + * [asmjit_test_compiler_x86.cpp](./test/asmjit_test_compiler_x86.cpp) - Tests targeting AsmJit's Compiler (x86/x64) + * [asmjit_test_instinfo.cpp](./test/asmjit_test_instinfo.cpp) - Tests that query instruction information + * [asmjit_test_x86_sections.cpp](./test/asmjit_test_x86_sections.cpp) - Multiple sections test. + * Visit our [Gitter Chat](https://app.gitter.im/#/room/#asmjit:gitter.im) if you need a quick help + +Project Organization +-------------------- + + * **`/`** - Project root + * **src** - Source code + * **asmjit** - Source code and headers (always point include path in here) + * **core** - Core API, backend independent except relocations + * **arm** - ARM specific API, used only by ARM and AArch64 backends + * **x86** - X86 specific API, used only by X86 and X64 backends + * **test** - Unit and integration tests (don't embed in your project) + * **tools** - Tools used for configuring, documenting, and generating files + +Ports +----- + + * [ ] 32-bit ARM/Thumb port (work in progress) + * [ ] RISC-V port (not in progress, help welcome) + +Support +------- + + * AsmJit project has both community and commercial support, see [AsmJit's Support Page](https://asmjit.com/support.html) + * You can help the development and maintenance through Petr Kobalicek's [GitHub sponsors Profile](https://github.com/sponsors/kobalicek) + +Notable Donors List: + + * [ZehMatt](https://github.com/ZehMatt) + + +Authors & Maintainers +--------------------- + + * Petr Kobalicek diff --git a/deps/asmjit/db/LICENSE.md b/deps/asmjit/db/LICENSE.md new file mode 100644 index 00000000..9fc2f1a0 --- /dev/null +++ b/deps/asmjit/db/LICENSE.md @@ -0,0 +1,26 @@ +AsmJit database is dual licensed under Zlib and Unlicense (public domain) + +This is free and unencumbered software released into the public domain. + +Anyone is free to copy, modify, publish, use, compile, sell, or +distribute this software, either in source code form or as a compiled +binary, for any purpose, commercial or non-commercial, and by any +means. + +In jurisdictions that recognize copyright laws, the author or authors +of this software dedicate any and all copyright interest in the +software to the public domain. We make this dedication for the benefit +of the public at large and to the detriment of our heirs and +successors. We intend this dedication to be an overt act of +relinquishment in perpetuity of all present and future rights to this +software under copyright law. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, +EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF +MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. +IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR +OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, +ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR +OTHER DEALINGS IN THE SOFTWARE. + +For more information, please refer to \ No newline at end of file diff --git a/deps/asmjit/db/README.md b/deps/asmjit/db/README.md new file mode 100644 index 00000000..12eaf9b0 --- /dev/null +++ b/deps/asmjit/db/README.md @@ -0,0 +1,21 @@ +AsmJit Instruction Database +--------------------------- + +This is a database of instructions that is used by AsmJit to generate its internal database and also assembler implementations. This project started initially as AsmDB, but was merged to AsmJit later to make the maintenance easier. The database was created in a way so that each instruction definition would only need a single line in JSON data file. The data is then processed by architecture specific data readers that make the data canonical and ready for processing. + +AsmJit database provides the following ISAs: + + * `isa_x86.json` - provides X86 instruction data (both 32-bit and 64-bit) + * `isa_aarch32.json` - provides AArch32 instruction data (A32/T16/T32 encoding) + * `isa_aarch64.json` - provides AArch64 instruction data (A64 encoding) + * `isa_aarch64_sme.json` - provides AArch64 SME instruction data (work-in-progress) + +To Be Documented +---------------- + +This project will be refactored and documented in the future. + +License +------- + +AsmJit database is dual licensed under Zlib (AsmJit license) or public domain. The database can be used for any purpose, not just by AsmJit. \ No newline at end of file diff --git a/deps/curl/.github/CODEOWNERS b/deps/curl/.github/CODEOWNERS new file mode 100644 index 00000000..7e1eea50 --- /dev/null +++ b/deps/curl/.github/CODEOWNERS @@ -0,0 +1,3 @@ +# Copyright (C) Daniel Stenberg, , et al. +# +# SPDX-License-Identifier: curl diff --git a/deps/curl/.github/CONTRIBUTING.md b/deps/curl/.github/CONTRIBUTING.md new file mode 100644 index 00000000..0cb7f45a --- /dev/null +++ b/deps/curl/.github/CONTRIBUTING.md @@ -0,0 +1,29 @@ + + +How to contribute to curl +========================= + +Join the community +------------------ + + 1. Click 'watch' on the GitHub repo + + 2. Subscribe to the suitable [mailing lists](https://curl.se/mail/) + +Read [CONTRIBUTE](../docs/CONTRIBUTE.md) +--------------------------------------- + +Send your suggestions using one of these methods: +------------------------------------------------- + + 1. in a mail to the mailing list + + 2. as a [pull request](https://github.com/curl/curl/pulls) + + 3. as an [issue](https://github.com/curl/curl/issues) + +/ The curl team diff --git a/deps/curl/.github/FUNDING.yml b/deps/curl/.github/FUNDING.yml new file mode 100644 index 00000000..f02b2d3f --- /dev/null +++ b/deps/curl/.github/FUNDING.yml @@ -0,0 +1,6 @@ +# Copyright (C) Daniel Stenberg, , et al. +# +# SPDX-License-Identifier: curl + +github: curl +open_collective: curl diff --git a/deps/curl/.github/ISSUE_TEMPLATE/bug_report.yml b/deps/curl/.github/ISSUE_TEMPLATE/bug_report.yml new file mode 100644 index 00000000..a857700f --- /dev/null +++ b/deps/curl/.github/ISSUE_TEMPLATE/bug_report.yml @@ -0,0 +1,55 @@ +# Copyright (C) Daniel Stenberg, , et al. +# +# SPDX-License-Identifier: curl + +name: Bug Report on code +description: Tell us about your problem with curl or libcurl + +body: + - type: markdown + attributes: + value: | + Thanks for taking the time to fill out this bug report! + + Only file bugs here! Ask questions on the mailing lists https://curl.se/mail/ + + **SECURITY RELATED?** Post it here: https://hackerone.com/curl + + There are collections of known issues to be aware of: + + - https://curl.se/docs/knownbugs.html + - https://curl.se/docs/todo.html + + - type: textarea + id: reproducer + attributes: + label: I did this + validations: + required: false + + - type: textarea + id: expected-behaviour + attributes: + label: I expected the following + validations: + required: false + + - type: textarea + id: version + attributes: + label: curl/libcurl version + description: | + Please paste the output of `curl -V` here. + placeholder: 'curl 8.2.0' + validations: + required: true + + - type: textarea + id: os + attributes: + label: operating system + description: | + On Unix please post the output of `uname -a` here. + placeholder: 'Fedora Linux 38' + validations: + required: true diff --git a/deps/curl/.github/ISSUE_TEMPLATE/config.yml b/deps/curl/.github/ISSUE_TEMPLATE/config.yml new file mode 100644 index 00000000..bce618da --- /dev/null +++ b/deps/curl/.github/ISSUE_TEMPLATE/config.yml @@ -0,0 +1,18 @@ +# Copyright (C) Daniel Stenberg, , et al. +# +# SPDX-License-Identifier: curl + +blank_issues_enabled: false +contact_links: + - name: Ask a question (without email) + url: https://github.com/curl/curl/discussions + about: Use the Discussion forum here on GitHub + - name: Ask a question (using email) + url: https://curl.se/mail/ + about: Send question to the suitable mailing list + - name: Commercial support + url: https://curl.se/support.html + about: Pay for fast quality support for and help with curl/libcurl + - name: Feature request + url: https://curl.se/mail/ + about: To propose new features or enhancements, please bring that discussion to a suitable curl mailing list. diff --git a/deps/curl/.github/ISSUE_TEMPLATE/docs.yml b/deps/curl/.github/ISSUE_TEMPLATE/docs.yml new file mode 100644 index 00000000..1b60a597 --- /dev/null +++ b/deps/curl/.github/ISSUE_TEMPLATE/docs.yml @@ -0,0 +1,32 @@ +# Copyright (C) Daniel Stenberg, , et al. +# +# SPDX-License-Identifier: curl + +name: Bug Report on documentation +description: Problems, errors, mistakes or typos in documentation. +labels: documentation + +body: + - type: markdown + attributes: + value: | + Thanks for taking the time to fill out this bug report! + + Only file documentation bugs here! Ask questions on the mailing lists https://curl.se/mail/ + + - type: textarea + id: source + attributes: + label: Specify which documentation you found a problem with + description: | + Include function name, URL, tarball version and all other relevant + details that identify the documentation source. + validations: + required: true + + - type: textarea + id: problem + attributes: + label: The problem + validations: + required: true diff --git a/deps/curl/.github/dependabot.yml b/deps/curl/.github/dependabot.yml new file mode 100644 index 00000000..701a5d01 --- /dev/null +++ b/deps/curl/.github/dependabot.yml @@ -0,0 +1,10 @@ +# Copyright (C) Daniel Stenberg, , et al. +# +# SPDX-License-Identifier: curl + +version: 2 +updates: + - package-ecosystem: 'github-actions' + directory: '/' + schedule: + interval: 'weekly' diff --git a/deps/curl/.github/labeler.yml b/deps/curl/.github/labeler.yml new file mode 100644 index 00000000..8515afe8 --- /dev/null +++ b/deps/curl/.github/labeler.yml @@ -0,0 +1,531 @@ +# Copyright (C) Daniel Fandrich, , et al. +# +# SPDX-License-Identifier: curl + +# The workflow configures the .github/workflows/label.yml action +# to add labels to pull requests. This is not (yet?) a replacement for human +# triaging, but is intended to add labels to the easy cases. If the matching +# language becomes more powerful, more cases should be able to be handled. +# +# Labels are added in two ways: the any-glob-to-all-files ones are added if all +# the files fit into the category, and the any-glob-to-any-file ones are added +# as long as any file matches. The first ones are for "major" categories (the +# PR is all about that one topic, like HTTP/3), while the second ones are +# "addendums" that give useful information about a PR that's really mostly +# something else (e.g. CI if the PR also touches CI jobs). +# +# N.B. any-glob-to-all-files is misnamed; it acts like one-glob-to-all-files. +# Therefore, to get any-glob-to-all-files semantics with multiple matching +# patterns, they must be joined with commas to a single string surrounded by +# braces. For example: '{lib/**,src/**}'. +# +# See https://github.com/actions/labeler/ for documentation on this file. +--- + +appleOS: + - all: + - changed-files: + - any-glob-to-all-files: "{\ + .github/workflows/macos.yml,\ + lib/config-mac.h,\ + lib/macos*,\ + lib/vtls/sectransp*,\ + m4/curl-sectransp.m4\ + }" + +authentication: + - all: + - changed-files: + - any-glob-to-all-files: "{\ + docs/mk-ca-bundle.1,\ + docs/libcurl/opts/CURLINFO_HTTPAUTH*,\ + docs/libcurl/opts/CURLINFO_PROXYAUTH*,\ + docs/libcurl/opts/CURLOPT_KRB*,\ + docs/libcurl/opts/CURLOPT_SASL*,\ + docs/libcurl/opts/CURLOPT_SERVICE_NAME*,\ + docs/libcurl/opts/CURLOPT_USERNAME*,\ + docs/libcurl/opts/CURLOPT_USERPWD*,\ + docs/libcurl/opts/CURLOPT_XOAUTH*,\ + lib/*gssapi*,\ + lib/*krb5*,\ + lib/*ntlm*,\ + lib/curl_sasl.*,\ + lib/http_aws*,\ + lib/http_digest.*,\ + lib/http_negotiate.*,\ + lib/vauth/**\ + }" + +build: + - all: + - changed-files: + - any-glob-to-all-files: "{\ + **/CMakeLists.txt,\ + **/Makefile.am,\ + **/Makefile.inc,\ + **/*.m4,\ + **/*.mk,\ + *.m4,\ + docs/INSTALL-CMAKE.md,\ + lib/curl_config.h.cmake,\ + lib/libcurl*.in,\ + CMake/**,\ + CMakeLists.txt,\ + configure.ac,\ + m4/**,\ + Makefile.*,\ + packages/**,\ + plan9/**,\ + projects/**,\ + winbuild/**,\ + lib/libcurl.def,\ + tests/cmake/**\ + }" + +CI: + - all: + - changed-files: + - any-glob-to-any-file: + - '.circleci/**' + - '.github/**' + - 'appveyor.*' + - 'scripts/ci*' + - 'tests/azure.pm' + - 'tests/appveyor.pm' + - 'tests/CI.md' + +cmake: + - all: + - changed-files: + - any-glob-to-all-files: "{\ + **/CMakeLists.txt,\ + CMake/**,\ + docs/INSTALL-CMAKE.md,\ + lib/curl_config.h.cmake,\ + tests/cmake/**\ + }" + +cmdline tool: + - all: + - changed-files: + - any-glob-to-any-file: + - 'docs/cmdline-opts/**' + - 'src/**' + +connecting & proxies: + - all: + - changed-files: + - any-glob-to-all-files: "{\ + docs/internals/CONNECTION-FILTERS.md,\ + docs/examples/ipv6.c,\ + docs/libcurl/opts/CURLINFO_CONNECT*,\ + docs/libcurl/opts/CURLINFO_PROXY*,\ + docs/libcurl/opts/CURLOPT_ADDRESS*,\ + docs/libcurl/opts/CURLOPT_CONNECT*,\ + docs/libcurl/opts/CURLOPT_HAPROXY*,\ + docs/libcurl/opts/CURLOPT_OPENSOCKET*,\ + docs/libcurl/opts/CURLOPT_PRE_PROXY*,\ + docs/libcurl/opts/CURLOPT_PROXY*,\ + docs/libcurl/opts/CURLOPT_SOCKOPT*,\ + docs/libcurl/opts/CURLOPT_SOCKS*,\ + docs/libcurl/opts/CURLOPT_TCP*,\ + docs/libcurl/opts/CURLOPT_TIMEOUT*,\ + lib/cf-*proxy.*,\ + lib/cf-socket.*,\ + lib/cfilters.*,\ + lib/conncache.*,\ + lib/connect.*,\ + lib/http_proxy.*,\ + lib/if2ip.*,\ + lib/noproxy.*,\ + lib/socks.*,\ + tests/server/socksd.c\ + }" + +cookies: + - all: + - changed-files: + - any-glob-to-all-files: "{\ + docs/HTTP-COOKIES.md,\ + docs/cmdline-opts/cookie*,\ + docs/cmdline-opts/junk-session-cookies.md,\ + docs/libcurl/opts/CURLINFO_COOKIE*,\ + docs/libcurl/opts/CURLOPT_COOKIE*,\ + docs/examples/cookie_interface.c,\ + lib/cookie.*,\ + lib/psl.*\ + }" + +cryptography: + - all: + - changed-files: + - any-glob-to-all-files: "{\ + docs/CIPHERS.md,\ + docs/RUSTLS.md,\ + docs/libcurl/opts/CURLOPT_EGDSOCKET*,\ + lib/*sha256*,\ + lib/*sha512*,\ + lib/curl_des.*,\ + lib/curl_hmac.*,\ + lib/curl_md?.*,\ + lib/md?.*,\ + lib/rand.*\ + }" + +DICT: + - all: + - changed-files: + - any-glob-to-all-files: "{\ + lib/dict.*,\ + tests/dictserver.py\ + }" + +documentation: + - all: + - changed-files: + - any-glob-to-all-files: "{\ + .github/workflows/checkdocs.yml,\ + .github/scripts/badwords.*,\ + .github/scripts/cd2cd,\ + .github/scripts/cd2nroff,\ + .github/scripts/cdall.pl,\ + .github/scripts/nroff2cd,\ + .github/scripts/verify-examples.pl,\ + .github/scripts/verify-synopsis.pl,\ + **/*.md,\ + **/*.txt,\ + **/*.1,\ + CHANGES.md,\ + docs/**,\ + LICENSES/**,\ + README,\ + RELEASE-NOTES,\ + scripts/cd*\ + }" + - all-globs-to-all-files: + # negative matches + - '!**/CMakeLists.txt' + - '!**/Makefile.am' + +FTP: + - all: + - changed-files: + - any-glob-to-all-files: "{\ + docs/libcurl/opts/CURLINFO_FTP*,\ + docs/libcurl/opts/CURLOPT_FTP*,\ + docs/libcurl/opts/CURLOPT_WILDCARDMATCH*,\ + docs/examples/ftp*,\ + lib/curl_fnmatch.*,\ + lib/curl_range.*,\ + lib/ftp*,\ + tests/ftp*\ + }" + +GOPHER: + - all: + - changed-files: + - any-glob-to-all-files: "{\ + lib/gopher*\ + }" + +HTTP: + - all: + - changed-files: + - any-glob-to-all-files: "{\ + docs/examples/hsts*,\ + docs/examples/http-*,\ + docs/examples/httpput*,\ + docs/examples/https*,\ + docs/examples/*post*,\ + docs/HTTP-COOKIES.md,\ + docs/libcurl/opts/CURLINFO_COOKIE*,\ + docs/libcurl/opts/CURLOPT_COOKIE*,\ + docs/libcurl/opts/CURLINFO_HTTP_**,\ + docs/libcurl/opts/CURLINFO_REDIRECT*,\ + docs/libcurl/opts/CURLINFO_REFER*,\ + docs/libcurl/opts/CURLOPT_FOLLOWLOCATION*,\ + docs/libcurl/opts/CURLOPT_HSTS*,\ + docs/libcurl/opts/CURLOPT_HTTP*,\ + docs/libcurl/opts/CURLOPT_POST.*,\ + docs/libcurl/opts/CURLOPT_POSTFIELD*,\ + docs/libcurl/opts/CURLOPT_POSTREDIR*,\ + docs/libcurl/opts/CURLOPT_REDIR*,\ + docs/libcurl/opts/CURLOPT_REFER*,\ + docs/libcurl/opts/CURLOPT_TRAILER*,\ + docs/libcurl/opts/CURLOPT_TRANSFER_ENCODING*,\ + lib/cf-https*,\ + lib/cf-h1*,\ + lib/cf-h2*,\ + lib/cookie.*,\ + lib/hsts.*,\ + lib/http*,\ + tests/http*,\ + tests/http-server.pl,\ + tests/http/*,\ + tests/nghttp*\ + }" + +HTTP/2: + - all: + - changed-files: + - any-glob-to-all-files: "{\ + CMake/FindNGHTTP2.cmake,\ + CMake/FindQuiche.cmake,\ + docs/libcurl/opts/CURLOPT_STREAM*,\ + docs/examples/http2*,\ + lib/http2*,\ + tests/http2-server.pl\ + }" + +HTTP/3: + - all: + - changed-files: + - any-glob-to-all-files: "{\ + .github/workflows/ngtcp2*,\ + .github/workflows/quiche*,\ + .github/workflows/osslq*,\ + CMake/FindMSH3.cmake,\ + CMake/FindNGHTTP3.cmake,\ + CMake/FindNGTCP2.cmake,\ + docs/HTTP3.md,\ + docs/examples/http3*,\ + lib/vquic/**,\ + tests/http3-server.pl,\ + tests/nghttpx.conf\ + }" + +IMAP: + - all: + - changed-files: + - any-glob-to-all-files: "{\ + lib/imap*,\ + docs/examples/imap*\ + }" + +LDAP: + - all: + - changed-files: + - any-glob-to-all-files: "{\ + lib/*ldap*\ + }" + +libcurl API: + - all: + - changed-files: + - any-glob-to-any-file: + - 'docs/libcurl/ABI.md' + - 'docs/libcurl/curl_*.md' + - 'include/curl/**' + +logging: + - all: + - changed-files: + - any-glob-to-all-files: "{\ + docs/cmdline-opts/trace*,\ + docs/libcurl/curl_global_trace*,\ + lib/curl_trc*,\ + tests/http/test_15_tracing.py\ + }" + +MIME: + - all: + - changed-files: + - any-glob-to-all-files: "{\ + docs/libcurl/curl_form*,\ + docs/libcurl/curl_mime_*,\ + docs/libcurl/opts/CURLOPT_MIME*,\ + docs/libcurl/opts/CURLOPT_HTTPPOST*,\ + lib/formdata*,\ + lib/mime*,\ + src/tool_formparse.*\ + }" + +MQTT: + - all: + - changed-files: + - any-glob-to-all-files: "{\ + lib/mqtt*,\ + tests/server/mqttd.c\ + }" + +name lookup: + - all: + - changed-files: + - any-glob-to-all-files: "{\ + docs/examples/resolve.c,\ + docs/libcurl/opts/CURLINFO_NAMELOOKUP*,\ + docs/libcurl/opts/CURLOPT_DNS*,\ + docs/libcurl/opts/CURLOPT_DOH*,\ + docs/libcurl/opts/CURLOPT_RESOLVE*,\ + lib/asyn*,\ + lib/curl_gethostname.*,\ + lib/doh*,\ + lib/host*,\ + lib/idn*,\ + lib/inet_pton.*,\ + lib/socketpair*,\ + tests/server/resolve.c\ + }" + +POP3: + - all: + - changed-files: + - any-glob-to-all-files: "{\ + docs/examples/pop3*,\ + lib/pop3.*\ + }" + +RTMP: + - all: + - changed-files: + - any-glob-to-all-files: "{\ + CMake/FindLibrtmp.cmake,\ + lib/curl_rtmp.*\ + }" + +RTSP: + - all: + - changed-files: + - any-glob-to-all-files: "{\ + docs/libcurl/opts/CURLINFO_RTSP*,\ + docs/libcurl/opts/CURLOPT_RTSP*,\ + lib/rtsp.*,\ + tests/rtspserver.pl,\ + tests/server/rtspd.c\ + }" + +SCP/SFTP: + - all: + - changed-files: + - any-glob-to-all-files: "{\ + CMake/FindLibssh2.cmake,\ + docs/libcurl/opts/CURLOPT_SSH*,\ + docs/examples/sftp*,\ + lib/vssh/**,\ + tests/sshhelp.pm,\ + tests/sshserver.pl\ + }" + +script: + - all: + - changed-files: + - any-glob-to-all-files: "{\ + **/*.pl,\ + **/*.sh,\ + curl-config.in,\ + docs/curl-config.1,\ + docs/mk-ca-bundle.1,\ + docs/THANKS-filter,\ + scripts/**\ + }" + +SMB: + - all: + - changed-files: + - any-glob-to-all-files: "{\ + lib/smb.*,\ + tests/smbserver.py\ + }" + +SMTP: + - all: + - changed-files: + - any-glob-to-all-files: "{\ + docs/examples/smtp-*,\ + docs/libcurl/opts/CURLOPT_MAIL*,\ + lib/smtp.*\ + }" + +tests: + - all: + - changed-files: + - any-glob-to-any-file: + - 'tests/**' + +TFTP: + - all: + - changed-files: + - any-glob-to-all-files: "{\ + lib/tftp.*,\ + tests/tftpserver.pl,\ + tests/server/tftp*\ + }" + +TLS: + - all: + - changed-files: + - any-glob-to-all-files: "{\ + CMake/FindBearSSL.cmake,\ + CMake/FindMbedTLS.cmake,\ + CMake/FindWolfSSL.cmake,\ + CMake/FindRustls.cmake,\ + docs/examples/ssl*,\ + docs/examples/*ssl.*,\ + docs/examples/*tls.*,\ + docs/SSL*,\ + docs/libcurl/curl_global_sslset*,\ + docs/libcurl/opts/CURLINFO_CA*,\ + docs/libcurl/opts/CURLINFO_CERT*,\ + docs/libcurl/opts/CURLINFO_SSL*,\ + docs/libcurl/opts/CURLINFO_TLS*,\ + docs/libcurl/opts/CURLOPT_CA*,\ + docs/libcurl/opts/CURLOPT_CERT*,\ + docs/libcurl/opts/CURLOPT_PINNEDPUBLICKEY*,\ + docs/libcurl/opts/CURLOPT_SSL*,\ + docs/libcurl/opts/CURLOPT_TLS*,\ + docs/libcurl/opts/CURLOPT_USE_SSL*,\ + lib/vtls/**,\ + m4/curl-bearssl.m4,\ + m4/curl-gnutls.m4,\ + m4/curl-mbedtls.m4,\ + m4/curl-openssl.m4,\ + m4/curl-rustls.m4,\ + m4/curl-schannel.m4,\ + m4/curl-sectransp.m4,\ + m4/curl-wolfssl.m4\ + }" + +URL: + - all: + - changed-files: + - any-glob-to-all-files: "{\ + docs/libcurl/curl_url*,\ + docs/URL-SYNTAX.md,\ + docs/examples/parseurl*,\ + include/curl/urlapi.h,\ + lib/urlapi*\ + }" + +WebSocket: + - all: + - changed-files: + - any-glob-to-all-files: "{\ + docs/internals/WEBSOCKET.md*,\ + docs/examples/websocket*,\ + docs/libcurl/curl_ws_*,\ + docs/libcurl/libcurl-ws*,\ + docs/libcurl/opts/CURLOPT_WS_*,\ + include/curl/websockets.h,\ + lib/ws.*,\ + tests/http/clients/ws*,\ + tests/http/test_20_websockets.py,\ + tests/http/testenv/ws*\ + }" + +Windows: + - all: + - changed-files: + - any-glob-to-all-files: "{\ + appveyor.*,\ + .github/workflows/windows.yml,\ + CMake/win32-cache.cmake,\ + lib/*win32*,\ + lib/curl_multibyte.*,\ + lib/rename.*,\ + lib/vtls/schannel*,\ + m4/curl-schannel.m4,\ + projects/**,\ + src/tool_doswin.c,\ + winbuild/**,\ + lib/libcurl.def\ + }" diff --git a/deps/curl/.github/lock.yml b/deps/curl/.github/lock.yml new file mode 100644 index 00000000..ab30d2a8 --- /dev/null +++ b/deps/curl/.github/lock.yml @@ -0,0 +1,12 @@ +# Copyright (C) Daniel Stenberg, , et al. +# +# SPDX-License-Identifier: curl + +# Configuration for lock-threads - https://github.com/dessant/lock-threads + +# Number of days of inactivity before a closed issue or pull request is locked +daysUntilLock: 90 +# Comment to post before locking. Set to `false` to disable +lockComment: false +# Limit to only `issues` or `pulls` +# only: issues diff --git a/deps/curl/.github/scripts/badwords.pl b/deps/curl/.github/scripts/badwords.pl new file mode 100644 index 00000000..fe30120a --- /dev/null +++ b/deps/curl/.github/scripts/badwords.pl @@ -0,0 +1,79 @@ +#!/usr/bin/env perl +# Copyright (C) Daniel Stenberg, , et al. +# +# SPDX-License-Identifier: curl +# +# bad[:=]correct +# +# If separator is '=', the string will be compared case sensitively. +# If separator is ':', the check is done case insensitively. +# +# To add white listed uses of bad words that are removed before checking for +# the bad ones: +# +# ---(accepted word) +# +my $w; +while() { + chomp; + if($_ =~ /^#/) { + next; + } + if($_ =~ /^---(.*)/) { + push @whitelist, $1; + } + elsif($_ =~ /^([^:=]*)([:=])(.*)/) { + my ($bad, $sep, $better)=($1, $2, $3); + push @w, $bad; + $alt{$bad} = $better; + if($sep eq "=") { + $exactcase{$bad} = 1; + } + } +} + +my $errors; + +sub file { + my ($f) = @_; + my $l = 0; + open(F, "<$f"); + while() { + my $in = $_; + $l++; + chomp $in; + if($in =~ /^ /) { + next; + } + # remove the link part + $in =~ s/(\[.*\])\(.*\)/$1/g; + # remove backticked texts + $in =~ s/\`.*\`//g; + # remove whitelisted patterns + for my $p (@whitelist) { + $in =~ s/$p//g; + } + foreach my $w (@w) { + my $case = $exactcase{$w}; + if(($in =~ /^(.*)$w/i && !$case) || + ($in =~ /^(.*)$w/ && $case) ) { + my $p = $1; + my $c = length($p)+1; + print STDERR "$f:$l:$c: error: found bad word \"$w\"\n"; + printf STDERR " %4d | $in\n", $l; + printf STDERR " | %*s^%s\n", length($p), " ", + "~" x (length($w)-1); + printf STDERR " maybe use \"%s\" instead?\n", $alt{$w}; + $errors++; + } + } + } + close(F); +} + +my @files = @ARGV; + +foreach my $each (@files) { + file($each); +} +exit $errors; diff --git a/deps/curl/.github/scripts/badwords.txt b/deps/curl/.github/scripts/badwords.txt new file mode 100644 index 00000000..8451e60f --- /dev/null +++ b/deps/curl/.github/scripts/badwords.txt @@ -0,0 +1,73 @@ +# Copyright (C) Daniel Stenberg, , et al. +# +# SPDX-License-Identifier: curl +# +back-end:backend +e-mail:email +run-time:runtime +set-up:setup +tool chain:toolchain +tool-chain:toolchain +wild-card:wildcard +wild card:wildcard +i'm:I am +you've:You have +we've:we have +we're:we are +we'll:we will +we'd:we would +they've:They have +they're:They are +they'll:They will +they'd:They would +you've:you have +you'd:you would +you'll:you will +you're:you are +should've:should have +don't=do not +could've:could have +doesn't:does not +isn't:is not +aren't:are not + a html: an html + a http: an http + a ftp: an ftp + url =URL +internet\b=Internet +isation:ization +\bit's:it is +it'd:it would +there's:there is +[^.]\. And: Rewrite it somehow? +^(And|So|But) = Rewrite it somehow? +\. But: Rewrite it somehow? +\. So : Rewrite without "so" ? + dir :directory +can't:cannot +that's:that is +web page:webpage +host name\b:hostname +host names\b:hostnames +file name\b:filename +file names\b:filenames +\buser name\b:username +\buser names\b:usernames +\bpass phrase:passphrase +didn't:did not +doesn't:does not +won't:will not +couldn't:could not +\bwill\b:rewrite to present tense +\b32bit=32-bit +\b64bit=64-bit +32 bit\b=32-bit +64 bit\b=64-bit +64-bits:64 bits or 64-bit +32-bits:32 bits or 32-bit +\bvery\b:rephrase using an alternative word +\bCurl\b=curl +\bLibcurl\b=libcurl +---WWW::Curl +---NET::Curl +---Curl Corporation diff --git a/deps/curl/.github/scripts/binarycheck.pl b/deps/curl/.github/scripts/binarycheck.pl new file mode 100644 index 00000000..25df8ddb --- /dev/null +++ b/deps/curl/.github/scripts/binarycheck.pl @@ -0,0 +1,115 @@ +#!/usr/bin/env perl +#*************************************************************************** +# _ _ ____ _ +# Project ___| | | | _ \| | +# / __| | | | |_) | | +# | (__| |_| | _ <| |___ +# \___|\___/|_| \_\_____| +# +# Copyright (C) Daniel Stenberg, , et al. +# +# This software is licensed as described in the file COPYING, which +# you should have received as part of this distribution. The terms +# are also available at https://curl.se/docs/copyright.html. +# +# You may opt to use, copy, modify, merge, publish, distribute and/or sell +# copies of the Software, and permit persons to whom the Software is +# furnished to do so, under the terms of the COPYING file. +# +# This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY +# KIND, either express or implied. +# +# SPDX-License-Identifier: curl +# +########################################################################### + +# This scripts scans the entire git repository for binary files. +# +# All files in the git repo that contain signs of being binary are then +# collected and a sha256sum is generated for all of them. That summary is then +# compared to the list of pre-vetted files so that only the exact copies of +# already scrutinized files are deemed okay to "appear binary". +# + +use strict; +use warnings; + +my $root = "."; +my $sumsfile = ".github/scripts/binarycheck.sums"; +if($ARGV[0]) { + $root = $ARGV[0]; +} + +my @bin; +my %known; +my $error = 0; + +sub knownbins { + open(my $mh, "<", "$sumsfile") || + die "can't read known binaries"; + while(<$mh>) { + my $l = $_; + chomp $l; + if($l =~ /^([a-f0-9]+) (.*)/) { + my ($sum, $file) = ($1, $2); + $known{$file} = 1; + } + elsif($l =~ /^#/) { + # skip comments + } + else { + print STDERR "suspicious line in $sumsfile\n"; + $error++; + } + } + close($mh); +} + +sub checkfile { + my ($file) = @_; + open(my $mh, "<", "$file") || die "can't read $file"; + my $line = 0; + while(<$mh>) { + my $l = $_; + $line++; + if($l =~ /([\x00-\x08\x0b\x0c\x0e-\x1f\x7f])/) { + push @bin, $file; + + if(!$known{$file}) { + printf STDERR "$file:$line has unknown binary contents\n"; + $error++; + } + last; + } + } + close($mh); +} + +my @files = `git ls-files -- $root`; + +if(scalar(@files) < 3000) { + # this means this is not the git source code repository or that git does + # not work, error out! + print STDERR "too few files in the git repository!\n"; + exit 1; +} + +knownbins(); + +if(scalar(keys %known) < 10) { + print STDERR "too few known binaries in $sumsfile\n"; + exit 2; +} + +for my $f (@files) { + chomp $f; + checkfile("$root/$f"); +} + +my $check=system("sha256sum -c $sumsfile"); +if($check) { + print STDERR "sha256sum detected a problem\n"; + $error++; +} + +exit $error; diff --git a/deps/curl/.github/scripts/binarycheck.sums b/deps/curl/.github/scripts/binarycheck.sums new file mode 100644 index 00000000..4845c684 --- /dev/null +++ b/deps/curl/.github/scripts/binarycheck.sums @@ -0,0 +1,16 @@ +# Copyright (C) Daniel Stenberg, , et al. +# SPDX-License-Identifier: curl +c68161dba1c0166e4ab8d8ce00f57326db25d29fdd52c33d9974d0972ec60990 ./tests/certs/test-localhost-san-first.pub.der +82430be03ec1783e2f9fad6e07a6f42cce62f8a23d87ea81a95977b47110c200 ./tests/certs/test-localhost-san-last.pub.der +47233a0092db614f53e96a4df83ddeaa7e5242899ede1c1a90c53423a0b13bba ./tests/certs/test-localhost.nn.pub.der +63898448aa199675a30fb6722046a665a7c1a5c24453e63d8c37397482a7dc52 ./tests/certs/test-localhost.pub.der +f78c61bb06a71d1bf9b034ecfcb7fe35ae85b6a3b87bf3a73c085dc062747dc1 ./tests/certs/test-localhost0h.pub.der +9e38c1fb0a151c4e23c8abddc44711c12afb3161c6b2a1c68e1bb2b0a4484e3b ./tests/data/test1425 +26ee981dcb84b6a2adce601084b78e6b787b54a2a997549582a8bd42087ab51b ./tests/data/test1426 +d640923e45809a3fe277e0af90459d82d32603aacc7b8db88754fcb335bf98df ./tests/data/test1531 +6f51bc318104fb5fe4b6013fc4e8e1c3c8dec1819202e8ea025bdbc4bbc8c02d ./tests/data/test1938 +33809cab2442488e5985b4939727bc4ead9fc65150f53008e3e4c93140675a94 ./tests/data/test262 +2d073a52984bab1f196d80464ea8ab6dafd887bd5fee9ed58603f8510df0c6a5 ./tests/data/test35 +4cc9fd6f31d0bb4dcb38e1565796e7ec5e48ea5ac9d3c1101de576be618786ba ./tests/data/test463 +d655a29dcf2423b420b508c9e381b0fad0b88feb74caa8978725e22c9f7c374d ./tests/data/test467 +8644ccf85e552755bf65faf2991d84f19523919379ec2cf195841a4cabe1507b ./tests/data/test545 diff --git a/deps/curl/.github/scripts/cleancmd.pl b/deps/curl/.github/scripts/cleancmd.pl new file mode 100644 index 00000000..283a9f4e --- /dev/null +++ b/deps/curl/.github/scripts/cleancmd.pl @@ -0,0 +1,119 @@ +#!/usr/bin/env perl +# Copyright (C) Daniel Stenberg, , et al. +# +# SPDX-License-Identifier: curl +# +# Input: cmdline docs markdown files, they get modified *in place* +# +# Strip off the leading meta-data/header part, remove all known curl symbols +# and long command line options. Also clean up whatever else the spell checker +# might have a problem with that we still deem is fine. +# + +open(S, "<./docs/libcurl/symbols-in-versions") + || die "can't find symbols-in-versions"; +while() { + if(/^([^ ]*) /) { + push @asyms, $1; + } +} +close(S); + +# init the opts table with "special" options not easy to figure out +my @aopts = ( + '--ftp-ssl-reqd', # old alias + ); + +open(O, "<./docs/options-in-versions") + || die "can't find options-in-versions"; +while() { + chomp; + if(/^([^ ]+)/) { + my $o = $1; + push @aopts, $o; + if($o =~ /^--no-(.*)/) { + # for the --no options, also make one without it + push @aopts, "--$1"; + } + elsif($o =~ /^--disable-(.*)/) { + # for the --disable options, also make the special ones + push @aopts, "--$1"; + push @aopts, "--no-$1"; + } + } +} +close(O); + +open(C, "<./.github/scripts/spellcheck.curl") + || die "can't find spellcheck.curl"; +while() { + if(/^\#/) { + next; + } + chomp; + if(/^([^ ]+)/) { + push @asyms, $1; + } +} +close(C); + +# longest symbols first +my @syms = sort { length($b) <=> length($a) } @asyms; + +# longest cmdline options first +my @opts = sort { length($b) <=> length($a) } @aopts; + +sub process { + my ($f) = @_; + + my $ignore = 0; + my $sepcount = 0; + my $out; + my $line = 0; + open(F, "<$f") or die; + + while() { + $line++; + if(/^---/ && ($line == 1)) { + $ignore = 1; + next; + } + elsif(/^---/ && $ignore) { + $ignore = 0; + next; + } + next if($ignore); + + my $l = $_; + + # strip out backticked words + $l =~ s/`[^`]+`//g; + + # **bold** + $l =~ s/\*\*(\S.*?)\*\*//g; + # *italics* + $l =~ s/\*(\S.*?)\*//g; + + # strip out https URLs, we don't want them spellchecked + $l =~ s!https://[a-z0-9\#_/.-]+!!gi; + + $out .= $l; + } + close(F); + + # cut out all known curl cmdline options + map { $out =~ s/$_//g; } (@opts); + + # cut out all known curl symbols + map { $out =~ s/\b$_\b//g; } (@syms); + + if(!$ignore) { + open(O, ">$f") or die; + print O $out; + close(O); + } +} + +for my $f (@ARGV) { + process($f); +} diff --git a/deps/curl/.github/scripts/cmp-config.pl b/deps/curl/.github/scripts/cmp-config.pl new file mode 100644 index 00000000..8a524616 --- /dev/null +++ b/deps/curl/.github/scripts/cmp-config.pl @@ -0,0 +1,136 @@ +#!/usr/bin/env perl +#*************************************************************************** +# _ _ ____ _ +# Project ___| | | | _ \| | +# / __| | | | |_) | | +# | (__| |_| | _ <| |___ +# \___|\___/|_| \_\_____| +# +# Copyright (C) Daniel Stenberg, , et al. +# +# This software is licensed as described in the file COPYING, which +# you should have received as part of this distribution. The terms +# are also available at https://curl.se/docs/copyright.html. +# +# You may opt to use, copy, modify, merge, publish, distribute and/or sell +# copies of the Software, and permit persons to whom the Software is +# furnished to do so, under the terms of the COPYING file. +# +# This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY +# KIND, either express or implied. +# +# SPDX-License-Identifier: curl +# +########################################################################### + +my $autotools = $ARGV[0]; +my $cmake = $ARGV[1]; + +if(!$cmake) { + print "Usage: cmp-config \n"; + exit; +} + +# this lists complete lines that will be removed from the output if +# matching +my %remove = ( + '#define CURL_EXTERN_SYMBOL' => 1, + '#define CURL_OS "Linux"' => 1, + '#define CURL_OS "x86_64-pc-linux-gnu"' => 1, + '#define GETHOSTNAME_TYPE_ARG2 int' => 1, + '#define GETHOSTNAME_TYPE_ARG2 size_t' => 1, + '#define HAVE_BROTLI 1' => 1, + '#define HAVE_BROTLI_DECODE_H 1' => 1, + '#define HAVE_DLFCN_H 1' => 1, + '#define HAVE_GSSAPI_GSSAPI_KRB5_H 1' => 1, + '#define HAVE_INTTYPES_H 1' => 1, + '#define HAVE_LDAP_H 1' => 1, + '#define HAVE_LDAP_SSL 1' => 1, + '#define HAVE_LIBBROTLIDEC 1' => 1, + '#define HAVE_LIBPSL_H 1' => 1, + '#define HAVE_LIBRTMP_RTMP_H 1' => 1, + '#define HAVE_LIBSOCKET 1' => 1, + '#define HAVE_LIBSSH' => 1, + '#define HAVE_LIBSSH2 1' => 1, + '#define HAVE_LIBSSL 1' => 1, + '#define HAVE_LIBWOLFSSH' => 1, + '#define HAVE_LIBZSTD 1' => 1, + '#define HAVE_MSH3_H 1' => 1, + '#define HAVE_NGHTTP2_NGHTTP2_H 1' => 1, + '#define HAVE_NGHTTP3_NGHTTP3_H 1' => 1, + '#define HAVE_NGTCP2_NGTCP2_CRYPTO_H 1' => 1, + '#define HAVE_NGTCP2_NGTCP2_H 1' => 1, + '#define HAVE_OPENSSL_CRYPTO_H 1' => 1, + '#define HAVE_OPENSSL_ERR_H 1' => 1, + '#define HAVE_OPENSSL_PEM_H 1' => 1, + '#define HAVE_OPENSSL_RSA_H 1' => 1, + '#define HAVE_OPENSSL_SSL_H 1' => 1, + '#define HAVE_OPENSSL_X509_H 1' => 1, + '#define HAVE_QUICHE_H 1' => 1, + '#define HAVE_SSL_SET_QUIC_USE_LEGACY_CODEPOINT 1' => 1, + '#define HAVE_STDINT_H 1' => 1, + '#define HAVE_STDIO_H 1' => 1, + '#define HAVE_STDLIB_H 1' => 1, + '#define HAVE_STRING_H 1' => 1, + '#define HAVE_SYS_XATTR_H 1' => 1, + '#define HAVE_UNICODE_UIDNA_H 1' => 1, + '#define HAVE_WOLFSSH_SSH_H 1' => 1, + '#define HAVE_ZSTD 1' => 1, + '#define HAVE_ZSTD_H 1' => 1, + '#define LT_OBJDIR ".libs/"' => 1, + '#define NEED_LBER_H 1' => 1, + '#define PACKAGE "curl"' => 1, + '#define PACKAGE_BUGREPORT "a suitable curl mailing list: https://curl.se/mail/"' => 1, + '#define PACKAGE_NAME "curl"' => 1, + '#define PACKAGE_STRING "curl -"' => 1, + '#define PACKAGE_TARNAME "curl"' => 1, + '#define PACKAGE_URL ""' => 1, + '#define PACKAGE_VERSION "-"' => 1, + '#define SIZEOF_LONG_LONG 8' => 1, + '#define VERSION "-"' => 1, + '#define _FILE_OFFSET_BITS 64' => 1, + ); + +sub filter { + my ($line) = @_; + if(!$remove{$line}) { + return "$line\n"; + } + $remove{$line}++; + return ""; +} + +sub grepit { + my ($input, $output) = @_; + my @defines; + # first get all the #define lines + open(F, "<$input"); + while() { + if($_ =~ /^#def/) { + chomp; + push @defines, $_; + } + } + close(F); + + open(O, ">$output"); + + # output the sorted list through the filter + foreach my $d(sort @defines) { + print O filter($d); + } + close(O); +} + +grepit($autotools, "/tmp/autotools"); +grepit($cmake, "/tmp/cmake"); + +foreach my $v (keys %remove) { + if($remove{$v} == 1) { + print "Ignored, never matched line: $v\n"; + } +} + + +# return the exit code from diff +exit system("diff -u /tmp/autotools /tmp/cmake") >> 8; diff --git a/deps/curl/.github/scripts/cmp-pkg-config.sh b/deps/curl/.github/scripts/cmp-pkg-config.sh new file mode 100644 index 00000000..37a31621 --- /dev/null +++ b/deps/curl/.github/scripts/cmp-pkg-config.sh @@ -0,0 +1,49 @@ +#!/usr/bin/env bash +# Copyright (C) Viktor Szakats +# +# SPDX-License-Identifier: curl + +# Sort list of libs, libpaths, cflags found in libcurl.pc and curl-config files, +# then diff the autotools and cmake generated ones. + +sort_lists() { + prevline='' + section='' + while IFS= read -r l; do + if [[ "${prevline}" =~ (--cc|--configure) ]]; then # curl-config + echo "" + else + # libcurl.pc + if [[ "${l}" =~ ^(Requires|Libs|Cflags)(\.private)?:\ (.+)$ ]]; then + if [ "${BASH_REMATCH[1]}" = 'Requires' ]; then + # Spec does not allow duplicates here: + # https://manpages.debian.org/unstable/pkg-config/pkg-config.1.en.html#Requires: + # "You may only mention the same package one time on the Requires: line" + val="$(printf '%s' "${BASH_REMATCH[3]}" | tr ',' '\n' | sort | tr '\n' ' ')" + else + val="$(printf '%s' "${BASH_REMATCH[3]}" | tr ' ' '\n' | sort -u | tr '\n' ' ')" + fi + l="${BASH_REMATCH[1]}${BASH_REMATCH[2]}: ${val}" + # curl-config + elif [[ "${section}" =~ (--libs|--static-libs) && "${l}" =~ ^( *echo\ \")(.+)(\")$ ]]; then + val="$(printf '%s' "${BASH_REMATCH[2]}" | tr ' ' '\n' | sort -u | tr '\n' ' ')" + l="${BASH_REMATCH[1]}${val}${BASH_REMATCH[3]}" + section='' + fi + echo "${l}" + fi + # curl-config + prevline="${l}" + if [[ "${l}" =~ --[a-z-]+\) ]]; then + section="${BASH_REMATCH[0]}" + fi + done < "$1" +} + +am=$(mktemp -t autotools.XXX); sort_lists "$1" > "${am}" +cm=$(mktemp -t cmake.XXX) ; sort_lists "$2" > "${cm}" +diff -u "${am}" "${cm}" +res="$?" +rm -r -f "${am}" "${cm}" + +exit "${res}" diff --git a/deps/curl/.github/scripts/codespell-ignore.txt b/deps/curl/.github/scripts/codespell-ignore.txt new file mode 100644 index 00000000..a239d9ef --- /dev/null +++ b/deps/curl/.github/scripts/codespell-ignore.txt @@ -0,0 +1,16 @@ +# Copyright (C) Daniel Stenberg, , et al. +# +# SPDX-License-Identifier: curl +clen +te +wont +statics +nome +wast +numer +anull +inout +msdos +ba +fo +ede diff --git a/deps/curl/.github/scripts/distfiles.sh b/deps/curl/.github/scripts/distfiles.sh new file mode 100644 index 00000000..26370744 --- /dev/null +++ b/deps/curl/.github/scripts/distfiles.sh @@ -0,0 +1,57 @@ +#!/usr/bin/env bash +# Copyright (C) Viktor Szakats +# +# SPDX-License-Identifier: curl + +# Compare git repo files with tarball files and report a mismatch +# after excluding exceptions. + +set -eu + +gitonly=".git* +^.* +^appveyor.* +^buildconf +^GIT-INFO.md +^README.md +^renovate.json +^REUSE.toml +^SECURITY.md +^LICENSES/* +^docs/examples/adddocsref.pl +^docs/THANKS-filter +^projects/Windows/* +^scripts/ciconfig.pl +^scripts/cijobs.pl +^scripts/contributors.sh +^scripts/contrithanks.sh +^scripts/delta +^scripts/installcheck.sh +^scripts/release-notes.pl +^scripts/singleuse.pl +^tests/CI.md" + +tarfiles="$(mktemp)" +gitfiles="$(mktemp)" + +tar -tf "$1" \ + | sed -E 's|^[^/]+/||g' \ + | grep -v -E '(/|^)$' \ + | sort > "${tarfiles}" + +git -C "${2:-.}" ls-files \ + | grep -v -E "($(printf '%s' "${gitonly}" | tr $'\n' '|' | sed -e 's|\.|\\.|g' -e 's|\*|.+|g'))$" \ + | sort > "${gitfiles}" + +dif="$(diff -u "${tarfiles}" "${gitfiles}" | tail -n +3 || true)" + +rm -rf "${tarfiles:?}" "${gitfiles:?}" + +echo 'Only in tarball:' +echo "${dif}" | grep '^-' || true +echo + +echo 'Missing from tarball:' +if echo "${dif}" | grep '^+'; then + exit 1 +fi diff --git a/deps/curl/.github/scripts/shellcheck.sh b/deps/curl/.github/scripts/shellcheck.sh new file mode 100644 index 00000000..b4a07c58 --- /dev/null +++ b/deps/curl/.github/scripts/shellcheck.sh @@ -0,0 +1,10 @@ +#!/bin/sh +# Copyright (C) Viktor Szakats +# +# SPDX-License-Identifier: curl + +shellcheck --version +# shellcheck disable=SC2046 +shellcheck --exclude=1091 \ + --enable=avoid-nullary-conditions,deprecate-which \ + $(grep -l -E '^#!(/usr/bin/env bash|/bin/sh|/bin/bash)' $(git ls-files)) diff --git a/deps/curl/.github/scripts/spacecheck.pl b/deps/curl/.github/scripts/spacecheck.pl new file mode 100644 index 00000000..b2473b15 --- /dev/null +++ b/deps/curl/.github/scripts/spacecheck.pl @@ -0,0 +1,153 @@ +#!/usr/bin/env perl +#*************************************************************************** +# _ _ ____ _ +# Project ___| | | | _ \| | +# / __| | | | |_) | | +# | (__| |_| | _ <| |___ +# \___|\___/|_| \_\_____| +# +# Copyright (C) Viktor Szakats +# +# This software is licensed as described in the file COPYING, which +# you should have received as part of this distribution. The terms +# are also available at https://curl.se/docs/copyright.html. +# +# You may opt to use, copy, modify, merge, publish, distribute and/or sell +# copies of the Software, and permit persons to whom the Software is +# furnished to do so, under the terms of the COPYING file. +# +# This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY +# KIND, either express or implied. +# +# SPDX-License-Identifier: curl +# +########################################################################### + +use strict; +use warnings; + +my @tabs = ( + "^m4/zz40-xc-ovr.m4", + "Makefile\\.[a-z]+\$", + "/mkfile", + "\\.(bat|sln|vc)\$", + "^tests/certs/.+\\.der\$", + "^tests/data/test", +); + +my @mixed_eol = ( + "^tests/certs/.+\\.(crt|der)\$", + "^tests/certs/Server-localhost0h-sv.pem", + "^tests/data/test", +); + +my @need_crlf = ( + "\\.(bat|sln)\$", + "^winbuild/.+\\.md\$", +); + +my @space_at_eol = ( + "^tests/.+\\.(cacert|crt|pem)\$", + "^tests/data/test", +); + +my @eol_at_eof = ( + "^tests/certs/.+\\.der\$", +); + +sub fn_match { + my ($filename, @masklist) = @_; + + foreach my $mask (@masklist) { + if ($filename =~ $mask) { + return 1; + } + } + return 0; +} + +sub eol_detect { + my ($content) = @_; + + my $cr = () = $content =~ /\r/g; + my $lf = () = $content =~ /\n/g; + + if ($cr > 0 && $lf == 0) { + return "cr" + } + elsif ($cr == 0 && $lf > 0) { + return "lf" + } + elsif ($cr == 0 && $lf == 0) { + return "bin" + } + elsif ($cr == $lf) { + return "crlf" + } + + return "" +} + +my $issues = 0; + +open my $git_ls_files, '-|', 'git ls-files' or die "Failed running git ls-files: $!"; +while (my $filename = <$git_ls_files>) { + chomp $filename; + + open my $fh, '<', $filename or die "Cannot open '$filename': $!"; + my $content = do { local $/; <$fh> }; + close $fh; + + my @err = (); + + if (!fn_match($filename, @tabs) && + $content =~ /\t/) { + push @err, "content: has tab"; + } + + my $eol = eol_detect($content); + + if ($eol eq "" && + !fn_match($filename, @mixed_eol)) { + push @err, "content: has mixed EOL types"; + } + + if ($eol ne "crlf" && + fn_match($filename, @need_crlf)) { + push @err, "content: must use CRLF EOL for this file type"; + } + + if ($eol ne "lf" && $content ne "" && + !fn_match($filename, @need_crlf) && + !fn_match($filename, @mixed_eol)) { + push @err, "content: must use LF EOL for this file type"; + } + + if (!fn_match($filename, @space_at_eol) && + $content =~ /[ \t]\n/) { + push @err, "content: has line-ending whitespace"; + } + + if ($content ne "" && + !fn_match($filename, @eol_at_eof) && + $content !~ /\n\z/) { + push @err, "content: has no EOL at EOF"; + } + + if ($content =~ /\n\n\z/ || + $content =~ /\r\n\r\n\z/) { + push @err, "content: has multiple EOL at EOF"; + } + + if (@err) { + $issues++; + foreach my $err (@err) { + print "$filename: $err\n"; + } + } +} +close $git_ls_files; + +if ($issues) { + exit 1; +} diff --git a/deps/curl/.github/scripts/spellcheck.curl b/deps/curl/.github/scripts/spellcheck.curl new file mode 100644 index 00000000..4de9d865 --- /dev/null +++ b/deps/curl/.github/scripts/spellcheck.curl @@ -0,0 +1,151 @@ +# Copyright (C) Daniel Stenberg, , et al. +# +# SPDX-License-Identifier: curl +# +# common variable types + structs +# callback typedefs +# public functions names +# some man page names +curl_fileinfo +curl_forms +curl_hstsentry +curl_httppost +curl_index +curl_khkey +curl_pushheaders +curl_waitfd +CURLcode +CURLformoption +CURLHcode +CURLMcode +CURLMsg +CURLSHcode +CURLUcode +curl_calloc_callback +curl_chunk_bgn_callback +curl_chunk_end_callback +curl_conv_callback +curl_debug_callback +curl_fnmatch_callback +curl_formget_callback +curl_free_callback +curl_hstsread_callback +curl_hstswrite_callback +curl_ioctl_callback +curl_malloc_callback +curl_multi_timer_callback +curl_opensocket_callback +curl_prereq_callback +curl_progress_callback +curl_push_callback +curl_read_callback +curl_realloc_callback +curl_resolver_start_callback +curl_seek_callback +curl_socket_callback +curl_sockopt_callback +curl_ssl_ctx_callback +curl_strdup_callback +curl_trailer_callback +curl_write_callback +curl_xferinfo_callback +curl_strequal +curl_strnequal +curl_mime_init +curl_mime_free +curl_mime_addpart +curl_mime_name +curl_mime_filename +curl_mime_type +curl_mime_encoder +curl_mime_data +curl_mime_filedata +curl_mime_data_cb +curl_mime_subparts +curl_mime_headers +curl_formadd +curl_formget +curl_formfree +curl_getdate +curl_getenv +curl_version +curl_easy_escape +curl_escape +curl_easy_unescape +curl_unescape +curl_free +curl_global_init +curl_global_init_mem +curl_global_cleanup +curl_global_trace +curl_global_sslset +curl_slist_append +curl_slist_free_all +curl_getdate +curl_share_init +curl_share_setopt +curl_share_cleanup +curl_version_info +curl_easy_strerror +curl_share_strerror +curl_easy_pause +curl_easy_ssls_import +curl_easy_ssls_export +curl_easy_init +curl_easy_setopt +curl_easy_perform +curl_easy_cleanup +curl_easy_getinfo +curl_easy_duphandle +curl_easy_reset +curl_easy_recv +curl_easy_send +curl_easy_upkeep +curl_easy_header +curl_easy_nextheader +curl_mprintf +curl_mfprintf +curl_msprintf +curl_msnprintf +curl_mvprintf +curl_mvfprintf +curl_mvsprintf +curl_mvsnprintf +curl_maprintf +curl_mvaprintf +curl_multi_init +curl_multi_add_handle +curl_multi_remove_handle +curl_multi_fdset +curl_multi_waitfds +curl_multi_wait +curl_multi_poll +curl_multi_wakeup +curl_multi_perform +curl_multi_cleanup +curl_multi_info_read +curl_multi_strerror +curl_multi_socket +curl_multi_socket_action +curl_multi_socket_all +curl_multi_timeout +curl_multi_setopt +curl_multi_assign +curl_multi_get_handles +curl_pushheader_bynum +curl_pushheader_byname +curl_multi_waitfds +curl_easy_option_by_name +curl_easy_option_by_id +curl_easy_option_next +curl_url +curl_url_cleanup +curl_url_dup +curl_url_get +curl_url_set +curl_url_strerror +curl_ws_recv +curl_ws_send +curl_ws_meta +libcurl-env +libcurl-ws diff --git a/deps/curl/.github/scripts/spellcheck.words b/deps/curl/.github/scripts/spellcheck.words new file mode 100644 index 00000000..d0eda710 --- /dev/null +++ b/deps/curl/.github/scripts/spellcheck.words @@ -0,0 +1,979 @@ +# Copyright (C) Daniel Stenberg, , et al. +# +# SPDX-License-Identifier: curl +# +AAAA +ABI +accessor +ACK +AES +AIA +AIX +al +Alessandro +aliasMode +allocator +alnum +ALPN +Altera +AltSvc +ALTSVC +amiga +AmigaOS +AmiSSL +anyauth +anycast +apache +Apache +API +APIs +APOP +AppVeyor +archivers +Archos +Arntsen +Aros +asynch +AsynchDNS +atime +auth +autobuild +autobuilds +Autoconf +autoconf +Automake +automake +autoreconf +Autotools +autotools +AVR +AWS +AWS-LC +axTLS +backend +backends +backoff +backticks +balancers +Baratov +basename +bashrc +BDFL +BearSSL +Benoit +BeOS +bitmask +bitwise +Björn +Bjørn +bool +boolean +BoringSSL +Boukris +Broadcom +brotli +bufq +bufref +bugfix +bugfixes +buildable +buildbot +Caddy +calloc +CAPA +capath +CCC +CDN +CentOS +CFLAGS +cflags +CGI's +CHACHA +chacha +Chaffraix +changelog +changeset +CharConv +charset +charsets +checksrc +checksums +chgrp +chmod +chown +ChromeOS +CI's +CIDR +CIFS +CLA +CLAs +cleartext +CLI +ClientHello +clientp +cliget +closesocket +CMake +cmake +CMake's +cmake's +CMakeLists +CNA +CNAME +CNAMEs +CODESET +codeset +CodeSonar +Comcast +commit's +Config +config +conncache +connectdata +CookieInfo +Coverity +CPUs +CR +CRL +CRLF +crontab +crt +crypto +cryptographic +cryptographically +CSEQ +CSeq +csh +cshrc +CTRL +cURL +CURLcode +curldown +CURLE +CURLECH +CURLH +curlimages +CURLINFO +curlrc +curltest +customizable +CVE +CVSS +CWD +CWE +cyassl +Cygwin +daniel +datatracker +dbg +Debian +DEBUGBUILD +decrypt +decrypting +deepcode +DELE +DER +dereference +dereferences +deselectable +deserialization +Deserialized +destructor +detections +dev +devcpp +DevOps +devtools +DHCP +DHE +dir +distro +distro's +distros +DJGPP +dlist +DLL +dll +DLLs +DNS +dns +dnsop +DoH +DoT +doxygen +drftpd +dsa +Dudka +Dymond +dynbuf +EAGAIN +EBCDIC +ECC +ECDHE +ECH +ECHConfig +ECHConfigList +ecl +ECONNREFUSED +eCOS +ECT +EF +EFnet +EGD +EHLO +EINTR +else's +encodings +enctype +endianness +Engler +enum +epoll +EPRT +EPSV +ERRNO +errno +ESNI +et +etag +ETag +ETags +exe +executables +EXPN +extensibility +failsafe +Falkeborn +Fandrich +Fastly +fcpp +Fedora +Feltzing +ffi +filesize +filesystem +FindCURL +FLOSS +fnmatch +footguns +formpost +formposts +Fortnite +FOSS +FPL +fread +FreeBSD +FreeDOS +FreeRTOS +freshmeat +Frexx +FS +fseek +FTPing +fuzzer +fwrite +Garmin +gcc +GCM +gdb +Genode +Gentoo +Gergely +getaddrinfo +getenv +gethostbyname +gethostname +Getinfo +getinfo +GETing +getpwuid +ggcov +Ghedini +Gisle +Glesys +globbed +globbing +gmail +GnuTLS +Golemon +GOST +GPG +GPL +GPLed +GREASE +GREASEing +Greear +groff +gsasl +GSKit +gskit +GSS +GSSAPI +GTFO +Guenter +GUIs +Gunderson +Gustafsson +gzip +Gzipped +gzipped +HackerOne +HackerOne's +HAProxy +HardenedBSD +Hards +Haxx +haxx +Heimdal +HelloRetryRequest +HELO +HH +HMAC +Hoersken +Holme +homebrew +hostname +hostnames +Housley +HRR +Hruska +HSTS +hsts +HTC +html +http +HTTPAUTH +httpd +HTTPD +httpget +HttpGet +HTTPS +https +HTTPSRR +hyper's +Högskolan +IANA +Icecast +ICONV +iconv +IDN +IDNA +IETF +ietf +ifdef +ifdefed +Ifdefs +ifdefs +ifhost +IIS +ILE +illumos +IMAP +imap +IMAPS +imaps +impacket +init +initializer +inlined +interop +interoperable +interoperates +IoT +ipadOS +IPCXN +IPFS +ipld +IPNS +IPv +IPv4 +IPv4/6 +IPv6 +IRIs +IRIX +Itanium +iX +Jakub +Jiri +jo +jpeg +jq +JSON +json +Julien +Kamil +Kaufmann +kB +KDE +keepalive +Keil +kerberos +Keychain +keychain +KiB +kickstart +Kirei +Knauf +kqueue +Krb +krb +Kubernetes +Kuhrt +Kungliga +Largefile +LDAP +ldap +LDAPS +ldaps +LF +LGTM +libbrotlidec +libc +libcurl +libcurl's +libcurls +libera +libev +libevent +libgsasl +libidn +libnssckbi +libnsspem +libpsl +Libre +libre +LibreSSL +librtmp +libs +libssh +libssh2 +Libtool +libtool +libuv +libWebSocket +libz +libzstd +LineageOS +linux +lldb +ln +localhost +LOGDIR +logfile +lookups +loopback +LOWCOST +LOWDELAY +LPRT +LSB +lseek +Lua +lwIP +macdef +macOS +macos +Makefile +makefiles +malloc +mallocs +manpage +manpages +maprintf +Marek +Mavrogiannopoulos +Mbed +mbedTLS +md +Meglio +memdebug +MesaLink +mesalink +Metalink +mfprintf +Michal +Micrium +MicroBlaze +MicroOS +middlebox +MINCOST +mingw +MinGW +MINIX +misconfigured +Mishyn +mitigations +MITM +mk +mkdir +mktime +Monnerat +monospace +MorphOS +MPE +MPL +mprintf +MPTCP +MQTT +mqtt +mqtts +MSB +MSGSENT +msh +MSIE +msnprintf +msprintf +msquic +mstate +MSVC +MSYS +msys +mtime +mTLS +MUA +multicwd +multiparts +multipath +MultiSSL +mumbo +musedev +mutex +mvaprintf +mvfprintf +mvprintf +mvsnprintf +mvsprintf +MX +Nagel +Nagle +NAMELOOKUP +Natively +NATs +nc +NCR +NDK +NEC +Necko +NetBSD +netrc +netstat +Netware +NFS +nghttp +nghttpx +ngtcp +Nikos +Nios +nitems +NixOS +NLST +nmake +nmemb +nocwd +NODELAY +NonStop +NOOP +Novell +NPN +nroff +nslookup +NSS +nss +NTLM +NTLMUSER +NTLMv +NUM +NuttX +OAuth +objcopy +OCSP +Ok +OpenBSD +OpenLDAP +OpenRISC +OpenSSF +OpenSSF's +OpenSSH +OpenSSL +OpenStep +openSUSE +openwall +Orbis +ORing +Osipov +OSS +PaaS +pac +pacman +parser's +parsers +PASE +PASV +PEM +pem +perl +permafailing +PINGs +pipelining +PKCS +pkcs +PKGBUILD +PKI +pluggable +pn +PolarSSL +Polhem +pollset +POSIX +Postfix +POSTing +POSTs +PowerShell +pre +prebuilt +precompiled +prepend +prepended +prepending +prepends +preprocess +preprocessed +Preprocessing +preprocessor +Prereq +PRET +pretransfer +printf +printf's +PSL +pthreads +PTR +ptr +punycode +PWD +pwd +py +pycurl +pytest +Pytest +qname +QNX +QoS +Qubes +QUIC +quictls +quicwg +Raad +radix +RAS +RBS +ReactOS +README +realloc +Realtime +rebalances +rebase +RECV +recv +Redhat +redirections +redirs +redistributable +Redox +reentrant +Referer +referer +reinitializes +Relatedly +repo +reprioritized +resending +resends +RETR +retransmit +retrigger +RHEL +Rikard +rmdir +ROADMAP +Roadmap +Rockbox +roffit +RPG +RR +RRs +RRtype +RSA +RTMP +rtmp +rtmpdump +RTMPE +RTMPS +RTMPT +RTMPTE +RTMPTS +RTOS +RTP +RTSP +rtsp +RTT +runtests +runtime +Ruslan +rustc +Rustls +rustls +Sagula +SanDisk +SAS +SASL +Satiro +Schannel +Schindelin +SCO +SCP +scp +SDK +se +SEB +SEK +selectable +Serv +setopt +setsockopt +setuid +SFTP +sftp +sha +SHOUTcast +SIGALRM +SIGCHLD +SIGPIPE +singlecwd +SINIX +Sintonen +sizeof +SLE +slist +sln +SMB +smb +SMBS +smbs +SMBv +SMTP +smtp +smtps +SMTPS +SNI +socketopen +socketpair +sockopt +SOCKOPT +SOCKSv +Solaris +SONAME +Soref +SOVERSION +SPARC +SPDX +SPNEGO +Spotify +sprintf +src +SRP +SRWLOCK +SSL +ssl +SSLeay +SSLKEYLOGFILE +SSLS +sslv +SSLv +SSLVERSION +SSPI +stackoverflow +STARTTLS +STARTTRANSFER +stateful +statvfs +stderr +stdin +stdout +Steinar +Stenberg +STLS +STOR +strcat +strcpy +strdup +strerror +strlen +strncat +struct +structs +Structs +stunnel +subdirectories +subdirectory +submitters +substring +substrings +SunOS +SunSSH +superset +svc +svcb +SVCB +Svyatoslav +Swisscom +sws +Symbian +symlink +symlinks +syntaxes +Szakats +TABs +Tatsuhiro +TBD +TCP +tcpdump +Tekniska +testability +testcurl +TFTP +tftp +threadsafe +Tizen +TLS +tlsv +TLSv +TODO +Tomtom +toolchain +toolchains +toolset +toplevel +TOS +TPF +TrackMemory +transcode +Tru +trurl +trustless +Tse +Tsujikawa +TTL +tvOS +txt +typedef +typedefed +Ubuntu +ucLinux +UCRT +UDP +UI +UID +UIDL +Ultrix +Unary +unassign +UNC +uncompress +unencoded +unencrypted +unescape +Unglobbed +Unicode +UNICOS +UnixSockets +UnixWare +unlink +unpause +unpaused +unpauses +unpausing +unsanitized +Unshare +unsharing +untrusted +unwrite +UPN +upstreaming +URI +URIs +url +URL's +urlencoded +urlget +USD +userdata +Userinfo +userinfo +USERPROFILE +UTF +UX +valgrind +Vanem +vararg +VC +vcpkg +vexxhost +Viktor +Virtuozzo +VLAN +VM +VMS +VMware +vnd +VRF +VRFY +VSE +vsftpd +vsprintf +vt +vtls +vxWorks +wakeup +Warta +watchOS +WAV +WB +wcurl +web page +WebDAV +WebOS +webpage +WebSocket +WEBSOCKET +WHATWG +whitespace +Whitespaces +winbind +winbuild +WinIDN +WinLDAP +winsock +Wireshark +wolfSSH +wolfSSL +ws +WS +WSS +www +Xbox +XDG +xdigit +Xilinx +XP +Xtensa +XYZ +Youtube +YYYY +YYYYMMDD +Zakrzewski +Zitzmann +zlib +zsh +zstd +Zuul +zuul diff --git a/deps/curl/.github/scripts/spellcheck.yaml b/deps/curl/.github/scripts/spellcheck.yaml new file mode 100644 index 00000000..04dfbfaf --- /dev/null +++ b/deps/curl/.github/scripts/spellcheck.yaml @@ -0,0 +1,32 @@ +# Copyright (C) Daniel Stenberg, , et al. +# +# SPDX-License-Identifier: curl +# +# Docs: https://github.com/UnicornGlobal/spellcheck-github-actions +matrix: + - name: Markdown + expect_match: false + apsell: + mode: en + dictionary: + wordlists: + - wordlist.txt + output: wordlist.dic + encoding: utf-8 + pipeline: + - pyspelling.filters.markdown: + markdown_extensions: + - markdown.extensions.extra: + - pyspelling.filters.html: + comments: true + attributes: + - title + - alt + ignores: + - ':matches(code, pre)' + - 'code' + - 'pre' + - 'strong' + - 'em' + sources: + - '**/*.md|!docs/BINDINGS.md|!docs/DISTROS.md|!docs/CIPHERS-TLS12.md' diff --git a/deps/curl/.github/scripts/trimmarkdownheader.pl b/deps/curl/.github/scripts/trimmarkdownheader.pl new file mode 100644 index 00000000..9c623730 --- /dev/null +++ b/deps/curl/.github/scripts/trimmarkdownheader.pl @@ -0,0 +1,41 @@ +#!/usr/bin/env perl +# Copyright (C) Daniel Stenberg, , et al. +# +# SPDX-License-Identifier: curl +# +# Given: a libcurl curldown man page +# Outputs: the same file, minus the header +# + +my $f = $ARGV[0]; + +open(F, "<$f") or die; + +my @out; +my $line = 0; +my $hideheader = 0; + +while() { + if($hideheader) { + if(/^---/) { + # end if hiding + $hideheader = 0; + } + push @out, "\n"; # replace with blank + next; + } + elsif(!$line++ && /^---/) { + # starts with a header, strip off the header + $hideheader = 1; + push @out, "\n"; # replace with blank + next; + } + push @out, $_; +} +close(F); + +open(O, ">$f") or die; +for my $l (@out) { + print O $l; +} +close(O); diff --git a/deps/curl/.github/scripts/verify-examples.pl b/deps/curl/.github/scripts/verify-examples.pl new file mode 100644 index 00000000..28d24595 --- /dev/null +++ b/deps/curl/.github/scripts/verify-examples.pl @@ -0,0 +1,110 @@ +#!/usr/bin/env perl +#*************************************************************************** +# _ _ ____ _ +# Project ___| | | | _ \| | +# / __| | | | |_) | | +# | (__| |_| | _ <| |___ +# \___|\___/|_| \_\_____| +# +# Copyright (C) Daniel Stenberg, , et al. +# +# This software is licensed as described in the file COPYING, which +# you should have received as part of this distribution. The terms +# are also available at https://curl.se/docs/copyright.html. +# +# You may opt to use, copy, modify, merge, publish, distribute and/or sell +# copies of the Software, and permit persons to whom the Software is +# furnished to do so, under the terms of the COPYING file. +# +# This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY +# KIND, either express or implied. +# +# SPDX-License-Identifier: curl +# +########################################################################### + +my @files = @ARGV; +my $cfile = "test.c"; +my $check = "./scripts/checksrc.pl"; +my $error; + +if($files[0] eq "-h") { + print "Usage: verify-synopsis [man pages]\n"; + exit; +} + +sub testcompile { + my $rc = system("gcc -c test.c -DCURL_DISABLE_TYPECHECK -DCURL_ALLOW_OLD_MULTI_SOCKET -DCURL_DISABLE_DEPRECATION -Wunused -Werror -Wno-unused-but-set-variable -I include") >> 8; + return $rc; +} + +sub checksrc { + my $rc = system("$check test.c") >> 8; + return $rc; +} + +sub extract { + my($f) = @_; + my $syn = 0; + my $l = 0; + my $iline = 0; + my $fail = 0; + open(F, "<$f") or die "failed opening input file $f : $!"; + open(O, ">$cfile") or die "failed opening output file $cfile : $!"; + print O "#include \n"; + while() { + $iline++; + if(/^.SH EXAMPLE/) { + $syn = 1 + } + elsif($syn == 1) { + if(/^.nf/) { + $syn++; + print O "/* !checksrc! disable UNUSEDIGNORE all */\n"; + print O "/* !checksrc! disable COPYRIGHT all */\n"; + print O "/* !checksrc! disable FOPENMODE all */\n"; + printf O "#line %d \"$f\"\n", $iline+1; + } + } + elsif($syn == 2) { + if(/^.fi/) { + last; + } + if(/(?, et al. +# +# This software is licensed as described in the file COPYING, which +# you should have received as part of this distribution. The terms +# are also available at https://curl.se/docs/copyright.html. +# +# You may opt to use, copy, modify, merge, publish, distribute and/or sell +# copies of the Software, and permit persons to whom the Software is +# furnished to do so, under the terms of the COPYING file. +# +# This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY +# KIND, either express or implied. +# +# SPDX-License-Identifier: curl +# +########################################################################### + +my @files = @ARGV; +my $cfile = "test.c"; + +if($files[0] eq "-h") { + print "Usage: verify-synopsis [man pages]\n"; + exit; +} + +sub testcompile { + my $rc = system("gcc -c test.c -DCURL_DISABLE_TYPECHECK -DCURL_ALLOW_OLD_MULTI_SOCKET -I include") >> 8; + return $rc; +} + + +sub extract { + my($f) = @_; + my $syn = 0; + my $l = 0; + my $iline = 0; + open(F, "<$f"); + open(O, ">$cfile"); + while() { + $iline++; + if(/^# SYNOPSIS/) { + $syn = 1 + } + elsif($syn == 1) { + if(/^\~\~\~/) { + $syn++; + print O "#line $iline \"$f\"\n"; + } + } + elsif($syn == 2) { + if(/^\~\~\~/) { + last; + } + # turn the vararg argument into vararg + $_ =~ s/, parameter\)\;/, ...);/; + print O $_; + $l++; + } + } + close(F); + close(O); + + if($syn < 2) { + print STDERR "Found no synopsis in $f\n"; + return 1; + } + + return 0; +} + +my $error; +for my $m (@files) { + $error |= extract($m); + $error |= testcompile($m); +} +exit $error; diff --git a/deps/curl/.github/scripts/yamlcheck.sh b/deps/curl/.github/scripts/yamlcheck.sh new file mode 100644 index 00000000..2431c97a --- /dev/null +++ b/deps/curl/.github/scripts/yamlcheck.sh @@ -0,0 +1,13 @@ +#!/bin/sh +# Copyright (C) Viktor Szakats +# +# SPDX-License-Identifier: curl + +set -eu + +# shellcheck disable=SC2046 +yamllint \ + --format standard \ + --strict \ + --config-data "$(dirname "$0")/yamlcheck.yaml" \ + $(git ls-files '*.yaml' '*.yml') diff --git a/deps/curl/.github/scripts/yamlcheck.yaml b/deps/curl/.github/scripts/yamlcheck.yaml new file mode 100644 index 00000000..a6e16410 --- /dev/null +++ b/deps/curl/.github/scripts/yamlcheck.yaml @@ -0,0 +1,17 @@ +# Copyright (C) Viktor Szakats +# +# SPDX-License-Identifier: curl +# +# Docs: https://yamllint.readthedocs.io/en/stable/configuration.html + +extends: default + +rules: + line-length: + max: 500 + level: warning + + braces: disable + commas: disable + comments: disable + document-start: disable diff --git a/deps/curl/.github/stale.yml b/deps/curl/.github/stale.yml new file mode 100644 index 00000000..dc239b56 --- /dev/null +++ b/deps/curl/.github/stale.yml @@ -0,0 +1,21 @@ +# Copyright (C) Daniel Stenberg, , et al. +# +# SPDX-License-Identifier: curl + +# Number of days of inactivity before an issue becomes stale +daysUntilStale: 180 +# Number of days of inactivity before a stale issue is closed +daysUntilClose: 14 +# Issues with these labels will never be considered stale +exemptLabels: + - pinned + - security +# Label to use when marking an issue as stale +staleLabel: stale +# Comment to post when marking an issue as stale. Set to `false` to disable +markComment: > + This issue has been automatically marked as stale because it has not had + recent activity. It will be closed if no further activity occurs. Thank you + for your contributions. +# Comment to post when closing a stale issue. Set to `false` to disable +closeComment: false diff --git a/deps/curl/.github/workflows/appveyor-status.yml b/deps/curl/.github/workflows/appveyor-status.yml new file mode 100644 index 00000000..221db2d2 --- /dev/null +++ b/deps/curl/.github/workflows/appveyor-status.yml @@ -0,0 +1,41 @@ +# Copyright (C) Daniel Stenberg, , et al. +# +# SPDX-License-Identifier: curl + +name: AppVeyor Status Report + +'on': + status + +concurrency: + group: ${{ github.workflow }}-${{ github.event.sha }}-${{ github.event.target_url }} + cancel-in-progress: true + +permissions: {} + +jobs: + split: + runs-on: ubuntu-latest + if: ${{ github.event.sender.login == 'appveyor[bot]' }} + permissions: + statuses: write + steps: + - name: Create individual AppVeyor build statuses + if: ${{ github.event.sha && github.event.target_url }} + env: + APPVEYOR_COMMIT_SHA: ${{ github.event.sha }} + APPVEYOR_TARGET_URL: ${{ github.event.target_url }} + APPVEYOR_REPOSITORY: ${{ github.event.repository.full_name }} + GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} + run: | + echo ${APPVEYOR_TARGET_URL} | sed 's/\/project\//\/api\/projects\//' | xargs -t -n1 curl -s | \ + jq -c '.build.jobs[] | {target_url: ($target_url + "/job/" + .jobId), + context: (.name | sub("^(Environment: )?"; "AppVeyor / ")), + state: (.status | sub("queued"; "pending") + | sub("starting"; "pending") + | sub("running"; "pending") + | sub("failed"; "failure") + | sub("cancelled"; "error")), + description: .status}' \ + --arg target_url ${APPVEYOR_TARGET_URL} | tee /dev/stderr | parallel --pipe -j 1 -N 1 \ + gh api --silent --input - repos/${APPVEYOR_REPOSITORY}/statuses/${APPVEYOR_COMMIT_SHA} diff --git a/deps/curl/.github/workflows/checkdocs.yml b/deps/curl/.github/workflows/checkdocs.yml new file mode 100644 index 00000000..dd52efab --- /dev/null +++ b/deps/curl/.github/workflows/checkdocs.yml @@ -0,0 +1,159 @@ +# Copyright (C) Daniel Stenberg, , et al. +# +# SPDX-License-Identifier: curl + +# This workflow contains tests that operate on documentation files only. Some +# checks modify the source so they cannot be combined into a single job. + +name: Docs + +'on': + push: + branches: + - master + - '*/ci' + paths: + - '.github/workflows/checkdocs.yml' + - '.github/scripts/mdlinkcheck' + - '/scripts/**' + - '**.md' + - 'docs/*' + pull_request: + branches: + - master + paths: + - '.github/workflows/checkdocs.yml' + - '.github/scripts/**' + - '.github/scripts/mdlinkcheck' + - '**.md' + - 'docs/*' + +concurrency: + group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.sha }} + cancel-in-progress: true + +permissions: {} + +jobs: + # proselint: + # runs-on: ubuntu-latest + # steps: + # - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4 + # with: + # persist-credentials: false + # name: checkout + # + # - name: install prereqs + # run: | + # sudo rm -f /etc/apt/sources.list.d/microsoft-prod.list + # sudo apt-get -o Dpkg::Use-Pty=0 update + # sudo apt-get -o Dpkg::Use-Pty=0 install python3-proselint + # + # # config file help: https://github.com/amperser/proselint/ + # - name: create proselint config + # run: | + # cat < $HOME/.proselintrc.json + # { + # "checks": { + # "typography.diacritical_marks": false, + # "typography.symbols": false, + # "annotations.misc": false, + # "security.password": false, + # "misc.annotations": false + # } + # } + # JSON + # + # - name: trim headers off all *.md files + # run: git ls-files -z '*.md' | xargs -0 -n1 .github/scripts/trimmarkdownheader.pl + # + # - name: check prose + # run: git ls-files -z '*.md' | grep -Evz 'CHECKSRC.md|DISTROS.md|curl_mprintf.md|CURLOPT_INTERFACE.md|interface.md' | xargs -0 proselint README + # + # # This is for CHECKSRC and files with aggressive exclamation mark needs + # - name: create second proselint config + # run: | + # cat < $HOME/.proselintrc.json + # { + # "checks": { + # "typography.diacritical_marks": false, + # "typography.symbols": false, + # "typography.exclamation": false, + # "lexical_illusions.misc": false, + # "annotations.misc": false + # } + # } + # JSON + # + # - name: check special prose + # run: proselint docs/internals/CHECKSRC.md docs/libcurl/curl_mprintf.md docs/libcurl/opts/CURLOPT_INTERFACE.md docs/cmdline-opts/interface.md + + linkcheck: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 + with: + persist-credentials: false + name: checkout + + - name: Run mdlinkcheck + run: ./scripts/mdlinkcheck + + spellcheck: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 + with: + persist-credentials: false + name: checkout + + - name: trim all *.md files in docs/ + run: .github/scripts/cleancmd.pl $(find docs -name "*.md") + + - name: setup the custom wordlist + run: grep -v '^#' .github/scripts/spellcheck.words > wordlist.txt + + - name: Check Spelling + uses: rojopolis/spellcheck-github-actions@ed0756273a1658136c36d26e3d0353de35b98c8b # v0 + with: + config_path: .github/scripts/spellcheck.yaml + + badwords-synopsis: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 + with: + persist-credentials: false + name: checkout + + - name: badwords + run: .github/scripts/badwords.pl < .github/scripts/badwords.txt `git ls-files '**.md'` docs/TODO docs/KNOWN_BUGS packages/OS400/README.OS400 + + - name: verify-synopsis + run: .github/scripts/verify-synopsis.pl docs/libcurl/curl*.md + + man-examples: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 + with: + persist-credentials: false + name: checkout + + - name: render nroff versions + run: autoreconf -fi && ./configure --without-ssl --without-libpsl && make -C docs + + - name: verify examples + run: .github/scripts/verify-examples.pl docs/libcurl/curl*.3 docs/libcurl/opts/*.3 + + miscchecks: + runs-on: ubuntu-24.04-arm + timeout-minutes: 5 + steps: + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 + with: + persist-credentials: false + name: checkout + + - name: spacecheck + run: .github/scripts/spacecheck.pl diff --git a/deps/curl/.github/workflows/checksrc.yml b/deps/curl/.github/workflows/checksrc.yml new file mode 100644 index 00000000..83a5f396 --- /dev/null +++ b/deps/curl/.github/workflows/checksrc.yml @@ -0,0 +1,120 @@ +# Copyright (C) Daniel Stenberg, , et al. +# +# SPDX-License-Identifier: curl + +# This workflow contains checks at the source code level only. + +name: Source + +'on': + push: + branches: + - master + - '*/ci' + paths-ignore: + - '**/*.md' + - '.circleci/**' + - 'appveyor.*' + - 'plan9/**' + - 'tests/data/**' + - 'winbuild/**' + pull_request: + branches: + - master + paths-ignore: + - '**/*.md' + - '.circleci/**' + - 'appveyor.*' + - 'plan9/**' + - 'tests/data/**' + - 'winbuild/**' + +permissions: {} + +jobs: + checksrc: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 + with: + persist-credentials: false + name: checkout + + - name: check + run: git ls-files -z "*.[ch]" | xargs -0 -n1 ./scripts/checksrc.pl + + codespell-cmakelint-pytype-ruff: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 + with: + persist-credentials: false + name: checkout + + - name: install + env: + DEBIAN_FRONTEND: noninteractive + run: | + sudo rm -f /etc/apt/sources.list.d/microsoft-prod.list + sudo apt-get -o Dpkg::Use-Pty=0 update + sudo apt-get -o Dpkg::Use-Pty=0 install \ + codespell python3-pip python3-networkx python3-pydot python3-yaml \ + python3-toml python3-markupsafe python3-jinja2 python3-tabulate \ + python3-typing-extensions python3-libcst python3-impacket \ + python3-websockets python3-pytest + python3 -m pip install --break-system-packages cmakelint==1.4.3 pytype==2024.9.13 ruff==0.6.8 + + - name: spellcheck + run: | + codespell \ + --skip scripts/mk-ca-bundle.pl \ + --skip src/tool_hugehelp.c \ + -I .github/scripts/codespell-ignore.txt \ + CMake include m4 scripts src lib + + - name: cmakelint + run: scripts/cmakelint.sh + + - name: pytype + run: find . -name '*.py' -exec pytype -j auto -k {} + + + - name: ruff + run: ruff check --extend-select=B007,B016,C405,C416,COM818,D200,D213,D204,D401,D415,FURB129,N818,PERF401,PERF403,PIE790,PIE808,PLW0127,Q004,RUF010,SIM101,SIM117,SIM118,TRY400,TRY401 + + reuse: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 + with: + persist-credentials: false + name: checkout + + - name: REUSE Compliance Check + uses: fsfe/reuse-action@bb774aa972c2a89ff34781233d275075cbddf542 # v5 + + miscchecks: + runs-on: ubuntu-latest + timeout-minutes: 5 + steps: + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 + with: + persist-credentials: false + name: checkout + + - name: shellcheck + run: .github/scripts/shellcheck.sh + + - name: spacecheck + run: .github/scripts/spacecheck.pl + + - name: yamlcheck + run: .github/scripts/yamlcheck.sh + + - name: binarycheck + run: .github/scripts/binarycheck.pl + + # we allow some extra in source code + - name: badwords + run: | + grep -Ev '(\\bwill| url | dir )' .github/scripts/badwords.txt | \ + .github/scripts/badwords.pl $(git ls-files -- src lib include) diff --git a/deps/curl/.github/workflows/configure-vs-cmake.yml b/deps/curl/.github/workflows/configure-vs-cmake.yml new file mode 100644 index 00000000..7130c7e6 --- /dev/null +++ b/deps/curl/.github/workflows/configure-vs-cmake.yml @@ -0,0 +1,149 @@ +# Copyright (C) Daniel Stenberg, , et al. +# +# SPDX-License-Identifier: curl + +name: configure-vs-cmake +'on': + push: + branches: + - master + paths: + - '*.ac' + - '**/*.m4' + - '**/CMakeLists.txt' + - 'CMake/**' + - 'lib/curl_config.h.cmake' + - 'tests/cmake/**' + - '.github/scripts/cmp-config.pl' + - '.github/workflows/configure-vs-cmake.yml' + + pull_request: + branches: + - master + paths: + - '*.ac' + - '**/*.m4' + - '**/CMakeLists.txt' + - 'CMake/**' + - 'lib/curl_config.h.cmake' + - 'tests/cmake/**' + - '.github/scripts/cmp-config.pl' + - '.github/workflows/configure-vs-cmake.yml' + +permissions: {} + +jobs: + check-linux: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 + with: + persist-credentials: false + + - name: 'run configure --with-openssl' + run: | + autoreconf -fi + export PKG_CONFIG_DEBUG_SPEW=1 + mkdir bld-am && cd bld-am && ../configure --enable-static=no --with-openssl --without-libpsl --without-brotli + + - name: 'run cmake' + run: | + cmake -B bld-cm -DCURL_WERROR=ON -DCURL_USE_LIBPSL=OFF -DCURL_BROTLI=OFF + + - name: 'configure log' + run: cat bld-am/config.log 2>/dev/null || true + + - name: 'cmake log' + run: cat bld-cm/CMakeFiles/CMakeConfigureLog.yaml 2>/dev/null || true + + - name: 'compare generated curl_config.h files' + run: ./.github/scripts/cmp-config.pl bld-am/lib/curl_config.h bld-cm/lib/curl_config.h + + - name: 'compare generated libcurl.pc files' + run: ./.github/scripts/cmp-pkg-config.sh bld-am/libcurl.pc bld-cm/libcurl.pc + + - name: 'compare generated curl-config files' + run: ./.github/scripts/cmp-pkg-config.sh bld-am/curl-config bld-cm/curl-config + + check-macos: + runs-on: macos-latest + steps: + - name: 'install packages' + run: | + while [[ $? == 0 ]]; do for i in 1 2 3; do brew update && brew install libtool autoconf automake && break 2 || { echo Error: wait to try again; sleep 10; } done; false Too many retries; done + + - name: 'toolchain versions' + run: | + echo '::group::brew packages installed'; ls -l "$(brew --prefix)/opt"; echo '::endgroup::' + + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 + with: + persist-credentials: false + + - name: 'run configure --with-openssl' + run: | + autoreconf -fi + export PKG_CONFIG_DEBUG_SPEW=1 + mkdir bld-am && cd bld-am && ../configure --enable-static=no --with-openssl --without-libpsl --disable-ldap --with-zstd + + - name: 'run cmake' + run: | + cmake -B bld-cm -DCURL_WERROR=ON -DCURL_USE_LIBPSL=OFF -DCURL_DISABLE_LDAP=ON \ + -DCMAKE_C_COMPILER_TARGET="$(uname -m | sed 's/arm64/aarch64/')-apple-darwin$(uname -r)" \ + -DCURL_BROTLI=OFF \ + -DCURL_USE_LIBSSH2=OFF + + - name: 'configure log' + run: cat bld-am/config.log 2>/dev/null || true + + - name: 'cmake log' + run: cat bld-cm/CMakeFiles/CMakeConfigureLog.yaml 2>/dev/null || true + + - name: 'compare generated curl_config.h files' + run: ./.github/scripts/cmp-config.pl bld-am/lib/curl_config.h bld-cm/lib/curl_config.h + + - name: 'compare generated libcurl.pc files' + run: ./.github/scripts/cmp-pkg-config.sh bld-am/libcurl.pc bld-cm/libcurl.pc + + - name: 'compare generated curl-config files' + run: ./.github/scripts/cmp-pkg-config.sh bld-am/curl-config bld-cm/curl-config + + check-windows: + runs-on: ubuntu-latest + env: + TRIPLET: 'x86_64-w64-mingw32' + steps: + - name: 'install packages' + run: sudo apt-get -o Dpkg::Use-Pty=0 install mingw-w64 + + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 + with: + persist-credentials: false + + - name: 'run configure --with-schannel' + run: | + autoreconf -fi + export PKG_CONFIG_DEBUG_SPEW=1 + mkdir bld-am && cd bld-am && ../configure --enable-static=no --with-schannel --without-libpsl --host="${TRIPLET}" + + - name: 'run cmake' + run: | + cmake -B bld-cm -DCURL_WERROR=ON -DCURL_USE_SCHANNEL=ON -DCURL_USE_LIBPSL=OFF \ + -DCMAKE_SYSTEM_NAME=Windows \ + -DCMAKE_C_COMPILER_TARGET="${TRIPLET}" \ + -DCMAKE_C_COMPILER="${TRIPLET}-gcc" + + - name: 'configure log' + run: cat bld-am/config.log 2>/dev/null || true + + - name: 'cmake log' + run: cat bld-cm/CMakeFiles/CMakeConfigureLog.yaml 2>/dev/null || true + + - name: 'compare generated curl_config.h files' + run: ./.github/scripts/cmp-config.pl bld-am/lib/curl_config.h bld-cm/lib/curl_config.h + + - name: 'compare generated libcurl.pc files' + run: ./.github/scripts/cmp-pkg-config.sh bld-am/libcurl.pc bld-cm/libcurl.pc + + - name: 'compare generated curl-config files' + run: ./.github/scripts/cmp-pkg-config.sh bld-am/curl-config bld-cm/curl-config diff --git a/deps/curl/.github/workflows/curl-for-win.yml b/deps/curl/.github/workflows/curl-for-win.yml new file mode 100644 index 00000000..ef479b33 --- /dev/null +++ b/deps/curl/.github/workflows/curl-for-win.yml @@ -0,0 +1,163 @@ +# Copyright (C) Viktor Szakats +# +# SPDX-License-Identifier: curl +--- +name: curl-for-win + +'on': + push: + branches: + - master + - '*/ci' + paths-ignore: + - '**/*.md' + - '.circleci/**' + - 'appveyor.*' + - 'packages/**' + - 'plan9/**' + - 'projects/**' + - 'winbuild/**' + pull_request: + branches: + - master + paths-ignore: + - '**/*.md' + - '.circleci/**' + - 'appveyor.*' + - 'packages/**' + - 'plan9/**' + - 'projects/**' + - 'winbuild/**' + +concurrency: + group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.sha }} + cancel-in-progress: true + +permissions: {} + +env: + CW_NOGET: 'curl trurl' + CW_MAP: '0' + CW_JOBS: '5' + CW_NOPKG: '1' + +jobs: + linux-glibc-gcc: + runs-on: ubuntu-latest + timeout-minutes: 30 + steps: + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 + with: + persist-credentials: false + path: 'curl' + fetch-depth: 8 + - name: 'build' + run: | + git clone --depth 1 https://github.com/curl/curl-for-win + mv curl-for-win/* . + export CW_CONFIG='-main-werror-linux-a64-x64-gcc' + export CW_REVISION='${{ github.sha }}' + DOCKER_IMAGE='debian:bookworm-slim' + export DOCKER_CONTENT_TRUST=1 + export CW_CCSUFFIX='-15' + export CW_GCCSUFFIX='-12' + docker trust inspect --pretty "${DOCKER_IMAGE}" + time docker pull "${DOCKER_IMAGE}" + docker images --digests + time docker run --volume "$(pwd):$(pwd)" --workdir "$(pwd)" \ + --env-file <(env | grep -a -E \ + '^(CW_|GITHUB_)') \ + "${DOCKER_IMAGE}" \ + sh -c ./_ci-linux-debian.sh + + linux-musl-llvm: + runs-on: ubuntu-latest + timeout-minutes: 30 + steps: + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 + with: + persist-credentials: false + path: 'curl' + fetch-depth: 8 + - name: 'build' + run: | + git clone --depth 1 https://github.com/curl/curl-for-win + mv curl-for-win/* . + export CW_CONFIG='-main-werror-linux-musl-r64-x64' + export CW_REVISION='${{ github.sha }}' + . ./_versions.sh + docker trust inspect --pretty "${DOCKER_IMAGE}" + time docker pull "${DOCKER_IMAGE}" + docker images --digests + time docker run --volume "$(pwd):$(pwd)" --workdir "$(pwd)" \ + --env-file <(env | grep -a -E \ + '^(CW_|GITHUB_)') \ + "${DOCKER_IMAGE}" \ + sh -c ./_ci-linux-debian.sh + + mac-clang: + runs-on: macos-latest + timeout-minutes: 30 + env: + CW_JOBS: '4' + steps: + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 + with: + persist-credentials: false + path: 'curl' + fetch-depth: 8 + - name: 'build' + run: | + git clone --depth 1 https://github.com/curl/curl-for-win + mv curl-for-win/* . + export CW_CONFIG='-main-werror-mac-x64' + export CW_REVISION='${{ github.sha }}' + sh -c ./_ci-mac-homebrew.sh + + win-llvm: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 + with: + persist-credentials: false + path: 'curl' + fetch-depth: 8 + - name: 'build' + run: | + git clone --depth 1 https://github.com/curl/curl-for-win + mv curl-for-win/* . + export CW_CONFIG='-main-werror-win-x64' + export CW_REVISION='${{ github.sha }}' + . ./_versions.sh + docker trust inspect --pretty "${DOCKER_IMAGE}" + time docker pull "${DOCKER_IMAGE}" + docker images --digests + time docker run --volume "$(pwd):$(pwd)" --workdir "$(pwd)" \ + --env-file <(env | grep -a -E \ + '^(CW_|GITHUB_)') \ + "${DOCKER_IMAGE}" \ + sh -c ./_ci-linux-debian.sh + + win-gcc-libssh-zlibng-x86: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 + with: + persist-credentials: false + path: 'curl' + fetch-depth: 8 + - name: 'build' + run: | + git clone --depth 1 https://github.com/curl/curl-for-win + mv curl-for-win/* . + export CW_CONFIG='-main-werror-win-x86-gcc-libssh1-zlibng' + export CW_REVISION='${{ github.sha }}' + . ./_versions.sh + docker trust inspect --pretty "${DOCKER_IMAGE}" + time docker pull "${DOCKER_IMAGE}" + docker images --digests + time docker run --volume "$(pwd):$(pwd)" --workdir "$(pwd)" \ + --env-file <(env | grep -a -E \ + '^(CW_|GITHUB_)') \ + "${DOCKER_IMAGE}" \ + sh -c ./_ci-linux-debian.sh diff --git a/deps/curl/.github/workflows/distcheck.yml b/deps/curl/.github/workflows/distcheck.yml new file mode 100644 index 00000000..1347c86c --- /dev/null +++ b/deps/curl/.github/workflows/distcheck.yml @@ -0,0 +1,194 @@ +# Copyright (C) Daniel Stenberg, , et al. +# +# SPDX-License-Identifier: curl + +name: dist + +'on': + push: + branches: + - master + - '*/ci' + pull_request: + branches: + - master + +concurrency: + group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.sha }} + cancel-in-progress: true + +permissions: {} + +env: + MAKEFLAGS: -j 5 + +jobs: + maketgz-and-verify-in-tree: + runs-on: ubuntu-latest + timeout-minutes: 15 + steps: + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 + with: + persist-credentials: false + + - name: 'remove preinstalled curl libcurl4{-doc}' + run: sudo apt-get -o Dpkg::Use-Pty=0 purge curl libcurl4 libcurl4-doc + + - name: 'autoreconf' + run: autoreconf -fi + + - name: 'configure' + run: ./configure --without-ssl --without-libpsl + + - name: 'make' + run: make V=1 + + - name: 'maketgz' + run: SOURCE_DATE_EPOCH=1711526400 ./scripts/maketgz 99.98.97 + + - uses: actions/upload-artifact@4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1 # v4 + with: + name: 'release-tgz' + path: 'curl-99.98.97.tar.gz' + retention-days: 1 + + - name: 'verify in-tree configure build including install' + run: | + echo "::stop-commands::$(uuidgen)" + tar xvf curl-99.98.97.tar.gz + pushd curl-99.98.97 + ./configure --prefix=$HOME/temp --without-ssl --without-libpsl + make + make test-ci + make install + popd + # basic check of the installed files + bash scripts/installcheck.sh $HOME/temp + rm -rf curl-99.98.97 + + verify-out-of-tree-docs: + runs-on: ubuntu-latest + timeout-minutes: 15 + needs: maketgz-and-verify-in-tree + steps: + - uses: actions/download-artifact@cc203385981b70ca67e1cc392babf9cc229d5806 # v4 + with: + name: 'release-tgz' + + - name: 'verify out-of-tree configure build including docs' + run: | + echo "::stop-commands::$(uuidgen)" + tar xvf curl-99.98.97.tar.gz + touch curl-99.98.97/docs/{cmdline-opts,libcurl}/Makefile.inc + mkdir build + pushd build + ../curl-99.98.97/configure --without-ssl --without-libpsl + make + make test-ci + popd + rm -rf build + rm -rf curl-99.98.97 + + verify-out-of-tree-autotools-debug: + runs-on: ubuntu-latest + timeout-minutes: 15 + needs: maketgz-and-verify-in-tree + steps: + - uses: actions/download-artifact@cc203385981b70ca67e1cc392babf9cc229d5806 # v4 + with: + name: 'release-tgz' + + - name: 'verify out-of-tree autotools debug build' + run: | + echo "::stop-commands::$(uuidgen)" + tar xvf curl-99.98.97.tar.gz + pushd curl-99.98.97 + mkdir build + pushd build + ../configure --without-ssl --enable-debug "--prefix=${PWD}/pkg" --without-libpsl + make + make test-ci + make install + + verify-out-of-tree-cmake: + runs-on: ubuntu-latest + timeout-minutes: 15 + needs: maketgz-and-verify-in-tree + steps: + - uses: actions/download-artifact@cc203385981b70ca67e1cc392babf9cc229d5806 # v4 + with: + name: 'release-tgz' + + - name: 'verify out-of-tree cmake build' + run: | + echo "::stop-commands::$(uuidgen)" + tar xvf curl-99.98.97.tar.gz + pushd curl-99.98.97 + cmake -B build -DCURL_WERROR=ON -DCURL_USE_LIBPSL=OFF + make -C build + + missing-files: + runs-on: ubuntu-latest + timeout-minutes: 5 + needs: maketgz-and-verify-in-tree + steps: + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 + with: + persist-credentials: false + + - uses: actions/download-artifact@cc203385981b70ca67e1cc392babf9cc229d5806 # v4 + with: + name: 'release-tgz' + + - name: 'detect files missing from release tarball' + run: .github/scripts/distfiles.sh curl-99.98.97.tar.gz + + reproducible-releases: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 + with: + persist-credentials: false + + - name: 'remove preinstalled curl libcurl4{-doc}' + run: sudo apt-get -o Dpkg::Use-Pty=0 purge curl libcurl4 libcurl4-doc + + - name: 'generate release tarballs' + run: ./scripts/dmaketgz 9.10.11 + + - name: 'verify release tarballs' + run: | + mkdir _verify + mv curl-9.10.11.tar.gz _verify + cd _verify + ../scripts/verify-release curl-9.10.11.tar.gz + + cmake-integration: + name: 'cmake-integration-on-${{ matrix.image }}' + runs-on: ${{ matrix.image }} + timeout-minutes: 10 + env: + CC: clang + CMAKE_GENERATOR: Ninja + strategy: + fail-fast: false + matrix: + image: [ubuntu-latest, macos-latest] + steps: + - name: 'install prereqs' + run: | + if [[ '${{ matrix.image }}' = *'ubuntu'* ]]; then + sudo apt-get -o Dpkg::Use-Pty=0 install ninja-build libpsl-dev libssl-dev + else + brew install ninja libpsl openssl + fi + + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 + with: + persist-credentials: false + - name: 'via FetchContent' + run: ./tests/cmake/test.sh FetchContent + - name: 'via add_subdirectory' + run: ./tests/cmake/test.sh add_subdirectory + - name: 'via find_package' + run: ./tests/cmake/test.sh find_package diff --git a/deps/curl/.github/workflows/fuzz.yml b/deps/curl/.github/workflows/fuzz.yml new file mode 100644 index 00000000..fc647d88 --- /dev/null +++ b/deps/curl/.github/workflows/fuzz.yml @@ -0,0 +1,46 @@ +# Copyright (C) Daniel Stenberg, , et al. +# +# SPDX-License-Identifier: curl + +name: Fuzzer + +'on': + push: + branches: + - master + - '*/ci' + paths-ignore: + - '**/*.md' + - '**/CMakeLists.txt' + - '.circleci/**' + - 'appveyor.*' + - 'CMake/**' + - 'packages/**' + - 'plan9/**' + - 'projects/**' + - 'tests/data/**' + - 'winbuild/**' + pull_request: + branches: + - master + paths-ignore: + - '**/*.md' + - '**/CMakeLists.txt' + - '.circleci/**' + - 'appveyor.*' + - 'CMake/**' + - 'packages/**' + - 'plan9/**' + - 'projects/**' + - 'tests/data/**' + - 'winbuild/**' + +concurrency: + group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.sha }} + cancel-in-progress: true + +permissions: {} + +jobs: + Fuzzing: + uses: curl/curl-fuzzer/.github/workflows/ci.yml@master diff --git a/deps/curl/.github/workflows/hacktoberfest-accepted.yml b/deps/curl/.github/workflows/hacktoberfest-accepted.yml new file mode 100644 index 00000000..6b07f0be --- /dev/null +++ b/deps/curl/.github/workflows/hacktoberfest-accepted.yml @@ -0,0 +1,68 @@ +# Copyright (C) Daniel Stenberg, , et al. +# +# SPDX-License-Identifier: curl + +name: Hacktoberfest + +'on': + # this must not ever run on any other branch than master + push: + branches: + - master + +concurrency: + # this should not run in parallel, so just run one at a time + group: ${{ github.workflow }} + +permissions: {} + +jobs: + # add hacktoberfest-accepted label to PRs opened starting from September 30th + # till November 1st which are closed via commit reference from master branch. + merged: + runs-on: ubuntu-latest + permissions: + # requires issues AND pull-requests write permissions to edit labels on PRs! + issues: write + pull-requests: write + steps: + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 + with: + persist-credentials: false + fetch-depth: 100 + + - name: Check whether repo participates in Hacktoberfest + run: | + gh config set prompt disabled && echo "label=$( + gh repo view --json repositoryTopics --jq '.repositoryTopics[].name' | grep '^hacktoberfest$')" >> $GITHUB_OUTPUT + id: check + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + + - name: Search relevant commit message lines starting with Closes/Merges + run: | + git log --format=email '${{ github.event.before }}..${{ github.event.after }}' | \ + grep -Ei '^Close[sd]? ' | sort | uniq | tee log + if: steps.check.outputs.label == 'hacktoberfest' + + - name: Search for Number-based PR references + run: | + grep -Eo '#([0-9]+)' log | cut -d# -f2 | sort | uniq | xargs -t -n1 -I{} \ + gh pr view {} --json number,createdAt \ + --jq '{number, opened: .createdAt} | [.number, .opened] | join(":")' | tee /dev/stderr | \ + grep -Eo '^([0-9]+):[0-9]{4}-(09-30T|10-|11-01T)' | cut -d: -f1 | sort | uniq | xargs -t -n1 -I {} \ + gh pr edit {} --add-label 'hacktoberfest-accepted' + if: steps.check.outputs.label == 'hacktoberfest' + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + + - name: Search for URL-based PR references + run: | + grep -Eo 'github.com/(.+)/(.+)/pull/([0-9]+)' log | sort | uniq | xargs -t -n1 -I{} \ + gh pr view 'https://{}' --json number,createdAt \ + --jq '{number, opened: .createdAt} | [.number, .opened] | join(":")' | tee /dev/stderr | \ + grep -Eo '^([0-9]+):[0-9]{4}-(09-30T|10-|11-01T)' | cut -d: -f1 | sort | uniq | xargs -t -n1 -I {} \ + gh pr edit {} --add-label 'hacktoberfest-accepted' + if: steps.check.outputs.label == 'hacktoberfest' + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} diff --git a/deps/curl/.github/workflows/http3-linux.yml b/deps/curl/.github/workflows/http3-linux.yml new file mode 100644 index 00000000..81290556 --- /dev/null +++ b/deps/curl/.github/workflows/http3-linux.yml @@ -0,0 +1,519 @@ +# Copyright (C) Daniel Stenberg, , et al. +# +# SPDX-License-Identifier: curl + +name: Linux HTTP/3 + +'on': + push: + branches: + - master + - '*/ci' + paths-ignore: + - '**/*.md' + - '.circleci/**' + - 'appveyor.*' + - 'packages/**' + - 'plan9/**' + - 'projects/**' + - 'winbuild/**' + pull_request: + branches: + - master + paths-ignore: + - '**/*.md' + - '.circleci/**' + - 'appveyor.*' + - 'packages/**' + - 'plan9/**' + - 'projects/**' + - 'winbuild/**' + +concurrency: + # Hardcoded workflow filename as workflow name above is just Linux again + group: http3-${{ github.event.pull_request.number || github.sha }} + cancel-in-progress: true + +permissions: {} + +env: + MAKEFLAGS: -j 5 + # handled in renovate.json + openssl-version: 3.4.1 + # handled in renovate.json + quictls-version: 3.3.0 + # renovate: datasource=github-tags depName=gnutls/gnutls versioning=semver registryUrl=https://github.com + gnutls-version: 3.8.9 + # renovate: datasource=github-tags depName=wolfSSL/wolfssl versioning=semver extractVersion=^v?(?.+)-stable$ registryUrl=https://github.com + wolfssl-version: 5.7.6 + # renovate: datasource=github-tags depName=ngtcp2/nghttp3 versioning=semver registryUrl=https://github.com + nghttp3-version: 1.8.0 + # renovate: datasource=github-tags depName=ngtcp2/ngtcp2 versioning=semver registryUrl=https://github.com + ngtcp2-version: 1.11.0 + # renovate: datasource=github-tags depName=nghttp2/nghttp2 versioning=semver registryUrl=https://github.com + nghttp2-version: 1.65.0 + # renovate: datasource=github-tags depName=cloudflare/quiche versioning=semver registryUrl=https://github.com + quiche-version: 0.23.4 + +jobs: + build-cache: + runs-on: ubuntu-latest + + steps: + - name: 'cache quictls' + uses: actions/cache@d4323d4df104b026a6aa633fdb11d772146be0bf # v4 + id: cache-quictls-no-deprecated + env: + cache-name: cache-quictls-no-deprecated + with: + path: ~/quictls/build + key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.quictls-version }}-quic1 + + - name: 'cache gnutls' + uses: actions/cache@d4323d4df104b026a6aa633fdb11d772146be0bf # v4 + id: cache-gnutls + env: + cache-name: cache-gnutls + with: + path: ~/gnutls/build + key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.gnutls-version }} + + - name: 'cache wolfssl' + uses: actions/cache@d4323d4df104b026a6aa633fdb11d772146be0bf # v4 + id: cache-wolfssl + env: + cache-name: cache-wolfssl + with: + path: ~/wolfssl/build + key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.wolfssl-version }} + + - name: 'cache nghttp3' + uses: actions/cache@d4323d4df104b026a6aa633fdb11d772146be0bf # v4 + id: cache-nghttp3 + env: + cache-name: cache-nghttp3 + with: + path: ~/nghttp3/build + key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.nghttp3-version }} + + - name: 'cache ngtcp2' + uses: actions/cache@d4323d4df104b026a6aa633fdb11d772146be0bf # v4 + id: cache-ngtcp2 + env: + cache-name: cache-ngtcp2 + with: + path: ~/ngtcp2/build + key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.ngtcp2-version }}-${{ env.quictls-version }}-${{ env.gnutls-version }}-${{ env.wolfssl-version }} + + - name: 'cache nghttp2' + uses: actions/cache@d4323d4df104b026a6aa633fdb11d772146be0bf # v4 + id: cache-nghttp2 + env: + cache-name: cache-nghttp2 + with: + path: ~/nghttp2/build + key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.nghttp2-version }}-${{ env.quictls-version }}-${{ env.ngtcp2-version }}-${{ env.nghttp3-version }} + + - id: settings + if: | + steps.cache-quictls-no-deprecated.outputs.cache-hit != 'true' || + steps.cache-gnutls.outputs.cache-hit != 'true' || + steps.cache-wolfssl.outputs.cache-hit != 'true' || + steps.cache-nghttp3.outputs.cache-hit != 'true' || + steps.cache-ngtcp2.outputs.cache-hit != 'true' || + steps.cache-nghttp2.outputs.cache-hit != 'true' + run: | + echo 'needs-build=true' >> $GITHUB_OUTPUT + + - name: 'install build prereqs' + if: steps.settings.outputs.needs-build == 'true' + run: | + sudo rm -f /etc/apt/sources.list.d/microsoft-prod.list + sudo apt-get -o Dpkg::Use-Pty=0 update + sudo apt-get -o Dpkg::Use-Pty=0 install \ + libtool autoconf automake pkgconf stunnel4 \ + libpsl-dev libbrotli-dev libzstd-dev zlib1g-dev libev-dev libc-ares-dev \ + nettle-dev libp11-kit-dev libtspi-dev libunistring-dev guile-2.2-dev libtasn1-bin \ + libtasn1-6-dev libidn2-0-dev gawk gperf libtss2-dev dns-root-data bison gtk-doc-tools \ + texinfo texlive texlive-extra-utils autopoint libev-dev \ + apache2 apache2-dev libnghttp2-dev + echo 'CC=gcc-12' >> $GITHUB_ENV + echo 'CXX=g++-12' >> $GITHUB_ENV + + - name: 'build quictls' + if: steps.cache-quictls-no-deprecated.outputs.cache-hit != 'true' + run: | + cd $HOME + git clone --quiet --depth=1 -b openssl-${{ env.quictls-version }}-quic1 https://github.com/quictls/openssl quictls + cd quictls + ./config no-deprecated --prefix=$PWD/build --libdir=lib no-makedepend no-apps no-docs no-tests + make + make -j1 install_sw + + - name: 'build gnutls' + if: steps.cache-gnutls.outputs.cache-hit != 'true' + run: | + cd $HOME + git clone --quiet --depth=1 -b ${{ env.gnutls-version }} https://github.com/gnutls/gnutls.git + cd gnutls + ./bootstrap + ./configure --disable-dependency-tracking --prefix=$PWD/build \ + LDFLAGS="-Wl,-rpath,$PWD/build/lib -L$PWD/build/lib" \ + --with-included-libtasn1 --with-included-unistring \ + --disable-guile --disable-doc --disable-tests --disable-tools + make + make install + + - name: 'build wolfssl' + if: steps.cache-wolfssl.outputs.cache-hit != 'true' + run: | + cd $HOME + git clone --quiet --depth=1 -b v${{ env.wolfssl-version }}-stable https://github.com/wolfSSL/wolfssl.git + cd wolfssl + ./autogen.sh + ./configure --disable-dependency-tracking --enable-all --enable-quic \ + --disable-benchmark --disable-crypttests --disable-examples --prefix=$PWD/build + make + make install + + - name: 'build nghttp3' + if: steps.cache-nghttp3.outputs.cache-hit != 'true' + run: | + cd $HOME + git clone --quiet --depth=1 -b v${{ env.nghttp3-version }} https://github.com/ngtcp2/nghttp3 + cd nghttp3 + git submodule update --init --depth=1 + autoreconf -fi + ./configure --disable-dependency-tracking --prefix=$PWD/build \ + PKG_CONFIG_PATH="$PWD/build/lib/pkgconfig" \ + --enable-lib-only + make + make install + + - name: 'build ngtcp2' + if: steps.cache-ngtcp2.outputs.cache-hit != 'true' + run: | + cd $HOME + git clone --quiet --depth=1 -b v${{ env.ngtcp2-version }} https://github.com/ngtcp2/ngtcp2 + cd ngtcp2 + autoreconf -fi + ./configure --disable-dependency-tracking --prefix=$PWD/build \ + PKG_CONFIG_PATH="$HOME/quictls/build/lib/pkgconfig:$HOME/gnutls/build/lib/pkgconfig:$HOME/wolfssl/build/lib/pkgconfig" \ + --enable-lib-only --with-openssl --with-gnutls --with-wolfssl + make install + + - name: 'build nghttp2' + if: steps.cache-nghttp2.outputs.cache-hit != 'true' + run: | + cd $HOME + git clone --quiet --depth=1 -b v${{ env.nghttp2-version }} https://github.com/nghttp2/nghttp2 + cd nghttp2 + git submodule update --init --depth=1 + autoreconf -fi + ./configure --disable-dependency-tracking --prefix=$PWD/build \ + PKG_CONFIG_PATH="$HOME/quictls/build/lib/pkgconfig:$HOME/nghttp3/build/lib/pkgconfig:$HOME/ngtcp2/build/lib/pkgconfig" \ + LDFLAGS="-Wl,-rpath,$HOME/quictls/build/lib" \ + --enable-http3 + make install + + linux: + name: ${{ matrix.build.generate && 'CM' || 'AM' }} ${{ matrix.build.name }} + needs: + - build-cache + runs-on: 'ubuntu-latest' + timeout-minutes: 45 + strategy: + fail-fast: false + matrix: + build: + - name: quictls + PKG_CONFIG_PATH: '$HOME/quictls/build/lib/pkgconfig:$HOME/nghttp3/build/lib/pkgconfig:$HOME/ngtcp2/build/lib/pkgconfig:$HOME/nghttp2/build/lib/pkgconfig' + configure: >- + LDFLAGS="-Wl,-rpath,$HOME/quictls/build/lib" + --with-ngtcp2=$HOME/ngtcp2/build --enable-warnings --enable-werror --enable-debug --disable-ntlm + --with-test-nghttpx="$HOME/nghttp2/build/bin/nghttpx" + --with-openssl=$HOME/quictls/build --enable-ssls-export + --with-libuv + + - name: gnutls + PKG_CONFIG_PATH: '$HOME/gnutls/build/lib/pkgconfig:$HOME/nghttp3/build/lib/pkgconfig:$HOME/ngtcp2/build/lib/pkgconfig:$HOME/nghttp2/build/lib/pkgconfig' + configure: >- + LDFLAGS="-Wl,-rpath,$HOME/gnutls/build/lib" + --with-ngtcp2=$HOME/ngtcp2/build --enable-warnings --enable-werror --enable-debug + --with-test-nghttpx="$HOME/nghttp2/build/bin/nghttpx" + --with-gnutls=$HOME/gnutls/build --enable-ssls-export + --with-libuv + + - name: wolfssl + PKG_CONFIG_PATH: '$HOME/wolfssl/build/lib/pkgconfig:$HOME/nghttp3/build/lib/pkgconfig:$HOME/ngtcp2/build/lib/pkgconfig:$HOME/nghttp2/build/lib/pkgconfig' + configure: >- + LDFLAGS="-Wl,-rpath,$HOME/wolfssl/build/lib" + --with-ngtcp2=$HOME/ngtcp2/build --enable-warnings --enable-werror --enable-debug + --with-test-nghttpx="$HOME/nghttp2/build/bin/nghttpx" + --with-wolfssl=$HOME/wolfssl/build + --enable-ech --enable-ssls-export + --with-libuv + + - name: wolfssl + PKG_CONFIG_PATH: '$HOME/wolfssl/build/lib/pkgconfig:$HOME/nghttp3/build/lib/pkgconfig:$HOME/ngtcp2/build/lib/pkgconfig:$HOME/nghttp2/build/lib/pkgconfig' + generate: >- + -DCURL_USE_WOLFSSL=ON -DUSE_NGTCP2=ON -DENABLE_DEBUG=ON + -DTEST_NGHTTPX="$HOME/nghttp2/build/bin/nghttpx" + -DHTTPD_NGHTTPX="$HOME/nghttp2/build/bin/nghttpx" + -DUSE_ECH=ON + -DCURL_USE_LIBUV=ON + + - name: openssl-quic + PKG_CONFIG_PATH: '$HOME/openssl/build/lib64/pkgconfig' + configure: >- + LDFLAGS="-Wl,-rpath,$HOME/openssl/build/lib64" + --enable-warnings --enable-werror --enable-debug --disable-ntlm + --with-test-nghttpx="$HOME/nghttp2/build/bin/nghttpx" + --with-openssl=$HOME/openssl/build --with-openssl-quic + --with-nghttp3=$HOME/nghttp3/build + --with-libuv + + - name: quiche + configure: >- + LDFLAGS="-Wl,-rpath,$HOME/quiche/target/release" + --with-openssl=$HOME/quiche/quiche/deps/boringssl/src + --enable-warnings --enable-werror --enable-debug + --with-quiche=$HOME/quiche/target/release + --with-test-nghttpx="$HOME/nghttp2/build/bin/nghttpx" + --with-ca-fallback + --with-libuv + + - name: quiche + PKG_CONFIG_PATH: '$HOME/quiche/target/release' + generate: >- + -DOPENSSL_ROOT_DIR=$HOME/quiche/quiche/deps/boringssl/src -DENABLE_DEBUG=ON + -DUSE_QUICHE=ON + -DTEST_NGHTTPX="$HOME/nghttp2/build/bin/nghttpx" + -DHTTPD_NGHTTPX="$HOME/nghttp2/build/bin/nghttpx" + -DCURL_CA_FALLBACK=ON + -DCURL_USE_LIBUV=ON + + steps: + - name: 'install prereqs' + run: | + sudo rm -f /etc/apt/sources.list.d/microsoft-prod.list + sudo apt-get -o Dpkg::Use-Pty=0 update + sudo apt-get -o Dpkg::Use-Pty=0 install \ + libtool autoconf automake ninja-build pkgconf stunnel4 \ + libpsl-dev libbrotli-dev libzstd-dev zlib1g-dev libev-dev libc-ares-dev \ + nettle-dev libp11-kit-dev libtspi-dev libunistring-dev guile-2.2-dev libtasn1-bin \ + libtasn1-6-dev libidn2-0-dev gawk gperf libtss2-dev dns-root-data bison gtk-doc-tools \ + texinfo texlive texlive-extra-utils autopoint libev-dev libuv1-dev \ + apache2 apache2-dev libnghttp2-dev vsftpd + python3 -m venv $HOME/venv + echo 'CC=gcc-12' >> $GITHUB_ENV + echo 'CXX=g++-12' >> $GITHUB_ENV + + - name: 'cache quictls' + uses: actions/cache@d4323d4df104b026a6aa633fdb11d772146be0bf # v4 + id: cache-quictls-no-deprecated + env: + cache-name: cache-quictls-no-deprecated + with: + path: ~/quictls/build + key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.quictls-version }}-quic1 + fail-on-cache-miss: true + + - name: 'cache gnutls' + if: matrix.build.name == 'gnutls' + uses: actions/cache@d4323d4df104b026a6aa633fdb11d772146be0bf # v4 + id: cache-gnutls + env: + cache-name: cache-gnutls + with: + path: ~/gnutls/build + key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.gnutls-version }} + fail-on-cache-miss: true + + - name: 'cache wolfssl' + if: matrix.build.name == 'wolfssl' + uses: actions/cache@d4323d4df104b026a6aa633fdb11d772146be0bf # v4 + id: cache-wolfssl + env: + cache-name: cache-wolfssl + with: + path: ~/wolfssl/build + key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.wolfssl-version }} + fail-on-cache-miss: true + + - name: 'cache nghttp3' + uses: actions/cache@d4323d4df104b026a6aa633fdb11d772146be0bf # v4 + id: cache-nghttp3 + env: + cache-name: cache-nghttp3 + with: + path: ~/nghttp3/build + key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.nghttp3-version }} + fail-on-cache-miss: true + + - name: 'cache ngtcp2' + uses: actions/cache@d4323d4df104b026a6aa633fdb11d772146be0bf # v4 + id: cache-ngtcp2 + env: + cache-name: cache-ngtcp2 + with: + path: ~/ngtcp2/build + key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.ngtcp2-version }}-${{ env.quictls-version }}-${{ env.gnutls-version }}-${{ env.wolfssl-version }} + fail-on-cache-miss: true + + - name: 'cache nghttp2' + uses: actions/cache@d4323d4df104b026a6aa633fdb11d772146be0bf # v4 + id: cache-nghttp2 + env: + cache-name: cache-nghttp2 + with: + path: ~/nghttp2/build + key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.nghttp2-version }}-${{ env.quictls-version }}-${{ env.ngtcp2-version }}-${{ env.nghttp3-version }} + fail-on-cache-miss: true + + - name: 'cache openssl' + if: matrix.build.name == 'openssl-quic' + uses: actions/cache@d4323d4df104b026a6aa633fdb11d772146be0bf # v4 + id: cache-openssl + env: + cache-name: cache-openssl + with: + path: ~/openssl/build + key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.openssl-version }} + + - name: 'install openssl' + if: matrix.build.name == 'openssl-quic' && steps.cache-openssl.outputs.cache-hit != 'true' + run: | + git clone --quiet --depth=1 -b openssl-${{ env.openssl-version }} https://github.com/openssl/openssl + cd openssl + ./config --prefix=$HOME/openssl/build no-makedepend no-apps no-docs no-tests + make + make -j1 install_sw + cat exporters/openssl.pc + + - name: 'cache quiche' + if: matrix.build.name == 'quiche' + uses: actions/cache@d4323d4df104b026a6aa633fdb11d772146be0bf # v4 + id: cache-quiche + env: + cache-name: cache-quiche + with: + path: ~/quiche + key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.quiche-version }} + + - name: 'build quiche and boringssl' + if: matrix.build.name == 'quiche' && steps.cache-quiche.outputs.cache-hit != 'true' + run: | + cd $HOME + git clone --quiet --depth=1 -b ${{ env.quiche-version }} --recursive https://github.com/cloudflare/quiche.git + cd quiche + #### Work-around https://github.com/curl/curl/issues/7927 ####### + #### See https://github.com/alexcrichton/cmake-rs/issues/131 #### + sed -i -e 's/cmake = "0.1"/cmake = "=0.1.45"/' quiche/Cargo.toml + + cargo build -v --package quiche --release --features ffi,pkg-config-meta,qlog --verbose + ln -s libquiche.so target/release/libquiche.so.0 + mkdir -v quiche/deps/boringssl/src/lib + ln -vnf $(find target/release -name libcrypto.a -o -name libssl.a) quiche/deps/boringssl/src/lib/ + + # include dir + # $HOME/quiche/quiche/deps/boringssl/src/include + # lib dir + # $HOME/quiche/quiche/deps/boringssl/src/lib + + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 + with: + persist-credentials: false + + - name: 'autoreconf' + if: ${{ matrix.build.configure }} + run: autoreconf -fi + + - name: 'configure' + run: | + if [ -n '${{ matrix.build.PKG_CONFIG_PATH }}' ]; then + export PKG_CONFIG_PATH="${{ matrix.build.PKG_CONFIG_PATH }}" + fi + if [ -n '${{ matrix.build.generate }}' ]; then + cmake -B bld -G Ninja \ + -DCMAKE_C_COMPILER_TARGET=$(uname -m)-pc-linux-gnu -DBUILD_STATIC_LIBS=ON \ + -DCMAKE_UNITY_BUILD=ON -DCURL_TEST_BUNDLES=ON -DCURL_WERROR=ON \ + ${{ matrix.build.generate }} + else + mkdir bld && cd bld && ../configure --enable-unity --enable-test-bundles --enable-warnings --enable-werror \ + --disable-dependency-tracking \ + ${{ matrix.build.configure }} + fi + + - name: 'configure log' + if: ${{ !cancelled() }} + run: cat bld/config.log bld/CMakeFiles/CMakeConfigureLog.yaml 2>/dev/null || true + + - name: 'curl_config.h' + run: | + echo '::group::raw'; cat bld/lib/curl_config.h || true; echo '::endgroup::' + grep -F '#define' bld/lib/curl_config.h | sort || true + + - name: 'test configs' + run: grep -H -v '^#' bld/tests/config bld/tests/http/config.ini || true + + - name: 'build' + run: | + if [ -n '${{ matrix.build.generate }}' ]; then + cmake --build bld --verbose + else + make -C bld V=1 + fi + + - name: 'check curl -V output' + run: bld/src/curl -V + + - name: 'build tests' + run: | + if [ -n '${{ matrix.build.generate }}' ]; then + cmake --build bld --verbose --target testdeps + else + make -C bld V=1 -C tests + fi + + - name: 'install test prereqs' + run: | + source $HOME/venv/bin/activate + python3 -m pip install -r tests/requirements.txt + + - name: 'run tests' + env: + TFLAGS: '${{ matrix.build.tflags }}' + run: | + source $HOME/venv/bin/activate + if [ -n '${{ matrix.build.generate }}' ]; then + cmake --build bld --verbose --target test-ci + else + make -C bld V=1 test-ci + fi + + - name: 'install pytest prereqs' + run: | + source $HOME/venv/bin/activate + python3 -m pip install -r tests/http/requirements.txt + + - name: 'run pytest event based' + env: + CURL_TEST_EVENT: 1 + CURL_CI: github + PYTEST_ADDOPTS: '--color=yes' + run: | + source $HOME/venv/bin/activate + if [ -n '${{ matrix.build.generate }}' ]; then + cmake --build bld --verbose --target curl-pytest-ci + else + make -C bld V=1 pytest-ci + fi + + - name: 'build examples' + run: | + if [ -n '${{ matrix.build.generate }}' ]; then + cmake --build bld --verbose --target curl-examples + else + make -C bld V=1 examples + fi diff --git a/deps/curl/.github/workflows/label.yml b/deps/curl/.github/workflows/label.yml new file mode 100644 index 00000000..d6eef843 --- /dev/null +++ b/deps/curl/.github/workflows/label.yml @@ -0,0 +1,26 @@ +# Copyright (C) Daniel Fandrich, , et al. +# +# SPDX-License-Identifier: curl + +# This workflow will triage pull requests and apply a label based on the +# paths that are modified in the pull request. +# +# To use this workflow, you will need to set up a .github/labeler.yml +# file with configuration. For more information, see: +# https://github.com/actions/labeler + +name: Labeler +'on': [pull_request_target] + +jobs: + label: + + runs-on: ubuntu-latest + permissions: + contents: read + pull-requests: write + + steps: + - uses: actions/labeler@8558fd74291d67161a8a78ce36a881fa63b766a9 # v5 + with: + repo-token: '${{ secrets.GITHUB_TOKEN }}' diff --git a/deps/curl/.github/workflows/linux-old.yml b/deps/curl/.github/workflows/linux-old.yml new file mode 100644 index 00000000..8ad3bc00 --- /dev/null +++ b/deps/curl/.github/workflows/linux-old.yml @@ -0,0 +1,148 @@ +# Copyright (C) Daniel Fandrich, , et al. +# +# SPDX-License-Identifier: curl +# +# Compile on an old version of Linux that has barely the minimal build +# requirements for CMake. This tests that curl is still usable on really +# outdated systems. +# +# Debian stretch is chosen as it closely matches some of the oldest major +# versions we support (especially cmake); see docs/INTERNALS.md and it +# is still supported (as of this writing). +# stretch has ELTS support from Freexian until 2027-06-30 +# For ELTS info see https://www.freexian.com/lts/extended/docs/how-to-use-extended-lts/ +# The Debian key will expire 2025-05-20, after which package signature +# verification may need to be disabled. +# httrack is one of the smallest downloaders, needed to bootstrap ELTS, +# and won't conflict with the curl we're building. + +name: Old Linux + +'on': + push: + branches: + - master + - '*/ci' + paths-ignore: + - '**/*.md' + - '.circleci/**' + - 'appveyor.*' + - 'packages/**' + - 'plan9/**' + - 'projects/**' + - 'winbuild/**' + pull_request: + branches: + - master + paths-ignore: + - '**/*.md' + - '.circleci/**' + - 'appveyor.*' + - 'packages/**' + - 'plan9/**' + - 'projects/**' + - 'winbuild/**' + +permissions: {} + +env: + MAKEFLAGS: -j 5 + DEBIAN_FRONTEND: noninteractive + +jobs: + cmake: + name: linux (cmake & autoconf) + runs-on: 'ubuntu-latest' + container: 'debian:stretch' + + steps: + - name: 'install prereqs' + # Remember, this shell is dash, not bash + run: | + sed -E -i -e s@[a-z]+\.debian\.org/@archive.debian.org/debian-archive/@ -e '/ stretch-updates /d' /etc/apt/sources.list + apt-get -o Dpkg::Use-Pty=0 update + # See comment above if this fails after 2025-05-20 + apt-get -o Dpkg::Use-Pty=0 install -y --no-install-suggests --no-install-recommends httrack + httrack --get https://deb.freexian.com/extended-lts/pool/main/f/freexian-archive-keyring/freexian-archive-keyring_2022.06.08_all.deb + dpkg -i freexian-archive-keyring_2022.06.08_all.deb + echo 'deb http://deb.freexian.com/extended-lts stretch-lts main contrib non-free' | tee /etc/apt/sources.list.d/extended-lts.list + apt-get -o Dpkg::Use-Pty=0 update + apt-get -o Dpkg::Use-Pty=0 install -y --no-install-suggests --no-install-recommends cmake make automake autoconf libtool gcc pkg-config libpsl-dev libzstd-dev zlib1g-dev libssl1.0-dev libssh-dev libssh2-1-dev libc-ares-dev heimdal-dev libldap2-dev librtmp-dev stunnel4 groff + # GitHub's actions/checkout needs a newer glibc. This one is the + # latest available for buster, the next stable release after stretch. + httrack --get https://security.debian.org/debian-security/pool/updates/main/g/glibc/libc6_2.28-10+deb10u4_amd64.deb + dpkg -i libc6_*_amd64.deb + + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 + with: + persist-credentials: false + + - name: 'cmake build-only (out-of-tree, libssh2)' + run: | + mkdir bld-1 + cd bld-1 + cmake .. -DCMAKE_UNITY_BUILD=ON -DCURL_TEST_BUNDLES=ON -DCURL_WERROR=ON -DBUILD_SHARED_LIBS=ON \ + -DENABLE_ARES=OFF -DCURL_ZSTD=OFF -DCURL_USE_GSSAPI=OFF -DCURL_USE_LIBSSH2=ON -DCURL_USE_LIBSSH=OFF -DUSE_LIBRTMP=ON + make install + src/curl --disable --version + + - name: 'cmake build-only curl_config.h' + run: | + echo '::group::raw'; cat bld-1/lib/curl_config.h || true; echo '::endgroup::' + grep -F '#define' bld-1/lib/curl_config.h | sort || true + + # when this job can get a libssh version 0.9.0 or later, this should get + # that enabled again + - name: 'cmake generate (out-of-tree, c-ares, zstd, gssapi)' + run: | + mkdir bld-cares + cd bld-cares + cmake .. -DCMAKE_UNITY_BUILD=ON -DCURL_TEST_BUNDLES=ON -DCURL_WERROR=ON -DBUILD_SHARED_LIBS=ON \ + -DENABLE_ARES=ON -DCURL_USE_GSSAPI=ON -DCURL_USE_LIBSSH2=OFF -DCURL_USE_LIBSSH=OFF -DUSE_LIBRTMP=ON \ + -DCURL_LIBCURL_VERSIONED_SYMBOLS=ON + + - name: 'cmake curl_config.h' + run: | + echo '::group::raw'; cat bld-cares/lib/curl_config.h || true; echo '::endgroup::' + grep -F '#define' bld-cares/lib/curl_config.h | sort || true + + - name: 'cmake build' + run: | + make -C bld-cares + bld-cares/src/curl --disable --version + + - name: 'cmake install' + run: make -C bld-cares install + + - name: 'cmake build tests' + run: make -C bld-cares testdeps + + - name: 'cmake run tests' + run: make -C bld-cares test-ci + + - name: 'autoreconf' + run: autoreconf -if + + - name: 'configure (out-of-tree, c-ares, libssh2, zstd, gssapi)' + run: | + mkdir bld-am + cd bld-am + ../configure --disable-dependency-tracking --enable-unity --enable-test-bundles --enable-warnings --enable-werror \ + --with-openssl --enable-ares --with-libssh2 --with-zstd --with-gssapi --with-librtmp \ + --prefix="$PWD"/../install-am + + - name: 'autoconf curl_config.h' + run: | + echo '::group::raw'; cat bld-am/lib/curl_config.h || true; echo '::endgroup::' + grep -F '#define' bld-am/lib/curl_config.h | sort || true + + - name: 'autoconf build' + run: | + make -C bld-am + bld-am/src/curl --disable --version + + - name: 'autoconf install' + run: make -C bld-am install + + - name: 'autoconf build tests' + run: make -C bld-am/tests all diff --git a/deps/curl/.github/workflows/linux.yml b/deps/curl/.github/workflows/linux.yml new file mode 100644 index 00000000..b664fb4d --- /dev/null +++ b/deps/curl/.github/workflows/linux.yml @@ -0,0 +1,709 @@ +# Copyright (C) Daniel Stenberg, , et al. +# +# SPDX-License-Identifier: curl + +name: Linux + +'on': + push: + branches: + - master + - '*/ci' + paths-ignore: + - '**/*.md' + - '.circleci/**' + - 'appveyor.*' + - 'packages/**' + - 'plan9/**' + - 'projects/**' + - 'winbuild/**' + pull_request: + branches: + - master + paths-ignore: + - '**/*.md' + - '.circleci/**' + - 'appveyor.*' + - 'packages/**' + - 'plan9/**' + - 'projects/**' + - 'winbuild/**' + +concurrency: + group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.sha }} + cancel-in-progress: true + +permissions: {} + +env: + MAKEFLAGS: -j 5 + CURL_CLANG_TIDYFLAGS: '-checks=-clang-analyzer-security.insecureAPI.strcpy,-clang-analyzer-optin.performance.Padding,-clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling,-clang-analyzer-valist.Uninitialized' + # unhandled + bearssl-version: 0.6 + # renovate: datasource=github-tags depName=libressl-portable/portable versioning=semver registryUrl=https://github.com + libressl-version: 4.0.0 + # renovate: datasource=github-tags depName=wolfSSL/wolfssl versioning=semver extractVersion=^v?(?.+)-stable$ registryUrl=https://github.com + wolfssl-version: 5.7.6 + # renovate: datasource=github-tags depName=wolfSSL/wolfssh versioning=semver extractVersion=^v?(?.+)-stable$ registryUrl=https://github.com + wolfssh-version: 1.4.19 + # renovate: datasource=github-tags depName=Mbed-TLS/mbedtls versioning=semver registryUrl=https://github.com + mbedtls-version: 3.6.2 + # renovate: datasource=github-tags depName=nibanks/msh3 versioning=semver registryUrl=https://github.com + msh3-version: 0.6.0 + # renovate: datasource=github-tags depName=awslabs/aws-lc versioning=semver registryUrl=https://github.com + awslc-version: 1.47.0 + # handled in renovate.json + openssl-version: 3.4.1 + # handled in renovate.json + quictls-version: 3.3.0 + # renovate: datasource=github-tags depName=rustls/rustls-ffi versioning=semver registryUrl=https://github.com + rustls-version: 0.14.1 + +jobs: + linux: + name: ${{ matrix.build.generate && 'CM' || 'AM' }} ${{ matrix.build.name }} + runs-on: ${{ matrix.build.image || 'ubuntu-latest' }} + container: ${{ matrix.build.container }} + timeout-minutes: 45 + strategy: + fail-fast: false + matrix: + build: + - name: bearssl + install_packages: zlib1g-dev + install_steps: bearssl pytest + configure: LDFLAGS="-Wl,-rpath,$HOME/bearssl/lib" --with-bearssl=$HOME/bearssl --enable-debug + + - name: bearssl clang + install_packages: zlib1g-dev clang + install_steps: bearssl + configure: CC=clang LDFLAGS="-Wl,-rpath,$HOME/bearssl/lib" --with-bearssl=$HOME/bearssl --enable-debug + + - name: libressl heimdal + install_packages: zlib1g-dev heimdal-dev + install_steps: libressl pytest + configure: LDFLAGS="-Wl,-rpath,$HOME/libressl/lib" --with-openssl=$HOME/libressl --with-gssapi --enable-debug + + - name: libressl heimdal valgrind + install_packages: zlib1g-dev heimdal-dev valgrind + install_steps: libressl pytest + generate: -DOPENSSL_ROOT_DIR=$HOME/libressl -DCURL_USE_GSSAPI=ON -DENABLE_DEBUG=ON -DCURL_LIBCURL_VERSIONED_SYMBOLS=ON + + - name: libressl clang + install_packages: zlib1g-dev clang + install_steps: libressl + configure: CC=clang LDFLAGS="-Wl,-rpath,$HOME/libressl/lib" --with-openssl=$HOME/libressl --enable-debug + + - name: wolfssl-all + install_packages: zlib1g-dev + install_steps: wolfssl-all wolfssh + configure: LDFLAGS="-Wl,-rpath,$HOME/wolfssl-all/lib" --with-wolfssl=$HOME/wolfssl-all --with-wolfssh=$HOME/wolfssh --enable-ech --enable-debug + + - name: wolfssl-opensslextra valgrind + install_packages: zlib1g-dev valgrind + install_steps: wolfssl-opensslextra + configure: LDFLAGS="-Wl,-rpath,$HOME/wolfssl-opensslextra/lib" --with-wolfssl=$HOME/wolfssl-opensslextra --enable-debug + + - name: mbedtls valgrind + install_packages: libnghttp2-dev valgrind + install_steps: mbedtls pytest + configure: LDFLAGS="-Wl,-rpath,$HOME/mbedtls/lib" --with-mbedtls=$HOME/mbedtls --enable-debug + + - name: mbedtls clang + install_packages: libnghttp2-dev clang + install_steps: mbedtls + configure: CC=clang LDFLAGS="-Wl,-rpath,$HOME/mbedtls/lib" --with-mbedtls=$HOME/mbedtls --enable-debug + + - name: mbedtls + install_packages: libnghttp2-dev + install_steps: mbedtls + PKG_CONFIG_PATH: '$HOME/mbedtls/lib/pkgconfig' # Requires v3.6.0 or v2.28.8 + generate: -DCURL_USE_MBEDTLS=ON -DENABLE_DEBUG=ON + + - name: mbedtls-pkg + install_packages: libnghttp2-dev libmbedtls-dev + generate: -DCURL_USE_MBEDTLS=ON -DENABLE_DEBUG=ON -DBUILD_LIBCURL_DOCS=OFF -DBUILD_MISC_DOCS=OFF -DENABLE_CURL_MANUAL=OFF + + - name: mbedtls-pkg !pc + install_packages: libnghttp2-dev libmbedtls-dev + install_steps: skipall + generate: -DCURL_USE_MBEDTLS=ON -DENABLE_DEBUG=ON -DCURL_USE_PKGCONFIG=OFF + + - name: msh3 + install_packages: zlib1g-dev + install_steps: quictls msh3 + configure: LDFLAGS="-Wl,-rpath,$HOME/msh3/lib -Wl,-rpath,$HOME/quictls/lib" --with-msh3=$HOME/msh3 --with-openssl=$HOME/quictls --enable-debug + + - name: msh3 + install_packages: zlib1g-dev + install_steps: quictls msh3 skipall + PKG_CONFIG_PATH: '$HOME/msh3/lib/pkgconfig' # Broken as of v0.6.0 + generate: -DOPENSSL_ROOT_DIR=$HOME/quictls -DUSE_MSH3=ON -DMSH3_INCLUDE_DIR=$HOME/msh3/include -DMSH3_LIBRARY=$HOME/msh3/lib/libmsh3.so -DENABLE_DEBUG=ON + + - name: awslc + install_packages: zlib1g-dev + install_steps: awslc + configure: LDFLAGS="-Wl,-rpath,$HOME/awslc/lib" --with-openssl=$HOME/awslc --enable-ech + + - name: awslc + install_packages: zlib1g-dev + install_steps: awslc + generate: -DOPENSSL_ROOT_DIR=$HOME/awslc -DUSE_ECH=ON -DCMAKE_UNITY_BUILD=OFF + + - name: openssl default + install_steps: pytest + configure: --with-openssl --enable-debug --disable-unity + + - name: openssl libssh2 sync-resolver valgrind + install_packages: zlib1g-dev libssh2-1-dev valgrind + install_steps: pytest + configure: --with-openssl --enable-debug --disable-threaded-resolver --with-libssh2 + + - name: openssl + install_packages: zlib1g-dev + install_steps: pytest + configure: CFLAGS=-std=gnu89 --with-openssl --enable-debug + + - name: openssl -O3 valgrind + install_packages: zlib1g-dev valgrind + configure: CFLAGS=-O3 --with-openssl --enable-debug + + - name: openssl clang krb5 + install_packages: zlib1g-dev libkrb5-dev clang + configure: CC=clang --with-openssl --with-gssapi --enable-debug --disable-docs --disable-manual + + - name: openssl clang krb5 LTO + install_packages: zlib1g-dev libkrb5-dev clang + install_steps: skipall + generate: -DCURL_USE_OPENSSL=ON -DCURL_USE_GSSAPI=ON -DENABLE_DEBUG=ON -DCURL_LTO=ON + + - name: openssl !ipv6 !--libcurl + configure: --with-openssl --disable-ipv6 --enable-debug --disable-unity --disable-libcurl-option + + - name: openssl https-only + configure: >- + --with-openssl --enable-debug --disable-unity + --disable-dict --disable-gopher --disable-ldap --disable-telnet + --disable-imap --disable-pop3 --disable-smtp + --without-librtmp --disable-rtsp + --without-libssh2 --without-libssh --without-wolfssh + --disable-tftp --disable-ftp --disable-file --disable-smb + + - name: openssl torture !FTP + install_packages: zlib1g-dev libnghttp2-dev libssh2-1-dev libc-ares-dev + generate: -DCURL_USE_OPENSSL=ON -DENABLE_DEBUG=ON -DENABLE_ARES=ON + tflags: -t --shallow=25 !FTP + torture: true + + - name: openssl torture FTP + install_packages: zlib1g-dev libnghttp2-dev libssh2-1-dev libc-ares-dev + generate: -DCURL_USE_OPENSSL=ON -DENABLE_DEBUG=ON -DENABLE_ARES=ON + tflags: -t --shallow=20 FTP + torture: true + + - name: openssl i686 + install_packages: gcc-14-i686-linux-gnu libssl-dev:i386 librtmp-dev:i386 libssh2-1-dev:i386 libidn2-0-dev:i386 libc-ares-dev:i386 zlib1g-dev:i386 + configure: >- + PKG_CONFIG_PATH=/usr/lib/i386-linux-gnu/pkgconfig + CC=i686-linux-gnu-gcc-14 + CPPFLAGS=-I/usr/include/i386-linux-gnu + LDFLAGS=-L/usr/lib/i386-linux-gnu + --host=i686-linux-gnu + --with-openssl --with-librtmp --with-libssh2 --with-libidn2 --enable-ares --enable-debug + + - name: '!ssl !http !smtp !imap' + configure: --without-ssl --enable-debug --disable-http --disable-smtp --disable-imap --disable-unity + + - name: clang-tidy + install_packages: clang-tidy libssl-dev libssh2-1-dev + install_steps: skipall + configure: --with-openssl --with-libssh2 + make-custom-target: tidy + + - name: scanbuild + install_packages: clang-tools clang libssl-dev libssh2-1-dev + install_steps: skipall + configure: --with-openssl --enable-debug --with-libssh2 --disable-unity + configure-prefix: CC=clang scan-build + make-prefix: scan-build --status-bugs + + - name: address-sanitizer + install_packages: zlib1g-dev libssh2-1-dev clang libssl-dev libubsan1 libasan8 libtsan2 + install_steps: pytest + configure: >- + CC=clang + CFLAGS="-fsanitize=address,undefined,signed-integer-overflow -fno-sanitize-recover=undefined,integer -Wformat -Werror=format-security -Werror=array-bounds -g" + LDFLAGS="-fsanitize=address,undefined -fno-sanitize-recover=undefined,integer" + LIBS="-ldl -lubsan" + --with-openssl --enable-debug + + - name: thread-sanitizer + install_packages: zlib1g-dev clang libtsan2 + install_steps: pytest openssl-tsan + configure: >- + CC=clang + CFLAGS="-fsanitize=thread -g" + LDFLAGS="-fsanitize=thread -Wl,-rpath,$HOME/openssl/lib" + --with-openssl=$HOME/openssl --enable-debug + + - name: memory-sanitizer + install_packages: clang + configure: >- + CC=clang + CFLAGS="-fsanitize=memory -Wformat -Werror=format-security -Werror=array-bounds -g" + LDFLAGS="-fsanitize=memory" + LIBS="-ldl" + --without-ssl --without-zlib --without-brotli --without-zstd --without-libpsl --without-nghttp2 --enable-debug + + - name: event-based + install_packages: libssh-dev + configure: --enable-debug --disable-shared --disable-threaded-resolver --with-libssh --with-openssl + tflags: -n --test-event '!TLS-SRP' + + - name: duphandle + install_packages: libssh-dev + configure: --enable-debug --disable-shared --disable-threaded-resolver --with-libssh --with-openssl + tflags: -n --test-duphandle '!TLS-SRP' + + - name: rustls valgrind + install_packages: valgrind + install_steps: rust rustls pytest + configure: --with-rustls=$HOME/rustls --enable-debug + + - name: rustls + install_steps: rust rustls skipall + PKG_CONFIG_PATH: '$HOME/rustls/lib/pkgconfig' # Not built as of v0.14.0 + generate: -DCURL_USE_RUSTLS=ON -DRUSTLS_INCLUDE_DIR=$HOME/rustls/include -DRUSTLS_LIBRARY=$HOME/rustls/lib/librustls.a -DENABLE_DEBUG=ON + + - name: IntelC openssl + install_packages: zlib1g-dev libssl-dev + install_steps: intel + configure: CC=icc --enable-debug --with-openssl + + - name: Slackware openssl gssapi gcc + # These are essentially the same flags used to build the curl Slackware package + # https://ftpmirror.infania.net/slackware/slackware64-current/source/n/curl/curl.SlackBuild + configure: --with-openssl --with-libssh2 --with-gssapi --enable-ares --enable-static=no --without-ca-bundle --with-ca-path=/etc/ssl/certs + # Docker Hub image that `container-job` executes in + container: 'andy5995/slackware-build-essential:15.0' + + - name: Alpine MUSL https-rr + configure: --enable-debug --with-ssl --with-libssh2 --with-libidn2 --with-gssapi --enable-ldap --with-libpsl --enable-threaded-resolver --enable-ares --enable-httpsrr + container: 'alpine:3.20' + + - name: Alpine MUSL c-ares https-rr + configure: --enable-debug --with-ssl --with-libssh2 --with-libidn2 --with-gssapi --enable-ldap --with-libpsl --disable-threaded-resolver --enable-ares --enable-httpsrr --disable-unity + container: 'alpine:3.20' + + steps: + - name: 'install prereqs' + if: matrix.build.container == null && !contains(matrix.build.name, 'i686') + run: | + sudo rm -f /etc/apt/sources.list.d/microsoft-prod.list + sudo apt-get -o Dpkg::Use-Pty=0 update + sudo apt-get -o Dpkg::Use-Pty=0 install \ + libtool autoconf automake pkgconf ninja-build \ + ${{ matrix.build.install_steps != 'skipall' && matrix.build.install_steps != 'skiprun' && 'stunnel4' || '' }} \ + libpsl-dev libbrotli-dev libzstd-dev \ + ${{ matrix.build.install_packages }} \ + ${{ contains(matrix.build.install_steps, 'pytest') && 'apache2 apache2-dev libnghttp2-dev vsftpd' || '' }} + python3 -m venv $HOME/venv + + - name: 'install prereqs' + if: contains(matrix.build.name, 'i686') + run: | + sudo rm -f /etc/apt/sources.list.d/microsoft-prod.list + sudo dpkg --add-architecture i386 + sudo apt-get -o Dpkg::Use-Pty=0 update + sudo apt-get -o Dpkg::Use-Pty=0 install \ + libtool autoconf automake pkgconf stunnel4 \ + libpsl-dev:i386 libbrotli-dev:i386 libzstd-dev:i386 \ + ${{ matrix.build.install_packages }} + python3 -m venv $HOME/venv + + - name: 'install dependencies' + if: startsWith(matrix.build.container, 'alpine') + run: | + apk add --no-cache build-base autoconf automake libtool perl openssl-dev \ + libssh2-dev zlib-dev brotli-dev zstd-dev libidn2-dev openldap-dev \ + heimdal-dev libpsl-dev c-ares-dev \ + py3-impacket py3-asn1 py3-six py3-pycryptodomex \ + perl-time-hires openssh stunnel sudo git + + - name: 'cache bearssl' + if: contains(matrix.build.install_steps, 'bearssl') + uses: actions/cache@d4323d4df104b026a6aa633fdb11d772146be0bf # v4 + id: cache-bearssl + env: + cache-name: cache-bearssl + with: + path: ~/bearssl + key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ env.bearssl-version }} + + - name: 'build bearssl' + if: contains(matrix.build.install_steps, 'bearssl') && steps.cache-bearssl.outputs.cache-hit != 'true' + run: | + curl -LOsSf --retry 6 --retry-connrefused --max-time 999 \ + https://bearssl.org/bearssl-${{ env.bearssl-version }}.tar.gz + tar -xzf bearssl-${{ env.bearssl-version }}.tar.gz + cd bearssl-${{ env.bearssl-version }} + make + mkdir -p $HOME/bearssl/lib $HOME/bearssl/include + cp inc/*.h $HOME/bearssl/include + cp build/libbearssl.* $HOME/bearssl/lib + + - name: 'cache libressl' + if: contains(matrix.build.install_steps, 'libressl') + uses: actions/cache@d4323d4df104b026a6aa633fdb11d772146be0bf # v4 + id: cache-libressl + env: + cache-name: cache-libressl + with: + path: ~/libressl + key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ env.libressl-version }} + + - name: 'build libressl' + if: contains(matrix.build.install_steps, 'libressl') && steps.cache-libressl.outputs.cache-hit != 'true' + run: | + curl -LOsSf --retry 6 --retry-connrefused --max-time 999 \ + https://github.com/libressl/portable/releases/download/v${{ env.libressl-version }}/libressl-${{ env.libressl-version }}.tar.gz + tar -xzf libressl-${{ env.libressl-version }}.tar.gz + cd libressl-${{ env.libressl-version }} + ./configure --disable-dependency-tracking --prefix=$HOME/libressl + make install + + - name: 'cache wolfssl (all)' + if: contains(matrix.build.install_steps, 'wolfssl-all') + uses: actions/cache@d4323d4df104b026a6aa633fdb11d772146be0bf # v4 + id: cache-wolfssl-all + env: + cache-name: cache-wolfssl-all + with: + path: ~/wolfssl-all + key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ env.wolfssl-version }} + + - name: 'build wolfssl (all)' + if: contains(matrix.build.install_steps, 'wolfssl-all') && steps.cache-wolfssl-all.outputs.cache-hit != 'true' + run: | + curl -LOsSf --retry 6 --retry-connrefused --max-time 999 \ + https://github.com/wolfSSL/wolfssl/archive/v${{ env.wolfssl-version }}-stable.tar.gz + tar -xzf v${{ env.wolfssl-version }}-stable.tar.gz + cd wolfssl-${{ env.wolfssl-version }}-stable + ./autogen.sh + ./configure --disable-dependency-tracking --enable-tls13 --enable-harden --enable-all \ + --disable-benchmark --disable-crypttests --disable-examples --prefix=$HOME/wolfssl-all + make install + + - name: 'cache wolfssl (opensslextra)' + if: contains(matrix.build.install_steps, 'wolfssl-opensslextra') + uses: actions/cache@d4323d4df104b026a6aa633fdb11d772146be0bf # v4 + id: cache-wolfssl-opensslextra + env: + cache-name: cache-wolfssl-opensslextra + with: + path: ~/wolfssl-opensslextra + key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ env.wolfssl-version }} + + - name: 'build wolfssl (opensslextra)' + if: contains(matrix.build.install_steps, 'wolfssl-opensslextra') && steps.cache-wolfssl-opensslextra.outputs.cache-hit != 'true' + run: | + curl -LOsSf --retry 6 --retry-connrefused --max-time 999 \ + https://github.com/wolfSSL/wolfssl/archive/v${{ env.wolfssl-version }}-stable.tar.gz + tar -xzf v${{ env.wolfssl-version }}-stable.tar.gz + cd wolfssl-${{ env.wolfssl-version }}-stable + ./autogen.sh + ./configure --disable-dependency-tracking --enable-tls13 --enable-harden --enable-opensslextra \ + --disable-benchmark --disable-crypttests --disable-examples --prefix=$HOME/wolfssl-opensslextra + make install + + - name: 'cache wolfssh' + if: contains(matrix.build.install_steps, 'wolfssl') + uses: actions/cache@d4323d4df104b026a6aa633fdb11d772146be0bf # v4 + id: cache-wolfssh + env: + cache-name: cache-wolfssh + with: + path: ~/wolfssh + key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ env.wolfssh-version }}-${{ env.wolfssl-version }} + + - name: 'build wolfssh' + if: contains(matrix.build.install_steps, 'wolfssh') && steps.cache-wolfssh.outputs.cache-hit != 'true' + run: | + curl -LOsSf --retry 6 --retry-connrefused --max-time 999 \ + https://github.com/wolfSSL/wolfssh/archive/v${{ env.wolfssh-version }}-stable.tar.gz + tar -xzf v${{ env.wolfssh-version }}-stable.tar.gz + cd wolfssh-${{ env.wolfssh-version }}-stable + ./autogen.sh + ./configure --disable-dependency-tracking --with-wolfssl=$HOME/wolfssl-all --enable-scp --enable-sftp --disable-term \ + --disable-examples --prefix=$HOME/wolfssh + make install + + - name: 'cache mbedtls' + if: contains(matrix.build.install_steps, 'mbedtls') + uses: actions/cache@d4323d4df104b026a6aa633fdb11d772146be0bf # v4 + id: cache-mbedtls + env: + cache-name: cache-mbedtls-threadsafe + with: + path: ~/mbedtls + key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ env.mbedtls-version }} + + - name: 'build mbedtls' + if: contains(matrix.build.install_steps, 'mbedtls') && steps.cache-mbedtls.outputs.cache-hit != 'true' + run: | + curl -LOsSf --retry 6 --retry-connrefused --max-time 999 \ + https://github.com/Mbed-TLS/mbedtls/releases/download/mbedtls-${{ env.mbedtls-version }}/mbedtls-${{ env.mbedtls-version }}.tar.bz2 + tar -xjf mbedtls-${{ env.mbedtls-version }}.tar.bz2 + cd mbedtls-${{ env.mbedtls-version }} + ./scripts/config.py set MBEDTLS_THREADING_C + ./scripts/config.py set MBEDTLS_THREADING_PTHREAD + cmake -B . -G Ninja -DCMAKE_BUILD_TYPE=RelWithDebInfo -DCMAKE_POSITION_INDEPENDENT_CODE=ON -DCMAKE_INSTALL_PREFIX=$HOME/mbedtls \ + -DENABLE_PROGRAMS=OFF -DENABLE_TESTING=OFF + cmake --build . + cmake --install . + + - name: 'cache openssl (thread sanitizer)' + if: contains(matrix.build.install_steps, 'openssl-tsan') + uses: actions/cache@d4323d4df104b026a6aa633fdb11d772146be0bf # v4 + id: cache-openssl-tsan + env: + cache-name: cache-openssl-tsan + with: + path: ~/openssl + key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ env.openssl-version }} + + - name: 'build openssl (thread sanitizer)' + if: contains(matrix.build.install_steps, 'openssl-tsan') && steps.cache-openssl-tsan.outputs.cache-hit != 'true' + run: | + git clone --quiet --depth=1 -b openssl-${{ env.openssl-version }} https://github.com/openssl/openssl + cd openssl + CC="clang" CFLAGS="-fsanitize=thread" LDFLAGS="-fsanitize=thread" ./config --prefix=$HOME/openssl --libdir=lib no-makedepend no-apps no-docs no-tests + make + make -j1 install_sw + + - name: 'cache quictls' + if: contains(matrix.build.install_steps, 'quictls') + uses: actions/cache@d4323d4df104b026a6aa633fdb11d772146be0bf # v4 + id: cache-quictls + env: + cache-name: cache-quictls + with: + path: ~/quictls + key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ env.quictls-version }}-quic1 + + - name: 'build quictls' + if: contains(matrix.build.install_steps, 'quictls') && steps.cache-quictls.outputs.cache-hit != 'true' + run: | + git clone --quiet --depth=1 -b openssl-${{ env.quictls-version }}-quic1 https://github.com/quictls/openssl + cd openssl + ./config --prefix=$HOME/quictls --libdir=lib no-makedepend no-apps no-docs no-tests + make + make -j1 install_sw + + - name: 'cache msh3' + if: contains(matrix.build.install_steps, 'msh3') + uses: actions/cache@d4323d4df104b026a6aa633fdb11d772146be0bf # v4 + id: cache-msh3 + env: + cache-name: cache-msh3 + with: + path: ~/msh3 + key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ env.msh3-version }} + + - name: 'build msh3' + if: contains(matrix.build.install_steps, 'msh3') && steps.cache-msh3.outputs.cache-hit != 'true' + run: | + git clone --quiet --depth=1 -b v${{ env.msh3-version }} --recursive https://github.com/nibanks/msh3 + cd msh3 + cmake -B . -DCMAKE_BUILD_TYPE=RelWithDebInfo -DCMAKE_INSTALL_PREFIX=$HOME/msh3 + cmake --build . + cmake --install . + + - name: 'cache awslc' + if: contains(matrix.build.install_steps, 'awslc') + uses: actions/cache@d4323d4df104b026a6aa633fdb11d772146be0bf # v4 + id: cache-awslc + env: + cache-name: cache-awslc + with: + path: ~/awslc + key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ env.awslc-version }} + + - name: 'build awslc' + if: contains(matrix.build.install_steps, 'awslc') && steps.cache-awslc.outputs.cache-hit != 'true' + run: | + curl -LOsSf --retry 6 --retry-connrefused --max-time 999 \ + https://github.com/awslabs/aws-lc/archive/refs/tags/v${{ env.awslc-version }}.tar.gz + tar xzf v${{ env.awslc-version }}.tar.gz + mkdir aws-lc-${{ env.awslc-version }}-build + cd aws-lc-${{ env.awslc-version }}-build + cmake -G Ninja -DCMAKE_INSTALL_PREFIX=$HOME/awslc ../aws-lc-${{ env.awslc-version }} -DBUILD_TOOL=OFF -DBUILD_TESTING=OFF + cmake --build . + cmake --install . + + - name: 'cache rustls' + if: contains(matrix.build.install_steps, 'rustls') + uses: actions/cache@d4323d4df104b026a6aa633fdb11d772146be0bf # v4 + id: cache-rustls + env: + cache-name: cache-rustls + with: + path: ~/rustls + key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ env.rustls-version }} + + - name: 'install rust' + if: contains(matrix.build.install_steps, 'rust') && steps.cache-rustls.outputs.cache-hit != 'true' + run: | + cd $HOME + curl -sSf --compressed https://sh.rustup.rs/ | sh -s -- -y + source $HOME/.cargo/env + rustup toolchain install stable --profile minimal + + - name: 'build rustls' + if: contains(matrix.build.install_steps, 'rustls') && steps.cache-rustls.outputs.cache-hit != 'true' + run: | + git clone --quiet --depth=1 -b v${{ env.rustls-version }} --recursive https://github.com/rustls/rustls-ffi.git + cd rustls-ffi + make DESTDIR=$HOME/rustls install + + - name: 'install Intel compilers' + if: contains(matrix.build.install_steps, 'intel') + run: | + curl -sSf --compressed https://apt.repos.intel.com/intel-gpg-keys/GPG-PUB-KEY-INTEL-SW-PRODUCTS.PUB | sudo tee /etc/apt/trusted.gpg.d/intel-sw.asc >/dev/null + sudo add-apt-repository "deb https://apt.repos.intel.com/oneapi all main" + sudo apt-get -o Dpkg::Use-Pty=0 install intel-oneapi-compiler-dpcpp-cpp-and-cpp-classic + source /opt/intel/oneapi/setvars.sh + printenv >> $GITHUB_ENV + + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 + with: + persist-credentials: false + + - name: 'autoreconf' + if: ${{ matrix.build.configure }} + run: autoreconf -fi + + - name: 'configure' + run: | + [[ '${{ matrix.build.install_steps }}' = *'awslc'* ]] && sudo apt-get -o Dpkg::Use-Pty=0 purge libssl-dev + if [ -n '${{ matrix.build.PKG_CONFIG_PATH }}' ]; then + export PKG_CONFIG_PATH="${{ matrix.build.PKG_CONFIG_PATH }}" + fi + if [ -n '${{ matrix.build.generate }}' ]; then + cmake -B bld -G Ninja \ + -DCMAKE_INSTALL_PREFIX="$HOME/curl" \ + -DCMAKE_C_COMPILER_TARGET=$(uname -m)-pc-linux-gnu -DBUILD_STATIC_LIBS=ON \ + -DCMAKE_UNITY_BUILD=ON -DCURL_TEST_BUNDLES=ON -DCURL_WERROR=ON \ + ${{ matrix.build.generate }} + else + mkdir bld && cd bld && \ + ${{ matrix.build.configure-prefix }} \ + ../configure --enable-unity --enable-test-bundles --enable-warnings --enable-werror \ + --disable-dependency-tracking \ + ${{ matrix.build.configure }} + fi + + - name: 'configure log' + if: ${{ !cancelled() }} + run: cat bld/config.log bld/CMakeFiles/CMakeConfigureLog.yaml 2>/dev/null || true + + - name: 'curl_config.h' + run: | + echo '::group::raw'; cat bld/lib/curl_config.h || true; echo '::endgroup::' + grep -F '#define' bld/lib/curl_config.h | sort || true + + - name: 'test configs' + run: grep -H -v '^#' bld/tests/config bld/tests/http/config.ini || true + + - name: 'build' + run: | + if [ -n '${{ matrix.build.generate }}' ]; then + ${{ matrix.build.make-prefix }} cmake --build bld --verbose + else + ${{ matrix.build.make-prefix }} make -C bld V=1 ${{ matrix.build.make-custom-target }} + fi + + - name: 'single-use function check' + if: ${{ contains(matrix.build.configure, '--disable-unity') || contains(matrix.build.generate, '-DCMAKE_UNITY_BUILD=OFF') }} + run: | + git config --global --add safe.directory "*" + if [ -n '${{ matrix.build.generate }}' ]; then + libcurla=bld/lib/libcurl.a + else + libcurla=bld/lib/.libs/libcurl.a + fi + ./scripts/singleuse.pl --unit ${libcurla} + + - name: 'check curl -V output' + if: ${{ matrix.build.make-custom-target != 'tidy' }} + run: bld/src/curl -V + + - name: 'cmake install' + if: ${{ matrix.build.generate }} + run: cmake --install bld --strip + + - name: 'build tests' + if: ${{ matrix.build.install_steps != 'skipall' }} + run: | + if [ -n '${{ matrix.build.generate }}' ]; then + cmake --build bld --verbose --target testdeps + else + make -C bld V=1 -C tests + fi + + - name: 'install test prereqs' + if: ${{ matrix.build.install_steps != 'skipall' && matrix.build.container == null }} + run: | + [ -x "$HOME/venv/bin/activate" ] && source $HOME/venv/bin/activate + python3 -m pip install -r tests/requirements.txt + + - name: 'run tests' + if: ${{ matrix.build.install_steps != 'skipall' && matrix.build.install_steps != 'skiprun' }} + timeout-minutes: ${{ contains(matrix.build.install_packages, 'valgrind') && 30 || 15 }} + run: | + export TFLAGS='${{ matrix.build.tflags }}' + if [ -z '${{ matrix.build.torture }}' ]; then + if [[ '${{ matrix.build.install_steps }}' = *'wolfssh'* ]]; then + TFLAGS+=' ~SFTP' + fi + if [[ '${{ matrix.build.install_packages }}' = *'valgrind'* ]]; then + TFLAGS+=' -j6' + fi + if [[ '${{ matrix.build.install_packages }}' = *'heimdal-dev'* ]]; then + TFLAGS+=' ~2077 ~2078' # valgrind errors + fi + fi + [ -x "$HOME/venv/bin/activate" ] && source $HOME/venv/bin/activate + if [ -n '${{ matrix.build.generate }}' ]; then + cmake --build bld --verbose --target ${{ matrix.build.torture && 'test-torture' || 'test-ci' }} + else + make -C bld V=1 ${{ matrix.build.torture && 'test-torture' || 'test-ci' }} + fi + + - name: 'install pytest prereqs' + if: contains(matrix.build.install_steps, 'pytest') + run: | + [ -x "$HOME/venv/bin/activate" ] && source $HOME/venv/bin/activate + python3 -m pip install -r tests/http/requirements.txt + + - name: 'run pytest' + if: contains(matrix.build.install_steps, 'pytest') + env: + CURL_CI: github + PYTEST_ADDOPTS: '--color=yes' + run: | + [ -x "$HOME/venv/bin/activate" ] && source $HOME/venv/bin/activate + if [ -n '${{ matrix.build.generate }}' ]; then + cmake --build bld --verbose --target curl-pytest-ci + else + make -C bld V=1 pytest-ci + fi + + - name: 'build examples' + if: ${{ matrix.build.make-custom-target != 'tidy' }} + run: | + if [ -n '${{ matrix.build.generate }}' ]; then + ${{ matrix.build.make-prefix }} cmake --build bld --verbose --target curl-examples + else + ${{ matrix.build.make-prefix }} make -C bld V=1 examples + fi diff --git a/deps/curl/.github/workflows/macos.yml b/deps/curl/.github/workflows/macos.yml new file mode 100644 index 00000000..82e22228 --- /dev/null +++ b/deps/curl/.github/workflows/macos.yml @@ -0,0 +1,508 @@ +# Copyright (C) Daniel Stenberg, , et al. +# +# SPDX-License-Identifier: curl + +name: macOS + +'on': + push: + branches: + - master + - '*/ci' + paths-ignore: + - '**/*.md' + - '.circleci/**' + - 'appveyor.*' + - 'packages/**' + - 'plan9/**' + - 'projects/**' + - 'winbuild/**' + pull_request: + branches: + - master + paths-ignore: + - '**/*.md' + - '.circleci/**' + - 'appveyor.*' + - 'packages/**' + - 'plan9/**' + - 'projects/**' + - 'winbuild/**' + +concurrency: + group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.sha }} + cancel-in-progress: true + +permissions: {} + +# Deprecated Apple APIs and the macos-version-min value required to avoid +# deprecation warnings with llvm/clang: +# +# - 10.7 Lion (2011) - GSS +# - 10.8 Mountain Lion (2012) - CFURLCreateDataAndPropertiesFromResource (used by curl Secure Transport code) +# - 10.9 Maverick (2013) - LDAP +# - 10.14 Mojave (2018) - Secure Transport +# +# For Secure Transport, curl implements features that require a target +# newer than the 10.8 required by `CFURLCreateDataAndPropertiesFromResource`. + +env: + MAKEFLAGS: -j 4 + LDFLAGS: -w # suppress 'object file was built for newer macOS version than being linked' warnings + +jobs: + macos: + name: "${{ matrix.build.generate && 'CM' || 'AM' }} ${{ matrix.compiler }} ${{ matrix.build.name }}" + runs-on: 'macos-latest' + timeout-minutes: 45 + env: + DEVELOPER_DIR: "/Applications/Xcode${{ matrix.build.xcode && format('_{0}', matrix.build.xcode) || '' }}.app/Contents/Developer" + CC: ${{ matrix.compiler }} + CFLAGS: '' + strategy: + fail-fast: false + matrix: + compiler: [clang, llvm@15, gcc-12] + build: + # automake + - name: '!ssl !debug brotli zstd' + compiler: clang + install: brotli zstd + configure: --without-ssl --with-brotli --with-zstd + - name: '!ssl !debug' + compiler: gcc-12 + configure: --without-ssl + - name: '!ssl' + compiler: clang + configure: --enable-debug --without-ssl + - name: '!ssl libssh2 AppleIDN' + compiler: clang + configure: --enable-debug --with-libssh2=$(brew --prefix libssh2) --without-ssl --with-apple-idn + - name: 'OpenSSL libssh c-ares' + compiler: clang + install: libssh + configure: --enable-debug --with-libssh --with-openssl=$(brew --prefix openssl) --enable-ares + - name: 'OpenSSL libssh' + compiler: llvm@15 + install: libssh libnghttp3 + configure: --enable-debug --with-libssh --with-openssl=$(brew --prefix openssl) --with-openssl-quic + - name: '!ssl c-ares' + compiler: clang + configure: --enable-debug --enable-ares --without-ssl + - name: '!ssl HTTP-only' + compiler: clang + configure: >- + --enable-debug + --disable-alt-svc --disable-dict --disable-file --disable-ftp --disable-gopher --disable-imap + --disable-ldap --disable-pop3 --without-librtmp --disable-rtsp + --disable-shared --disable-smb --disable-smtp --disable-telnet --disable-tftp --disable-unix-sockets + --without-brotli --without-gssapi --without-libidn2 --without-libpsl --without-librtmp + --without-libssh2 --without-libssh --without-wolfssh + --without-nghttp2 --disable-ntlm --without-ssl --without-zlib --without-zstd + + macos-version-min: '10.15' # Catalina (2019) + - name: 'SecureTransport libssh2' + compiler: clang + configure: --enable-debug --with-secure-transport --with-libssh2=$(brew --prefix libssh2) + macos-version-min: '10.8' + - name: 'SecureTransport libssh2 10.12' + compiler: clang + configure: --enable-debug --with-secure-transport --with-libssh2=$(brew --prefix libssh2) + macos-version-min: '10.12' # for monotonic timers + - name: 'SecureTransport libssh2' + compiler: gcc-12 + configure: --enable-debug --with-secure-transport --with-libssh2=$(brew --prefix libssh2) + macos-version-min: '10.8' + - name: 'LibreSSL +examples' + compiler: clang + install: libressl + configure: --enable-debug --with-openssl=$(brew --prefix libressl) + - name: 'OpenSSL' + compiler: clang + configure: --enable-debug --with-openssl=$(brew --prefix openssl) + - name: 'OpenSSL event-based' + compiler: clang + configure: --enable-debug --with-openssl=$(brew --prefix openssl) + tflags: --test-event + - name: 'quictls libssh2 !ldap 10.15' + compiler: clang + install: quictls + configure: --enable-debug --disable-ldap --with-openssl=$(brew --prefix quictls) LDFLAGS="${LDFLAGS} -L$(brew --prefix quictls)/lib" + macos-version-min: '10.15' + # cmake + - name: 'OpenSSL gsasl rtmp AppleIDN' + install: gsasl rtmpdump + generate: -DOPENSSL_ROOT_DIR=$(brew --prefix openssl) -DCURL_USE_GSASL=ON -DUSE_LIBRTMP=ON -DUSE_APPLE_IDN=ON + - name: 'OpenSSL AppleIDN clang-tidy +examples' + install: llvm + generate: -DOPENSSL_ROOT_DIR=$(brew --prefix openssl) -DUSE_APPLE_IDN=ON -DCURL_CLANG_TIDY=ON -DCLANG_TIDY=$(brew --prefix llvm)/bin/clang-tidy + clang-tidy: true + chkprefill: _chkprefill + - name: 'quictls +static libssh +examples' + install: quictls libssh + generate: -DOPENSSL_ROOT_DIR=$(brew --prefix quictls) -DBUILD_STATIC_LIBS=ON -DCURL_USE_LIBSSH2=OFF -DCURL_USE_LIBSSH=ON + - name: 'SecureTransport debug' + generate: -DCURL_USE_SECTRANSP=ON -DENABLE_DEBUG=ON + macos-version-min: '10.8' + - name: 'LibreSSL !ldap heimdal c-ares +examples' + install: libressl heimdal + generate: -DOPENSSL_ROOT_DIR=$(brew --prefix libressl) -DENABLE_ARES=ON -DCURL_USE_GSSAPI=ON -DGSS_ROOT_DIR=$(brew --prefix heimdal) -DCURL_DISABLE_LDAP=ON + - name: 'wolfSSL !ldap brotli zstd' + install: brotli wolfssl zstd + generate: -DCURL_USE_WOLFSSL=ON -DCURL_DISABLE_LDAP=ON -DUSE_ECH=ON + - name: 'mbedTLS openldap brotli zstd' + install: brotli mbedtls zstd openldap + generate: -DCURL_USE_MBEDTLS=ON -DLDAP_INCLUDE_DIR="$(brew --prefix openldap)/include" -DLDAP_LIBRARY="$(brew --prefix openldap)/lib/libldap.dylib" -DLDAP_LBER_LIBRARY="$(brew --prefix openldap)/lib/liblber.dylib" + - name: 'GnuTLS !ldap krb5' + install: gnutls nettle krb5 + generate: -DCURL_USE_GNUTLS=ON -DCURL_USE_OPENSSL=OFF -DCURL_USE_GSSAPI=ON -DGSS_ROOT_DIR=$(brew --prefix krb5) -DCURL_DISABLE_LDAP=ON -DUSE_SSLS_EXPORT=ON + - name: 'OpenSSL torture !FTP' + generate: -DENABLE_DEBUG=ON -DBUILD_SHARED_LIBS=OFF -DENABLE_THREADED_RESOLVER=OFF -DOPENSSL_ROOT_DIR=$(brew --prefix openssl) + tflags: -t --shallow=25 !FTP + torture: true + - name: 'OpenSSL torture FTP' + generate: -DENABLE_DEBUG=ON -DBUILD_SHARED_LIBS=OFF -DENABLE_THREADED_RESOLVER=OFF -DOPENSSL_ROOT_DIR=$(brew --prefix openssl) + tflags: -t --shallow=20 FTP + torture: true + exclude: + - { compiler: llvm@15, build: { macos-version-min: '10.15' } } + - { compiler: llvm@15, build: { torture: true } } + - { compiler: gcc-12, build: { torture: true } } + - { compiler: llvm@15, build: { clang-tidy: true } } + - { compiler: gcc-12, build: { clang-tidy: true } } + # opt out jobs from combinations that have the compiler set manually + - { compiler: llvm@15, build: { compiler: 'clang' } } + - { compiler: llvm@15, build: { compiler: 'gcc-12' } } + - { compiler: gcc-12, build: { compiler: 'clang' } } + - { compiler: gcc-12, build: { compiler: 'llvm@15' } } + - { compiler: clang, build: { compiler: 'gcc-12' } } + - { compiler: clang, build: { compiler: 'llvm@15' } } + + steps: + - name: 'brew install' + # Run this command with retries because of spurious failures seen + # while running the tests, for example + # https://github.com/curl/curl/runs/4095721123?check_suite_focus=true + run: | + echo ${{ matrix.build.generate && 'ninja' || 'automake libtool' }} \ + pkgconf libpsl libssh2 \ + ${{ !matrix.build.clang-tidy && 'nghttp2 stunnel' || '' }} \ + ${{ contains(matrix.build.install_steps, 'pytest') && 'caddy httpd vsftpd' || '' }} \ + ${{ matrix.build.install }} | xargs -Ix -n1 echo brew '"x"' > /tmp/Brewfile + while [[ $? == 0 ]]; do for i in 1 2 3; do brew update && brew bundle install --file /tmp/Brewfile && break 2 || { echo Error: wait to try again; sleep 10; } done; false Too many retries; done + + - name: 'brew unlink openssl' + if: ${{ contains(matrix.build.install, 'libressl') || contains(matrix.build.install, 'quictls') }} + run: | + if test -d $(brew --prefix)/include/openssl; then + brew unlink openssl + fi + + - name: 'toolchain versions' + run: | + [[ '${{ matrix.compiler }}' = 'llvm'* ]] && CC="$(brew --prefix ${{ matrix.compiler }})/bin/clang" + [[ '${{ matrix.compiler }}' = 'gcc'* ]] && "${CC}" --print-sysroot + which "${CC}"; "${CC}" --version || true + xcodebuild -version || true + xcrun --sdk macosx --show-sdk-path 2>/dev/null || true + xcrun --sdk macosx --show-sdk-version || true + ls -l /Library/Developer/CommandLineTools/SDKs || true + echo '::group::macros predefined'; "${CC}" -dM -E - < /dev/null | sort || true; echo '::endgroup::' + echo '::group::brew packages installed'; ls -l "$(brew --prefix)/opt"; echo '::endgroup::' + + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 + with: + persist-credentials: false + + - name: 'autoreconf' + if: ${{ matrix.build.configure }} + run: autoreconf -fi + + - name: 'configure' + run: | + if [[ '${{ matrix.compiler }}' = 'gcc'* ]]; then + sysroot="$("${CC}" --print-sysroot)" # Must match the SDK gcc was built for + else + sysroot="$(xcrun --sdk macosx --show-sdk-path 2>/dev/null)" + fi + + if [[ '${{ matrix.compiler }}' = 'llvm'* ]]; then + CC="$(brew --prefix ${{ matrix.compiler }})/bin/clang" + CC+=" --sysroot=${sysroot}" + CC+=" --target=$(uname -m)-apple-darwin" + fi + + if [ -n '${{ matrix.build.generate }}' ]; then + for _chkprefill in '' ${{ matrix.build.chkprefill }}; do + options='' + [ -n '${{ matrix.build.macos-version-min }}' ] && options+=' -DCMAKE_OSX_DEPLOYMENT_TARGET=${{ matrix.build.macos-version-min }}' + [[ '${{ matrix.build.install_steps }}' = *'pytest'* ]] && options+=' -DTEST_NGHTTPX= -DHTTPD_NGHTTPX=' + [ "${_chkprefill}" = '_chkprefill' ] && options+=' -D_CURL_PREFILL=OFF' + cmake -B "bld${_chkprefill}" -G Ninja -D_CURL_PREFILL=ON \ + -DCMAKE_UNITY_BUILD=ON -DCURL_TEST_BUNDLES=ON -DCURL_WERROR=ON \ + -DCMAKE_OSX_SYSROOT="${sysroot}" \ + -DCMAKE_C_COMPILER_TARGET="$(uname -m | sed 's/arm64/aarch64/')-apple-darwin$(uname -r)" \ + ${{ matrix.build.generate }} ${options} + done + if [ -d bld_chkprefill ] && ! diff -u bld/lib/curl_config.h bld_chkprefill/lib/curl_config.h; then + echo '::group::reference configure log'; cat bld_chkprefill/CMakeFiles/CMake*.yaml 2>/dev/null || true; echo '::endgroup::' + false + fi + else + export CFLAGS + if [[ '${{ matrix.compiler }}' = 'llvm'* ]]; then + options+=" --target=$(uname -m)-apple-darwin" + fi + if [ '${{ matrix.compiler }}' != 'clang' ]; then + options+=" --with-sysroot=${sysroot}" + CFLAGS+=" --sysroot=${sysroot}" + fi + [ -n '${{ matrix.build.macos-version-min }}' ] && CFLAGS+=' -mmacosx-version-min=${{ matrix.build.macos-version-min }}' + [[ '${{ matrix.build.install_steps }}' = *'pytest'* ]] && options+=' --with-test-nghttpx= ac_cv_path_HTTPD_NGHTTPX=' + mkdir bld && cd bld && ../configure --enable-unity --enable-test-bundles --enable-warnings --enable-werror \ + --disable-dependency-tracking \ + --with-libpsl=$(brew --prefix libpsl) \ + ${{ matrix.build.configure }} ${options} + fi + + - name: 'configure log' + if: ${{ !cancelled() }} + run: cat bld/config.log bld/CMakeFiles/CMakeConfigureLog.yaml 2>/dev/null || true + + - name: 'curl_config.h' + run: | + echo '::group::raw'; cat bld/lib/curl_config.h || true; echo '::endgroup::' + grep -F '#define' bld/lib/curl_config.h | sort || true + + - name: 'test configs' + run: grep -H -v '^#' bld/tests/config bld/tests/http/config.ini || true + + - name: 'build-cert' + if: contains(matrix.build.generate, '-DCURL_USE_SECTRANSP=ON') || contains(matrix.build.configure, '--with-secure-transport') + run: | + if [ -n '${{ matrix.build.generate }}' ]; then + cmake --build bld --target clean-certs + cmake --build bld --target build-certs --parallel 1 + else + make -C bld/tests/certs clean-certs + make -C bld/tests/certs build-certs -j1 + fi + + - name: 'build' + run: | + if [ -n '${{ matrix.build.generate }}' ]; then + cmake --build bld --verbose + else + make -C bld V=1 + fi + + - name: 'curl version' + run: bld/src/curl --disable --version + + - name: 'build tests' + run: | + if [ -n '${{ matrix.build.generate }}' ]; then + cmake --build bld --target testdeps + else + make -C bld V=1 -C tests + fi + + - name: 'install test prereqs' + if: ${{ !matrix.build.clang-tidy }} + run: | + python3 -m venv $HOME/venv + source $HOME/venv/bin/activate + python3 -m pip install -r tests/requirements.txt + + - name: 'run tests' + if: ${{ !matrix.build.clang-tidy }} + timeout-minutes: ${{ matrix.build.torture && 20 || 10 }} + run: | + export TFLAGS='-j20 ${{ matrix.build.tflags }}' + if [ -z '${{ matrix.build.torture }}' ]; then + TFLAGS+=' ~2037 ~2041' # flaky + fi + source $HOME/venv/bin/activate + rm -f $HOME/.curlrc + if [ -n '${{ matrix.build.generate }}' ]; then + cmake --build bld --target ${{ matrix.build.torture && 'test-torture' || 'test-ci' }} + else + make -C bld V=1 ${{ matrix.build.torture && 'test-torture' || 'test-ci' }} + fi + + - name: 'install pytest prereqs' + if: ${{ !matrix.build.clang-tidy && contains(matrix.build.install_steps, 'pytest') }} + run: | + source $HOME/venv/bin/activate + python3 -m pip install -r tests/http/requirements.txt + + - name: 'run pytest' + if: ${{ !matrix.build.clang-tidy && contains(matrix.build.install_steps, 'pytest') }} + env: + CURL_CI: github + PYTEST_ADDOPTS: '--color=yes' + run: | + source $HOME/venv/bin/activate + if [ -n '${{ matrix.build.generate }}' ]; then + cmake --build bld --verbose --target curl-pytest-ci + else + make -C bld V=1 pytest-ci + fi + + - name: 'build examples' + if: ${{ contains(matrix.build.name, '+examples') }} + run: | + if [ -n '${{ matrix.build.generate }}' ]; then + cmake --build bld --verbose --target curl-examples + else + make -C bld examples V=1 + fi + + combinations: # Test buildability with host OS, Xcode / SDK, compiler, target-OS, Secure Transport/not, built tool, combinations + if: true # Set to `true` to enable this test matrix. It runs quickly. + name: "${{ matrix.build == 'cmake' && 'CM' || 'AM' }} ${{ matrix.compiler }} ${{ matrix.image }} ${{ matrix.xcode }} ${{ matrix.config }}" + runs-on: ${{ matrix.image }} + timeout-minutes: 10 + env: + DEVELOPER_DIR: "/Applications/Xcode${{ matrix.xcode && format('_{0}', matrix.xcode) || '' }}.app/Contents/Developer" + CC: ${{ matrix.compiler }} + strategy: + fail-fast: false + matrix: + config: [SecureTransport] # also: OpenSSL + compiler: [gcc-12, gcc-13, gcc-14, llvm@15, llvm@18, clang] + # Xcode support matrix as of 2024-07, with default macOS SDK versions and OS names, years: + # * = default Xcode on the runner. + # macos-13: 14.1, 14.2, 14.3.1, 15.0.1, 15.1,*15.2 + # macos-14: 15.0.1, 15.1, 15.2, 15.3,*15.4 + # macos-15: *16.0, 16.1 + # macOSSDK: 13.0, 13.1, 13.3, 14.0, 14.2, 14.2, 14.4, 14.5, 15.0, 15.1 + # Ventura (2022) Sonoma (2023) Sequoia (2024) + # https://github.com/actions/runner-images/tree/main/images/macos + # https://en.wikipedia.org/wiki/MacOS_version_history + image: [macos-13, macos-14, macos-15] + # Can skip these to reduce jobs: + # 15.1 has the same default macOS SDK as 15.2 and identical test results. + # 14.1, 15.4 not revealing new fallouts. + #xcode: ['14.1', '14.2', '14.3.1', '15.0.1', '15.1', '15.2', '15.3', '15.4', '16.0', '16.1'] # all Xcode + #xcode: ['14.1', '14.2', '14.3.1', '15.0.1' , '15.2', '15.3', '15.4', '16.0', '16.1'] # all SDK + #xcode: [ '14.2', '14.3.1', '15.0.1' , '15.2', '15.3' , '16.0' ] # coverage + xcode: [''] # default Xcodes + macos-version-min: [''] + build: [autotools, cmake] + exclude: + # Combinations not covered by runner images: + - { image: macos-13, xcode: '15.3' } + - { image: macos-13, xcode: '15.4' } + - { image: macos-13, xcode: '16.0' } + - { image: macos-13, xcode: '16.1' } + - { image: macos-14, xcode: '14.1' } + - { image: macos-14, xcode: '14.2' } + - { image: macos-14, xcode: '14.3.1' } + - { image: macos-14, xcode: '16.0' } + - { image: macos-14, xcode: '16.1' } + - { image: macos-15, xcode: '14.1' } + - { image: macos-15, xcode: '14.2' } + - { image: macos-15, xcode: '14.3.1' } + - { image: macos-15, xcode: '15.0.1' } + - { image: macos-15, xcode: '15.1' } + - { image: macos-15, xcode: '15.2' } + - { image: macos-15, xcode: '15.3' } + - { image: macos-15, xcode: '15.4' } + - { image: macos-13, compiler: 'llvm@18' } + - { image: macos-14, compiler: 'llvm@18' } + - { image: macos-15, compiler: 'llvm@15' } + # Reduce build combinations, by dropping less interesting ones + - { compiler: gcc-12, config: SecureTransport } + - { compiler: gcc-13, build: cmake } + - { compiler: gcc-14, build: autotools } + steps: + - name: 'install autotools' + if: ${{ matrix.build == 'autotools' }} + run: | + echo automake libtool | xargs -Ix -n1 echo brew '"x"' > /tmp/Brewfile + while [[ $? == 0 ]]; do for i in 1 2 3; do brew update && brew bundle install --file /tmp/Brewfile && break 2 || { echo Error: wait to try again; sleep 10; } done; false Too many retries; done + + - name: 'toolchain versions' + run: | + [[ '${{ matrix.compiler }}' = 'llvm'* ]] && CC="$(brew --prefix ${{ matrix.compiler }})/bin/clang" + [[ '${{ matrix.compiler }}' = 'gcc'* ]] && "${CC}" --print-sysroot + which "${CC}"; "${CC}" --version || true + xcodebuild -version || true + xcrun --sdk macosx --show-sdk-path 2>/dev/null || true + xcrun --sdk macosx --show-sdk-version || true + ls -l /Library/Developer/CommandLineTools/SDKs || true + echo '::group::macros predefined'; "${CC}" -dM -E - < /dev/null | sort || true; echo '::endgroup::' + echo '::group::brew packages preinstalled'; ls -l "$(brew --prefix)/opt"; echo '::endgroup::' + + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 + with: + persist-credentials: false + + - name: 'autoreconf' + if: ${{ matrix.build == 'autotools' }} + run: autoreconf -fi + + - name: 'configure / ${{ matrix.build }}' + run: | + if [[ '${{ matrix.compiler }}' = 'gcc'* ]]; then + sysroot="$("${CC}" --print-sysroot)" # Must match the SDK gcc was built for + else + sysroot="$(xcrun --sdk macosx --show-sdk-path 2>/dev/null)" + fi + + if [[ '${{ matrix.compiler }}' = 'llvm'* ]]; then + CC="$(brew --prefix ${{ matrix.compiler }})/bin/clang" + CC+=" --sysroot=${sysroot}" + CC+=" --target=$(uname -m)-apple-darwin" + fi + + if [ '${{ matrix.build }}' = 'cmake' ]; then + [ '${{ matrix.config }}' = 'OpenSSL' ] && options+=' -DCURL_USE_OPENSSL=ON' + [ '${{ matrix.config }}' = 'SecureTransport' ] && options+=' -DCURL_USE_SECTRANSP=ON' + [ -n '${{ matrix.macos-version-min }}' ] && options+=' -DCMAKE_OSX_DEPLOYMENT_TARGET=${{ matrix.macos-version-min }}' + # would pick up nghttp2, libidn2, and libssh2 + cmake -B bld -D_CURL_PREFILL=ON \ + -DCMAKE_UNITY_BUILD=ON -DCURL_TEST_BUNDLES=ON -DCURL_WERROR=ON \ + -DCMAKE_OSX_SYSROOT="${sysroot}" \ + -DCMAKE_C_COMPILER_TARGET="$(uname -m | sed 's/arm64/aarch64/')-apple-darwin$(uname -r)" \ + -DCMAKE_IGNORE_PREFIX_PATH="$(brew --prefix)" \ + -DBUILD_LIBCURL_DOCS=OFF -DBUILD_MISC_DOCS=OFF -DENABLE_CURL_MANUAL=OFF \ + -DUSE_NGHTTP2=OFF -DUSE_LIBIDN2=OFF \ + -DCURL_USE_LIBPSL=OFF -DCURL_USE_LIBSSH2=OFF \ + ${options} + else + export CFLAGS + if [[ '${{ matrix.compiler }}' = 'llvm'* ]]; then + options+=" --target=$(uname -m)-apple-darwin" + fi + if [ '${{ matrix.compiler }}' != 'clang' ]; then + options+=" --with-sysroot=${sysroot}" + CFLAGS+=" --sysroot=${sysroot}" + fi + [ '${{ matrix.config }}' = 'OpenSSL' ] && options+=" --with-openssl=$(brew --prefix openssl)" + [ '${{ matrix.config }}' = 'SecureTransport' ] && options+=' --with-secure-transport' + [ -n '${{ matrix.macos-version-min }}' ] && CFLAGS+=' -mmacosx-version-min=${{ matrix.macos-version-min }}' + # would pick up nghttp2, libidn2, but libssh2 is disabled by default + mkdir bld && cd bld && ../configure --enable-unity --enable-test-bundles --enable-warnings --enable-werror \ + --disable-dependency-tracking \ + --disable-docs --disable-manual \ + --without-nghttp2 --without-libidn2 \ + --without-libpsl \ + ${options} + fi + + - name: 'configure log' + if: ${{ !cancelled() }} + run: cat bld/config.log bld/CMakeFiles/CMakeConfigureLog.yaml 2>/dev/null || true + + - name: 'curl_config.h' + run: | + echo '::group::raw'; cat bld/lib/curl_config.h || true; echo '::endgroup::' + grep -F '#define' bld/lib/curl_config.h | sort || true + + - name: 'build / ${{ matrix.build }}' + run: make -C bld V=1 VERBOSE=1 + + - name: 'curl version' + run: bld/src/curl --disable --version diff --git a/deps/curl/.github/workflows/non-native.yml b/deps/curl/.github/workflows/non-native.yml new file mode 100644 index 00000000..3f028630 --- /dev/null +++ b/deps/curl/.github/workflows/non-native.yml @@ -0,0 +1,729 @@ +# Copyright (C) Viktor Szakats +# +# SPDX-License-Identifier: curl + +name: non-native + +'on': + push: + branches: + - master + - '*/ci' + paths-ignore: + - '**/*.md' + - '.circleci/**' + - 'appveyor.*' + - 'packages/**' + - 'plan9/**' + - 'projects/**' + - 'winbuild/**' + pull_request: + branches: + - master + paths-ignore: + - '**/*.md' + - '.circleci/**' + - 'appveyor.*' + - 'packages/**' + - 'plan9/**' + - 'projects/**' + - 'winbuild/**' + +concurrency: + group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.sha }} + cancel-in-progress: true + +permissions: {} + +jobs: + netbsd: + name: 'NetBSD, CM clang openssl ${{ matrix.arch }}' + runs-on: ubuntu-latest + timeout-minutes: 10 + strategy: + matrix: + arch: ['x86_64'] + steps: + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 + with: + persist-credentials: false + - name: 'cmake' + uses: cross-platform-actions/action@fe0167d8082ac584754ef3ffb567fded22642c7d # v0.27.0 + with: + operating_system: 'netbsd' + version: '10.1' + architecture: ${{ matrix.arch }} + run: | + # https://pkgsrc.se/ + time sudo pkgin -y install cmake ninja-build pkg-config perl brotli heimdal openldap-client libssh2 libidn2 libpsl nghttp2 py311-impacket + time cmake -B bld -G Ninja \ + -DCMAKE_UNITY_BUILD=ON -DCURL_TEST_BUNDLES=ON \ + -DCURL_WERROR=ON \ + -DENABLE_DEBUG=ON -DCMAKE_BUILD_TYPE=Debug \ + -DCURL_USE_OPENSSL=ON \ + -DCURL_USE_GSSAPI=ON \ + || { cat bld/CMakeFiles/CMake*.yaml; false; } + echo '::group::curl_config.h (raw)'; cat bld/lib/curl_config.h || true; echo '::endgroup::' + echo '::group::curl_config.h'; grep -F '#define' bld/lib/curl_config.h | sort || true; echo '::endgroup::' + time cmake --build bld + bld/src/curl --disable --version + if [ '${{ matrix.arch }}' = 'x86_64' ]; then # Slow on emulated CPU + time cmake --build bld --target testdeps + export TFLAGS='-j4' + time cmake --build bld --target test-ci + fi + echo '::group::build examples' + time cmake --build bld --target curl-examples + echo '::endgroup::' + + openbsd: + name: 'OpenBSD, CM clang libressl ${{ matrix.arch }}' + runs-on: ubuntu-latest + timeout-minutes: 10 + strategy: + matrix: + arch: ['x86_64'] + steps: + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 + with: + persist-credentials: false + - name: 'cmake' + uses: cross-platform-actions/action@fe0167d8082ac584754ef3ffb567fded22642c7d # v0.27.0 + with: + operating_system: 'openbsd' + version: '7.5' + architecture: ${{ matrix.arch }} + run: | + # https://openbsd.app/ + # https://www.openbsd.org/faq/faq15.html + time sudo pkg_add cmake ninja brotli openldap-client-- libssh2 libidn2 libpsl nghttp2 python3 py3-impacket + time cmake -B bld -G Ninja \ + -DCMAKE_UNITY_BUILD=ON -DCURL_TEST_BUNDLES=ON \ + -DCURL_WERROR=ON \ + -DENABLE_DEBUG=ON -DCMAKE_BUILD_TYPE=Debug \ + -DCURL_USE_OPENSSL=ON \ + || { cat bld/CMakeFiles/CMake*.yaml; false; } + echo '::group::curl_config.h (raw)'; cat bld/lib/curl_config.h || true; echo '::endgroup::' + echo '::group::curl_config.h'; grep -F '#define' bld/lib/curl_config.h | sort || true; echo '::endgroup::' + time cmake --build bld + bld/src/curl --disable --version + if [ '${{ matrix.arch }}' = 'x86_64' ]; then # Slow on emulated CPU + time cmake --build bld --target testdeps + export TFLAGS='-j8 ~3017 ~TFTP ~FTP' # FIXME: TFTP requests executed twice? Related: `curl: (69) TFTP: Access Violation`? + time cmake --build bld --target test-ci + fi + echo '::group::build examples' + time cmake --build bld --target curl-examples + echo '::endgroup::' + + freebsd: + name: "FreeBSD, ${{ matrix.build == 'cmake' && 'CM' || 'AM' }} ${{ matrix.compiler }} openssl${{ matrix.desc }} ${{ matrix.arch }}" + runs-on: ubuntu-latest + timeout-minutes: 20 + strategy: + matrix: + include: + - { build: 'autotools', arch: 'x86_64', compiler: 'clang' } + - { build: 'cmake' , arch: 'x86_64', compiler: 'clang', options: '-DCMAKE_UNITY_BUILD=OFF -DCURL_TEST_BUNDLES=OFF', desc: ' !unity !bundle !runtests !examples' } + - { build: 'autotools', arch: 'arm64', compiler: 'clang' } + - { build: 'cmake' , arch: 'arm64', compiler: 'clang' } + fail-fast: false + steps: + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 + with: + persist-credentials: false + - name: 'autotools' + if: ${{ matrix.build == 'autotools' }} + uses: cross-platform-actions/action@fe0167d8082ac584754ef3ffb567fded22642c7d # v0.27.0 + with: + operating_system: 'freebsd' + version: '14.1' + architecture: ${{ matrix.arch }} + run: | + export MAKEFLAGS=-j3 + # https://ports.freebsd.org/ + time sudo pkg install -y autoconf automake libtool \ + pkgconf brotli openldap26-client libidn2 libnghttp2 stunnel py311-impacket + time autoreconf -fi + export CC='${{ matrix.compiler }}' + if [ '${{ matrix.arch }}' != 'x86_64' ]; then + options='--disable-manual --disable-docs' # Slow with autotools, skip on emulated CPU + fi + mkdir bld && cd bld && time ../configure --enable-unity --enable-test-bundles --enable-debug --enable-warnings --enable-werror \ + --prefix="${HOME}"/install \ + --with-openssl \ + --with-brotli --enable-ldap --enable-ldaps --with-libidn2 --with-libssh2 --with-nghttp2 --with-gssapi \ + --disable-dependency-tracking \ + ${options} \ + ${{ matrix.options }} \ + || { tail -n 1000 config.log; false; } + echo '::group::curl_config.h (raw)'; cat lib/curl_config.h || true; echo '::endgroup::' + echo '::group::curl_config.h'; grep -F '#define' lib/curl_config.h | sort || true; echo '::endgroup::' + time make install + src/curl --disable --version + desc='${{ matrix.desc }}' + if [ '${{ matrix.arch }}' = 'x86_64' ]; then # Slow on emulated CPU + time make -C tests + if [ "${desc#*!runtests*}" = "${desc}" ]; then + time make test-ci V=1 TFLAGS='-j4' + fi + fi + if [ "${desc#*!examples*}" = "${desc}" ]; then + echo '::group::build examples' + time make examples + echo '::endgroup::' + fi + + - name: 'cmake' + if: ${{ matrix.build == 'cmake' }} + uses: cross-platform-actions/action@fe0167d8082ac584754ef3ffb567fded22642c7d # v0.27.0 + with: + operating_system: 'freebsd' + version: '14.1' + architecture: ${{ matrix.arch }} + run: | + # https://ports.freebsd.org/ + time sudo pkg install -y cmake-core ninja perl5 \ + pkgconf brotli openldap26-client libidn2 libnghttp2 stunnel py311-impacket + time cmake -B bld -G Ninja \ + -DCMAKE_C_COMPILER='${{ matrix.compiler }}' \ + -DCMAKE_UNITY_BUILD=ON -DCURL_TEST_BUNDLES=ON \ + -DCURL_WERROR=ON \ + -DENABLE_DEBUG=ON -DCMAKE_BUILD_TYPE=Debug \ + -DCURL_USE_OPENSSL=ON \ + -DCURL_USE_GSSAPI=ON \ + ${{ matrix.options }} \ + || { cat bld/CMakeFiles/CMake*.yaml; false; } + echo '::group::curl_config.h (raw)'; cat bld/lib/curl_config.h || true; echo '::endgroup::' + echo '::group::curl_config.h'; grep -F '#define' bld/lib/curl_config.h | sort || true; echo '::endgroup::' + time cmake --build bld + bld/src/curl --disable --version + desc='${{ matrix.desc }}' + if [ '${{ matrix.arch }}' = 'x86_64' ]; then # Slow on emulated CPU + time cmake --build bld --target testdeps + if [ "${desc#*!runtests*}" = "${desc}" ]; then + time cmake --build bld --target test-ci + fi + fi + if [ "${desc#*!examples*}" = "${desc}" ]; then + echo '::group::build examples' + time cmake --build bld --target curl-examples + echo '::endgroup::' + fi + + omnios: + name: 'OmniOS, AM gcc openssl amd64' + runs-on: ubuntu-latest + timeout-minutes: 15 + steps: + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 + with: + persist-credentials: false + - name: 'autotools' + uses: vmactions/omnios-vm@8eba2a9217262f275d4566751a92d6ef2f433d00 # v1 + with: + usesh: true + # https://pkg.omnios.org/r151052/core/en/index.shtml + prepare: pkg install build-essential libtool nghttp2 + run: | + set -e + ln -s /usr/bin/gcpp /usr/bin/cpp # Some tests expect `cpp`, which is named `gcpp` in this env. + export MAKEFLAGS=-j3 + time autoreconf -fi + mkdir bld && cd bld && time ../configure --enable-unity --enable-test-bundles --enable-debug --enable-warnings --enable-werror \ + --prefix="${HOME}"/install \ + --with-openssl \ + --disable-dependency-tracking \ + || { tail -n 1000 config.log; false; } + echo '::group::curl_config.h (raw)'; cat lib/curl_config.h || true; echo '::endgroup::' + echo '::group::curl_config.h'; grep -F '#define' lib/curl_config.h | sort || true; echo '::endgroup::' + time gmake install + src/curl --disable --version + time gmake -C tests + time gmake test-ci V=1 + echo '::group::build examples' + time gmake examples + echo '::endgroup::' + + ios: + name: "iOS, ${{ (matrix.build.generator && format('CM-{0}', matrix.build.generator)) || (matrix.build.generate && 'CM' || 'AM' )}} ${{ matrix.build.name }} arm64" + runs-on: 'macos-latest' + timeout-minutes: 10 + env: + MAKEFLAGS: -j 4 + DEVELOPER_DIR: "/Applications/Xcode${{ matrix.build.xcode && format('_{0}', matrix.build.xcode) || '' }}.app/Contents/Developer" + CC: ${{ matrix.build.compiler || 'clang' }} + # renovate: datasource=github-tags depName=libressl-portable/portable versioning=semver registryUrl=https://github.com + libressl-version: 4.0.0 + strategy: + fail-fast: false + matrix: + build: + - name: 'libressl' + install_steps: libressl + configure: --with-openssl="$HOME/libressl" --without-libpsl + + - name: 'libressl' + install_steps: libressl + # FIXME: Could not make OPENSSL_ROOT_DIR work. CMake seems to prepend sysroot to it. + generate: >- + -DCMAKE_BUILD_TYPE=Release -DCMAKE_UNITY_BUILD_BATCH_SIZE=50 + -DOPENSSL_INCLUDE_DIR="$HOME/libressl/include" + -DOPENSSL_SSL_LIBRARY="$HOME/libressl/lib/libssl.a" + -DOPENSSL_CRYPTO_LIBRARY="$HOME/libressl/lib/libcrypto.a" + -DCURL_USE_LIBPSL=OFF + + - name: 'libressl' + install_steps: libressl + generator: Xcode + options: --config Debug + generate: >- + -DCMAKE_XCODE_ATTRIBUTE_CODE_SIGNING_ALLOWED=OFF + -DMACOSX_BUNDLE_GUI_IDENTIFIER=se.curl + -DOPENSSL_INCLUDE_DIR="$HOME/libressl/include" + -DOPENSSL_SSL_LIBRARY="$HOME/libressl/lib/libssl.a" + -DOPENSSL_CRYPTO_LIBRARY="$HOME/libressl/lib/libcrypto.a" + -DCURL_USE_LIBPSL=OFF + + steps: + - name: 'brew install' + if: ${{ matrix.build.configure }} + run: | + echo automake libtool | xargs -Ix -n1 echo brew '"x"' > /tmp/Brewfile + while [[ $? == 0 ]]; do for i in 1 2 3; do brew update && brew bundle install --file /tmp/Brewfile && break 2 || { echo Error: wait to try again; sleep 10; } done; false Too many retries; done + + - name: 'toolchain versions' + run: | + which "${CC}"; "${CC}" --version || true + xcodebuild -version || true + xcodebuild -sdk -version | grep '^Path:' || true + xcrun --sdk iphoneos --show-sdk-path 2>/dev/null || true + xcrun --sdk iphoneos --show-sdk-version || true + echo '::group::macros predefined'; "${CC}" -dM -E - < /dev/null | sort || true; echo '::endgroup::' + echo '::group::brew packages installed'; ls -l "$(brew --prefix)/opt"; echo '::endgroup::' + + - name: 'cache libressl' + if: contains(matrix.build.install_steps, 'libressl') + uses: actions/cache@d4323d4df104b026a6aa633fdb11d772146be0bf # v4 + id: cache-libressl + env: + cache-name: cache-libressl + with: + path: ~/libressl + key: iOS-${{ env.cache-name }}-${{ env.libressl-version }} + + - name: 'build libressl' + if: contains(matrix.build.install_steps, 'libressl') && steps.cache-libressl.outputs.cache-hit != 'true' + run: | + curl -LsSf --retry 6 --retry-connrefused --max-time 999 \ + https://github.com/libressl/portable/releases/download/v${{ env.libressl-version }}/libressl-${{ env.libressl-version }}.tar.gz | tar -x + cd libressl-${{ env.libressl-version }} + # FIXME: on the 4.0.1 release, delete '-DHAVE_ENDIAN_H=0' + cmake -B . \ + -DHAVE_ENDIAN_H=0 \ + -DCMAKE_INSTALL_PREFIX="$HOME/libressl" \ + -DCMAKE_SYSTEM_NAME=iOS \ + -DCMAKE_SYSTEM_PROCESSOR=aarch64 \ + -DBUILD_SHARED_LIBS=OFF \ + -DLIBRESSL_APPS=OFF \ + -DLIBRESSL_TESTS=OFF + cmake --build . + cmake --install . --verbose + + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 + with: + persist-credentials: false + + - name: 'autoreconf' + if: ${{ matrix.build.configure }} + run: autoreconf -fi + + - name: 'configure' + run: | + if [ -n '${{ matrix.build.generate }}' ]; then + # https://cmake.org/cmake/help/latest/manual/cmake-toolchains.7.html#cross-compiling-for-ios-tvos-visionos-or-watchos + [ -n '${{ matrix.build.generator }}' ] && options='-G ${{ matrix.build.generator }}' + cmake -B bld -D_CURL_PREFILL=ON \ + -DCMAKE_UNITY_BUILD=ON -DCURL_TEST_BUNDLES=ON -DCURL_WERROR=ON \ + -DCMAKE_SYSTEM_NAME=iOS \ + -DUSE_APPLE_IDN=ON \ + ${{ matrix.build.generate }} ${options} + else + mkdir bld && cd bld && ../configure --enable-unity --enable-test-bundles --enable-warnings --enable-werror \ + --disable-dependency-tracking \ + CFLAGS="-isysroot $(xcrun --sdk iphoneos --show-sdk-path 2>/dev/null)" \ + --host=aarch64-apple-darwin \ + --with-apple-idn \ + ${{ matrix.build.configure }} + fi + + - name: 'configure log' + if: ${{ !cancelled() }} + run: cat bld/config.log bld/CMakeFiles/CMakeConfigureLog.yaml 2>/dev/null || true + + - name: 'curl_config.h' + run: | + echo '::group::raw'; cat bld/lib/curl_config.h || true; echo '::endgroup::' + grep -F '#define' bld/lib/curl_config.h | sort || true + + - name: 'build' + run: | + if [ -n '${{ matrix.build.generate }}' ]; then + cmake --build bld ${{ matrix.build.options }} --parallel 4 --verbose + else + make -C bld V=1 + fi + + - name: 'curl info' + run: find . -type f \( -name curl -o -name '*.dylib' -o -name '*.a' \) -exec file '{}' \; + + - name: 'build tests' + run: | + if [ -n '${{ matrix.build.generate }}' ]; then + cmake --build bld ${{ matrix.build.options }} --parallel 4 --target testdeps --verbose + else + make -C bld V=1 -C tests + fi + + - name: 'build examples' + run: | + if [ -n '${{ matrix.build.generate }}' ]; then + cmake --build bld ${{ matrix.build.options }} --parallel 4 --target curl-examples --verbose + else + make -C bld examples V=1 + fi + + android: + name: "Android ${{ matrix.platform }}, ${{ matrix.build == 'cmake' && 'CM' || 'AM' }} ${{ matrix.name }} arm64" + runs-on: 'ubuntu-latest' + timeout-minutes: 25 + env: + MAKEFLAGS: -j 5 + VCPKG_BINARY_SOURCES: 'clear;x-gha,readwrite' + VCPKG_DISABLE_METRICS: '1' + strategy: + matrix: + include: + - { build: 'autotools', platform: '21', name: "openssl", install: 'brotli zstd libpsl nghttp2 openssl libssh2', + options: '--with-openssl --with-brotli' } + + - { build: 'cmake' , platform: '21', name: "openssl", install: 'brotli zstd libpsl nghttp2 openssl libssh2', + options: '-DCURL_USE_OPENSSL=ON' } + + - { build: 'autotools', platform: '35', name: "openssl", install: 'brotli zstd libpsl nghttp2 openssl libssh2', + options: '--with-openssl --with-brotli' } + + - { build: 'cmake' , platform: '35', name: "openssl", install: 'brotli zstd libpsl nghttp2 openssl libssh2', + options: '-DCURL_USE_OPENSSL=ON' } + + # FIXME: Must disable zstd explicitly, otherwise cmake/pkg-config finds it in /usr/include + # and the build fails. I had found no option to disable this behavior. Other default + # dependencies not offered via vcpkg may also need this. + - { build: 'cmake' , platform: '35', name: "boringssl !zstd", install: 'libpsl boringssl', + options: '-DCURL_USE_OPENSSL=ON -DOPENSSL_USE_STATIC_LIBS=ON -DCURL_ZSTD=OFF' } + + fail-fast: false + steps: + - name: 'vcpkg cache setup' + if: ${{ matrix.install }} + uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7 + with: + script: | + core.exportVariable('ACTIONS_CACHE_URL', process.env.ACTIONS_CACHE_URL || ''); + core.exportVariable('ACTIONS_RUNTIME_TOKEN', process.env.ACTIONS_RUNTIME_TOKEN || ''); + + - name: 'vcpkg versions' + if: ${{ matrix.install }} + timeout-minutes: 1 + run: | + git -C "$VCPKG_INSTALLATION_ROOT" show --no-patch --format='%H %ai' + vcpkg version + + - name: 'install prereqs for vcpkg' + if: contains(matrix.install, 'boringssl') + timeout-minutes: 5 + run: | + sudo rm -f /etc/apt/sources.list.d/microsoft-prod.list + sudo apt-get -o Dpkg::Use-Pty=0 update + sudo apt-get -o Dpkg::Use-Pty=0 install nasm + + - name: 'vcpkg build' + if: ${{ matrix.install }} + timeout-minutes: 20 + run: vcpkg x-set-installed ${{ matrix.install }} '--triplet=arm64-android' + + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 + with: + persist-credentials: false + + - name: 'autoreconf' + if: ${{ matrix.build == 'autotools' }} + run: autoreconf -fi + + - name: 'configure' + run: | + export PKG_CONFIG_PATH="$VCPKG_INSTALLATION_ROOT/installed/arm64-android/lib/pkgconfig" + if [ '${{ matrix.build }}' = 'cmake' ]; then # https://developer.android.com/ndk/guides/cmake + cmake -B bld \ + -DANDROID_ABI=arm64-v8a \ + -DANDROID_PLATFORM='android-${{ matrix.platform }}' \ + -DCMAKE_TOOLCHAIN_FILE="$VCPKG_INSTALLATION_ROOT/scripts/buildsystems/vcpkg.cmake" \ + -DVCPKG_CHAINLOAD_TOOLCHAIN_FILE=${ANDROID_NDK_HOME}/build/cmake/android.toolchain.cmake -DCMAKE_WARN_DEPRECATED=OFF \ + -DVCPKG_INSTALLED_DIR="$VCPKG_INSTALLATION_ROOT/installed" \ + -DVCPKG_TARGET_TRIPLET=arm64-android \ + -DCMAKE_UNITY_BUILD=ON -DCURL_TEST_BUNDLES=ON \ + -DCURL_WERROR=ON \ + ${{ matrix.options }} + else + TOOLCHAIN="${ANDROID_NDK_HOME}/toolchains/llvm/prebuilt/linux-x86_64" + mkdir bld && cd bld && ../configure --disable-dependency-tracking --enable-unity --enable-test-bundles --enable-warnings --enable-werror \ + CC="$TOOLCHAIN/bin/aarch64-linux-android${{ matrix.platform }}-clang" \ + AR="$TOOLCHAIN/bin/llvm-ar" \ + RANLIB="$TOOLCHAIN/bin/llvm-ranlib" \ + --host=aarch64-linux-android${{ matrix.platform }} \ + ${{ matrix.options }} + fi + + - name: 'configure log' + if: ${{ !cancelled() }} + run: cat bld/config.log bld/CMakeFiles/CMake*.yaml 2>/dev/null || true + + - name: 'curl_config.h' + run: | + echo '::group::raw'; cat bld/lib/curl_config.h || true; echo '::endgroup::' + grep -F '#define' bld/lib/curl_config.h | sort || true + + - name: 'build' + run: | + if [ '${{ matrix.build }}' = 'cmake' ]; then + cmake --build bld --verbose + else + make -C bld V=1 + fi + + - name: 'curl info' + run: find . -type f \( -name curl -o -name '*.so' -o -name '*.a' \) -exec file '{}' \; + + - name: 'build tests' + run: | + if [ '${{ matrix.build }}' = 'cmake' ]; then + cmake --build bld --target testdeps + else + make -C bld -C tests + fi + + - name: 'build examples' + run: | + if [ '${{ matrix.build }}' = 'cmake' ]; then + cmake --build bld --target curl-examples + else + make -C bld examples + fi + + amiga: + name: "AmigaOS, ${{ matrix.build == 'cmake' && 'CM' || 'AM' }} gcc AmiSSL m68k" + runs-on: 'ubuntu-latest' + timeout-minutes: 5 + env: + MAKEFLAGS: -j 5 + amissl-version: 5.18 + strategy: + matrix: + build: [autotools, cmake] + fail-fast: false + steps: + - name: 'install compiler' + if: ${{ steps.cache-compiler.outputs.cache-hit != 'true' }} + run: | + cd "${HOME}" || exit 1 + curl --disable --fail --silent --show-error --connect-timeout 15 --max-time 120 --retry 3 \ + --location https://github.com/bebbo/amiga-gcc/releases/download/Mechen/amiga-gcc.tgz | tar -xz + cd opt/appveyor || exit 1 + curl --disable --fail --silent --show-error --connect-timeout 15 --max-time 60 --retry 3 \ + --location https://github.com/jens-maus/amissl/releases/download/${{ env.amissl-version }}/AmiSSL-${{ env.amissl-version }}-SDK.lha --output bin.lha + 7z x -bd -y bin.lha + rm -f bin.lha + mv "$HOME/opt/appveyor" /opt + + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 + with: + persist-credentials: false + + - name: 'configure' + run: | + if [ '${{ matrix.build }}' = 'cmake' ]; then + cmake -B bld \ + -DAMIGA=1 \ + -DCMAKE_SYSTEM_NAME=Generic \ + -DCMAKE_SYSTEM_PROCESSOR=m68k \ + -DCMAKE_C_COMPILER_TARGET=m68k-unknown-amigaos \ + -DCMAKE_C_COMPILER=/opt/appveyor/build-agent/opt/amiga/bin/m68k-amigaos-gcc \ + -DCMAKE_C_FLAGS='-O0 -msoft-float -mcrt=clib2' \ + -DCMAKE_UNITY_BUILD=ON -DCURL_TEST_BUNDLES=ON \ + -DCURL_WERROR=ON \ + -DCURL_USE_LIBPSL=OFF \ + -DAMISSL_INCLUDE_DIR=/opt/appveyor/AmiSSL/Developer/include \ + -DAMISSL_STUBS_LIBRARY=/opt/appveyor/AmiSSL/Developer/lib/AmigaOS3/libamisslstubs.a \ + -DAMISSL_AUTO_LIBRARY=/opt/appveyor/AmiSSL/Developer/lib/AmigaOS3/libamisslauto.a + else + autoreconf -fi + mkdir bld && cd bld && ../configure --disable-dependency-tracking --enable-unity --enable-test-bundles --enable-warnings --enable-werror \ + CC=/opt/appveyor/build-agent/opt/amiga/bin/m68k-amigaos-gcc \ + AR=/opt/appveyor/build-agent/opt/amiga/bin/m68k-amigaos-ar \ + RANLIB=/opt/appveyor/build-agent/opt/amiga/bin/m68k-amigaos-ranlib \ + --host=m68k-amigaos \ + --disable-shared \ + --without-libpsl \ + --with-amissl \ + LDFLAGS=-L/opt/appveyor/AmiSSL/Developer/lib/AmigaOS3 \ + CPPFLAGS=-I/opt/appveyor/AmiSSL/Developer/include \ + CFLAGS='-O0 -msoft-float -mcrt=clib2' \ + LIBS='-lnet -lm -latomic' + fi + + - name: 'configure log' + if: ${{ !cancelled() }} + run: cat bld/config.log bld/CMakeFiles/CMake*.yaml 2>/dev/null || true + + - name: 'curl_config.h' + run: | + echo '::group::raw'; cat bld/lib/curl_config.h || true; echo '::endgroup::' + grep -F '#define' bld/lib/curl_config.h | sort || true + + - name: 'build' + run: | + if [ '${{ matrix.build }}' = 'cmake' ]; then + cmake --build bld + else + make -C bld + fi + + - name: 'curl info' + run: find . -type f \( -name curl -o -name '*.a' \) -exec file '{}' \; + + - name: 'build tests' + if: ${{ matrix.build == 'cmake' }} # skip for autotools to save time + run: | + if [ '${{ matrix.build }}' = 'cmake' ]; then + cmake --build bld --target testdeps + else + make -C bld -C tests + fi + + - name: 'build examples' + if: ${{ matrix.build == 'cmake' }} # skip for autotools to save time + run: | + if [ '${{ matrix.build }}' = 'cmake' ]; then + cmake --build bld --target curl-examples + else + make -C bld examples + fi + + msdos: + name: "MS-DOS, ${{ matrix.build == 'cmake' && 'CM' || 'AM' }} djgpp openssl i586" + runs-on: 'ubuntu-latest' + timeout-minutes: 5 + env: + MAKEFLAGS: -j 5 + toolchain-version: '3.4' + strategy: + matrix: + build: [autotools, cmake] + fail-fast: false + steps: + - name: 'install packages' + run: sudo apt-get -o Dpkg::Use-Pty=0 install libfl2 ${{ matrix.build == 'cmake' && 'ninja-build' || '' }} + + - name: 'cache compiler (djgpp)' + uses: actions/cache@d4323d4df104b026a6aa633fdb11d772146be0bf # v4 + id: cache-compiler + with: + path: ~/djgpp + key: ${{ runner.os }}-djgpp-${{ env.toolchain-version }}-amd64 + + - name: 'install compiler (djgpp)' + if: ${{ steps.cache-compiler.outputs.cache-hit != 'true' }} + run: | + cd "${HOME}" || exit 1 + curl --disable --fail --silent --show-error --connect-timeout 15 --max-time 120 --retry 3 \ + --location 'https://github.com/andrewwutw/build-djgpp/releases/download/v${{ env.toolchain-version }}/djgpp-linux64-gcc1220.tar.bz2' | tar -xj + cd djgpp || exit 1 + for f in wat3211b.zip zlb13b.zip ssl102ub.zip; do + curl --disable --fail --silent --show-error --connect-timeout 15 --max-time 60 --retry 3 \ + "https://www.delorie.com/pub/djgpp/current/v2tk/$f" --output bin.zip + unzip -q bin.zip + rm -f bin.zip + done + + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 + with: + persist-credentials: false + + - name: 'configure' + run: | + if [ '${{ matrix.build }}' = 'cmake' ]; then + cmake -B bld -G Ninja \ + -DCMAKE_SYSTEM_NAME=DOS \ + -DCMAKE_SYSTEM_PROCESSOR=x86 \ + -DCMAKE_C_COMPILER_TARGET=i586-pc-msdosdjgpp \ + -DCMAKE_C_COMPILER="$HOME/djgpp/bin/i586-pc-msdosdjgpp-gcc" \ + -DCMAKE_UNITY_BUILD=ON -DCURL_TEST_BUNDLES=ON \ + -DCURL_WERROR=ON \ + -DCURL_USE_LIBPSL=OFF \ + -DOPENSSL_INCLUDE_DIR="$HOME/djgpp/include" \ + -DOPENSSL_SSL_LIBRARY="$HOME/djgpp/lib/libssl.a" \ + -DOPENSSL_CRYPTO_LIBRARY="$HOME/djgpp/lib/libcrypto.a" \ + -DZLIB_INCLUDE_DIR="$HOME/djgpp/include" \ + -DZLIB_LIBRARY="$HOME/djgpp/lib/libz.a" \ + -DWATT_ROOT="$HOME/djgpp/net/watt" + else + autoreconf -fi + mkdir bld && cd bld && ../configure --disable-dependency-tracking --enable-unity --enable-test-bundles --enable-warnings --enable-werror \ + CC="$HOME/djgpp/bin/i586-pc-msdosdjgpp-gcc" \ + AR="$HOME/djgpp/bin/i586-pc-msdosdjgpp-ar" \ + RANLIB="$HOME/djgpp/bin/i586-pc-msdosdjgpp-ranlib" \ + WATT_ROOT="$HOME/djgpp/net/watt" \ + --host=i586-pc-msdosdjgpp \ + --with-openssl="$HOME/djgpp" \ + --with-zlib="$HOME/djgpp" \ + --without-libpsl \ + --disable-shared + fi + + - name: 'configure log' + if: ${{ !cancelled() }} + run: cat bld/config.log bld/CMakeFiles/CMake*.yaml 2>/dev/null || true + + - name: 'curl_config.h' + run: | + echo '::group::raw'; cat bld/lib/curl_config.h || true; echo '::endgroup::' + grep -F '#define' bld/lib/curl_config.h | sort || true + + - name: 'build' + run: | + if [ '${{ matrix.build }}' = 'cmake' ]; then + cmake --build bld + else + make -C bld + fi + + - name: 'curl info' + run: find . \( -name '*.exe' -o -name '*.a' \) -exec file '{}' \; + + - name: 'build tests' + if: ${{ matrix.build == 'cmake' }} # skip for autotools to save time + run: | + if [ '${{ matrix.build }}' = 'cmake' ]; then + cmake --build bld --target testdeps + else + make -C bld -C tests + fi + + - name: 'build examples' + if: ${{ matrix.build == 'cmake' }} # skip for autotools to save time + run: | + if [ '${{ matrix.build }}' = 'cmake' ]; then + cmake --build bld --target curl-examples + else + make -C bld examples + fi diff --git a/deps/curl/.github/workflows/windows.yml b/deps/curl/.github/workflows/windows.yml new file mode 100644 index 00000000..86a35391 --- /dev/null +++ b/deps/curl/.github/workflows/windows.yml @@ -0,0 +1,956 @@ +# Copyright (C) Viktor Szakats +# +# SPDX-License-Identifier: curl + +name: Windows + +'on': + push: + branches: + - master + - '*/ci' + paths-ignore: + - '**/*.md' + - '.circleci/**' + - 'appveyor.*' + - 'packages/**' + - 'plan9/**' + - 'projects/**' + - 'winbuild/**' + pull_request: + branches: + - master + paths-ignore: + - '**/*.md' + - '.circleci/**' + - 'appveyor.*' + - 'packages/**' + - 'plan9/**' + - 'projects/**' + - 'winbuild/**' + +concurrency: + group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.sha }} + cancel-in-progress: true + +permissions: {} + +jobs: + cygwin: + name: "cygwin, ${{ matrix.build == 'cmake' && 'CM' || 'AM' }} ${{ matrix.platform }} ${{ matrix.name }}" + runs-on: windows-latest + timeout-minutes: 25 + defaults: + run: + shell: C:\cygwin\bin\bash.exe '{0}' + env: + MAKEFLAGS: -j 5 + SHELLOPTS: 'igncr' + strategy: + matrix: + include: + - { build: 'automake', platform: 'x86_64', tflags: 'skiprun', config: '--with-openssl', install: 'libssl-devel', name: 'openssl R' } + - { build: 'cmake' , platform: 'x86_64', tflags: '' , config: '-DENABLE_DEBUG=ON -DCURL_USE_OPENSSL=ON -DENABLE_THREADED_RESOLVER=OFF', install: 'libssl-devel', name: 'openssl' } + fail-fast: false + steps: + - run: git config --global core.autocrlf input + shell: pwsh + + - uses: cygwin/cygwin-install-action@f61179d72284ceddc397ed07ddb444d82bf9e559 # v5 + with: + platform: ${{ matrix.platform }} + site: https://mirrors.kernel.org/sourceware/cygwin/ + # https://cygwin.com/cgi-bin2/package-grep.cgi + packages: >- + autoconf libtool gcc-core gcc-g++ binutils + ${{ matrix.build }} make ninja + openssh + libssh2-devel + libpsl-devel + zlib-devel + libbrotli-devel + libzstd-devel + libnghttp2-devel + + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 + with: + persist-credentials: false + + - name: 'autoreconf' + if: ${{ matrix.build == 'automake' }} + timeout-minutes: 2 + run: autoreconf -fi + + - name: 'configure' + timeout-minutes: 5 + run: | + PATH=/usr/bin + if [ '${{ matrix.build }}' = 'cmake' ]; then + cmake -B bld -G Ninja -D_CURL_PREFILL=ON ${options} \ + -DCMAKE_UNITY_BUILD=ON -DCMAKE_UNITY_BUILD_BATCH_SIZE=30 -DCURL_TEST_BUNDLES=ON \ + -DCURL_WERROR=ON \ + ${{ matrix.config }} + else + mkdir bld && cd bld && ../configure --enable-unity --enable-test-bundles --enable-warnings --enable-werror \ + --prefix="${HOME}"/install \ + --with-libssh2 \ + --disable-dependency-tracking \ + ${{ matrix.config }} + fi + + - name: 'configure log' + if: ${{ !cancelled() }} + run: cat bld/config.log bld/CMakeFiles/CMake*.yaml 2>/dev/null || true + + - name: 'curl_config.h' + run: | + echo '::group::raw'; cat bld/lib/curl_config.h || true; echo '::endgroup::' + grep -F '#define' bld/lib/curl_config.h | sort || true + + - name: 'build' + timeout-minutes: 10 + run: | + if [ '${{ matrix.build }}' = 'cmake' ]; then + cmake --build bld + else + make -C bld V=1 install + fi + + - name: 'curl version' + timeout-minutes: 1 + run: | + find . \( -name '*.exe' -o -name '*.dll' -o -name '*.a' \) -exec file '{}' \; + if [ '${{ matrix.build }}' = 'cmake' ]; then + PATH="$PWD/bld/lib:$PATH" + fi + bld/src/curl.exe --disable --version + + - name: 'build tests' + if: ${{ matrix.tflags != 'skipall' }} + timeout-minutes: 15 + run: | + if [ '${{ matrix.build }}' = 'cmake' ]; then + cmake --build bld --target testdeps + else + make -C bld V=1 -C tests + fi + + - name: 'run tests' + if: ${{ matrix.tflags != 'skipall' && matrix.tflags != 'skiprun' }} + timeout-minutes: 15 + run: | + export TFLAGS='-j8 ${{ matrix.tflags }} ~615' + if [ -x "$(cygpath "${SYSTEMROOT}/System32/curl.exe")" ]; then + TFLAGS+=" -ac $(cygpath "${SYSTEMROOT}/System32/curl.exe")" + fi + if [ '${{ matrix.build }}' = 'cmake' ]; then + PATH="$PWD/bld/lib:$PATH" + cmake --build bld --target test-ci + else + make -C bld V=1 test-ci + fi + + - name: 'build examples' + if: ${{ matrix.build == 'cmake' }} + timeout-minutes: 5 + run: | + if [ '${{ matrix.build }}' = 'cmake' ]; then + cmake --build bld --target curl-examples + else + make -C bld V=1 examples + fi + + msys2: # both msys and mingw-w64 + name: "${{ matrix.sys == 'msys' && 'msys2' || 'mingw' }}, ${{ matrix.build == 'cmake' && 'CM' || 'AM' }} ${{ matrix.env }} ${{ matrix.name }} ${{ matrix.test }}" + runs-on: windows-latest + timeout-minutes: 20 + defaults: + run: + shell: msys2 {0} + env: + MAKEFLAGS: -j 5 + strategy: + matrix: + include: + # MSYS + - { build: 'autotools', sys: 'msys' , env: 'x86_64' , tflags: '' , config: '--enable-debug --with-openssl --disable-threaded-resolver --disable-proxy', install: 'openssl-devel', name: '!proxy' } + - { build: 'autotools', sys: 'msys' , env: 'x86_64' , tflags: 'skiprun', config: '--enable-debug --with-openssl --disable-threaded-resolver', install: 'openssl-devel', name: 'default' } + - { build: 'cmake' , sys: 'msys' , env: 'x86_64' , tflags: '' , config: '-DENABLE_DEBUG=ON -DENABLE_THREADED_RESOLVER=OFF', install: 'openssl-devel', name: 'default' } + - { build: 'autotools', sys: 'msys' , env: 'x86_64' , tflags: '' , config: '--with-openssl', install: 'openssl-devel', name: 'default R' } + # MinGW + - { build: 'autotools', sys: 'mingw64', env: 'x86_64' , tflags: 'skiprun', config: '--enable-debug --with-openssl --disable-threaded-resolver --disable-curldebug --enable-static=no --without-zlib', install: 'mingw-w64-x86_64-openssl', name: 'default' } + - { build: 'autotools', sys: 'mingw64', env: 'x86_64' , tflags: '' , config: '--enable-debug --with-openssl --enable-windows-unicode --enable-ares --with-openssl-quic', install: 'mingw-w64-x86_64-openssl mingw-w64-x86_64-nghttp3', name: 'c-ares U' } + - { build: 'cmake' , sys: 'mingw64', env: 'x86_64' , tflags: '' , config: '-DENABLE_DEBUG=ON -DBUILD_SHARED_LIBS=OFF -DCURL_USE_SCHANNEL=ON -DENABLE_UNICODE=ON -DENABLE_ARES=ON', install: '', type: 'Debug', name: 'schannel c-ares U' } + - { build: 'cmake' , sys: 'clang64', env: 'clang-x86_64', tflags: '' , config: '-DENABLE_DEBUG=ON -DBUILD_SHARED_LIBS=OFF -DCURL_USE_GNUTLS=ON -DENABLE_UNICODE=OFF -DUSE_NGTCP2=ON', install: 'mingw-w64-clang-x86_64-gnutls mingw-w64-clang-x86_64-nghttp3 mingw-w64-clang-x86_64-ngtcp2', type: 'Debug', name: 'gnutls' } + - { build: 'cmake' , sys: 'ucrt64' , env: 'ucrt-x86_64' , tflags: 'skiprun', config: '-DENABLE_DEBUG=OFF -DBUILD_SHARED_LIBS=ON -DCURL_USE_SCHANNEL=ON -DENABLE_UNICODE=ON -DENABLE_CURLDEBUG=ON', install: '', type: 'Release', name: 'schannel R TrackMemory' } + - { build: 'cmake' , sys: 'clang64', env: 'clang-x86_64', tflags: 'skiprun', config: '-DENABLE_DEBUG=ON -DBUILD_SHARED_LIBS=OFF -DCURL_USE_OPENSSL=ON -DENABLE_UNICODE=OFF', install: 'mingw-w64-clang-x86_64-openssl', type: 'Release', name: 'openssl', chkprefill: '_chkprefill' } + - { build: 'cmake' , sys: 'ucrt64' , env: 'ucrt-x86_64' , tflags: 'skiprun', config: '-DENABLE_DEBUG=OFF -DBUILD_SHARED_LIBS=ON -DCURL_USE_SCHANNEL=ON', install: '', type: 'Release', test: 'uwp', name: 'schannel' } + # { build: 'autotools', sys: 'ucrt64' , env: 'ucrt-x86_64' , tflags: 'skiprun', config: '--without-debug --with-schannel --enable-shared', install: '', type: 'Release', test: 'uwp', name: 'schannel' } + - { build: 'cmake' , sys: 'mingw64', env: 'x86_64' , tflags: 'skiprun', config: '-DENABLE_DEBUG=ON -DBUILD_SHARED_LIBS=ON -DCURL_USE_SCHANNEL=ON -DENABLE_UNICODE=ON -DCMAKE_VERBOSE_MAKEFILE=ON', install: '', type: 'Debug', cflags: '-DCURL_SCHANNEL_DEV_DEBUG', name: 'schannel dev debug' } + - { build: 'cmake' , sys: 'mingw32', env: 'i686' , tflags: 'skiprun', config: '-DENABLE_DEBUG=OFF -DBUILD_SHARED_LIBS=ON -DCURL_USE_SCHANNEL=ON -DENABLE_UNICODE=ON', install: '', type: 'Release', name: 'schannel R' } + fail-fast: false + steps: + - run: git config --global core.autocrlf input + shell: pwsh + + - uses: msys2/setup-msys2@61f9e5e925871ba6c9e3e8da24ede83ea27fa91f # v2 + if: ${{ matrix.sys == 'msys' }} + with: + msystem: ${{ matrix.sys }} + # https://packages.msys2.org/search + install: >- + gcc + ${{ matrix.build }} ${{ matrix.build == 'autotools' && 'make' || 'ninja' }} + diffutils + zlib-devel + brotli-devel + libzstd-devel + libnghttp2-devel + libpsl-devel + libssh2-devel + ${{ matrix.install }} + + - uses: msys2/setup-msys2@61f9e5e925871ba6c9e3e8da24ede83ea27fa91f # v2 + if: ${{ matrix.sys != 'msys' }} + with: + msystem: ${{ matrix.sys }} + install: >- + mingw-w64-${{ matrix.env }}-cc + mingw-w64-${{ matrix.env }}-${{ matrix.build }} ${{ matrix.build == 'autotools' && 'make' || '' }} + mingw-w64-${{ matrix.env }}-diffutils + mingw-w64-${{ matrix.env }}-libssh2 + mingw-w64-${{ matrix.env }}-libpsl + mingw-w64-${{ matrix.env }}-c-ares + ${{ matrix.install }} + + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 + with: + persist-credentials: false + + - name: 'autoreconf' + if: ${{ matrix.build == 'autotools' }} + timeout-minutes: 2 + run: autoreconf -fi + + - name: 'configure' + timeout-minutes: 5 + run: | + if [ '${{ matrix.test }}' = 'uwp' ]; then + CPPFLAGS='-DWINSTORECOMPAT -DWINAPI_FAMILY=WINAPI_FAMILY_APP' + if [[ '${{ matrix.env }}' != 'clang'* ]]; then + specs="$(realpath gcc-specs-uwp)" + gcc -dumpspecs | sed -e 's/-lmingwex/-lwindowsapp -lmingwex -lwindowsapp/' -e 's/-lmsvcrt/-lucrtapp/' > "${specs}" + CFLAGS="-specs=${specs}" + CFLAGS_CMAKE="-specs=$(cygpath -w "${specs}")" + fi + fi + if [ '${{ matrix.build }}' = 'cmake' ]; then + for _chkprefill in '' ${{ matrix.chkprefill }}; do + if [[ '${{ matrix.env }}' = 'clang'* ]]; then + options='-DCMAKE_C_COMPILER=clang' + else + options='-DCMAKE_C_COMPILER=gcc' + fi + [ '${{ matrix.sys }}' = 'msys' ] && options+=' -D_CURL_PREFILL=ON' + [ '${{ matrix.test }}' = 'uwp' ] && options+=' -DCMAKE_SYSTEM_NAME=WindowsStore -DCMAKE_SYSTEM_VERSION=10.0' + [ "${_chkprefill}" = '_chkprefill' ] && options+=' -D_CURL_PREFILL=OFF' + cmake -B "bld${_chkprefill}" -G Ninja ${options} \ + -DCMAKE_C_FLAGS="${{ matrix.cflags }} ${CFLAGS_CMAKE} ${CPPFLAGS}" \ + -DCMAKE_BUILD_TYPE='${{ matrix.type }}' \ + -DCMAKE_UNITY_BUILD=ON -DCMAKE_UNITY_BUILD_BATCH_SIZE=30 -DCURL_TEST_BUNDLES=ON \ + -DCURL_WERROR=ON \ + ${{ matrix.config }} + done + if [ -d bld_chkprefill ] && ! diff -u bld/lib/curl_config.h bld_chkprefill/lib/curl_config.h; then + echo '::group::reference configure log'; cat bld_chkprefill/CMakeFiles/CMake*.yaml 2>/dev/null || true; echo '::endgroup::' + false + fi + else + export CFLAGS CPPFLAGS + mkdir bld && cd bld && ../configure --enable-unity --enable-test-bundles --enable-warnings --enable-werror \ + --prefix="${HOME}"/install \ + --with-libssh2 \ + --disable-dependency-tracking \ + ${{ matrix.config }} + fi + + - name: 'configure log' + if: ${{ !cancelled() }} + run: cat bld/config.log bld/CMakeFiles/CMake*.yaml 2>/dev/null || true + + - name: 'curl_config.h' + run: | + echo '::group::raw'; cat bld/lib/curl_config.h || true; echo '::endgroup::' + grep -F '#define' bld/lib/curl_config.h | sort || true + + - name: 'build' + timeout-minutes: 10 + run: | + if [ '${{ matrix.build }}' = 'cmake' ]; then + cmake --build bld + else + make -C bld V=1 install + fi + + - name: 'curl version' + timeout-minutes: 1 + run: | + if [ '${{ matrix.build }}' = 'cmake' ]; then + PATH="$PWD/bld/lib:$PATH" + else + PATH="$PWD/bld/lib/.libs:$PATH" + # avoid libtool's curl.exe wrapper + mv bld/src/.libs/curl.exe bld/src/curl.exe + fi + find . \( -name '*.exe' -o -name '*.dll' -o -name '*.a' \) -exec file '{}' \; + if [ '${{ matrix.test }}' != 'uwp' ]; then # curl: error initializing curl library + bld/src/curl.exe --disable --version + fi + + - name: 'build tests' + if: ${{ matrix.tflags != 'skipall' }} # Save time by skipping this for autotools + timeout-minutes: 10 + run: | + if [ '${{ matrix.build }}' = 'cmake' ]; then + cmake --build bld --target testdeps + else + make -C bld V=1 -C tests + fi + if [ '${{ matrix.build }}' != 'cmake' ]; then + # avoid libtool's .exe wrappers + mv bld/tests/http/clients/.libs/*.exe bld/tests/http/clients + mv bld/tests/libtest/.libs/*.exe bld/tests/libtest + mv bld/tests/server/.libs/*.exe bld/tests/server + mv bld/tests/unit/.libs/*.exe bld/tests/unit || true + fi + + - name: 'install test prereqs' + if: ${{ matrix.tflags != 'skipall' && matrix.tflags != 'skiprun' }} + timeout-minutes: 5 + run: | + /usr/bin/sed -i 's/^CheckSpace/#CheckSpace/' /etc/pacman.conf + /usr/bin/pacman --noconfirm --noprogressbar --sync --needed openssh + /c/ProgramData/chocolatey/choco.exe install --yes --no-progress --limit-output --timeout 180 --force stunnel || true + + - name: 'downgrade msys2-runtime' + if: ${{ matrix.tflags != 'skipall' && matrix.tflags != 'skiprun' && matrix.sys != 'msys' }} + timeout-minutes: 2 + # Downgrade to a known good MSYS2 runtime version to avoid the performance regression + # causing runtests.pl to run at 2-3x reduced speed. + run: exec /usr/bin/pacman --noconfirm --noprogressbar --upgrade https://mirror.msys2.org/msys/x86_64/msys2-runtime-3.5.4-8-x86_64.pkg.tar.zst + + - name: 'run tests' + if: ${{ matrix.tflags != 'skipall' && matrix.tflags != 'skiprun' }} + timeout-minutes: 10 + run: | + export TFLAGS='-j8 ${{ matrix.tflags }}' + if [ '${{ matrix.sys }}' != 'msys' ]; then + TFLAGS+=' ~612' # 'SFTP post-quote remove file' SFTP, post-quote + fi + TFLAGS+=' ~613' # 'SFTP directory retrieval' SFTP, directory + if [ -x "$(cygpath "${SYSTEMROOT}/System32/curl.exe")" ]; then + TFLAGS+=" -ac $(cygpath "${SYSTEMROOT}/System32/curl.exe")" + fi + PATH="$PATH:/c/Program Files (x86)/stunnel/bin" + if [ '${{ matrix.build }}' = 'cmake' ]; then + PATH="$PWD/bld/lib:$PATH" + cmake --build bld --target test-ci + else + PATH="$PWD/bld/lib/.libs:$PATH" + make -C bld V=1 test-ci + fi + + - name: 'build examples' + if: ${{ matrix.build == 'cmake' || (matrix.tflags == 'skipall' || matrix.tflags == 'skiprun') }} # Save time by skipping this for autotools running tests + timeout-minutes: 5 + run: | + if [ '${{ matrix.build }}' = 'cmake' ]; then + cmake --build bld --target curl-examples + else + make -C bld V=1 examples + fi + + mingw-w64-standalone-downloads: + name: 'dl-mingw, CM ${{ matrix.ver }}-${{ matrix.env }} ${{ matrix.name }}' + runs-on: windows-latest + timeout-minutes: 20 + defaults: + run: + shell: msys2 {0} + env: + MAKEFLAGS: -j 5 + strategy: + matrix: + include: + - name: 'schannel' + dir: 'mingw64' + env: 'x86_64' + ver: '9.5.0' + url: 'https://github.com/brechtsanders/winlibs_mingw/releases/download/9.5.0-10.0.0-msvcrt-r1/winlibs-x86_64-posix-seh-gcc-9.5.0-mingw-w64msvcrt-10.0.0-r1.7z' + config: '-DENABLE_DEBUG=ON -DBUILD_SHARED_LIBS=OFF -DCURL_USE_SCHANNEL=ON -DENABLE_UNICODE=OFF' + type: 'Release' + - name: 'schannel mbedtls U' + dir: 'mingw64' + env: 'x86_64' + ver: '7.3.0' + url: 'https://downloads.sourceforge.net/mingw-w64/Toolchains%20targetting%20Win64/Personal%20Builds/mingw-builds/7.3.0/threads-win32/seh/x86_64-7.3.0-release-win32-seh-rt_v5-rev0.7z' + config: '-DENABLE_DEBUG=ON -DBUILD_SHARED_LIBS=OFF -DCURL_USE_SCHANNEL=ON -DENABLE_UNICODE=ON -DCURL_USE_MBEDTLS=ON' + install: mingw-w64-x86_64-mbedtls + type: 'Release' + tflags: 'skiprun' + - name: 'schannel !unity' + dir: 'mingw32' + env: 'i686' + ver: '6.4.0' + url: 'https://downloads.sourceforge.net/mingw-w64/Toolchains%20targetting%20Win32/Personal%20Builds/mingw-builds/6.4.0/threads-win32/dwarf/i686-6.4.0-release-win32-dwarf-rt_v5-rev0.7z' + config: '-DENABLE_DEBUG=ON -DBUILD_SHARED_LIBS=OFF -DCURL_USE_SCHANNEL=ON -DENABLE_UNICODE=OFF -DCMAKE_UNITY_BUILD=OFF' + type: 'Debug' + tflags: 'skiprun' + fail-fast: false + steps: + - uses: msys2/setup-msys2@d44ca8e88d8b43d56cf5670f91747359d5537f97 # v2 + with: + msystem: ${{ matrix.dir }} + release: false + update: false + cache: false + path-type: inherit + install: >- + mingw-w64-${{ matrix.env }}-libpsl + ${{ matrix.install }} + + - name: 'cache compiler (gcc ${{ matrix.ver }}-${{ matrix.env }})' + uses: actions/cache@d4323d4df104b026a6aa633fdb11d772146be0bf # v4 + id: cache-compiler + with: + path: ~\my-cache + key: ${{ runner.os }}-mingw-w64-${{ matrix.ver }}-${{ matrix.env }} + + - name: 'install compiler (gcc ${{ matrix.ver }}-${{ matrix.env }})' + if: ${{ steps.cache-compiler.outputs.cache-hit != 'true' }} + timeout-minutes: 5 + run: | + cd "${USERPROFILE}" || exit 1 + mkdir my-cache + cd my-cache || exit 1 + curl --fail --silent --show-error --retry 3 --retry-connrefused --output pack.bin --location --proto-redir =https '${{ matrix.url }}' + pwd + 7z x -y pack.bin >/dev/null + rm -r -f pack.bin + ls -l + + - run: git config --global core.autocrlf input + + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 + with: + persist-credentials: false + + - name: 'configure' + timeout-minutes: 5 + run: | + PATH="$(cygpath "${USERPROFILE}")/my-cache/${{ matrix.dir }}/bin:$PATH" + for _chkprefill in '' ${{ matrix.chkprefill }}; do + options='' + [ "${_chkprefill}" = '_chkprefill' ] && options+=' -D_CURL_PREFILL=OFF' + cmake -B "bld${_chkprefill}" -G "${{ contains(matrix.url, '/winlibs_mingw/') && 'Ninja' || 'MSYS Makefiles' }}" ${options} \ + -DCMAKE_C_COMPILER=gcc \ + -DCMAKE_BUILD_TYPE='${{ matrix.type }}' \ + -DCMAKE_UNITY_BUILD=ON -DCMAKE_UNITY_BUILD_BATCH_SIZE=30 -DCURL_TEST_BUNDLES=ON \ + -DCURL_WERROR=ON \ + -DUSE_LIBIDN2=OFF \ + ${{ matrix.config }} + done + if [ -d bld_chkprefill ] && ! diff -u bld/lib/curl_config.h bld_chkprefill/lib/curl_config.h; then + echo '::group::reference configure log'; cat bld_chkprefill/CMakeFiles/CMake*.yaml 2>/dev/null || true; echo '::endgroup::' + false + fi + + - name: 'configure log' + if: ${{ !cancelled() }} + run: cat bld/CMakeFiles/CMake*.yaml 2>/dev/null || true + + - name: 'curl_config.h' + run: | + echo '::group::raw'; cat bld/lib/curl_config.h || true; echo '::endgroup::' + grep -F '#define' bld/lib/curl_config.h | sort || true + + - name: 'build' + timeout-minutes: 5 + run: | + PATH="$(cygpath "${USERPROFILE}")/my-cache/${{ matrix.dir }}/bin:$PATH" + cmake --build bld + + - name: 'curl version' + timeout-minutes: 1 + run: | + PATH=/usr/bin find . \( -name '*.exe' -o -name '*.dll' -o -name '*.a' \) -exec file '{}' \; + PATH="$PWD/bld/lib:$PATH" + bld/src/curl.exe --disable --version + + - name: 'build tests' + if: ${{ matrix.tflags != 'skipall' }} + timeout-minutes: 10 + run: | + PATH="$(cygpath "${USERPROFILE}")/my-cache/${{ matrix.dir }}/bin:$PATH" + cmake --build bld --target testdeps + + - name: 'install test prereqs' + if: ${{ matrix.tflags != 'skipall' && matrix.tflags != 'skiprun' }} + timeout-minutes: 5 + run: | + /usr/bin/sed -i 's/^CheckSpace/#CheckSpace/' /etc/pacman.conf + /c/ProgramData/chocolatey/choco.exe install --yes --no-progress --limit-output --timeout 180 --force stunnel || true + python3 -m pip --disable-pip-version-check --no-input --no-cache-dir install --progress-bar off --prefer-binary impacket + + - name: 'downgrade msys2-runtime' + if: ${{ matrix.tflags != 'skipall' && matrix.tflags != 'skiprun' }} + timeout-minutes: 2 + # Downgrade to a known good MSYS2 runtime version to avoid the performance regression + # causing runtests.pl to run at 2-3x reduced speed. + run: exec /usr/bin/pacman --noconfirm --noprogressbar --upgrade https://mirror.msys2.org/msys/x86_64/msys2-runtime-3.5.4-8-x86_64.pkg.tar.zst + + - name: 'run tests' + if: ${{ matrix.tflags != 'skipall' && matrix.tflags != 'skiprun' }} + timeout-minutes: 10 + run: | + PATH="$(cygpath "${USERPROFILE}")/my-cache/${{ matrix.dir }}/bin:$PATH" + export TFLAGS='-j8 ${{ matrix.tflags }}' + if [ -x "$(cygpath "${SYSTEMROOT}/System32/curl.exe")" ]; then + TFLAGS+=" -ac $(cygpath "${SYSTEMROOT}/System32/curl.exe")" + fi + PATH="$PWD/bld/lib:$PATH:/c/Program Files (x86)/stunnel/bin" + cmake --build bld --target test-ci + + - name: 'build examples' + timeout-minutes: 5 + run: | + PATH="$(cygpath "${USERPROFILE}")/my-cache/${{ matrix.dir }}/bin:$PATH" + cmake --build bld --target curl-examples + + linux-cross-mingw-w64: + name: "linux-mingw, ${{ matrix.build == 'cmake' && 'CM' || 'AM' }} ${{ matrix.compiler }}" + runs-on: ubuntu-latest + timeout-minutes: 15 + env: + MAKEFLAGS: -j 5 + TRIPLET: 'x86_64-w64-mingw32' + strategy: + fail-fast: false + matrix: + build: [autotools, cmake] + compiler: [gcc] + steps: + - name: 'install packages' + timeout-minutes: 5 + run: sudo apt-get -o Dpkg::Use-Pty=0 install mingw-w64 ${{ matrix.build == 'cmake' && 'ninja-build' || '' }} + + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 + with: + persist-credentials: false + + - name: 'autoreconf' + if: ${{ matrix.build == 'autotools' }} + run: autoreconf -fi + + - name: 'configure' + run: | + if [ '${{ matrix.build }}' = 'cmake' ]; then + cmake -B bld -G Ninja \ + -DCMAKE_SYSTEM_NAME=Windows \ + -DCMAKE_C_COMPILER_TARGET="${TRIPLET}" \ + -DCMAKE_C_COMPILER="${TRIPLET}-gcc" \ + -DCMAKE_UNITY_BUILD=ON -DCURL_TEST_BUNDLES=ON \ + -DCURL_WERROR=ON \ + -DCURL_USE_SCHANNEL=ON -DUSE_WIN32_IDN=ON \ + -DCURL_USE_LIBPSL=OFF + else + mkdir bld && cd bld && ../configure --enable-unity --enable-test-bundles --enable-warnings --enable-werror \ + --host="${TRIPLET}" \ + --with-schannel --with-winidn \ + --without-libpsl \ + --disable-dependency-tracking + fi + + - name: 'configure log' + if: ${{ !cancelled() }} + run: cat bld/config.log bld/CMakeFiles/CMake*.yaml 2>/dev/null || true + + - name: 'curl_config.h' + run: | + echo '::group::raw'; cat bld/lib/curl_config.h || true; echo '::endgroup::' + grep -F '#define' bld/lib/curl_config.h | sort || true + + - name: 'build' + run: | + if [ '${{ matrix.build }}' = 'cmake' ]; then + cmake --build bld + else + make -C bld + fi + + - name: 'curl info' + run: find . \( -name '*.exe' -o -name '*.dll' -o -name '*.a' \) -exec file '{}' \; + + - name: 'build tests' + if: ${{ matrix.build == 'cmake' }} # Save time by skipping this for autotools + run: | + if [ '${{ matrix.build }}' = 'cmake' ]; then + cmake --build bld --target testdeps + else + make -C bld -C tests + fi + + - name: 'build examples' + run: | + if [ '${{ matrix.build }}' = 'cmake' ]; then + cmake --build bld --target curl-examples + else + make -C bld examples + fi + + wince: + name: "mingw32ce, ${{ matrix.build == 'cmake' && 'CM' || 'AM' }} 4.4.0-arm schannel" + runs-on: 'macos-latest' + timeout-minutes: 10 + env: + MAKEFLAGS: -j 4 + toolchain-version: '0.59.1' + strategy: + matrix: + build: [autotools, cmake] + fail-fast: false + steps: + - name: 'install packages' + if: ${{ matrix.build == 'autotools' }} + timeout-minutes: 5 + run: | + echo automake libtool | xargs -Ix -n1 echo brew '"x"' > /tmp/Brewfile + while [[ $? == 0 ]]; do for i in 1 2 3; do brew update && brew bundle install --file /tmp/Brewfile && break 2 || { echo Error: wait to try again; sleep 10; } done; false Too many retries; done + + - name: 'cache compiler (mingw32ce)' + uses: actions/cache@d4323d4df104b026a6aa633fdb11d772146be0bf # v4 + id: cache-compiler + with: + path: ~/opt/mingw32ce + key: ${{ runner.os }}-mingw32ce-${{ env.toolchain-version }}-amd64 + + - name: 'install compiler (mingw32ce)' + if: ${{ steps.cache-compiler.outputs.cache-hit != 'true' }} + timeout-minutes: 5 + run: | + cd "${HOME}" || exit 1 + curl --disable --fail --silent --show-error --connect-timeout 15 --max-time 120 --retry 3 --retry-connrefused --proto-redir =https \ + --location 'https://downloads.sourceforge.net/cegcc/cegcc/${{ env.toolchain-version }}/cegcc_mingw32ce_snowleopard_r1397.tar.bz2' | tar -x + ls -l + + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 + + - name: 'configure' + run: | + PATH="$HOME/opt/mingw32ce/bin:$PATH" + if [ '${{ matrix.build }}' = 'cmake' ]; then + cmake -B bld \ + -DCMAKE_SYSTEM_NAME=WindowsCE \ + -DCMAKE_SYSTEM_VERSION=8.0 \ + -DCMAKE_SYSTEM_PROCESSOR=arm \ + -DCMAKE_C_FLAGS='-O3 -DNDEBUG' \ + -DCMAKE_C_COMPILER_TARGET=arm-mingw32ce \ + -DCMAKE_C_COMPILER=arm-mingw32ce-gcc \ + -DCMAKE_RC_COMPILER=arm-mingw32ce-windres \ + -DMINGW32CE_LIBRARY_DIR="$HOME/opt/mingw32ce/arm-mingw32ce/lib" \ + -DCMAKE_IGNORE_PREFIX_PATH="$(brew --prefix)" \ + -DCMAKE_UNITY_BUILD=ON -DCMAKE_UNITY_BUILD_BATCH_SIZE=50 -DCURL_TEST_BUNDLES=ON \ + -DBUILD_SHARED_LIBS=ON -DBUILD_STATIC_LIBS=ON -DBUILD_STATIC_CURL=OFF \ + -DCURL_WERROR=ON \ + -DCURL_USE_SCHANNEL=ON \ + -DCURL_USE_LIBPSL=OFF + else + autoreconf -fi + mkdir bld && cd bld && ../configure --disable-dependency-tracking --enable-unity --enable-test-bundles --enable-warnings --enable-werror \ + --host=arm-mingw32ce \ + --with-schannel \ + --without-libpsl \ + --disable-shared + fi + + - name: 'configure log' + if: ${{ !cancelled() }} + run: cat bld/config.log bld/CMakeFiles/CMake*.yaml 2>/dev/null || true + + - name: 'curl_config.h' + run: | + echo '::group::raw'; cat bld/lib/curl_config.h || true; echo '::endgroup::' + grep -F '#define' bld/lib/curl_config.h | sort || true + + - name: 'build' + run: | + PATH="$HOME/opt/mingw32ce/bin:$PATH" + if [ '${{ matrix.build }}' = 'cmake' ]; then + cmake --build bld + else + make -C bld + fi + + - name: 'curl info' + run: | + find . \( -name '*.exe' -o -name '*.dll' -o -name '*.a' \) -exec file '{}' \; + + - name: 'build tests' + if: ${{ matrix.build == 'cmake' }} # skip for autotools to save time + run: | + PATH="$HOME/opt/mingw32ce/bin:$PATH" + if [ '${{ matrix.build }}' = 'cmake' ]; then + cmake --build bld --target testdeps + else + make -C bld -C tests + fi + + - name: 'build examples' + if: ${{ matrix.build == 'cmake' }} # skip for autotools to save time + run: | + PATH="$HOME/opt/mingw32ce/bin:$PATH" + if [ '${{ matrix.build }}' = 'cmake' ]; then + cmake --build bld --target curl-examples + else + make -C bld examples + fi + + msvc: + name: 'msvc, CM ${{ matrix.arch }}-${{ matrix.plat }} ${{ matrix.name }}' + runs-on: windows-latest + timeout-minutes: 55 + defaults: + run: + shell: msys2 {0} + env: + VCPKG_BINARY_SOURCES: 'clear;x-gha,readwrite' + VCPKG_DISABLE_METRICS: '1' + strategy: + matrix: + include: + - name: 'openssl +examples' + install: 'brotli zlib zstd nghttp2 nghttp3 openssl libssh2' + arch: 'x64' + plat: 'uwp' + type: 'Debug' + tflags: 'skiprun' + config: >- + -DENABLE_DEBUG=ON + -DCURL_USE_LIBSSH2=ON + -DCURL_USE_SCHANNEL=OFF -DCURL_USE_OPENSSL=ON -DUSE_OPENSSL_QUIC=ON + -DCURL_USE_LIBPSL=OFF + + - name: 'openssl' + install: 'brotli zlib zstd libpsl nghttp2 nghttp3 openssl libssh2 pkgconf gsasl c-ares libuv krb5' + arch: 'x64' + plat: 'windows' + type: 'Debug' + config: >- + -DENABLE_DEBUG=ON + -DCURL_USE_LIBSSH2=ON + -DCURL_USE_SCHANNEL=OFF -DCURL_USE_OPENSSL=ON -DUSE_OPENSSL_QUIC=ON + -DCURL_USE_GSASL=ON -DENABLE_ARES=ON -DCURL_USE_LIBUV=ON -DCURL_USE_GSSAPI=ON + + - name: 'schannel MultiSSL U' + # GnuTLS is not fully functional with MSVC, build-test only + # https://github.com/ShiftMediaProject/gnutls/issues/23 + install: 'brotli zlib zstd libpsl nghttp2 libssh2[core,zlib] pkgconf gsasl shiftmedia-libgnutls openssl mbedtls wolfssl' + arch: 'x64' + plat: 'windows' + type: 'Debug' + config: >- + -DENABLE_DEBUG=ON + -DCURL_USE_LIBSSH2=ON + -DCURL_USE_SCHANNEL=ON -DCURL_USE_GNUTLS=ON -DCURL_USE_OPENSSL=ON -DCURL_USE_MBEDTLS=ON -DCURL_USE_WOLFSSL=ON -DCURL_DEFAULT_SSL_BACKEND=schannel + -DCURL_USE_GSASL=ON -DUSE_WIN32_IDN=ON -DENABLE_UNICODE=ON -DUSE_SSLS_EXPORT=ON + + - name: 'libressl' + install: 'brotli zlib zstd libpsl nghttp2 libressl libssh2[core,zlib] pkgconf ngtcp2[libressl] nghttp3' + arch: 'x64' + plat: 'windows' + type: 'Debug' + config: >- + -DENABLE_DEBUG=ON + -DCURL_USE_LIBSSH2=ON + -DCURL_USE_SCHANNEL=OFF -DCURL_USE_OPENSSL=ON -DUSE_NGTCP2=ON + -DCURL_CA_SEARCH_SAFE=ON -DUSE_SSLS_EXPORT=ON + + - name: 'boringssl' + install: 'brotli zlib zstd libpsl nghttp2 boringssl libssh2[core,zlib]' + arch: 'x64' + plat: 'windows' + type: 'Debug' + config: >- + -DENABLE_DEBUG=OFF + -DCURL_USE_LIBSSH2=ON + -DCURL_USE_SCHANNEL=OFF -DCURL_USE_OPENSSL=ON + -DUSE_ECH=ON + + - name: 'wolfssl +examples' + install: 'brotli zlib zstd libpsl nghttp2 wolfssl libssh2 pkgconf gsasl ngtcp2[wolfssl] nghttp3' + arch: 'x64' + plat: 'windows' + type: 'Debug' + config: >- + -DENABLE_DEBUG=ON + -DCURL_USE_LIBSSH2=ON + -DCURL_USE_SCHANNEL=OFF -DCURL_USE_WOLFSSL=ON -DUSE_NGTCP2=ON + -DCURL_USE_GSASL=ON + -DUSE_ECH=ON + + - name: 'mbedtls libssh' + install: 'brotli zlib zstd libpsl nghttp2 mbedtls libssh pkgconf gsasl' + arch: 'x64' + plat: 'windows' + type: 'Debug' + chkprefill: '_chkprefill' + # WARNING: libssh uses hard-coded world-writable paths (/etc/..., ~/.ssh/) to + # read its configuration from, making it vulnerable to attacks on + # Windows. Do not use this component till there is a fix for these. + # https://github.com/curl/curl-for-win/blob/3951808deb04df9489ee17430f236ed54436f81a/libssh.sh#L6-L8 + config: >- + -DENABLE_DEBUG=ON + -DCURL_USE_LIBSSH2=OFF -DCURL_USE_LIBSSH=ON + -DCURL_USE_SCHANNEL=OFF -DCURL_USE_MBEDTLS=ON + -DCURL_USE_GSASL=ON + + fail-fast: false + steps: + - uses: msys2/setup-msys2@d44ca8e88d8b43d56cf5670f91747359d5537f97 # v2 + with: + msystem: ucrt64 + release: false + update: false + cache: false + path-type: inherit + + - name: 'vcpkg cache setup' + uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7 + with: + script: | + core.exportVariable('ACTIONS_CACHE_URL', process.env.ACTIONS_CACHE_URL || ''); + core.exportVariable('ACTIONS_RUNTIME_TOKEN', process.env.ACTIONS_RUNTIME_TOKEN || ''); + + - name: 'vcpkg versions' + timeout-minutes: 1 + run: | + git -C "$VCPKG_INSTALLATION_ROOT" show --no-patch --format='%H %ai' + vcpkg version + + - name: 'vcpkg build' + timeout-minutes: 35 + run: vcpkg x-set-installed ${{ matrix.install }} '--triplet=${{ matrix.arch }}-${{ matrix.plat }}' + + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 + with: + persist-credentials: false + + - name: 'configure' + timeout-minutes: 5 + run: | + for _chkprefill in '' ${{ matrix.chkprefill }}; do + options='' + if [ '${{ matrix.plat }}' = 'uwp' ]; then + options+=' -DCMAKE_SYSTEM_NAME=WindowsStore -DCMAKE_SYSTEM_VERSION=10.0' + cflags='-DWINAPI_FAMILY=WINAPI_FAMILY_PC_APP' + ldflags='-OPT:NOREF -OPT:NOICF -APPCONTAINER:NO' + vsglobals=';AppxPackage=false;WindowsAppContainer=false' + fi + [ '${{ matrix.arch }}' = 'arm64' ] && options+=' -A ARM64' + [ '${{ matrix.arch }}' = 'x64' ] && options+=' -A x64' + [ '${{ matrix.arch }}' = 'x86' ] && options+=' -A Win32' + [ "${_chkprefill}" = '_chkprefill' ] && options+=' -D_CURL_PREFILL=OFF' + cmake -B "bld${_chkprefill}" ${options} \ + -DCMAKE_TOOLCHAIN_FILE="$VCPKG_INSTALLATION_ROOT/scripts/buildsystems/vcpkg.cmake" \ + -DVCPKG_INSTALLED_DIR="$VCPKG_INSTALLATION_ROOT/installed" \ + -DVCPKG_TARGET_TRIPLET='${{ matrix.arch }}-${{ matrix.plat }}' \ + -DCMAKE_C_FLAGS="${cflags}" \ + -DCMAKE_EXE_LINKER_FLAGS="-INCREMENTAL:NO ${ldflags}" \ + -DCMAKE_SHARED_LINKER_FLAGS="-INCREMENTAL:NO ${ldflags}" \ + -DCMAKE_VS_GLOBALS="TrackFileAccess=false${vsglobals}" \ + -DCMAKE_UNITY_BUILD=ON -DCURL_TEST_BUNDLES=ON \ + -DCURL_WERROR=ON \ + -DBUILD_SHARED_LIBS=OFF \ + ${{ matrix.config }} + done + if [ -d bld_chkprefill ] && ! diff -u bld/lib/curl_config.h bld_chkprefill/lib/curl_config.h; then + echo '::group::reference configure log'; cat bld_chkprefill/CMakeFiles/CMake*.yaml 2>/dev/null || true; echo '::endgroup::' + false + fi + + - name: 'configure log' + if: ${{ !cancelled() }} + run: cat bld/CMakeFiles/CMake*.yaml 2>/dev/null || true + + - name: 'curl_config.h' + run: | + echo '::group::raw'; cat bld/lib/curl_config.h || true; echo '::endgroup::' + grep -F '#define' bld/lib/curl_config.h | sort || true + + - name: 'build' + timeout-minutes: 5 + run: cmake --build bld --config '${{ matrix.type }}' --parallel 5 + + - name: 'curl version' + timeout-minutes: 1 + run: | + PATH=/usr/bin find . \( -name '*.exe' -o -name '*.dll' -o -name '*.lib' -o -name '*.pdb' \) -exec file '{}' \; + if [ '${{ matrix.plat }}' != 'uwp' ]; then # Missing: ucrtbased.dll, VCRUNTIME140D.dll, VCRUNTIME140D_APP.dll + PATH="$PWD/bld/lib/${{ matrix.type }}:$PATH" + 'bld/src/${{ matrix.type }}/curl.exe' --disable --version + fi + + - name: 'build tests' + if: ${{ matrix.tflags != 'skipall' }} + timeout-minutes: 10 + run: cmake --build bld --config '${{ matrix.type }}' --parallel 5 --target testdeps + + - name: 'install test prereqs' + if: ${{ matrix.tflags != 'skipall' && matrix.tflags != 'skiprun' }} + timeout-minutes: 5 + run: | + /usr/bin/sed -i 's/^CheckSpace/#CheckSpace/' /etc/pacman.conf + if [ '${{ matrix.openssh }}' = '' ]; then # MSYS2 openssh + /usr/bin/pacman --noconfirm --noprogressbar --sync --needed openssh + else # OpenSSH-Windows + [ '${{ matrix.openssh }}' = 'OpenSSH-Windows-Pre' ] && chocopkg+=' --prerelease' + chocopkg+=' openssh' + fi + /c/ProgramData/chocolatey/choco.exe install --yes --no-progress --limit-output --timeout 180 --force ${chocopkg} stunnel || true + python3 -m pip --disable-pip-version-check --no-input --no-cache-dir install --progress-bar off --prefer-binary impacket + + - name: 'downgrade msys2-runtime' + if: ${{ matrix.tflags != 'skipall' && matrix.tflags != 'skiprun' }} + timeout-minutes: 2 + # Downgrade to a known good MSYS2 runtime version to avoid the performance regression + # causing runtests.pl to run at 2-3x reduced speed. + run: exec /usr/bin/pacman --noconfirm --noprogressbar --upgrade https://mirror.msys2.org/msys/x86_64/msys2-runtime-3.5.4-8-x86_64.pkg.tar.zst + + - name: 'run tests' + if: ${{ matrix.tflags != 'skipall' && matrix.tflags != 'skiprun' }} + timeout-minutes: 10 + run: | + export CURL_DIRSUFFIX='${{ matrix.type }}' + export TFLAGS='-j8 ${{ matrix.tflags }}' + if [[ '${{ matrix.install }}' = *'libssh2[core,zlib]'* ]]; then + TFLAGS+=' !SCP !SFTP' # Fail with all tested openssh servers: curl: (67) Authentication failure + fi + TFLAGS+=' ~612' # 'SFTP post-quote remove file' SFTP, post-quote + if [ '${{ matrix.openssh }}' = '' ]; then # MSYS2 openssh + TFLAGS+=' ~613' # 'SFTP directory retrieval' SFTP, directory + else # OpenSSH-Windows + TFLAGS+=' ~601 ~603 ~617 ~619 ~621 ~641 ~665 ~2004' # SCP + if [[ '${{ matrix.install }}' = *'libssh '* ]]; then + TFLAGS+=' ~614' # 'SFTP pre-quote chmod' SFTP, pre-quote, directory + else + TFLAGS+=' ~3022' # 'SCP correct sha256 host key' SCP, server sha256 key check + fi + PATH="$PATH:/c/Program Files/OpenSSH-Win64" + fi + PATH="$PWD/bld/lib/${{ matrix.type }}:$PATH:/c/Program Files (x86)/stunnel/bin" + cmake --build bld --config '${{ matrix.type }}' --target test-ci + + - name: 'build examples' + timeout-minutes: 5 + if: ${{ contains(matrix.name, '+examples') }} + run: cmake --build bld --config '${{ matrix.type }}' --parallel 5 --target curl-examples diff --git a/deps/curl/CHANGES.md b/deps/curl/CHANGES.md new file mode 100644 index 00000000..6e2f7c6b --- /dev/null +++ b/deps/curl/CHANGES.md @@ -0,0 +1,12 @@ + + +In a release tarball, check the RELEASES-NOTES file for what was done in the +most recent release. In a git check-out, that file mentions changes that have +been done since the previous release. + +See the online [changelog](https://curl.se/changes.html) for the edited and +human readable version of what has changed in different curl releases. diff --git a/deps/curl/CMakeLists.txt b/deps/curl/CMakeLists.txt new file mode 100644 index 00000000..5cef817c --- /dev/null +++ b/deps/curl/CMakeLists.txt @@ -0,0 +1,2512 @@ +#*************************************************************************** +# _ _ ____ _ +# Project ___| | | | _ \| | +# / __| | | | |_) | | +# | (__| |_| | _ <| |___ +# \___|\___/|_| \_\_____| +# +# Copyright (C) Daniel Stenberg, , et al. +# +# This software is licensed as described in the file COPYING, which +# you should have received as part of this distribution. The terms +# are also available at https://curl.se/docs/copyright.html. +# +# You may opt to use, copy, modify, merge, publish, distribute and/or sell +# copies of the Software, and permit persons to whom the Software is +# furnished to do so, under the terms of the COPYING file. +# +# This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY +# KIND, either express or implied. +# +# SPDX-License-Identifier: curl +# +########################################################################### +# by Tetetest and Sukender (Benoit Neil) + +# Note: By default this CMake build script detects the version of some +# dependencies using `check_symbol_exists`. Those checks do not work in +# the case that both CURL and its dependency are included as sub-projects +# in a larger build using `FetchContent`. To support that case, additional +# variables may be defined by the parent project, ideally in the "extra" +# find package redirect file: +# https://cmake.org/cmake/help/latest/module/FetchContent.html#integrating-with-find-package +# +# The following variables are available: +# HAVE_SSL_SET0_WBIO: `SSL_set0_wbio` present in OpenSSL +# HAVE_OPENSSL_SRP: `SSL_CTX_set_srp_username` present in OpenSSL +# HAVE_GNUTLS_SRP: `gnutls_srp_verifier` present in GnuTLS +# HAVE_SSL_SET_QUIC_USE_LEGACY_CODEPOINT: `SSL_set_quic_use_legacy_codepoint` present in OpenSSL/wolfSSL +# HAVE_QUICHE_CONN_SET_QLOG_FD: `quiche_conn_set_qlog_fd` present in quiche +# HAVE_ECH: ECH API checks for OpenSSL, BoringSSL or wolfSSL +# +# For each of the above variables, if the variable is DEFINED (either +# to ON or OFF), the symbol detection is skipped. If the variable is +# NOT DEFINED, the symbol detection is performed. + +cmake_minimum_required(VERSION 3.7...3.16 FATAL_ERROR) +message(STATUS "Using CMake version ${CMAKE_VERSION}") + +# Collect command-line arguments for buildinfo.txt. +# Must reside at the top of the script to work as expected. +set(_cmake_args "") +if(NOT "$ENV{CURL_BUILDINFO}$ENV{CURL_CI}$ENV{CI}" STREQUAL "") + get_cmake_property(_cache_vars CACHE_VARIABLES) + foreach(_cache_var IN ITEMS ${_cache_vars}) + get_property(_cache_var_helpstring CACHE ${_cache_var} PROPERTY HELPSTRING) + if(_cache_var_helpstring STREQUAL "No help, variable specified on the command line.") + get_property(_cache_var_type CACHE ${_cache_var} PROPERTY TYPE) + get_property(_cache_var_value CACHE ${_cache_var} PROPERTY VALUE) + if(_cache_var_type STREQUAL "UNINITIALIZED") + set(_cache_var_type) + else() + set(_cache_var_type ":${_cache_var_type}") + endif() + string(APPEND _cmake_args " -D${_cache_var}${_cache_var_type}=\"${_cache_var_value}\"") + endif() + endforeach() +endif() + +set(CMAKE_MODULE_PATH "${CMAKE_CURRENT_SOURCE_DIR}/CMake" ${CMAKE_MODULE_PATH}) +include(Utilities) +include(Macros) +include(CMakeDependentOption) +include(CheckCCompilerFlag) + +file(STRINGS "${CMAKE_CURRENT_SOURCE_DIR}/include/curl/curlver.h" _curl_version_h_contents REGEX "#define LIBCURL_VERSION( |_NUM )") +string(REGEX MATCH "#define LIBCURL_VERSION \"[^\"]*" _curl_version ${_curl_version_h_contents}) +string(REGEX REPLACE "[^\"]+\"" "" _curl_version ${_curl_version}) +string(REGEX MATCH "#define LIBCURL_VERSION_NUM 0x[0-9a-fA-F]+" _curl_version_num ${_curl_version_h_contents}) +string(REGEX REPLACE "[^0]+0x" "" _curl_version_num ${_curl_version_num}) +unset(_curl_version_h_contents) + +message(STATUS "curl version=[${_curl_version}]") + +string(REGEX REPLACE "([0-9]+\.[0-9]+\.[0-9]+).+" "\\1" _curl_version_sem "${_curl_version}") +project(CURL + VERSION "${_curl_version_sem}" + LANGUAGES C) + +# CMake does not recognize some targets accurately. Touch up configuration manually as a workaround. +if(WINDOWS_STORE AND MINGW) # mingw UWP build + # CMake (as of v3.31.2) gets confused and applies the MSVC rc.exe command-line + # template to windres. Reset it to the windres template via 'Modules/Platform/Windows-windres.cmake': + set(CMAKE_RC_COMPILE_OBJECT " -O coff ") +elseif(WIN32 AND WINCE AND CMAKE_COMPILER_IS_GNUCC) # mingw32ce build + if(NOT MINGW32CE_LIBRARY_DIR) + message(FATAL_ERROR "Set MINGW32CE_LIBRARY_DIR variable to the mingw32ce platform library directory.") + endif() + + set(MINGW 1) + set(MINGW32CE 1) + + # Build implib with libcurl DLL. Copied from CMake's 'Modules/Platform/Windows-GNU.cmake'. + set(CMAKE_C_CREATE_SHARED_LIBRARY " ") + string(APPEND CMAKE_C_CREATE_SHARED_LIBRARY " -o -Wl,--out-implib,") + string(APPEND CMAKE_C_CREATE_SHARED_LIBRARY " ${CMAKE_GNULD_IMAGE_VERSION} ") + + # Build resources. Copied from CMake's 'Modules/Platform/Windows-windres.cmake'. + set(CMAKE_RC_COMPILE_OBJECT " -O coff ") + enable_language(RC) + + set(CMAKE_C_COMPILE_OPTIONS_PIC "") # CMake sets it to '-fPIC', confusing the toolchain and breaking builds. Zap it. + + set(CMAKE_STATIC_LIBRARY_PREFIX "lib") + set(CMAKE_STATIC_LIBRARY_SUFFIX ".a") + set(CMAKE_SHARED_LIBRARY_PREFIX "lib") + set(CMAKE_SHARED_LIBRARY_SUFFIX ".dll") + set(CMAKE_IMPORT_LIBRARY_PREFIX "lib") + set(CMAKE_IMPORT_LIBRARY_SUFFIX ".dll.a") + set(CMAKE_FIND_LIBRARY_PREFIXES "lib" "") + set(CMAKE_FIND_LIBRARY_SUFFIXES ".dll.a" ".a" ".lib") +elseif(DOS AND CMAKE_COMPILER_IS_GNUCC) # DJGPP + set(CMAKE_STATIC_LIBRARY_PREFIX "lib") + set(CMAKE_STATIC_LIBRARY_SUFFIX ".a") + set(CMAKE_FIND_LIBRARY_PREFIXES "lib") + set(CMAKE_FIND_LIBRARY_SUFFIXES ".a") +endif() + +# Fill platform level variable when using CMake's built-in Android configuration +if(ANDROID AND NOT DEFINED ANDROID_PLATFORM_LEVEL AND NOT CMAKE_SYSTEM_VERSION EQUAL 1) + set(ANDROID_PLATFORM_LEVEL "${CMAKE_SYSTEM_VERSION}") +endif() + +set(_target_flags "") +if(APPLE) + string(APPEND _target_flags " APPLE") +endif() +if(UNIX) + string(APPEND _target_flags " UNIX") +endif() +if(BSD) + string(APPEND _target_flags " BSD") +endif() +if(ANDROID) + string(APPEND _target_flags " ANDROID-${ANDROID_PLATFORM_LEVEL}") +endif() +if(WIN32) + string(APPEND _target_flags " WIN32") +endif() +if(WINCE) + string(APPEND _target_flags " WINCE") +endif() +if(WINDOWS_STORE) + string(APPEND _target_flags " UWP") +endif() +if(CYGWIN) + string(APPEND _target_flags " CYGWIN") +endif() +if(DOS) + string(APPEND _target_flags " DOS") +endif() +if(AMIGA) + string(APPEND _target_flags " AMIGA") +endif() +if(CMAKE_COMPILER_IS_GNUCC) + string(APPEND _target_flags " GCC") +endif() +if(MINGW) + string(APPEND _target_flags " MINGW") +endif() +if(MSVC) + string(APPEND _target_flags " MSVC-${MSVC_VERSION}") +endif() +if(VCPKG_TOOLCHAIN) + string(APPEND _target_flags " VCPKG") +endif() +if(CMAKE_CROSSCOMPILING) + string(APPEND _target_flags " CROSS") +endif() +message(STATUS "CMake platform flags:${_target_flags}") + +if(CMAKE_CROSSCOMPILING) + message(STATUS "Cross-compiling: " + "${CMAKE_HOST_SYSTEM_NAME}/${CMAKE_HOST_SYSTEM_PROCESSOR} -> " + "${CMAKE_SYSTEM_NAME}/${CMAKE_SYSTEM_PROCESSOR}") +endif() + +if(CMAKE_C_COMPILER_TARGET) + set(CURL_OS "\"${CMAKE_C_COMPILER_TARGET}\"") +else() + set(CURL_OS "\"${CMAKE_SYSTEM_NAME}\"") +endif() + +include_directories("${PROJECT_SOURCE_DIR}/include") + +if(NOT DEFINED CMAKE_UNITY_BUILD_BATCH_SIZE) + set(CMAKE_UNITY_BUILD_BATCH_SIZE 0) +endif() + +# Having CMAKE_TRY_COMPILE_TARGET_TYPE set to STATIC_LIBRARY breaks certain +# 'check_function_exists()' detections (possibly more), by detecting +# non-existing features. This happens by default when using 'ios.toolchain.cmake'. +# Work it around by setting this value to `EXECUTABLE`. +if(CMAKE_TRY_COMPILE_TARGET_TYPE STREQUAL "STATIC_LIBRARY") + message(STATUS "CMAKE_TRY_COMPILE_TARGET_TYPE was found set to STATIC_LIBRARY. " + "Overriding with EXECUTABLE for feature detections to work.") + set(_cmake_try_compile_target_type_save ${CMAKE_TRY_COMPILE_TARGET_TYPE}) + set(CMAKE_TRY_COMPILE_TARGET_TYPE "EXECUTABLE") +endif() + +option(CURL_WERROR "Turn compiler warnings into errors" OFF) +option(PICKY_COMPILER "Enable picky compiler options" ON) +option(BUILD_CURL_EXE "Build curl executable" ON) +option(BUILD_SHARED_LIBS "Build shared libraries" ON) +option(BUILD_STATIC_LIBS "Build static libraries" OFF) +option(BUILD_STATIC_CURL "Build curl executable with static libcurl" OFF) +option(ENABLE_ARES "Enable c-ares support" OFF) +option(CURL_DISABLE_INSTALL "Disable installation targets" OFF) + +if(WIN32) + option(ENABLE_UNICODE "Use the Unicode version of the Windows API functions" OFF) + if(WINDOWS_STORE OR WINCE) + set(ENABLE_UNICODE ON) + endif() + if(ENABLE_UNICODE) + set_property(DIRECTORY APPEND PROPERTY COMPILE_DEFINITIONS "UNICODE" "_UNICODE") + if(MINGW AND NOT MINGW32CE) + set_property(DIRECTORY APPEND PROPERTY COMPILE_OPTIONS "-municode") + endif() + endif() + + # Apply to all feature checks + list(APPEND CMAKE_REQUIRED_DEFINITIONS "-DWIN32_LEAN_AND_MEAN") + if(MSVC) + list(APPEND CMAKE_REQUIRED_DEFINITIONS "-D_CRT_NONSTDC_NO_DEPRECATE") # for strdup() detection + endif() + + set(CURL_TARGET_WINDOWS_VERSION "" CACHE STRING "Minimum target Windows version as hex string") + if(CURL_TARGET_WINDOWS_VERSION) + set_property(DIRECTORY APPEND PROPERTY COMPILE_DEFINITIONS "_WIN32_WINNT=${CURL_TARGET_WINDOWS_VERSION}") + list(APPEND CMAKE_REQUIRED_DEFINITIONS "-D_WIN32_WINNT=${CURL_TARGET_WINDOWS_VERSION}") # Apply to all feature checks + endif() + + # Detect actual value of _WIN32_WINNT and store as HAVE_WIN32_WINNT + curl_internal_test(HAVE_WIN32_WINNT) + if(HAVE_WIN32_WINNT) + string(REGEX MATCH "_WIN32_WINNT=0x[0-9a-fA-F]+" CURL_TEST_OUTPUT "${CURL_TEST_OUTPUT}") + string(REGEX REPLACE "_WIN32_WINNT=" "" CURL_TEST_OUTPUT "${CURL_TEST_OUTPUT}") + string(REGEX REPLACE "0x([0-9a-f][0-9a-f][0-9a-f])$" "0x0\\1" CURL_TEST_OUTPUT "${CURL_TEST_OUTPUT}") # pad to 4 digits + string(TOLOWER "${CURL_TEST_OUTPUT}" HAVE_WIN32_WINNT) + message(STATUS "Found _WIN32_WINNT=${HAVE_WIN32_WINNT}") + endif() + unset(HAVE_WIN32_WINNT CACHE) # Avoid storing in CMake cache + + if(MINGW) + # Detect __MINGW64_VERSION_MAJOR, __MINGW64_VERSION_MINOR and store as MINGW64_VERSION + curl_internal_test(MINGW64_VERSION) + if(MINGW64_VERSION) + string(REGEX MATCH "MINGW64_VERSION=[0-9]+\.[0-9]+" CURL_TEST_OUTPUT "${CURL_TEST_OUTPUT}") + string(REGEX REPLACE "MINGW64_VERSION=" "" MINGW64_VERSION "${CURL_TEST_OUTPUT}") + if(MINGW64_VERSION) + message(STATUS "Found MINGW64_VERSION=${MINGW64_VERSION}") + endif() + endif() + unset(MINGW64_VERSION CACHE) # Avoid storing in CMake cache + endif() +elseif(DOS OR AMIGA) + set(BUILD_SHARED_LIBS OFF) + set(BUILD_STATIC_LIBS ON) +endif() +option(CURL_LTO "Enable compiler Link Time Optimizations" OFF) + +if(NOT DOS AND NOT AMIGA) + # if c-ares is used, default the threaded resolver to OFF + if(ENABLE_ARES) + set(_enable_threaded_resolver_default OFF) + else() + set(_enable_threaded_resolver_default ON) + endif() + option(ENABLE_THREADED_RESOLVER "Enable threaded DNS lookup" ${_enable_threaded_resolver_default}) +endif() + +include(PickyWarnings) + +if(CMAKE_SYSTEM_NAME STREQUAL "Linux") + string(APPEND CMAKE_C_FLAGS " -D_GNU_SOURCE") # Required for sendmmsg() +endif() + +option(ENABLE_DEBUG "Enable curl debug features (for developing curl itself)" OFF) +if(ENABLE_DEBUG) + message(WARNING "This curl build is Debug-enabled and insecure, do not use in production.") +endif() +option(ENABLE_CURLDEBUG "Enable TrackMemory debug feature" ${ENABLE_DEBUG}) +option(ENABLE_SERVER_DEBUG "Apply curl debug options to test servers" OFF) + +set(CURL_DEBUG_MACROS "") +if(ENABLE_DEBUG) + list(APPEND CURL_DEBUG_MACROS "DEBUGBUILD") +endif() +if(ENABLE_CURLDEBUG) + list(APPEND CURL_DEBUG_MACROS "CURLDEBUG") +endif() + +option(CURL_CLANG_TIDY "Run the build through clang-tidy" OFF) +if(CURL_CLANG_TIDY) + set(CMAKE_UNITY_BUILD OFF) + set(_tidy_checks "") + list(APPEND _tidy_checks "-clang-analyzer-security.insecureAPI.strcpy") + list(APPEND _tidy_checks "-clang-analyzer-optin.performance.Padding") + list(APPEND _tidy_checks "-clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling") + string(REPLACE ";" "," _tidy_checks "${_tidy_checks}") + find_program(CLANG_TIDY NAMES "clang-tidy" REQUIRED) + set(CMAKE_C_CLANG_TIDY "${CLANG_TIDY}" "-checks=${_tidy_checks}" "-quiet") + unset(_tidy_checks) + if(CURL_WERROR) + list(APPEND CMAKE_C_CLANG_TIDY "--warnings-as-errors=*") + endif() + if(CURL_CLANG_TIDYFLAGS) + list(APPEND CMAKE_C_CLANG_TIDY ${CURL_CLANG_TIDYFLAGS}) + endif() +endif() + +# For debug libs and exes, add "-d" postfix +if(NOT DEFINED CMAKE_DEBUG_POSTFIX) + set(CMAKE_DEBUG_POSTFIX "-d") +endif() + +set(LIB_STATIC "libcurl_static") +set(LIB_SHARED "libcurl_shared") + +if(NOT BUILD_SHARED_LIBS AND NOT BUILD_STATIC_LIBS) + set(BUILD_STATIC_LIBS ON) +endif() +if(NOT BUILD_STATIC_CURL AND NOT BUILD_SHARED_LIBS) + set(BUILD_STATIC_CURL ON) +elseif(BUILD_STATIC_CURL AND NOT BUILD_STATIC_LIBS) + set(BUILD_STATIC_CURL OFF) +endif() + +# Lib flavour selected for curl tool +if(BUILD_STATIC_CURL) + set(LIB_SELECTED_FOR_EXE ${LIB_STATIC}) +else() + set(LIB_SELECTED_FOR_EXE ${LIB_SHARED}) +endif() + +# Lib flavour selected for example and test programs. +if(BUILD_SHARED_LIBS) + set(LIB_SELECTED ${LIB_SHARED}) +else() + set(LIB_SELECTED ${LIB_STATIC}) +endif() + +if(WIN32) + option(CURL_STATIC_CRT "Build libcurl with static CRT with MSVC (/MT)" OFF) + if(CURL_STATIC_CRT AND MSVC) + if(MSVC_VERSION GREATER_EQUAL 1900 OR BUILD_STATIC_CURL OR NOT BUILD_CURL_EXE) + set(CMAKE_MSVC_RUNTIME_LIBRARY "MultiThreaded$<$:Debug>") + string(APPEND CMAKE_C_FLAGS_RELEASE " -MT") + string(APPEND CMAKE_C_FLAGS_DEBUG " -MTd") + else() + message(WARNING "Static CRT requires UCRT, static libcurl or no curl executable.") + endif() + endif() +endif() + +# Override to force-disable or force-enable the use of pkg-config. +if((UNIX AND NOT ANDROID AND (NOT APPLE OR CMAKE_SYSTEM_NAME MATCHES "Darwin")) OR + VCPKG_TOOLCHAIN OR + (MINGW AND NOT CMAKE_CROSSCOMPILING)) + set(_curl_use_pkgconfig_default ON) +else() + set(_curl_use_pkgconfig_default OFF) +endif() +option(CURL_USE_PKGCONFIG "Enable pkg-config to detect dependencies" ${_curl_use_pkgconfig_default}) + +# Initialize variables collecting dependency libs, paths, pkg-config names. +set(CURL_LIBS "") +set(CURL_LIBDIRS "") +set(LIBCURL_PC_REQUIRES_PRIVATE "") + +if(ENABLE_ARES) + set(USE_ARES 1) + find_package(Cares REQUIRED) + list(APPEND CURL_LIBS ${CARES_LIBRARIES}) + list(APPEND CURL_LIBDIRS ${CARES_LIBRARY_DIRS}) + list(APPEND LIBCURL_PC_REQUIRES_PRIVATE ${CARES_PC_REQUIRES}) + link_directories(${CARES_LIBRARY_DIRS}) + if(CARES_CFLAGS) + string(APPEND CMAKE_C_FLAGS " ${CARES_CFLAGS}") + endif() +endif() + +include(CurlSymbolHiding) + +option(CURL_ENABLE_EXPORT_TARGET "Enable CMake export target" ON) +mark_as_advanced(CURL_ENABLE_EXPORT_TARGET) + +option(CURL_DISABLE_ALTSVC "Disable alt-svc support" OFF) +mark_as_advanced(CURL_DISABLE_ALTSVC) +option(CURL_DISABLE_SRP "Disable TLS-SRP support" OFF) +mark_as_advanced(CURL_DISABLE_SRP) +option(CURL_DISABLE_COOKIES "Disable cookies support" OFF) +mark_as_advanced(CURL_DISABLE_COOKIES) +option(CURL_DISABLE_BASIC_AUTH "Disable Basic authentication" OFF) +mark_as_advanced(CURL_DISABLE_BASIC_AUTH) +option(CURL_DISABLE_BEARER_AUTH "Disable Bearer authentication" OFF) +mark_as_advanced(CURL_DISABLE_BEARER_AUTH) +option(CURL_DISABLE_DIGEST_AUTH "Disable Digest authentication" OFF) +mark_as_advanced(CURL_DISABLE_DIGEST_AUTH) +option(CURL_DISABLE_KERBEROS_AUTH "Disable Kerberos authentication" OFF) +mark_as_advanced(CURL_DISABLE_KERBEROS_AUTH) +option(CURL_DISABLE_NEGOTIATE_AUTH "Disable negotiate authentication" OFF) +mark_as_advanced(CURL_DISABLE_NEGOTIATE_AUTH) +option(CURL_DISABLE_AWS "Disable aws-sigv4" OFF) +mark_as_advanced(CURL_DISABLE_AWS) +option(CURL_DISABLE_DICT "Disable DICT" OFF) +mark_as_advanced(CURL_DISABLE_DICT) +option(CURL_DISABLE_DOH "Disable DNS-over-HTTPS" OFF) +mark_as_advanced(CURL_DISABLE_DOH) +option(CURL_DISABLE_FILE "Disable FILE" OFF) +mark_as_advanced(CURL_DISABLE_FILE) +option(CURL_DISABLE_FTP "Disable FTP" OFF) +mark_as_advanced(CURL_DISABLE_FTP) +option(CURL_DISABLE_GETOPTIONS "Disable curl_easy_options API for existing options to curl_easy_setopt" OFF) +mark_as_advanced(CURL_DISABLE_GETOPTIONS) +option(CURL_DISABLE_GOPHER "Disable Gopher" OFF) +mark_as_advanced(CURL_DISABLE_GOPHER) +option(CURL_DISABLE_HEADERS_API "Disable headers-api support" OFF) +mark_as_advanced(CURL_DISABLE_HEADERS_API) +option(CURL_DISABLE_HSTS "Disable HSTS support" OFF) +mark_as_advanced(CURL_DISABLE_HSTS) +option(CURL_DISABLE_HTTP "Disable HTTP" OFF) +mark_as_advanced(CURL_DISABLE_HTTP) +option(CURL_DISABLE_HTTP_AUTH "Disable all HTTP authentication methods" OFF) +mark_as_advanced(CURL_DISABLE_HTTP_AUTH) +option(CURL_DISABLE_IMAP "Disable IMAP" OFF) +mark_as_advanced(CURL_DISABLE_IMAP) +option(CURL_DISABLE_LDAP "Disable LDAP" OFF) +mark_as_advanced(CURL_DISABLE_LDAP) +option(CURL_DISABLE_LDAPS "Disable LDAPS" ${CURL_DISABLE_LDAP}) +mark_as_advanced(CURL_DISABLE_LDAPS) +option(CURL_DISABLE_LIBCURL_OPTION "Disable --libcurl option from the curl tool" OFF) +mark_as_advanced(CURL_DISABLE_LIBCURL_OPTION) +option(CURL_DISABLE_MIME "Disable MIME support" OFF) +mark_as_advanced(CURL_DISABLE_MIME) +cmake_dependent_option(CURL_DISABLE_FORM_API "Disable form-api" + OFF "NOT CURL_DISABLE_MIME" + ON) +mark_as_advanced(CURL_DISABLE_FORM_API) +option(CURL_DISABLE_MQTT "Disable MQTT" OFF) +mark_as_advanced(CURL_DISABLE_MQTT) +option(CURL_DISABLE_BINDLOCAL "Disable local binding support" OFF) +mark_as_advanced(CURL_DISABLE_BINDLOCAL) +option(CURL_DISABLE_NETRC "Disable netrc parser" OFF) +mark_as_advanced(CURL_DISABLE_NETRC) +option(CURL_DISABLE_NTLM "Disable NTLM support" OFF) +mark_as_advanced(CURL_DISABLE_NTLM) +option(CURL_DISABLE_PARSEDATE "Disable date parsing" OFF) +mark_as_advanced(CURL_DISABLE_PARSEDATE) +option(CURL_DISABLE_POP3 "Disable POP3" OFF) +mark_as_advanced(CURL_DISABLE_POP3) +option(CURL_DISABLE_PROGRESS_METER "Disable built-in progress meter" OFF) +mark_as_advanced(CURL_DISABLE_PROGRESS_METER) +option(CURL_DISABLE_PROXY "Disable proxy support" OFF) +mark_as_advanced(CURL_DISABLE_PROXY) +option(CURL_DISABLE_IPFS "Disable IPFS" OFF) +mark_as_advanced(CURL_DISABLE_IPFS) +option(CURL_DISABLE_RTSP "Disable RTSP" OFF) +mark_as_advanced(CURL_DISABLE_SHA512_256) +option(CURL_DISABLE_SHA512_256 "Disable SHA-512/256 hash algorithm" OFF) +mark_as_advanced(CURL_DISABLE_RTSP) +option(CURL_DISABLE_SHUFFLE_DNS "Disable shuffle DNS feature" OFF) +mark_as_advanced(CURL_DISABLE_SHUFFLE_DNS) +option(CURL_DISABLE_SMB "Disable SMB" OFF) +mark_as_advanced(CURL_DISABLE_SMB) +option(CURL_DISABLE_SMTP "Disable SMTP" OFF) +mark_as_advanced(CURL_DISABLE_SMTP) +option(CURL_DISABLE_SOCKETPAIR "Disable use of socketpair for curl_multi_poll" OFF) +mark_as_advanced(CURL_DISABLE_SOCKETPAIR) +option(CURL_DISABLE_WEBSOCKETS "Disable WebSocket" OFF) +mark_as_advanced(CURL_DISABLE_WEBSOCKETS) +option(CURL_DISABLE_TELNET "Disable Telnet" OFF) +mark_as_advanced(CURL_DISABLE_TELNET) +option(CURL_DISABLE_TFTP "Disable TFTP" OFF) +mark_as_advanced(CURL_DISABLE_TFTP) +option(CURL_DISABLE_VERBOSE_STRINGS "Disable verbose strings" OFF) +mark_as_advanced(CURL_DISABLE_VERBOSE_STRINGS) + +if(CURL_DISABLE_HTTP) + set(CURL_DISABLE_IPFS ON) + set(CURL_DISABLE_RTSP ON) + set(CURL_DISABLE_ALTSVC ON) + set(CURL_DISABLE_HSTS ON) +endif() + +# Corresponds to HTTP_ONLY in lib/curl_setup.h +option(HTTP_ONLY "Disable all protocols except HTTP (This overrides all CURL_DISABLE_* options)" OFF) +mark_as_advanced(HTTP_ONLY) + +if(HTTP_ONLY) + set(CURL_DISABLE_DICT ON) + set(CURL_DISABLE_FILE ON) + set(CURL_DISABLE_FTP ON) + set(CURL_DISABLE_GOPHER ON) + set(CURL_DISABLE_IMAP ON) + set(CURL_DISABLE_LDAP ON) + set(CURL_DISABLE_LDAPS ON) + set(CURL_DISABLE_MQTT ON) + set(CURL_DISABLE_POP3 ON) + set(CURL_DISABLE_IPFS ON) + set(CURL_DISABLE_RTSP ON) + set(CURL_DISABLE_SMB ON) + set(CURL_DISABLE_SMTP ON) + set(CURL_DISABLE_TELNET ON) + set(CURL_DISABLE_TFTP ON) +endif() + +if(WINDOWS_STORE OR WINCE) + set(CURL_DISABLE_TELNET ON) # telnet code needs fixing to compile for UWP. +endif() + +find_package(Perl) + +if(PERL_EXECUTABLE) + add_custom_target(curl-ca-bundle + COMMENT "Generating a fresh ca-bundle.crt" VERBATIM USES_TERMINAL + COMMAND "${PERL_EXECUTABLE}" "${PROJECT_SOURCE_DIR}/scripts/mk-ca-bundle.pl" -b -l -u "lib/ca-bundle.crt" + DEPENDS "${PROJECT_SOURCE_DIR}/scripts/mk-ca-bundle.pl" + ) + add_custom_target(curl-ca-firefox + COMMENT "generating a fresh ca-bundle.crt" VERBATIM USES_TERMINAL + COMMAND "${PERL_EXECUTABLE}" "${PROJECT_SOURCE_DIR}/scripts/firefox-db2pem.sh" "lib/ca-bundle.crt" + DEPENDS "${PROJECT_SOURCE_DIR}/scripts/firefox-db2pem.sh" + ) +endif() + +option(BUILD_LIBCURL_DOCS "Build libcurl man pages" ON) +option(BUILD_MISC_DOCS "Build misc man pages (e.g. curl-config and mk-ca-bundle)" ON) +option(ENABLE_CURL_MANUAL "Build the man page for curl and enable its -M/--manual option" ON) + +if(ENABLE_CURL_MANUAL OR BUILD_LIBCURL_DOCS) + if(PERL_FOUND) + set(HAVE_MANUAL_TOOLS ON) + endif() + if(NOT HAVE_MANUAL_TOOLS) + message(WARNING "Perl not found. Will not build manuals.") + endif() +endif() + +# If we are on AIX, do the _ALL_SOURCE magic +if(CMAKE_SYSTEM_NAME STREQUAL "AIX") + set_property(DIRECTORY APPEND PROPERTY COMPILE_DEFINITIONS "_ALL_SOURCE") +endif() + +# If we are on Haiku, make sure that the network library is brought in. +if(CMAKE_SYSTEM_NAME STREQUAL "Haiku") + list(APPEND CURL_LIBS "network") +elseif(AMIGA) + list(APPEND CURL_LIBS "net" "m" "atomic") + list(APPEND CMAKE_REQUIRED_LIBRARIES "net" "m" "atomic") +endif() + +# Include all the necessary files for macros +include(CMakePushCheckState) +include(CheckFunctionExists) +include(CheckIncludeFile) +include(CheckIncludeFiles) +include(CheckLibraryExists) +include(CheckSymbolExists) +include(CheckTypeSize) +include(CheckCSourceCompiles) + +option(_CURL_PREFILL "Fast-track known feature detection results (Windows, some Apple)" "${WIN32}") +if(_CURL_PREFILL) + if(WIN32) + include("${CMAKE_CURRENT_SOURCE_DIR}/CMake/win32-cache.cmake") + elseif(UNIX) + include("${CMAKE_CURRENT_SOURCE_DIR}/CMake/unix-cache.cmake") + message(STATUS "Pre-filling feature detection results for UNIX") + endif() +elseif(WIN32) + message(STATUS "Pre-filling feature detection results disabled.") +elseif(APPLE) + set(HAVE_EVENTFD 0) + set(HAVE_GETPASS_R 0) + set(HAVE_WRITABLE_ARGV 1) + set(HAVE_SENDMMSG 0) +endif() + +if(AMIGA) + set(HAVE_GETADDRINFO 0) # Breaks the build when detected and used. +endif() +if(DOS OR AMIGA) + set(HAVE_TIME_T_UNSIGNED 1) +endif() + +if(ENABLE_THREADED_RESOLVER) + if(WIN32) + set(USE_THREADS_WIN32 ON) + else() + find_package(Threads REQUIRED) + set(USE_THREADS_POSIX ${CMAKE_USE_PTHREADS_INIT}) + set(HAVE_PTHREAD_H ${CMAKE_USE_PTHREADS_INIT}) + list(APPEND CURL_LIBS ${CMAKE_THREAD_LIBS_INIT}) + endif() +endif() + +# Check for all needed libraries +if(WIN32) + if(WINCE) + set(_win32_winsock "ws2") + else() + set(_win32_winsock "ws2_32") + endif() + set(_win32_crypt32 "crypt32") + + if(MINGW32CE) # FIXME upstream: must specify the full path to avoid CMake converting "ws2" to "ws2.lib" + set(_win32_winsock "${MINGW32CE_LIBRARY_DIR}/lib${_win32_winsock}.a") + set(_win32_crypt32 "${MINGW32CE_LIBRARY_DIR}/lib${_win32_crypt32}.a") + endif() +elseif(DOS) + if(WATT_ROOT) + set(USE_WATT32 ON) + # FIXME upstream: must specify the full path to avoid CMake converting "watt" to "watt.lib" + list(APPEND CURL_LIBS "${WATT_ROOT}/lib/libwatt.a") + include_directories(SYSTEM "${WATT_ROOT}/inc") + list(APPEND CMAKE_REQUIRED_INCLUDES "${WATT_ROOT}/inc") + else() + message(FATAL_ERROR "Set WATT_ROOT variable to the root installation of Watt-32.") + endif() +elseif(AMIGA) + if(AMISSL_INCLUDE_DIR AND AMISSL_STUBS_LIBRARY AND AMISSL_AUTO_LIBRARY) + set(USE_AMISSL ON) + list(APPEND CMAKE_REQUIRED_INCLUDES "${AMISSL_INCLUDE_DIR}") + list(APPEND CMAKE_REQUIRED_LIBRARIES "${AMISSL_STUBS_LIBRARY}" "${AMISSL_AUTO_LIBRARY}") + set(OPENSSL_INCLUDE_DIR "${AMISSL_INCLUDE_DIR}") + set(OPENSSL_SSL_LIBRARY "${AMISSL_STUBS_LIBRARY}") + set(OPENSSL_CRYPTO_LIBRARY "${AMISSL_AUTO_LIBRARY}") + set(CURL_USE_OPENSSL ON) + set(CURL_CA_FALLBACK ON CACHE BOOL "") + endif() +elseif(NOT APPLE) + check_library_exists("socket" "connect" "" HAVE_LIBSOCKET) + if(HAVE_LIBSOCKET) + set(CURL_LIBS "socket" ${CURL_LIBS}) + endif() +endif() + +option(ENABLE_IPV6 "Enable IPv6 support" ON) +mark_as_advanced(ENABLE_IPV6) +if(ENABLE_IPV6) + include(CheckStructHasMember) + if(WIN32) + check_struct_has_member("struct sockaddr_in6" "sin6_scope_id" "winsock2.h;ws2tcpip.h" HAVE_SOCKADDR_IN6_SIN6_SCOPE_ID) + else() + check_struct_has_member("struct sockaddr_in6" "sin6_scope_id" "netinet/in.h" HAVE_SOCKADDR_IN6_SIN6_SCOPE_ID) + check_struct_has_member("struct sockaddr_in6" "sin6_addr" "netinet/in.h" HAVE_SOCKADDR_IN6_SIN6_ADDR) + if(NOT HAVE_SOCKADDR_IN6_SIN6_ADDR) + if(NOT DOS AND NOT AMIGA) + message(WARNING "struct sockaddr_in6 not available, disabling IPv6 support") + endif() + set(ENABLE_IPV6 OFF CACHE BOOL "Enable IPv6 support" FORCE) # Force the feature off as we use this name as guard macro + endif() + + if(APPLE AND NOT ENABLE_ARES) + set(_use_core_foundation_and_core_services ON) + + find_library(SYSTEMCONFIGURATION_FRAMEWORK NAMES "SystemConfiguration") + mark_as_advanced(SYSTEMCONFIGURATION_FRAMEWORK) + if(NOT SYSTEMCONFIGURATION_FRAMEWORK) + message(FATAL_ERROR "SystemConfiguration framework not found") + endif() + list(APPEND CURL_LIBS "-framework SystemConfiguration") + endif() + endif() +endif() +if(ENABLE_IPV6 AND NOT WINCE) + set(USE_IPV6 ON) +endif() + +# Check SSL libraries +option(CURL_ENABLE_SSL "Enable SSL support" ON) + +if(CURL_DEFAULT_SSL_BACKEND) + set(_valid_default_ssl_backend FALSE) +endif() + +if(APPLE) + cmake_dependent_option(CURL_USE_SECTRANSP "Enable Apple OS native SSL/TLS (Secure Transport)" OFF CURL_ENABLE_SSL OFF) +endif() +if(WIN32) + cmake_dependent_option(CURL_USE_SCHANNEL "Enable Windows native SSL/TLS (Schannel)" OFF CURL_ENABLE_SSL OFF) + option(CURL_WINDOWS_SSPI "Enable SSPI on Windows" ${CURL_USE_SCHANNEL}) +endif() +cmake_dependent_option(CURL_USE_MBEDTLS "Enable mbedTLS for SSL/TLS" OFF CURL_ENABLE_SSL OFF) +cmake_dependent_option(CURL_USE_BEARSSL "Enable BearSSL for SSL/TLS" OFF CURL_ENABLE_SSL OFF) +cmake_dependent_option(CURL_USE_WOLFSSL "Enable wolfSSL for SSL/TLS" OFF CURL_ENABLE_SSL OFF) +cmake_dependent_option(CURL_USE_GNUTLS "Enable GnuTLS for SSL/TLS" OFF CURL_ENABLE_SSL OFF) +cmake_dependent_option(CURL_USE_RUSTLS "Enable Rustls for SSL/TLS" OFF CURL_ENABLE_SSL OFF) + +if(WIN32 OR + CURL_USE_SECTRANSP OR + CURL_USE_SCHANNEL OR + CURL_USE_MBEDTLS OR + CURL_USE_BEARSSL OR + CURL_USE_WOLFSSL OR + CURL_USE_GNUTLS OR + CURL_USE_RUSTLS) + set(_openssl_default OFF) +else() + set(_openssl_default ON) +endif() +cmake_dependent_option(CURL_USE_OPENSSL "Enable OpenSSL for SSL/TLS" ${_openssl_default} CURL_ENABLE_SSL OFF) +option(USE_OPENSSL_QUIC "Use OpenSSL and nghttp3 libraries for HTTP/3 support" OFF) +if(USE_OPENSSL_QUIC AND NOT CURL_USE_OPENSSL) + message(WARNING "OpenSSL QUIC has been requested, but without enabling OpenSSL. Will not enable QUIC.") + set(USE_OPENSSL_QUIC OFF) +endif() +option(CURL_DISABLE_OPENSSL_AUTO_LOAD_CONFIG "Disable automatic loading of OpenSSL configuration" OFF) + +curl_count_true(_enabled_ssl_options_count + CURL_USE_SCHANNEL + CURL_USE_SECTRANSP + CURL_USE_OPENSSL + CURL_USE_MBEDTLS + CURL_USE_BEARSSL + CURL_USE_WOLFSSL + CURL_USE_GNUTLS + CURL_USE_RUSTLS +) +if(_enabled_ssl_options_count GREATER 1) + set(CURL_WITH_MULTI_SSL ON) +elseif(_enabled_ssl_options_count EQUAL 0) + set(CURL_DISABLE_HSTS ON) +endif() + +if(CURL_USE_SCHANNEL) + set(_ssl_enabled ON) + set(USE_SCHANNEL ON) # Windows native SSL/TLS support + set(USE_WINDOWS_SSPI ON) # CURL_USE_SCHANNEL requires CURL_WINDOWS_SSPI + + if(CURL_DEFAULT_SSL_BACKEND AND CURL_DEFAULT_SSL_BACKEND STREQUAL "schannel") + set(_valid_default_ssl_backend TRUE) + endif() +endif() +if(CURL_WINDOWS_SSPI) + set(USE_WINDOWS_SSPI ON) +endif() + +if(CURL_USE_SECTRANSP) + set(_use_core_foundation_and_core_services ON) + + find_library(SECURITY_FRAMEWORK NAMES "Security") + mark_as_advanced(SECURITY_FRAMEWORK) + if(NOT SECURITY_FRAMEWORK) + message(FATAL_ERROR "Security framework not found") + endif() + list(APPEND CURL_LIBS "-framework Security") + + set(_ssl_enabled ON) + set(USE_SECTRANSP ON) + + if(CURL_DEFAULT_SSL_BACKEND AND CURL_DEFAULT_SSL_BACKEND STREQUAL "secure-transport") + set(_valid_default_ssl_backend TRUE) + endif() + + message(WARNING "Secure Transport does not support TLS 1.3.") +endif() + +if(_use_core_foundation_and_core_services) + find_library(COREFOUNDATION_FRAMEWORK NAMES "CoreFoundation") + mark_as_advanced(COREFOUNDATION_FRAMEWORK) + if(NOT COREFOUNDATION_FRAMEWORK) + message(FATAL_ERROR "CoreFoundation framework not found") + endif() + list(APPEND CURL_LIBS "-framework CoreFoundation") + + find_library(CORESERVICES_FRAMEWORK NAMES "CoreServices") + mark_as_advanced(CORESERVICES_FRAMEWORK) + if(NOT CORESERVICES_FRAMEWORK) + message(FATAL_ERROR "CoreServices framework not found") + endif() + list(APPEND CURL_LIBS "-framework CoreServices") +endif() + +if(CURL_USE_OPENSSL) + find_package(OpenSSL REQUIRED) + set(_ssl_enabled ON) + set(USE_OPENSSL ON) + + # Depend on OpenSSL via imported targets. This allows our dependents to + # get our dependencies transitively. + list(APPEND CURL_LIBS OpenSSL::SSL OpenSSL::Crypto) + list(APPEND LIBCURL_PC_REQUIRES_PRIVATE "openssl") + + if(CURL_DEFAULT_SSL_BACKEND AND CURL_DEFAULT_SSL_BACKEND STREQUAL "openssl") + set(_valid_default_ssl_backend TRUE) + endif() + set(_curl_ca_bundle_supported TRUE) + + cmake_push_check_state() + list(APPEND CMAKE_REQUIRED_LIBRARIES OpenSSL::SSL OpenSSL::Crypto) + if(NOT DEFINED HAVE_BORINGSSL) + check_symbol_exists("OPENSSL_IS_BORINGSSL" "openssl/base.h" HAVE_BORINGSSL) + endif() + if(NOT DEFINED HAVE_AWSLC) + check_symbol_exists("OPENSSL_IS_AWSLC" "openssl/base.h" HAVE_AWSLC) + endif() + if(NOT DEFINED HAVE_LIBRESSL) + check_symbol_exists("LIBRESSL_VERSION_NUMBER" "openssl/opensslv.h" HAVE_LIBRESSL) + endif() + cmake_pop_check_state() + + if(HAVE_BORINGSSL OR HAVE_AWSLC) + if(OPENSSL_USE_STATIC_LIBS AND CMAKE_C_COMPILER_ID MATCHES "Clang") + list(APPEND CURL_LIBS "stdc++") + list(APPEND CMAKE_REQUIRED_LIBRARIES "stdc++") + endif() + endif() + + if(HAVE_BORINGSSL) + set(_openssl "BoringSSL") + elseif(HAVE_AWSLC) + set(_openssl "AWS-LC") + elseif(HAVE_LIBRESSL) + set(_openssl "LibreSSL") + elseif(USE_AMISSL) + set(_openssl "AmiSSL") + else() + set(_openssl "OpenSSL") + endif() +endif() + +if(CURL_USE_MBEDTLS) + find_package(MbedTLS REQUIRED) + set(_ssl_enabled ON) + set(USE_MBEDTLS ON) + list(APPEND CURL_LIBS ${MBEDTLS_LIBRARIES}) + list(APPEND CURL_LIBDIRS ${MBEDTLS_LIBRARY_DIRS}) + list(APPEND LIBCURL_PC_REQUIRES_PRIVATE ${MBEDTLS_PC_REQUIRES}) + include_directories(SYSTEM ${MBEDTLS_INCLUDE_DIRS}) + link_directories(${MBEDTLS_LIBRARY_DIRS}) + if(MBEDTLS_CFLAGS) + string(APPEND CMAKE_C_FLAGS " ${MBEDTLS_CFLAGS}") + endif() + + if(CURL_DEFAULT_SSL_BACKEND AND CURL_DEFAULT_SSL_BACKEND STREQUAL "mbedtls") + set(_valid_default_ssl_backend TRUE) + endif() + set(_curl_ca_bundle_supported TRUE) +endif() + +if(CURL_USE_BEARSSL) + find_package(BearSSL REQUIRED) + set(_ssl_enabled ON) + set(USE_BEARSSL ON) + list(APPEND CURL_LIBS ${BEARSSL_LIBRARIES}) + include_directories(SYSTEM ${BEARSSL_INCLUDE_DIRS}) + + if(CURL_DEFAULT_SSL_BACKEND AND CURL_DEFAULT_SSL_BACKEND STREQUAL "bearssl") + set(_valid_default_ssl_backend TRUE) + endif() + set(_curl_ca_bundle_supported TRUE) + + message(WARNING "BearSSL does not support TLS 1.3.") +endif() + +if(CURL_USE_WOLFSSL) + find_package(WolfSSL REQUIRED) + set(_ssl_enabled ON) + set(USE_WOLFSSL ON) + list(APPEND CURL_LIBS ${WOLFSSL_LIBRARIES}) + list(APPEND CURL_LIBDIRS ${WOLFSSL_LIBRARY_DIRS}) + list(APPEND LIBCURL_PC_REQUIRES_PRIVATE ${WOLFSSL_PC_REQUIRES}) + include_directories(SYSTEM ${WOLFSSL_INCLUDE_DIRS}) + link_directories(${WOLFSSL_LIBRARY_DIRS}) + if(WOLFSSL_CFLAGS) + string(APPEND CMAKE_C_FLAGS " ${WOLFSSL_CFLAGS}") + endif() + + if(CURL_DEFAULT_SSL_BACKEND AND CURL_DEFAULT_SSL_BACKEND STREQUAL "wolfssl") + set(_valid_default_ssl_backend TRUE) + endif() + set(_curl_ca_bundle_supported TRUE) +endif() + +if(CURL_USE_GNUTLS) + if(CURL_USE_PKGCONFIG) + find_package(PkgConfig QUIET) + pkg_check_modules(GNUTLS "gnutls") + if(GNUTLS_FOUND) + set(GNUTLS_LIBRARIES ${GNUTLS_LINK_LIBRARIES}) + string(REPLACE ";" " " GNUTLS_CFLAGS "${GNUTLS_CFLAGS}") + if(GNUTLS_CFLAGS) + string(APPEND CMAKE_C_FLAGS " ${GNUTLS_CFLAGS}") + endif() + endif() + endif() + if(NOT GNUTLS_FOUND) + find_package(GnuTLS REQUIRED) + endif() + find_package(Nettle REQUIRED) + set(_ssl_enabled ON) + set(USE_GNUTLS ON) + list(APPEND CURL_LIBS ${GNUTLS_LIBRARIES} ${NETTLE_LIBRARIES}) + list(APPEND CURL_LIBDIRS ${GNUTLS_LIBRARY_DIRS} ${NETTLE_LIBRARY_DIRS}) + list(APPEND LIBCURL_PC_REQUIRES_PRIVATE "gnutls" ${NETTLE_PC_REQUIRES}) + include_directories(SYSTEM ${GNUTLS_INCLUDE_DIRS} ${NETTLE_INCLUDE_DIRS}) + link_directories(${NETTLE_LIBRARY_DIRS}) + if(NETTLE_CFLAGS) + string(APPEND CMAKE_C_FLAGS " ${NETTLE_CFLAGS}") + endif() + + if(CURL_DEFAULT_SSL_BACKEND AND CURL_DEFAULT_SSL_BACKEND STREQUAL "gnutls") + set(_valid_default_ssl_backend TRUE) + endif() + set(_curl_ca_bundle_supported TRUE) + + if(NOT DEFINED HAVE_GNUTLS_SRP AND NOT CURL_DISABLE_SRP) + cmake_push_check_state() + list(APPEND CMAKE_REQUIRED_INCLUDES ${GNUTLS_INCLUDE_DIRS}) + list(APPEND CMAKE_REQUIRED_LIBRARIES ${GNUTLS_LIBRARIES}) + check_symbol_exists("gnutls_srp_verifier" "gnutls/gnutls.h" HAVE_GNUTLS_SRP) + cmake_pop_check_state() + endif() +endif() + +if(CURL_USE_RUSTLS) + find_package(Rustls REQUIRED) + set(_ssl_enabled ON) + set(USE_RUSTLS ON) + list(APPEND CURL_LIBS ${RUSTLS_LIBRARIES}) + list(APPEND CURL_LIBDIRS ${RUSTLS_LIBRARY_DIRS}) + list(APPEND LIBCURL_PC_REQUIRES_PRIVATE ${RUSTLS_PC_REQUIRES}) + include_directories(SYSTEM ${RUSTLS_INCLUDE_DIRS}) + link_directories(${RUSTLS_LIBRARY_DIRS}) + if(RUSTLS_CFLAGS) + string(APPEND CMAKE_C_FLAGS " ${RUSTLS_CFLAGS}") + endif() + + if(CURL_DEFAULT_SSL_BACKEND AND CURL_DEFAULT_SSL_BACKEND STREQUAL "rustls") + set(_valid_default_ssl_backend TRUE) + endif() + set(_curl_ca_bundle_supported TRUE) +endif() + +if(CURL_DEFAULT_SSL_BACKEND AND NOT _valid_default_ssl_backend) + message(FATAL_ERROR "CURL_DEFAULT_SSL_BACKEND '${CURL_DEFAULT_SSL_BACKEND}' not enabled.") +endif() + +# Keep ZLIB detection after TLS detection, +# and before calling curl_openssl_check_exists(). + +set(HAVE_LIBZ OFF) +curl_dependency_option(CURL_ZLIB ZLIB "ZLIB") +if(ZLIB_FOUND) + set(HAVE_LIBZ ON) + # Depend on ZLIB via imported targets. This allows our dependents to + # get our dependencies transitively. + list(APPEND CURL_LIBS ZLIB::ZLIB) + list(APPEND LIBCURL_PC_REQUIRES_PRIVATE "zlib") +endif() + +set(HAVE_BROTLI OFF) +curl_dependency_option(CURL_BROTLI Brotli "brotli") +if(BROTLI_FOUND) + set(HAVE_BROTLI ON) + list(APPEND CURL_LIBS ${BROTLI_LIBRARIES}) + list(APPEND CURL_LIBDIRS ${BROTLI_LIBRARY_DIRS}) + list(APPEND LIBCURL_PC_REQUIRES_PRIVATE ${BROTLI_PC_REQUIRES}) + include_directories(SYSTEM ${BROTLI_INCLUDE_DIRS}) + link_directories(${BROTLI_LIBRARY_DIRS}) + if(BROTLI_CFLAGS) + string(APPEND CMAKE_C_FLAGS " ${BROTLI_CFLAGS}") + endif() +endif() + +set(HAVE_ZSTD OFF) +curl_dependency_option(CURL_ZSTD Zstd "zstd") +if(ZSTD_FOUND) + if(NOT ZSTD_VERSION VERSION_LESS 1.0.0) + set(HAVE_ZSTD ON) + list(APPEND CURL_LIBS ${ZSTD_LIBRARIES}) + list(APPEND CURL_LIBDIRS ${ZSTD_LIBRARY_DIRS}) + list(APPEND LIBCURL_PC_REQUIRES_PRIVATE ${ZSTD_PC_REQUIRES}) + include_directories(SYSTEM ${ZSTD_INCLUDE_DIRS}) + link_directories(${ZSTD_LIBRARY_DIRS}) + if(ZSTD_CFLAGS) + string(APPEND CMAKE_C_FLAGS " ${ZSTD_CFLAGS}") + endif() + else() + message(WARNING "zstd v1.0.0 or newer is required, disabling zstd support.") + endif() +endif() + +# Check function in an OpenSSL-like TLS backend. +macro(curl_openssl_check_exists) + cmake_push_check_state() + if(USE_OPENSSL) + list(APPEND CMAKE_REQUIRED_LIBRARIES OpenSSL::SSL OpenSSL::Crypto) + list(APPEND CMAKE_REQUIRED_DEFINITIONS "-DOPENSSL_SUPPRESS_DEPRECATED") # for SSL_CTX_set_srp_username deprecated since 3.0.0 + if(HAVE_LIBZ) + list(APPEND CMAKE_REQUIRED_LIBRARIES ZLIB::ZLIB) + endif() + if(WIN32 AND NOT WINCE) + list(APPEND CMAKE_REQUIRED_LIBRARIES "${_win32_winsock}") + list(APPEND CMAKE_REQUIRED_LIBRARIES "bcrypt") # for OpenSSL/LibreSSL + endif() + endif() + if(USE_WOLFSSL) + list(APPEND CMAKE_REQUIRED_INCLUDES "${WOLFSSL_INCLUDE_DIRS}") + list(APPEND CMAKE_REQUIRED_LIBRARIES "${WOLFSSL_LIBRARIES}") + curl_required_libpaths("${WOLFSSL_LIBRARY_DIRS}") + if(HAVE_LIBZ) + list(APPEND CMAKE_REQUIRED_LIBRARIES ZLIB::ZLIB) # Public wolfSSL headers also require zlib headers + endif() + if(WIN32) + list(APPEND CMAKE_REQUIRED_LIBRARIES "${_win32_winsock}" "${_win32_crypt32}") + endif() + list(APPEND CMAKE_REQUIRED_DEFINITIONS "-DHAVE_UINTPTR_T") # to pull in stdint.h (as of wolfSSL v5.5.4) + endif() + if(${ARGC} EQUAL 2) + check_function_exists(${ARGN}) + else() + check_symbol_exists(${ARGN}) # Uses CMAKE_REQUIRED_INCLUDES and CMAKE_REQUIRED_DEFINITIONS + endif() + cmake_pop_check_state() +endmacro() + +# Ensure that the OpenSSL fork actually supports QUIC. +macro(curl_openssl_check_quic) + if(NOT DEFINED HAVE_SSL_SET_QUIC_USE_LEGACY_CODEPOINT) + if(USE_OPENSSL) + curl_openssl_check_exists("SSL_set_quic_use_legacy_codepoint" HAVE_SSL_SET_QUIC_USE_LEGACY_CODEPOINT) + endif() + if(USE_WOLFSSL) + curl_openssl_check_exists("wolfSSL_set_quic_use_legacy_codepoint" HAVE_SSL_SET_QUIC_USE_LEGACY_CODEPOINT) + endif() + endif() + if(NOT HAVE_SSL_SET_QUIC_USE_LEGACY_CODEPOINT) + message(FATAL_ERROR "QUIC support is missing in OpenSSL fork. Try setting -DOPENSSL_ROOT_DIR") + endif() +endmacro() + +if(USE_WOLFSSL) + curl_openssl_check_exists("wolfSSL_DES_ecb_encrypt" HAVE_WOLFSSL_DES_ECB_ENCRYPT) + curl_openssl_check_exists("wolfSSL_BIO_new" HAVE_WOLFSSL_BIO) + curl_openssl_check_exists("wolfSSL_BIO_set_shutdown" HAVE_WOLFSSL_FULL_BIO) +endif() + +if(USE_OPENSSL) + if(NOT DEFINED HAVE_SSL_SET0_WBIO) + curl_openssl_check_exists("SSL_set0_wbio" HAVE_SSL_SET0_WBIO) + endif() + if(NOT DEFINED HAVE_OPENSSL_SRP AND NOT CURL_DISABLE_SRP) + curl_openssl_check_exists("SSL_CTX_set_srp_username" "openssl/ssl.h" HAVE_OPENSSL_SRP) + endif() +endif() + +option(USE_HTTPSRR "Enable HTTPS RR support" OFF) +option(USE_ECH "Enable ECH support" OFF) +if(USE_ECH) + if(USE_OPENSSL OR USE_WOLFSSL) + # Be sure that the TLS library actually supports ECH. + if(USE_WOLFSSL) + curl_openssl_check_exists("wolfSSL_CTX_GenerateEchConfig" HAVE_WOLFSSL_CTX_GENERATEECHCONFIG) + endif() + if(USE_OPENSSL) + curl_openssl_check_exists("SSL_set1_ech_config_list" HAVE_SSL_SET1_ECH_CONFIG_LIST) + endif() + if(HAVE_WOLFSSL_CTX_GENERATEECHCONFIG OR + HAVE_SSL_SET1_ECH_CONFIG_LIST) + set(HAVE_ECH 1) + endif() + if(NOT HAVE_ECH) + message(FATAL_ERROR "ECH support missing in OpenSSL/BoringSSL/AWS-LC/wolfSSL") + else() + message(STATUS "ECH enabled") + # ECH wants HTTPSRR + set(USE_HTTPSRR ON) + message(STATUS "HTTPSRR enabled") + endif() + else() + message(FATAL_ERROR "ECH requires ECH-enablded OpenSSL, BoringSSL, AWS-LC or wolfSSL") + endif() +endif() + +option(USE_SSLS_EXPORT "Enable SSL session export support" OFF) +if(USE_SSLS_EXPORT) + if(_ssl_enabled) + message(STATUS "SSL export enabled.") + else() + message(FATAL_ERROR "SSL session export requires SSL enabled") + endif() +endif() + +option(USE_NGHTTP2 "Use nghttp2 library" ON) +if(USE_NGHTTP2) + find_package(NGHTTP2) + if(NGHTTP2_FOUND) + list(APPEND CURL_LIBS ${NGHTTP2_LIBRARIES}) + list(APPEND CURL_LIBDIRS ${NGHTTP2_LIBRARY_DIRS}) + list(APPEND LIBCURL_PC_REQUIRES_PRIVATE ${NGHTTP2_PC_REQUIRES}) + include_directories(SYSTEM ${NGHTTP2_INCLUDE_DIRS}) + link_directories(${NGHTTP2_LIBRARY_DIRS}) + if(NGHTTP2_CFLAGS) + string(APPEND CMAKE_C_FLAGS " ${NGHTTP2_CFLAGS}") + endif() + else() + set(USE_NGHTTP2 OFF) + endif() +endif() + +option(USE_NGTCP2 "Use ngtcp2 and nghttp3 libraries for HTTP/3 support" OFF) +if(USE_NGTCP2) + if(USE_OPENSSL OR USE_WOLFSSL) + if(USE_WOLFSSL) + find_package(NGTCP2 REQUIRED "wolfSSL") + elseif(HAVE_BORINGSSL OR HAVE_AWSLC) + find_package(NGTCP2 REQUIRED "BoringSSL") + else() + find_package(NGTCP2 REQUIRED "quictls") + if(NOT HAVE_LIBRESSL) + set(_openssl "quictls") + endif() + endif() + curl_openssl_check_quic() + elseif(USE_GNUTLS) + find_package(NGTCP2 REQUIRED "GnuTLS") + else() + message(FATAL_ERROR "ngtcp2 requires OpenSSL, wolfSSL or GnuTLS") + endif() + list(APPEND CURL_LIBS ${NGTCP2_LIBRARIES}) + list(APPEND CURL_LIBDIRS ${NGTCP2_LIBRARY_DIRS}) + list(APPEND LIBCURL_PC_REQUIRES_PRIVATE ${NGTCP2_PC_REQUIRES}) + include_directories(SYSTEM ${NGTCP2_INCLUDE_DIRS}) + link_directories(${NGTCP2_LIBRARY_DIRS}) + if(NGTCP2_CFLAGS) + string(APPEND CMAKE_C_FLAGS " ${NGTCP2_CFLAGS}") + endif() + + find_package(NGHTTP3 REQUIRED) + set(USE_NGHTTP3 ON) + list(APPEND CURL_LIBS ${NGHTTP3_LIBRARIES}) + list(APPEND CURL_LIBDIRS ${NGHTTP3_LIBRARY_DIRS}) + list(APPEND LIBCURL_PC_REQUIRES_PRIVATE ${NGHTTP3_PC_REQUIRES}) + include_directories(SYSTEM ${NGHTTP3_INCLUDE_DIRS}) + link_directories(${NGHTTP3_LIBRARY_DIRS}) + if(NGHTTP3_CFLAGS) + string(APPEND CMAKE_C_FLAGS " ${NGHTTP3_CFLAGS}") + endif() +endif() + +option(USE_QUICHE "Use quiche library for HTTP/3 support" OFF) +if(USE_QUICHE) + if(USE_NGTCP2) + message(FATAL_ERROR "Only one HTTP/3 backend can be selected") + endif() + find_package(Quiche REQUIRED) + if(NOT HAVE_BORINGSSL) + message(FATAL_ERROR "quiche requires BoringSSL") + endif() + curl_openssl_check_quic() + list(APPEND CURL_LIBS ${QUICHE_LIBRARIES}) + list(APPEND CURL_LIBDIRS ${QUICHE_LIBRARY_DIRS}) + list(APPEND LIBCURL_PC_REQUIRES_PRIVATE ${QUICHE_PC_REQUIRES}) + include_directories(SYSTEM ${QUICHE_INCLUDE_DIRS}) + link_directories(${QUICHE_LIBRARY_DIRS}) + if(QUICHE_CFLAGS) + string(APPEND CMAKE_C_FLAGS " ${QUICHE_CFLAGS}") + endif() + if(NOT DEFINED HAVE_QUICHE_CONN_SET_QLOG_FD) + cmake_push_check_state() + list(APPEND CMAKE_REQUIRED_INCLUDES "${QUICHE_INCLUDE_DIRS}") + list(APPEND CMAKE_REQUIRED_LIBRARIES "${QUICHE_LIBRARIES}") + check_symbol_exists("quiche_conn_set_qlog_fd" "quiche.h" HAVE_QUICHE_CONN_SET_QLOG_FD) + cmake_pop_check_state() + endif() +endif() + +option(USE_MSH3 "Use msh3/msquic library for HTTP/3 support" OFF) +if(USE_MSH3) + if(USE_NGTCP2 OR USE_QUICHE) + message(FATAL_ERROR "Only one HTTP/3 backend can be selected") + endif() + if(NOT WIN32) + if(NOT USE_OPENSSL) + message(FATAL_ERROR "msh3/msquic requires OpenSSL fork with QUIC API") + endif() + curl_openssl_check_quic() + endif() + find_package(MSH3 REQUIRED) + list(APPEND CURL_LIBS ${MSH3_LIBRARIES}) + list(APPEND CURL_LIBDIRS ${MSH3_LIBRARY_DIRS}) + list(APPEND LIBCURL_PC_REQUIRES_PRIVATE ${MSH3_PC_REQUIRES}) + include_directories(SYSTEM ${MSH3_INCLUDE_DIRS}) + link_directories(${MSH3_LIBRARY_DIRS}) + if(MSH3_CFLAGS) + string(APPEND CMAKE_C_FLAGS " ${MSH3_CFLAGS}") + endif() +endif() + +if(USE_OPENSSL_QUIC) + if(USE_NGTCP2 OR USE_QUICHE OR USE_MSH3) + message(FATAL_ERROR "Only one HTTP/3 backend can be selected") + endif() + find_package(OpenSSL 3.3.0 REQUIRED) + + find_package(NGHTTP3 REQUIRED) + set(USE_NGHTTP3 ON) + include_directories(SYSTEM ${NGHTTP3_INCLUDE_DIRS}) + list(APPEND CURL_LIBS ${NGHTTP3_LIBRARIES}) + list(APPEND LIBCURL_PC_REQUIRES_PRIVATE ${NGHTTP3_PC_REQUIRES}) +endif() + +if(CURL_WITH_MULTI_SSL AND (USE_NGTCP2 OR USE_QUICHE OR USE_MSH3 OR USE_OPENSSL_QUIC)) + message(FATAL_ERROR "MultiSSL cannot be enabled with HTTP/3 and vice versa.") +endif() + +if(NOT CURL_DISABLE_SRP AND (HAVE_GNUTLS_SRP OR HAVE_OPENSSL_SRP)) + set(USE_TLS_SRP 1) +endif() + +if(NOT CURL_DISABLE_LDAP) + if(WIN32 AND NOT WINDOWS_STORE AND NOT WINCE) + option(USE_WIN32_LDAP "Use Windows LDAP implementation" ON) + if(USE_WIN32_LDAP) + list(APPEND CURL_LIBS "wldap32") + if(NOT CURL_DISABLE_LDAPS) + set(HAVE_LDAP_SSL ON) + endif() + endif() + endif() + + # Now that we know, we are not using Windows LDAP... + if(NOT USE_WIN32_LDAP) + # Check for LDAP + cmake_push_check_state() + if(USE_OPENSSL) + list(APPEND CMAKE_REQUIRED_LIBRARIES OpenSSL::SSL OpenSSL::Crypto) + endif() + find_package(LDAP) + if(LDAP_FOUND) + set(HAVE_LBER_H 1) + set(CURL_LIBS ${LDAP_LIBRARIES} ${CURL_LIBS}) + list(APPEND CURL_LIBDIRS ${LDAP_LIBRARY_DIRS}) + if(LDAP_PC_REQUIRES) + set(LIBCURL_PC_REQUIRES_PRIVATE ${LDAP_PC_REQUIRES} ${LIBCURL_PC_REQUIRES_PRIVATE}) + endif() + include_directories(SYSTEM ${LDAP_INCLUDE_DIRS}) + link_directories(${LDAP_LIBRARY_DIRS}) + if(LDAP_CFLAGS) + string(APPEND CMAKE_C_FLAGS " ${LDAP_CFLAGS}") + endif() + + # LDAP feature checks + + list(APPEND CMAKE_REQUIRED_DEFINITIONS "-DLDAP_DEPRECATED=1") + list(APPEND CMAKE_REQUIRED_LIBRARIES ${LDAP_LIBRARIES}) + curl_required_libpaths("${LDAP_LIBRARY_DIRS}") + + check_function_exists("ldap_url_parse" HAVE_LDAP_URL_PARSE) + check_function_exists("ldap_init_fd" HAVE_LDAP_INIT_FD) + + check_include_file("ldap_ssl.h" HAVE_LDAP_SSL_H) + + if(HAVE_LDAP_INIT_FD) + set(USE_OPENLDAP ON) + endif() + if(NOT CURL_DISABLE_LDAPS) + set(HAVE_LDAP_SSL ON) + endif() + else() + message(STATUS "LDAP not found. CURL_DISABLE_LDAP set ON") + set(CURL_DISABLE_LDAP ON CACHE BOOL "" FORCE) + endif() + cmake_pop_check_state() + endif() +endif() + +# No ldap, no ldaps. +if(CURL_DISABLE_LDAP) + if(NOT CURL_DISABLE_LDAPS) + message(STATUS "LDAP needs to be enabled to support LDAPS") + set(CURL_DISABLE_LDAPS ON CACHE BOOL "" FORCE) + endif() +endif() + +if(WIN32) + option(USE_WIN32_IDN "Use WinIDN for IDN support" OFF) + if(USE_WIN32_IDN) + list(APPEND CURL_LIBS "normaliz") + endif() +else() + set(USE_WIN32_IDN OFF) +endif() + +if(APPLE) + option(USE_APPLE_IDN "Use Apple built-in IDN support" OFF) + if(USE_APPLE_IDN) + cmake_push_check_state() + list(APPEND CMAKE_REQUIRED_LIBRARIES "icucore") + check_symbol_exists("uidna_openUTS46" "unicode/uidna.h" HAVE_APPLE_IDN) + cmake_pop_check_state() + if(HAVE_APPLE_IDN) + list(APPEND CURL_LIBS "icucore" "iconv") + else() + set(USE_APPLE_IDN OFF) + endif() + endif() +else() + set(USE_APPLE_IDN OFF) +endif() + +# Check for libidn2 +option(USE_LIBIDN2 "Use libidn2 for IDN support" ON) +set(HAVE_IDN2_H OFF) +set(HAVE_LIBIDN2 OFF) +if(USE_LIBIDN2 AND NOT USE_APPLE_IDN AND NOT USE_WIN32_IDN) + find_package(Libidn2) + if(LIBIDN2_FOUND) + set(CURL_LIBS ${LIBIDN2_LIBRARIES} ${CURL_LIBS}) + list(APPEND CURL_LIBDIRS ${LIBIDN2_LIBRARY_DIRS}) + set(LIBCURL_PC_REQUIRES_PRIVATE ${LIBIDN2_PC_REQUIRES} ${LIBCURL_PC_REQUIRES_PRIVATE}) + include_directories(SYSTEM ${LIBIDN2_INCLUDE_DIRS}) + link_directories(${LIBIDN2_LIBRARY_DIRS}) + if(LIBIDN2_CFLAGS) + string(APPEND CMAKE_C_FLAGS " ${LIBIDN2_CFLAGS}") + endif() + set(HAVE_IDN2_H 1) + set(HAVE_LIBIDN2 1) + endif() +endif() + +# libpsl +option(CURL_USE_LIBPSL "Use libpsl" ON) +mark_as_advanced(CURL_USE_LIBPSL) +set(USE_LIBPSL OFF) + +if(CURL_USE_LIBPSL) + find_package(Libpsl REQUIRED) + list(APPEND CURL_LIBS ${LIBPSL_LIBRARIES}) + list(APPEND CURL_LIBDIRS ${LIBPSL_LIBRARY_DIRS}) + list(APPEND LIBCURL_PC_REQUIRES_PRIVATE ${LIBPSL_PC_REQUIRES}) + include_directories(SYSTEM ${LIBPSL_INCLUDE_DIRS}) + link_directories(${LIBPSL_LIBRARY_DIRS}) + if(LIBPSL_CFLAGS) + string(APPEND CMAKE_C_FLAGS " ${LIBPSL_CFLAGS}") + endif() + set(USE_LIBPSL ON) +endif() + +# libssh2 +option(CURL_USE_LIBSSH2 "Use libssh2" ON) +mark_as_advanced(CURL_USE_LIBSSH2) +set(USE_LIBSSH2 OFF) + +if(CURL_USE_LIBSSH2) + find_package(Libssh2) + if(LIBSSH2_FOUND) + set(CURL_LIBS ${LIBSSH2_LIBRARIES} ${CURL_LIBS}) # keep it before TLS-crypto, compression + list(APPEND CURL_LIBDIRS ${LIBSSH2_LIBRARY_DIRS}) + set(LIBCURL_PC_REQUIRES_PRIVATE ${LIBSSH2_PC_REQUIRES} ${LIBCURL_PC_REQUIRES_PRIVATE}) + include_directories(SYSTEM ${LIBSSH2_INCLUDE_DIRS}) + link_directories(${LIBSSH2_LIBRARY_DIRS}) + if(LIBSSH2_CFLAGS) + string(APPEND CMAKE_C_FLAGS " ${LIBSSH2_CFLAGS}") + endif() + set(USE_LIBSSH2 ON) + endif() +endif() + +# libssh +option(CURL_USE_LIBSSH "Use libssh" OFF) +mark_as_advanced(CURL_USE_LIBSSH) +if(NOT USE_LIBSSH2 AND CURL_USE_LIBSSH) + find_package(Libssh REQUIRED) + set(CURL_LIBS ${LIBSSH_LIBRARIES} ${CURL_LIBS}) # keep it before TLS-crypto, compression + list(APPEND CURL_LIBDIRS ${LIBSSH_LIBRARY_DIRS}) + set(LIBCURL_PC_REQUIRES_PRIVATE ${LIBSSH_PC_REQUIRES} ${LIBCURL_PC_REQUIRES_PRIVATE}) + include_directories(SYSTEM ${LIBSSH_INCLUDE_DIRS}) + link_directories(${LIBSSH_LIBRARY_DIRS}) + if(LIBSSH_CFLAGS) + string(APPEND CMAKE_C_FLAGS " ${LIBSSH_CFLAGS}") + endif() + set(USE_LIBSSH ON) +endif() + +# wolfSSH +option(CURL_USE_WOLFSSH "Use wolfSSH" OFF) +mark_as_advanced(CURL_USE_WOLFSSH) +set(USE_WOLFSSH OFF) +if(NOT USE_LIBSSH2 AND NOT USE_LIBSSH AND CURL_USE_WOLFSSH) + if(USE_WOLFSSL) + find_package(WolfSSH) + if(WOLFSSH_FOUND) + set(CURL_LIBS ${WOLFSSH_LIBRARIES} ${CURL_LIBS}) # keep it before TLS-crypto, compression + include_directories(SYSTEM ${WOLFSSH_INCLUDE_DIRS}) + set(USE_WOLFSSH ON) + endif() + else() + message(WARNING "wolfSSH requires wolfSSL. Skipping.") + endif() +endif() + +option(CURL_USE_GSASL "Use libgsasl" OFF) +mark_as_advanced(CURL_USE_GSASL) +if(CURL_USE_GSASL) + find_package(Libgsasl REQUIRED) + list(APPEND CURL_LIBS ${LIBGSASL_LIBRARIES}) + list(APPEND CURL_LIBDIRS ${LIBGSASL_LIBRARY_DIRS}) + list(APPEND LIBCURL_PC_REQUIRES_PRIVATE ${LIBGSASL_PC_REQUIRES}) + include_directories(SYSTEM ${LIBGSASL_INCLUDE_DIRS}) + link_directories(${LIBGSASL_LIBRARY_DIRS}) + if(LIBGSASL_CFLAGS) + string(APPEND CMAKE_C_FLAGS " ${LIBGSASL_CFLAGS}") + endif() + set(USE_GSASL ON) +endif() + +option(CURL_USE_GSSAPI "Use GSSAPI implementation" OFF) +mark_as_advanced(CURL_USE_GSSAPI) + +if(CURL_USE_GSSAPI) + find_package(GSS) + + set(HAVE_GSSAPI ${GSS_FOUND}) + if(GSS_FOUND) + list(APPEND CURL_LIBS ${GSS_LIBRARIES}) + list(APPEND CURL_LIBDIRS ${GSS_LIBRARY_DIRS}) + list(APPEND LIBCURL_PC_REQUIRES_PRIVATE ${GSS_PC_REQUIRES}) + include_directories(SYSTEM ${GSS_INCLUDE_DIRS}) + link_directories(${GSS_LIBRARY_DIRS}) + if(GSS_CFLAGS) + string(APPEND CMAKE_C_FLAGS " ${GSS_CFLAGS}") + endif() + + if(GSS_FLAVOUR STREQUAL "GNU") + set(HAVE_GSSGNU 1) + else() + cmake_push_check_state() + list(APPEND CMAKE_REQUIRED_INCLUDES ${GSS_INCLUDE_DIRS}) + + set(_include_list "") + check_include_file("gssapi/gssapi.h" HAVE_GSSAPI_GSSAPI_H) + if(HAVE_GSSAPI_GSSAPI_H) + list(APPEND _include_list "gssapi/gssapi.h") + endif() + check_include_files("${_include_list};gssapi/gssapi_generic.h" HAVE_GSSAPI_GSSAPI_GENERIC_H) + + if(GSS_FLAVOUR STREQUAL "MIT") + check_include_files("${_include_list};gssapi/gssapi_krb5.h" _have_gssapi_gssapi_krb5_h) + if(HAVE_GSSAPI_GSSAPI_GENERIC_H) + list(APPEND _include_list "gssapi/gssapi_generic.h") + endif() + if(_have_gssapi_gssapi_krb5_h) + list(APPEND _include_list "gssapi/gssapi_krb5.h") + endif() + + if(NOT DEFINED HAVE_GSS_C_NT_HOSTBASED_SERVICE) + string(APPEND CMAKE_REQUIRED_FLAGS " ${GSS_CFLAGS}") + list(APPEND CMAKE_REQUIRED_LIBRARIES ${GSS_LIBRARIES}) + curl_required_libpaths("${GSS_LIBRARY_DIRS}") + check_symbol_exists("GSS_C_NT_HOSTBASED_SERVICE" "${_include_list}" HAVE_GSS_C_NT_HOSTBASED_SERVICE) + endif() + if(NOT HAVE_GSS_C_NT_HOSTBASED_SERVICE) + set(HAVE_OLD_GSSMIT ON) + endif() + endif() + unset(_include_list) + cmake_pop_check_state() + endif() + else() + message(WARNING "GSSAPI has been requested, but no supporting libraries found. Skipping.") + endif() +endif() + +# libuv +option(CURL_USE_LIBUV "Use libuv for event-based tests" OFF) +if(CURL_USE_LIBUV) + if(NOT ENABLE_DEBUG) + message(FATAL_ERROR "Using libuv without debug support enabled is useless") + endif() + find_package(Libuv REQUIRED) + list(APPEND CURL_LIBS ${LIBUV_LIBRARIES}) + list(APPEND CURL_LIBDIRS ${LIBUV_LIBRARY_DIRS}) + list(APPEND LIBCURL_PC_REQUIRES_PRIVATE ${LIBUV_PC_REQUIRES}) + include_directories(SYSTEM ${LIBUV_INCLUDE_DIRS}) + link_directories(${LIBUV_LIBRARY_DIRS}) + if(LIBUV_CFLAGS) + string(APPEND CMAKE_C_FLAGS " ${LIBUV_CFLAGS}") + endif() + set(USE_LIBUV ON) + set(HAVE_UV_H ON) +endif() + +option(USE_LIBRTMP "Enable librtmp from rtmpdump" OFF) +if(USE_LIBRTMP) + find_package(Librtmp REQUIRED) + list(APPEND CURL_LIBS ${LIBRTMP_LIBRARIES}) + list(APPEND CURL_LIBDIRS ${LIBRTMP_LIBRARY_DIRS}) + list(APPEND LIBCURL_PC_REQUIRES_PRIVATE ${LIBRTMP_PC_REQUIRES}) + include_directories(SYSTEM ${LIBRTMP_INCLUDE_DIRS}) + link_directories(${LIBRTMP_LIBRARY_DIRS}) + if(LIBRTMP_CFLAGS) + string(APPEND CMAKE_C_FLAGS " ${LIBRTMP_CFLAGS}") + endif() +endif() + +option(ENABLE_UNIX_SOCKETS "Enable Unix domain sockets support" ON) +if(ENABLE_UNIX_SOCKETS AND NOT WINCE) + if(WIN32 OR DOS) + set(USE_UNIX_SOCKETS ON) + else() + include(CheckStructHasMember) + check_struct_has_member("struct sockaddr_un" "sun_path" "sys/un.h" USE_UNIX_SOCKETS) + endif() +else() + unset(USE_UNIX_SOCKETS CACHE) +endif() + +# +# CA handling +# +if(_curl_ca_bundle_supported) + set(CURL_CA_BUNDLE "auto" CACHE + STRING "Path to the CA bundle. Set 'none' to disable or 'auto' for auto-detection. Defaults to 'auto'.") + set(CURL_CA_FALLBACK OFF CACHE + BOOL "Use built-in CA store of TLS backend. Defaults to OFF") + set(CURL_CA_PATH "auto" CACHE + STRING "Location of default CA path. Set 'none' to disable or 'auto' for auto-detection. Defaults to 'auto'.") + set(CURL_CA_EMBED "" CACHE + STRING "Path to the CA bundle to embed in the curl tool.") + + if(CURL_CA_BUNDLE STREQUAL "") + message(FATAL_ERROR "Invalid value of CURL_CA_BUNDLE. Use 'none', 'auto' or file path.") + elseif(CURL_CA_BUNDLE STREQUAL "none") + unset(CURL_CA_BUNDLE CACHE) + elseif(CURL_CA_BUNDLE STREQUAL "auto") + unset(CURL_CA_BUNDLE CACHE) + if(NOT CMAKE_CROSSCOMPILING AND NOT WIN32) + set(_curl_ca_bundle_autodetect TRUE) + endif() + else() + set(CURL_CA_BUNDLE_SET TRUE) + endif() + mark_as_advanced(CURL_CA_BUNDLE_SET) + + if(CURL_CA_PATH STREQUAL "") + message(FATAL_ERROR "Invalid value of CURL_CA_PATH. Use 'none', 'auto' or directory path.") + elseif(CURL_CA_PATH STREQUAL "none") + unset(CURL_CA_PATH CACHE) + elseif(CURL_CA_PATH STREQUAL "auto") + unset(CURL_CA_PATH CACHE) + if(NOT CMAKE_CROSSCOMPILING AND NOT WIN32) + set(_curl_ca_path_autodetect TRUE) + endif() + else() + set(CURL_CA_PATH_SET TRUE) + endif() + mark_as_advanced(CURL_CA_PATH_SET) + + if(CURL_CA_BUNDLE_SET AND _curl_ca_path_autodetect) + # Skip auto-detection of unset CA path because CA bundle is set explicitly + elseif(CURL_CA_PATH_SET AND _curl_ca_bundle_autodetect) + # Skip auto-detection of unset CA bundle because CA path is set explicitly + elseif(_curl_ca_bundle_autodetect OR _curl_ca_path_autodetect) + # First try auto-detecting a CA bundle, then a CA path + + if(_curl_ca_bundle_autodetect) + foreach(_search_ca_bundle_path IN ITEMS + "/etc/ssl/certs/ca-certificates.crt" + "/etc/pki/tls/certs/ca-bundle.crt" + "/usr/share/ssl/certs/ca-bundle.crt" + "/usr/local/share/certs/ca-root-nss.crt" + "/etc/ssl/cert.pem") + if(EXISTS "${_search_ca_bundle_path}") + message(STATUS "Found CA bundle: ${_search_ca_bundle_path}") + set(CURL_CA_BUNDLE "${_search_ca_bundle_path}" CACHE + STRING "Path to the CA bundle. Set 'none' to disable or 'auto' for auto-detection. Defaults to 'auto'.") + set(CURL_CA_BUNDLE_SET TRUE CACHE BOOL "Path to the CA bundle has been set") + break() + endif() + endforeach() + endif() + + if(_curl_ca_path_autodetect AND NOT CURL_CA_PATH_SET) + set(_search_ca_path "/etc/ssl/certs") + file(GLOB _curl_ca_files_found "${_search_ca_path}/[0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f].0") + if(_curl_ca_files_found) + unset(_curl_ca_files_found) + message(STATUS "Found CA path: ${_search_ca_path}") + set(CURL_CA_PATH "${_search_ca_path}" CACHE + STRING "Location of default CA path. Set 'none' to disable or 'auto' for auto-detection. Defaults to 'auto'.") + set(CURL_CA_PATH_SET TRUE CACHE BOOL "Path to the CA bundle has been set") + endif() + endif() + endif() + + set(CURL_CA_EMBED_SET FALSE) + if(BUILD_CURL_EXE AND NOT CURL_CA_EMBED STREQUAL "") + if(EXISTS "${CURL_CA_EMBED}") + set(CURL_CA_EMBED_SET TRUE) + message(STATUS "Found CA bundle to embed: ${CURL_CA_EMBED}") + else() + message(FATAL_ERROR "CA bundle to embed is missing: '${CURL_CA_EMBED}'") + endif() + endif() +endif() + +if(WIN32) + option(CURL_DISABLE_CA_SEARCH "Disable unsafe CA bundle search in PATH on Windows" OFF) + option(CURL_CA_SEARCH_SAFE "Enable safe CA bundle search (within the curl tool directory) on Windows" OFF) +endif() + +# Check for header files +if(WIN32) + list(APPEND CURL_INCLUDES "winsock2.h") + list(APPEND CURL_INCLUDES "ws2tcpip.h") + + if(HAVE_WIN32_WINNT AND HAVE_WIN32_WINNT LESS 0x0501 AND NOT WINCE) + # Windows XP is required for freeaddrinfo, getaddrinfo + message(FATAL_ERROR "Building for Windows XP or newer is required.") + endif() +endif() + +# Detect headers + +# Use check_include_file_concat_curl() for headers required by subsequent +# check_include_file_concat_curl() or check_symbol_exists() detections. +# Order for these is significant. +check_include_file("sys/eventfd.h" HAVE_SYS_EVENTFD_H) +check_include_file("sys/filio.h" HAVE_SYS_FILIO_H) +check_include_file("sys/ioctl.h" HAVE_SYS_IOCTL_H) +check_include_file("sys/param.h" HAVE_SYS_PARAM_H) +check_include_file("sys/poll.h" HAVE_SYS_POLL_H) +check_include_file("sys/resource.h" HAVE_SYS_RESOURCE_H) +check_include_file_concat_curl("sys/select.h" HAVE_SYS_SELECT_H) +check_include_file_concat_curl("sys/socket.h" HAVE_SYS_SOCKET_H) +check_include_file("sys/sockio.h" HAVE_SYS_SOCKIO_H) +check_include_file("sys/stat.h" HAVE_SYS_STAT_H) +check_include_file_concat_curl("sys/time.h" HAVE_SYS_TIME_H) +check_include_file_concat_curl("sys/types.h" HAVE_SYS_TYPES_H) +check_include_file("sys/un.h" HAVE_SYS_UN_H) +check_include_file_concat_curl("sys/utime.h" HAVE_SYS_UTIME_H) # sys/types.h (AmigaOS) + +check_include_file_concat_curl("arpa/inet.h" HAVE_ARPA_INET_H) +check_include_file("dirent.h" HAVE_DIRENT_H) +check_include_file("fcntl.h" HAVE_FCNTL_H) +check_include_file_concat_curl("ifaddrs.h" HAVE_IFADDRS_H) +check_include_file("io.h" HAVE_IO_H) +check_include_file_concat_curl("libgen.h" HAVE_LIBGEN_H) +check_include_file("linux/tcp.h" HAVE_LINUX_TCP_H) +check_include_file("locale.h" HAVE_LOCALE_H) +check_include_file_concat_curl("net/if.h" HAVE_NET_IF_H) # sys/select.h (e.g. MS-DOS/Watt-32) +check_include_file_concat_curl("netdb.h" HAVE_NETDB_H) +check_include_file_concat_curl("netinet/in.h" HAVE_NETINET_IN_H) +check_include_file("netinet/in6.h" HAVE_NETINET_IN6_H) +check_include_file_concat_curl("netinet/tcp.h" HAVE_NETINET_TCP_H) # sys/types.h (e.g. Cygwin) netinet/in.h +check_include_file_concat_curl("netinet/udp.h" HAVE_NETINET_UDP_H) # sys/types.h (e.g. Cygwin) +check_include_file("poll.h" HAVE_POLL_H) +check_include_file("pwd.h" HAVE_PWD_H) +check_include_file("stdatomic.h" HAVE_STDATOMIC_H) +check_include_file("stdbool.h" HAVE_STDBOOL_H) +check_include_file("stdint.h" HAVE_STDINT_H) +check_include_file("strings.h" HAVE_STRINGS_H) +check_include_file("stropts.h" HAVE_STROPTS_H) +check_include_file("termio.h" HAVE_TERMIO_H) +check_include_file("termios.h" HAVE_TERMIOS_H) +check_include_file_concat_curl("unistd.h" HAVE_UNISTD_H) +check_include_file("utime.h" HAVE_UTIME_H) + +if(AMIGA) + check_include_file_concat_curl("proto/bsdsocket.h" HAVE_PROTO_BSDSOCKET_H) +endif() + +# Pass these detection results to curl_internal_test() for use in CurlTests.c +# Add here all feature flags referenced from CurlTests.c +foreach(_variable IN ITEMS + HAVE_STDATOMIC_H + HAVE_STDBOOL_H + HAVE_STROPTS_H + HAVE_SYS_IOCTL_H + HAVE_SYS_SOCKET_H + HAVE_SYS_TYPES_H + HAVE_UNISTD_H + ) + if(${_variable}) + string(APPEND CURL_TEST_DEFINES " -D${_variable}") + endif() +endforeach() + +check_type_size("size_t" SIZEOF_SIZE_T) +check_type_size("ssize_t" SIZEOF_SSIZE_T) +check_type_size("long long" SIZEOF_LONG_LONG) +check_type_size("long" SIZEOF_LONG) +check_type_size("int" SIZEOF_INT) +check_type_size("__int64" SIZEOF___INT64) +check_type_size("time_t" SIZEOF_TIME_T) +check_type_size("suseconds_t" SIZEOF_SUSECONDS_T) +if(NOT HAVE_SIZEOF_SSIZE_T) + if(SIZEOF_LONG EQUAL SIZEOF_SIZE_T) + set(ssize_t "long") + endif() + if(NOT ssize_t AND SIZEOF___INT64 EQUAL SIZEOF_SIZE_T) + set(ssize_t "__int64") + endif() +endif() +# off_t is sized later, after the HAVE_FILE_OFFSET_BITS test + +if(SIZEOF_LONG_LONG) + set(HAVE_LONGLONG 1) +endif() +if(SIZEOF_SUSECONDS_T) + set(HAVE_SUSECONDS_T 1) +endif() + +# Check for some functions that are used + +# Apply to all feature checks +if(WIN32) + list(APPEND CMAKE_REQUIRED_LIBRARIES "${_win32_winsock}") +elseif(HAVE_LIBSOCKET) + list(APPEND CMAKE_REQUIRED_LIBRARIES "socket") +elseif(DOS) + list(APPEND CMAKE_REQUIRED_LIBRARIES "${WATT_ROOT}/lib/libwatt.a") +endif() + +check_function_exists("fnmatch" HAVE_FNMATCH) +check_symbol_exists("basename" "${CURL_INCLUDES};string.h" HAVE_BASENAME) # libgen.h unistd.h +check_symbol_exists("opendir" "dirent.h" HAVE_OPENDIR) +check_function_exists("poll" HAVE_POLL) # poll.h +check_symbol_exists("socket" "${CURL_INCLUDES}" HAVE_SOCKET) # winsock2.h sys/socket.h +check_symbol_exists("socketpair" "${CURL_INCLUDES}" HAVE_SOCKETPAIR) # sys/socket.h +check_symbol_exists("recv" "${CURL_INCLUDES}" HAVE_RECV) # proto/bsdsocket.h sys/types.h sys/socket.h +check_symbol_exists("send" "${CURL_INCLUDES}" HAVE_SEND) # proto/bsdsocket.h sys/types.h sys/socket.h +check_function_exists("sendmsg" HAVE_SENDMSG) +check_function_exists("sendmmsg" HAVE_SENDMMSG) +check_symbol_exists("select" "${CURL_INCLUDES}" HAVE_SELECT) # proto/bsdsocket.h sys/select.h sys/socket.h +check_symbol_exists("strdup" "string.h" HAVE_STRDUP) +check_symbol_exists("memrchr" "string.h" HAVE_MEMRCHR) +check_symbol_exists("alarm" "unistd.h" HAVE_ALARM) +check_symbol_exists("fcntl" "fcntl.h" HAVE_FCNTL) +check_function_exists("getppid" HAVE_GETPPID) +check_function_exists("utimes" HAVE_UTIMES) + +check_function_exists("gettimeofday" HAVE_GETTIMEOFDAY) # sys/time.h +check_symbol_exists("closesocket" "${CURL_INCLUDES}" HAVE_CLOSESOCKET) # winsock2.h +check_symbol_exists("sigsetjmp" "setjmp.h" HAVE_SIGSETJMP) +check_function_exists("getpass_r" HAVE_GETPASS_R) +check_function_exists("getpwuid" HAVE_GETPWUID) +check_function_exists("getpwuid_r" HAVE_GETPWUID_R) +check_function_exists("geteuid" HAVE_GETEUID) +check_function_exists("utime" HAVE_UTIME) +check_symbol_exists("gmtime_r" "stdlib.h;time.h" HAVE_GMTIME_R) + +check_symbol_exists("gethostbyname_r" "netdb.h" HAVE_GETHOSTBYNAME_R) +check_symbol_exists("gethostname" "${CURL_INCLUDES}" HAVE_GETHOSTNAME) # winsock2.h unistd.h proto/bsdsocket.h + +check_symbol_exists("signal" "signal.h" HAVE_SIGNAL) +check_symbol_exists("strerror_r" "stdlib.h;string.h" HAVE_STRERROR_R) +check_symbol_exists("sigaction" "signal.h" HAVE_SIGACTION) +check_symbol_exists("siginterrupt" "signal.h" HAVE_SIGINTERRUPT) +check_symbol_exists("getaddrinfo" "${CURL_INCLUDES};stdlib.h;string.h" HAVE_GETADDRINFO) # ws2tcpip.h sys/socket.h netdb.h +check_symbol_exists("getifaddrs" "${CURL_INCLUDES};stdlib.h" HAVE_GETIFADDRS) # ifaddrs.h +check_symbol_exists("freeaddrinfo" "${CURL_INCLUDES}" HAVE_FREEADDRINFO) # ws2tcpip.h sys/socket.h netdb.h +check_function_exists("pipe" HAVE_PIPE) +check_function_exists("eventfd" HAVE_EVENTFD) +check_symbol_exists("ftruncate" "unistd.h" HAVE_FTRUNCATE) +check_symbol_exists("getpeername" "${CURL_INCLUDES}" HAVE_GETPEERNAME) # winsock2.h unistd.h proto/bsdsocket.h +check_symbol_exists("getsockname" "${CURL_INCLUDES}" HAVE_GETSOCKNAME) # winsock2.h unistd.h proto/bsdsocket.h +check_function_exists("getrlimit" HAVE_GETRLIMIT) +check_function_exists("setlocale" HAVE_SETLOCALE) +check_function_exists("setrlimit" HAVE_SETRLIMIT) + +if(NOT WIN32) + check_function_exists("if_nametoindex" HAVE_IF_NAMETOINDEX) # iphlpapi.h (Windows non-UWP), net/if.h + check_function_exists("realpath" HAVE_REALPATH) + check_function_exists("sched_yield" HAVE_SCHED_YIELD) + check_symbol_exists("strcasecmp" "string.h" HAVE_STRCASECMP) + check_symbol_exists("stricmp" "string.h" HAVE_STRICMP) + check_symbol_exists("strcmpi" "string.h" HAVE_STRCMPI) +endif() + +if(NOT MINGW32CE) # Avoid false detections + check_function_exists("setmode" HAVE_SETMODE) + if(WIN32 OR CYGWIN) + check_function_exists("_setmode" HAVE__SETMODE) + endif() +endif() + +if(AMIGA) + check_symbol_exists("CloseSocket" "${CURL_INCLUDES}" HAVE_CLOSESOCKET_CAMEL) # sys/socket.h proto/bsdsocket.h +endif() + +if(NOT _ssl_enabled) + check_symbol_exists("arc4random" "${CURL_INCLUDES};stdlib.h" HAVE_ARC4RANDOM) +endif() + +if(NOT MSVC) + check_function_exists("snprintf" HAVE_SNPRINTF) # to match detection method in ./configure +elseif(MSVC_VERSION GREATER_EQUAL 1900) # Earlier MSVC compilers had faulty snprintf implementations + check_symbol_exists("snprintf" "stdio.h" HAVE_SNPRINTF) # snprintf may be a compatibility macro, not an exported function +endif() +if(APPLE) + check_function_exists("mach_absolute_time" HAVE_MACH_ABSOLUTE_TIME) +endif() +if(NOT WIN32) + check_symbol_exists("inet_ntop" "${CURL_INCLUDES};stdlib.h;string.h" HAVE_INET_NTOP) # arpa/inet.h netinet/in.h sys/socket.h + check_symbol_exists("inet_pton" "${CURL_INCLUDES};stdlib.h;string.h" HAVE_INET_PTON) # arpa/inet.h netinet/in.h sys/socket.h +endif() + +check_symbol_exists("fsetxattr" "sys/xattr.h" HAVE_FSETXATTR) +if(HAVE_FSETXATTR) + curl_internal_test(HAVE_FSETXATTR_5) + curl_internal_test(HAVE_FSETXATTR_6) +endif() + +cmake_push_check_state() +if(WIN32) + list(APPEND CMAKE_EXTRA_INCLUDE_FILES "winsock2.h") + check_type_size("ADDRESS_FAMILY" SIZEOF_ADDRESS_FAMILY) + set(HAVE_ADDRESS_FAMILY ${HAVE_SIZEOF_ADDRESS_FAMILY}) +elseif(HAVE_SYS_SOCKET_H) + list(APPEND CMAKE_EXTRA_INCLUDE_FILES "sys/socket.h") + check_type_size("sa_family_t" SIZEOF_SA_FAMILY_T) + set(HAVE_SA_FAMILY_T ${HAVE_SIZEOF_SA_FAMILY_T}) +endif() +cmake_pop_check_state() + +# Do curl specific tests +foreach(_curl_test IN ITEMS + HAVE_FCNTL_O_NONBLOCK + HAVE_IOCTLSOCKET + HAVE_IOCTLSOCKET_CAMEL + HAVE_IOCTLSOCKET_CAMEL_FIONBIO + HAVE_IOCTLSOCKET_FIONBIO + HAVE_IOCTL_FIONBIO + HAVE_IOCTL_SIOCGIFADDR + HAVE_SETSOCKOPT_SO_NONBLOCK + HAVE_GETHOSTBYNAME_R_3 + HAVE_GETHOSTBYNAME_R_5 + HAVE_GETHOSTBYNAME_R_6 + HAVE_BOOL_T + STDC_HEADERS + HAVE_ATOMIC + ) + curl_internal_test(${_curl_test}) +endforeach() + +# Check for reentrant +cmake_push_check_state() +list(APPEND CMAKE_REQUIRED_DEFINITIONS "-D_REENTRANT") +foreach(_curl_test IN ITEMS + HAVE_GETHOSTBYNAME_R_3 + HAVE_GETHOSTBYNAME_R_5 + HAVE_GETHOSTBYNAME_R_6) + curl_internal_test(${_curl_test}_REENTRANT) + if(NOT ${_curl_test} AND ${_curl_test}_REENTRANT) + set(NEED_REENTRANT 1) + endif() +endforeach() +cmake_pop_check_state() + +if(NEED_REENTRANT) + foreach(_curl_test IN ITEMS + HAVE_GETHOSTBYNAME_R_3 + HAVE_GETHOSTBYNAME_R_5 + HAVE_GETHOSTBYNAME_R_6) + set(${_curl_test} 0) + if(${_curl_test}_REENTRANT) + set(${_curl_test} 1) + endif() + endforeach() +endif() + +cmake_push_check_state() +list(APPEND CMAKE_REQUIRED_DEFINITIONS "-D_FILE_OFFSET_BITS=64") +curl_internal_test(HAVE_FILE_OFFSET_BITS) +cmake_pop_check_state() + +cmake_push_check_state() +if(HAVE_FILE_OFFSET_BITS) + set(_FILE_OFFSET_BITS 64) + list(APPEND CMAKE_REQUIRED_DEFINITIONS "-D_FILE_OFFSET_BITS=64") +endif() +check_type_size("off_t" SIZEOF_OFF_T) + +if(NOT WIN32) + # fseeko may not exist with _FILE_OFFSET_BITS=64 but can exist with + # _FILE_OFFSET_BITS unset or 32 (e.g. Android ARMv7 with NDK 26b and API level < 24) + # so we need to test fseeko after testing for _FILE_OFFSET_BITS + check_symbol_exists("fseeko" "${CURL_INCLUDES};stdio.h" HAVE_FSEEKO) + + if(HAVE_FSEEKO) + set(HAVE_DECL_FSEEKO 1) + endif() +endif() + +# Include this header to get the type +cmake_push_check_state() +list(APPEND CMAKE_REQUIRED_INCLUDES "${PROJECT_SOURCE_DIR}/include") +list(APPEND CMAKE_EXTRA_INCLUDE_FILES "curl/system.h") +check_type_size("curl_off_t" SIZEOF_CURL_OFF_T) +list(APPEND CMAKE_EXTRA_INCLUDE_FILES "curl/curl.h") +check_type_size("curl_socket_t" SIZEOF_CURL_SOCKET_T) +cmake_pop_check_state() # pop curl system headers +cmake_pop_check_state() # pop -D_FILE_OFFSET_BITS=64 + +if(NOT WIN32 AND NOT CMAKE_CROSSCOMPILING) + # On non-Windows and not cross-compiling, check for writable argv[] + include(CheckCSourceRuns) + check_c_source_runs(" + int main(int argc, char **argv) + { + (void)argc; + argv[0][0] = ' '; + return (argv[0][0] == ' ')?0:1; + }" HAVE_WRITABLE_ARGV) +endif() + +if(NOT CMAKE_CROSSCOMPILING) + include(CheckCSourceRuns) + check_c_source_runs(" + #include + int main(void) { + time_t t = -1; + return t < 0; + }" HAVE_TIME_T_UNSIGNED) +endif() + +curl_internal_test(HAVE_GLIBC_STRERROR_R) +curl_internal_test(HAVE_POSIX_STRERROR_R) + +if(NOT WIN32) + curl_internal_test(HAVE_CLOCK_GETTIME_MONOTONIC) # Check clock_gettime(CLOCK_MONOTONIC, x) support +endif() + +if(APPLE) + curl_internal_test(HAVE_BUILTIN_AVAILABLE) # Check compiler support of __builtin_available() +endif() + +# Some other minor tests + +if(_cmake_try_compile_target_type_save) + set(CMAKE_TRY_COMPILE_TARGET_TYPE ${_cmake_try_compile_target_type_save}) + unset(_cmake_try_compile_target_type_save) +endif() + +include(CMake/OtherTests.cmake) + +set_property(DIRECTORY APPEND PROPERTY COMPILE_DEFINITIONS "HAVE_CONFIG_H") + +if(WIN32) + list(APPEND CURL_LIBS "${_win32_winsock}") + if(NOT WINCE) + list(APPEND CURL_LIBS "bcrypt") + endif() + + if(NOT WINCE) + set(USE_WIN32_LARGE_FILES ON) + endif() + + # We use crypto functions that are not available for UWP apps + if(NOT WINDOWS_STORE) + set(USE_WIN32_CRYPTO ON) + endif() + + # Link required libraries for USE_WIN32_CRYPTO or USE_SCHANNEL + if(USE_WIN32_CRYPTO OR USE_SCHANNEL) + if(NOT WINCE) + list(APPEND CURL_LIBS "advapi32") + endif() + list(APPEND CURL_LIBS "${_win32_crypt32}") + endif() +endif() + +if(CMAKE_C_COMPILER_ID STREQUAL "MSVC") # MSVC but exclude clang-cl + string(APPEND CMAKE_C_FLAGS " -MP") # Parallel compilation +endif() + +if(CURL_WERROR) + if(MSVC) + string(APPEND CMAKE_C_FLAGS " -WX") + else() + string(APPEND CMAKE_C_FLAGS " -Werror") # This assumes clang or gcc style options + endif() +endif() + +if(CURL_LTO) + if(CMAKE_VERSION VERSION_LESS 3.9) + message(FATAL_ERROR "LTO has been requested, but your cmake version ${CMAKE_VERSION} is to old. You need at least 3.9") + endif() + + cmake_policy(SET CMP0069 NEW) + + include(CheckIPOSupported) + check_ipo_supported(RESULT CURL_HAS_LTO OUTPUT _lto_error LANGUAGES C) + if(CURL_HAS_LTO) + message(STATUS "LTO supported and enabled") + else() + message(FATAL_ERROR "LTO has been requested, but the compiler does not support it\n${_lto_error}") + endif() +endif() + + +# Ugly (but functional) way to include "Makefile.inc" by transforming it +# (= regenerate it). +function(curl_transform_makefile_inc _input_file _output_file) + file(READ ${_input_file} _makefile_inc_text) + string(REPLACE "$(top_srcdir)" "\${PROJECT_SOURCE_DIR}" _makefile_inc_text ${_makefile_inc_text}) + string(REPLACE "$(top_builddir)" "\${PROJECT_BINARY_DIR}" _makefile_inc_text ${_makefile_inc_text}) + + string(REGEX REPLACE "\\\\\n" "!π!α!" _makefile_inc_text ${_makefile_inc_text}) + string(REGEX REPLACE "([a-zA-Z_][a-zA-Z0-9_]*)[\t ]*=[\t ]*([^\n]*)" "set(\\1 \\2)" _makefile_inc_text ${_makefile_inc_text}) + string(REPLACE "!π!α!" "\n" _makefile_inc_text ${_makefile_inc_text}) + + # Replace $() with ${} + string(REGEX REPLACE "\\$\\(([a-zA-Z_][a-zA-Z0-9_]*)\\)" "\${\\1}" _makefile_inc_text ${_makefile_inc_text}) + # Replace @@ with ${}, even if that may not be read by CMake scripts. + string(REGEX REPLACE "@([a-zA-Z_][a-zA-Z0-9_]*)@" "\${\\1}" _makefile_inc_text ${_makefile_inc_text}) + + file(WRITE ${_output_file} ${_makefile_inc_text}) + set_property(DIRECTORY APPEND PROPERTY CMAKE_CONFIGURE_DEPENDS "${_input_file}") +endfunction() + +include(GNUInstallDirs) + +set(_install_cmake_dir "${CMAKE_INSTALL_LIBDIR}/cmake/${PROJECT_NAME}") +set(TARGETS_EXPORT_NAME "${PROJECT_NAME}Targets") +set(_generated_dir "${CMAKE_CURRENT_BINARY_DIR}/generated") +set(_project_config "${_generated_dir}/${PROJECT_NAME}Config.cmake") +set(_version_config "${_generated_dir}/${PROJECT_NAME}ConfigVersion.cmake") + +option(BUILD_TESTING "Build tests" ON) +if(BUILD_TESTING AND PERL_FOUND) + set(CURL_BUILD_TESTING ON) +else() + set(CURL_BUILD_TESTING OFF) +endif() + +if(HAVE_MANUAL_TOOLS) + set(CURL_MANPAGE "${PROJECT_BINARY_DIR}/docs/cmdline-opts/curl.1") + set(CURL_ASCIIPAGE "${PROJECT_BINARY_DIR}/docs/cmdline-opts/curl.txt") + add_subdirectory(docs) +endif() + +list(REMOVE_DUPLICATES CURL_LIBDIRS) + +add_subdirectory(lib) + +if(BUILD_CURL_EXE) + add_subdirectory(src) +endif() + +option(BUILD_EXAMPLES "Build libcurl examples" ON) +if(BUILD_EXAMPLES) + add_subdirectory(docs/examples) +endif() + +if(CURL_BUILD_TESTING) + add_subdirectory(tests) +endif() + +# Helper to populate a list (_items) with a label when conditions +# (the remaining args) are satisfied +macro(curl_add_if _label) + # Needs to be a macro to allow this indirection + if(${ARGN}) + set(_items ${_items} "${_label}") + endif() +endmacro() + +# NTLM support requires crypto functions from various SSL libs. +# These conditions must match those in lib/curl_setup.h. +if(NOT CURL_DISABLE_NTLM AND + (USE_OPENSSL OR + USE_MBEDTLS OR + USE_GNUTLS OR + USE_SECTRANSP OR + USE_WIN32_CRYPTO OR + (USE_WOLFSSL AND HAVE_WOLFSSL_DES_ECB_ENCRYPT))) + set(_use_curl_ntlm_core ON) +endif() + +# Clear list and try to detect available protocols +set(_items "") +curl_add_if("HTTP" NOT CURL_DISABLE_HTTP) +curl_add_if("HTTPS" NOT CURL_DISABLE_HTTP AND _ssl_enabled) +curl_add_if("FTP" NOT CURL_DISABLE_FTP) +curl_add_if("FTPS" NOT CURL_DISABLE_FTP AND _ssl_enabled) +curl_add_if("FILE" NOT CURL_DISABLE_FILE) +curl_add_if("TELNET" NOT CURL_DISABLE_TELNET) +curl_add_if("LDAP" NOT CURL_DISABLE_LDAP) +# CURL_DISABLE_LDAP implies CURL_DISABLE_LDAPS +curl_add_if("LDAPS" NOT CURL_DISABLE_LDAPS AND + ((USE_OPENLDAP AND _ssl_enabled) OR + (NOT USE_OPENLDAP AND HAVE_LDAP_SSL))) +curl_add_if("DICT" NOT CURL_DISABLE_DICT) +curl_add_if("TFTP" NOT CURL_DISABLE_TFTP) +curl_add_if("GOPHER" NOT CURL_DISABLE_GOPHER) +curl_add_if("GOPHERS" NOT CURL_DISABLE_GOPHER AND _ssl_enabled) +curl_add_if("POP3" NOT CURL_DISABLE_POP3) +curl_add_if("POP3S" NOT CURL_DISABLE_POP3 AND _ssl_enabled) +curl_add_if("IMAP" NOT CURL_DISABLE_IMAP) +curl_add_if("IMAPS" NOT CURL_DISABLE_IMAP AND _ssl_enabled) +curl_add_if("SMB" NOT CURL_DISABLE_SMB AND + _use_curl_ntlm_core AND (SIZEOF_CURL_OFF_T GREATER 4)) +curl_add_if("SMBS" NOT CURL_DISABLE_SMB AND _ssl_enabled AND + _use_curl_ntlm_core AND (SIZEOF_CURL_OFF_T GREATER 4)) +curl_add_if("SMTP" NOT CURL_DISABLE_SMTP) +curl_add_if("SMTPS" NOT CURL_DISABLE_SMTP AND _ssl_enabled) +curl_add_if("SCP" USE_LIBSSH2 OR USE_LIBSSH OR USE_WOLFSSH) +curl_add_if("SFTP" USE_LIBSSH2 OR USE_LIBSSH OR USE_WOLFSSH) +curl_add_if("IPFS" NOT CURL_DISABLE_IPFS) +curl_add_if("IPNS" NOT CURL_DISABLE_IPFS) +curl_add_if("RTSP" NOT CURL_DISABLE_RTSP) +curl_add_if("RTMP" USE_LIBRTMP) +curl_add_if("MQTT" NOT CURL_DISABLE_MQTT) +curl_add_if("WS" NOT CURL_DISABLE_WEBSOCKETS) +curl_add_if("WSS" NOT CURL_DISABLE_WEBSOCKETS AND _ssl_enabled) +if(_items) + list(SORT _items) +endif() +set(CURL_SUPPORTED_PROTOCOLS_LIST "${_items}") +string(REPLACE ";" " " SUPPORT_PROTOCOLS "${_items}") +string(TOLOWER "${SUPPORT_PROTOCOLS}" _support_protocols_lower) +message(STATUS "Protocols: ${_support_protocols_lower}") + +# Clear list and try to detect available features +set(_items "") +curl_add_if("SSL" _ssl_enabled) +curl_add_if("IPv6" USE_IPV6) +curl_add_if("UnixSockets" USE_UNIX_SOCKETS) +curl_add_if("libz" HAVE_LIBZ) +curl_add_if("brotli" HAVE_BROTLI) +curl_add_if("gsasl" USE_GSASL) +curl_add_if("zstd" HAVE_ZSTD) +curl_add_if("AsynchDNS" USE_ARES OR USE_THREADS_POSIX OR USE_THREADS_WIN32) +curl_add_if("asyn-rr" USE_ARES AND ENABLE_THREADED_RESOLVER AND USE_HTTPSRR) +curl_add_if("IDN" (HAVE_LIBIDN2 AND HAVE_IDN2_H) OR + USE_WIN32_IDN OR + USE_APPLE_IDN) +curl_add_if("Largefile" (SIZEOF_CURL_OFF_T GREATER 4) AND + ((SIZEOF_OFF_T GREATER 4) OR USE_WIN32_LARGE_FILES)) +curl_add_if("SSPI" USE_WINDOWS_SSPI) +curl_add_if("GSS-API" HAVE_GSSAPI) +curl_add_if("alt-svc" NOT CURL_DISABLE_ALTSVC) +curl_add_if("HSTS" NOT CURL_DISABLE_HSTS) +curl_add_if("SPNEGO" NOT CURL_DISABLE_NEGOTIATE_AUTH AND + (HAVE_GSSAPI OR USE_WINDOWS_SSPI)) +curl_add_if("Kerberos" NOT CURL_DISABLE_KERBEROS_AUTH AND + (HAVE_GSSAPI OR USE_WINDOWS_SSPI)) +curl_add_if("NTLM" NOT CURL_DISABLE_NTLM AND + (_use_curl_ntlm_core OR USE_WINDOWS_SSPI)) +curl_add_if("TLS-SRP" USE_TLS_SRP) +curl_add_if("HTTP2" USE_NGHTTP2) +curl_add_if("HTTP3" USE_NGTCP2 OR USE_QUICHE OR USE_MSH3 OR USE_OPENSSL_QUIC) +curl_add_if("MultiSSL" CURL_WITH_MULTI_SSL) +curl_add_if("HTTPS-proxy" NOT CURL_DISABLE_PROXY AND _ssl_enabled AND (USE_OPENSSL OR USE_GNUTLS + OR USE_SCHANNEL OR USE_RUSTLS OR USE_BEARSSL OR + USE_MBEDTLS OR USE_SECTRANSP OR + (USE_WOLFSSL AND HAVE_WOLFSSL_BIO))) +curl_add_if("Unicode" ENABLE_UNICODE) +curl_add_if("threadsafe" HAVE_ATOMIC OR + (USE_THREADS_POSIX AND HAVE_PTHREAD_H) OR + (WIN32 AND HAVE_WIN32_WINNT GREATER_EQUAL 0x0600)) +curl_add_if("Debug" ENABLE_DEBUG) +curl_add_if("TrackMemory" ENABLE_CURLDEBUG) +curl_add_if("ECH" _ssl_enabled AND HAVE_ECH) +curl_add_if("HTTPSRR" _ssl_enabled AND USE_HTTPSRR) +curl_add_if("PSL" USE_LIBPSL) +curl_add_if("CAcert" CURL_CA_EMBED_SET) +curl_add_if("SSLS-EXPORT" _ssl_enabled AND USE_SSLS_EXPORT) +if(_items) + if(NOT CMAKE_VERSION VERSION_LESS 3.13) + list(SORT _items CASE INSENSITIVE) + else() + list(SORT _items) + endif() +endif() +set(CURL_SUPPORTED_FEATURES_LIST "${_items}") +string(REPLACE ";" " " SUPPORT_FEATURES "${_items}") +message(STATUS "Features: ${SUPPORT_FEATURES}") + +# Clear list and collect SSL backends +set(_items "") +curl_add_if("Schannel" _ssl_enabled AND USE_SCHANNEL) +curl_add_if("${_openssl}" _ssl_enabled AND USE_OPENSSL AND OPENSSL_VERSION VERSION_LESS 3.0.0) +curl_add_if("${_openssl} v3+" _ssl_enabled AND USE_OPENSSL AND NOT OPENSSL_VERSION VERSION_LESS 3.0.0) +curl_add_if("Secure Transport" _ssl_enabled AND USE_SECTRANSP) +curl_add_if("mbedTLS" _ssl_enabled AND USE_MBEDTLS) +curl_add_if("BearSSL" _ssl_enabled AND USE_BEARSSL) +curl_add_if("wolfSSL" _ssl_enabled AND USE_WOLFSSL) +curl_add_if("GnuTLS" _ssl_enabled AND USE_GNUTLS) +curl_add_if("rustls" _ssl_enabled AND USE_RUSTLS) + +if(_items) + if(NOT CMAKE_VERSION VERSION_LESS 3.13) + list(SORT _items CASE INSENSITIVE) + else() + list(SORT _items) + endif() +endif() +string(REPLACE ";" " " SSL_BACKENDS "${_items}") +message(STATUS "Enabled SSL backends: ${SSL_BACKENDS}") +if(CURL_DEFAULT_SSL_BACKEND) + message(STATUS "Default SSL backend: ${CURL_DEFAULT_SSL_BACKEND}") +endif() + +if(NOT CURL_DISABLE_INSTALL) + + # curl-config needs the following options to be set. + set(CC "${CMAKE_C_COMPILER}") + set(CONFIGURE_OPTIONS "") + set(CURLVERSION "${_curl_version}") + set(VERSIONNUM "${_curl_version_num}") + set(prefix "${CMAKE_INSTALL_PREFIX}") + set(exec_prefix "\${prefix}") + if(IS_ABSOLUTE ${CMAKE_INSTALL_INCLUDEDIR}) + set(includedir "${CMAKE_INSTALL_INCLUDEDIR}") + else() + set(includedir "\${prefix}/${CMAKE_INSTALL_INCLUDEDIR}") + endif() + if(IS_ABSOLUTE ${CMAKE_INSTALL_LIBDIR}) + set(libdir "${CMAKE_INSTALL_LIBDIR}") + else() + set(libdir "\${exec_prefix}/${CMAKE_INSTALL_LIBDIR}") + endif() + # "a" (Linux) or "lib" (Windows) + string(REPLACE "." "" libext "${CMAKE_STATIC_LIBRARY_SUFFIX}") + + set(_ldflags "") + set(LIBCURL_PC_LIBS_PRIVATE "") + + # Filter CMAKE_SHARED_LINKER_FLAGS for libs and libpaths + string(STRIP "${CMAKE_SHARED_LINKER_FLAGS}" _custom_ldflags) + string(REGEX REPLACE " +-([^ \\t;]*)" ";-\\1" _custom_ldflags "${_custom_ldflags}") + + set(_custom_libs "") + set(_custom_libdirs "") + foreach(_flag IN LISTS _custom_ldflags) + if(_flag MATCHES "^-l") + string(REGEX REPLACE "^-l" "" _flag "${_flag}") + list(APPEND _custom_libs "${_flag}") + elseif(_flag MATCHES "^-framework|^-F") + list(APPEND _custom_libs "${_flag}") + elseif(_flag MATCHES "^-L") + string(REGEX REPLACE "^-L" "" _flag "${_flag}") + list(APPEND _custom_libdirs "${_flag}") + elseif(_flag MATCHES "^--library-path=") + string(REGEX REPLACE "^--library-path=" "" _flag "${_flag}") + list(APPEND _custom_libdirs "${_flag}") + endif() + endforeach() + + # Avoid getting unnecessary -L options for known system directories. + set(_sys_libdirs "${CMAKE_C_IMPLICIT_LINK_DIRECTORIES}") + foreach(_libdir IN LISTS CMAKE_SYSTEM_PREFIX_PATH) + if(_libdir MATCHES "/$") + string(APPEND _libdir "lib") + else() + string(APPEND _libdir "/lib") + endif() + if(IS_DIRECTORY "${_libdir}") + list(APPEND _sys_libdirs "${_libdir}") + endif() + if(DEFINED CMAKE_LIBRARY_ARCHITECTURE) + string(APPEND _libdir "/${CMAKE_LIBRARY_ARCHITECTURE}") + if(IS_DIRECTORY "${_libdir}") + list(APPEND _sys_libdirs "${_libdir}") + endif() + endif() + endforeach() + + foreach(_libdir IN LISTS _custom_libdirs CURL_LIBDIRS) + if(NOT CMAKE_VERSION VERSION_LESS 3.20) + cmake_path(SET _libdir NORMALIZE "${_libdir}") + endif() + list(FIND _sys_libdirs "${_libdir}" _libdir_index) + if(_libdir_index LESS 0) + list(APPEND _ldflags "-L${_libdir}") + endif() + endforeach() + + set(_implicit_libs "") + if(NOT MINGW AND NOT UNIX) + set(_implicit_libs "${CMAKE_C_IMPLICIT_LINK_LIBRARIES}") + endif() + + foreach(_lib IN LISTS _implicit_libs _custom_libs CURL_LIBS) + if(TARGET "${_lib}") + set(_libname "${_lib}") + get_target_property(_imported "${_libname}" IMPORTED) + if(NOT _imported) + # Reading the LOCATION property on non-imported target will error out. + # Assume the user will not need this information in the .pc file. + continue() + endif() + get_target_property(_lib "${_libname}" LOCATION) + if(NOT _lib) + message(WARNING "Bad lib in library list: ${_libname}") + continue() + endif() + endif() + if(_lib MATCHES "^-") # '-framework ' + list(APPEND _ldflags "${_lib}") + elseif(_lib MATCHES "/") + # This gets a bit more complex, because we want to specify the + # directory separately, and only once per directory + get_filename_component(_libdir ${_lib} DIRECTORY) + get_filename_component(_libname ${_lib} NAME_WE) + if(_libname MATCHES "^lib") + if(NOT CMAKE_VERSION VERSION_LESS 3.20) + cmake_path(SET _libdir NORMALIZE "${_libdir}") + endif() + list(FIND _sys_libdirs "${_libdir}" _libdir_index) + if(_libdir_index LESS 0) + list(APPEND _ldflags "-L${_libdir}") + endif() + string(REGEX REPLACE "^lib" "" _libname "${_libname}") + list(APPEND LIBCURL_PC_LIBS_PRIVATE "-l${_libname}") + else() + list(APPEND LIBCURL_PC_LIBS_PRIVATE "${_lib}") + endif() + else() + list(APPEND LIBCURL_PC_LIBS_PRIVATE "-l${_lib}") + endif() + endforeach() + + if(LIBCURL_PC_REQUIRES_PRIVATE) + string(REPLACE ";" "," LIBCURL_PC_REQUIRES_PRIVATE "${LIBCURL_PC_REQUIRES_PRIVATE}") + endif() + if(LIBCURL_PC_LIBS_PRIVATE) + string(REPLACE ";" " " LIBCURL_PC_LIBS_PRIVATE "${LIBCURL_PC_LIBS_PRIVATE}") + endif() + if(_ldflags) + list(REMOVE_DUPLICATES _ldflags) + string(REPLACE ";" " " _ldflags "${_ldflags}") + set(LIBCURL_PC_LDFLAGS_PRIVATE "${_ldflags}") + string(STRIP "${LIBCURL_PC_LDFLAGS_PRIVATE}" LIBCURL_PC_LDFLAGS_PRIVATE) + else() + set(LIBCURL_PC_LDFLAGS_PRIVATE "") + endif() + set(LIBCURL_PC_CFLAGS_PRIVATE "-DCURL_STATICLIB") + + # Merge pkg-config private fields into public ones when static-only + if(BUILD_SHARED_LIBS) + set(ENABLE_SHARED "yes") + set(LIBCURL_PC_REQUIRES "") + set(LIBCURL_PC_LIBS "") + set(LIBCURL_PC_CFLAGS "") + else() + set(ENABLE_SHARED "no") + set(LIBCURL_PC_REQUIRES "${LIBCURL_PC_REQUIRES_PRIVATE}") + set(LIBCURL_PC_LIBS "${LIBCURL_PC_LIBS_PRIVATE}") + set(LIBCURL_PC_CFLAGS "${LIBCURL_PC_CFLAGS_PRIVATE}") + endif() + if(BUILD_STATIC_LIBS) + set(ENABLE_STATIC "yes") + else() + set(ENABLE_STATIC "no") + endif() + + # Generate a "curl-config" matching this config. + # Consumed variables: + # CC + # CONFIGURE_OPTIONS + # CURLVERSION + # CURL_CA_BUNDLE + # ENABLE_SHARED + # ENABLE_STATIC + # exec_prefix + # includedir + # LIBCURL_PC_CFLAGS + # LIBCURL_PC_LDFLAGS_PRIVATE + # LIBCURL_PC_LIBS_PRIVATE + # libdir + # libext + # prefix + # SSL_BACKENDS + # SUPPORT_FEATURES + # SUPPORT_PROTOCOLS + # VERSIONNUM + configure_file( + "${PROJECT_SOURCE_DIR}/curl-config.in" + "${PROJECT_BINARY_DIR}/curl-config" @ONLY) + install(FILES "${PROJECT_BINARY_DIR}/curl-config" + DESTINATION ${CMAKE_INSTALL_BINDIR} + PERMISSIONS + OWNER_READ OWNER_WRITE OWNER_EXECUTE + GROUP_READ GROUP_EXECUTE + WORLD_READ WORLD_EXECUTE) + + # Generate a pkg-config file matching this config. + # Consumed variables: + # CURLVERSION + # exec_prefix + # includedir + # LIBCURL_PC_CFLAGS + # LIBCURL_PC_CFLAGS_PRIVATE + # LIBCURL_PC_LDFLAGS_PRIVATE + # LIBCURL_PC_LIBS + # LIBCURL_PC_LIBS_PRIVATE + # LIBCURL_PC_REQUIRES + # LIBCURL_PC_REQUIRES_PRIVATE + # libdir + # prefix + # SUPPORT_FEATURES + # SUPPORT_PROTOCOLS + # Documentation: + # https://people.freedesktop.org/~dbn/pkg-config-guide.html + # https://manpages.debian.org/unstable/pkgconf/pkg-config.1.en.html + # https://manpages.debian.org/unstable/pkg-config/pkg-config.1.en.html + # https://www.msys2.org/docs/pkgconfig/ + configure_file( + "${PROJECT_SOURCE_DIR}/libcurl.pc.in" + "${PROJECT_BINARY_DIR}/libcurl.pc" @ONLY) + install(FILES "${PROJECT_BINARY_DIR}/libcurl.pc" + DESTINATION "${CMAKE_INSTALL_LIBDIR}/pkgconfig") + + # Install headers + install(DIRECTORY "${PROJECT_SOURCE_DIR}/include/curl" + DESTINATION ${CMAKE_INSTALL_INCLUDEDIR} + FILES_MATCHING PATTERN "*.h") + + include(CMakePackageConfigHelpers) + write_basic_package_version_file( + "${_version_config}" + VERSION ${_curl_version} + COMPATIBILITY SameMajorVersion) + file(READ "${_version_config}" _generated_version_config) + file(WRITE "${_version_config}" " + if(NOT PACKAGE_FIND_VERSION_RANGE AND PACKAGE_FIND_VERSION_MAJOR STREQUAL \"7\") + # Version 8 satisfies version 7... requirements + set(PACKAGE_FIND_VERSION_MAJOR 8) + set(PACKAGE_FIND_VERSION_COUNT 1) + endif() + ${_generated_version_config}") + + # Consumed custom variables: + # CURLVERSION + # LIB_SELECTED + # TARGETS_EXPORT_NAME + # USE_OPENSSL OPENSSL_VERSION_MAJOR + # HAVE_LIBZ ZLIB_VERSION_MAJOR + # CURL_SUPPORTED_FEATURES_LIST + # CURL_SUPPORTED_PROTOCOLS_LIST + configure_package_config_file("CMake/curl-config.cmake.in" + "${_project_config}" + INSTALL_DESTINATION ${_install_cmake_dir} + PATH_VARS CMAKE_INSTALL_INCLUDEDIR) + + if(CURL_ENABLE_EXPORT_TARGET) + install(EXPORT "${TARGETS_EXPORT_NAME}" + NAMESPACE "${PROJECT_NAME}::" + DESTINATION ${_install_cmake_dir}) + endif() + + install(FILES ${_version_config} ${_project_config} + DESTINATION ${_install_cmake_dir}) + + if(NOT TARGET curl_uninstall) + configure_file( + "${CMAKE_CURRENT_SOURCE_DIR}/CMake/cmake_uninstall.cmake.in" + "${CMAKE_CURRENT_BINARY_DIR}/CMake/cmake_uninstall.cmake" + @ONLY) + + add_custom_target(curl_uninstall + COMMAND ${CMAKE_COMMAND} -P "${CMAKE_CURRENT_BINARY_DIR}/CMake/cmake_uninstall.cmake") + endif() + + install(FILES "${PROJECT_SOURCE_DIR}/scripts/mk-ca-bundle.pl" + DESTINATION ${CMAKE_INSTALL_BINDIR} + PERMISSIONS + OWNER_READ OWNER_WRITE OWNER_EXECUTE + GROUP_READ GROUP_EXECUTE + WORLD_READ WORLD_EXECUTE) + + # The `-DEV` part is important + string(REGEX REPLACE "([0-9]+\.[0-9]+)\.([0-9]+.*)" "\\2" CPACK_PACKAGE_VERSION_PATCH "${_curl_version}") + set(CPACK_GENERATOR "TGZ") + include(CPack) +endif() + +# Save build info for test runner to pick up and log +set(_cmake_sysroot "") +if(CMAKE_OSX_SYSROOT) + set(_cmake_sysroot ${CMAKE_OSX_SYSROOT}) +elseif(CMAKE_SYSROOT) + set(_cmake_sysroot ${CMAKE_SYSROOT}) +endif() +set(_buildinfo "\ +buildinfo.configure.tool: cmake +buildinfo.configure.command: ${CMAKE_COMMAND} +buildinfo.configure.version: ${CMAKE_VERSION} +buildinfo.configure.args:${_cmake_args} +buildinfo.configure.generator: ${CMAKE_GENERATOR} +buildinfo.configure.make: ${CMAKE_MAKE_PROGRAM} +buildinfo.host.cpu: ${CMAKE_HOST_SYSTEM_PROCESSOR} +buildinfo.host.os: ${CMAKE_HOST_SYSTEM_NAME} +buildinfo.target.cpu: ${CMAKE_SYSTEM_PROCESSOR} +buildinfo.target.os: ${CMAKE_SYSTEM_NAME} +buildinfo.target.flags:${_target_flags} +buildinfo.compiler: ${CMAKE_C_COMPILER_ID} +buildinfo.compiler.version: ${CMAKE_C_COMPILER_VERSION} +buildinfo.sysroot: ${_cmake_sysroot} +") +file(WRITE "${PROJECT_BINARY_DIR}/buildinfo.txt" "# This is a generated file. Do not edit.\n${_buildinfo}") +if(NOT "$ENV{CURL_BUILDINFO}$ENV{CURL_CI}$ENV{CI}" STREQUAL "") + message(STATUS "\n${_buildinfo}") +endif() diff --git a/deps/curl/GIT-INFO.md b/deps/curl/GIT-INFO.md new file mode 100644 index 00000000..1ff22010 --- /dev/null +++ b/deps/curl/GIT-INFO.md @@ -0,0 +1,28 @@ + _ _ ____ _ + ___| | | | _ \| | + / __| | | | |_) | | + | (__| |_| | _ <| |___ + \___|\___/|_| \_\_____| + +# GIT-INFO + +This file is only present in git - never in release archives. It contains +information about other files and things that the git repository keeps in its +inner sanctum. + +To build in environments that support configure, after having extracted +everything from git, do this: + + autoreconf -fi + ./configure --with-openssl + make + +Daniel uses a configure line similar to this for easier development: + + ./configure --disable-shared --enable-debug --enable-maintainer-mode + +## REQUIREMENTS + +See [docs/INTERNALS.md][0] for requirement details. + +[0]: docs/INTERNALS.md diff --git a/deps/curl/LICENSES/BSD-3-Clause.txt b/deps/curl/LICENSES/BSD-3-Clause.txt new file mode 100644 index 00000000..086d3992 --- /dev/null +++ b/deps/curl/LICENSES/BSD-3-Clause.txt @@ -0,0 +1,11 @@ +Copyright (c) . + +Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: + +1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. + +2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. + +3. Neither the name of the copyright holder nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission. + +THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. diff --git a/deps/curl/LICENSES/BSD-4-Clause-UC.txt b/deps/curl/LICENSES/BSD-4-Clause-UC.txt new file mode 100644 index 00000000..69edbe32 --- /dev/null +++ b/deps/curl/LICENSES/BSD-4-Clause-UC.txt @@ -0,0 +1,15 @@ +BSD-4-Clause (University of California-Specific) + +Copyright [various years] The Regents of the University of California. All rights reserved. + +Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: + +1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. + +2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. + +3. All advertising materials mentioning features or use of this software must display the following acknowledgement: This product includes software developed by the University of California, Berkeley and its contributors. + +4. Neither the name of the University nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission. + +THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. diff --git a/deps/curl/LICENSES/ISC.txt b/deps/curl/LICENSES/ISC.txt new file mode 100644 index 00000000..60f60bfb --- /dev/null +++ b/deps/curl/LICENSES/ISC.txt @@ -0,0 +1,12 @@ +Permission to use, copy, modify, and distribute this software for any +purpose with or without fee is hereby granted, provided that the above +copyright notice and this permission notice appear in all copies. + +THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM +DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL +IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL +INTERNET SOFTWARE CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, +INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING +FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, +NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION +WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. diff --git a/deps/curl/LICENSES/curl.txt b/deps/curl/LICENSES/curl.txt new file mode 100644 index 00000000..3c1c1974 --- /dev/null +++ b/deps/curl/LICENSES/curl.txt @@ -0,0 +1,22 @@ +COPYRIGHT AND PERMISSION NOTICE + +Copyright (C) Daniel Stenberg, , and many +contributors, see the THANKS file. + +All rights reserved. + +Permission to use, copy, modify, and distribute this software for any purpose +with or without fee is hereby granted, provided that the above copyright +notice and this permission notice appear in all copies. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS. IN +NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, +DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR +OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE +OR OTHER DEALINGS IN THE SOFTWARE. + +Except as contained in this notice, the name of a copyright holder shall not +be used in advertising or otherwise to promote the sale, use or other dealings +in this Software without prior written authorization of the copyright holder. diff --git a/deps/curl/README.md b/deps/curl/README.md new file mode 100644 index 00000000..2d324917 --- /dev/null +++ b/deps/curl/README.md @@ -0,0 +1,68 @@ + + +# [![curl logo](https://curl.se/logo/curl-logo.svg)](https://curl.se/) + +curl is a command-line tool for transferring data specified with URL syntax. +Learn how to use curl by reading [the +manpage](https://curl.se/docs/manpage.html) or [everything +curl](https://everything.curl.dev/). + +Find out how to install curl by reading [the INSTALL +document](https://curl.se/docs/install.html). + +libcurl is the library curl is using to do its job. It is readily available to +be used by your software. Read [the libcurl +manpage](https://curl.se/libcurl/c/libcurl.html) to learn how. + +## Open Source + +curl is Open Source and is distributed under an MIT-like +[license](https://curl.se/docs/copyright.html). + +## Contact + +Contact us on a suitable [mailing list](https://curl.se/mail/) or +use GitHub [issues](https://github.com/curl/curl/issues)/ +[pull requests](https://github.com/curl/curl/pulls)/ +[discussions](https://github.com/curl/curl/discussions). + +All contributors to the project are listed in [the THANKS +document](https://curl.se/docs/thanks.html). + +## Commercial support + +For commercial support, maybe private and dedicated help with your problems or +applications using (lib)curl visit [the support page](https://curl.se/support.html). + +## Website + +Visit the [curl website](https://curl.se/) for the latest news and downloads. + +## Source code + +Download the latest source from the Git server: + + git clone https://github.com/curl/curl.git + +## Security problems + +Report suspected security problems via [our HackerOne +page](https://hackerone.com/curl) and not in public. + +## Notice + +curl contains pieces of source code that is Copyright (c) 1998, 1999 Kungliga +Tekniska Högskolan. This notice is included here to comply with the +distribution terms. + +## Backers + +Thank you to all our backers 🙏 [Become a backer](https://opencollective.com/curl#section-contribute). + +## Sponsors + +Support this project by becoming a [sponsor](https://curl.se/sponsors.html). diff --git a/deps/curl/SECURITY.md b/deps/curl/SECURITY.md new file mode 100644 index 00000000..64e0d2fe --- /dev/null +++ b/deps/curl/SECURITY.md @@ -0,0 +1,29 @@ + + +# Security Policy + +Read our [Vulnerability Disclosure Policy](docs/VULN-DISCLOSURE-POLICY.md). + +## Reporting a Vulnerability + +If you have found or just suspect a security problem somewhere in curl or +libcurl, report it on [HackerOne](https://hackerone.com/curl). + +We treat security issues with confidentiality until controlled and disclosed responsibly. + +## OpenSSF Best Practices + +curl has achieved Gold status on the Open Source Security Foundation (OpenSSF) +[Best Practices](https://bestpractices.dev/) (formerly Core Infrastructure +Initiative Best Practices), reflecting its adherence to rigorous +security and best practice standards. This achievement highlights curl's +comprehensive documentation, secure development processes, effective change +control mechanisms, and strong maintenance routines. Meeting these criteria +demonstrates curl's commitment to security and reliability, ensuring the +project's sustainability and trustworthiness. This underscores curl's role as +a leader in open-source software practices. More information can be found on +[curl's OpenSSF Best Practices project page](https://www.bestpractices.dev/projects/63). diff --git a/deps/curl/docs/ALTSVC.md b/deps/curl/docs/ALTSVC.md new file mode 100644 index 00000000..bcdf5650 --- /dev/null +++ b/deps/curl/docs/ALTSVC.md @@ -0,0 +1,43 @@ + + +# Alt-Svc + +curl features support for the Alt-Svc: HTTP header. + +## Enable Alt-Svc in build + +`./configure --enable-alt-svc` + +(enabled by default since 7.73.0) + +## Standard + +[RFC 7838](https://datatracker.ietf.org/doc/html/rfc7838) + +# Alt-Svc cache file format + +This is a text based file with one line per entry and each line consists of nine +space separated fields. + +## Example + + h2 quic.tech 8443 h3-22 quic.tech 8443 "20190808 06:18:37" 0 0 + +## Fields + +1. The ALPN id for the source origin +2. The hostname for the source origin +3. The port number for the source origin +4. The ALPN id for the destination host +5. The hostname for the destination host +6. The port number for the destination host +7. The expiration date and time of this entry within double quotes. The date format is "YYYYMMDD HH:MM:SS" and the time zone is GMT. +8. Boolean (1 or 0) if "persist" was set for this entry +9. Integer priority value (not currently used) + +If the hostname is an IPv6 numerical address, it is stored with brackets such +as `[::1]`. diff --git a/deps/curl/docs/BINDINGS.md b/deps/curl/docs/BINDINGS.md new file mode 100644 index 00000000..e6287761 --- /dev/null +++ b/deps/curl/docs/BINDINGS.md @@ -0,0 +1,148 @@ + + +libcurl bindings +================ + + Creative people have written bindings or interfaces for various environments + and programming languages. Using one of these allows you to take advantage of + curl powers from within your favourite language or system. + + This is a list of all known interfaces as of this writing. + + The bindings listed below are not part of the curl/libcurl distribution + archives, but must be downloaded and installed separately. + + + +[Ada95](https://web.archive.org/web/20070403105909/www.almroth.com/adacurl/index.html) Written by Andreas Almroth + +[Basic](https://scriptbasic.com/) ScriptBasic bindings written by Peter Verhas + +C++: [curlpp](https://github.com/jpbarrette/curlpp/) Written by Jean-Philippe Barrette-LaPierre, +[curlcpp](https://github.com/JosephP91/curlcpp) by Giuseppe Persico and [C++ +Requests](https://github.com/libcpr/cpr) by Huu Nguyen + +[Ch](https://chcurl.sourceforge.net/) Written by Stephen Nestinger and Jonathan Rogado + +Cocoa: [BBHTTP](https://github.com/biasedbit/BBHTTP) written by Bruno de Carvalho +[curlhandle](https://github.com/karelia/curlhandle) Written by Dan Wood + +Clojure: [clj-curl](https://github.com/lsevero/clj-curl) by Lucas Severo + +[D](https://dlang.org/library/std/net/curl.html) Written by Kenneth Bogert + +[Delphi](https://github.com/Mercury13/curl4delphi) Written by Mikhail Merkuryev + +[Dylan](https://dylanlibs.sourceforge.net/) Written by Chris Double + +[Eiffel](https://iron.eiffel.com/repository/20.11/package/ABEF6975-37AC-45FD-9C67-52D10BA0669B) Written by Eiffel Software + +[Euphoria](https://web.archive.org/web/20050204080544/rays-web.com/eulibcurl.htm) Written by Ray Smith + +[Falcon](http://www.falconpl.org/project_docs/curl/) + +[Ferite](https://web.archive.org/web/20150102192018/ferite.org/) Written by Paul Querna + +[Fortran](https://github.com/interkosmos/fortran-curl) Written by Philipp Engel + +[Gambas](https://gambas.sourceforge.net/) + +[glib/GTK+](https://web.archive.org/web/20100526203452/atterer.net/glibcurl) Written by Richard Atterer + +Go: [go-curl](https://github.com/andelf/go-curl) by ShuYu Wang + +[Guile](https://github.com/spk121/guile-curl) Written by Michael L. Gran + +[Harbour](https://github.com/vszakats/hb/tree/main/contrib/hbcurl) Written by Viktor Szakats + +[Haskell](https://hackage.haskell.org/package/curl) Written by Galois, Inc + +[Hollywood](https://www.hollywood-mal.com/download.html) hURL by Andreas Falkenhahn + +[Java](https://github.com/covers1624/curl4j) + +[Julia](https://github.com/JuliaWeb/LibCURL.jl) Written by Amit Murthy + +[Kapito](https://github.com/puzza007/katipo) is an Erlang HTTP library around libcurl. + +[Lisp](https://common-lisp.net/project/cl-curl/) Written by Liam Healy + +Lua: [luacurl](https://web.archive.org/web/20201205052437/luacurl.luaforge.net/) by Alexander Marinov, [Lua-cURL](https://github.com/Lua-cURL) by Jürgen Hötzel + +[Mono](https://web.archive.org/web/20070606064500/https://forge.novell.com/modules/xfmod/project/?libcurl-mono) Written by Jeffrey Phillips + +[.NET](https://sourceforge.net/projects/libcurl-net/) libcurl-net by Jeffrey Phillips + +[Nim](https://nimble.directory/pkg/libcurl) wrapper for libcurl + +[node.js](https://github.com/JCMais/node-libcurl) node-libcurl by Jonathan Cardoso Machado + +[Object-Pascal](https://web.archive.org/web/20020610214926/www.tekool.com/opcurl) Free Pascal, Delphi and Kylix binding written by Christophe Espern. + +[OCaml](https://opam.ocaml.org/packages/ocurl/) Written by Lars Nilsson and ygrek + +[Pascal](https://web.archive.org/web/20030804091414/houston.quik.com/jkp/curlpas/) Free Pascal, Delphi and Kylix binding written by Jeffrey Pohlmeyer. + +Perl: [WWW::Curl](https://github.com/szbalint/WWW--Curl) Maintained by Cris +Bailiff and Bálint Szilakszi, +[perl6-net-curl](https://github.com/azawawi/perl6-net-curl) by Ahmad M. Zawawi +[NET::Curl](https://metacpan.org/pod/Net::Curl) by Przemyslaw Iskra + +[PHP](https://php.net/curl) Originally written by Sterling Hughes + +[PostgreSQL](https://github.com/pramsey/pgsql-http) - HTTP client for PostgreSQL + +[PostgreSQL](https://github.com/RekGRpth/pg_curl) - cURL client for PostgreSQL + +[PureBasic](https://www.purebasic.com/documentation/http/index.html) uses libcurl in its "native" HTTP subsystem + +[Python](http://pycurl.io/) PycURL by Kjetil Jacobsen + +[Python](https://pypi.org/project/pymcurl/) mcurl by Ganesh Viswanathan + +[Q](https://q-lang.sourceforge.net/) The libcurl module is part of the default install + +[R](https://cran.r-project.org/package=curl) + +[Rexx](https://rexxcurl.sourceforge.net/) Written Mark Hessling + +[Ring](https://ring-lang.sourceforge.io/doc1.3/libcurl.html) RingLibCurl by Mahmoud Fayed + +RPG, support for ILE/RPG on OS/400 is included in source distribution + +Ruby: [curb](https://github.com/taf2/curb) written by Ross Bamford, +[ruby-curl-multi](https://github.com/kball/curl_multi.rb) by Kristjan Petursson and Keith Rarick + +[Rust](https://github.com/alexcrichton/curl-rust) curl-rust - by Carl Lerche + +[Scheme](https://www.metapaper.net/lisovsky/web/curl/) Bigloo binding by Kirill Lisovsky + +[Scilab](https://help.scilab.org/docs/current/fr_FR/getURL.html) binding by Sylvestre Ledru + +[S-Lang](https://www.jedsoft.org/slang/modules/curl.html) by John E Davis + +[Smalltalk](https://www.squeaksource.com/CurlPlugin/) Written by Danil Osipchuk + +[SP-Forth](https://sourceforge.net/p/spf/spf/ci/master/tree/devel/~ac/lib/lin/curl/) Written by Andrey Cherezov + +[SPL](https://web.archive.org/web/20210203022158/www.clifford.at/spl/spldoc/curl.html) Written by Clifford Wolf + +[Tcl](https://web.archive.org/web/20160826011806/mirror.yellow5.com/tclcurl/) Tclcurl by Andrés García + +[Vibe](https://github.com/ttytm/vibe) HTTP requests through libcurl in V + +[Visual Basic](https://sourceforge.net/projects/libcurl-vb/) libcurl-vb by Jeffrey Phillips + +[Visual Foxpro](https://web.archive.org/web/20130730181523/www.ctl32.com.ar/libcurl.asp) by Carlos Alloatti + +[wxWidgets](https://wxcode.sourceforge.net/components/wxcurl/) Written by Casey O'Donnell + +[XBLite](https://web.archive.org/web/20060426150418/perso.wanadoo.fr/xblite/libraries.html) Written by David Szafranski + +[Xojo](https://github.com/charonn0/RB-libcURL) Written by Andrew Lambert + +[Zig](https://github.com/jiacai2050/zig-curl) Written by Jiacai Liu, both easy and multi API are supported. diff --git a/deps/curl/docs/BUG-BOUNTY.md b/deps/curl/docs/BUG-BOUNTY.md new file mode 100644 index 00000000..399c4cfe --- /dev/null +++ b/deps/curl/docs/BUG-BOUNTY.md @@ -0,0 +1,94 @@ + + +# The curl bug bounty + +The curl project runs a bug bounty program in association with +[HackerOne](https://www.hackerone.com) and the [Internet Bug +Bounty](https://internetbugbounty.org). + +## How does it work? + +Start out by posting your suspected security vulnerability directly to [curl's +HackerOne program](https://hackerone.com/curl). + +After you have reported a security issue, it has been deemed credible, and a +patch and advisory has been made public, you may be eligible for a bounty from +this program. See the [Security Process](https://curl.se/dev/secprocess.html) +document for how we work with security issues. + +## What are the reward amounts? + +The curl project offers monetary compensation for reported and published +security vulnerabilities. The amount of money that is rewarded depends on how +serious the flaw is determined to be. + +Since 2021, the Bug Bounty is managed in association with the Internet Bug +Bounty and they set the reward amounts. If it would turn out that they set +amounts that are way lower than we can accept, the curl project intends to +"top up" rewards. + +In 2022, typical "Medium" rated vulnerabilities have been rewarded 2,400 USD +each. + +## Who is eligible for a reward? + +Everyone and anyone who reports a security problem in a released curl version +that has not already been reported can ask for a bounty. + +Dedicated - paid for - security audits that are performed in collaboration +with curl developers are not eligible for bounties. + +Vulnerabilities in features that are off by default and documented as +experimental are not eligible for a reward. + +The vulnerability has to be fixed and publicly announced (by the curl project) +before a bug bounty is considered. + +Once the vulnerability has been published by curl, the researcher can request +their bounty from the [Internet Bug Bounty](https://hackerone.com/ibb). + +Bounties need to be requested within twelve months from the publication of the +vulnerability. + +The curl security team reserves themselves the right to deny or allow bug +bounty payouts on its own discretion. There is no appeals process. + +## Product vulnerabilities only + +This bug bounty only concerns the curl and libcurl products and thus their +respective source codes - when running on existing hardware. It does not +include curl documentation, curl websites, or other curl related +infrastructure. + +The curl security team is the sole arbiter if a reported flaw is subject to a +bounty or not. + +## Third parties + +The curl bug bounty does not cover flaws in third party dependencies +(libraries) used by curl or libcurl. If the bug triggers because of curl +behaving wrongly or abusing a third party dependency, the problem is rather in +curl and not in the dependency and then the bounty might cover the problem. + +## How are vulnerabilities graded? + +The grading of each reported vulnerability that makes a reward claim is +performed by the curl security team. The grading is based on the CVSS (Common +Vulnerability Scoring System) 3.0. + +## How are reward amounts determined? + +The curl security team gives the vulnerability a score or severity level, as +mentioned above. The actual monetary reward amount is decided and paid by the +Internet Bug Bounty.. + +## Regarding taxes, etc. on the bounties + +In the event that the individual receiving a bug bounty needs to pay taxes on +the reward money, the responsibility lies with the receiver. The curl project +or its security team never actually receive any of this money, hold the money, +or pay out the money. diff --git a/deps/curl/docs/BUGS.md b/deps/curl/docs/BUGS.md new file mode 100644 index 00000000..83dde543 --- /dev/null +++ b/deps/curl/docs/BUGS.md @@ -0,0 +1,270 @@ + + +# BUGS + +## There are still bugs + + curl and libcurl keep being developed. Adding features and changing code + means that bugs sneak in, no matter how hard we try to keep them out. + + Of course there are lots of bugs left. Not to mention misfeatures. + + To help us make curl the stable and solid product we want it to be, we need + bug reports and bug fixes. + +## Where to report + + If you cannot fix a bug yourself and submit a fix for it, try to report an as + detailed report as possible to a curl mailing list to allow one of us to have + a go at a solution. You can optionally also submit your problem in [curl's + bug tracking system](https://github.com/curl/curl/issues). + + Please read the rest of this document below first before doing that. + + If you feel you need to ask around first, find a suitable [mailing + list](https://curl.se/mail/) and post your questions there. + +## Security bugs + + If you find a bug or problem in curl or libcurl that you think has a security + impact, for example a bug that can put users in danger or make them + vulnerable if the bug becomes public knowledge, then please report that bug + using our security development process. + + Security related bugs or bugs that are suspected to have a security impact, + should be reported on the [curl security tracker at + HackerOne](https://hackerone.com/curl). + + This ensures that the report reaches the curl security team so that they + first can deal with the report away from the public to minimize the harm and + impact it has on existing users out there who might be using the vulnerable + versions. + + The curl project's process for handling security related issues is + [documented separately](https://curl.se/dev/secprocess.html). + +## What to report + + When reporting a bug, you should include all information to help us + understand what is wrong, what you expected to happen and how to repeat the + bad behavior. You therefore need to tell us: + + - your operating system's name and version number + + - what version of curl you are using (`curl -V` is fine) + + - versions of the used libraries that libcurl is built to use + + - what URL you were working with (if possible), at least which protocol + + and anything and everything else you think matters. Tell us what you expected + to happen, tell use what did happen, tell us how you could make it work + another way. Dig around, try out, test. Then include all the tiny bits and + pieces in your report. You benefit from this yourself, as it enables us to + help you quicker and more accurately. + + Since curl deals with networks, it often helps us if you include a protocol + debug dump with your bug report. The output you get by using the `-v` or + `--trace` options. + + If curl crashed, causing a core dump (in Unix), there is hardly any use to + send that huge file to anyone of us. Unless we have the same system setup as + you, we cannot do much with it. Instead, we ask you to get a stack trace and + send that (much smaller) output to us instead. + + The address and how to subscribe to the mailing lists are detailed in the + `MANUAL.md` file. + +## libcurl problems + + When you have written your own application with libcurl to perform transfers, + it is even more important to be specific and detailed when reporting bugs. + + Tell us the libcurl version and your operating system. Tell us the name and + version of all relevant sub-components like for example the SSL library + you are using and what name resolving your libcurl uses. If you use SFTP or + SCP, the libssh2 version is relevant etc. + + Showing us a real source code example repeating your problem is the best way + to get our attention and it greatly increases our chances to understand your + problem and to work on a fix (if we agree it truly is a problem). + + Lots of problems that appear to be libcurl problems are actually just abuses + of the libcurl API or other malfunctions in your applications. It is advised + that you run your problematic program using a memory debug tool like valgrind + or similar before you post memory-related or "crashing" problems to us. + +## Who fixes the problems + + If the problems or bugs you describe are considered to be bugs, we want to + have the problems fixed. + + There are no developers in the curl project that are paid to work on bugs. + All developers that take on reported bugs do this on a voluntary basis. We do + it out of an ambition to keep curl and libcurl excellent products and out of + pride. + + Please do not assume that you can just lump over something to us and it then + magically gets fixed after some given time. Most often we need feedback and + help to understand what you have experienced and how to repeat a problem. + Then we may only be able to assist YOU to debug the problem and to track down + the proper fix. + + We get reports from many people every month and each report can take a + considerable amount of time to really go to the bottom with. + +## How to get a stack trace + + First, you must make sure that you compile all sources with `-g` and that you + do not 'strip' the final executable. Try to avoid optimizing the code as well, + remove `-O`, `-O2` etc from the compiler options. + + Run the program until it cores. + + Run your debugger on the core file, like ` curl core`. `` + should be replaced with the name of your debugger, in most cases that is + `gdb`, but `dbx` and others also occur. + + When the debugger has finished loading the core file and presents you a + prompt, enter `where` (without quotes) and press return. + + The list that is presented is the stack trace. If everything worked, it is + supposed to contain the chain of functions that were called when curl + crashed. Include the stack trace with your detailed bug report, it helps a + lot. + +## Bugs in libcurl bindings + + There are of course bugs in libcurl bindings. You should then primarily + approach the team that works on that particular binding and see what you can + do to help them fix the problem. + + If you suspect that the problem exists in the underlying libcurl, then please + convert your program over to plain C and follow the steps outlined above. + +## Bugs in old versions + + The curl project typically releases new versions every other month, and we + fix several hundred bugs per year. For a huge table of releases, number of + bug fixes and more, see: https://curl.se/docs/releases.html + + The developers in the curl project do not have bandwidth or energy enough to + maintain several branches or to spend much time on hunting down problems in + old versions when chances are we already fixed them or at least that they have + changed nature and appearance in later versions. + + When you experience a problem and want to report it, you really SHOULD + include the version number of the curl you are using when you experience the + issue. If that version number shows us that you are using an out-of-date curl, + you should also try out a modern curl version to see if the problem persists + or how/if it has changed in appearance. + + Even if you cannot immediately upgrade your application/system to run the + latest curl version, you can most often at least run a test version or + experimental build or similar, to get this confirmed or not. + + At times people insist that they cannot upgrade to a modern curl version, but + instead, they "just want the bug fixed". That is fine, just do not count on us + spending many cycles on trying to identify which single commit, if that is + even possible, that at some point in the past fixed the problem you are now + experiencing. + + Security wise, it is almost always a bad idea to lag behind the current curl + versions by a lot. We keep discovering and reporting security problems + over time see you can see in [this + table](https://curl.se/docs/vulnerabilities.html) + +# Bug fixing procedure + +## What happens on first filing + + When a new issue is posted in the issue tracker or on the mailing list, the + team of developers first needs to see the report. Maybe they took the day off, + maybe they are off in the woods hunting. Have patience. Allow at least a few + days before expecting someone to have responded. + + In the issue tracker, you can expect that some labels are set on the issue to + help categorize it. + +## First response + + If your issue/bug report was not perfect at once (and few are), chances are + that someone asks follow-up questions. Which version did you use? Which + options did you use? How often does the problem occur? How can we reproduce + this problem? Which protocols does it involve? Or perhaps much more specific + and deep diving questions. It all depends on your specific issue. + + You should then respond to these follow-up questions and provide more info + about the problem, so that we can help you figure it out. Or maybe you can + help us figure it out. An active back-and-forth communication is important + and the key for finding a cure and landing a fix. + +## Not reproducible + + We may require further work from you who actually see or experience the + problem if we cannot reproduce it and cannot understand it even after having + gotten all the info we need and having studied the source code over again. + +## Unresponsive + + If the problem have not been understood or reproduced, and there is nobody + responding to follow-up questions or questions asking for clarifications or + for discussing possible ways to move forward with the task, we take that as a + strong suggestion that the bug is unimportant. + + Unimportant issues are closed as inactive sooner or later as they cannot be + fixed. The inactivity period (waiting for responses) should not be shorter + than two weeks but may extend months. + +## Lack of time/interest + + Bugs that are filed and are understood can unfortunately end up in the + "nobody cares enough about it to work on it" category. Such bugs are + perfectly valid problems that *should* get fixed but apparently are not. We + try to mark such bugs as `KNOWN_BUGS material` after a time of inactivity and + if no activity is noticed after yet some time those bugs are added to the + `KNOWN_BUGS` document and are closed in the issue tracker. + +## `KNOWN_BUGS` + + This is a list of known bugs. Bugs we know exist and that have been pointed + out but that have not yet been fixed. The reasons for why they have not been + fixed can involve anything really, but the primary reason is that nobody has + considered these problems to be important enough to spend the necessary time + and effort to have them fixed. + + The `KNOWN_BUGS` items are always up for grabs and we love the ones who bring + one of them back to life and offer solutions to them. + + The `KNOWN_BUGS` document has a sibling document known as `TODO`. + +## `TODO` + + Issues that are filed or reported that are not really bugs but more missing + features or ideas for future improvements and so on are marked as + *enhancement* or *feature-request* and get added to the `TODO` document and + the issues are closed. We do not keep TODO items open in the issue tracker. + + The `TODO` document is full of ideas and suggestions of what we can add or + fix one day. You are always encouraged and free to grab one of those items and + take up a discussion with the curl development team on how that could be + implemented or provided in the project so that you can work on ticking it odd + that document. + + If an issue is rather a bug and not a missing feature or functionality, it is + listed in `KNOWN_BUGS` instead. + +## Closing off stalled bugs + + The [issue and pull request trackers](https://github.com/curl/curl) only hold + "active" entries open (using a non-precise definition of what active actually + is, but they are at least not completely dead). Those that are abandoned or + in other ways dormant are closed and sometimes added to `TODO` and + `KNOWN_BUGS` instead. + + This way, we only have "active" issues open on GitHub. Irrelevant issues and + pull requests do not distract developers or casual visitors. diff --git a/deps/curl/docs/CIPHERS-TLS12.md b/deps/curl/docs/CIPHERS-TLS12.md new file mode 100644 index 00000000..d67c62ba --- /dev/null +++ b/deps/curl/docs/CIPHERS-TLS12.md @@ -0,0 +1,336 @@ + + +# TLS 1.2 cipher suites + +| Id | IANA name | OpenSSL name | RFC | +|--------|-----------------------------------------------|------------------------------------|--------------------| +| 0x0001 | TLS_RSA_WITH_NULL_MD5 | NULL-MD5 | [RFC5246] | +| 0x0002 | TLS_RSA_WITH_NULL_SHA | NULL-SHA | [RFC5246] | +| 0x0003 | TLS_RSA_EXPORT_WITH_RC4_40_MD5 | EXP-RC4-MD5 | [RFC4346][RFC6347] | +| 0x0004 | TLS_RSA_WITH_RC4_128_MD5 | RC4-MD5 | [RFC5246][RFC6347] | +| 0x0005 | TLS_RSA_WITH_RC4_128_SHA | RC4-SHA | [RFC5246][RFC6347] | +| 0x0006 | TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5 | EXP-RC2-CBC-MD5 | [RFC4346] | +| 0x0007 | TLS_RSA_WITH_IDEA_CBC_SHA | IDEA-CBC-SHA | [RFC8996] | +| 0x0008 | TLS_RSA_EXPORT_WITH_DES40_CBC_SHA | EXP-DES-CBC-SHA | [RFC4346] | +| 0x0009 | TLS_RSA_WITH_DES_CBC_SHA | DES-CBC-SHA | [RFC8996] | +| 0x000A | TLS_RSA_WITH_3DES_EDE_CBC_SHA | DES-CBC3-SHA | [RFC5246] | +| 0x000B | TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHA | EXP-DH-DSS-DES-CBC-SHA | [RFC4346] | +| 0x000C | TLS_DH_DSS_WITH_DES_CBC_SHA | DH-DSS-DES-CBC-SHA | [RFC8996] | +| 0x000D | TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA | DH-DSS-DES-CBC3-SHA | [RFC5246] | +| 0x000E | TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA | EXP-DH-RSA-DES-CBC-SHA | [RFC4346] | +| 0x000F | TLS_DH_RSA_WITH_DES_CBC_SHA | DH-RSA-DES-CBC-SHA | [RFC8996] | +| 0x0010 | TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA | DH-RSA-DES-CBC3-SHA | [RFC5246] | +| 0x0011 | TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA | EXP-DHE-DSS-DES-CBC-SHA | [RFC4346] | +| 0x0012 | TLS_DHE_DSS_WITH_DES_CBC_SHA | DHE-DSS-DES-CBC-SHA | [RFC8996] | +| 0x0013 | TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA | DHE-DSS-DES-CBC3-SHA | [RFC5246] | +| 0x0014 | TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA | EXP-DHE-RSA-DES-CBC-SHA | [RFC4346] | +| 0x0015 | TLS_DHE_RSA_WITH_DES_CBC_SHA | DHE-RSA-DES-CBC-SHA | [RFC8996] | +| 0x0016 | TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA | DHE-RSA-DES-CBC3-SHA | [RFC5246] | +| 0x0017 | TLS_DH_anon_EXPORT_WITH_RC4_40_MD5 | EXP-ADH-RC4-MD5 | [RFC4346][RFC6347] | +| 0x0018 | TLS_DH_anon_WITH_RC4_128_MD5 | ADH-RC4-MD5 | [RFC5246][RFC6347] | +| 0x0019 | TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA | EXP-ADH-DES-CBC-SHA | [RFC4346] | +| 0x001A | TLS_DH_anon_WITH_DES_CBC_SHA | ADH-DES-CBC-SHA | [RFC8996] | +| 0x001B | TLS_DH_anon_WITH_3DES_EDE_CBC_SHA | ADH-DES-CBC3-SHA | [RFC5246] | +| 0x001C | | FZA-NULL-SHA | | +| 0x001D | | FZA-FZA-CBC-SHA | | +| 0x001E | TLS_KRB5_WITH_DES_CBC_SHA | KRB5-DES-CBC-SHA | [RFC2712] | +| 0x001F | TLS_KRB5_WITH_3DES_EDE_CBC_SHA | KRB5-DES-CBC3-SHA | [RFC2712] | +| 0x0020 | TLS_KRB5_WITH_RC4_128_SHA | KRB5-RC4-SHA | [RFC2712][RFC6347] | +| 0x0021 | TLS_KRB5_WITH_IDEA_CBC_SHA | KRB5-IDEA-CBC-SHA | [RFC2712] | +| 0x0022 | TLS_KRB5_WITH_DES_CBC_MD5 | KRB5-DES-CBC-MD5 | [RFC2712] | +| 0x0023 | TLS_KRB5_WITH_3DES_EDE_CBC_MD5 | KRB5-DES-CBC3-MD5 | [RFC2712] | +| 0x0024 | TLS_KRB5_WITH_RC4_128_MD5 | KRB5-RC4-MD5 | [RFC2712][RFC6347] | +| 0x0025 | TLS_KRB5_WITH_IDEA_CBC_MD5 | KRB5-IDEA-CBC-MD5 | [RFC2712] | +| 0x0026 | TLS_KRB5_EXPORT_WITH_DES_CBC_40_SHA | EXP-KRB5-DES-CBC-SHA | [RFC2712] | +| 0x0027 | TLS_KRB5_EXPORT_WITH_RC2_CBC_40_SHA | EXP-KRB5-RC2-CBC-SHA | [RFC2712] | +| 0x0028 | TLS_KRB5_EXPORT_WITH_RC4_40_SHA | EXP-KRB5-RC4-SHA | [RFC2712][RFC6347] | +| 0x0029 | TLS_KRB5_EXPORT_WITH_DES_CBC_40_MD5 | EXP-KRB5-DES-CBC-MD5 | [RFC2712] | +| 0x002A | TLS_KRB5_EXPORT_WITH_RC2_CBC_40_MD5 | EXP-KRB5-RC2-CBC-MD5 | [RFC2712] | +| 0x002B | TLS_KRB5_EXPORT_WITH_RC4_40_MD5 | EXP-KRB5-RC4-MD5 | [RFC2712][RFC6347] | +| 0x002C | TLS_PSK_WITH_NULL_SHA | PSK-NULL-SHA | [RFC4785] | +| 0x002D | TLS_DHE_PSK_WITH_NULL_SHA | DHE-PSK-NULL-SHA | [RFC4785] | +| 0x002E | TLS_RSA_PSK_WITH_NULL_SHA | RSA-PSK-NULL-SHA | [RFC4785] | +| 0x002F | TLS_RSA_WITH_AES_128_CBC_SHA | AES128-SHA | [RFC5246] | +| 0x0030 | TLS_DH_DSS_WITH_AES_128_CBC_SHA | DH-DSS-AES128-SHA | [RFC5246] | +| 0x0031 | TLS_DH_RSA_WITH_AES_128_CBC_SHA | DH-RSA-AES128-SHA | [RFC5246] | +| 0x0032 | TLS_DHE_DSS_WITH_AES_128_CBC_SHA | DHE-DSS-AES128-SHA | [RFC5246] | +| 0x0033 | TLS_DHE_RSA_WITH_AES_128_CBC_SHA | DHE-RSA-AES128-SHA | [RFC5246] | +| 0x0034 | TLS_DH_anon_WITH_AES_128_CBC_SHA | ADH-AES128-SHA | [RFC5246] | +| 0x0035 | TLS_RSA_WITH_AES_256_CBC_SHA | AES256-SHA | [RFC5246] | +| 0x0036 | TLS_DH_DSS_WITH_AES_256_CBC_SHA | DH-DSS-AES256-SHA | [RFC5246] | +| 0x0037 | TLS_DH_RSA_WITH_AES_256_CBC_SHA | DH-RSA-AES256-SHA | [RFC5246] | +| 0x0038 | TLS_DHE_DSS_WITH_AES_256_CBC_SHA | DHE-DSS-AES256-SHA | [RFC5246] | +| 0x0039 | TLS_DHE_RSA_WITH_AES_256_CBC_SHA | DHE-RSA-AES256-SHA | [RFC5246] | +| 0x003A | TLS_DH_anon_WITH_AES_256_CBC_SHA | ADH-AES256-SHA | [RFC5246] | +| 0x003B | TLS_RSA_WITH_NULL_SHA256 | NULL-SHA256 | [RFC5246] | +| 0x003C | TLS_RSA_WITH_AES_128_CBC_SHA256 | AES128-SHA256 | [RFC5246] | +| 0x003D | TLS_RSA_WITH_AES_256_CBC_SHA256 | AES256-SHA256 | [RFC5246] | +| 0x003E | TLS_DH_DSS_WITH_AES_128_CBC_SHA256 | DH-DSS-AES128-SHA256 | [RFC5246] | +| 0x003F | TLS_DH_RSA_WITH_AES_128_CBC_SHA256 | DH-RSA-AES128-SHA256 | [RFC5246] | +| 0x0040 | TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 | DHE-DSS-AES128-SHA256 | [RFC5246] | +| 0x0041 | TLS_RSA_WITH_CAMELLIA_128_CBC_SHA | CAMELLIA128-SHA | [RFC5932] | +| 0x0042 | TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA | DH-DSS-CAMELLIA128-SHA | [RFC5932] | +| 0x0043 | TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA | DH-RSA-CAMELLIA128-SHA | [RFC5932] | +| 0x0044 | TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA | DHE-DSS-CAMELLIA128-SHA | [RFC5932] | +| 0x0045 | TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA | DHE-RSA-CAMELLIA128-SHA | [RFC5932] | +| 0x0046 | TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA | ADH-CAMELLIA128-SHA | [RFC5932] | +| 0x0060 | | EXP1024-RC4-MD5 | | +| 0x0061 | | EXP1024-RC2-CBC-MD5 | | +| 0x0062 | | EXP1024-DES-CBC-SHA | | +| 0x0063 | | EXP1024-DHE-DSS-DES-CBC-SHA | | +| 0x0064 | | EXP1024-RC4-SHA | | +| 0x0065 | | EXP1024-DHE-DSS-RC4-SHA | | +| 0x0066 | | DHE-DSS-RC4-SHA | | +| 0x0067 | TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 | DHE-RSA-AES128-SHA256 | [RFC5246] | +| 0x0068 | TLS_DH_DSS_WITH_AES_256_CBC_SHA256 | DH-DSS-AES256-SHA256 | [RFC5246] | +| 0x0069 | TLS_DH_RSA_WITH_AES_256_CBC_SHA256 | DH-RSA-AES256-SHA256 | [RFC5246] | +| 0x006A | TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 | DHE-DSS-AES256-SHA256 | [RFC5246] | +| 0x006B | TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 | DHE-RSA-AES256-SHA256 | [RFC5246] | +| 0x006C | TLS_DH_anon_WITH_AES_128_CBC_SHA256 | ADH-AES128-SHA256 | [RFC5246] | +| 0x006D | TLS_DH_anon_WITH_AES_256_CBC_SHA256 | ADH-AES256-SHA256 | [RFC5246] | +| 0x0080 | | GOST94-GOST89-GOST89 | | +| 0x0081 | | GOST2001-GOST89-GOST89 | | +| 0x0082 | | GOST94-NULL-GOST94 | | +| 0x0083 | | GOST2001-NULL-GOST94 | | +| 0x0084 | TLS_RSA_WITH_CAMELLIA_256_CBC_SHA | CAMELLIA256-SHA | [RFC5932] | +| 0x0085 | TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA | DH-DSS-CAMELLIA256-SHA | [RFC5932] | +| 0x0086 | TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA | DH-RSA-CAMELLIA256-SHA | [RFC5932] | +| 0x0087 | TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA | DHE-DSS-CAMELLIA256-SHA | [RFC5932] | +| 0x0088 | TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA | DHE-RSA-CAMELLIA256-SHA | [RFC5932] | +| 0x0089 | TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA | ADH-CAMELLIA256-SHA | [RFC5932] | +| 0x008A | TLS_PSK_WITH_RC4_128_SHA | PSK-RC4-SHA | [RFC4279][RFC6347] | +| 0x008B | TLS_PSK_WITH_3DES_EDE_CBC_SHA | PSK-3DES-EDE-CBC-SHA | [RFC4279] | +| 0x008C | TLS_PSK_WITH_AES_128_CBC_SHA | PSK-AES128-CBC-SHA | [RFC4279] | +| 0x008D | TLS_PSK_WITH_AES_256_CBC_SHA | PSK-AES256-CBC-SHA | [RFC4279] | +| 0x008E | TLS_DHE_PSK_WITH_RC4_128_SHA | DHE-PSK-RC4-SHA | [RFC4279][RFC6347] | +| 0x008F | TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA | DHE-PSK-3DES-EDE-CBC-SHA | [RFC4279] | +| 0x0090 | TLS_DHE_PSK_WITH_AES_128_CBC_SHA | DHE-PSK-AES128-CBC-SHA | [RFC4279] | +| 0x0091 | TLS_DHE_PSK_WITH_AES_256_CBC_SHA | DHE-PSK-AES256-CBC-SHA | [RFC4279] | +| 0x0092 | TLS_RSA_PSK_WITH_RC4_128_SHA | RSA-PSK-RC4-SHA | [RFC4279][RFC6347] | +| 0x0093 | TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA | RSA-PSK-3DES-EDE-CBC-SHA | [RFC4279] | +| 0x0094 | TLS_RSA_PSK_WITH_AES_128_CBC_SHA | RSA-PSK-AES128-CBC-SHA | [RFC4279] | +| 0x0095 | TLS_RSA_PSK_WITH_AES_256_CBC_SHA | RSA-PSK-AES256-CBC-SHA | [RFC4279] | +| 0x0096 | TLS_RSA_WITH_SEED_CBC_SHA | SEED-SHA | [RFC4162] | +| 0x0097 | TLS_DH_DSS_WITH_SEED_CBC_SHA | DH-DSS-SEED-SHA | [RFC4162] | +| 0x0098 | TLS_DH_RSA_WITH_SEED_CBC_SHA | DH-RSA-SEED-SHA | [RFC4162] | +| 0x0099 | TLS_DHE_DSS_WITH_SEED_CBC_SHA | DHE-DSS-SEED-SHA | [RFC4162] | +| 0x009A | TLS_DHE_RSA_WITH_SEED_CBC_SHA | DHE-RSA-SEED-SHA | [RFC4162] | +| 0x009B | TLS_DH_anon_WITH_SEED_CBC_SHA | ADH-SEED-SHA | [RFC4162] | +| 0x009C | TLS_RSA_WITH_AES_128_GCM_SHA256 | AES128-GCM-SHA256 | [RFC5288] | +| 0x009D | TLS_RSA_WITH_AES_256_GCM_SHA384 | AES256-GCM-SHA384 | [RFC5288] | +| 0x009E | TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 | DHE-RSA-AES128-GCM-SHA256 | [RFC5288] | +| 0x009F | TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 | DHE-RSA-AES256-GCM-SHA384 | [RFC5288] | +| 0x00A0 | TLS_DH_RSA_WITH_AES_128_GCM_SHA256 | DH-RSA-AES128-GCM-SHA256 | [RFC5288] | +| 0x00A1 | TLS_DH_RSA_WITH_AES_256_GCM_SHA384 | DH-RSA-AES256-GCM-SHA384 | [RFC5288] | +| 0x00A2 | TLS_DHE_DSS_WITH_AES_128_GCM_SHA256 | DHE-DSS-AES128-GCM-SHA256 | [RFC5288] | +| 0x00A3 | TLS_DHE_DSS_WITH_AES_256_GCM_SHA384 | DHE-DSS-AES256-GCM-SHA384 | [RFC5288] | +| 0x00A4 | TLS_DH_DSS_WITH_AES_128_GCM_SHA256 | DH-DSS-AES128-GCM-SHA256 | [RFC5288] | +| 0x00A5 | TLS_DH_DSS_WITH_AES_256_GCM_SHA384 | DH-DSS-AES256-GCM-SHA384 | [RFC5288] | +| 0x00A6 | TLS_DH_anon_WITH_AES_128_GCM_SHA256 | ADH-AES128-GCM-SHA256 | [RFC5288] | +| 0x00A7 | TLS_DH_anon_WITH_AES_256_GCM_SHA384 | ADH-AES256-GCM-SHA384 | [RFC5288] | +| 0x00A8 | TLS_PSK_WITH_AES_128_GCM_SHA256 | PSK-AES128-GCM-SHA256 | [RFC5487] | +| 0x00A9 | TLS_PSK_WITH_AES_256_GCM_SHA384 | PSK-AES256-GCM-SHA384 | [RFC5487] | +| 0x00AA | TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 | DHE-PSK-AES128-GCM-SHA256 | [RFC5487] | +| 0x00AB | TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 | DHE-PSK-AES256-GCM-SHA384 | [RFC5487] | +| 0x00AC | TLS_RSA_PSK_WITH_AES_128_GCM_SHA256 | RSA-PSK-AES128-GCM-SHA256 | [RFC5487] | +| 0x00AD | TLS_RSA_PSK_WITH_AES_256_GCM_SHA384 | RSA-PSK-AES256-GCM-SHA384 | [RFC5487] | +| 0x00AE | TLS_PSK_WITH_AES_128_CBC_SHA256 | PSK-AES128-CBC-SHA256 | [RFC5487] | +| 0x00AF | TLS_PSK_WITH_AES_256_CBC_SHA384 | PSK-AES256-CBC-SHA384 | [RFC5487] | +| 0x00B0 | TLS_PSK_WITH_NULL_SHA256 | PSK-NULL-SHA256 | [RFC5487] | +| 0x00B1 | TLS_PSK_WITH_NULL_SHA384 | PSK-NULL-SHA384 | [RFC5487] | +| 0x00B2 | TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 | DHE-PSK-AES128-CBC-SHA256 | [RFC5487] | +| 0x00B3 | TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 | DHE-PSK-AES256-CBC-SHA384 | [RFC5487] | +| 0x00B4 | TLS_DHE_PSK_WITH_NULL_SHA256 | DHE-PSK-NULL-SHA256 | [RFC5487] | +| 0x00B5 | TLS_DHE_PSK_WITH_NULL_SHA384 | DHE-PSK-NULL-SHA384 | [RFC5487] | +| 0x00B6 | TLS_RSA_PSK_WITH_AES_128_CBC_SHA256 | RSA-PSK-AES128-CBC-SHA256 | [RFC5487] | +| 0x00B7 | TLS_RSA_PSK_WITH_AES_256_CBC_SHA384 | RSA-PSK-AES256-CBC-SHA384 | [RFC5487] | +| 0x00B8 | TLS_RSA_PSK_WITH_NULL_SHA256 | RSA-PSK-NULL-SHA256 | [RFC5487] | +| 0x00B9 | TLS_RSA_PSK_WITH_NULL_SHA384 | RSA-PSK-NULL-SHA384 | [RFC5487] | +| 0x00BA | TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 | CAMELLIA128-SHA256 | [RFC5932] | +| 0x00BD | TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256 | DHE-DSS-CAMELLIA128-SHA256 | [RFC5932] | +| 0x00BE | TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 | DHE-RSA-CAMELLIA128-SHA256 | [RFC5932] | +| 0x00BF | TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA256 | ADH-CAMELLIA128-SHA256 | [RFC5932] | +| 0x00C0 | TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 | CAMELLIA256-SHA256 | [RFC5932] | +| 0x00C3 | TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256 | DHE-DSS-CAMELLIA256-SHA256 | [RFC5932] | +| 0x00C4 | TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 | DHE-RSA-CAMELLIA256-SHA256 | [RFC5932] | +| 0x00C5 | TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA256 | ADH-CAMELLIA256-SHA256 | [RFC5932] | +| 0x00FF | TLS_EMPTY_RENEGOTIATION_INFO_SCSV | | [RFC5746] | +| 0x5600 | TLS_FALLBACK_SCSV | | [RFC7507] | +| 0xC001 | TLS_ECDH_ECDSA_WITH_NULL_SHA | ECDH-ECDSA-NULL-SHA | [RFC8422] | +| 0xC002 | TLS_ECDH_ECDSA_WITH_RC4_128_SHA | ECDH-ECDSA-RC4-SHA | [RFC8422][RFC6347] | +| 0xC003 | TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA | ECDH-ECDSA-DES-CBC3-SHA | [RFC8422] | +| 0xC004 | TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA | ECDH-ECDSA-AES128-SHA | [RFC8422] | +| 0xC005 | TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA | ECDH-ECDSA-AES256-SHA | [RFC8422] | +| 0xC006 | TLS_ECDHE_ECDSA_WITH_NULL_SHA | ECDHE-ECDSA-NULL-SHA | [RFC8422] | +| 0xC007 | TLS_ECDHE_ECDSA_WITH_RC4_128_SHA | ECDHE-ECDSA-RC4-SHA | [RFC8422][RFC6347] | +| 0xC008 | TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA | ECDHE-ECDSA-DES-CBC3-SHA | [RFC8422] | +| 0xC009 | TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA | ECDHE-ECDSA-AES128-SHA | [RFC8422] | +| 0xC00A | TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA | ECDHE-ECDSA-AES256-SHA | [RFC8422] | +| 0xC00B | TLS_ECDH_RSA_WITH_NULL_SHA | ECDH-RSA-NULL-SHA | [RFC8422] | +| 0xC00C | TLS_ECDH_RSA_WITH_RC4_128_SHA | ECDH-RSA-RC4-SHA | [RFC8422][RFC6347] | +| 0xC00D | TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA | ECDH-RSA-DES-CBC3-SHA | [RFC8422] | +| 0xC00E | TLS_ECDH_RSA_WITH_AES_128_CBC_SHA | ECDH-RSA-AES128-SHA | [RFC8422] | +| 0xC00F | TLS_ECDH_RSA_WITH_AES_256_CBC_SHA | ECDH-RSA-AES256-SHA | [RFC8422] | +| 0xC010 | TLS_ECDHE_RSA_WITH_NULL_SHA | ECDHE-RSA-NULL-SHA | [RFC8422] | +| 0xC011 | TLS_ECDHE_RSA_WITH_RC4_128_SHA | ECDHE-RSA-RC4-SHA | [RFC8422][RFC6347] | +| 0xC012 | TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA | ECDHE-RSA-DES-CBC3-SHA | [RFC8422] | +| 0xC013 | TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA | ECDHE-RSA-AES128-SHA | [RFC8422] | +| 0xC014 | TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA | ECDHE-RSA-AES256-SHA | [RFC8422] | +| 0xC015 | TLS_ECDH_anon_WITH_NULL_SHA | AECDH-NULL-SHA | [RFC8422] | +| 0xC016 | TLS_ECDH_anon_WITH_RC4_128_SHA | AECDH-RC4-SHA | [RFC8422][RFC6347] | +| 0xC017 | TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA | AECDH-DES-CBC3-SHA | [RFC8422] | +| 0xC018 | TLS_ECDH_anon_WITH_AES_128_CBC_SHA | AECDH-AES128-SHA | [RFC8422] | +| 0xC019 | TLS_ECDH_anon_WITH_AES_256_CBC_SHA | AECDH-AES256-SHA | [RFC8422] | +| 0xC01A | TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA | SRP-3DES-EDE-CBC-SHA | [RFC5054] | +| 0xC01B | TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA | SRP-RSA-3DES-EDE-CBC-SHA | [RFC5054] | +| 0xC01C | TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA | SRP-DSS-3DES-EDE-CBC-SHA | [RFC5054] | +| 0xC01D | TLS_SRP_SHA_WITH_AES_128_CBC_SHA | SRP-AES-128-CBC-SHA | [RFC5054] | +| 0xC01E | TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA | SRP-RSA-AES-128-CBC-SHA | [RFC5054] | +| 0xC01F | TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA | SRP-DSS-AES-128-CBC-SHA | [RFC5054] | +| 0xC020 | TLS_SRP_SHA_WITH_AES_256_CBC_SHA | SRP-AES-256-CBC-SHA | [RFC5054] | +| 0xC021 | TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA | SRP-RSA-AES-256-CBC-SHA | [RFC5054] | +| 0xC022 | TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA | SRP-DSS-AES-256-CBC-SHA | [RFC5054] | +| 0xC023 | TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 | ECDHE-ECDSA-AES128-SHA256 | [RFC5289] | +| 0xC024 | TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 | ECDHE-ECDSA-AES256-SHA384 | [RFC5289] | +| 0xC025 | TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 | ECDH-ECDSA-AES128-SHA256 | [RFC5289] | +| 0xC026 | TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 | ECDH-ECDSA-AES256-SHA384 | [RFC5289] | +| 0xC027 | TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 | ECDHE-RSA-AES128-SHA256 | [RFC5289] | +| 0xC028 | TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 | ECDHE-RSA-AES256-SHA384 | [RFC5289] | +| 0xC029 | TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 | ECDH-RSA-AES128-SHA256 | [RFC5289] | +| 0xC02A | TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 | ECDH-RSA-AES256-SHA384 | [RFC5289] | +| 0xC02B | TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 | ECDHE-ECDSA-AES128-GCM-SHA256 | [RFC5289] | +| 0xC02C | TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 | ECDHE-ECDSA-AES256-GCM-SHA384 | [RFC5289] | +| 0xC02D | TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 | ECDH-ECDSA-AES128-GCM-SHA256 | [RFC5289] | +| 0xC02E | TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 | ECDH-ECDSA-AES256-GCM-SHA384 | [RFC5289] | +| 0xC02F | TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 | ECDHE-RSA-AES128-GCM-SHA256 | [RFC5289] | +| 0xC030 | TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 | ECDHE-RSA-AES256-GCM-SHA384 | [RFC5289] | +| 0xC031 | TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 | ECDH-RSA-AES128-GCM-SHA256 | [RFC5289] | +| 0xC032 | TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 | ECDH-RSA-AES256-GCM-SHA384 | [RFC5289] | +| 0xC033 | TLS_ECDHE_PSK_WITH_RC4_128_SHA | ECDHE-PSK-RC4-SHA | [RFC5489][RFC6347] | +| 0xC034 | TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA | ECDHE-PSK-3DES-EDE-CBC-SHA | [RFC5489] | +| 0xC035 | TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA | ECDHE-PSK-AES128-CBC-SHA | [RFC5489] | +| 0xC036 | TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA | ECDHE-PSK-AES256-CBC-SHA | [RFC5489] | +| 0xC037 | TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 | ECDHE-PSK-AES128-CBC-SHA256 | [RFC5489] | +| 0xC038 | TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384 | ECDHE-PSK-AES256-CBC-SHA384 | [RFC5489] | +| 0xC039 | TLS_ECDHE_PSK_WITH_NULL_SHA | ECDHE-PSK-NULL-SHA | [RFC5489] | +| 0xC03A | TLS_ECDHE_PSK_WITH_NULL_SHA256 | ECDHE-PSK-NULL-SHA256 | [RFC5489] | +| 0xC03B | TLS_ECDHE_PSK_WITH_NULL_SHA384 | ECDHE-PSK-NULL-SHA384 | [RFC5489] | +| 0xC03C | TLS_RSA_WITH_ARIA_128_CBC_SHA256 | ARIA128-SHA256 | [RFC6209] | +| 0xC03D | TLS_RSA_WITH_ARIA_256_CBC_SHA384 | ARIA256-SHA384 | [RFC6209] | +| 0xC044 | TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256 | DHE-RSA-ARIA128-SHA256 | [RFC6209] | +| 0xC045 | TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384 | DHE-RSA-ARIA256-SHA384 | [RFC6209] | +| 0xC048 | TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256 | ECDHE-ECDSA-ARIA128-SHA256 | [RFC6209] | +| 0xC049 | TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384 | ECDHE-ECDSA-ARIA256-SHA384 | [RFC6209] | +| 0xC04A | TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256 | ECDH-ECDSA-ARIA128-SHA256 | [RFC6209] | +| 0xC04B | TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384 | ECDH-ECDSA-ARIA256-SHA384 | [RFC6209] | +| 0xC04C | TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256 | ECDHE-ARIA128-SHA256 | [RFC6209] | +| 0xC04D | TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384 | ECDHE-ARIA256-SHA384 | [RFC6209] | +| 0xC04E | TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256 | ECDH-ARIA128-SHA256 | [RFC6209] | +| 0xC04F | TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384 | ECDH-ARIA256-SHA384 | [RFC6209] | +| 0xC050 | TLS_RSA_WITH_ARIA_128_GCM_SHA256 | ARIA128-GCM-SHA256 | [RFC6209] | +| 0xC051 | TLS_RSA_WITH_ARIA_256_GCM_SHA384 | ARIA256-GCM-SHA384 | [RFC6209] | +| 0xC052 | TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256 | DHE-RSA-ARIA128-GCM-SHA256 | [RFC6209] | +| 0xC053 | TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384 | DHE-RSA-ARIA256-GCM-SHA384 | [RFC6209] | +| 0xC056 | TLS_DHE_DSS_WITH_ARIA_128_GCM_SHA256 | DHE-DSS-ARIA128-GCM-SHA256 | [RFC6209] | +| 0xC057 | TLS_DHE_DSS_WITH_ARIA_256_GCM_SHA384 | DHE-DSS-ARIA256-GCM-SHA384 | [RFC6209] | +| 0xC05C | TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256 | ECDHE-ECDSA-ARIA128-GCM-SHA256 | [RFC6209] | +| 0xC05D | TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384 | ECDHE-ECDSA-ARIA256-GCM-SHA384 | [RFC6209] | +| 0xC05E | TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256 | ECDH-ECDSA-ARIA128-GCM-SHA256 | [RFC6209] | +| 0xC05F | TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384 | ECDH-ECDSA-ARIA256-GCM-SHA384 | [RFC6209] | +| 0xC060 | TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256 | ECDHE-ARIA128-GCM-SHA256 | [RFC6209] | +| 0xC061 | TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384 | ECDHE-ARIA256-GCM-SHA384 | [RFC6209] | +| 0xC062 | TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256 | ECDH-ARIA128-GCM-SHA256 | [RFC6209] | +| 0xC063 | TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384 | ECDH-ARIA256-GCM-SHA384 | [RFC6209] | +| 0xC064 | TLS_PSK_WITH_ARIA_128_CBC_SHA256 | PSK-ARIA128-SHA256 | [RFC6209] | +| 0xC065 | TLS_PSK_WITH_ARIA_256_CBC_SHA384 | PSK-ARIA256-SHA384 | [RFC6209] | +| 0xC066 | TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256 | DHE-PSK-ARIA128-SHA256 | [RFC6209] | +| 0xC067 | TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384 | DHE-PSK-ARIA256-SHA384 | [RFC6209] | +| 0xC068 | TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256 | RSA-PSK-ARIA128-SHA256 | [RFC6209] | +| 0xC069 | TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384 | RSA-PSK-ARIA256-SHA384 | [RFC6209] | +| 0xC06A | TLS_PSK_WITH_ARIA_128_GCM_SHA256 | PSK-ARIA128-GCM-SHA256 | [RFC6209] | +| 0xC06B | TLS_PSK_WITH_ARIA_256_GCM_SHA384 | PSK-ARIA256-GCM-SHA384 | [RFC6209] | +| 0xC06C | TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256 | DHE-PSK-ARIA128-GCM-SHA256 | [RFC6209] | +| 0xC06D | TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384 | DHE-PSK-ARIA256-GCM-SHA384 | [RFC6209] | +| 0xC06E | TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256 | RSA-PSK-ARIA128-GCM-SHA256 | [RFC6209] | +| 0xC06F | TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384 | RSA-PSK-ARIA256-GCM-SHA384 | [RFC6209] | +| 0xC070 | TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256 | ECDHE-PSK-ARIA128-SHA256 | [RFC6209] | +| 0xC071 | TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384 | ECDHE-PSK-ARIA256-SHA384 | [RFC6209] | +| 0xC072 | TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 | ECDHE-ECDSA-CAMELLIA128-SHA256 | [RFC6367] | +| 0xC073 | TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 | ECDHE-ECDSA-CAMELLIA256-SHA384 | [RFC6367] | +| 0xC074 | TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 | ECDH-ECDSA-CAMELLIA128-SHA256 | [RFC6367] | +| 0xC075 | TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 | ECDH-ECDSA-CAMELLIA256-SHA384 | [RFC6367] | +| 0xC076 | TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 | ECDHE-RSA-CAMELLIA128-SHA256 | [RFC6367] | +| 0xC077 | TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 | ECDHE-RSA-CAMELLIA256-SHA384 | [RFC6367] | +| 0xC078 | TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256 | ECDH-CAMELLIA128-SHA256 | [RFC6367] | +| 0xC079 | TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384 | ECDH-CAMELLIA256-SHA384 | [RFC6367] | +| 0xC07A | TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256 | CAMELLIA128-GCM-SHA256 | [RFC6367] | +| 0xC07B | TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384 | CAMELLIA256-GCM-SHA384 | [RFC6367] | +| 0xC07C | TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 | DHE-RSA-CAMELLIA128-GCM-SHA256 | [RFC6367] | +| 0xC07D | TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 | DHE-RSA-CAMELLIA256-GCM-SHA384 | [RFC6367] | +| 0xC086 | TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 | ECDHE-ECDSA-CAMELLIA128-GCM-SHA256 | [RFC6367] | +| 0xC087 | TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 | ECDHE-ECDSA-CAMELLIA256-GCM-SHA384 | [RFC6367] | +| 0xC088 | TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 | ECDH-ECDSA-CAMELLIA128-GCM-SHA256 | [RFC6367] | +| 0xC089 | TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 | ECDH-ECDSA-CAMELLIA256-GCM-SHA384 | [RFC6367] | +| 0xC08A | TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 | ECDHE-CAMELLIA128-GCM-SHA256 | [RFC6367] | +| 0xC08B | TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 | ECDHE-CAMELLIA256-GCM-SHA384 | [RFC6367] | +| 0xC08C | TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256 | ECDH-CAMELLIA128-GCM-SHA256 | [RFC6367] | +| 0xC08D | TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384 | ECDH-CAMELLIA256-GCM-SHA384 | [RFC6367] | +| 0xC08E | TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256 | PSK-CAMELLIA128-GCM-SHA256 | [RFC6367] | +| 0xC08F | TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384 | PSK-CAMELLIA256-GCM-SHA384 | [RFC6367] | +| 0xC090 | TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256 | DHE-PSK-CAMELLIA128-GCM-SHA256 | [RFC6367] | +| 0xC091 | TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384 | DHE-PSK-CAMELLIA256-GCM-SHA384 | [RFC6367] | +| 0xC092 | TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256 | RSA-PSK-CAMELLIA128-GCM-SHA256 | [RFC6367] | +| 0xC093 | TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384 | RSA-PSK-CAMELLIA256-GCM-SHA384 | [RFC6367] | +| 0xC094 | TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256 | PSK-CAMELLIA128-SHA256 | [RFC6367] | +| 0xC095 | TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384 | PSK-CAMELLIA256-SHA384 | [RFC6367] | +| 0xC096 | TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 | DHE-PSK-CAMELLIA128-SHA256 | [RFC6367] | +| 0xC097 | TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 | DHE-PSK-CAMELLIA256-SHA384 | [RFC6367] | +| 0xC098 | TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 | RSA-PSK-CAMELLIA128-SHA256 | [RFC6367] | +| 0xC099 | TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 | RSA-PSK-CAMELLIA256-SHA384 | [RFC6367] | +| 0xC09A | TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 | ECDHE-PSK-CAMELLIA128-SHA256 | [RFC6367] | +| 0xC09B | TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 | ECDHE-PSK-CAMELLIA256-SHA384 | [RFC6367] | +| 0xC09C | TLS_RSA_WITH_AES_128_CCM | AES128-CCM | [RFC6655] | +| 0xC09D | TLS_RSA_WITH_AES_256_CCM | AES256-CCM | [RFC6655] | +| 0xC09E | TLS_DHE_RSA_WITH_AES_128_CCM | DHE-RSA-AES128-CCM | [RFC6655] | +| 0xC09F | TLS_DHE_RSA_WITH_AES_256_CCM | DHE-RSA-AES256-CCM | [RFC6655] | +| 0xC0A0 | TLS_RSA_WITH_AES_128_CCM_8 | AES128-CCM8 | [RFC6655] | +| 0xC0A1 | TLS_RSA_WITH_AES_256_CCM_8 | AES256-CCM8 | [RFC6655] | +| 0xC0A2 | TLS_DHE_RSA_WITH_AES_128_CCM_8 | DHE-RSA-AES128-CCM8 | [RFC6655] | +| 0xC0A3 | TLS_DHE_RSA_WITH_AES_256_CCM_8 | DHE-RSA-AES256-CCM8 | [RFC6655] | +| 0xC0A4 | TLS_PSK_WITH_AES_128_CCM | PSK-AES128-CCM | [RFC6655] | +| 0xC0A5 | TLS_PSK_WITH_AES_256_CCM | PSK-AES256-CCM | [RFC6655] | +| 0xC0A6 | TLS_DHE_PSK_WITH_AES_128_CCM | DHE-PSK-AES128-CCM | [RFC6655] | +| 0xC0A7 | TLS_DHE_PSK_WITH_AES_256_CCM | DHE-PSK-AES256-CCM | [RFC6655] | +| 0xC0A8 | TLS_PSK_WITH_AES_128_CCM_8 | PSK-AES128-CCM8 | [RFC6655] | +| 0xC0A9 | TLS_PSK_WITH_AES_256_CCM_8 | PSK-AES256-CCM8 | [RFC6655] | +| 0xC0AA | TLS_PSK_DHE_WITH_AES_128_CCM_8 | DHE-PSK-AES128-CCM8 | [RFC6655] | +| 0xC0AB | TLS_PSK_DHE_WITH_AES_256_CCM_8 | DHE-PSK-AES256-CCM8 | [RFC6655] | +| 0xC0AC | TLS_ECDHE_ECDSA_WITH_AES_128_CCM | ECDHE-ECDSA-AES128-CCM | [RFC7251] | +| 0xC0AD | TLS_ECDHE_ECDSA_WITH_AES_256_CCM | ECDHE-ECDSA-AES256-CCM | [RFC7251] | +| 0xC0AE | TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 | ECDHE-ECDSA-AES128-CCM8 | [RFC7251] | +| 0xC0AF | TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8 | ECDHE-ECDSA-AES256-CCM8 | [RFC7251] | +| 0xC100 | TLS_GOSTR341112_256_WITH_KUZNYECHIK_CTR_OMAC | GOST2012-KUZNYECHIK-KUZNYECHIKOMAC | [RFC9189] | +| 0xC101 | TLS_GOSTR341112_256_WITH_MAGMA_CTR_OMAC | GOST2012-MAGMA-MAGMAOMAC | [RFC9189] | +| 0xC102 | TLS_GOSTR341112_256_WITH_28147_CNT_IMIT | IANA-GOST2012-GOST8912-GOST8912 | [RFC9189] | +| 0xCC13 | | ECDHE-RSA-CHACHA20-POLY1305-OLD | | +| 0xCC14 | | ECDHE-ECDSA-CHACHA20-POLY1305-OLD | | +| 0xCC15 | | DHE-RSA-CHACHA20-POLY1305-OLD | | +| 0xCCA8 | TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 | ECDHE-RSA-CHACHA20-POLY1305 | [RFC7905] | +| 0xCCA9 | TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 | ECDHE-ECDSA-CHACHA20-POLY1305 | [RFC7905] | +| 0xCCAA | TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 | DHE-RSA-CHACHA20-POLY1305 | [RFC7905] | +| 0xCCAB | TLS_PSK_WITH_CHACHA20_POLY1305_SHA256 | PSK-CHACHA20-POLY1305 | [RFC7905] | +| 0xCCAC | TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256 | ECDHE-PSK-CHACHA20-POLY1305 | [RFC7905] | +| 0xCCAD | TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256 | DHE-PSK-CHACHA20-POLY1305 | [RFC7905] | +| 0xCCAE | TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256 | RSA-PSK-CHACHA20-POLY1305 | [RFC7905] | +| 0xD001 | TLS_ECDHE_PSK_WITH_AES_128_GCM_SHA256 | ECDHE-PSK-AES128-GCM-SHA256 | [RFC8442] | +| 0xE011 | | ECDHE-ECDSA-SM4-CBC-SM3 | | +| 0xE051 | | ECDHE-ECDSA-SM4-GCM-SM3 | | +| 0xE052 | | ECDHE-ECDSA-SM4-CCM-SM3 | | +| 0xFF00 | | GOST-MD5 | | +| 0xFF01 | | GOST-GOST94 | | +| 0xFF02 | | GOST-GOST89MAC | | +| 0xFF03 | | GOST-GOST89STREAM | | diff --git a/deps/curl/docs/CIPHERS.md b/deps/curl/docs/CIPHERS.md new file mode 100644 index 00000000..fb881430 --- /dev/null +++ b/deps/curl/docs/CIPHERS.md @@ -0,0 +1,273 @@ + + +## curl cipher options + +A TLS handshake involves many parameters which take part in the negotiation +between client and server in order to agree on the TLS version and set of +algorithms to use for a connection. + +What has become known as a "cipher" or better "cipher suite" in TLS +are names for specific combinations of +[key exchange](https://en.wikipedia.org/wiki/Key_exchange), +[bulk encryption](https://en.wikipedia.org/wiki/Link_encryption), +[message authentication code](https://en.wikipedia.org/wiki/Message_authentication_code) +and with TLSv1.3 the +[authenticated encryption](https://en.wikipedia.org/wiki/Authenticated_encryption). +In addition, there are other parameters that influence the TLS handshake, like +[DHE](https://en.wikipedia.org/wiki/Diffie–Hellman_key_exchange) "groups" and +[ECDHE](https://en.wikipedia.org/wiki/Elliptic-curve_Diffie–Hellman) with its +"curves". + +### History + +curl's way of letting users configure these settings closely followed OpenSSL +in its API. TLS learned new parameters, OpenSSL added new API functions and +curl added command line options. + +Several other TLS backends followed the OpenSSL approach, more or less closely, +and curl maps the command line options to these TLS backends. Some TLS +backends do not support all of it and command line options are either +ignored or lead to an error. + +Many examples below show the OpenSSL-like use of these options. GnuTLS +however chose a different approach. These are described in a separate +section further below. + +## ciphers, the OpenSSL way + +With curl's option +[`--tls13-ciphers`](https://curl.se/docs/manpage.html#--tls13-ciphers) +or +[`CURLOPT_TLS13_CIPHERS`](https://curl.se/libcurl/c/CURLOPT_TLS13_CIPHERS.html) +users can control which cipher suites to consider when negotiating TLS 1.3 +connections. With option +[`--ciphers`](https://curl.se/docs/manpage.html#--ciphers) +or +[`CURLOPT_SSL_CIPHER_LIST`](https://curl.se/libcurl/c/CURLOPT_SSL_CIPHER_LIST.html) +users can control which cipher suites to consider when negotiating +TLS 1.2 (1.1, 1.0) connections. + +By default, curl may negotiate TLS 1.3 and TLS 1.2 connections, so the cipher +suites considered when negotiating a TLS connection are a union of the TLS 1.3 +and TLS 1.2 cipher suites. If you want curl to consider only TLS 1.3 cipher +suites for the connection, you have to set the minimum TLS version to 1.3 by +using [`--tlsv1.3`](https://curl.se/docs/manpage.html#--tlsv13) +or [`CURLOPT_SSLVERSION`](https://curl.se/libcurl/c/CURLOPT_SSLVERSION.html) +with `CURL_SSLVERSION_TLSv1_3`. + +Both the TLS 1.3 and TLS 1.2 cipher options expect a list of cipher suites +separated by colons (`:`). This list is parsed opportunistically, cipher suites +that are not recognized or implemented are ignored. As long as there is at +least one recognized cipher suite in the list, the list is considered valid. + +For both the TLS 1.3 and TLS 1.2 cipher options, the order in which the +cipher suites are specified determine the preference of them. When negotiating +a TLS connection the server picks a cipher suite from the intersection of the +cipher suites supported by the server and the cipher suites sent by curl. If +the server is configured to honor the client's cipher preference, the first +common cipher suite in the list sent by curl is chosen. + +### TLS 1.3 cipher suites + +Setting TLS 1.3 cipher suites is supported by curl with +OpenSSL (1.1.1+, curl 7.61.0+), LibreSSL (3.4.1+, curl 8.3.0+), +wolfSSL (curl 8.10.0+) and mbedTLS (3.6.0+, curl 8.10.0+). + +The list of cipher suites that can be used for the `--tls13-ciphers` option: +``` +TLS_AES_128_GCM_SHA256 +TLS_AES_256_GCM_SHA384 +TLS_CHACHA20_POLY1305_SHA256 +TLS_AES_128_CCM_SHA256 +TLS_AES_128_CCM_8_SHA256 +``` + +#### wolfSSL notes + +In addition to above list the following cipher suites can be used: +`TLS_SM4_GCM_SM3` `TLS_SM4_CCM_SM3` `TLS_SHA256_SHA256` `TLS_SHA384_SHA384`. +Usage of these cipher suites is not recommended. (The last two cipher suites +are NULL ciphers, offering no encryption whatsoever.) + +### TLS 1.2 (1.1, 1.0) cipher suites + +Setting TLS 1.2 cipher suites is supported by curl with OpenSSL, LibreSSL, +BoringSSL, mbedTLS (curl 8.8.0+), wolfSSL (curl 7.53.0+), +Secure Transport (curl 7.77.0+) and BearSSL (curl 7.83.0+). Schannel does not +support setting cipher suites directly, but does support setting algorithms +(curl 7.61.0+), see Schannel notes below. + +For TLS 1.2 cipher suites there are multiple naming schemes, the two most used +are with OpenSSL names (e.g. `ECDHE-RSA-AES128-GCM-SHA256`) and IANA names +(e.g. `TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256`). IANA names of TLS 1.2 cipher +suites look similar to TLS 1.3 cipher suite names, to distinguish them note +that TLS 1.2 names contain `_WITH_`, while TLS 1.3 names do not. When setting +TLS 1.2 cipher suites with curl it is recommended that you use OpenSSL names +as these are most widely recognized by the supported SSL backends. + +The complete list of cipher suites that may be considered for the `--ciphers` +option is extensive, it consists of more than 300 ciphers suites. However, +nowadays for most of them their usage is discouraged, and support for a lot of +them have been removed from the various SSL backends, if ever implemented at +all. + +A shortened list (based on [recommendations by +Mozilla](https://wiki.mozilla.org/Security/Server_Side_TLS)) of cipher suites, +which are (mostly) supported by all SSL backends, that can be used for the +`--ciphers` option: +``` +ECDHE-ECDSA-AES128-GCM-SHA256 +ECDHE-RSA-AES128-GCM-SHA256 +ECDHE-ECDSA-AES256-GCM-SHA384 +ECDHE-RSA-AES256-GCM-SHA384 +ECDHE-ECDSA-CHACHA20-POLY1305 +ECDHE-RSA-CHACHA20-POLY1305 +DHE-RSA-AES128-GCM-SHA256 +DHE-RSA-AES256-GCM-SHA384 +DHE-RSA-CHACHA20-POLY1305 +ECDHE-ECDSA-AES128-SHA256 +ECDHE-RSA-AES128-SHA256 +ECDHE-ECDSA-AES128-SHA +ECDHE-RSA-AES128-SHA +ECDHE-ECDSA-AES256-SHA384 +ECDHE-RSA-AES256-SHA384 +ECDHE-ECDSA-AES256-SHA +ECDHE-RSA-AES256-SHA +DHE-RSA-AES128-SHA256 +DHE-RSA-AES256-SHA256 +AES128-GCM-SHA256 +AES256-GCM-SHA384 +AES128-SHA256 +AES256-SHA256 +AES128-SHA +AES256-SHA +DES-CBC3-SHA +``` + +See this [list](https://github.com/curl/curl/blob/master/docs/CIPHERS-TLS12.md) +for a complete list of TLS 1.2 cipher suites. + +#### OpenSSL notes + +In addition to specifying a list of cipher suites, OpenSSL also accepts a +format with specific cipher strings (like `TLSv1.2`, `AESGCM`, `CHACHA20`) and +`!`, `-` and `+` operators. Refer to the +[OpenSSL cipher documentation](https://docs.openssl.org/master/man1/openssl-ciphers/#cipher-list-format) +for further information on that format. + +#### Schannel notes + +Schannel does not support setting individual TLS 1.2 cipher suites directly. +It only allows the enabling and disabling of encryption algorithms. These are +in the form of `CALG_xxx`, see the [Schannel `ALG_ID` +documentation](https://docs.microsoft.com/windows/desktop/SecCrypto/alg-id) +for a list of these algorithms. Also, (since curl 7.77.0) +`SCH_USE_STRONG_CRYPTO` can be given to pass that flag to Schannel, lookup the +[documentation for the Windows version in +use](https://learn.microsoft.com/en-us/windows/win32/secauthn/cipher-suites-in-schannel) +to see how that affects the cipher suite selection. When not specifying the +`--ciphers` and `--tls13-ciphers` options curl passes this flag by default. + +### Examples + +```sh +curl \ + --tls13-ciphers TLS_AES_128_GCM_SHA256:TLS_CHACHA20_POLY1305_SHA256 \ + --ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:\ +ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305 \ + https://example.com/ +``` +Restrict ciphers to `aes128-gcm` and `chacha20`. Works with OpenSSL, LibreSSL, +mbedTLS and wolfSSL. + +```sh +curl \ + --tlsv1.3 \ + --tls13-ciphers TLS_AES_128_GCM_SHA256:TLS_CHACHA20_POLY1305_SHA256 \ + https://example.com/ +``` +Restrict to only TLS 1.3 with `aes128-gcm` and `chacha20` ciphers. Works with +OpenSSL, LibreSSL, mbedTLS, wolfSSL and Schannel. + +```sh +curl \ + --ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:\ +ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305 \ + https://example.com/ +``` +Restrict TLS 1.2 ciphers to `aes128-gcm` and `chacha20`, use default TLS 1.3 +ciphers (if TLS 1.3 is available). Works with OpenSSL, LibreSSL, BoringSSL, +mbedTLS, wolfSSL, Secure Transport and BearSSL. + +## ciphers, the GnuTLS way + +With GnuTLS, curl allows configuration of all TLS parameters via option +[`--ciphers`](https://curl.se/docs/manpage.html#--ciphers) +or +[`CURLOPT_SSL_CIPHER_LIST`](https://curl.se/libcurl/c/CURLOPT_SSL_CIPHER_LIST.html) +only. The option +[`--tls13-ciphers`](https://curl.se/docs/manpage.html#--tls13-ciphers) +or +[`CURLOPT_TLS13_CIPHERS`](https://curl.se/libcurl/c/CURLOPT_TLS13_CIPHERS.html) +is being ignored. + +`--ciphers` is used to set the GnuTLS **priority string** in +the following way: + +* When the set string starts with '+', '-' or '!' it is *appended* to the + priority string libcurl itself generates (separated by ':'). This initial + priority depends other settings such as CURLOPT_SSLVERSION(3), + CURLOPT_TLSAUTH_USERNAME(3) (for SRP) or if HTTP/3 (QUIC) + is being negotiated. +* Otherwise, the set string fully *replaces* the libcurl generated one. While + giving full control to the application, the set priority needs to + provide for everything the transfer may need to negotiate. Example: if + the set priority only allows TLSv1.2, all HTTP/3 attempts fail. + +Users may specify via `--ciphers` anything that GnuTLS supports: ciphers, +key exchange, MAC, compression, TLS versions, signature algorithms, groups, +elliptic curves, certificate types. In addition, GnuTLS has a variety of +other keywords that tweak its operations. Applications or a system +may define new alias names for priority strings that can then be used here. + +Since the order of items in priority strings is significant, it makes no +sense for curl to puzzle other ssl options somehow together. `--ciphers` +is the single way to change priority. + +### Examples + +```sh +curl \ + --ciphers '-CIPHER_ALL:+AES-128-GCM:+CHACHA20-POLY1305' \ + https://example.com/ +``` +Restrict ciphers to `aes128-gcm` and `chacha20` in GnuTLS. + +```sh +curl \ + --ciphers 'NORMAL:-VERS-ALL:+TLS1.3:-AES-256-GCM' \ + https://example.com/ +``` +Restrict to only TLS 1.3 without the `aes256-gcm` cipher. + +```sh +curl \ + --ciphers 'NORMAL:-VERS-ALL:+TLS1.2:-CIPHER_ALL:+CAMELLIA-128-GCM' \ + https://example.com/ +``` +Restrict to only TLS 1.2 with the `CAMELLIA-128-GCM` cipher. + +## Further reading +- [OpenSSL cipher suite names documentation](https://docs.openssl.org/master/man1/openssl-ciphers/#cipher-suite-names) +- [wolfSSL cipher support documentation](https://www.wolfssl.com/documentation/manuals/wolfssl/chapter04.html#cipher-support) +- [mbedTLS cipher suites reference](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/ssl__ciphersuites_8h/) +- [Schannel cipher suites documentation](https://learn.microsoft.com/en-us/windows/win32/secauthn/cipher-suites-in-schannel) +- [BearSSL supported crypto](https://www.bearssl.org/support.html) +- [Secure Transport cipher suite values](https://developer.apple.com/documentation/security/1550981-ssl_cipher_suite_values) +- [IANA cipher suites list](https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-4) +- [Wikipedia cipher suite article](https://en.wikipedia.org/wiki/Cipher_suite) +- [GnuTLS Priority Strings](https://gnutls.org/manual/html_node/Priority-Strings.html) diff --git a/deps/curl/docs/CMakeLists.txt b/deps/curl/docs/CMakeLists.txt new file mode 100644 index 00000000..8a5c87f9 --- /dev/null +++ b/deps/curl/docs/CMakeLists.txt @@ -0,0 +1,46 @@ +#*************************************************************************** +# _ _ ____ _ +# Project ___| | | | _ \| | +# / __| | | | |_) | | +# | (__| |_| | _ <| |___ +# \___|\___/|_| \_\_____| +# +# Copyright (C) Daniel Stenberg, , et al. +# +# This software is licensed as described in the file COPYING, which +# you should have received as part of this distribution. The terms +# are also available at https://curl.se/docs/copyright.html. +# +# You may opt to use, copy, modify, merge, publish, distribute and/or sell +# copies of the Software, and permit persons to whom the Software is +# furnished to do so, under the terms of the COPYING file. +# +# This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY +# KIND, either express or implied. +# +# SPDX-License-Identifier: curl +# +########################################################################### + +if(BUILD_LIBCURL_DOCS) + add_subdirectory(libcurl) +endif() +if(ENABLE_CURL_MANUAL AND BUILD_CURL_EXE) + add_subdirectory(cmdline-opts) +endif() + +if(BUILD_MISC_DOCS) + foreach(_man_misc IN ITEMS "curl-config" "mk-ca-bundle") + set(_man_target "${CMAKE_CURRENT_BINARY_DIR}/${_man_misc}.1") + add_custom_command(OUTPUT "${_man_target}" + WORKING_DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR} + COMMAND "${PERL_EXECUTABLE}" "${PROJECT_SOURCE_DIR}/scripts/cd2nroff" "${_man_misc}.md" > "${_man_target}" + DEPENDS "${_man_misc}.md" + VERBATIM + ) + add_custom_target("curl-generate-${_man_misc}.1" ALL DEPENDS "${_man_target}") + if(NOT CURL_DISABLE_INSTALL) + install(FILES "${_man_target}" DESTINATION "${CMAKE_INSTALL_MANDIR}/man1") + endif() + endforeach() +endif() diff --git a/deps/curl/docs/CODE_OF_CONDUCT.md b/deps/curl/docs/CODE_OF_CONDUCT.md new file mode 100644 index 00000000..5c887818 --- /dev/null +++ b/deps/curl/docs/CODE_OF_CONDUCT.md @@ -0,0 +1,38 @@ + + +Contributor Code of Conduct +=========================== + +As contributors and maintainers of this project, we pledge to respect all +people who contribute through reporting issues, posting feature requests, +updating documentation, submitting pull requests or patches, and other +activities. + +We are committed to making participation in this project a harassment-free +experience for everyone, regardless of level of experience, gender, gender +identity and expression, sexual orientation, disability, personal appearance, +body size, race, ethnicity, age, or religion. + +Examples of unacceptable behavior by participants include the use of sexual +language or imagery, derogatory comments or personal attacks, trolling, public +or private harassment, insults, or other unprofessional conduct. + +Project maintainers have the right and responsibility to remove, edit, or +reject comments, commits, code, wiki edits, issues, and other contributions +that are not aligned to this Code of Conduct. Project maintainers who do not +follow the Code of Conduct may be removed from the project team. + +This code of conduct applies both within project spaces and in public spaces +when an individual is representing the project or its community. + +Instances of abusive, harassing, or otherwise unacceptable behavior may be +reported by opening an issue or contacting one or more of the project +maintainers. + +This Code of Conduct is adapted from the [Contributor +Covenant](https://contributor-covenant.org/), version 1.1.0, available at +[https://contributor-covenant.org/version/1/1/0/](https://contributor-covenant.org/version/1/1/0/) diff --git a/deps/curl/docs/CODE_REVIEW.md b/deps/curl/docs/CODE_REVIEW.md new file mode 100644 index 00000000..bee26a3f --- /dev/null +++ b/deps/curl/docs/CODE_REVIEW.md @@ -0,0 +1,174 @@ + + +# How to do code reviews for curl + +Anyone and everyone is encouraged and welcome to review code submissions in +curl. This is a guide on what to check for and how to perform a successful +code review. + +## All submissions should get reviewed + +All pull requests and patches submitted to the project should be reviewed by +at least one experienced curl maintainer before that code is accepted and +merged. + +## Let the tools and tests take the first rounds + +On initial pull requests, let the tools and tests do their job first and then +start out by helping the submitter understand the test failures and tool +alerts. + +## How to provide feedback to author + +Be nice. Ask questions. Provide examples or suggestions of improvements. +Assume the best intentions. Remember language barriers. + +All first-time contributors can become regulars. Let's help them go there. + +## Is this a change we want? + +If this is not a change that seems to be aligned with the project's path +forward and as such cannot be accepted, inform the author about this sooner +rather than later. Do it gently and explain why and possibly what could be +done to make it more acceptable. + +## API/ABI stability or changed behavior + +Changing the API and the ABI may be fine in a change but it needs to be done +deliberately and carefully. If not, a reviewer must help the author to realize +the mistake. + +curl and libcurl are similarly strict on not modifying existing behavior. API +and ABI stability is not enough, the behavior should also remain intact as far +as possible. + +## Code style + +Most code style nits are detected by checksrc but not all. Only leave remarks +on style deviation once checksrc does not find anymore. + +Minor nits from fresh submitters can also be handled by the maintainer when +merging, in case it seems like the submitter is not clear on what to do. We +want to make the process fun and exciting for new contributors. + +## Encourage consistency + +Make sure new code is written in a similar style as existing code. Naming, +logic, conditions, etc. + +## Are pointers always non-NULL? + +If a function or code rely on pointers being non-NULL, take an extra look if +that seems to be a fair assessment. + +## Asserts + +Conditions that should never be false can be verified with `DEBUGASSERT()` +calls to get caught in tests and debugging easier, while not having an impact +on final or release builds. + +## Memory allocation + +Can the mallocs be avoided? Do not introduce mallocs in any hot paths. If +there are (new) mallocs, can they be combined into fewer calls? + +Are all allocations handled in error paths to avoid leaks and crashes? + +## Thread-safety + +We do not like static variables as they break thread-safety and prevent +functions from being reentrant. + +## Should features be `#ifdef`ed? + +Features and functionality may not be present everywhere and should therefore +be `#ifdef`ed. Additionally, some features should be possible to switch on/off +in the build. + +Write `#ifdef`s to be as little of a "maze" as possible. + +## Does it look portable enough? + +curl runs "everywhere". Does the code take a reasonable stance and enough +precautions to be possible to build and run on most platforms? + +Remember that we live by C89 restrictions. + +## Tests and testability + +New features should be added in conjunction with one or more test cases. +Ideally, functions should also be written so that unit tests can be done to +test individual functions. + +## Documentation + +New features or changes to existing functionality **must** be accompanied by +updated documentation. Submitting that in a separate follow-up pull request is +not OK. A code review must also verify that the submitted documentation update +matches the code submission. + +English is not everyone's first language, be mindful of this and help the +submitter improve the text if it needs a rewrite to read better. + +## Code should not be hard to understand + +Source code should be written to maximize readability and be easy to +understand. + +## Functions should not be large + +A single function should never be large as that makes it hard to follow and +understand all the exit points and state changes. Some existing functions in +curl certainly violate this ground rule but when reviewing new code we should +propose splitting into smaller functions. + +## Duplication is evil + +Anything that looks like duplicated code is a red flag. Anything that seems to +introduce code that we *should* already have or provide needs a closer check. + +## Sensitive data + +When credentials are involved, take an extra look at what happens with this +data. Where it comes from and where it goes. + +## Variable types differ + +`size_t` is not a fixed size. `time_t` can be signed or unsigned and have +different sizes. Relying on variable sizes is a red flag. + +Also remember that endianness and >= 32-bit accesses to unaligned addresses +are problematic areas. + +## Integer overflows + +Be careful about integer overflows. Some variable types can be either 32-bit +or 64-bit. Integer overflows must be detected and acted on *before* they +happen. + +## Dangerous use of functions + +Maybe use of `realloc()` should rather use the dynbuf functions? + +Do not allow new code that grows buffers without using dynbuf. + +Use of C functions that rely on a terminating zero must only be used on data +that really do have a null-terminating zero. + +## Dangerous "data styles" + +Make extra precautions and verify that memory buffers that need a terminating +zero always have exactly that. Buffers *without* a null-terminator must not be +used as input to string functions. + +# Commit messages + +Tightly coupled with a code review is making sure that the commit message is +good. It is the responsibility of the person who merges the code to make sure +that the commit message follows our standard (detailed in the +[CONTRIBUTE](CONTRIBUTE.md) document). This includes making sure the PR +identifies related issues and giving credit to reporters and helpers. diff --git a/deps/curl/docs/CONTRIBUTE.md b/deps/curl/docs/CONTRIBUTE.md new file mode 100644 index 00000000..8860f87c --- /dev/null +++ b/deps/curl/docs/CONTRIBUTE.md @@ -0,0 +1,307 @@ + + +# Contributing to the curl project + +This document is intended to offer guidelines on how to best contribute to the +curl project. This concerns new features as well as corrections to existing +flaws or bugs. + +## Join the Community + +Skip over to [https://curl.se/mail/](https://curl.se/mail/) and join +the appropriate mailing list(s). Read up on details before you post +questions. Read this file before you start sending patches. We prefer +questions sent to and discussions being held on the mailing list(s), not sent +to individuals. + +Before posting to one of the curl mailing lists, please read up on the +[mailing list etiquette](https://curl.se/mail/etiquette.html). + +We also hang out on IRC in #curl on libera.chat + +If you are at all interested in the code side of things, consider clicking +'watch' on the [curl repository on GitHub](https://github.com/curl/curl) to be +notified of pull requests and new issues posted there. + +## License and copyright + +When contributing with code, you agree to put your changes and new code under +the same license curl and libcurl is already using unless stated and agreed +otherwise. + +If you add a larger piece of code, you can opt to make that file or set of +files to use a different license as long as they do not enforce any changes to +the rest of the package and they make sense. Such "separate parts" can not be +GPL licensed (as we do not want copyleft to affect users of libcurl) but they +must use "GPL compatible" licenses (as we want to allow users to use libcurl +properly in GPL licensed environments). + +When changing existing source code, you do not alter the copyright of the +original file(s). The copyright is still owned by the original creator(s) or +those who have been assigned copyright by the original author(s). + +By submitting a patch to the curl project, you are assumed to have the right +to the code and to be allowed by your employer or whatever to hand over that +patch/code to us. We credit you for your changes as far as possible, to give +credit but also to keep a trace back to who made what changes. Please always +provide us with your full real name when contributing, + +## What To Read + +Source code, the man pages, the [INTERNALS +document](https://curl.se/dev/internals.html), +[TODO](https://curl.se/docs/todo.html), +[KNOWN_BUGS](https://curl.se/docs/knownbugs.html) and the [most recent +changes](https://curl.se/dev/sourceactivity.html) in git. Just lurking on the +[curl-library mailing list](https://curl.se/mail/list.cgi?list=curl-library) +gives you a lot of insights on what's going on right now. Asking there is a +good idea too. + +## Write a good patch + +### Follow code style + +When writing C code, follow the +[CODE_STYLE](https://curl.se/dev/code-style.html) already established in +the project. Consistent style makes code easier to read and mistakes less +likely to happen. Run `make checksrc` before you submit anything, to make sure +you follow the basic style. That script does not verify everything, but if it +complains you know you have work to do. + +### Non-clobbering All Over + +When you write new functionality or fix bugs, it is important that you do not +fiddle all over the source files and functions. Remember that it is likely +that other people have done changes in the same source files as you have and +possibly even in the same functions. If you bring completely new +functionality, try writing it in a new source file. If you fix bugs, try to +fix one bug at a time and send them as separate patches. + +### Write Separate Changes + +It is annoying when you get a huge patch from someone that is said to fix 11 +odd problems, but discussions and opinions do not agree with 10 of them - or 9 +of them were already fixed in a different way. Then the person merging this +change needs to extract the single interesting patch from somewhere within the +huge pile of source, and that creates a lot of extra work. + +Preferably, each fix that corrects a problem should be in its own patch/commit +with its own description/commit message stating exactly what they correct so +that all changes can be selectively applied by the maintainer or other +interested parties. + +Also, separate changes enable bisecting much better for tracking problems +and regression in the future. + +### Patch Against Recent Sources + +Please try to get the latest available sources to make your patches against. +It makes the lives of the developers so much easier. The best is if you get +the most up-to-date sources from the git repository, but the latest release +archive is quite OK as well. + +### Documentation + +Writing docs is dead boring and one of the big problems with many open source +projects but someone's gotta do it. It makes things a lot easier if you submit +a small description of your fix or your new features with every contribution +so that it can be swiftly added to the package documentation. + +Documentation is mostly provided as manpages or plain ASCII files. The +manpages are rendered from their source files that are usually written using +markdown. Most HTML files on the website and in the release archives are +generated from corresponding markdown and ASCII files. + +### Test Cases + +Since the introduction of the test suite, we can quickly verify that the main +features are working as they are supposed to. To maintain this situation and +improve it, all new features and functions that are added need to be tested in +the test suite. Every feature that is added should get at least one valid test +case that verifies that it works as documented. If every submitter also posts +a few test cases, it does not end up a heavy burden on a single person. + +If you do not have test cases or perhaps you have done something that is hard +to write tests for, do explain exactly how you have otherwise tested and +verified your changes. + +# Submit Your Changes + +## Get your changes merged + +Ideally you file a [pull request on +GitHub](https://github.com/curl/curl/pulls), but you can also send your plain +patch to [the curl-library mailing +list](https://curl.se/mail/list.cgi?list=curl-library). + +If you opt to post a patch on the mailing list, chances are someone converts +it into a pull request for you, to have the CI jobs verify it proper before it +can be merged. Be prepared that some feedback on the proposed change might +then come on GitHub. + +Your changes be reviewed and discussed and you are expected to correct flaws +pointed out and update accordingly, or the change risks stalling and +eventually just getting deleted without action. As a submitter of a change, +you are the owner of that change until it has been merged. + +Respond on the list or on GitHub about the change and answer questions and/or +fix nits/flaws. This is important. We take lack of replies as a sign that you +are not anxious to get your patch accepted and we tend to simply drop such +changes. + +## About pull requests + +With GitHub it is easy to send a [pull +request](https://github.com/curl/curl/pulls) to the curl project to have +changes merged. + +We strongly prefer pull requests to mailed patches, as it makes it a proper +git commit that is easy to merge and they are easy to track and not that easy +to lose in the flood of many emails, like they sometimes do on the mailing +lists. + +Every pull request submitted is automatically tested in several different +ways. [See the CI document for more +information](https://github.com/curl/curl/blob/master/tests/CI.md). + +Sometimes the tests fail due to a dependency service temporarily being offline +or otherwise unavailable, e.g. package downloads. In this case you can just +try to update your pull requests to rerun the tests later as described below. + +You can update your pull requests by pushing new commits or force-pushing +changes to existing commits. Force-pushing an amended commit without any +actual content changed also allows you to retrigger the tests for that commit. + +When you adjust your pull requests after review, consider squashing the +commits so that we can review the full updated version more easily. + +A pull request sent to the project might get labeled `needs-votes` by a +project maintainer. This label means that in addition to meeting all other +checks and qualifications this pull request must also receive more "votes" of +user support. More signs that people want this to happen. It could be in the +form of messages saying so, or thumbs-up reactions on GitHub. + +## When the pull request is approved + +If it does not seem to get approved when you think it is ready - feel free to +ask for approval. + +Once your pull request has been approved it can be merged by a maintainer. + +For new features, or changes, we require that the *feature window* is open for +the pull request to be merged. This is typically a three week period that +starts ten days after a previous release. New features submitted as pull +requests while the window is closed simply have to wait until it opens to get +merged. + +If time passes without your approved pull request gets merged: feel free to +ask what more you can do to make it happen. + +## Making quality changes + +Make the patch against as recent source versions as possible. + +If you have followed the tips in this document and your patch still has not +been incorporated or responded to after some weeks, consider resubmitting it +to the list or better yet: change it to a pull request. + +## Commit messages + +How to write git commit messages in the curl project. + + ---- start ---- + [area]: [short line describing the main effect] + -- empty line -- + [full description, no wider than 72 columns that describes as much as + possible as to why this change is made, and possibly what things + it fixes and everything else that is related, + -- end -- + +The first line is a succinct description of the change and should ideally work +as a single line in the RELEASE NOTES. + + - use the imperative, present tense: **change** not "changed" nor "changes" + - do not capitalize the first letter + - no period (.) at the end + +The `[area]` in the first line can be `http2`, `cookies`, `openssl` or +similar. There is no fixed list to select from but using the same "area" as +other related changes could make sense. + +## Commit message keywords + +Use the following ways to improve the message and provide pointers to related +work. + +- `Follow-up to {shorthash}` - if this fixes or continues a previous commit; +add a `Ref:` that commit's PR or issue if it is not a small, obvious fix; +followed by an empty line + +- `Bug: URL` to the source of the report or more related discussion; use +`Fixes` for GitHub issues instead when that is appropriate. + +- `Approved-by: John Doe` - credit someone who approved the PR. + +- `Authored-by: John Doe` - credit the original author of the code; only use +this if you cannot use `git commit --author=...`. + +- `Signed-off-by: John Doe` - we do not use this, but do not bother removing + it. + +- `whatever-else-by:` credit all helpers, finders, doers; try to use one of +the following keywords if at all possible, for consistency: `Acked-by:`, +`Assisted-by:`, `Co-authored-by:`, `Found-by:`, `Reported-by:`, +`Reviewed-by:`, `Suggested-by:`, `Tested-by:`. + +- `Ref: #1234` - if this is related to a GitHub issue or PR, possibly one that +has already been closed. + +- `Ref: URL` to more information about the commit; use `Bug:` instead for a +reference to a bug on another bug tracker] + +- `Fixes #1234` - if this fixes a GitHub issue; GitHub closes the issue once +this commit is merged. + +- `Closes #1234` - if this merges a GitHub PR; GitHub closes the PR once this +commit is merged. + +Do not forget to use commit with `--author` if you commit someone else's work, +and make sure that you have your own user and email setup correctly in git +before you commit. + +Add whichever header lines as appropriate, with one line per person if more +than one person was involved. There is no need to credit yourself unless you +are using `--author` which hides your identity. Do not include people's email +addresses in headers to avoid spam, unless they are already public from a +previous commit; saying `{userid} on github` is OK. + +## Push Access + +If you are a frequent contributor, you may be given push access to the git +repository and then you are able to push your changes straight into the git +repository instead of sending changes as pull requests or by mail as patches. + +Just ask if this is what you would want. You are required to have posted +several high quality patches first, before you can be granted push access. + +## Useful resources + - [Webinar on getting code into cURL](https://www.youtube.com/watch?v=QmZ3W1d6LQI) + +# Update copyright and license information + +There is a CI job called **REUSE compliance / check** that runs on every pull +request and commit to verify that the *REUSE state* of all files are still +fine. + +This means that all files need to have their license and copyright information +clearly stated. Ideally by having the standard curl source code header, with +the `SPDX-License-Identifier` included. If the header does not work, you can +use a smaller header or add the information for a specific file to the +`REUSE.toml` file. + +You can manually verify the copyright and compliance status by running the +[REUSE helper tool](https://github.com/fsfe/reuse-tool): `reuse lint` diff --git a/deps/curl/docs/CURL-DISABLE.md b/deps/curl/docs/CURL-DISABLE.md new file mode 100644 index 00000000..63de4026 --- /dev/null +++ b/deps/curl/docs/CURL-DISABLE.md @@ -0,0 +1,191 @@ + + +# Code defines to disable features and protocols + +## `CURL_DISABLE_ALTSVC` + +Disable support for Alt-Svc: HTTP headers. + +## `CURL_DISABLE_BINDLOCAL` + +Disable support for binding the local end of connections. + +## `CURL_DISABLE_COOKIES` + +Disable support for HTTP cookies. + +## `CURL_DISABLE_BASIC_AUTH` + +Disable support for the Basic authentication methods. + +## `CURL_DISABLE_BEARER_AUTH` + +Disable support for the Bearer authentication methods. + +## `CURL_DISABLE_DIGEST_AUTH` + +Disable support for the Digest authentication methods. + +## `CURL_DISABLE_KERBEROS_AUTH` + +Disable support for the Kerberos authentication methods. + +## `CURL_DISABLE_NEGOTIATE_AUTH` + +Disable support for the negotiate authentication methods. + +## `CURL_DISABLE_AWS` + +Disable **aws-sigv4** support. + +## `CURL_DISABLE_CA_SEARCH` + +Disable unsafe CA bundle search in PATH on Windows. + +## `CURL_DISABLE_DICT` + +Disable the DICT protocol + +## `CURL_DISABLE_DOH` + +Disable DNS-over-HTTPS + +## `CURL_DISABLE_FILE` + +Disable the FILE protocol + +## `CURL_DISABLE_FORM_API` + +Disable the form API + +## `CURL_DISABLE_FTP` + +Disable the FTP (and FTPS) protocol + +## `CURL_DISABLE_GETOPTIONS` + +Disable the `curl_easy_options` API calls that lets users get information +about existing options to `curl_easy_setopt`. + +## `CURL_DISABLE_GOPHER` + +Disable the GOPHER protocol. + +## `CURL_DISABLE_HEADERS_API` + +Disable the HTTP header API. + +## `CURL_DISABLE_HSTS` + +Disable the HTTP Strict Transport Security support. + +## `CURL_DISABLE_HTTP` + +Disable the HTTP(S) protocols. Note that this then also disable HTTP proxy +support. + +## `CURL_DISABLE_HTTP_AUTH` + +Disable support for all HTTP authentication methods. + +## `CURL_DISABLE_IMAP` + +Disable the IMAP(S) protocols. + +## `CURL_DISABLE_LDAP` + +Disable the LDAP(S) protocols. + +## `CURL_DISABLE_LDAPS` + +Disable the LDAPS protocol. + +## `CURL_DISABLE_LIBCURL_OPTION` + +Disable the --libcurl option from the curl tool. + +## `CURL_DISABLE_MIME` + +Disable MIME support. + +## `CURL_DISABLE_MQTT` + +Disable MQTT support. + +## `CURL_DISABLE_NETRC` + +Disable the netrc parser. + +## `CURL_DISABLE_NTLM` + +Disable support for NTLM. + +## `CURL_DISABLE_OPENSSL_AUTO_LOAD_CONFIG` + +Disable the auto load config support in the OpenSSL backend. + +## `CURL_DISABLE_PARSEDATE` + +Disable date parsing + +## `CURL_DISABLE_POP3` + +Disable the POP3 protocol + +## `CURL_DISABLE_PROGRESS_METER` + +Disable the built-in progress meter + +## `CURL_DISABLE_PROXY` + +Disable support for proxies + +## `CURL_DISABLE_IPFS` + +Disable the IPFS/IPNS protocols. This affects the curl tool only, where +IPFS/IPNS protocol support is implemented. + +## `CURL_DISABLE_RTSP` + +Disable the RTSP protocol. + +## `CURL_DISABLE_SHA512_256` + +Disable the SHA-512/256 hash algorithm. + +## `CURL_DISABLE_SHUFFLE_DNS` + +Disable the shuffle DNS feature + +## `CURL_DISABLE_SMB` + +Disable the SMB(S) protocols + +## `CURL_DISABLE_SMTP` + +Disable the SMTP(S) protocols + +## `CURL_DISABLE_SOCKETPAIR` + +Disable the use of `socketpair()` internally to allow waking up and canceling +`curl_multi_poll()`. + +## `CURL_DISABLE_TELNET` + +Disable the TELNET protocol + +## `CURL_DISABLE_TFTP` + +Disable the TFTP protocol + +## `CURL_DISABLE_VERBOSE_STRINGS` + +Disable verbose strings and error messages. + +## `CURL_DISABLE_WEBSOCKETS` + +Disable the WebSocket protocols. diff --git a/deps/curl/docs/CURLDOWN.md b/deps/curl/docs/CURLDOWN.md new file mode 100644 index 00000000..18c1cbc3 --- /dev/null +++ b/deps/curl/docs/CURLDOWN.md @@ -0,0 +1,168 @@ + + +# curldown + +A markdown-like syntax for libcurl man pages. + +## Purpose + +A text format for writing libcurl documentation in the shape of man pages. + +Make it easier for users to contribute and write documentation. A format that +is easier on the eye in its source format. + +Make it harder to do syntactical mistakes. + +Use a format that allows creating man pages that end up looking exactly like +the man pages did when we wrote them in nroff format. + +Take advantage of the fact that people these days are accustomed to markdown +by using a markdown-like syntax. + +This allows us to fix issues in the nroff format easier since now we generate +them. For example: escaping minus to prevent them from being turned into +Unicode by man. + +Generate nroff output that looks (next to) *identical* to the previous files, +so that the look, existing test cases, HTML conversions, existing +infrastructure etc remain mostly intact. + +Contains meta-data in a structured way to allow better output (for example the +see also information) and general awareness of what the file is about. + +## File extension + +Since curldown looks similar to markdown, we use `.md` extensions on the +files. + +## Conversion + +Convert **from curldown to nroff** with `cd2nroff`. Generates nroff man pages. + +Convert **from nroff to curldown** with `nroff2cd`. This is only meant to be +used for the initial conversion to curldown and should ideally never be needed +again. + +Convert, check or clean up an existing curldown to nicer, better, cleaner +curldown with **cd2cd**. + +Mass-convert all curldown files to nroff in specified directories with +`cdall`: + + cdall [dir1] [dir2] [dir3] .. + +## Known issues + +The `cd2nroff` tool does not yet handle *italics* or **bold** where the start +and the end markers are used on separate lines. + +The `nroff2cd` tool generates code style quotes for all `.fi` sections since +the nroff format does not carry a distinction. + +# Format + +Each curldown starts with a header with meta-data: + + --- + c: Copyright (C) Daniel Stenberg, , et al. + SPDX-License-Identifier: curl + Title: CURLOPT_AWS_SIGV4 + Section: 3 + Source: libcurl + Protocol: + - HTTP + See-also: + - CURLOPT_HEADEROPT (3) + - CURLOPT_HTTPAUTH (3) + TLS-backend: + - [name] + Added-in: [version or "n/a"] + --- + +All curldown files *must* have all the headers present and at least one +`See-also:` entry specified. + +If the man page is for section 3 (library related). The `Protocol` list must +contain at least one protocol, which can be `*` if the option is virtually for +everything. If `*` is used, it must be the only listed protocol. Recognized +protocols are either URL schemes (in uppercase), `TLS` or `TCP`. + +If the `Protocol` list contains `TLS`, then there must also be a `TLS-backend` +list, specifying `All` or a list of what TLS backends that work with this +option. The available TLS backends are: + +- `BearSSL` +- `GnuTLS` +- `mbedTLS` +- `OpenSSL` (also covers BoringSSL, LibreSSL, quictls, AWS-LC and AmiSSL) +- `rustls` +- `Schannel` +- `Secure Transport` +- `wolfSSL` +- `All`: all TLS backends + +Following the header in the file, is the manual page using markdown-like +syntax: + +~~~ + # NAME + a page - this is a page descriving something + + # SYNOPSIS + ~~~c + #include + + CURLcode curl_easy_setopt(CURL *handle, CURLOPT_AWS_SIGV4, char *param); + ~~~ +~~~ + +Quoted source code should start with `~~~c` and end with `~~~` while regular +quotes can start with `~~~` or just be indented with 4 spaces. + +Headers at top-level `#` get converted to `.SH`. + +`nroff2cd` supports the `##` next level header which gets converted to `.IP`. + +Write bold words or phrases within `**` like: + + This is a **bold** word. + +Write italics like: + + This is *italics*. + +Due to how man pages do not support backticks especially formatted, such +occurrences in the source are instead just using italics in the generated +output: + + This `word` appears in italics. + +When generating the nroff output, the tooling removes superfluous newlines, +meaning they can be used freely in the source file to make the text more +readable. + +To make sure curldown documents render correctly as markdown, all literal +occurrences of `<` or `>` need to be escaped by a leading backslash. + +## Generating contents + +`# %PROTOCOLS%` - inserts a **PROTOCOLS** section based on the metadata +provided in the header. + +`# %AVAILABILITY%` - inserts an **AVAILABILITY** section based on the metadata +provided in the header. + +## Symbols + +All mentioned curl symbols that have their own man pages, like +`curl_easy_perform(3)` are automatically rendered using italics in the output +without having to enclose it with asterisks. This helps ensuring that they get +converted to links properly later in the HTML version on the website, as +converted with `roffit`. This makes the curldown text easier to read even when +mentioning many curl symbols. + +This auto-linking works for patterns matching `(lib|)curl[^ ]*(3)`. diff --git a/deps/curl/docs/DEPRECATE.md b/deps/curl/docs/DEPRECATE.md new file mode 100644 index 00000000..7f974a3f --- /dev/null +++ b/deps/curl/docs/DEPRECATE.md @@ -0,0 +1,59 @@ + + +# Items to be removed from future curl releases + +If any of these deprecated features is a cause for concern for you, please +email the +[curl-library mailing list](https://lists.haxx.se/listinfo/curl-library) +as soon as possible and explain to us why this is a problem for you and +how your use case cannot be satisfied properly using a workaround. + +## TLS libraries without 1.3 support + +curl drops support for TLS libraries without TLS 1.3 capability after May +2025. + +It requires that a curl build using the library should be able to negotiate +and use TLS 1.3, or else it is not good enough. + +As of May 2024, the libraries that need to get fixed to remain supported after +May 2025 are: BearSSL and Secure Transport. + +## msh3 support + +The msh3 backed for QUIC and HTTP/3 was introduced in April 2022 but has never +been made to work properly. It has seen no visible traction or developer +activity from the msh3 main author (or anyone else seemingly interested) in +two years. As a non-functional backend, it only adds friction and "weight" to +the development and maintenance. + +Meanwhile, we have a fully working backend in the ngtcp2 one and we have two +fully working backends in OpenSSL-QUIC and quiche well on their way of ending +their experimental status in a future. + +We remove msh3 support from the curl source tree in July 2025. + +## winbuild build system + +curl drops support for the winbuild build method after September 2025. + +We recommend migrating to CMake. See the migration guide in +`docs/INSTALL-CMAKE.md`. + +## Past removals + + - Pipelining + - axTLS + - PolarSSL + - NPN + - Support for systems without 64-bit data types + - NSS + - gskit + - MinGW v1 + - NTLM_WB + - space-separated `NOPROXY` patterns + - hyper diff --git a/deps/curl/docs/DISTROS.md b/deps/curl/docs/DISTROS.md new file mode 100644 index 00000000..628559ee --- /dev/null +++ b/deps/curl/docs/DISTROS.md @@ -0,0 +1,286 @@ + + +# curl distros + + + +Lots of organizations distribute curl packages to end users. This is a +collection of pointers to where to learn more about curl on and with each +distro. Those marked *Rolling Release* typically run the latest version of curl +and are therefore less likely to have back-ported patches to older versions. + +We discuss curl distro issues, patches and collaboration on the [curl-distros +mailing list](https://lists.haxx.se/listinfo/curl-distros) ([list +archives](https://curl.se/mail/list.cgi?list=curl-distros)). + +## AlmaLinux + +- curl package source and patches: https://git.almalinux.org/rpms/curl/ +- curl issues: https://bugs.almalinux.org/view_all_bug_page.php click Category and choose curl +- curl security: https://errata.almalinux.org/ search for curl + +## Alpine Linux + +- curl: https://pkgs.alpinelinux.org/package/edge/main/x86_64/curl +- curl issues: https://gitlab.alpinelinux.org/alpine/aports/-/issues +- curl security: https://security.alpinelinux.org/srcpkg/curl +- curl package source and patches: https://gitlab.alpinelinux.org/alpine/aports/-/tree/master/main/curl + +## Alt Linux + +- curl: http://www.sisyphus.ru/srpm/Sisyphus/curl +- curl issues: https://packages.altlinux.org/en/sisyphus/srpms/curl/issues/ +- curl patches: https://git.altlinux.org/gears/c/curl.git?p=curl.git;a=tree;f=.gear + +## Arch Linux + +*Rolling Release* + +- curl: https://archlinux.org/packages/core/x86_64/curl/ +- curl issues: https://gitlab.archlinux.org/archlinux/packaging/packages/curl/-/issues +- curl security: https://security.archlinux.org/package/curl +- curl wiki: https://wiki.archlinux.org/title/CURL + +## Buildroot + +*Rolling Release* + +- curl package source and patches: https://git.buildroot.net/buildroot/tree/package/libcurl +- curl issues: https://bugs.buildroot.org/buglist.cgi?quicksearch=curl + +## Chimera + +- curl package source and patches: https://github.com/chimera-linux/cports/tree/master/main/curl + +## Clear Linux + +*Rolling Release* + +- curl: https://github.com/clearlinux-pkgs/curl +- curl issues: https://github.com/clearlinux/distribution/issues + +## Conary + +- curl: https://github.com/conan-io/conan-center-index/tree/master/recipes/libcurl +- curl issues: https://github.com/conan-io/conan-center-index/issues +- curl patches: https://github.com/conan-io/conan-center-index/tree/master/recipes/libcurl (in `all/patches/*`, if any) + +## conda-forge + +- curl: https://github.com/conda-forge/curl-feedstock +- curl issues: https://github.com/conda-forge/curl-feedstock/issues + +## CRUX + +- curl: https://crux.nu/portdb/?a=search&q=curl +- curl issues: https://git.crux.nu/ports/core/issues/?type=all&state=open&q=curl + +## curl-for-win + +(this is the official curl binaries for Windows shipped by the curl project) + +*Rolling Release* + +- curl: https://curl.se/windows/ +- curl patches: https://github.com/curl/curl-for-win/blob/main/curl.patch (if any) +- build-specific issues: https://github.com/curl/curl-for-win/issues + +Issues and patches for this are managed in the main curl project. + +## Cygwin + +- curl: https://cygwin.com/cgit/cygwin-packages/curl/tree/curl.cygport +- curl patches: https://cygwin.com/cgit/cygwin-packages/curl/tree +- curl issues: https://inbox.sourceware.org/cygwin/?q=s%3Acurl + +## Cygwin (cross mingw64) + +- mingw64-x86_64-curl: https://cygwin.com/cgit/cygwin-packages/mingw64-x86_64-curl/tree/mingw64-x86_64-curl.cygport +- mingw64-x86_64-curl patches: https://cygwin.com/cgit/cygwin-packages/mingw64-x86_64-curl/tree +- mingw64-x86_64-curl issues: https://inbox.sourceware.org/cygwin/?q=s%3Amingw64-x86_64-curl + +## Debian + +- curl: https://tracker.debian.org/pkg/curl +- curl issues: https://bugs.debian.org/cgi-bin/pkgreport.cgi?pkg=curl +- curl patches: https://udd.debian.org/patches.cgi?src=curl +- curl patches: https://salsa.debian.org/debian/curl (in debian/* branches, inside the folder debian/patches) + +## Fedora + +- curl: https://src.fedoraproject.org/rpms/curl +- curl issues: [bugzilla](https://bugzilla.redhat.com/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&classification=Fedora&product=Fedora&product=Fedora%20EPEL&component=curl) +- curl patches: [list of patches in package git](https://src.fedoraproject.org/rpms/curl/tree/rawhide) + +## FreeBSD + +- curl: https://cgit.freebsd.org/ports/tree/ftp/curl +- curl patches: https://cgit.freebsd.org/ports/tree/ftp/curl +- curl issues: https://bugs.freebsd.org/bugzilla/buglist.cgi?bug_status=__open__&order=Importance&product=Ports%20%26%20Packages&query_format=advanced&short_desc=curl&short_desc_type=allwordssubstr + +## Gentoo Linux + +*Rolling Release* + +- curl: https://packages.gentoo.org/packages/net-misc/curl +- curl issues: https://bugs.gentoo.org/buglist.cgi?quicksearch=net-misc/curl +- curl package sources and patches: https://gitweb.gentoo.org/repo/gentoo.git/tree/net-misc/curl/ + +## GNU Guix + +*Rolling Release* + +- curl: https://git.savannah.gnu.org/gitweb/?p=guix.git;a=blob;f=gnu/packages/curl.scm;hb=HEAD +- curl issues: https://issues.guix.gnu.org/search?query=curl + +## Homebrew + +*Rolling Release* + +- curl: https://formulae.brew.sh/formula/curl + +Homebrew's policy is that all patches and issues should be submitted upstream +unless it is specific to Homebrew's way of packaging software. + +## MacPorts + +*Rolling Release* + +- curl: https://github.com/macports/macports-ports/tree/master/net/curl +- curl issues: https://trac.macports.org/query?0_port=curl&0_port_mode=%7E&0_status=%21closed +- curl patches: https://github.com/macports/macports-ports/tree/master/net/curl/files + +## Mageia + +- curl: https://svnweb.mageia.org/packages/cauldron/curl/current/SPECS/curl.spec?view=markup +- curl issues: https://bugs.mageia.org/buglist.cgi?bug_status=NEW&bug_status=UNCONFIRMED&bug_status=NEEDINFO&bug_status=UPSTREAM&bug_status=ASSIGNED&component=RPM%20Packages&f1=cf_rpmpkg&list_id=176576&o1=casesubstring&product=Mageia&query_format=advanced&v1=curl +- curl patches: https://svnweb.mageia.org/packages/cauldron/curl/current/SOURCES/ +- curl patches in stable distro releases: https://svnweb.mageia.org/packages/updates//curl/current/SOURCES/ +- curl security: https://advisories.mageia.org/src_curl.html + +## MSYS2 + +*Rolling Release* + +- curl: https://github.com/msys2/MSYS2-packages/tree/master/curl +- curl issues: https://github.com/msys2/MSYS2-packages/issues +- curl patches: https://github.com/msys2/MSYS2-packages/tree/master/curl (`*.patch`) + +## MSYS2 (mingw-w64) + +*Rolling Release* + +- curl: https://github.com/msys2/MINGW-packages/tree/master/mingw-w64-curl +- curl issues: https://github.com/msys2/MINGW-packages/issues +- curl patches: https://github.com/msys2/MINGW-packages/tree/master/mingw-w64-curl (`*.patch`) + +## Muldersoft + +*Rolling Release* + +- curl: https://github.com/lordmulder/cURL-build-win32 +- curl issues: https://github.com/lordmulder/cURL-build-win32/issues +- curl patches: https://github.com/lordmulder/cURL-build-win32/tree/master/patch + +## NixOS + +- curl: https://github.com/NixOS/nixpkgs/blob/master/pkgs/tools/networking/curl/default.nix +- curl issues: https://github.com/NixOS/nixpkgs + +nixpkgs is the package repository used by the NixOS Linux distribution, but +can also be used on other distributions + +## OmniOS + +- curl: https://github.com/omniosorg/omnios-build/tree/master/build/curl +- curl issues: https://github.com/omniosorg/omnios-build/issues +- curl patches: https://github.com/omniosorg/omnios-build/tree/master/build/curl/patches + +## OpenIndiana + +- curl: https://github.com/OpenIndiana/oi-userland/tree/oi/hipster/components/web/curl +- curl issues: https://www.illumos.org/projects/openindiana/issues +- curl patches: https://github.com/OpenIndiana/oi-userland/tree/oi/hipster/components/web/curl/patches + +## OpenSUSE + +- curl source and patches: https://build.opensuse.org/package/show/openSUSE%3AFactory/curl + +## Oracle Solaris + +- curl: https://github.com/oracle/solaris-userland/tree/master/components/curl +- curl issues: https://support.oracle.com/ (requires support contract) +- curl patches: https://github.com/oracle/solaris-userland/tree/master/components/curl/patches + +## OpenEmbedded / Yocto Project + +*Rolling Release* + +- curl: https://layers.openembedded.org/layerindex/recipe/5765/ +- curl issues: https://bugzilla.yoctoproject.org/ +- curl patches: https://git.openembedded.org/openembedded-core/tree/meta/recipes-support/curl + +## PLD Linux + +- curl package source and patches: https://github.com/pld-linux/curl +- curl issues: https://bugs.launchpad.net/pld-linux?field.searchtext=curl&search=Search&field.status%3Alist=NEW&field.status%3Alist=INCOMPLETE_WITH_RESPONSE&field.status%3Alist=INCOMPLETE_WITHOUT_RESPONSE&field.status%3Alist=CONFIRMED&field.status%3Alist=TRIAGED&field.status%3Alist=INPROGRESS&field.status%3Alist=FIXCOMMITTED&field.assignee=&field.bug_reporter=&field.omit_dupes=on&field.has_patch=&field.has_no_package= + +## pkgsrc + +- curl: https://github.com/NetBSD/pkgsrc/tree/trunk/www/curl +- curl issues: https://github.com/NetBSD/pkgsrc/issues +- curl patches: https://github.com/NetBSD/pkgsrc/tree/trunk/www/curl/patches + +## Red Hat Enterprise Linux / CentOS Stream + +- curl: https://kojihub.stream.centos.org/koji/packageinfo?packageID=217 +- curl issues: https://issues.redhat.com/secure/CreateIssueDetails!init.jspa?pid=12332745&issuetype=1&components=12377466&priority=10300 +- curl patches: https://gitlab.com/redhat/centos-stream/rpms/curl + +## Rocky Linux + +- curl: https://git.rockylinux.org/staging/rpms/curl/-/blob/r9/SPECS/curl.spec +- curl issues: https://bugs.rockylinux.org +- curl patches: https://git.rockylinux.org/staging/rpms/curl/-/tree/r9/SOURCES + +## SerenityOS + +- curl: https://github.com/SerenityOS/serenity/tree/master/Ports/curl +- curl issues: https://github.com/SerenityOS/serenity/issues?q=label%3Aports +- curl patches: https://github.com/SerenityOS/serenity/tree/master/Ports/curl/patches + +## SmartOS + +- curl: https://github.com/TritonDataCenter/illumos-extra/tree/master/curl +- curl issues: https://github.com/TritonDataCenter/illumos-extra/issues +- curl patches: https://github.com/TritonDataCenter/illumos-extra/tree/master/curl/Patches + +## SPACK + +- curl package source and patches: https://github.com/spack/spack/tree/develop/var/spack/repos/builtin/packages/curl + +## vcpkg + +*Rolling Release* + +- curl: https://github.com/microsoft/vcpkg/tree/master/ports/curl +- curl issues: https://github.com/microsoft/vcpkg/issues +- curl patches: https://github.com/microsoft/vcpkg/tree/master/ports/curl (`*.patch`) + +## Void Linux + +*Rolling Release* + +- curl: https://github.com/void-linux/void-packages/tree/master/srcpkgs/curl +- curl issues: https://github.com/void-linux/void-packages/issues +- curl patches: https://github.com/void-linux/void-packages/tree/master/srcpkgs/curl/patches + +## Wolfi + +*Rolling Release* + +- curl: https://github.com/wolfi-dev/os/blob/main/curl.yaml diff --git a/deps/curl/docs/EARLY-RELEASE.md b/deps/curl/docs/EARLY-RELEASE.md new file mode 100644 index 00000000..e66dbbd4 --- /dev/null +++ b/deps/curl/docs/EARLY-RELEASE.md @@ -0,0 +1,73 @@ + + +# How to determine if an early patch release is warranted + +In the curl project we do releases every 8 weeks. Unless we break the cycle +and do an early patch release. + +We do frequent releases partly to always have the next release "not too far +away". + +## Bugfix + +During the release cycle, and especially in the beginning of a new cycle (the +so-called "cool down" period), there are times when a bug is reported and +after it has been subsequently fixed correctly, the question might be asked: +is this bug and associated fix important enough for an early patch release? + +The question can only be properly asked when a fix has been created and landed +in the git master branch. + +## Early release + +An early patch release means that we ship a new, complete and full release +called `major.minor.patch` where the `patch` part is increased by one since +the previous release. A curl release is a curl release. There is no small or +big and we never release just a patch. There is only "release". + +## Questions to ask + + - Is there a security advisory rated high or critical? + - Is there a data corruption bug? + - Did the bug cause an API/ABI breakage? + - Does the problem annoy a significant share of the user population? + +If the answer is yes to one or more of the above, an early release might be +warranted. + +More questions to ask ourselves when doing the assessment if the answers to +the three ones above are all 'no'. + + - Does the bug cause curl to prematurely terminate? + - How common is the affected buggy option/feature/protocol/platform to get + used? + - How large is the estimated impacted user base? + - Does the bug block something crucial for applications or other adoption of + curl "out there" ? + - Does the bug cause problems for curl developers or others on "the curl + team" ? + - Is the bug limited to the curl tool only? That might have a smaller impact + than a bug also present in libcurl. + - Is there a (decent) workaround? + - Is it a regression? Is the bug introduced in this release? + - Can the bug be fixed "easily" by applying a patch? + - Does the bug break the build? Most users do not build curl themselves. + - How long is it until the already scheduled next release? + - Can affected users safely rather revert to a former release until the next + scheduled release? + - Is it a performance regression with no functionality side-effects? If so it + has to be substantial. + +## If an early release is deemed necessary + +Unless done for security or similarly important reasons, an early release +should not be done within a week of the previous release. + +This, to enable us to collect and bundle more fixes into the same release to +make the release more worthwhile for everyone and to allow more time for fixes +to settle and things to get tested. Getting a release in shape and done in +style is work that should not be rushed. diff --git a/deps/curl/docs/ECH.md b/deps/curl/docs/ECH.md new file mode 100644 index 00000000..9841f6e8 --- /dev/null +++ b/deps/curl/docs/ECH.md @@ -0,0 +1,478 @@ + + +# Building curl with HTTPS-RR and ECH support + +We have added support for ECH to curl. It can use HTTPS RRs published in the +DNS if curl uses DoH, or else can accept the relevant ECHConfigList values +from the command line. This works with OpenSSL, wolfSSL, BoringSSL or AWS-LC as +the TLS provider. + +This feature is EXPERIMENTAL. DO NOT USE IN PRODUCTION. + +This should however provide enough of a proof-of-concept to prompt an informed +discussion about a good path forward for ECH support in curl. + +## OpenSSL Build + +To build our ECH-enabled OpenSSL fork: + +```bash + cd $HOME/code + git clone https://github.com/defo-project/openssl + cd openssl + ./config --libdir=lib --prefix=$HOME/code/openssl-local-inst + ...stuff... + make -j8 + ...stuff (maybe go for coffee)... + make install_sw + ...a little bit of stuff... +``` + +To build curl ECH-enabled, making use of the above: + +```bash + cd $HOME/code + git clone https://github.com/curl/curl + cd curl + autoreconf -fi + LDFLAGS="-Wl,-rpath,$HOME/code/openssl-local-inst/lib/" ./configure --with-ssl=$HOME/code/openssl-local-inst --enable-ech + ...lots of output... + WARNING: ECH HTTPSRR enabled but marked EXPERIMENTAL... + make + ...lots more output... +``` + +If you do not get that WARNING at the end of the ``configure`` command, then +ECH is not enabled, so go back some steps and re-do whatever needs re-doing:-) +If you want to debug curl then you should add ``--enable-debug`` to the +``configure`` command. + +In a recent (2024-05-20) build on one machine, configure failed to find the +ECH-enabled SSL library, apparently due to the existence of +``$HOME/code/openssl-local-inst/lib/pkgconfig`` as a directory containing +various settings. Deleting that directory worked around the problem but may +not be the best solution. + +## Using ECH and DoH + +curl supports using DoH for A/AAAA lookups so it was relatively easy to add +retrieval of HTTPS RRs in that situation. To use ECH and DoH together: + +```bash + cd $HOME/code/curl + LD_LIBRARY_PATH=$HOME/code/openssl ./src/curl --ech true --doh-url https://one.one.one.one/dns-query https://defo.ie/ech-check.php + ... + SSL_ECH_STATUS: success good
+ ... +``` + +The output snippet above is within the HTML for the webpage, when things work. + +The above works for these test sites: + +```bash + https://defo.ie/ech-check.php + https://draft-13.esni.defo.ie:8413/stats + https://draft-13.esni.defo.ie:8414/stats + https://crypto.cloudflare.com/cdn-cgi/trace + https://tls-ech.dev +``` + +The list above has 4 different server technologies, implemented by 3 different +parties, and includes a case (the port 8414 server) where HelloRetryRequest +(HRR) is forced. + +We currently support the following new curl command line arguments/options: + +- ``--ech `` - the ``config`` value can be one of: + - ``false`` says to not attempt ECH + - ``true`` says to attempt ECH, if possible + - ``grease`` if attempting ECH is not possible, then send a GREASE ECH extension + - ``hard`` hard-fail the connection if ECH cannot be attempted + - ``ecl:`` a base64 encoded ECHConfigList, rather than one accessed from the DNS + - ``pn:`` override the ``public_name`` from an ECHConfigList + +Note that in the above "attempt ECH" means the client emitting a TLS +ClientHello with a "real" ECH extension, but that does not mean that the +relevant server can succeed in decrypting, as things can fail for other +reasons. + +## Supplying an ECHConfigList on the command line + +To supply the ECHConfigList on the command line, you might need a bit of +cut-and-paste, e.g.: + +```bash + dig +short https defo.ie + 1 . ipv4hint=213.108.108.101 ech=AED+DQA8PAAgACD8WhlS7VwEt5bf3lekhHvXrQBGDrZh03n/LsNtAodbUAAEAAEAAQANY292ZXIuZGVmby5pZQAA ipv6hint=2a00:c6c0:0:116:5::10 +``` + +Then paste the base64 encoded ECHConfigList onto the curl command line: + +```bash + LD_LIBRARY_PATH=$HOME/code/openssl ./src/curl --ech ecl:AED+DQA8PAAgACD8WhlS7VwEt5bf3lekhHvXrQBGDrZh03n/LsNtAodbUAAEAAEAAQANY292ZXIuZGVmby5pZQAA https://defo.ie/ech-check.php + ... + SSL_ECH_STATUS: success good
+ ... +``` + +The output snippet above is within the HTML for the webpage. + +If you paste in the wrong ECHConfigList (it changes hourly for ``defo.ie``) you +should get an error like this: + +```bash + LD_LIBRARY_PATH=$HOME/code/openssl ./src/curl -vvv --ech ecl:AED+DQA8yAAgACDRMQo+qYNsNRNj+vfuQfFIkrrUFmM4vogucxKj/4nzYgAEAAEAAQANY292ZXIuZGVmby5pZQAA https://defo.ie/ech-check.php + ... + * OpenSSL/3.3.0: error:0A00054B:SSL routines::ech required + ... +``` + +There is a reason to want this command line option - for use before publishing +an ECHConfigList in the DNS as per the Internet-draft [A well-known URI for +publishing ECHConfigList values](https://datatracker.ietf.org/doc/draft-ietf-tls-wkech/). + +If you do use a wrong ECHConfigList value, then the server might return a +good value, via the ``retry_configs`` mechanism. You can see that value in +the verbose output, e.g.: + +```bash + LD_LIBRARY_PATH=$HOME/code/openssl ./src/curl -vvv --ech ecl:AED+DQA8yAAgACDRMQo+qYNsNRNj+vfuQfFIkrrUFmM4vogucxKj/4nzYgAEAAEAAQANY292ZXIuZGVmby5pZQAA https://defo.ie/ech-check.php + ... +* ECH: retry_configs AQD+DQA8DAAgACBvYqJy+Hgk33wh/ZLBzKSPgwxeop7gvojQzfASq7zeZQAEAAEAAQANY292ZXIuZGVmby5pZQAA/g0APEMAIAAgXkT5r4cYs8z19q5rdittyIX8gfQ3ENW4wj1fVoiJZBoABAABAAEADWNvdmVyLmRlZm8uaWUAAP4NADw2ACAAINXSE9EdXzEQIJZA7vpwCIQsWqsFohZARXChgPsnfI1kAAQAAQABAA1jb3Zlci5kZWZvLmllAAD+DQA8cQAgACASeiD5F+UoSnVoHvA2l1EifUVMFtbVZ76xwDqmMPraHQAEAAEAAQANY292ZXIuZGVmby5pZQAA +* ECH: retry_configs for defo.ie from cover.defo.ie, 319 + ... +``` + +At that point, you could copy the base64 encoded value above and try again. +For now, this only works for the OpenSSL and BoringSSL/AWS-LC builds. + +## Default settings + +curl has various ways to configure default settings, e.g. in ``$HOME/.curlrc``, +so one can set the DoH URL and enable ECH that way: + +```bash + cat ~/.curlrc + doh-url=https://one.one.one.one/dns-query + silent + ech=true +``` + +Note that when you use the system's curl command (rather than our ECH-enabled +build), it is liable to warn that ``ech`` is an unknown option. If that is an +issue (e.g. if some script re-directs stdout and stderr somewhere) then adding +the ``silent`` line above seems to be a good enough fix. (Though of +course, yet another script could depend on non-silent behavior, so you may have +to figure out what you prefer yourself.) That seems to have changed with the +latest build, previously ``silent=TRUE`` was what I used in ``~/.curlrc`` but +now that seems to cause a problem, so that the following line(s) are ignored. + +If you want to always use our OpenSSL build you can set ``LD_LIBRARY_PATH`` +in the environment: + +```bash + export LD_LIBRARY_PATH=$HOME/code/openssl +``` + +When you do the above, there can be a mismatch between OpenSSL versions +for applications that check that. A ``git push`` for example fails so you +should unset ``LD_LIBRARY_PATH`` before doing that or use a different shell. + +```bash + git push + OpenSSL version mismatch. Built against 30000080, you have 30200000 + ... +``` + +With all that setup as above the command line gets simpler: + +```bash + ./src/curl https://defo.ie/ech-check.php + ... + SSL_ECH_STATUS: success good
+ ... +``` + +The ``--ech true`` option is opportunistic, so tries to do ECH but does not fail if +the client for example cannot find any ECHConfig values. The ``--ech hard`` +option hard-fails if there is no ECHConfig found in DNS, so for now, that is not +a good option to set as a default. Once ECH has really been attempted by +the client, if decryption on the server side fails, then curl fails. + +## Code changes for ECH support when using DoH + +Code changes are ``#ifdef`` protected via ``USE_ECH`` or ``USE_HTTPSRR``: + +- ``USE_HTTPSRR`` is used for HTTPS RR retrieval code that could be generically + used should non-ECH uses for HTTPS RRs be identified, e.g. use of ALPN values + or IP address hints. + +- ``USE_ECH`` protects ECH specific code. + +There are various obvious code blocks for handling the new command line +arguments which are not described here, but should be fairly clear. + +As shown in the ``configure`` usage above, there are ``configure.ac`` changes +that allow separately dis/enabling ``USE_HTTPSRR`` and ``USE_ECH``. If ``USE_ECH`` +is enabled, then ``USE_HTTPSRR`` is forced. In both cases ``CURL_DISABLE_DOH`` +must not be enabled. (There may be some configuration conflicts available for the +determined :-) + +The main functional change, as you would expect, is in ``lib/vtls/openssl.c`` +where an ECHConfig, if available from command line or DNS cache, is fed into +the OpenSSL library via the new APIs implemented in our OpenSSL fork for that +purpose. This code also implements the opportunistic (``--ech true``) or hard-fail +(``--ech hard``) logic. + +Other than that, the main additions are in ``lib/doh.c`` +where we reuse ``dohprobe()`` to retrieve an HTTPS RR value for the target +domain. If such a value is found, that is stored using a new ``doh_store_https()`` +function in a new field in the ``dohentry`` structure. + +The qname for the DoH query is modified if the port number is not 443, as +defined in the SVCB specification. + +When the DoH process has worked, ``Curl_doh_is_resolved()`` now also returns +the relevant HTTPS RR value data in the ``Curl_dns_entry`` structure. +That is later accessed when the TLS session is being established, if ECH is +enabled (from ``lib/vtls/openssl.c`` as described above). + +## Limitations + +Things that need fixing, but that can probably be ignored for the +moment: + +- We could easily add code to make use of an ``alpn=`` value found in an HTTPS + RR, passing that on to OpenSSL for use as the "inner" ALPN value, but have +yet to do that. + +Current limitations (more interesting than the above): + +- Only the first HTTPS RR value retrieved is actually processed as described + above, that could be extended in future, though picking the "right" HTTPS RR +could be non-trivial if multiple RRs are published - matching IP address hints +versus A/AAAA values might be a good basis for that. Last I checked though, +browsers supporting ECH did not handle multiple HTTPS RRs well, though that +needs re-checking as it has been a while. + +- It is unclear how one should handle any IP address hints found in an HTTPS RR. + It may be that a bit of consideration of how "multi-CDN" deployments might +emerge would provide good answers there, but for now, it is not clear how best +curl might handle those values when present in the DNS. + +- The SVCB/HTTPS RR specification supports a new "CNAME at apex" indirection + ("aliasMode") - the current code takes no account of that at all. One could +envisage implementing the equivalent of following CNAMEs in such cases, but +it is not clear if that'd be a good plan. (As of now, chrome browsers do not seem +to have any support for that "aliasMode" and we have not checked Firefox for that +recently.) + +- We have not investigated what related changes or additions might be needed + for applications using libcurl, as opposed to use of curl as a command line +tool. + +- We have not yet implemented tests as part of the usual curl test harness as +doing so would seem to require re-implementing an ECH-enabled server as part +of the curl test harness. For now, we have a ``./tests/ech_test.sh`` script +that attempts ECH with various test servers and with many combinations of the +allowed command line options. While that is a useful test and has find issues, +it is not comprehensive and we are not (as yet) sure what would be the right +level of coverage. When running that script you should not have a +``$HOME/.curlrc`` file that affects ECH or some of the negative tests could +produce spurious failures. + +## Building with cmake + +To build with cmake, assuming our ECH-enabled OpenSSL is as before: + +```bash + cd $HOME/code + git clone https://github.com/curl/curl + cd curl + mkdir build + cd build + cmake -DOPENSSL_ROOT_DIR=$HOME/code/openssl -DUSE_ECH=1 .. + ... + make + ... + [100%] Built target curl +``` + +The binary produced by the cmake build does not need any ECH-specific +``LD_LIBRARY_PATH`` setting. + +## BoringSSL build + +BoringSSL is also supported by curl and also supports ECH, so to build +with that, instead of our ECH-enabled OpenSSL: + +```bash + cd $HOME/code + git clone https://boringssl.googlesource.com/boringssl + cd boringssl + cmake -DCMAKE_INSTALL_PREFIX:PATH=$HOME/code/boringssl/inst -DBUILD_SHARED_LIBS=1 + make + ... + make install +``` + +Then: + +```bash + cd $HOME/code + git clone https://github.com/curl/curl + cd curl + autoreconf -fi + LDFLAGS="-Wl,-rpath,$HOME/code/boringssl/inst/lib" ./configure --with-ssl=$HOME/code/boringssl/inst --enable-ech + ...lots of output... + WARNING: ECH HTTPSRR enabled but marked EXPERIMENTAL. Use with caution. + make +``` + +The BoringSSL/AWS-LC APIs are fairly similar to those in our ECH-enabled +OpenSSL fork, so code changes are also in ``lib/vtls/openssl.c``, protected +via ``#ifdef OPENSSL_IS_BORINGSSL`` and are mostly obvious API variations. + +The BoringSSL/AWS-LC APIs however do not support the ``--ech pn:`` command +line variant as of now. + +## wolfSSL build + +wolfSSL also supports ECH and can be used by curl, so here's how: + +```bash + cd $HOME/code + git clone https://github.com/wolfSSL/wolfssl + cd wolfssl + ./autogen.sh + ./configure --prefix=$HOME/code/wolfssl/inst --enable-ech --enable-debug --enable-opensslextra + make + make install +``` + +The install prefix (``inst``) in the above causes wolfSSL to be installed there +and we seem to need that for the curl configure command to work out. The +``--enable-opensslextra`` turns out (after much faffing about;-) to be +important or else we get build problems with curl below. + +```bash + cd $HOME/code + git clone https://github.com/curl/curl + cd curl + autoreconf -fi + ./configure --with-wolfssl=$HOME/code/wolfssl/inst --enable-ech + make +``` + +There are some known issues with the ECH implementation in wolfSSL: + +- The main issue is that the client currently handles HelloRetryRequest + incorrectly. [HRR issue](https://github.com/wolfSSL/wolfssl/issues/6802).) + The HRR issue means that the client does not work for + [this ECH test web site](https://tls-ech.dev) and any other similarly configured + sites. +- There is also an issue related to so-called middlebox compatibility mode. + [middlebox compatibility issue](https://github.com/wolfSSL/wolfssl/issues/6774) + +### Code changes to support wolfSSL + +There are what seem like oddball differences: + +- The DoH URL in``$HOME/.curlrc`` can use `1.1.1.1` for OpenSSL but has to be + `one.one.one.one` for wolfSSL. The latter works for both, so OK, we us that. +- There seems to be some difference in CA databases too - the wolfSSL version + does not like ``defo.ie``, whereas the system and OpenSSL ones do. We can + ignore that for our purposes via ``--insecure``/``-k`` but would need to fix + for a real setup. (Browsers do like those certificates though.) + +Then there are some functional code changes: + +- tweak to ``configure.ac`` to check if wolfSSL has ECH or not +- added code to ``lib/vtls/wolfssl.c`` mirroring what's done in the + OpenSSL equivalent above. +- wolfSSL does not support ``--ech false`` or the ``--ech pn:`` command line + argument. + +The lack of support for ``--ech false`` is because wolfSSL has decided to +always at least GREASE if built to support ECH. In other words, GREASE is +a compile time choice for wolfSSL, but a runtime choice for OpenSSL or +BoringSSL/AWS-LC. (Both are reasonable.) + +## Additional notes + +### Supporting ECH without DoH + +All of the above only applies if DoH is being used. There should be a use-case +for ECH when DoH is not used by curl - if a system stub resolver supports DoT +or DoH, then, considering only ECH and the network threat model, it would make +sense for curl to support ECH without curl itself using DoH. The author for +example uses a combination of stubby+unbound as the system resolver listening +on localhost:53, so would fit this use-case. That said, it is unclear if +this is a niche that is worth trying to address. (The author is just as happy to +let curl use DoH to talk to the same public recursive that stubby might use:-) + +Assuming for the moment this is a use-case we would like to support, then if +DoH is not being used by curl, it is not clear at this time how to provide +support for ECH. One option would seem to be to extend the ``c-ares`` library +to support HTTPS RRs, but in that case it is not now clear whether such +changes would be attractive to the ``c-ares`` maintainers, nor whether the +"tag=value" extensibility inherent in the HTTPS/SVCB specification is a good +match for the ``c-ares`` approach of defining structures specific to decoded +answers for each supported RRtype. We are also not sure how many downstream +curl deployments actually make use of the ``c-ares`` library, which would +affect the utility of such changes. Another option might be to consider using +some other generic DNS library that does support HTTPS RRs, but it is unclear +if such a library could or would be used by all or almost all curl builds and +downstream releases of curl. + +Our current conclusion is that doing the above is likely best left until we +have some experience with the "using DoH" approach, so we are going to punt on +this for now. + +### Debugging + +Just a note to self as remembering this is a nuisance: + +```bash +LD_LIBRARY_PATH=$HOME/code/openssl:./lib/.libs gdb ./src/.libs/curl +``` + +### Localhost testing + +It can be useful to be able to run against a localhost OpenSSL ``s_server`` +for testing. We have published instructions for such +[localhost tests](https://github.com/defo-project/ech-dev-utils/blob/main/howtos/localhost-tests.md) +in another repository. Once you have that set up, you can start a server +and then run curl against that: + +```bash + cd $HOME/code/ech-dev-utils + ./scripts/echsvr.sh -d + ... +``` + +The ``echsvr.sh`` script supports many ECH-related options. Use ``echsvr.sh -h`` +for details. + +In another window: + +```bash + cd $HOME/code/curl/ + ./src/curl -vvv --insecure --connect-to foo.example.com:8443:localhost:8443 --ech ecl:AD7+DQA6uwAgACBix2B78sX+EQhEbxMspDOc8Z3xVS5aQpYP0Cxpc2AWPAAEAAEAAQALZXhhbXBsZS5jb20AAA== +``` + +### Automated use of ``retry_configs`` not supported so far... + +As of now we have not added support for using ``retry_config`` handling in the +application - for a command line tool, one can just use ``dig`` (or ``kdig``) +to get the HTTPS RR and pass the ECHConfigList from that on the command line, +if needed, or one can access the value from command line output in verbose more +and then reuse that in another invocation. + +Both our OpenSSL fork and BoringSSL/AWS-LC have APIs for both controlling GREASE +and accessing and logging ``retry_configs``, it seems wolfSSL has neither. diff --git a/deps/curl/docs/EXPERIMENTAL.md b/deps/curl/docs/EXPERIMENTAL.md new file mode 100644 index 00000000..43fc0fde --- /dev/null +++ b/deps/curl/docs/EXPERIMENTAL.md @@ -0,0 +1,90 @@ + + +# Experimental + +Some features and functionality in curl and libcurl are considered +**EXPERIMENTAL**. + +Experimental support in curl means: + +1. Experimental features are provided to allow users to try them out and + provide feedback on functionality and API etc before they ship and get + "carved in stone". +2. You must enable the feature when invoking configure as otherwise curl is + not built with the feature present. +3. We strongly advise against using this feature in production. +4. **We reserve the right to change behavior** of the feature without sticking + to our API/ABI rules as we do for regular features, as long as it is marked + experimental. +5. Experimental features are clearly marked so in documentation. Beware. + +## Graduation + +1. Each experimental feature should have a set of documented requirements of + what is needed for that feature to graduate. Graduation means being removed + from the list of experiments. +2. An experiment should NOT graduate if it needs test cases to be disabled, + unless they are for minor features that are clearly documented as not + provided by the experiment and then the disabling should be managed inside + each affected test case. + +## Experimental features right now + +### HTTP/3 support (non-ngtcp2 backends) + +Graduation requirements: + +- The used libraries should be considered out-of-beta with a reasonable + expectation of a stable API going forward. + +- Using HTTP/3 with the given build should perform without risking busy-loops + +### The Rustls backend + +Graduation requirements: + +- a reasonable expectation of a stable API going forward. + +## ECH + +Use of the HTTPS resource record and Encrypted Client Hello (ECH) when using +DoH + +Graduation requirements: + +- ECH support exists in at least one widely used TLS library apart from + BoringSSL and wolfSSL. + +- feedback from users saying that ECH works for their use cases + +- it has been given time to mature, so no earlier than April 2025 (twelve + months after being added here) + +## SSL session import/export + +Import/Export of SSL sessions tickets in libcurl and curl command line +option '--ssl-session ' for faster TLS handshakes and use +of TLSv1.3/QUIC Early Data (0-RTT). + +Graduation requirements: + +- the implementation is considered safe + +- feedback from users saying that session export works for their use cases + +## HTTPS RR + +HTTPS records support is a requirement for ECH but is provided as a +stand-alone feature that is itself considered EXPERIMENTAL. + +Graduation requirements: + +- HTTPS records work for DoH, c-ares and the threaded resolver + +- HTTPS records can control ALPN and port number, at least + +- There are options to control HTTPS use diff --git a/deps/curl/docs/FEATURES.md b/deps/curl/docs/FEATURES.md new file mode 100644 index 00000000..f3661549 --- /dev/null +++ b/deps/curl/docs/FEATURES.md @@ -0,0 +1,249 @@ + + +# Features -- what curl can do + +## curl tool + + - config file support + - multiple URLs in a single command line + - range "globbing" support: [0-13], {one,two,three} + - multiple file upload on a single command line + - redirect stderr + - parallel transfers + +## libcurl + + - URL RFC 3986 syntax + - custom maximum download time + - custom lowest download speed acceptable + - custom output result after completion + - guesses protocol from hostname unless specified + - supports .netrc + - progress bar with time statistics while downloading + - standard proxy environment variables support + - have run on 101 operating systems and 28 CPU architectures + - selectable network interface for outgoing traffic + - IPv6 support on Unix and Windows + - happy eyeballs dual-stack IPv4 + IPv6 connects + - persistent connections + - SOCKS 4 + 5 support, with or without local name resolving + - *pre-proxy* support, for *proxy chaining* + - supports username and password in proxy environment variables + - operations through HTTP proxy "tunnel" (using CONNECT) + - replaceable memory functions (malloc, free, realloc, etc) + - asynchronous name resolving + - both a push and a pull style interface + - international domain names (IDN) + - transfer rate limiting + - stable API and ABI + - TCP keep alive + - TCP Fast Open + - DNS cache (that can be shared between transfers) + - non-blocking single-threaded parallel transfers + - Unix domain sockets to server or proxy + - DNS-over-HTTPS + - uses non-blocking name resolves + - selectable name resolver backend + +## URL API + + - parses RFC 3986 URLs + - generates URLs from individual components + - manages "redirects" + +## Header API + + - easy access to HTTP response headers, from all contexts + - named headers + - iterate over headers + +## TLS + + - selectable TLS backend(s) + - TLS False Start + - TLS version control + - TLS session resumption + - key pinning + - mutual authentication + - Use dedicated CA cert bundle + - Use OS-provided CA store + - separate TLS options for HTTPS proxy + +## HTTP + + - HTTP/0.9 responses are optionally accepted + - HTTP/1.0 + - HTTP/1.1 + - HTTP/2, including multiplexing and server push + - GET + - PUT + - HEAD + - POST + - multipart formpost (RFC 1867-style) + - authentication: Basic, Digest, NTLM (9) and Negotiate (SPNEGO) + to server and proxy + - resume transfers + - follow redirects + - maximum amount of redirects to follow + - custom HTTP request + - cookie get/send fully parsed + - reads/writes the Netscape cookie file format + - custom headers (replace/remove internally generated headers) + - custom user-agent string + - custom referrer string + - range + - proxy authentication + - time conditions + - via HTTP proxy, HTTPS proxy or SOCKS proxy + - HTTP/2 or HTTP/1.1 to HTTPS proxy + - retrieve file modification date + - Content-Encoding support for deflate, gzip, brotli and zstd + - "Transfer-Encoding: chunked" support in uploads + - HSTS + - alt-svc + - ETags + - HTTP/1.1 trailers, both sending and getting + +## HTTPS + + - HTTP/3 + - using client certificates + - verify server certificate + - via HTTP proxy, HTTPS proxy or SOCKS proxy + - select desired encryption + - select usage of a specific TLS version + - ECH + +## FTP + + - download + - authentication + - Kerberos 5 + - active/passive using PORT, EPRT, PASV or EPSV + - single file size information (compare to HTTP HEAD) + - 'type=' URL support + - directory listing + - directory listing names-only + - upload + - upload append + - upload via http-proxy as HTTP PUT + - download resume + - upload resume + - custom ftp commands (before and/or after the transfer) + - simple "range" support + - via HTTP proxy, HTTPS proxy or SOCKS proxy + - all operations can be tunneled through proxy + - customizable to retrieve file modification date + - no directory depth limit + +## FTPS + + - implicit `ftps://` support that use SSL on both connections + - explicit "AUTH TLS" and "AUTH SSL" usage to "upgrade" plain `ftp://` + connection to use SSL for both or one of the connections + +## SSH (both SCP and SFTP) + + - selectable SSH backend + - known hosts support + - public key fingerprinting + - both password and public key auth + +## SFTP + + - both password and public key auth + - with custom commands sent before/after the transfer + - directory listing + +## TFTP + + - download + - upload + +## TELNET + + - connection negotiation + - custom telnet options + - stdin/stdout I/O + +## LDAP + + - full LDAP URL support + +## DICT + + - extended DICT URL support + +## FILE + + - URL support + - upload + - resume + +## SMB + + - SMBv1 over TCP and SSL + - download + - upload + - authentication with NTLMv1 + +## SMTP + + - authentication: Plain, Login, CRAM-MD5, Digest-MD5, NTLM, Kerberos 5 and + External + - send emails + - mail from support + - mail size support + - mail auth support for trusted server-to-server relaying + - multiple recipients + - via http-proxy + +## SMTPS + + - implicit `smtps://` support + - explicit "STARTTLS" usage to "upgrade" plain `smtp://` connections to use SSL + - via http-proxy + +## POP3 + + - authentication: Clear Text, APOP and SASL + - SASL based authentication: Plain, Login, CRAM-MD5, Digest-MD5, NTLM, + Kerberos 5 and External + - list emails + - retrieve emails + - enhanced command support for: CAPA, DELE, TOP, STAT, UIDL and NOOP via + custom requests + - via http-proxy + +## POP3S + + - implicit `pop3s://` support + - explicit `STLS` usage to "upgrade" plain `pop3://` connections to use SSL + - via http-proxy + +## IMAP + + - authentication: Clear Text and SASL + - SASL based authentication: Plain, Login, CRAM-MD5, Digest-MD5, NTLM, + Kerberos 5 and External + - list the folders of a mailbox + - select a mailbox with support for verifying the `UIDVALIDITY` + - fetch emails with support for specifying the UID and SECTION + - upload emails via the append command + - enhanced command support for: EXAMINE, CREATE, DELETE, RENAME, STATUS, + STORE, COPY and UID via custom requests + - via http-proxy + +## IMAPS + + - implicit `imaps://` support + - explicit "STARTTLS" usage to "upgrade" plain `imap://` connections to use SSL + - via http-proxy + +## MQTT + + - Subscribe to and publish topics using URL scheme `mqtt://broker/topic` diff --git a/deps/curl/docs/GOVERNANCE.md b/deps/curl/docs/GOVERNANCE.md new file mode 100644 index 00000000..4ab52a9a --- /dev/null +++ b/deps/curl/docs/GOVERNANCE.md @@ -0,0 +1,202 @@ + + +# Decision making in the curl project + +A rough guide to how we make decisions and who does what. + +## BDFL + +This project was started by and has to some extent been pushed forward over +the years with Daniel Stenberg as the driving force. It matches a standard +BDFL (Benevolent Dictator For Life) style project. + +This setup has been used due to convenience and the fact that it has worked +fine this far. It is not because someone thinks of it as a superior project +leadership model. It also only works as long as Daniel manages to listen in to +what the project and the general user population wants and expects from us. + +## Legal entity + +There is no legal entity. The curl project is just a bunch of people scattered +around the globe with the common goal to produce source code that creates +great products. We are not part of any umbrella organization and we are not +located in any specific country. We are totally independent. + +The copyrights in the project are owned by the individuals and organizations +that wrote those parts of the code. + +## Decisions + +The curl project is not a democracy, but everyone is entitled to state their +opinion and may argue for their sake within the community. + +All and any changes that have been done or are done are eligible to bring up +for discussion, to object to or to praise. Ideally, we find consensus for the +appropriate way forward in any given situation or challenge. + +If there is no obvious consensus, a maintainer who's knowledgeable in the +specific area takes an "executive" decision that they think is the right for +the project. + +## Donations + +Donating plain money to curl is best done to curl's [Open Collective +fund](https://opencollective.com/curl). Open Collective is a US based +non-profit organization that holds on to funds for us. This fund is then used +for paying the curl security bug bounties, to reimburse project related +expenses etc. + +Donations to the project can also come in the form of server hosting, providing +services and paying for people to work on curl related code etc. Usually, such +donations are services paid for directly by the sponsors. + +We grade sponsors in a few different levels and if they meet the criteria, +they can be mentioned on the Sponsors page on the curl website. + +## Commercial Support + +The curl project does not do or offer commercial support. It only hosts +mailing lists, runs bug trackers etc to facilitate communication and work. + +However, Daniel works for wolfSSL and we offer commercial curl support there. + +# Key roles + +## User + +Someone who uses or has used curl or libcurl. + +## Contributor + +Someone who has helped the curl project, who has contributed to bring it +forward. Contributing could be to provide advice, debug a problem, file a bug +report, run test infrastructure or writing code etc. + +## Commit author + +Sometimes also called 'committer'. Someone who has authored a commit in the +curl source code repository. Committers are recorded as `Author` in git. + +## Maintainers + +A maintainer in the curl project is an individual who has been given +permissions to push commits to one of the git repositories. + +Maintainers are free to push commits to the repositories at they see fit. +Maintainers are however expected to listen to feedback from users and any +change that is non-trivial in size or nature *should* be brought to the +project as a Pull-Request (PR) to allow others to comment/object before merge. + +## Former maintainers + +A maintainer who stops being active in the project gets their push permissions +removed at some point. We do this for security reasons but also to make sure +that we always have the list of maintainers as "the team that push stuff to +curl". + +Getting push permissions removed is not a punishment. Everyone who ever worked +on maintaining curl is considered a hero, for all time hereafter. + +## Security team members + +We have a security team. That is the team of people who are subscribed to the +curl-security mailing list; the receivers of security reports from users and +developers. This list of people varies over time but they are all skilled +developers familiar with the curl project. + +The security team works best when it consists of a small set of active +persons. We invite new members when the team seems to need it, and we also +expect to retire security team members as they "drift off" from the project or +just find themselves unable to perform their duties there. + +## Core team + +There is a curl core team. It currently has the same set of members as the +security team. It can also be reached on the security email address. + +The core team nominates and invites new members to the team when it sees fit. +There is no open member voting or formal ways to be a candidate. Active +participants in the curl project who want to join the core team can ask to +join. + +The core team is a board of advisors. It deals with project management +subjects that need confidentiality or for other reasons cannot be dealt with +and discussed in the open (for example reports of code of conduct violations). +Project matters should always as far as possible be discussed on open mailing +lists. + +## Server admins + +We run a web server, a mailing list and more on the curl project's primary +server. That physical machine is owned and run by Haxx. Daniel is the primary +admin of all things curl related server stuff, but Björn Stenberg and Linus +Feltzing serve as backup admins for when Daniel is gone or unable. + +The primary server is paid for by Haxx. The machine is physically located in a +server bunker in Stockholm Sweden, operated by the company Glesys. + +The website contents are served to the web via Fastly and Daniel is the +primary curl contact with Fastly. + +## BDFL + +That is Daniel. + +# Maintainers + +A curl maintainer is a project volunteer who has the authority and rights to +merge changes into a git repository in the curl project. + +Anyone can aspire to become a curl maintainer. + +### Duties + +There are no mandatory duties. We hope and wish that maintainers consider +reviewing patches and help merging them, especially when the changes are +within the area of personal expertise and experience. + +### Requirements + +- only merge code that meets our quality and style guide requirements. +- *never* merge code without doing a PR first, unless the change is "trivial" +- if in doubt, ask for input/feedback from others + +### Recommendations + +- we require two-factor authentication enabled on your GitHub account to + reduce risk of malicious source code tampering +- consider enabling signed git commits for additional verification of changes + +### Merge advice + +When you are merging patches/pull requests... + +- make sure the commit messages follow our template +- squash patch sets into a few logical commits even if the PR did not, if + necessary +- avoid the "merge" button on GitHub, do it "manually" instead to get full + control and full audit trail (GitHub leaves out you as "Committer:") +- remember to credit the reporter and the helpers. + +## Who are maintainers? + +The [list of maintainers](https://github.com/orgs/curl/people). Be aware that +the level of presence and activity in the project vary greatly between +different individuals and over time. + +### Become a maintainer? + +If you think you can help making the project better by shouldering some +maintaining responsibilities, then please get in touch. + +You are expected to be familiar with the curl project and its ways of working. +You need to have gotten a few quality patches merged as a proof of this. + +### Stop being a maintainer + +If you (appear to) not be active in the project anymore, you may be removed as +a maintainer. Thank you for your service. diff --git a/deps/curl/docs/HELP-US.md b/deps/curl/docs/HELP-US.md new file mode 100644 index 00000000..0619aec5 --- /dev/null +++ b/deps/curl/docs/HELP-US.md @@ -0,0 +1,94 @@ + + +# How to get started helping out in the curl project + +We are always in need of more help. If you are new to the project and are +looking for ways to contribute and help out, this document aims to give a few +good starting points. + +You may subscribe to the [curl-library mailing +list](https://lists.haxx.se/listinfo/curl-library) to keep track of the +current discussion topics; or if you are registered on GitHub, you can use the +[Discussions section](https://github.com/curl/curl/discussions) on the main +curl repository. + +## Scratch your own itch + +One of the best ways is to start working on any problems or issues you have +found yourself or perhaps got annoyed at in the past. It can be a spelling +error in an error text or a weirdly phrased section in a man page. Hunt it +down and report the bug. Or make your first pull request with a fix for that. + +## Smaller tasks + +Some projects mark small issues as "beginner friendly", "bite-sized" or +similar. We do not do that in curl since such issues never linger around long +enough. Simple issues get handled fast. + +If you are looking for a smaller or simpler task in the project to help out +with as an entry-point into the project, perhaps because you are a newcomer or +even maybe not a terribly experienced developer, here's our advice: + + - Read through this document to get a grasp on a general approach to use + - Consider adding a test case for something not currently tested (correctly) + - Consider updating or adding documentation + - One way to get started gently in the project, is to participate in an + existing issue/PR and help out by reproducing the issue, review the code in + the PR etc. + +## Help wanted + +In the issue tracker we occasionally mark bugs with [help +wanted](https://github.com/curl/curl/labels/help%20wanted), as a sign that the +bug is acknowledged to exist and that there is nobody known to work on this +issue for the moment. Those are bugs that are fine to "grab" and provide a +pull request for. The complexity level of these of course varies, so pick one +that piques your interest. + +## Work on known bugs + +Some bugs are known and have not yet received attention and work enough to get +fixed. We collect such known existing flaws in the +[KNOWN_BUGS](https://curl.se/docs/knownbugs.html) page. Many of them link +to the original bug report with some additional details, but some may also +have aged a bit and may require some verification that the bug still exists in +the same way and that what was said about it in the past is still valid. + +## Fix autobuild problems + +On the [autobuilds page](https://curl.se/dev/builds.html) we show a +collection of test results from the automatic curl build and tests that are +performed by volunteers. Fixing compiler warnings and errors shown there is +something we value greatly. Also, if you own or run systems or architectures +that are not already tested in the autobuilds, we also appreciate more +volunteers running builds automatically to help us keep curl portable. + +## TODO items + +Ideas for features and functions that we have considered worthwhile to +implement and provide are kept in the +[TODO](https://curl.se/docs/todo.html) file. Some of the ideas are +rough. Some are well thought out. Some probably are not really suitable +anymore. + +Before you invest a lot of time on a TODO item, do bring it up for discussion +on the mailing list. For discussion on applicability but also for ideas and +brainstorming on specific ways to do the implementation etc. + +## You decide + +You can also come up with a completely new thing you think we should do. Or +not do. Or fix. Or add to the project. You then either bring it to the mailing +list first to see if people shoot down the idea at once, or you bring a first +draft of the idea as a pull request and take the discussion there around the +specific implementation. Either way is fine. + +## CONTRIBUTE + +We offer [guidelines](https://curl.se/dev/contribute.html) that are suitable +to be familiar with before you decide to contribute to curl. If you are used +to open source development, you probably do not find many surprises there. diff --git a/deps/curl/docs/HISTORY.md b/deps/curl/docs/HISTORY.md new file mode 100644 index 00000000..21df56f8 --- /dev/null +++ b/deps/curl/docs/HISTORY.md @@ -0,0 +1,486 @@ + + +How curl Became Like This +========================= + +Towards the end of 1996, Daniel Stenberg was spending time writing an IRC bot +for an Amiga related channel on EFnet. He then came up with the idea to make +currency-exchange calculations available to Internet Relay Chat (IRC) +users. All the necessary data were published on the Web; he just needed to +automate their retrieval. + +1996 +---- + +On November 11, 1996 the Brazilian developer Rafael Sagula wrote and released +HttpGet version 0.1. + +Daniel extended this existing command-line open-source tool. After a few minor +adjustments, it did just what he needed. The first release with Daniel's +additions was 0.2, released on December 17, 1996. Daniel quickly became the +new maintainer of the project. + +1997 +---- + +HttpGet 0.3 was released in January 1997 and now it accepted HTTP URLs on the +command line. + +HttpGet 1.0 was released on April 8 1997 with brand new HTTP proxy support. + +We soon found and fixed support for getting currencies over GOPHER. Once FTP +download support was added, the name of the project was changed and urlget 2.0 +was released in August 1997. The http-only days were already passed. + +Version 2.2 was released on August 14 1997 and introduced support to build for +and run on Windows and Solaris. + +November 24 1997: Version 3.1 added FTP upload support. + +Version 3.5 added support for HTTP POST. + +1998 +---- + +February 4: urlget 3.10 + +February 9: urlget 3.11 + +March 14: urlget 3.12 added proxy authentication. + +The project slowly grew bigger. With upload capabilities, the name was once +again misleading and a second name change was made. On March 20, 1998 curl 4 +was released. (The version numbering from the previous names was kept.) + +(Unrelated to this project a company called Curl Corporation registered a US +trademark on the name "CURL" on May 18 1998. That company had then already +registered the curl.com domain back in November of the previous year. All this +was revealed to us much later.) + +SSL support was added, powered by the SSLeay library. + +August: first announcement of curl on freshmeat.net. + +October: with the curl 4.9 release and the introduction of cookie support, +curl was no longer released under the GPL license. Now we are at 4000 lines of +code, we switched over to the MPL license to restrict the effects of +"copyleft". + +November: configure script and reported successful compiles on several +major operating systems. The never-quite-understood -F option was added and +curl could now simulate quite a lot of a browser. TELNET support was added. + +curl 5 was released in December 1998 and introduced the first ever curl man +page. People started making Linux RPM packages out of it. + +1999 +---- + +January: DICT support added. + +OpenSSL took over and SSLeay was abandoned. + +May: first Debian package. + +August: LDAP:// and FILE:// support added. The curl website gets 1300 visits +weekly. Moved site to curl.haxx.nu. + +September: Released curl 6.0. 15000 lines of code. + +December 28: added the project on Sourceforge and started using its services +for managing the project. + +2000 +---- + +Spring: major internal overhaul to provide a suitable library interface. +The first non-beta release was named 7.1 and arrived in August. This offered +the easy interface and turned out to be the beginning of actually getting +other software and programs to be based on and powered by libcurl. Almost +20000 lines of code. + +June: the curl site moves to "curl.haxx.se" + +August, the curl website gets 4000 visits weekly. + +The PHP guys adopted libcurl already the same month, when the first ever third +party libcurl binding showed up. CURL has been a supported module in PHP since +the release of PHP 4.0.2. This would soon get followers. More than 16 +different bindings exist at the time of this writing. + +September: kerberos4 support was added. + +November: started the work on a test suite for curl. It was later re-written +from scratch again. The libcurl major SONAME number was set to 1. + +2001 +---- + +January: Daniel released curl 7.5.2 under a new license again: MIT (or +MPL). The MIT license is extremely liberal and can be combined with GPL +in other projects. This would finally put an end to the "complaints" from +people involved in GPLed projects that previously were prohibited from using +libcurl while it was released under MPL only. (Due to the fact that MPL is +deemed "GPL incompatible".) + +March 22: curl supports HTTP 1.1 starting with the release of 7.7. This +also introduced libcurl's ability to do persistent connections. 24000 lines of +code. The libcurl major SONAME number was bumped to 2 due to this overhaul. +The first experimental ftps:// support was added. + +August: The curl website gets 8000 visits weekly. Curl Corporation contacted +Daniel to discuss "the name issue". After Daniel's reply, they have never +since got back in touch again. + +September: libcurl 7.9 introduces cookie jar and `curl_formadd()`. During the +forthcoming 7.9.x releases, we introduced the multi interface slowly and +without many whistles. + +September 25: curl (7.7.2) is bundled in Mac OS X (10.1) for the first time. It was +already becoming more and more of a standard utility of Linux distributions +and a regular in the BSD ports collections. + +2002 +---- + +June: the curl website gets 13000 visits weekly. curl and libcurl is +35000 lines of code. Reported successful compiles on more than 40 combinations +of CPUs and operating systems. + +To estimate the number of users of the curl tool or libcurl library is next to +impossible. Around 5000 downloaded packages each week from the main site gives +a hint, but the packages are mirrored extensively, bundled with numerous OS +distributions and otherwise retrieved as part of other software. + +October 1: with the release of curl 7.10 it is released under the MIT license +only. + +Starting with 7.10, curl verifies SSL server certificates by default. + +2003 +---- + +January: Started working on the distributed curl tests. The autobuilds. + +February: the curl site averages at 20000 visits weekly. At any given moment, +there is an average of 3 people browsing the website. + +Multiple new authentication schemes are supported: Digest (May), NTLM (June) +and Negotiate (June). + +November: curl 7.10.8 is released. 45000 lines of code. ~55000 unique visitors +to the website. Five official web mirrors. + +December: full-fledged SSL for FTP is supported. + +2004 +---- + +January: curl 7.11.0 introduced large file support. + +June: curl 7.12.0 introduced IDN support. 10 official web mirrors. + +This release bumped the major SONAME to 3 due to the removal of the +`curl_formparse()` function + +August: curl and libcurl 7.12.1 + + Public curl release number: 82 + Releases counted from the beginning: 109 + Available command line options: 96 + Available curl_easy_setopt() options: 120 + Number of public functions in libcurl: 36 + Amount of public website mirrors: 12 + Number of known libcurl bindings: 26 + +2005 +---- + +April: GnuTLS can now optionally be used for the secure layer when curl is +built. + +April: Added the multi_socket() API + +September: TFTP support was added. + +More than 100,000 unique visitors of the curl website. 25 mirrors. + +December: security vulnerability: libcurl URL Buffer Overflow + +2006 +---- + +January: We dropped support for Gopher. We found bugs in the implementation +that turned out to have been introduced years ago, so with the conclusion that +nobody had found out in all this time we removed it instead of fixing it. + +March: security vulnerability: libcurl TFTP Packet Buffer Overflow + +September: The major SONAME number for libcurl was bumped to 4 due to the +removal of ftp third party transfer support. + +November: Added SCP and SFTP support + +2007 +---- + +February: Added support for the Mozilla NSS library to do the SSL/TLS stuff + +July: security vulnerability: libcurl GnuTLS insufficient cert verification + +2008 +---- + +November: + + Command line options: 128 + curl_easy_setopt() options: 158 + Public functions in libcurl: 58 + Known libcurl bindings: 37 + Contributors: 683 + + 145,000 unique visitors. >100 GB downloaded. + +2009 +---- + +March: security vulnerability: libcurl Arbitrary File Access + +April: added CMake support + +August: security vulnerability: libcurl embedded zero in cert name + +December: Added support for IMAP, POP3 and SMTP + +2010 +---- + +January: Added support for RTSP + +February: security vulnerability: libcurl data callback excessive length + +March: The project switched over to use git (hosted by GitHub) instead of CVS +for source code control + +May: Added support for RTMP + +Added support for PolarSSL to do the SSL/TLS stuff + +August: + + Public curl releases: 117 + Command line options: 138 + curl_easy_setopt() options: 180 + Public functions in libcurl: 58 + Known libcurl bindings: 39 + Contributors: 808 + + Gopher support added (re-added actually, see January 2006) + +2011 +---- + +February: added support for the axTLS backend + +April: added the cyassl backend (later renamed to wolfSSL) + +2012 +---- + + July: Added support for Schannel (native Windows TLS backend) and Darwin SSL + (Native Mac OS X and iOS TLS backend). + + Supports Metalink + + October: SSH-agent support. + +2013 +---- + + February: Cleaned up internals to always uses the "multi" non-blocking + approach internally and only expose the blocking API with a wrapper. + + September: First small steps on supporting HTTP/2 with nghttp2. + + October: Removed krb4 support. + + December: Happy eyeballs. + +2014 +---- + + March: first real release supporting HTTP/2 + + September: Website had 245,000 unique visitors and served 236GB data + + SMB and SMBS support + +2015 +---- + + June: support for multiplexing with HTTP/2 + + August: support for HTTP/2 server push + + December: Public Suffix List + +2016 +---- + + January: the curl tool defaults to HTTP/2 for HTTPS URLs + + December: curl 7.52.0 introduced support for HTTPS-proxy + + First TLS 1.3 support + +2017 +---- + + July: OSS-Fuzz started fuzzing libcurl + + September: Added MultiSSL support + + The website serves 3100 GB/month + + Public curl releases: 169 + Command line options: 211 + curl_easy_setopt() options: 249 + Public functions in libcurl: 74 + Contributors: 1609 + + October: SSLKEYLOGFILE support, new MIME API + + October: Daniel received the Polhem Prize for his work on curl + + November: brotli + +2018 +---- + + January: new SSH backend powered by libssh + + March: starting with the 1803 release of Windows 10, curl is shipped bundled + with Microsoft's operating system. + + July: curl shows headers using bold type face + + October: added DNS-over-HTTPS (DoH) and the URL API + + MesaLink is a new supported TLS backend + + libcurl now does HTTP/2 (and multiplexing) by default on HTTPS URLs + + curl and libcurl are installed in an estimated 5 *billion* instances + world-wide. + + October 31: curl and libcurl 7.62.0 + + Public curl releases: 177 + Command line options: 219 + curl_easy_setopt() options: 261 + Public functions in libcurl: 80 + Contributors: 1808 + + December: removed axTLS support + +2019 +---- + + March: added experimental alt-svc support + + August: the first HTTP/3 requests with curl. + + September: 7.66.0 is released and the tool offers parallel downloads + +2020 +---- + + curl and libcurl are installed in an estimated 10 *billion* instances + world-wide. + + January: added BearSSL support + + March: removed support for PolarSSL, added wolfSSH support + + April: experimental MQTT support + + August: zstd support + + November: the website moves to curl.se. The website serves 10TB data monthly. + + December: alt-svc support + +2021 +---- + + February 3: curl 7.75.0 ships with support for Hyper as an HTTP backend + + March 31: curl 7.76.0 ships with support for Rustls + + July: HSTS is supported + +2022 +---- + +March: added --json, removed mesalink support + + Public curl releases: 206 + Command line options: 245 + curl_easy_setopt() options: 295 + Public functions in libcurl: 86 + Contributors: 2601 + + The curl.se website serves 16,500 GB/month over 462M requests, the + official docker image has been pulled 4,098,015,431 times. + +October: initial WebSocket support + +2023 +---- + +March: remove support for curl_off_t < 8 bytes + +March 31: we started working on a new command line tool for URL parsing and +manipulations: trurl. + +May: added support for HTTP/2 over HTTPS proxy. Refuse to resolve .onion. + +August: Dropped support for the NSS library + +September: added "variable" support in the command line tool. Dropped support +for the gskit TLS library. + +October: added support for IPFS via HTTP gateway + +December: HTTP/3 support with ngtcp2 is no longer experimental + +2024 +---- + +January: switched to "curldown" for all documentation + +April 24: the curl container has been pulled more than six billion times + +May: experimental support for ECH, dropped NTLM_WB + +August 9: we adopted the wcurl tool into the curl organization + +September 11: --help [option] + +November 6: TLS 1.3 early data, WebSocket is official + +December 21: dropped hyper + +2025 +---- + +February 5: first 0RTT for QUIC, ssl session import/export + +February: experimental HTTPS RR support + +February 22: The website served 62.95 TB/month; 12.43 billion requests + The docker image has been pulled 6373501745 times. diff --git a/deps/curl/docs/HSTS.md b/deps/curl/docs/HSTS.md new file mode 100644 index 00000000..85140ab3 --- /dev/null +++ b/deps/curl/docs/HSTS.md @@ -0,0 +1,48 @@ + + +# HSTS support + +HTTP Strict-Transport-Security. Added as experimental in curl +7.74.0. Supported "for real" since 7.77.0. + +## Standard + +[HTTP Strict Transport Security](https://datatracker.ietf.org/doc/html/rfc6797) + +## Behavior + +libcurl features an in-memory cache for HSTS hosts, so that subsequent +HTTP-only requests to a hostname present in the cache gets internally +"redirected" to the HTTPS version. + +## `curl_easy_setopt()` options: + + - `CURLOPT_HSTS_CTRL` - enable HSTS for this easy handle + - `CURLOPT_HSTS` - specify filename where to store the HSTS cache on close + (and possibly read from at startup) + +## curl command line options + + - `--hsts [filename]` - enable HSTS, use the file as HSTS cache. If filename + is `""` (no length) then no file is used, only in-memory cache. + +## HSTS cache file format + +Lines starting with `#` are ignored. + +For each hsts entry: + + [host name] "YYYYMMDD HH:MM:SS" + +The `[host name]` is dot-prefixed if it includes subdomains. + +The time stamp is when the entry expires. + +## Possible future additions + + - `CURLOPT_HSTS_PRELOAD` - provide a set of HSTS hostnames to load first + - ability to save to something else than a file diff --git a/deps/curl/docs/HTTP-COOKIES.md b/deps/curl/docs/HTTP-COOKIES.md new file mode 100644 index 00000000..62905dbc --- /dev/null +++ b/deps/curl/docs/HTTP-COOKIES.md @@ -0,0 +1,171 @@ + + +# HTTP Cookies + +## Cookie overview + + Cookies are `name=contents` pairs that an HTTP server tells the client to + hold and then the client sends back those to the server on subsequent + requests to the same domains and paths for which the cookies were set. + + Cookies are either "session cookies" which typically are forgotten when the + session is over which is often translated to equal when browser quits, or + the cookies are not session cookies they have expiration dates after which + the client throws them away. + + Cookies are set to the client with the Set-Cookie: header and are sent to + servers with the Cookie: header. + + For a long time, the only spec explaining how to use cookies was the + original [Netscape spec from 1994](https://curl.se/rfc/cookie_spec.html). + + In 2011, [RFC 6265](https://www.ietf.org/rfc/rfc6265.txt) was finally + published and details how cookies work within HTTP. In 2016, an update which + added support for prefixes was + [proposed](https://datatracker.ietf.org/doc/html/draft-ietf-httpbis-cookie-prefixes-00), + and in 2017, another update was + [drafted](https://datatracker.ietf.org/doc/html/draft-ietf-httpbis-cookie-alone-01) + to deprecate modification of 'secure' cookies from non-secure origins. Both + of these drafts have been incorporated into a proposal to + [replace](https://datatracker.ietf.org/doc/html/draft-ietf-httpbis-rfc6265bis-11) + RFC 6265. Cookie prefixes and secure cookie modification protection has been + implemented by curl. + + curl considers `http://localhost` to be a *secure context*, meaning that it + allows and uses cookies marked with the `secure` keyword even when done over + plain HTTP for this host. curl does this to match how popular browsers work + with secure cookies. + +## Super cookies + + A single cookie can be set for a domain that matches multiple hosts. Like if + set for `example.com` it gets sent to both `aa.example.com` as well as + `bb.example.com`. + + A challenge with this concept is that there are certain domains for which + cookies should not be allowed at all, because they are *Public + Suffixes*. Similarly, a client never accepts cookies set directly for the + top-level domain like for example `.com`. Cookies set for *too broad* + domains are generally referred to as *super cookies*. + + If curl is built with PSL (**Public Suffix List**) support, it detects and + discards cookies that are specified for such suffix domains that should not + be allowed to have cookies. + + if curl is *not* built with PSL support, it has no ability to stop super + cookies. + +## Cookies saved to disk + + Netscape once created a file format for storing cookies on disk so that they + would survive browser restarts. curl adopted that file format to allow + sharing the cookies with browsers, only to see browsers move away from that + format. Modern browsers no longer use it, while curl still does. + + The Netscape cookie file format stores one cookie per physical line in the + file with a bunch of associated meta data, each field separated with + TAB. That file is called the cookie jar in curl terminology. + + When libcurl saves a cookie jar, it creates a file header of its own in + which there is a URL mention that links to the web version of this document. + +## Cookie file format + + The cookie file format is text based and stores one cookie per line. Lines + that start with `#` are treated as comments. An exception is lines that + start with `#HttpOnly_`, which is a prefix for cookies that have the + `HttpOnly` attribute set. + + Each line that specifies a single cookie consists of seven text fields + separated with TAB characters. A valid line must end with a newline + character. + +### Fields in the file + + Field number, what type and example data and the meaning of it: + + 0. string `example.com` - the domain name + 1. boolean `FALSE` - include subdomains + 2. string `/foobar/` - path + 3. boolean `TRUE` - send/receive over HTTPS only + 4. number `1462299217` - expires at - seconds since Jan 1st 1970, or 0 + 5. string `person` - name of the cookie + 6. string `daniel` - value of the cookie + +## Cookies with curl the command line tool + + curl has a full cookie "engine" built in. If you just activate it, you can + have curl receive and send cookies exactly as mandated in the specs. + + Command line options: + + [`-b, --cookie`](https://curl.se/docs/manpage.html#-b) + + tell curl a file to read cookies from and start the cookie engine, or if it + is not a file it passes on the given string. `-b name=var` works and so does + `-b cookiefile`. + + [`-j, --junk-session-cookies`](https://curl.se/docs/manpage.html#-j) + + when used in combination with -b, it skips all "session cookies" on load so + as to appear to start a new cookie session. + + [`-c, --cookie-jar`](https://curl.se/docs/manpage.html#-c) + + tell curl to start the cookie engine and write cookies to the given file + after the request(s) + +## Cookies with libcurl + +libcurl offers several ways to enable and interface the cookie engine. These +options are the ones provided by the native API. libcurl bindings may offer +access to them using other means. + +[`CURLOPT_COOKIE`](https://curl.se/libcurl/c/CURLOPT_COOKIE.html) + +Is used when you want to specify the exact contents of a cookie header to +send to the server. + +[`CURLOPT_COOKIEFILE`](https://curl.se/libcurl/c/CURLOPT_COOKIEFILE.html) + +Tell libcurl to activate the cookie engine, and to read the initial set of +cookies from the given file. Read-only. + +[`CURLOPT_COOKIEJAR`](https://curl.se/libcurl/c/CURLOPT_COOKIEJAR.html) + +Tell libcurl to activate the cookie engine, and when the easy handle is +closed save all known cookies to the given cookie jar file. Write-only. + +[`CURLOPT_COOKIELIST`](https://curl.se/libcurl/c/CURLOPT_COOKIELIST.html) + +Provide detailed information about a single cookie to add to the internal +storage of cookies. Pass in the cookie as an HTTP header with all the +details set, or pass in a line from a Netscape cookie file. This option can +also be used to flush the cookies etc. + +[`CURLOPT_COOKIESESSION`](https://curl.se/libcurl/c/CURLOPT_COOKIESESSION.html) + +Tell libcurl to ignore all cookies it is about to load that are session +cookies. + +[`CURLINFO_COOKIELIST`](https://curl.se/libcurl/c/CURLINFO_COOKIELIST.html) + +Extract cookie information from the internal cookie storage as a linked +list. + +## Cookies with JavaScript + +These days a lot of the web is built up by JavaScript. The web browser loads +complete programs that render the page you see. These JavaScript programs +can also set and access cookies. + +Since curl and libcurl are plain HTTP clients without any knowledge of or +capability to handle JavaScript, such cookies are not detected or used. + +Often, if you want to mimic what a browser does on such websites, you can +record web browser HTTP traffic when using such a site and then repeat the +cookie operations using curl or libcurl. diff --git a/deps/curl/docs/HTTP3.md b/deps/curl/docs/HTTP3.md new file mode 100644 index 00000000..eee26a65 --- /dev/null +++ b/deps/curl/docs/HTTP3.md @@ -0,0 +1,439 @@ + + +# HTTP3 (and QUIC) + +## Resources + +[HTTP/3 Explained](https://http3-explained.haxx.se/en/) - the online free +book describing the protocols involved. + +[quicwg.org](https://quicwg.org/) - home of the official protocol drafts + +## QUIC libraries + +QUIC libraries we are using: + +[ngtcp2](https://github.com/ngtcp2/ngtcp2) + +[quiche](https://github.com/cloudflare/quiche) - **EXPERIMENTAL** + +[OpenSSL 3.2+ QUIC](https://github.com/openssl/openssl) - **EXPERIMENTAL** + +[msh3](https://github.com/nibanks/msh3) (with [msquic](https://github.com/microsoft/msquic)) - **EXPERIMENTAL** + +## Experimental + +HTTP/3 support in curl is considered **EXPERIMENTAL** until further notice +when built to use *quiche* or *msh3*. Only the *ngtcp2* backend is not +experimental. + +Further development and tweaking of the HTTP/3 support in curl happens in the +master branch using pull-requests, just like ordinary changes. + +To fix before we remove the experimental label: + + - the used QUIC library needs to consider itself non-beta + - it is fine to "leave" individual backends as experimental if necessary + +# ngtcp2 version + +Building curl with ngtcp2 involves 3 components: `ngtcp2` itself, `nghttp3` and a QUIC supporting TLS library. The supported TLS libraries are covered below. + +While any version of `ngtcp2` and `nghttp3` from v1.0.0 on are expected to +work, using the latest versions often brings functional and performance +improvements. + +The build examples use `$NGHTTP3_VERION` and `$NGTCP2_VERION` as placeholders +for the version you build. + +## Build with quictls + +OpenSSL does not offer the required APIs for building a QUIC client. You need +to use a TLS library that has such APIs and that works with *ngtcp2*. + +Build quictls (any `+quic` tagged version works): + + % git clone --depth 1 -b openssl-3.1.4+quic https://github.com/quictls/openssl + % cd openssl + % ./config enable-tls1_3 --prefix= + % make + % make install + +Build nghttp3: + + % cd .. + % git clone -b $NGHTTP3_VERION https://github.com/ngtcp2/nghttp3 + % cd nghttp3 + % git submodule update --init + % autoreconf -fi + % ./configure --prefix= --enable-lib-only + % make + % make install + +Build ngtcp2: + + % cd .. + % git clone -b $NGTCP2_VERION https://github.com/ngtcp2/ngtcp2 + % cd ngtcp2 + % autoreconf -fi + % ./configure PKG_CONFIG_PATH=/lib/pkgconfig:/lib/pkgconfig LDFLAGS="-Wl,-rpath,/lib" --prefix= --enable-lib-only + % make + % make install + +Build curl: + + % cd .. + % git clone https://github.com/curl/curl + % cd curl + % autoreconf -fi + % LDFLAGS="-Wl,-rpath,/lib" ./configure --with-openssl= --with-nghttp3= --with-ngtcp2= + % make + % make install + +For OpenSSL 3.0.0 or later builds on Linux for x86_64 architecture, substitute all occurrences of "/lib" with "/lib64" + +## Build with GnuTLS + +Build GnuTLS: + + % git clone --depth 1 https://gitlab.com/gnutls/gnutls.git + % cd gnutls + % ./bootstrap + % ./configure --prefix= + % make + % make install + +Build nghttp3: + + % cd .. + % git clone -b $NGHTTP3_VERION https://github.com/ngtcp2/nghttp3 + % cd nghttp3 + % git submodule update --init + % autoreconf -fi + % ./configure --prefix= --enable-lib-only + % make + % make install + +Build ngtcp2: + + % cd .. + % git clone -b $NGTCP2_VERION https://github.com/ngtcp2/ngtcp2 + % cd ngtcp2 + % autoreconf -fi + % ./configure PKG_CONFIG_PATH=/lib/pkgconfig:/lib/pkgconfig LDFLAGS="-Wl,-rpath,/lib" --prefix= --enable-lib-only --with-gnutls + % make + % make install + +Build curl: + + % cd .. + % git clone https://github.com/curl/curl + % cd curl + % autoreconf -fi + % ./configure --with-gnutls= --with-nghttp3= --with-ngtcp2= + % make + % make install + +## Build with wolfSSL + +Build wolfSSL: + + % git clone https://github.com/wolfSSL/wolfssl.git + % cd wolfssl + % autoreconf -fi + % ./configure --prefix= --enable-quic --enable-session-ticket --enable-earlydata --enable-psk --enable-harden --enable-altcertchains + % make + % make install + +Build nghttp3: + + % cd .. + % git clone -b $NGHTTP3_VERION https://github.com/ngtcp2/nghttp3 + % cd nghttp3 + % git submodule update --init + % autoreconf -fi + % ./configure --prefix= --enable-lib-only + % make + % make install + +Build ngtcp2: + + % cd .. + % git clone -b $NGTCP2_VERION https://github.com/ngtcp2/ngtcp2 + % cd ngtcp2 + % autoreconf -fi + % ./configure PKG_CONFIG_PATH=/lib/pkgconfig:/lib/pkgconfig LDFLAGS="-Wl,-rpath,/lib" --prefix= --enable-lib-only --with-wolfssl + % make + % make install + +Build curl: + + % cd .. + % git clone https://github.com/curl/curl + % cd curl + % autoreconf -fi + % ./configure --with-wolfssl= --with-nghttp3= --with-ngtcp2= + % make + % make install + +# quiche version + +quiche support is **EXPERIMENTAL** + +Since the quiche build manages its dependencies, curl can be built against the latest version. You are *probably* able to build against their main branch, but in case of problems, we recommend their latest release tag. + +## Build + +Build quiche and BoringSSL: + + % git clone --recursive -b 0.22.0 https://github.com/cloudflare/quiche + % cd quiche + % cargo build --package quiche --release --features ffi,pkg-config-meta,qlog + % ln -s libquiche.so target/release/libquiche.so.0 + % mkdir quiche/deps/boringssl/src/lib + % ln -vnf $(find target/release -name libcrypto.a -o -name libssl.a) quiche/deps/boringssl/src/lib/ + +Build curl: + + % cd .. + % git clone https://github.com/curl/curl + % cd curl + % autoreconf -fi + % ./configure LDFLAGS="-Wl,-rpath,$PWD/../quiche/target/release" --with-openssl=$PWD/../quiche/quiche/deps/boringssl/src --with-quiche=$PWD/../quiche/target/release + % make + % make install + + If `make install` results in `Permission denied` error, you need to prepend + it with `sudo`. + +# OpenSSL version + +QUIC support is **EXPERIMENTAL** + +Use OpenSSL 3.3.1 or newer (QUIC support was added in 3.3.0, with +shortcomings on some platforms like macOS). 3.4.1 or newer is recommended. +Build via: + + % cd .. + % git clone -b $OPENSSL_VERSION https://github.com/openssl/openssl + % cd openssl + % ./config enable-tls1_3 --prefix= --libdir=lib + % make + % make install + +Build nghttp3: + + % cd .. + % git clone -b $NGHTTP3_VERION https://github.com/ngtcp2/nghttp3 + % cd nghttp3 + % git submodule update --init + % autoreconf -fi + % ./configure --prefix= --enable-lib-only + % make + % make install + +Build curl: + + % cd .. + % git clone https://github.com/curl/curl + % cd curl + % autoreconf -fi + % LDFLAGS="-Wl,-rpath,/lib" ./configure --with-openssl= --with-openssl-quic --with-nghttp3= + % make + % make install + +You can build curl with cmake: + + % cd .. + % git clone https://github.com/curl/curl + % cd curl + % cmake -B bld -DCURL_USE_OPENSSL=ON -DUSE_OPENSSL_QUIC=ON + % cmake --build bld + % cmake --install bld + + If `make install` results in `Permission denied` error, you need to prepend + it with `sudo`. + +# msh3 (msquic) version + +**Note**: The msquic HTTP/3 backend is immature and is not properly functional +one as of September 2023. Feel free to help us test it and improve it, but +there is no point in filing bugs about it just yet. + +msh3 support is **EXPERIMENTAL** + +## Build Linux (with quictls fork of OpenSSL) + +Build msh3: + + % git clone -b v0.6.0 --depth 1 --recursive https://github.com/nibanks/msh3 + % cd msh3 && mkdir build && cd build + % cmake -G 'Unix Makefiles' -DCMAKE_BUILD_TYPE=RelWithDebInfo .. + % cmake --build . + % cmake --install . + +Build curl: + + % git clone https://github.com/curl/curl + % cd curl + % autoreconf -fi + % ./configure LDFLAGS="-Wl,-rpath,/usr/local/lib" --with-msh3=/usr/local --with-openssl + % make + % make install + +Run from `/usr/local/bin/curl`. + +## Build Windows + +Build msh3: + + % git clone -b v0.6.0 --depth 1 --recursive https://github.com/nibanks/msh3 + % cd msh3 && mkdir build && cd build + % cmake -G 'Visual Studio 17 2022' -DCMAKE_BUILD_TYPE=RelWithDebInfo .. + % cmake --build . --config Release + % cmake --install . --config Release + +**Note** - On Windows, Schannel is used for TLS support by default. If you +with to use (the quictls fork of) OpenSSL, specify the `-DQUIC_TLS=openssl` +option to the generate command above. Also note that OpenSSL brings with it an +additional set of build dependencies not specified here. + +Build curl (in [Visual Studio Command +prompt](../winbuild/README.md#open-a-command-prompt)): + + % git clone https://github.com/curl/curl + % cd curl/winbuild + % nmake /f Makefile.vc mode=dll WITH_MSH3=dll MSH3_PATH="C:/Program Files/msh3" MACHINE=x64 + +Run in the `C:/Program Files/msh3/lib` directory, copy `curl.exe` to that +directory, or copy `msquic.dll` and `msh3.dll` from that directory to the +`curl.exe` directory. For example: + + % C:\Program Files\msh3\lib> F:\curl\builds\libcurl-vc-x64-release-dll-ipv6-sspi-schannel-msh3\bin\curl.exe --http3 https://curl.se/ + +# `--http3` + +Use only HTTP/3: + + % curl --http3-only https://example.org:4433/ + +Use HTTP/3 with fallback to HTTP/2 or HTTP/1.1 (see "HTTPS eyeballing" below): + + % curl --http3 https://example.org:4433/ + +Upgrade via Alt-Svc: + + % curl --alt-svc altsvc.cache https://curl.se/ + +See this [list of public HTTP/3 servers](https://bagder.github.io/HTTP3-test/) + +### HTTPS eyeballing + +With option `--http3` curl attempts earlier HTTP versions as well should the +connect attempt via HTTP/3 not succeed "fast enough". This strategy is similar +to IPv4/6 happy eyeballing where the alternate address family is used in +parallel after a short delay. + +The IPv4/6 eyeballing has a default of 200ms and you may override that via +`--happy-eyeballs-timeout-ms value`. Since HTTP/3 is still relatively new, we +decided to use this timeout also for the HTTP eyeballing - with a slight +twist. + +The `happy-eyeballs-timeout-ms` value is the **hard** timeout, meaning after +that time expired, a TLS connection is opened in addition to negotiate HTTP/2 +or HTTP/1.1. At half of that value - currently - is the **soft** timeout. The +soft timeout fires, when there has been **no data at all** seen from the +server on the HTTP/3 connection. + +So, without you specifying anything, the hard timeout is 200ms and the soft is 100ms: + + * Ideally, the whole QUIC handshake happens and curl has an HTTP/3 connection + in less than 100ms. + * When QUIC is not supported (or UDP does not work for this network path), no + reply is seen and the HTTP/2 TLS+TCP connection starts 100ms later. + * In the worst case, UDP replies start before 100ms, but drag on. This starts + the TLS+TCP connection after 200ms. + * When the QUIC handshake fails, the TLS+TCP connection is attempted right + away. For example, when the QUIC server presents the wrong certificate. + +The whole transfer only fails, when **both** QUIC and TLS+TCP fail to +handshake or time out. + +Note that all this happens in addition to IP version happy eyeballing. If the +name resolution for the server gives more than one IP address, curl tries all +those until one succeeds - just as with all other protocols. If those IP +addresses contain both IPv6 and IPv4, those attempts happen, delayed, in +parallel (the actual eyeballing). + +## Known Bugs + +Check out the [list of known HTTP3 bugs](https://curl.se/docs/knownbugs.html#HTTP3). + +# HTTP/3 Test server + +This is not advice on how to run anything in production. This is for +development and experimenting. + +## Prerequisite(s) + +An existing local HTTP/1.1 server that hosts files. Preferably also a few huge +ones. You can easily create huge local files like `truncate -s=8G 8GB` - they +are huge but do not occupy that much space on disk since they are just big +holes. + +In a Debian setup you can install apache2. It runs on port 80 and has a +document root in `/var/www/html`. Download the 8GB file from apache with `curl +localhost/8GB -o dev/null` + +In this description we setup and run an HTTP/3 reverse-proxy in front of the +HTTP/1 server. + +## Setup + +You can select either or both of these server solutions. + +### nghttpx + +Get, build and install quictls, nghttp3 and ngtcp2 as described +above. + +Get, build and install nghttp2: + + % git clone https://github.com/nghttp2/nghttp2.git + % cd nghttp2 + % autoreconf -fi + % PKG_CONFIG_PATH=$PKG_CONFIG_PATH:/home/daniel/build-quictls/lib/pkgconfig:/home/daniel/build-nghttp3/lib/pkgconfig:/home/daniel/build-ngtcp2/lib/pkgconfig LDFLAGS=-L/home/daniel/build-quictls/lib CFLAGS=-I/home/daniel/build-quictls/include ./configure --enable-maintainer-mode --prefix=/home/daniel/build-nghttp2 --disable-shared --enable-app --enable-http3 --without-jemalloc --without-libxml2 --without-systemd + % make && make install + +Run the local h3 server on port 9443, make it proxy all traffic through to +HTTP/1 on localhost port 80. For local toying, we can just use the test cert +that exists in curl's test dir. + + % CERT=$CURLSRC/tests/stunnel.pem + % $HOME/bin/nghttpx $CERT $CERT --backend=localhost,80 \ + --frontend="localhost,9443;quic" + +### Caddy + +[Install Caddy](https://caddyserver.com/docs/install). For easiest use, the binary +should be either in your PATH or your current directory. + +Create a `Caddyfile` with the following content: +~~~ +localhost:7443 { + respond "Hello, world! you are using {http.request.proto}" +} +~~~ + +Then run Caddy: + + % ./caddy start + +Making requests to `https://localhost:7443` should tell you which protocol is being used. + +You can change the hard-coded response to something more useful by replacing `respond` +with `reverse_proxy` or `file_server`, for example: `reverse_proxy localhost:80` diff --git a/deps/curl/docs/HTTPSRR.md b/deps/curl/docs/HTTPSRR.md new file mode 100644 index 00000000..b408a975 --- /dev/null +++ b/deps/curl/docs/HTTPSRR.md @@ -0,0 +1,100 @@ + + +# HTTPS RR + +[RFC 9460](https://www.rfc-editor.org/rfc/rfc9460.html) documents the HTTPS +DNS Resource Record. + +curl features **experimental** support for HTTPS RR. + +- The ALPN list from the retrieved HTTPS record is parsed +- The ECH field is stored (when DoH is used) +- The port number from the HTTPS RR is not used +- The target name is not used +- The IP addresses from the HTTPS RR are not used +- It only supports a single HTTPS RR per hostname +- consider cases without A/AAAA records but *with* HTTPS RR +- consider service profiles where the RR provides different addresses for TCP + vs QUIC etc + +`HTTPSRR` is listed as a feature in the `curl -V` output if curl contains +HTTPS RR support. If c-ares is not included in the build, the HTTPS RR support +is limited to DoH. + +`asyn-rr` is listed as a feature in the `curl -V` output if c-ares is used for +additional resolves in addition to a "normal" resolve done with the threaded +resolver. + +The data extracted from the HTTPS RR is stored in the in-memory DNS cache to +be reused on subsequent uses of the same hostnames. + +## limitations + +We have decided to work on the HTTPS RR support by following what seems to be +(widely) used, and simply wait with implementing the details of the record +that do not seem to be deployed. HTTPS RR is a DNS field with many odd corners +and complexities and we might as well avoid them if no one seems to want them. + +## build + + ./configure --enable-httpsrr + +or + + cmake -DUSE_HTTPSRR=ON + +## ALPN + +The list of ALPN IDs is parsed but may not be completely respected because of +what the HTTP version preference is set to, which is a problem we are working +on. Also, getting an `HTTP/1.1` ALPN in the HTTPS RR field for an HTTP:// +transfer should imply switching to HTTPS, HSTS style. Which curl currently +does not. + +## DoH + +When HTTPS RR is enabled in the curl build, The DoH code asks for an HTTPS +record in addition to the A and AAAA records, and if an HTTPS RR answer is +returned, curl parses it and stores the retrieved information. + +## Non-DoH + +If DoH is not used for name resolving in an HTTPS RR enabled build, we must +provide the ability using the regular resolver backends. We use the c-ares DNS +library for the HTTPS RR lookup. Version 1.28.0 or later. + +### c-ares + +If curl is built to use the c-ares library for name resolves, an HTTPS RR +enabled build makes a request for the HTTPS RR in addition to the regular +lookup. + +### Threaded resolver + +When built to use the threaded resolver, which is the default, an HTTPS RR +build still needs a c-ares installation provided so that a separate request +for the HTTPS record can be done in parallel to the regular getaddrinfo() +call. + +This is done by specifying both c-ares and threaded resolver to configure: + + ./configure --enable-ares=... --enable-threaded-resolver + +or to cmake: + + cmake -DENABLE_ARES=ON -DENABLE_THREADED_RESOLVER=ON + +Because the HTTPS record is handled separately from the A/AAAA record +retrieval, by a separate library, there is a small risk for discrepancies. + +When building curl using the threaded resolver with HTTPS RR support (using +c-ares), the `curl -V` output looks exactly like a c-ares resolver build. + +## HTTPS RR Options + +Because curl is a low level transfer tool for which users sometimes want +detailed control, we need to offer options to control HTTPS RR use. diff --git a/deps/curl/docs/INFRASTRUCTURE.md b/deps/curl/docs/INFRASTRUCTURE.md new file mode 100644 index 00000000..5612dea0 --- /dev/null +++ b/deps/curl/docs/INFRASTRUCTURE.md @@ -0,0 +1,193 @@ + + +# Infrastructure in the curl project + +Overview of infrastructure we maintain, host and run in the project for the +project. + +## git repository + +Since 2010, the main curl git repository has been hosted by GitHub, available +at https://github.com/curl/curl. + +We also use the issue tracker, pull requests and discussions on GitHub. + +curl has an "enterprise account" on GitHub and is an "organization" on the +site. + +We accept sponsorship via GitHub Sponsors. + +## CI services + +For every pull request and git push to the master repository, a number of +build and testing jobs are run on a set of different CI services. The exact +services vary over time. GitHub Actions and AppVeyor are the primary ones +these days. + +## Test Clutch + +A [Test Clutch](https://github.com/dfandrich/testclutch) instance generates +regular reports on curl CI test results at https://testclutch.curl.se/ as well +as writing comments on curl pull requests whose tests have failed. The jobs +are hosted on a Virtuozzo Application Platform PaaS instance and is managed by +Dan Fandrich. The configuration code is is available and managed at +https://github.com/dfandrich/testclutch-curl-web + +## Autobuilds + +The curl autobuild system is a set of scripts that build and test curl and +send all output logs back to the autobuild server. The results are +continuously collected and visualized on the curl website at +. + +The autobuild system and server is maintained by Daniel Stenberg. + +## OSS-Fuzz + +Google runs the [OSS-Fuzz](https://google.github.io/oss-fuzz/) project which +also runs fuzzing on curl code, non-stop, in their infrastructure and they +send us emails in the rare instances they actually find something. + +OSS-Fuzz notifies those that are members in the "curl team". Any curl +maintainer who wants to is welcome to participate. It requires a Google +account. + +## Coverity + +We regularly run our code through the [Coverity static code +analyzer](https://scan.coverity.com/) thanks to them offering this service to +us for free. + +## CodeSonar + +[CodeSonar](https://codesecure.com/our-products/codesonar/) analyzes the curl +source code daily and emails Daniel Stenberg whenever it finds suspected +problems in the source code. I hope and expect that we can invite other +maintainers to access these reports soon. + +## Domain names + +The project runs services and website using a few different curl related +domain names, including `curl.se` and `curl.dev`. Daniel Stenberg owns these +domain names. + +Until a few years ago, the curl website was present at `curl.haxx.se`. The +`haxx.se` domain is owned by Haxx AB, administrated by Daniel Stenberg. The +curl.haxx.se name is meant to keep working and be redirecting to curl.se for +the foreseeable future. + +## Websites + +The main curl website at `curl.se` is maintained by curl maintainers and the +content is available and managed at https://github.com/curl/curl-www. The site +updates from git and runs make every 20 minutes. Any change pushed to git can +thus take up to 20 minutes until it takes effect on the origin server. + +The content on `curl.dev` is available and managed at +https://github.com/curl/curl.dev/ + +The content on `everything-curl.dev` is available and managed at +https://github.com/curl/everything-curl/ + +The machine hosting the website contents for these three sites is owned by +Haxx AB and is primarily managed by Daniel Stenberg (co-owner of the Haxx +company). The machine is physically located in Sweden. + +curl release tarballs are hosted on https://curl.se/download.html. They are +uploaded there at release-time by the release manager. + +curl-for-win downloads are hosted on https://curl.se/windows and are uploaded +to the server by Viktor Szakats. + +curl-for-QNX downloads are hosted on and are uploaded to +the server by Daniel Stenberg. + +Daily release tarball-like snapshots are generated automatically and are +provided for download at . + +CA certificate bundles are extracted from the Firefox source code, hosted by +Mozilla and converted to PEM file format and is offered for download. The +conversion checks for updates daily. The bundle is provided for download at +. + +There is an automated "download check bot" that runs twice daily to scan for +available curl downloads to populate the curl download page appropriately with +the correct updated information. The bot uses URLs and patterns for all +download packages and is maintained in a database, maintained by Daniel +Stenberg and Dan Fandrich. + +The TLS certificate for the origin curl web server is automatically updated +from Let's Encrypt. + +## CDN + +Fastly runs the Content Delivery Network (CDN) that fronts all the curl +websites. The CDN caches content that it gets from the origin server. +Recently, roughly 99.99% of web requests are satisfied by the CDN without +having to reach the origin. + +The CDN caches different content at different lengths depending on the +content-type. The caching thus adds to the time for a change to have an effect +on the site from the moment it gets pushed to the git repository. + +Using this setup, we provide four IPv4 addresses and eight IPv6 addresses for +anycast access to the site. Should be snappy from virtually everywhere across +the globe. + +The CDN servers support HTTP/1, HTTP/2 and HTTP/3. They set HSTS for a year. +The `HTTP://` version of the site redirects to `HTTPS://`. + +Fastly manages the TLS certificates from Let's Encrypt for the servers they +run on the behalf of curl. + +## Containers + +The curl project offer container builds of curl. The source repository for +them is located at . + +Container images are hosted at and + + +## DNS + +The primary domain name, `curl.se` is managed by Kirei and is offered over +fault-tolerant anycast servers. High availability and fast access for +everyone. + +The actual physical DNS files and origin bind instance is managed by Daniel +Stenberg. + +## Mailing lists + +The curl related mailing lists are hosted by Haxx AB on `lists.haxx.se` and +are maintained by Daniel Stenberg. This includes the mailman2 and Postfix +instances used for this. + +## Email + +We use a few rare additional curl related email aliases in the curl domains. +They go through the mail server `mail.haxx.se` maintained by Daniel Stenberg + +## Bug-bounty + +We run a [bug-bounty](https://curl.se/docs/bugbounty.html) on HackerOne. The +setup runs entirely at https://hackerone.com/curl. + +The money part for the bug bounty is sponsored by the [Internet Bug +Bounty](https://hackerone.com/ibb). + +## Open Collective + +We use [Open Collective](https://opencollective.com/curl) as our "fiscal +host". All money sent to and received by the curl project is managed by Open +Collective. + +## Merchandise + +We have stickers, coffee mugs and coasters. They are managed by Daniel who +sits on the inventory. The best way to get your hands on curl merchandise is +to attend events where Daniel is physically. diff --git a/deps/curl/docs/INSTALL b/deps/curl/docs/INSTALL new file mode 100644 index 00000000..ff260b1b --- /dev/null +++ b/deps/curl/docs/INSTALL @@ -0,0 +1,9 @@ + _ _ ____ _ + ___| | | | _ \| | + / __| | | | |_) | | + | (__| |_| | _ <| |___ + \___|\___/|_| \_\_____| + + How To Compile + +see INSTALL.md diff --git a/deps/curl/docs/INSTALL-CMAKE.md b/deps/curl/docs/INSTALL-CMAKE.md new file mode 100644 index 00000000..38d1fec1 --- /dev/null +++ b/deps/curl/docs/INSTALL-CMAKE.md @@ -0,0 +1,560 @@ + + +# Building with CMake + +This document describes how to configure, build and install curl and libcurl +from source code using the CMake build tool. To build with CMake, you of +course first have to install CMake. The minimum required version of CMake is +specified in the file `CMakeLists.txt` found in the top of the curl source +tree. Once the correct version of CMake is installed you can follow the +instructions below for the platform you are building on. + +CMake builds can be configured either from the command line, or from one of +CMake's GUIs. + +# Configuring + +A CMake configuration of curl is similar to the autotools build of curl. +It consists of the following steps after you have unpacked the source. + +We recommend building with CMake on Windows. For instructions on migrating +from the `projects/Windows` Visual Studio solution files, see +[this section](#migrating-from-visual-studio-ide-project-files). For +instructions on migrating from the winbuild builds, see +[the following section](#migrating-from-winbuild-builds). + +## Using `cmake` + +You can configure for in source tree builds or for a build tree +that is apart from the source tree. + + - Build in the source tree. + + $ cmake -B . + + - Build in a separate directory (parallel to the curl source tree in this + example). The build directory is created for you. This is recommended over + building in the source tree to separate source and build artifacts. + + $ cmake -B ../curl-build + +For the full list of CMake build configuration variables see +[the corresponding section](#cmake-build-options). + +### Fallback for CMake before version 3.13 + +CMake before version 3.13 does not support the `-B` option. In that case, +you must create the build directory yourself, `cd` to it and run `cmake` +from there: + + $ mkdir ../curl-build + $ cd ../curl-build + $ cmake ../curl + +If you want to build in the source tree, it is enough to do this: + + $ cmake . + +### Build system generator selection + +You can override CMake's default by using `-G `. For example +on Windows with multiple build systems if you have MinGW-w64 then you could use +`-G "MinGW Makefiles"`. +[List of generator names](https://cmake.org/cmake/help/latest/manual/cmake-generators.7.html). + +## Using `ccmake` + +CMake comes with a curses based interface called `ccmake`. To run `ccmake` +on a curl use the instructions for the command line cmake, but substitute +`ccmake` for `cmake`. + +This brings up a curses interface with instructions on the bottom of the +screen. You can press the "c" key to configure the project, and the "g" key to +generate the project. After the project is generated, you can run make. + +## Using `cmake-gui` + +CMake also comes with a Qt based GUI called `cmake-gui`. To configure with +`cmake-gui`, you run `cmake-gui` and follow these steps: + + 1. Fill in the "Where is the source code" combo box with the path to + the curl source tree. + 2. Fill in the "Where to build the binaries" combo box with the path to + the directory for your build tree, ideally this should not be the same + as the source tree, but a parallel directory called curl-build or + something similar. + 3. Once the source and binary directories are specified, press the + "Configure" button. + 4. Select the native build tool that you want to use. + 5. At this point you can change any of the options presented in the GUI. + Once you have selected all the options you want, click the "Generate" + button. + +# Building + +Build (you have to specify the build directory). + + $ cmake --build ../curl-build + +## Static builds + +The CMake build setup is primarily done to work with shared/dynamic third +party dependencies. When linking with shared libraries, the dependency "chain" +is handled automatically by the library loader - on all modern systems. + +If you instead link with a static library, you need to provide all the +dependency libraries already at the link command line. + +Figuring out all the dependency libraries for a given library is hard, as it +might involve figuring out the dependencies of the dependencies and they vary +between platforms and can change between versions. + +When using static dependencies, the build scripts mostly assume that you, the +user, provide all the necessary additional dependency libraries as additional +arguments in the build. + +Building statically is not for the faint of heart. + +### Fallback for CMake before version 3.13 + +CMake before version 3.13 does not support the `--build` option. In that +case, you have to `cd` to the build directory and use the building tool that +corresponds to the build files that CMake generated for you. This example +assumes that CMake generates `Makefile`: + + $ cd ../curl-build + $ make + +# Testing + +(The test suite does not yet work with the cmake build) + +# Installing + +Install to default location (you have to specify the build directory). + + $ cmake --install ../curl-build + +Do not use `--prefix` to change the installation prefix as the output produced +by the `curl-config` script is determined at CMake configure time. If you want +to set a custom install prefix for curl, set +[`CMAKE_INSTALL_PREFIX`](https://cmake.org/cmake/help/latest/variable/CMAKE_INSTALL_PREFIX.html) +when configuring the CMake build. + +### Fallback for CMake before version 3.15 + +CMake before version 3.15 does not support the `--install` option. In that +case, you have to `cd` to the build directory and use the building tool that +corresponds to the build files that CMake generated for you. This example +assumes that CMake generates `Makefile`: + + $ cd ../curl-build + $ make install + +# CMake usage + +Just as curl can be built and installed using CMake, it can also be used from +CMake. + +## Using `find_package` + +To locate libcurl from CMake, one can use the standard +[`find_package`](https://cmake.org/cmake/help/latest/command/find_package.html) +command in the typical fashion: + +```cmake +find_package(CURL 8.12.0 REQUIRED) # FATAL_ERROR if CURL is not found +``` + +This invokes the CMake-provided +[FindCURL](https://cmake.org/cmake/help/latest/module/FindCURL.html) find module, +which first performs a search using the `find_package` +[config mode](https://cmake.org/cmake/help/latest/command/find_package.html#config-mode-search-procedure). +This is supported by the `CURLConfig.cmake` CMake config script which is +available if the given CURL was built and installed using CMake. + +### Detecting CURL features/protocols + +Since version 8.12.0, `CURLConfig.cmake` publishes the supported CURL features +and protocols (see [release notes](https://curl.se/ch/8.12.0.html)). These can +be specified using the `find_package` keywords `COMPONENTS` and +`OPTIONAL_COMPONENTS`, with protocols in all caps, e.g. `HTTPS`, `LDAP`, while +features should be in their original sentence case, e.g. `AsynchDNS`, +`UnixSockets`. If any of the `COMPONENTS` are missing, then CURL is considered +as *not* found. + +Here is an example of using `COMPONENTS` and `OPTIONAL_COMPONENTS` in +`find_package` with CURL: + +```cmake +# CURL_FOUND is FALSE if no HTTPS but brotli and zstd can be missing +find_package(CURL 8.12.0 COMPONENTS HTTPS OPTIONAL_COMPONENTS brotli zstd) +``` + +One can also check the defined `CURL_SUPPORTS_` variables +if a particular feature/protocol is supported. For example: + +```cmake +# check HTTPS +if(CURL_SUPPORTS_HTTPS) + message(STATUS "CURL supports HTTPS") +else() + message(STATUS "CURL does NOT support HTTPS") +endif() +``` + +### Linking against libcurl + +To link a CMake target against libcurl one can use +[`target_link_libraries`](https://cmake.org/cmake/help/latest/command/target_link_libraries.html) +as usual: + +```cmake +target_link_libraries(my_target PRIVATE CURL::libcurl) +``` + +# CMake build options + +- `BUILD_CURL_EXE`: Build curl executable. Default: `ON` +- `BUILD_EXAMPLES`: Build libcurl examples. Default: `ON` +- `BUILD_LIBCURL_DOCS`: Build libcurl man pages. Default: `ON` +- `BUILD_MISC_DOCS`: Build misc man pages (e.g. `curl-config` and `mk-ca-bundle`). Default: `ON` +- `BUILD_SHARED_LIBS`: Build shared libraries. Default: `ON` +- `BUILD_STATIC_CURL`: Build curl executable with static libcurl. Default: `OFF` +- `BUILD_STATIC_LIBS`: Build static libraries. Default: `OFF` +- `BUILD_TESTING`: Build tests. Default: `ON` +- `CURL_CLANG_TIDY`: Run the build through `clang-tidy`. Default: `OFF` +- `CURL_CLANG_TIDYFLAGS`: Custom options to pass to `clang-tidy`. Default: (empty) +- `CURL_DEFAULT_SSL_BACKEND`: Override default TLS backend in MultiSSL builds. + Accepted values in order of default priority: + `wolfssl`, `gnutls`, `mbedtls`, `openssl`, `secure-transport`, `schannel`, `bearssl`, `rustls` +- `CURL_ENABLE_EXPORT_TARGET`: Enable CMake export target. Default: `ON` +- `CURL_HIDDEN_SYMBOLS`: Hide libcurl internal symbols (=hide all symbols that are not officially external). Default: `ON` +- `CURL_LIBCURL_SOVERSION`: Enable libcurl SOVERSION. Default: `ON` for supported platforms +- `CURL_LIBCURL_VERSIONED_SYMBOLS`: Enable libcurl versioned symbols. Default: `OFF` +- `CURL_LIBCURL_VERSIONED_SYMBOLS_PREFIX`: Override default versioned symbol prefix. Default: `_` or `MULTISSL_` +- `CURL_LTO`: Enable compiler Link Time Optimizations. Default: `OFF` +- `CURL_STATIC_CRT`: Build libcurl with static CRT with MSVC (`/MT`) (requires UCRT, static libcurl or no curl executable). Default: `OFF` +- `CURL_TARGET_WINDOWS_VERSION`: Minimum target Windows version as hex string. +- `CURL_TEST_BUNDLES`: Bundle `libtest` and `unittest` tests into single binaries. Default: `OFF` +- `CURL_WERROR`: Turn compiler warnings into errors. Default: `OFF` +- `ENABLE_CURLDEBUG`: Enable TrackMemory debug feature. Default: =`ENABLE_DEBUG` +- `ENABLE_CURL_MANUAL`: Build the man page for curl and enable its `-M`/`--manual` option. Default: `ON` +- `ENABLE_DEBUG`: Enable curl debug features (for developing curl itself). Default: `OFF` +- `ENABLE_SERVER_DEBUG`: Apply curl debug options to test servers. Default: `OFF` +- `IMPORT_LIB_SUFFIX`: Import library suffix. Default: `_imp` for MSVC-like toolchains, otherwise empty. +- `LIBCURL_OUTPUT_NAME`: Basename of the curl library. Default: `libcurl` +- `PICKY_COMPILER`: Enable picky compiler options. Default: `ON` +- `SHARE_LIB_OBJECT`: Build shared and static libcurl in a single pass (requires CMake 3.12 or newer). Default: `ON` for Windows +- `STATIC_LIB_SUFFIX`: Static library suffix. Default: (empty) + +## CA bundle options + +- `CURL_CA_BUNDLE`: Path to the CA bundle. Set `none` to disable or `auto` for auto-detection. Default: `auto` +- `CURL_CA_EMBED`: Path to the CA bundle to embed in the curl tool. Default: (disabled) +- `CURL_CA_FALLBACK`: Use built-in CA store of TLS backend. Default: `OFF` +- `CURL_CA_PATH`: Location of default CA path. Set `none` to disable or `auto` for auto-detection. Default: `auto` +- `CURL_CA_SEARCH_SAFE`: Enable safe CA bundle search (within the curl tool directory) on Windows. Default: `OFF` + +## Enabling features + +- `CURL_ENABLE_SSL`: Enable SSL support. Default: `ON` +- `CURL_WINDOWS_SSPI`: Enable SSPI on Windows. Default: =`CURL_USE_SCHANNEL` +- `ENABLE_IPV6`: Enable IPv6 support. Default: `ON` if target supports IPv6. +- `ENABLE_THREADED_RESOLVER`: Enable threaded DNS lookup. Default: `ON` if c-ares is not enabled and target supports threading. +- `ENABLE_UNICODE`: Use the Unicode version of the Windows API functions. Default: `OFF` +- `ENABLE_UNIX_SOCKETS`: Enable Unix domain sockets support. Default: `ON` +- `USE_ECH`: Enable ECH support. Default: `OFF` +- `USE_HTTPSRR`: Enable HTTPS RR support. Default: `OFF` +- `USE_OPENSSL_QUIC`: Use OpenSSL and nghttp3 libraries for HTTP/3 support. Default: `OFF` +- `USE_SSLS_EXPORT`: Enable experimental SSL session import/export. Default: `OFF` + +## Disabling features + +- `CURL_DISABLE_ALTSVC`: Disable alt-svc support. Default: `OFF` +- `CURL_DISABLE_AWS`: Disable **aws-sigv4**. Default: `OFF` +- `CURL_DISABLE_BASIC_AUTH`: Disable Basic authentication. Default: `OFF` +- `CURL_DISABLE_BEARER_AUTH`: Disable Bearer authentication. Default: `OFF` +- `CURL_DISABLE_BINDLOCAL`: Disable local binding support. Default: `OFF` +- `CURL_DISABLE_CA_SEARCH`: Disable unsafe CA bundle search in PATH on Windows. Default: `OFF` +- `CURL_DISABLE_COOKIES`: Disable cookies support. Default: `OFF` +- `CURL_DISABLE_DICT`: Disable DICT. Default: `OFF` +- `CURL_DISABLE_DIGEST_AUTH`: Disable Digest authentication. Default: `OFF` +- `CURL_DISABLE_DOH`: Disable DNS-over-HTTPS. Default: `OFF` +- `CURL_DISABLE_FILE`: Disable FILE. Default: `OFF` +- `CURL_DISABLE_FORM_API`: Disable **form-api**. Default: =`CURL_DISABLE_MIME` +- `CURL_DISABLE_FTP`: Disable FTP. Default: `OFF` +- `CURL_DISABLE_GETOPTIONS`: Disable `curl_easy_options` API for existing options to `curl_easy_setopt`. Default: `OFF` +- `CURL_DISABLE_GOPHER`: Disable Gopher. Default: `OFF` +- `CURL_DISABLE_HEADERS_API`: Disable **headers-api** support. Default: `OFF` +- `CURL_DISABLE_HSTS`: Disable HSTS support. Default: `OFF` +- `CURL_DISABLE_HTTP`: Disable HTTP. Default: `OFF` +- `CURL_DISABLE_HTTP_AUTH`: Disable all HTTP authentication methods. Default: `OFF` +- `CURL_DISABLE_IMAP`: Disable IMAP. Default: `OFF` +- `CURL_DISABLE_INSTALL`: Disable installation targets. Default: `OFF` +- `CURL_DISABLE_IPFS`: Disable IPFS. Default: `OFF` +- `CURL_DISABLE_KERBEROS_AUTH`: Disable Kerberos authentication. Default: `OFF` +- `CURL_DISABLE_LDAP`: Disable LDAP. Default: `OFF` +- `CURL_DISABLE_LDAPS`: Disable LDAPS. Default: =`CURL_DISABLE_LDAP` +- `CURL_DISABLE_LIBCURL_OPTION`: Disable `--libcurl` option from the curl tool. Default: `OFF` +- `CURL_DISABLE_MIME`: Disable MIME support. Default: `OFF` +- `CURL_DISABLE_MQTT`: Disable MQTT. Default: `OFF` +- `CURL_DISABLE_NEGOTIATE_AUTH`: Disable negotiate authentication. Default: `OFF` +- `CURL_DISABLE_NETRC`: Disable netrc parser. Default: `OFF` +- `CURL_DISABLE_NTLM`: Disable NTLM support. Default: `OFF` +- `CURL_DISABLE_OPENSSL_AUTO_LOAD_CONFIG`: Disable automatic loading of OpenSSL configuration. Default: `OFF` +- `CURL_DISABLE_PARSEDATE`: Disable date parsing. Default: `OFF` +- `CURL_DISABLE_POP3`: Disable POP3. Default: `OFF` +- `CURL_DISABLE_PROGRESS_METER`: Disable built-in progress meter. Default: `OFF` +- `CURL_DISABLE_PROXY`: Disable proxy support. Default: `OFF` +- `CURL_DISABLE_RTSP`: Disable RTSP. Default: `OFF` +- `CURL_DISABLE_SHA512_256`: Disable SHA-512/256 hash algorithm. Default: `OFF` +- `CURL_DISABLE_SHUFFLE_DNS`: Disable shuffle DNS feature. Default: `OFF` +- `CURL_DISABLE_SMB`: Disable SMB. Default: `OFF` +- `CURL_DISABLE_SMTP`: Disable SMTP. Default: `OFF` +- `CURL_DISABLE_SOCKETPAIR`: Disable use of socketpair for curl_multi_poll. Default: `OFF` +- `CURL_DISABLE_SRP`: Disable TLS-SRP support. Default: `OFF` +- `CURL_DISABLE_TELNET`: Disable Telnet. Default: `OFF` +- `CURL_DISABLE_TFTP`: Disable TFTP. Default: `OFF` +- `CURL_DISABLE_VERBOSE_STRINGS`: Disable verbose strings. Default: `OFF` +- `CURL_DISABLE_WEBSOCKETS`: Disable WebSocket. Default: `OFF` +- `HTTP_ONLY`: Disable all protocols except HTTP (This overrides all `CURL_DISABLE_*` options). Default: `OFF` + +## Environment + +- `CI`: Assume running under CI if set. +- `CURL_BUILDINFO`: Print `buildinfo.txt` if set. +- `CURL_CI`: Assume running under CI if set. + +## CMake options + +- `CMAKE_BUILD_TYPE`: (see CMake) +- `CMAKE_DEBUG_POSTFIX`: Default: `-d` +- `CMAKE_IMPORT_LIBRARY_SUFFIX` (see CMake) +- `CMAKE_INSTALL_BINDIR` (see CMake) +- `CMAKE_INSTALL_INCLUDEDIR` (see CMake) +- `CMAKE_INSTALL_LIBDIR` (see CMake) +- `CMAKE_INSTALL_PREFIX` (see CMake) +- `CMAKE_STATIC_LIBRARY_SUFFIX` (see CMake) +- `CMAKE_UNITY_BUILD_BATCH_SIZE`: Set the number of sources in a "unity" unit. Default: `0` (all) +- `CMAKE_UNITY_BUILD`: Enable "unity" (aka jumbo) builds. Default: `OFF` + +Details via CMake +[variables](https://cmake.org/cmake/help/latest/manual/cmake-variables.7.html) and +[install directories](https://cmake.org/cmake/help/latest/module/GNUInstallDirs.html). + +## Dependencies + +- `CURL_BROTLI`: Use brotli (`ON`, `OFF` or `AUTO`). Default: `AUTO` +- `CURL_USE_BEARSSL`: Enable BearSSL for SSL/TLS. Default: `OFF` +- `CURL_USE_GNUTLS`: Enable GnuTLS for SSL/TLS. Default: `OFF` +- `CURL_USE_GSASL`: Use libgsasl. Default: `OFF` +- `CURL_USE_GSSAPI`: Use GSSAPI implementation. Default: `OFF` +- `CURL_USE_LIBPSL`: Use libpsl. Default: `ON` +- `CURL_USE_LIBSSH2`: Use libssh2. Default: `ON` +- `CURL_USE_LIBSSH`: Use libssh. Default: `OFF` +- `CURL_USE_LIBUV`: Use libuv for event-based tests. Default: `OFF` +- `CURL_USE_MBEDTLS`: Enable mbedTLS for SSL/TLS. Default: `OFF` +- `CURL_USE_OPENSSL`: Enable OpenSSL for SSL/TLS. Default: `ON` if no other TLS backend was enabled. +- `CURL_USE_PKGCONFIG`: Enable `pkg-config` to detect dependencies. Default: `ON` for Unix (except Android, Apple devices), vcpkg, MinGW if not cross-compiling. +- `CURL_USE_RUSTLS`: Enable Rustls for SSL/TLS. Default: `OFF` +- `CURL_USE_SCHANNEL`: Enable Windows native SSL/TLS (Schannel). Default: `OFF` +- `CURL_USE_SECTRANSP`: Enable Apple OS native SSL/TLS (Secure Transport). Default: `OFF` +- `CURL_USE_WOLFSSH`: Use wolfSSH. Default: `OFF` +- `CURL_USE_WOLFSSL`: Enable wolfSSL for SSL/TLS. Default: `OFF` +- `CURL_ZLIB`: Use zlib (`ON`, `OFF` or `AUTO`). Default: `AUTO` +- `CURL_ZSTD`: Use zstd (`ON`, `OFF` or `AUTO`). Default: `AUTO` +- `ENABLE_ARES`: Enable c-ares support. Default: `OFF` +- `USE_APPLE_IDN`: Use Apple built-in IDN support. Default: `OFF` +- `USE_LIBIDN2`: Use libidn2 for IDN support. Default: `ON` +- `USE_LIBRTMP`: Enable librtmp from rtmpdump. Default: `OFF` +- `USE_MSH3`: Use msh3/msquic library for HTTP/3 support. Default: `OFF` +- `USE_NGHTTP2`: Use nghttp2 library. Default: `ON` +- `USE_NGTCP2`: Use ngtcp2 and nghttp3 libraries for HTTP/3 support. Default: `OFF` +- `USE_QUICHE`: Use quiche library for HTTP/3 support. Default: `OFF` +- `USE_WIN32_IDN`: Use WinIDN for IDN support. Default: `OFF` +- `USE_WIN32_LDAP`: Use Windows LDAP implementation. Default: `ON` + +## Dependency options (via CMake) + +- `OPENSSL_ROOT_DIR`: Set this variable to the root installation of OpenSSL (and forks). +- `OPENSSL_USE_STATIC_LIBS`: Look for static OpenSSL libraries. +- `ZLIB_INCLUDE_DIR`: The zlib include directory. +- `ZLIB_LIBRARY`: Path to `zlib` library. +- `ZLIB_USE_STATIC_LIBS`: Look for static ZLIB library (requires CMake v3.24). + +## Dependency options + +- `CLANG_TIDY`: `clang-tidy` tool used with `CURL_CLANG_TIDY=ON`. Default: `clang-tidy` +- `PERL_EXECUTABLE` Perl binary used throughout the build and tests. +- `AMISSL_INCLUDE_DIR`: The AmiSSL include directory. +- `AMISSL_STUBS_LIBRARY`: Path to `amisslstubs` library. +- `AMISSL_AUTO_LIBRARY`: Path to `amisslauto` library. +- `BEARSSL_INCLUDE_DIR`: The BearSSL include directory. +- `BEARSSL_LIBRARY`: Path to `bearssl` library. +- `BROTLI_INCLUDE_DIR`: The brotli include directory. +- `BROTLICOMMON_LIBRARY`: Path to `brotlicommon` library. +- `BROTLIDEC_LIBRARY`: Path to `brotlidec` library. +- `CARES_INCLUDE_DIR`: The c-ares include directory. +- `CARES_LIBRARY`: Path to `cares` library. +- `DL_LIBRARY`: Path to `dl` library. (for Rustls) +- `GSS_ROOT_DIR`: Set this variable to the root installation of GSS. (also supported as environment) +- `LDAP_LIBRARY`: Name or full path to `ldap` library. Default: `ldap` +- `LDAP_LBER_LIBRARY`: Name or full path to `lber` library. Default: `lber` +- `LDAP_INCLUDE_DIR`: Path to LDAP include directory. +- `LIBGSASL_INCLUDE_DIR`: The libgsasl include directory. +- `LIBGSASL_LIBRARY`: Path to `libgsasl` library. +- `LIBIDN2_INCLUDE_DIR`: The libidn2 include directory. +- `LIBIDN2_LIBRARY`: Path to `libidn2` library. +- `LIBPSL_INCLUDE_DIR`: The libpsl include directory. +- `LIBPSL_LIBRARY`: Path to `libpsl` library. +- `LIBRTMP_INCLUDE_DIR`: The librtmp include directory. +- `LIBRTMP_LIBRARY`: Path to `librtmp` library. +- `LIBSSH_INCLUDE_DIR`: The libssh include directory. +- `LIBSSH_LIBRARY`: Path to `libssh` library. +- `LIBSSH2_INCLUDE_DIR`: The libssh2 include directory. +- `LIBSSH2_LIBRARY`: Path to `libssh2` library. +- `LIBUV_INCLUDE_DIR`: The libuv include directory. +- `LIBUV_LIBRARY`: Path to `libuv` library. +- `MATH_LIBRARY`: Path to `m` library. (for Rustls, wolfSSL) +- `MBEDTLS_INCLUDE_DIR`: The mbedTLS include directory. +- `MBEDTLS_LIBRARY`: Path to `mbedtls` library. +- `MBEDX509_LIBRARY`: Path to `mbedx509` library. +- `MBEDCRYPTO_LIBRARY`: Path to `mbedcrypto` library. +- `MSH3_INCLUDE_DIR`: The msh3 include directory. +- `MSH3_LIBRARY`: Path to `msh3` library. +- `NGHTTP2_INCLUDE_DIR`: The nghttp2 include directory. +- `NGHTTP2_LIBRARY`: Path to `nghttp2` library. +- `NGHTTP3_INCLUDE_DIR`: The nghttp3 include directory. +- `NGHTTP3_LIBRARY`: Path to `nghttp3` library. +- `NGTCP2_INCLUDE_DIR`: The ngtcp2 include directory. +- `NGTCP2_LIBRARY`: Path to `ngtcp2` library. +- `NETTLE_INCLUDE_DIR`: The nettle include directory. +- `NETTLE_LIBRARY`: Path to `nettle` library. +- `PTHREAD_LIBRARY`: Path to `pthread` library. (for Rustls) +- `QUICHE_INCLUDE_DIR`: The quiche include directory. +- `QUICHE_LIBRARY`: Path to `quiche` library. +- `RUSTLS_INCLUDE_DIR`: The Rustls include directory. +- `RUSTLS_LIBRARY`: Path to `rustls` library. +- `WATT_ROOT`: Set this variable to the root installation of Watt-32. +- `WOLFSSH_INCLUDE_DIR`: The wolfSSH include directory. +- `WOLFSSH_LIBRARY`: Path to `wolfssh` library. +- `WOLFSSL_INCLUDE_DIR`: The wolfSSL include directory. +- `WOLFSSL_LIBRARY`: Path to `wolfssl` library. +- `ZSTD_INCLUDE_DIR`: The zstd include directory. +- `ZSTD_LIBRARY`: Path to `zstd` library. + +## Test tools + +- `APXS`: Default: `apxs` +- `CADDY`: Default: `caddy` +- `HTTPD_NGHTTPX`: Default: `nghttpx` +- `HTTPD`: Default: `apache2` +- `TEST_NGHTTPX`: Default: `nghttpx` +- `VSFTPD`: Default: `vsftps` + +# Migrating from Visual Studio IDE Project Files + +We recommend using CMake to build curl with MSVC. + +The project build files reside in project/Windows/VC\* for VS2010, VS2010 and +VS2013 respectively. + +These CMake Visual Studio generators require CMake v3.24 or older. You can +download them from . + +You can also use `-G "NMake Makefiles"`, which is supported by all CMake +versions. + +Configuration element | Equivalent CMake options +:-------------------------------- | :-------------------------------- +`VC10` | `-G "Visual Studio 10 2010"` +`VC11` | `-G "Visual Studio 11 2012"` +`VC12` | `-G "Visual Studio 12 2013"` +`x64` | `-A x64` +`Win32` | `-A Win32` +`DLL` | `BUILD_SHARED_LIBS=ON`, `BUILD_STATIC_LIBS=OFF`, (default) +`LIB` | `BUILD_SHARED_LIBS=OFF`, `BUILD_STATIC_LIBS=ON` +`Debug` | `CMAKE_BUILD_TYPE=Debug` (`-G "NMake Makefiles"` only) +`Release` | `CMAKE_BUILD_TYPE=Release` (`-G "NMake Makefiles"` only) +`DLL Windows SSPI` | `CURL_USE_SCHANNEL=ON` (with SSPI enabled by default) +`DLL OpenSSL` | `CURL_USE_OPENSSL=ON`, optional: `OPENSSL_ROOT_DIR`, `OPENSSL_USE_STATIC_LIBS=ON` +`DLL libssh2` | `CURL_USE_LIBSSH2=ON`, optional: `LIBSSH2_INCLUDE_DIR`, `LIBSSH2_LIBRARY` +`DLL WinIDN` | `USE_WIN32_IDN=ON` + +For example these commands: + + > cd projects + > ./generate.bat VC12 + > msbuild "-property:Configuration=DLL Debug - DLL Windows SSPI - DLL WinIDN" Windows/VC12/curl-all.sln + +translate to: + + > cmake . -G "Visual Studio 12 2013" -A x64 -DCURL_USE_SCHANNEL=ON -DUSE_WIN32_IDN=ON -DCURL_USE_LIBPSL=OFF + > cmake --build . --config Debug --parallel + +We do *not* specify `-DCMAKE_BUILD_TYPE=Debug` here as we might do for the +`"NMake Makefiles"` generator because the Visual Studio generators are +[multi-config generators](https://cmake.org/cmake/help/latest/prop_gbl/GENERATOR_IS_MULTI_CONFIG.html) +and therefore ignore the value of `CMAKE_BUILD_TYPE`. + +# Migrating from winbuild builds + +We recommend CMake to build curl with MSVC. The winbuild build method is +deprecated and may be dropped in a future release. + +In CMake you can customize the path of dependencies by passing the absolute +header path and the full path of the library via `*_INCLUDE_DIR` and +`*_LIBRARY` options (see the complete list in the option listing above). +The full path to the library can point to a static library or an import +library, which defines if the dependency is linked as a dll or statically. +For OpenSSL this works +[differently](https://cmake.org/cmake/help/latest/module/FindOpenSSL.html): +You can pass the root directory of the OpenSSL installation via +`OPENSSL_ROOT_DIR`, then pass `OPENSSL_USE_STATIC_LIBS=ON` to select static +libs. + +winbuild options | Equivalent CMake options +:-------------------------------- | :-------------------------------- +`DEBUG` | `CMAKE_BUILD_TYPE=Debug` +`GEN_PDB` | `CMAKE_EXE_LINKER_FLAGS=/Fd`, `CMAKE_SHARED_LINKER_FLAGS=/Fd` +`LIB_NAME_DLL`, `LIB_NAME_STATIC` | `IMPORT_LIB_SUFFIX`, `LIBCURL_OUTPUT_NAME`, `STATIC_LIB_SUFFIX` +`VC`: `` | see the CMake [Visual Studio generators](https://cmake.org/cmake/help/latest/manual/cmake-generators.7.html#visual-studio-generators) +`MACHINE`: `x64`, `x86` | `-A x64`, `-A Win32` +`MODE`: `dll`, `static` | `BUILD_SHARED_LIBS=ON/OFF`, `BUILD_STATIC_LIBS=ON/OFF`, `BUILD_STATIC_CURL=ON/OFF` (default: dll) +`RTLIBCFG`: `static` | `CURL_STATIC_CRT=ON` +`ENABLE_IDN` | `USE_WIN32_IDN=ON` +`ENABLE_IPV6` | `ENABLE_IPV6=ON` +`ENABLE_MSH3` | `USE_MSH3=ON` +`ENABLE_NGHTTP2` | `USE_NGHTTP2=ON` +`ENABLE_OPENSSL_AUTO_LOAD_CONFIG` | `CURL_DISABLE_OPENSSL_AUTO_LOAD_CONFIG=OFF` (default) +`ENABLE_SCHANNEL` | `CURL_USE_SCHANNEL=ON` +`ENABLE_SSPI` | `CURL_WINDOWS_SSPI=ON` (default with Schannel) +`ENABLE_UNICODE` | `ENABLE_UNICODE=ON` +`WITH_PREFIX` | `CMAKE_INSTALL_PREFIX=` +`WITH_DEVEL` | see individual `*_INCLUDE_DIR` and `*_LIBRARY` options and `OPENSSL_ROOT_DIR` +`WITH_CARES`, `CARES_PATH` | `ENABLE_ARES=ON`, optional: `CARES_INCLUDE_DIR`, `CARES_LIBRARY` +`WITH_MBEDTLS`, `MBEDTLS_PATH` | `CURL_USE_MBEDTLS=ON`, optional: `MBEDTLS_INCLUDE_DIR`, `MBEDTLS_LIBRARY`, `MBEDX509_LIBRARY`, `MBEDCRYPTO_LIBRARY` +`WITH_MSH3`, `MSH_PATH` | `USE_MSH3=ON`, optional: `MSH3_INCLUDE_DIR`, `MSH3_LIBRARY` +`WITH_NGHTTP2`, `NGHTTP2_PATH` | `USE_NGHTTP2=ON`, optional: `NGHTTP2_INCLUDE_DIR`, `NGHTTP2_LIBRARY` +`WITH_SSH`, `SSH_PATH` | `CURL_USE_LIBSSH=ON`, optional: `LIBSSH_INCLUDE_DIR`, `LIBSSH_LIBRARY` +`WITH_SSH2`, `SSH2_PATH` | `CURL_USE_LIBSSH2=ON`, optional: `LIBSSH2_INCLUDE_DIR`, `LIBSSH2_LIBRARY` +`WITH_SSL`, `SSL_PATH` | `CURL_USE_OPENSSL=ON`, optional: `OPENSSL_ROOT_DIR`, `OPENSSL_USE_STATIC_LIBS=ON` +`WITH_WOLFSSL`, `WOLFSSL_PATH` | `CURL_USE_WOLFSSL=ON`, optional: `WOLFSSL_INCLUDE_DIR`, `WOLFSSL_LIBRARY` +`WITH_ZLIB`, `ZLIB_PATH` | `CURL_ZLIB=ON`, optional: `ZLIB_INCLUDE_DIR`, `ZLIB_LIBRARY` + +For example this command-line: + + > nmake -f Makefile.vc VC=17 MACHINE=x64 DEBUG=ON mode=dll SSL_PATH=C:\OpenSSL WITH_SSL=dll ENABLE_UNICODE=ON + +translates to: + + > cmake . -G "Visual Studio 17 2022" -A x64 -DBUILD_SHARED_LIBS=ON -DOPENSSL_ROOT_DIR=C:\OpenSSL -DCURL_USE_OPENSSL=ON -DENABLE_UNICODE=ON -DCURL_USE_LIBPSL=OFF + > cmake --build . --config Debug + +We use `--config` with `cmake --build` because the Visual Studio CMake +generators are multi-config and therefore ignore `CMAKE_BUILD_TYPE`. diff --git a/deps/curl/docs/INSTALL.md b/deps/curl/docs/INSTALL.md new file mode 100644 index 00000000..c6a798b8 --- /dev/null +++ b/deps/curl/docs/INSTALL.md @@ -0,0 +1,667 @@ + + +# How to install curl and libcurl + +## Installing Binary Packages + +Lots of people download binary distributions of curl and libcurl. This +document does not describe how to install curl or libcurl using such a binary +package. This document describes how to compile, build and install curl and +libcurl from source code. + +## Building using vcpkg + +You can download and install curl and libcurl using the [vcpkg](https://github.com/Microsoft/vcpkg/) dependency manager: + + git clone https://github.com/Microsoft/vcpkg.git + cd vcpkg + ./bootstrap-vcpkg.sh + ./vcpkg integrate install + vcpkg install curl[tool] + +The curl port in vcpkg is kept up to date by Microsoft team members and +community contributors. If the version is out of date, please [create an issue +or pull request](https://github.com/Microsoft/vcpkg) on the vcpkg repository. + +## Building from git + +If you get your code off a git repository instead of a release tarball, see +the `GIT-INFO.md` file in the root directory for specific instructions on how +to proceed. + +# Unix + +A normal Unix installation is made in three or four steps (after you have +unpacked the source archive): + + ./configure --with-openssl [--with-gnutls --with-wolfssl] + make + make test (optional) + make install + +(Adjust the configure line accordingly to use the TLS library you want.) + +You probably need to be root when doing the last command. + +Get a full listing of all available configure options by invoking it like: + + ./configure --help + +If you want to install curl in a different file hierarchy than `/usr/local`, +specify that when running configure: + + ./configure --prefix=/path/to/curl/tree + +If you have write permission in that directory, you can do 'make install' +without being root. An example of this would be to make a local install in +your own home directory: + + ./configure --prefix=$HOME + make + make install + +The configure script always tries to find a working SSL library unless +explicitly told not to. If you have OpenSSL installed in the default search +path for your compiler/linker, you do not need to do anything special. If you +have OpenSSL installed in `/usr/local/ssl`, you can run configure like: + + ./configure --with-openssl + +If you have OpenSSL installed somewhere else (for example, `/opt/OpenSSL`) and +you have pkg-config installed, set the pkg-config path first, like this: + + env PKG_CONFIG_PATH=/opt/OpenSSL/lib/pkgconfig ./configure --with-openssl + +Without pkg-config installed, use this: + + ./configure --with-openssl=/opt/OpenSSL + +If you insist on forcing a build without SSL support, you can run configure +like this: + + ./configure --without-ssl + +If you have OpenSSL installed, but with the libraries in one place and the +header files somewhere else, you have to set the `LDFLAGS` and `CPPFLAGS` +environment variables prior to running configure. Something like this should +work: + + CPPFLAGS="-I/path/to/ssl/include" LDFLAGS="-L/path/to/ssl/lib" ./configure + +If you have shared SSL libs installed in a directory where your runtime +linker does not find them (which usually causes configure failures), you can +provide this option to gcc to set a hard-coded path to the runtime linker: + + LDFLAGS=-Wl,-R/usr/local/ssl/lib ./configure --with-openssl + +## Static builds + +To force a static library compile, disable the shared library creation by +running configure like: + + ./configure --disable-shared + +The configure script is primarily done to work with shared/dynamic third party +dependencies. When linking with shared libraries, the dependency "chain" is +handled automatically by the library loader - on all modern systems. + +If you instead link with a static library, you need to provide all the +dependency libraries already at the link command line. + +Figuring out all the dependency libraries for a given library is hard, as it +might involve figuring out the dependencies of the dependencies and they vary +between platforms and change between versions. + +When using static dependencies, the build scripts mostly assume that you, the +user, provide all the necessary additional dependency libraries as additional +arguments in the build. With configure, by setting `LIBS` or `LDFLAGS` on the +command line. + +Building statically is not for the faint of heart. + +## Debug + +If you are a curl developer and use gcc, you might want to enable more debug +options with the `--enable-debug` option. + +curl can be built to use a whole range of libraries to provide various useful +services, and configure tries to auto-detect a decent default. If you want to +alter it, you can select how to deal with each individual library. + +## Select TLS backend + +These options are provided to select the TLS backend to use. + + - AmiSSL: `--with-amissl` + - BearSSL: `--with-bearssl` + - GnuTLS: `--with-gnutls`. + - mbedTLS: `--with-mbedtls` + - OpenSSL: `--with-openssl` (also for BoringSSL, AWS-LC, LibreSSL, and quictls) + - rustls: `--with-rustls` + - Schannel: `--with-schannel` + - Secure Transport: `--with-secure-transport` + - wolfSSL: `--with-wolfssl` + +You can build curl with *multiple* TLS backends at your choice, but some TLS +backends cannot be combined: if you build with an OpenSSL fork (or wolfSSL), +you cannot add another OpenSSL fork (or wolfSSL) simply because they have +conflicting identical symbol names. + +When you build with multiple TLS backends, you can select the active one at +runtime when curl starts up. + +## MultiSSL and HTTP/3 + +HTTP/3 needs QUIC and QUIC needs TLS. Building libcurl with HTTP/3 and QUIC +support is not compatible with the MultiSSL feature: they are mutually +exclusive. If you need MultiSSL in your build, you cannot have HTTP/3 support +and vice versa. + +libcurl can only use a single TLS library with QUIC and that *same* TLS +library needs to be used for the other TLS using protocols. + +## Configure finding libs in wrong directory + +When the configure script checks for third-party libraries, it adds those +directories to the `LDFLAGS` variable and then tries linking to see if it +works. When successful, the found directory is kept in the `LDFLAGS` variable +when the script continues to execute and do more tests and possibly check for +more libraries. + +This can make subsequent checks for libraries wrongly detect another +installation in a directory that was previously added to `LDFLAGS` by another +library check. + +# Windows + +Building for Windows XP is required as a minimum. + +You can build curl with: + +- Microsoft Visual Studio 2008 v9.0 or later (`_MSC_VER >= 1500`) +- MinGW-w64 + +## Building Windows DLLs and C runtime (CRT) linkage issues + + As a general rule, building a DLL with static CRT linkage is highly + discouraged, and intermixing CRTs in the same app is something to avoid at + any cost. + + Reading and comprehending Microsoft Knowledge Base articles KB94248 and + KB140584 is a must for any Windows developer. Especially important is full + understanding if you are not going to follow the advice given above. + + - [How To Use the C Runtime](https://support.microsoft.com/help/94248/how-to-use-the-c-run-time) + - [Runtime Library Compiler Options](https://docs.microsoft.com/cpp/build/reference/md-mt-ld-use-run-time-library) + - [Potential Errors Passing CRT Objects Across DLL Boundaries](https://docs.microsoft.com/cpp/c-runtime-library/potential-errors-passing-crt-objects-across-dll-boundaries) + +If your app is misbehaving in some strange way, or it is suffering from memory +corruption, before asking for further help, please try first to rebuild every +single library your app uses as well as your app using the debug +multi-threaded dynamic C runtime. + + If you get linkage errors read section 5.7 of the FAQ document. + +## Cygwin + +Almost identical to the Unix installation. Run the configure script in the +curl source tree root with `sh configure`. Make sure you have the `sh` +executable in `/bin/` or you see the configure fail toward the end. + +Run `make` + +## MS-DOS + +You can use either autotools or cmake: + + ./configure \ + CC=/path/to/djgpp/bin/i586-pc-msdosdjgpp-gcc \ + AR=/path/to/djgpp/bin/i586-pc-msdosdjgpp-ar \ + RANLIB=/path/to/djgpp/bin/i586-pc-msdosdjgpp-ranlib \ + WATT_ROOT=/path/to/djgpp/net/watt \ + --host=i586-pc-msdosdjgpp \ + --with-openssl=/path/to/djgpp \ + --with-zlib=/path/to/djgpp \ + --without-libpsl \ + --disable-shared + + cmake . \ + -DCMAKE_SYSTEM_NAME=DOS \ + -DCMAKE_C_COMPILER_TARGET=i586-pc-msdosdjgpp \ + -DCMAKE_C_COMPILER=/path/to/djgpp/bin/i586-pc-msdosdjgpp-gcc \ + -DWATT_ROOT=/path/to/djgpp/net/watt \ + -DOPENSSL_INCLUDE_DIR=/path/to/djgpp/include \ + -DOPENSSL_SSL_LIBRARY=/path/to/djgpp/lib/libssl.a \ + -DOPENSSL_CRYPTO_LIBRARY=/path/to/djgpp/lib/libcrypto.a \ + -DZLIB_INCLUDE_DIR=/path/to/djgpp/include \ + -DZLIB_LIBRARY=/path/to/djgpp/lib/libz.a \ + -DCURL_USE_LIBPSL=OFF + +Notes: + + - Requires DJGPP 2.04 or upper. + + - Compile Watt-32 (and OpenSSL) with the same version of DJGPP. Otherwise + things go wrong because things like FS-extensions and `errno` values have + been changed between releases. + +## AmigaOS + +You can use either autotools or cmake: + + ./configure \ + CC=/opt/amiga/bin/m68k-amigaos-gcc \ + AR=/opt/amiga/bin/m68k-amigaos-ar \ + RANLIB=/opt/amiga/bin/m68k-amigaos-ranlib \ + --host=m68k-amigaos \ + --with-amissl \ + CFLAGS='-O0 -msoft-float -mcrt=clib2' \ + CPPFLAGS=-I/path/to/AmiSSL/Developer/include \ + LDFLAGS=-L/path/to/AmiSSL/Developer/lib/AmigaOS3 \ + LIBS='-lnet -lm -latomic' \ + --without-libpsl \ + --disable-shared + + cmake . \ + -DAMIGA=1 \ + -DCMAKE_SYSTEM_NAME=Generic \ + -DCMAKE_C_COMPILER_TARGET=m68k-unknown-amigaos \ + -DCMAKE_C_COMPILER=/opt/amiga/bin/m68k-amigaos-gcc \ + -DCMAKE_C_FLAGS='-O0 -msoft-float -mcrt=clib2' \ + -DAMISSL_INCLUDE_DIR=/path/to/AmiSSL/Developer/include \ + -DAMISSL_STUBS_LIBRARY=/path/to/AmiSSL/Developer/lib/AmigaOS3/libamisslstubs.a \ + -DAMISSL_AUTO_LIBRARY=/path/to/AmiSSL/Developer/lib/AmigaOS3/libamisslauto.a \ + -DCURL_USE_LIBPSL=OFF + +## Disabling Specific Protocols in Windows builds + +The configure utility, unfortunately, is not available for the Windows +environment, therefore, you cannot use the various disable-protocol options of +the configure utility on this platform. + +You can use specific defines to disable specific protocols and features. See +[CURL-DISABLE](CURL-DISABLE.md) for the full list. + +If you want to set any of these defines you have the following options: + + - Modify `lib/config-win32.h` + - Modify `lib/curl_setup.h` + - Modify `winbuild/Makefile.vc` + - Modify the "Preprocessor Definitions" in the libcurl project + +Note: The pre-processor settings can be found using the Visual Studio IDE +under "Project -> Properties -> Configuration Properties -> C/C++ -> +Preprocessor". + +## Using BSD-style lwIP instead of Winsock TCP/IP stack in Windows builds + +In order to compile libcurl and curl using BSD-style lwIP TCP/IP stack it is +necessary to make the definition of the preprocessor symbol `USE_LWIPSOCK` +visible to libcurl and curl compilation processes. To set this definition you +have the following alternatives: + + - Modify `lib/config-win32.h` + - Modify `winbuild/Makefile.vc` + - Modify the "Preprocessor Definitions" in the libcurl project + +Note: The pre-processor settings can be found using the Visual Studio IDE +under "Project -> Properties -> Configuration Properties -> C/C++ -> +Preprocessor". + +Once that libcurl has been built with BSD-style lwIP TCP/IP stack support, in +order to use it with your program it is mandatory that your program includes +lwIP header file `` (or another lwIP header that includes this) +before including any libcurl header. Your program does not need the +`USE_LWIPSOCK` preprocessor definition which is for libcurl internals only. + +Compilation has been verified with lwIP 1.4.0. + +This BSD-style lwIP TCP/IP stack support must be considered experimental given +that it has been verified that lwIP 1.4.0 still needs some polish, and libcurl +might yet need some additional adjustment. + +## Important static libcurl usage note + +When building an application that uses the static libcurl library on Windows, +you must add `-DCURL_STATICLIB` to your `CFLAGS`. Otherwise the linker looks +for dynamic import symbols. + +## Legacy Windows and SSL + +Schannel (from Windows SSPI), is the native SSL library in Windows. However, +Schannel in Windows <= XP is unable to connect to servers that no longer +support the legacy handshakes and algorithms used by those versions. If you +are using curl in one of those earlier versions of Windows you should choose +another SSL backend such as OpenSSL. + +# Apple Platforms (macOS, iOS, tvOS, watchOS, and their simulator counterparts) + +On modern Apple operating systems, curl can be built to use Apple's SSL/TLS +implementation, Secure Transport, instead of OpenSSL. To build with Secure +Transport for SSL/TLS, use the configure option `--with-secure-transport`. + +When Secure Transport is in use, the curl options `--cacert` and `--capath` +and their libcurl equivalents, are ignored, because Secure Transport uses the +certificates stored in the Keychain to evaluate whether or not to trust the +server. This, of course, includes the root certificates that ship with the OS. +The `--cert` and `--engine` options, and their libcurl equivalents, are +currently unimplemented in curl with Secure Transport. + +In general, a curl build for an Apple `ARCH/SDK/DEPLOYMENT_TARGET` combination +can be taken by providing appropriate values for `ARCH`, `SDK`, `DEPLOYMENT_TARGET` +below and running the commands: + +```bash +# Set these three according to your needs +export ARCH=x86_64 +export SDK=macosx +export DEPLOYMENT_TARGET=10.8 + +export CFLAGS="-arch $ARCH -isysroot $(xcrun -sdk $SDK --show-sdk-path) -m$SDK-version-min=$DEPLOYMENT_TARGET" +./configure --host=$ARCH-apple-darwin --prefix $(pwd)/artifacts --with-secure-transport +make -j8 +make install +``` + +With CMake: + +```bash +cmake . \ + -DCMAKE_OSX_ARCHITECTURES=x86_64 \ + -DCMAKE_OSX_DEPLOYMENT_TARGET=10.8 \ + -DCMAKE_OSX_SYSROOT="$(xcrun --sdk macosx --show-sdk-path)" +``` + +The above command lines build curl for macOS platform with `x86_64` +architecture and `10.8` as deployment target. + +Here is an example for iOS device: + +```bash +export ARCH=arm64 +export SDK=iphoneos +export DEPLOYMENT_TARGET=11.0 + +export CFLAGS="-arch $ARCH -isysroot $(xcrun -sdk $SDK --show-sdk-path) -m$SDK-version-min=$DEPLOYMENT_TARGET" +./configure --host=$ARCH-apple-darwin --prefix $(pwd)/artifacts --with-secure-transport +make -j8 +make install +``` + +With CMake (3.16 or upper recommended): + +```bash +cmake . \ + -DCMAKE_SYSTEM_NAME=iOS \ + -DCMAKE_OSX_ARCHITECTURES=arm64 \ + -DCMAKE_OSX_DEPLOYMENT_TARGET=11.0 +``` + +Another example for watchOS simulator for macs with Apple Silicon: + +```bash +export ARCH=arm64 +export SDK=watchsimulator +export DEPLOYMENT_TARGET=5.0 + +export CFLAGS="-arch $ARCH -isysroot $(xcrun -sdk $SDK --show-sdk-path) -m$SDK-version-min=$DEPLOYMENT_TARGET" +./configure --host=$ARCH-apple-darwin --prefix $(pwd)/artifacts --with-secure-transport +make -j8 +make install +``` + +In all above, the built libraries and executables can be found in the +`artifacts` folder. + +# Android + +When building curl for Android you can you CMake or curl's `configure` script. + +Before you can build curl for Android, you need to install the Android NDK +first. This can be done using the SDK Manager that is part of Android Studio. +Once you have installed the Android NDK, you need to figure out where it has +been installed and then set up some environment variables before launching +the build. + +Examples to compile for `aarch64` and API level 29: + +with CMake, where `ANDROID_NDK_HOME` points into your NDK: + + cmake . \ + -DANDROID_ABI=arm64-v8a \ + -DANDROID_PLATFORM=android-29 \ + -DCMAKE_TOOLCHAIN_FILE="$ANDROID_NDK_HOME/build/cmake/android.toolchain.cmake" \ + -DCURL_ENABLE_SSL=OFF \ + -DCURL_USE_LIBPSL=OFF + +with `configure`, on macOS: + +```bash +export ANDROID_NDK_HOME=~/Library/Android/sdk/ndk/25.1.8937393 # Point into your NDK. +export HOST_TAG=darwin-x86_64 # Same tag for Apple Silicon. Other OS values here: https://developer.android.com/ndk/guides/other_build_systems#overview +export TOOLCHAIN=$ANDROID_NDK_HOME/toolchains/llvm/prebuilt/$HOST_TAG +export AR=$TOOLCHAIN/bin/llvm-ar +export AS=$TOOLCHAIN/bin/llvm-as +export CC=$TOOLCHAIN/bin/aarch64-linux-android29-clang +export CXX=$TOOLCHAIN/bin/aarch64-linux-android29-clang++ +export LD=$TOOLCHAIN/bin/ld +export RANLIB=$TOOLCHAIN/bin/llvm-ranlib +export STRIP=$TOOLCHAIN/bin/llvm-strip +``` + +When building on Linux or targeting other API levels or architectures, you need +to adjust those variables accordingly. After that you can build curl like this: + + ./configure --host aarch64-linux-android --with-pic --disable-shared + +Note that this does not give you SSL/TLS support. If you need SSL/TLS, you +have to build curl with a SSL/TLS library, e.g. OpenSSL, because it is +impossible for curl to access Android's native SSL/TLS layer. To build curl +for Android using OpenSSL, follow the OpenSSL build instructions and then +install `libssl.a` and `libcrypto.a` to `$TOOLCHAIN/sysroot/usr/lib` and copy +`include/openssl` to `$TOOLCHAIN/sysroot/usr/include`. Now you can build curl +for Android using OpenSSL like this: + +```bash +LIBS="-lssl -lcrypto -lc++" # For OpenSSL/BoringSSL. In general, you need to the SSL/TLS layer's transitive dependencies if you are linking statically. +./configure --host aarch64-linux-android --with-pic --disable-shared --with-openssl="$TOOLCHAIN/sysroot/usr" +``` + +# IBM i + +For IBM i (formerly OS/400), you can use curl in two different ways: + +- Natively, running in the **ILE**. The obvious use is being able to call curl + from ILE C or RPG applications. +- You need to build this from source. See `packages/OS400/README` for the ILE + specific build instructions. +- In the **PASE** environment, which runs AIX programs. curl is built as it + would be on AIX. +- IBM provides builds of curl in their Yum repository for PASE software. +- To build from source, follow the Unix instructions. + +There are some additional limitations and quirks with curl on this platform; +they affect both environments. + +## Multi-threading notes + +By default, jobs in IBM i does not start with threading enabled. (Exceptions +include interactive PASE sessions started by `QP2TERM` or SSH.) If you use +curl in an environment without threading when options like asynchronous DNS +were enabled, you get messages like: + +``` +getaddrinfo() thread failed to start +``` + +Do not panic. curl and your program are not broken. You can fix this by: + +- Set the environment variable `QIBM_MULTI_THREADED` to `Y` before starting + your program. This can be done at whatever scope you feel is appropriate. +- Alternatively, start the job with the `ALWMLTTHD` parameter set to `*YES`. + +# Cross compile + +Download and unpack the curl package. + +`cd` to the new directory. (e.g. `cd curl-7.12.3`) + +Set environment variables to point to the cross-compile toolchain and call +configure with any options you need. Be sure and specify the `--host` and +`--build` parameters at configuration time. The following script is an example +of cross-compiling for the IBM 405GP PowerPC processor using the toolchain on +Linux. + +```bash +#! /bin/sh + +export PATH=$PATH:/opt/hardhat/devkit/ppc/405/bin +export CPPFLAGS="-I/opt/hardhat/devkit/ppc/405/target/usr/include" +export AR=ppc_405-ar +export AS=ppc_405-as +export LD=ppc_405-ld +export RANLIB=ppc_405-ranlib +export CC=ppc_405-gcc +export NM=ppc_405-nm + +./configure --target=powerpc-hardhat-linux + --host=powerpc-hardhat-linux + --build=i586-pc-linux-gnu + --prefix=/opt/hardhat/devkit/ppc/405/target/usr/local + --exec-prefix=/usr/local +``` + +The `--prefix` parameter specifies where curl gets installed. If `configure` +completes successfully, do `make` and `make install` as usual. + +In some cases, you may be able to simplify the above commands to as little as: + + ./configure --host=ARCH-OS + +# REDUCING SIZE + +There are a number of configure options that can be used to reduce the size of +libcurl for embedded applications where binary size is an important factor. +First, be sure to set the `CFLAGS` variable when configuring with any relevant +compiler optimization flags to reduce the size of the binary. For gcc, this +would mean at minimum the `-Os` option, and others like the following that +may be relevant in some environments: `-march=X`, `-mthumb`, `-m32`, +`-mdynamic-no-pic`, `-flto`, `-fdata-sections`, `-ffunction-sections`, +`-fno-unwind-tables`, `-fno-asynchronous-unwind-tables`, +`-fno-record-gcc-switches`, `-fsection-anchors`, `-fno-plt`, +`-Wl,--gc-sections`, `-Wl,-Bsymbolic`, `-Wl,-s`, + +For example, this is how to combine a few of these options: + + ./configure CC=gcc CFLAGS='-Os -ffunction-sections' LDFLAGS='-Wl,--gc-sections'... + +Note that newer compilers often produce smaller code than older versions +due to improved optimization. + +Be sure to specify as many `--disable-` and `--without-` flags on the +configure command-line as you can to disable all the libcurl features that you +know your application is not going to need. Besides specifying the +`--disable-PROTOCOL` flags for all the types of URLs your application do not +use, here are some other flags that can reduce the size of the library by +disabling support for some feature (run `./configure --help` to see them all): + + - `--disable-alt-svc` (HTTP Alt-Svc) + - `--disable-ares` (the C-ARES DNS library) + - `--disable-cookies` (HTTP cookies) + - `--disable-basic-auth` (cryptographic authentication) + - `--disable-bearer-auth` (cryptographic authentication) + - `--disable-digest-auth` (cryptographic authentication) + - `--disable-kerberos-auth` (cryptographic authentication) + - `--disable-negotiate-auth` (cryptographic authentication) + - `--disable-aws` (cryptographic authentication) + - `--disable-dateparse` (date parsing for time conditionals) + - `--disable-dnsshuffle` (internal server load spreading) + - `--disable-doh` (DNS-over-HTTP) + - `--disable-form-api` (POST form API) + - `--disable-get-easy-options` (lookup easy options at runtime) + - `--disable-headers-api` (API to access headers) + - `--disable-hsts` (HTTP Strict Transport Security) + - `--disable-http-auth` (all HTTP authentication) + - `--disable-ipv6` (IPv6) + - `--disable-libcurl-option` (--libcurl C code generation support) + - `--disable-manual` (--manual built-in documentation) + - `--disable-mime` (MIME API) + - `--disable-netrc` (.netrc file) + - `--disable-ntlm` (NTLM authentication) + - `--disable-ntlm-wb` (NTLM winbind) + - `--disable-progress-meter` (graphical progress meter in library) + - `--disable-proxy` (HTTP and SOCKS proxies) + - `--disable-pthreads` (multi-threading) + - `--disable-socketpair` (socketpair for asynchronous name resolving) + - `--disable-threaded-resolver` (threaded name resolver) + - `--disable-tls-srp` (Secure Remote Password authentication for TLS) + - `--disable-unix-sockets` (Unix sockets) + - `--disable-verbose` (eliminates debugging strings and error code strings) + - `--disable-versioned-symbols` (versioned symbols) + - `--enable-symbol-hiding` (eliminates unneeded symbols in the shared library) + - `--without-brotli` (Brotli on-the-fly decompression) + - `--without-libpsl` (Public Suffix List in cookies) + - `--without-nghttp2` (HTTP/2 using nghttp2) + - `--without-ngtcp2` (HTTP/2 using ngtcp2) + - `--without-zstd` (Zstd on-the-fly decompression) + - `--without-libidn2` (internationalized domain names) + - `--without-librtmp` (RTMP) + - `--without-ssl` (SSL/TLS) + - `--without-zlib` (on-the-fly decompression) + +Be sure also to strip debugging symbols from your binaries after compiling +using 'strip' or an option like `-s`. If space is really tight, you may be able +to gain a few bytes by removing some unneeded sections of the shared library +using the -R option to objcopy (e.g. the .comment section). + +Using these techniques it is possible to create a basic HTTP-only libcurl +shared library for i386 Linux platforms that is only 130 KiB in size +(as of libcurl version 8.6.0, using gcc 13.2.0). + +You may find that statically linking libcurl to your application results in a +lower total size than dynamically linking. + +The curl test harness can detect the use of some, but not all, of the +`--disable` statements suggested above. Use of these can cause tests relying +on those features to fail. The test harness can be manually forced to skip the +relevant tests by specifying certain key words on the `runtests.pl` command +line. Following is a list of appropriate key words for those configure options +that are not automatically detected: + + - `--disable-cookies` !cookies + - `--disable-dateparse` !RETRY-AFTER !`CURLOPT_TIMECONDITION` !`CURLINFO_FILETIME` !`If-Modified-Since` !`curl_getdate` !`-z` + - `--disable-libcurl-option` !`--libcurl` + - `--disable-verbose` !verbose\ logs + +# Ports + +This is a probably incomplete list of known CPU architectures and operating +systems that curl has been compiled for. If you know a system curl compiles +and runs on, that is not listed, please let us know. + +## 104 Operating Systems + + AIX, AmigaOS, Android, ArcoOS, Aros, Atari FreeMiNT, BeOS, Blackberry + 10, Blackberry Tablet OS, Cell OS, CheriBSD, Chrome OS, Cisco IOS, + DG/UX, DR DOS, Dragonfly BSD, eCOS, FreeBSD, FreeDOS, FreeRTOS, Fuchsia, + Garmin OS, Genode, Haiku, HardenedBSD, HP-UX, Hurd, IBM I, illumos, + Integrity, iOS, ipadOS, IRIX, Linux, Lua RTOS, Mac OS 9, macOS, Maemo, + Mbed, Meego, Micrium, MINIX, Minoca, Moblin, MorphOS, MPE/iX, MS-DOS, + NCR MP-RAS, NetBSD, Netware, NextStep, Nintendo 3DS Nintendo Switch, + NonStop OS, NuttX, OpenBSD, OpenStep, Orbis OS, OS/2, OS21, Plan 9, + PlayStation Portable, QNX, Qubes OS, ReactOS, Redox, RISC OS, ROS, + RTEMS, Sailfish OS, SCO Unix, Serenity, SINIX-Z, SkyOS, software, + Solaris, Sortix, SunOS, Syllable OS, Symbian, Tizen, TPF, Tru64, tvOS, + ucLinux, Ultrix, UNICOS, UnixWare, VMS, vxWorks, watchOS, Wear OS, + WebOS, Wii system Wii U, Windows CE, Windows, Xbox System, Xenix, z/OS, + z/TPF, z/VM, z/VSE, Zephyr + +## 28 CPU Architectures + + Alpha, ARC, ARM, AVR32, C-SKY, CompactRISC, Elbrus, ETRAX, HP-PA, Itanium, + LoongArch, m68k, m88k, MicroBlaze, MIPS, Nios, OpenRISC, POWER, PowerPC, + RISC-V, s390, SH4, SPARC, Tilera, VAX, x86, Xtensa, z/arch diff --git a/deps/curl/docs/INTERNALS.md b/deps/curl/docs/INTERNALS.md new file mode 100644 index 00000000..a0b1adc9 --- /dev/null +++ b/deps/curl/docs/INTERNALS.md @@ -0,0 +1,63 @@ + + +# curl internals + +The canonical libcurl internals documentation is now in the [everything +curl](https://everything.curl.dev/internals) book. This file lists supported +versions of libs and build tools. + +## Portability + + We write curl and libcurl to compile with C89 compilers on 32-bit and up + machines. Most of libcurl assumes more or less POSIX compliance but that is + not a requirement. + + We write libcurl to build and work with lots of third party tools, and we + want it to remain functional and buildable with these and later versions + (older versions may still work but is not what we work hard to maintain): + +## Dependencies + + We aim to support these or later versions. + + - OpenSSL 1.0.2a + - LibreSSL 2.9.1 + - GnuTLS 3.1.10 + - zlib 1.2.5.2 + - libssh2 1.2.8 + - c-ares 1.6.0 + - libssh 0.9.0 + - libidn2 2.0.0 + - wolfSSL 3.4.6 + - OpenLDAP 2.0 + - MIT Kerberos 1.2.4 + - Heimdal ? + - nghttp2 1.15.0 + - Winsock 2.2 (on Windows 95+ and Windows CE .NET 4.1+) + +## Build tools + + When writing code (mostly for generating stuff included in release tarballs) + we use a few "build tools" and we make sure that we remain functional with + these versions: + + - GNU Libtool 1.4.2 + - GNU Autoconf 2.59 + - GNU Automake 1.7 + - GNU M4 1.4 + - perl 5.8 + - roffit 0.5 + - cmake 3.7 + +Library Symbols +=============== + + All symbols used internally in libcurl must use a `Curl_` prefix if they are + used in more than a single file. Single-file symbols must be made static. + Public ("exported") symbols must use a `curl_` prefix. Public API functions + are marked with `CURL_EXTERN` in the public header files so that all others + can be hidden on platforms where this is possible. diff --git a/deps/curl/docs/IPFS.md b/deps/curl/docs/IPFS.md new file mode 100644 index 00000000..82dae943 --- /dev/null +++ b/deps/curl/docs/IPFS.md @@ -0,0 +1,133 @@ + + +# IPFS +For an overview about IPFS, visit the [IPFS project site](https://ipfs.tech/). + +In IPFS there are two protocols. IPFS and IPNS (their workings are explained in detail [here](https://docs.ipfs.tech/concepts/)). The ideal way to access data on the IPFS network is through those protocols. For example to access the Big Buck Bunny video the ideal way to access it is like: `ipfs://bafybeigagd5nmnn2iys2f3doro7ydrevyr2mzarwidgadawmamiteydbzi` + +## IPFS Gateways + +IPFS Gateway acts as a bridge between traditional HTTP clients and IPFS. +IPFS Gateway specifications of HTTP semantics can be found [here](https://specs.ipfs.tech/http-gateways/). + +### Deserialized responses + +By default, a gateway acts as a bridge between traditional HTTP clients and IPFS and performs necessary hash verification and deserialization. Through such gateway, users can download files, directories, and other content-addressed data stored with IPFS or IPNS as if they were stored in a traditional web server. + +### Verifiable responses + +By explicitly requesting [application/vnd.ipld.raw](https://www.iana.org/assignments/media-types/application/vnd.ipld.raw) or [application/vnd.ipld.car](https://www.iana.org/assignments/media-types/application/vnd.ipld.car) responses, by means defined in [Trustless Gateway Specification](https://specs.ipfs.tech/http-gateways/trustless-gateway/), the user is able to fetch raw content-addressed data and [perform hash verification themselves](https://docs.ipfs.tech/reference/http/gateway/#trustless-verifiable-retrieval). + +This enables users to use untrusted, public gateways without worrying they might return invalid/malicious bytes. + +## IPFS and IPNS protocol handling + +There are various ways to access data from the IPFS network. One such way is +through the concept of public +"[gateways](https://docs.ipfs.tech/concepts/ipfs-gateway/#overview)". The +short version is that entities can offer gateway services. An example here +that is hosted by Protocol Labs (who also makes IPFS) is `dweb.link` and +`ipfs.io`. Both sites expose gateway functionality. Getting a file through +`ipfs.io` looks like this: +`https://ipfs.io/ipfs/bafybeigagd5nmnn2iys2f3doro7ydrevyr2mzarwidgadawmamiteydbzi` + +If you were to be [running your own IPFS +node](https://docs.ipfs.tech/how-to/command-line-quick-start/) then you, by +default, also have a [local gateway](https://specs.ipfs.tech/http-gateways/) +running. In its default configuration the earlier example would then also work +in this link: + +`http://127.0.0.1:8080/ipfs/bafybeigagd5nmnn2iys2f3doro7ydrevyr2mzarwidgadawmamiteydbzi` + +## cURL handling of the IPFS protocols + +The IPFS integration in cURL hides this gateway logic for you. Instead of +providing a full URL to a file on IPFS like this: + +``` +curl http://127.0.0.1:8080/ipfs/bafybeigagd5nmnn2iys2f3doro7ydrevyr2mzarwidgadawmamiteydbzi +``` + +You can provide it with the IPFS protocol instead: +``` +curl ipfs://bafybeigagd5nmnn2iys2f3doro7ydrevyr2mzarwidgadawmamiteydbzi +``` + +With the IPFS protocol way of asking a file, cURL still needs to know the +gateway. curl essentially just rewrites the IPFS based URL to a gateway URL. + +### IPFS_GATEWAY environment variable + +If the `IPFS_GATEWAY` environment variable is found, its value is used as +gateway. + +### Automatic gateway detection + +When you provide no additional details to cURL then it: + +1. First looks for the `IPFS_GATEWAY` environment variable and use that if it + is set. +2. Looks for the file: `~/.ipfs/gateway`. If it can find that file then it + means that you have a local gateway running and that file contains the URL + to your local gateway. + +If cURL fails, you are presented with an error message and a link to this page +to the option most applicable to solving the issue. + +### `--ipfs-gateway` argument + +You can also provide a `--ipfs-gateway` argument to cURL. This overrules any +other gateway setting. curl does not fallback to the other options if the +provided gateway did not work. + +## Gateway redirects + +A gateway could redirect to another place. For example, `dweb.link` redirects +[path based](https://docs.ipfs.tech/how-to/address-ipfs-on-web/#path-gateway) +requests to [subdomain +based](https://docs.ipfs.tech/how-to/address-ipfs-on-web/#subdomain-gateway) +ones. A request using: + + curl ipfs://bafybeigagd5nmnn2iys2f3doro7ydrevyr2mzarwidgadawmamiteydbzi --ipfs-gateway https://dweb.link + +Which would be translated to: + + https://dweb.link/ipfs/bafybeigagd5nmnn2iys2f3doro7ydrevyr2mzarwidgadawmamiteydbzi + +redirects to: + + https://bafybeigagd5nmnn2iys2f3doro7ydrevyr2mzarwidgadawmamiteydbzi.ipfs.dweb.link + +If you trust this behavior from your gateway of choice then passing the `-L` +option follows the redirect. + +## Error messages and hints + +Depending on the arguments, cURL could present the user with an error. + +### Gateway file and environment variable + +cURL tried to look for the file: `~/.ipfs/gateway` but could not find it. It +also tried to look for the `IPFS_GATEWAY` environment variable but could not +find that either. This happens when no extra arguments are passed to cURL and +letting it try to figure it out [automatically](#automatic-gateway-detection). + +Any IPFS implementation that has gateway support should expose its URL in +`~/.ipfs/gateway`. If you are already running a gateway, make sure it exposes +the file where cURL expects to find it. + +Alternatively you could set the `IPFS_GATEWAY` environment variable or pass +the `--ipfs-gateway` flag to the cURL command. + +### Malformed gateway URL + +The command executed evaluates in an invalid URL. This could be anywhere in +the URL, but a likely point is a wrong gateway URL. + +Inspect the URL set via the `IPFS_GATEWAY` environment variable or passed with +the `--ipfs-gateway` flag. Alternatively opt to go for the +[automatic](#automatic-gateway-detection) gateway detection. diff --git a/deps/curl/docs/MAIL-ETIQUETTE.md b/deps/curl/docs/MAIL-ETIQUETTE.md new file mode 100644 index 00000000..3de77b17 --- /dev/null +++ b/deps/curl/docs/MAIL-ETIQUETTE.md @@ -0,0 +1,258 @@ + + +# Mail etiquette + +## About the lists + +### Mailing Lists + +The mailing lists we have are all listed and described on the [curl +website](https://curl.se/mail/). + +Each mailing list is targeted to a specific set of users and subjects, please +use the one or the ones that suit you the most. + +Each mailing list has hundreds up to thousands of readers, meaning that each +mail sent is received and read by a large number of people. People from +various cultures, regions, religions and continents. + +### Netiquette + +Netiquette is a common term for how to behave on the Internet. Of course, in +each particular group and subculture there are differences in what is +acceptable and what is considered good manners. + +This document outlines what we in the curl project consider to be good +etiquette, and primarily this focus on how to behave on and how to use our +mailing lists. + +### Do Not Mail a Single Individual + +Many people send one question to one person. One person gets many mails, and +there is only one person who can give you a reply. The question may be +something that other people would also like to ask. These other people have no +way to read the reply, but to ask the one person the question. The one person +consequently gets overloaded with mail. + +If you really want to contact an individual and perhaps pay for his or her +services, by all means go ahead, but if it is just another curl question, take +it to a suitable list instead. + +### Subscription Required + +All curl mailing lists require that you are subscribed to allow a mail to go +through to all the subscribers. + +If you post without being subscribed (or from a different mail address than +the one you are subscribed with), your mail is simply silently discarded. You +have to subscribe first, then post. + +The reason for this unfortunate and strict subscription policy is of course to +stop spam from pestering the lists. + +### Moderation of new posters + +Several of the curl mailing lists automatically make all posts from new +subscribers be moderated. After you have subscribed and sent your first mail +to a list, that mail is not let through to the list until a mailing list +administrator has verified that it is OK and permits it to get posted. + +Once a first post has been made that proves the sender is actually talking +about curl-related subjects, the moderation "flag" is switched off and future +posts go through without being moderated. + +The reason for this moderation policy is that we do suffer from spammers who +actually subscribe and send spam to our lists. + +### Handling trolls and spam + +Despite our good intentions and hard work to keep spam off the lists and to +maintain a friendly and positive atmosphere, there are times when spam and or +trolls get through. + +Troll - "someone who posts inflammatory, extraneous, or off-topic messages in +an online community" + +Spam - "use of electronic messaging systems to send unsolicited bulk messages" + +No matter what, we NEVER EVER respond to trolls or spammers on the list. If +you believe the list admin should do something in particular, contact them +off-list. The subject is taken care of as much as possible to prevent repeated +offenses, but responding on the list to such messages never leads to anything +good and only puts the light even more on the offender: which was the entire +purpose of it getting sent to the list in the first place. + +Do not feed the trolls. + +### How to unsubscribe + +You can unsubscribe the same way you subscribed in the first place. You go to +the page for the particular mailing list you are subscribed to and you enter +your email address and password and press the unsubscribe button. + +Also, the instructions to unsubscribe are included in the headers of every +mail that is sent out to all curl related mailing lists and there is a footer +in each mail that links to the "admin" page on which you can unsubscribe and +change other options. + +You NEVER EVER email the mailing list requesting someone else to take you off +the list. + +### I posted, now what? + +If you are not subscribed with the same email address that you used to send +the email, your post is silently discarded. + +If you posted for the first time to the mailing list, you first need to wait +for an administrator to allow your email to go through (moderated). This +normally happens quickly but in case we are asleep, you may have to wait a few +hours. + +Once your email goes through it is sent out to several hundred or even +thousands of recipients. Your email may cover an area that not that many +people know about or are interested in. Or possibly the person who knows about +it is on vacation or under a heavy work load right now. You may have to wait +for a response and you should not expect to get a response at all. Ideally, +you get an answer within a couple of days. + +You do yourself and all of us a service when you include as many details as +possible already in your first email. Mention your operating system and +environment. Tell us which curl version you are using and tell us what you +did, what happened and what you expected would happen. Preferably, show us +what you did with details enough to allow others to help point out the problem +or repeat the steps in their locations. + +Failing to include details only delays responses and make people respond and +ask for more details and you have to send follow-up emails that include them. + +Expect the responses to primarily help YOU debug the issue, or ask YOU +questions that can lead you or others towards a solution or explanation to +whatever you experience. + +If you are a repeat offender to the guidelines outlined in this document, +chances are that people ignore you and your chances to get responses in the +future greatly diminish. + +### Your emails are public + +Your email, its contents and all its headers and the details in those headers +are received by every subscriber of the mailing list that you send your email +to. + +Your email as sent to a curl mailing list ends up in mail archives, on the +curl website and elsewhere, for others to see and read. Today and in the +future. In addition to the archives, the mail is sent out to thousands of +individuals. There is no way to undo a sent email. + +When sending emails to a curl mailing list, do not include sensitive +information such as usernames and passwords; use fake ones, temporary ones or +just remove them completely from the mail. Note that this includes base64 +encoded HTTP Basic auth headers. + +This public nature of the curl mailing lists makes automatically inserted mail +footers about mails being "private" or "only meant for the recipient" or +similar even more silly than usual. Because they are absolutely not private +when sent to a public mailing list. + +## Sending mail + +### Reply or New Mail + +Please do not reply to an existing message as a short-cut to post a message to +the lists. + +Many mail programs and web archivers use information within mails to keep them +together as "threads", as collections of posts that discuss a certain subject. +If you do not intend to reply on the same or similar subject, do not just hit +reply on an existing mail and change the subject, create a new mail. + +### Reply to the List + +When replying to a message from the list, make sure that you do "group reply" +or "reply to all", and not just reply to the author of the single mail you +reply to. + +We are actively discouraging replying to the single person by setting the +correct field in outgoing mails back asking for replies to get sent to the +mailing list address, making it harder for people to reply to the author only +by mistake. + +### Use a Sensible Subject + +Please use a subject of the mail that makes sense and that is related to the +contents of your mail. It makes it a lot easier to find your mail afterwards +and it makes it easier to track mail threads and topics. + +### Do Not Top-Post + +If you reply to a message, do not use top-posting. Top-posting is when you +write the new text at the top of a mail and you insert the previous quoted +mail conversation below. It forces users to read the mail in a backwards order +to properly understand it. + +This is why top posting is so bad (in top posting order): + + A: Because it messes up the order in which people normally read text. + Q: Why is top-posting such a bad thing? + A: Top-posting. + Q: What is the most annoying thing in email? + +Apart from the screwed up read order (especially when mixed together in a +thread when someone responds using the mandated bottom-posting style), it also +makes it impossible to quote only parts of the original mail. + +When you reply to a mail. You let the mail client insert the previous mail +quoted. Then you put the cursor on the first line of the mail and you move +down through the mail, deleting all parts of the quotes that do not add +context for your comments. When you want to add a comment you do so, inline, +right after the quotes that relate to your comment. Then you continue +downwards again. + +When most of the quotes have been removed and you have added your own words, +you are done. + +### HTML is not for mails + +Please switch off those HTML encoded messages. You can mail all those funny +mails to your friends. We speak plain text mails. + +### Quoting + +Quote as little as possible. Just enough to provide the context you cannot +eave out. A lengthy description can be found +[here](https://www.netmeister.org/news/learn2quote.html). + +### Digest + +We allow subscribers to subscribe to the "digest" version of the mailing +lists. A digest is a collection of mails lumped together in one single mail. + +Should you decide to reply to a mail sent out as a digest, there are two +things you MUST consider if you really, really cannot subscribe normally +instead: + +Cut off all mails and chatter that is not related to the mail you want to +reply to. + +Change the subject name to something sensible and related to the subject, +preferably even the actual subject of the single mail you wanted to reply to + +### Please Tell Us How You Solved The Problem + +Many people mail questions to the list, people spend some of their time and +make an effort in providing good answers to these questions. + +If you are the one who asks, please consider responding once more in case one +of the hints was what solved your problems. The guys who write answers feel +good to know that they provided a good answer and that you fixed the problem. +Far too often, the person who asked the question is never heard from again, +and we never get to know if they are gone because the problem was solved or +perhaps because the problem was unsolvable. + +Getting the solution posted also helps other users that experience the same +problem(s). They get to see (possibly in the web archives) that the suggested +fixes actually have helped at least one person. diff --git a/deps/curl/docs/MANUAL.md b/deps/curl/docs/MANUAL.md new file mode 100644 index 00000000..9ff5c097 --- /dev/null +++ b/deps/curl/docs/MANUAL.md @@ -0,0 +1,1008 @@ + + +# curl tutorial + +## Simple Usage + +Get the main page from a web-server: + + curl https://www.example.com/ + +Get a README file from an FTP server: + + curl ftp://ftp.example.com/README + +Get a webpage from a server using port 8000: + + curl http://www.example.com:8000/ + +Get a directory listing of an FTP site: + + curl ftp://ftp.example.com/ + +Get the all terms matching curl from a dictionary: + + curl dict://dict.example.com/m:curl + +Get the definition of curl from a dictionary: + + curl dict://dict.example.com/d:curl + +Fetch two documents at once: + + curl ftp://ftp.example.com/ http://www.example.com:8000/ + +Get a file off an FTPS server: + + curl ftps://files.are.example.com/secrets.txt + +or use the more appropriate FTPS way to get the same file: + + curl --ssl-reqd ftp://files.are.example.com/secrets.txt + +Get a file from an SSH server using SFTP: + + curl -u username sftp://example.com/etc/issue + +Get a file from an SSH server using SCP using a private key (not +password-protected) to authenticate: + + curl -u username: --key ~/.ssh/id_rsa scp://example.com/~/file.txt + +Get a file from an SSH server using SCP using a private key +(password-protected) to authenticate: + + curl -u username: --key ~/.ssh/id_rsa --pass private_key_password + scp://example.com/~/file.txt + +Get the main page from an IPv6 web server: + + curl "http://[2001:1890:1112:1::20]/" + +Get a file from an SMB server: + + curl -u "domain\username:passwd" smb://server.example.com/share/file.txt + +## Download to a File + +Get a webpage and store in a local file with a specific name: + + curl -o thatpage.html http://www.example.com/ + +Get a webpage and store in a local file, make the local file get the name of +the remote document (if no filename part is specified in the URL, this fails): + + curl -O http://www.example.com/index.html + +Fetch two files and store them with their remote names: + + curl -O www.haxx.se/index.html -O curl.se/download.html + +## Using Passwords + +### FTP + +To ftp files using name and password, include them in the URL like: + + curl ftp://name:passwd@ftp.server.example:port/full/path/to/file + +or specify them with the `-u` flag like + + curl -u name:passwd ftp://ftp.server.example:port/full/path/to/file + +### FTPS + +It is just like for FTP, but you may also want to specify and use SSL-specific +options for certificates etc. + +Note that using `FTPS://` as prefix is the *implicit* way as described in the +standards while the recommended *explicit* way is done by using `FTP://` and +the `--ssl-reqd` option. + +### SFTP / SCP + +This is similar to FTP, but you can use the `--key` option to specify a +private key to use instead of a password. Note that the private key may itself +be protected by a password that is unrelated to the login password of the +remote system; this password is specified using the `--pass` option. +Typically, curl automatically extracts the public key from the private key +file, but in cases where curl does not have the proper library support, a +matching public key file must be specified using the `--pubkey` option. + +### HTTP + +curl also supports user and password in HTTP URLs, thus you can pick a file +like: + + curl http://name:passwd@http.server.example/full/path/to/file + +or specify user and password separately like in + + curl -u name:passwd http://http.server.example/full/path/to/file + +HTTP offers many different methods of authentication and curl supports +several: Basic, Digest, NTLM and Negotiate (SPNEGO). Without telling which +method to use, curl defaults to Basic. You can also ask curl to pick the most +secure ones out of the ones that the server accepts for the given URL, by +using `--anyauth`. + +**Note**! According to the URL specification, HTTP URLs can not contain a user +and password, so that style does not work when using curl via a proxy, even +though curl allows it at other times. When using a proxy, you _must_ use the +`-u` style for user and password. + +### HTTPS + +Probably most commonly used with private certificates, as explained below. + +## Proxy + +curl supports both HTTP and SOCKS proxy servers, with optional authentication. +It does not have special support for FTP proxy servers since there are no +standards for those, but it can still be made to work with many of them. You +can also use both HTTP and SOCKS proxies to transfer files to and from FTP +servers. + +Get an ftp file using an HTTP proxy named my-proxy that uses port 888: + + curl -x my-proxy:888 ftp://ftp.example.com/README + +Get a file from an HTTP server that requires user and password, using the +same proxy as above: + + curl -u user:passwd -x my-proxy:888 http://www.example.com/ + +Some proxies require special authentication. Specify by using -U as above: + + curl -U user:passwd -x my-proxy:888 http://www.example.com/ + +A comma-separated list of hosts and domains which do not use the proxy can be +specified as: + + curl --noproxy example.com -x my-proxy:888 http://www.example.com/ + +If the proxy is specified with `--proxy1.0` instead of `--proxy` or `-x`, then +curl uses HTTP/1.0 instead of HTTP/1.1 for any `CONNECT` attempts. + +curl also supports SOCKS4 and SOCKS5 proxies with `--socks4` and `--socks5`. + +See also the environment variables curl supports that offer further proxy +control. + +Most FTP proxy servers are set up to appear as a normal FTP server from the +client's perspective, with special commands to select the remote FTP server. +curl supports the `-u`, `-Q` and `--ftp-account` options that can be used to +set up transfers through many FTP proxies. For example, a file can be uploaded +to a remote FTP server using a Blue Coat FTP proxy with the options: + + curl -u "username@ftp.server.example Proxy-Username:Remote-Pass" + --ftp-account Proxy-Password --upload-file local-file + ftp://my-ftp.proxy.example:21/remote/upload/path/ + +See the manual for your FTP proxy to determine the form it expects to set up +transfers, and curl's `-v` option to see exactly what curl is sending. + +## Piping + +Get a key file and add it with `apt-key` (when on a system that uses `apt` for +package management): + + curl -L https://apt.example.org/llvm-snapshot.gpg.key | sudo apt-key add - + +The '|' pipes the output to STDIN. `-` tells `apt-key` that the key file +should be read from STDIN. + +## Ranges + +HTTP 1.1 introduced byte-ranges. Using this, a client can request to get only +one or more sub-parts of a specified document. curl supports this with the +`-r` flag. + +Get the first 100 bytes of a document: + + curl -r 0-99 http://www.example.com/ + +Get the last 500 bytes of a document: + + curl -r -500 http://www.example.com/ + +curl also supports simple ranges for FTP files as well. Then you can only +specify start and stop position. + +Get the first 100 bytes of a document using FTP: + + curl -r 0-99 ftp://www.example.com/README + +## Uploading + +### FTP / FTPS / SFTP / SCP + +Upload all data on stdin to a specified server: + + curl -T - ftp://ftp.example.com/myfile + +Upload data from a specified file, login with user and password: + + curl -T uploadfile -u user:passwd ftp://ftp.example.com/myfile + +Upload a local file to the remote site, and use the local filename at the +remote site too: + + curl -T uploadfile -u user:passwd ftp://ftp.example.com/ + +Upload a local file to get appended to the remote file: + + curl -T localfile -a ftp://ftp.example.com/remotefile + +curl also supports ftp upload through a proxy, but only if the proxy is +configured to allow that kind of tunneling. If it does, you can run curl in a +fashion similar to: + + curl --proxytunnel -x proxy:port -T localfile ftp.example.com + +### SMB / SMBS + + curl -T file.txt -u "domain\username:passwd" + smb://server.example.com/share/ + +### HTTP + +Upload all data on stdin to a specified HTTP site: + + curl -T - http://www.example.com/myfile + +Note that the HTTP server must have been configured to accept PUT before this +can be done successfully. + +For other ways to do HTTP data upload, see the POST section below. + +## Verbose / Debug + +If curl fails where it is not supposed to, if the servers do not let you in, +if you cannot understand the responses: use the `-v` flag to get verbose +fetching. curl outputs lots of info and what it sends and receives in order to +let the user see all client-server interaction (but it does not show you the +actual data). + + curl -v ftp://ftp.example.com/ + +To get even more details and information on what curl does, try using the +`--trace` or `--trace-ascii` options with a given filename to log to, like +this: + + curl --trace my-trace.txt www.haxx.se + + +## Detailed Information + +Different protocols provide different ways of getting detailed information +about specific files/documents. To get curl to show detailed information about +a single file, you should use `-I`/`--head` option. It displays all available +info on a single file for HTTP and FTP. The HTTP information is a lot more +extensive. + +For HTTP, you can get the header information (the same as `-I` would show) +shown before the data by using `-i`/`--include`. curl understands the +`-D`/`--dump-header` option when getting files from both FTP and HTTP, and it +then stores the headers in the specified file. + +Store the HTTP headers in a separate file (headers.txt in the example): + + curl --dump-header headers.txt curl.se + +Note that headers stored in a separate file can be useful at a later time if +you want curl to use cookies sent by the server. More about that in the +cookies section. + +## POST (HTTP) + +It is easy to post data using curl. This is done using the `-d ` option. +The post data must be urlencoded. + +Post a simple `name` and `phone` guestbook. + + curl -d "name=Rafael%20Sagula&phone=3320780" http://www.example.com/guest.cgi + +Or automatically [URL encode the data](https://everything.curl.dev/http/post/url-encode). + + curl --data-urlencode "name=Rafael Sagula&phone=3320780" + http://www.example.com/guest.cgi + +How to post a form with curl, lesson #1: + +Dig out all the `` tags in the form that you want to fill in. + +If there is a normal post, you use `-d` to post. `-d` takes a full post +string, which is in the format + + =&=&... + +The variable names are the names set with `"name="` in the `` tags, and +the data is the contents you want to fill in for the inputs. The data *must* +be properly URL encoded. That means you replace space with + and that you +replace weird letters with `%XX` where `XX` is the hexadecimal representation +of the letter's ASCII code. + +Example: + +(say if `http://example.com` had the following html) + +```html +
+ + + + +
+``` + +We want to enter user `foobar` with password `12345`. + +To post to this, you would enter a curl command line like: + + curl -d "user=foobar&pass=12345&id=blablabla&ding=submit" + http://example.com/post.cgi + +While `-d` uses the application/x-www-form-urlencoded mime-type, generally +understood by CGI's and similar, curl also supports the more capable +multipart/form-data type. This latter type supports things like file upload. + +`-F` accepts parameters like `-F "name=contents"`. If you want the contents to +be read from a file, use `@filename` as contents. When specifying a file, you +can also specify the file content type by appending `;type=` to the +filename. You can also post the contents of several files in one field. For +example, the field name `coolfiles` is used to send three files, with +different content types using the following syntax: + + curl -F "coolfiles=@fil1.gif;type=image/gif,fil2.txt,fil3.html" + http://www.example.com/postit.cgi + +If the content-type is not specified, curl tries to guess from the file +extension (it only knows a few), or use the previously specified type (from an +earlier file if several files are specified in a list) or else it uses the +default type `application/octet-stream`. + +Emulate a fill-in form with `-F`. Let's say you fill in three fields in a +form. One field is a filename which to post, one field is your name and one +field is a file description. We want to post the file we have written named +`cooltext.txt`. To let curl do the posting of this data instead of your +favorite browser, you have to read the HTML source of the form page and find +the names of the input fields. In our example, the input field names are +`file`, `yourname` and `filedescription`. + + curl -F "file=@cooltext.txt" -F "yourname=Daniel" + -F "filedescription=Cool text file with cool text inside" + http://www.example.com/postit.cgi + +To send two files in one post you can do it in two ways: + +Send multiple files in a single field with a single field name: + + curl -F "pictures=@dog.gif,cat.gif" $URL + +Send two fields with two field names + + curl -F "docpicture=@dog.gif" -F "catpicture=@cat.gif" $URL + +To send a field value literally without interpreting a leading `@` or `<`, or +an embedded `;type=`, use `--form-string` instead of `-F`. This is recommended +when the value is obtained from a user or some other unpredictable +source. Under these circumstances, using `-F` instead of `--form-string` could +allow a user to trick curl into uploading a file. + +## Referrer + +An HTTP request has the option to include information about which address +referred it to the actual page. curl allows you to specify the referrer to be +used on the command line. It is especially useful to fool or trick stupid +servers or CGI scripts that rely on that information being available or +contain certain data. + + curl -e www.example.org http://www.example.com/ + +## User Agent + +An HTTP request has the option to include information about the browser that +generated the request. curl allows it to be specified on the command line. It +is especially useful to fool or trick stupid servers or CGI scripts that only +accept certain browsers. + +Example: + + curl -A 'Mozilla/3.0 (Win95; I)' http://www.bank.example.com/ + +Other common strings: + +- `Mozilla/3.0 (Win95; I)` - Netscape Version 3 for Windows 95 +- `Mozilla/3.04 (Win95; U)` - Netscape Version 3 for Windows 95 +- `Mozilla/2.02 (OS/2; U)` - Netscape Version 2 for OS/2 +- `Mozilla/4.04 [en] (X11; U; AIX 4.2; Nav)` - Netscape for AIX +- `Mozilla/4.05 [en] (X11; U; Linux 2.0.32 i586)` - Netscape for Linux + +Note that Internet Explorer tries hard to be compatible in every way: + +- `Mozilla/4.0 (compatible; MSIE 4.01; Windows 95)` - MSIE for W95 + +Mozilla is not the only possible User-Agent name: + +- `Konqueror/1.0` - KDE File Manager desktop client +- `Lynx/2.7.1 libwww-FM/2.14` - Lynx command line browser + +## Cookies + +Cookies are generally used by web servers to keep state information at the +client's side. The server sets cookies by sending a response line in the +headers that looks like `Set-Cookie: ` where the data part then +typically contains a set of `NAME=VALUE` pairs (separated by semicolons `;` +like `NAME1=VALUE1; NAME2=VALUE2;`). The server can also specify for what path +the cookie should be used for (by specifying `path=value`), when the cookie +should expire (`expire=DATE`), for what domain to use it (`domain=NAME`) and +if it should be used on secure connections only (`secure`). + +If you have received a page from a server that contains a header like: + +```http +Set-Cookie: sessionid=boo123; path="/foo"; +``` + +it means the server wants that first pair passed on when we get anything in a +path beginning with `/foo`. + +Example, get a page that wants my name passed in a cookie: + + curl -b "name=Daniel" www.example.com + +curl also has the ability to use previously received cookies in following +sessions. If you get cookies from a server and store them in a file in a +manner similar to: + + curl --dump-header headers www.example.com + +... you can then in a second connect to that (or another) site, use the +cookies from the `headers.txt` file like: + + curl -b headers.txt www.example.com + +While saving headers to a file is a working way to store cookies, it is +however error-prone and not the preferred way to do this. Instead, make curl +save the incoming cookies using the well-known Netscape cookie format like +this: + + curl -c cookies.txt www.example.com + +Note that by specifying `-b` you enable the cookie engine and with `-L` you +can make curl follow a `location:` (which often is used in combination with +cookies). If a site sends cookies and a location field, you can use a +non-existing file to trigger the cookie awareness like: + + curl -L -b empty.txt www.example.com + +The file to read cookies from must be formatted using plain HTTP headers OR as +Netscape's cookie file. curl determines what kind it is based on the file +contents. In the above command, curl parses the header and store the cookies +received from www.example.com. curl sends the stored cookies which match the +request to the server as it follows the location. The file `empty.txt` may be +a nonexistent file. + +To read and write cookies from a Netscape cookie file, you can set both `-b` +and `-c` to use the same file: + + curl -b cookies.txt -c cookies.txt www.example.com + +## Progress Meter + +The progress meter exists to show a user that something actually is +happening. The different fields in the output have the following meaning: + + % Total % Received % Xferd Average Speed Time Curr. + Dload Upload Total Current Left Speed + 0 151M 0 38608 0 0 9406 0 4:41:43 0:00:04 4:41:39 9287 + +From left-to-right: + + - `%` - percentage completed of the whole transfer + - `Total` - total size of the whole expected transfer + - `%` - percentage completed of the download + - `Received` - currently downloaded amount of bytes + - `%` - percentage completed of the upload + - `Xferd` - currently uploaded amount of bytes + - `Average Speed Dload` - the average transfer speed of the download + - `Average Speed Upload` - the average transfer speed of the upload + - `Time Total` - expected time to complete the operation + - `Time Current` - time passed since the invoke + - `Time Left` - expected time left to completion + - `Curr.Speed` - the average transfer speed the last 5 seconds (the first + 5 seconds of a transfer is based on less time of course.) + +The `-#` option displays a totally different progress bar that does not need +much explanation! + +## Speed Limit + +curl allows the user to set the transfer speed conditions that must be met to +let the transfer keep going. By using the switch `-y` and `-Y` you can make +curl abort transfers if the transfer speed is below the specified lowest limit +for a specified time. + +To have curl abort the download if the speed is slower than 3000 bytes per +second for 1 minute, run: + + curl -Y 3000 -y 60 www.far-away.example.com + +This can be used in combination with the overall time limit, so that the above +operation must be completed in whole within 30 minutes: + + curl -m 1800 -Y 3000 -y 60 www.far-away.example.com + +Forcing curl not to transfer data faster than a given rate is also possible, +which might be useful if you are using a limited bandwidth connection and you +do not want your transfer to use all of it (sometimes referred to as +*bandwidth throttle*). + +Make curl transfer data no faster than 10 kilobytes per second: + + curl --limit-rate 10K www.far-away.example.com + +or + + curl --limit-rate 10240 www.far-away.example.com + +Or prevent curl from uploading data faster than 1 megabyte per second: + + curl -T upload --limit-rate 1M ftp://uploads.example.com + +When using the `--limit-rate` option, the transfer rate is regulated on a +per-second basis, which causes the total transfer speed to become lower than +the given number. Sometimes of course substantially lower, if your transfer +stalls during periods. + +## Config File + +curl automatically tries to read the `.curlrc` file (or `_curlrc` file on +Microsoft Windows systems) from the user's home directory on startup. + +The config file could be made up with normal command line switches, but you +can also specify the long options without the dashes to make it more +readable. You can separate the options and the parameter with spaces, or with +`=` or `:`. Comments can be used within the file. If the first letter on a +line is a `#`-symbol the rest of the line is treated as a comment. + +If you want the parameter to contain spaces, you must enclose the entire +parameter within double quotes (`"`). Within those quotes, you specify a quote +as `\"`. + +NOTE: You must specify options and their arguments on the same line. + +Example, set default time out and proxy in a config file: + + # We want a 30 minute timeout: + -m 1800 + # ... and we use a proxy for all accesses: + proxy = proxy.our.domain.example.com:8080 + +Whitespaces ARE significant at the end of lines, but all whitespace leading +up to the first characters of each line are ignored. + +Prevent curl from reading the default file by using -q as the first command +line parameter, like: + + curl -q www.example.org + +Force curl to get and display a local help page in case it is invoked without +URL by making a config file similar to: + + # default url to get + url = "http://help.with.curl.example.com/curlhelp.html" + +You can specify another config file to be read by using the `-K`/`--config` +flag. If you set config filename to `-` it reads the config from stdin, which +can be handy if you want to hide options from being visible in process tables +etc: + + echo "user = user:passwd" | curl -K - http://that.secret.example.com + +## Extra Headers + +When using curl in your own programs, you may end up needing to pass on your +own custom headers when getting a webpage. You can do this by using the `-H` +flag. + +Example, send the header `X-you-and-me: yes` to the server when getting a +page: + + curl -H "X-you-and-me: yes" love.example.com + +This can also be useful in case you want curl to send a different text in a +header than it normally does. The `-H` header you specify then replaces the +header curl would normally send. If you replace an internal header with an +empty one, you prevent that header from being sent. To prevent the `Host:` +header from being used: + + curl -H "Host:" server.example.com + +## FTP and Path Names + +Do note that when getting files with a `ftp://` URL, the given path is +relative to the directory you enter. To get the file `README` from your home +directory at your ftp site, do: + + curl ftp://user:passwd@my.example.com/README + +If you want the README file from the root directory of that same site, you +need to specify the absolute filename: + + curl ftp://user:passwd@my.example.com//README + +(I.e with an extra slash in front of the filename.) + +## SFTP and SCP and Path Names + +With sftp: and scp: URLs, the path name given is the absolute name on the +server. To access a file relative to the remote user's home directory, prefix +the file with `/~/` , such as: + + curl -u $USER sftp://home.example.com/~/.bashrc + +## FTP and Firewalls + +The FTP protocol requires one of the involved parties to open a second +connection as soon as data is about to get transferred. There are two ways to +do this. + +The default way for curl is to issue the PASV command which causes the server +to open another port and await another connection performed by the +client. This is good if the client is behind a firewall that does not allow +incoming connections. + + curl ftp.example.com + +If the server, for example, is behind a firewall that does not allow +connections on ports other than 21 (or if it just does not support the `PASV` +command), the other way to do it is to use the `PORT` command and instruct the +server to connect to the client on the given IP number and port (as parameters +to the PORT command). + +The `-P` flag to curl supports a few different options. Your machine may have +several IP-addresses and/or network interfaces and curl allows you to select +which of them to use. Default address can also be used: + + curl -P - ftp.example.com + +Download with `PORT` but use the IP address of our `le0` interface (this does +not work on Windows): + + curl -P le0 ftp.example.com + +Download with `PORT` but use 192.168.0.10 as our IP address to use: + + curl -P 192.168.0.10 ftp.example.com + +## Network Interface + +Get a webpage from a server using a specified port for the interface: + + curl --interface eth0:1 http://www.example.com/ + +or + + curl --interface 192.168.1.10 http://www.example.com/ + +## HTTPS + +Secure HTTP requires a TLS library to be installed and used when curl is +built. If that is done, curl is capable of retrieving and posting documents +using the HTTPS protocol. + +Example: + + curl https://secure.example.com + +curl is also capable of using client certificates to get/post files from sites +that require valid certificates. The only drawback is that the certificate +needs to be in PEM-format. PEM is a standard and open format to store +certificates with, but it is not used by the most commonly used browsers. If +you want curl to use the certificates you use with your favorite browser, you +may need to download/compile a converter that can convert your browser's +formatted certificates to PEM formatted ones. + +Example on how to automatically retrieve a document using a certificate with a +personal password: + + curl -E /path/to/cert.pem:password https://secure.example.com/ + +If you neglect to specify the password on the command line, you are prompted +for the correct password before any data can be received. + +Many older HTTPS servers have problems with specific SSL or TLS versions, +which newer versions of OpenSSL etc use, therefore it is sometimes useful to +specify what TLS version curl should use.: + + curl --tlv1.0 https://secure.example.com/ + +Otherwise, curl attempts to use a sensible TLS default version. + +## Resuming File Transfers + +To continue a file transfer where it was previously aborted, curl supports +resume on HTTP(S) downloads as well as FTP uploads and downloads. + +Continue downloading a document: + + curl -C - -o file ftp://ftp.example.com/path/file + +Continue uploading a document: + + curl -C - -T file ftp://ftp.example.com/path/file + +Continue downloading a document from a web server + + curl -C - -o file http://www.example.com/ + +## Time Conditions + +HTTP allows a client to specify a time condition for the document it requests. +It is `If-Modified-Since` or `If-Unmodified-Since`. curl allows you to specify +them with the `-z`/`--time-cond` flag. + +For example, you can easily make a download that only gets performed if the +remote file is newer than a local copy. It would be made like: + + curl -z local.html http://remote.example.com/remote.html + +Or you can download a file only if the local file is newer than the remote +one. Do this by prepending the date string with a `-`, as in: + + curl -z -local.html http://remote.example.com/remote.html + +You can specify a plain text date as condition. Tell curl to only download the +file if it was updated since January 12, 2012: + + curl -z "Jan 12 2012" http://remote.example.com/remote.html + +curl accepts a wide range of date formats. You always make the date check the +other way around by prepending it with a dash (`-`). + +## DICT + +For fun try + + curl dict://dict.org/m:curl + curl dict://dict.org/d:heisenbug:jargon + curl dict://dict.org/d:daniel:gcide + +Aliases for `m` are `match` and `find`, and aliases for `d` are `define` and +`lookup`. For example, + + curl dict://dict.org/find:curl + +Commands that break the URL description of the RFC (but not the DICT +protocol) are + + curl dict://dict.org/show:db + curl dict://dict.org/show:strat + +Authentication support is still missing + +## LDAP + +If you have installed the OpenLDAP library, curl can take advantage of it and +offer `ldap://` support. On Windows, curl uses WinLDAP from Platform SDK by +default. + +Default protocol version used by curl is LDAP version 3. Version 2 is used as +a fallback mechanism in case version 3 fails to connect. + +LDAP is a complex thing and writing an LDAP query is not an easy +task. Familiarize yourself with the exact syntax description elsewhere. One +such place might be: [RFC 2255, The LDAP URL +Format](https://curl.se/rfc/rfc2255.txt) + +To show you an example, this is how to get all people from an LDAP server that +has a certain subdomain in their email address: + + curl -B "ldap://ldap.example.com/o=frontec??sub?mail=*sth.example.com" + +You also can use authentication when accessing LDAP catalog: + + curl -u user:passwd "ldap://ldap.example.com/o=frontec??sub?mail=*" + curl "ldap://user:passwd@ldap.example.com/o=frontec??sub?mail=*" + +By default, if user and password are provided, OpenLDAP/WinLDAP uses basic +authentication. On Windows you can control this behavior by providing one of +`--basic`, `--ntlm` or `--digest` option in curl command line + + curl --ntlm "ldap://user:passwd@ldap.example.com/o=frontec??sub?mail=*" + +On Windows, if no user/password specified, auto-negotiation mechanism is used +with current logon credentials (SSPI/SPNEGO). + +## Environment Variables + +curl reads and understands the following proxy related environment variables: + + http_proxy, HTTPS_PROXY, FTP_PROXY + +They should be set for protocol-specific proxies. General proxy should be set +with + + ALL_PROXY + +A comma-separated list of hostnames that should not go through any proxy is +set in (only an asterisk, `*` matches all hosts) + + NO_PROXY + +If the hostname matches one of these strings, or the host is within the domain +of one of these strings, transactions with that node is not done over the +proxy. When a domain is used, it needs to start with a period. A user can +specify that both www.example.com and foo.example.com should not use a proxy +by setting `NO_PROXY` to `.example.com`. By including the full name you can +exclude specific hostnames, so to make `www.example.com` not use a proxy but +still have `foo.example.com` do it, set `NO_PROXY` to `www.example.com`. + +The usage of the `-x`/`--proxy` flag overrides the environment variables. + +## Netrc + +Unix introduced the `.netrc` concept a long time ago. It is a way for a user +to specify name and password for commonly visited FTP sites in a file so that +you do not have to type them in each time you visit those sites. You realize +this is a big security risk if someone else gets hold of your passwords, +therefore most Unix programs do not read this file unless it is only readable +by yourself (curl does not care though). + +curl supports `.netrc` files if told to (using the `-n`/`--netrc` and +`--netrc-optional` options). This is not restricted to just FTP, so curl can +use it for all protocols where authentication is used. + +A simple `.netrc` file could look something like: + + machine curl.se login iamdaniel password mysecret + +## Custom Output + +To better allow script programmers to get to know about the progress of curl, +the `-w`/`--write-out` option was introduced. Using this, you can specify what +information from the previous transfer you want to extract. + +To display the amount of bytes downloaded together with some text and an +ending newline: + + curl -w 'We downloaded %{size_download} bytes\n' www.example.com + +## Kerberos FTP Transfer + +curl supports kerberos4 and kerberos5/GSSAPI for FTP transfers. You need the +kerberos package installed and used at curl build time for it to be available. + +First, get the krb-ticket the normal way, like with the `kinit`/`kauth` tool. +Then use curl in way similar to: + + curl --krb private ftp://krb4site.example.com -u username:fakepwd + +There is no use for a password on the `-u` switch, but a blank one makes curl +ask for one and you already entered the real password to `kinit`/`kauth`. + +## TELNET + +The curl telnet support is basic and easy to use. curl passes all data passed +to it on stdin to the remote server. Connect to a remote telnet server using a +command line similar to: + + curl telnet://remote.example.com + +Enter the data to pass to the server on stdin. The result is sent to stdout or +to the file you specify with `-o`. + +You might want the `-N`/`--no-buffer` option to switch off the buffered output +for slow connections or similar. + +Pass options to the telnet protocol negotiation, by using the `-t` option. To +tell the server we use a vt100 terminal, try something like: + + curl -tTTYPE=vt100 telnet://remote.example.com + +Other interesting options for it `-t` include: + + - `XDISPLOC=` Sets the X display location. + - `NEW_ENV=` Sets an environment variable. + +NOTE: The telnet protocol does not specify any way to login with a specified +user and password so curl cannot do that automatically. To do that, you need to +track when the login prompt is received and send the username and password +accordingly. + +## Persistent Connections + +Specifying multiple files on a single command line makes curl transfer all of +them, one after the other in the specified order. + +libcurl attempts to use persistent connections for the transfers so that the +second transfer to the same host can use the same connection that was already +initiated and was left open in the previous transfer. This greatly decreases +connection time for all but the first transfer and it makes a far better use +of the network. + +Note that curl cannot use persistent connections for transfers that are used +in subsequent curl invokes. Try to stuff as many URLs as possible on the same +command line if they are using the same host, as that makes the transfers +faster. If you use an HTTP proxy for file transfers, practically all transfers +are persistent. + +## Multiple Transfers With A Single Command Line + +As is mentioned above, you can download multiple files with one command line +by simply adding more URLs. If you want those to get saved to a local file +instead of just printed to stdout, you need to add one save option for each +URL you specify. Note that this also goes for the `-O` option (but not +`--remote-name-all`). + +For example: get two files and use `-O` for the first and a custom file +name for the second: + + curl -O http://example.com/file.txt ftp://example.com/moo.exe -o moo.jpg + +You can also upload multiple files in a similar fashion: + + curl -T local1 ftp://example.com/moo.exe -T local2 ftp://example.com/moo2.txt + +## IPv6 + +curl connects to a server with IPv6 when a host lookup returns an IPv6 address +and fall back to IPv4 if the connection fails. The `--ipv4` and `--ipv6` +options can specify which address to use when both are available. IPv6 +addresses can also be specified directly in URLs using the syntax: + + http://[2001:1890:1112:1::20]/overview.html + +When this style is used, the `-g` option must be given to stop curl from +interpreting the square brackets as special globbing characters. Link local +and site local addresses including a scope identifier, such as `fe80::1234%1`, +may also be used, but the scope portion must be numeric or match an existing +network interface on Linux and the percent character must be URL escaped. The +previous example in an SFTP URL might look like: + + sftp://[fe80::1234%251]/ + +IPv6 addresses provided other than in URLs (e.g. to the `--proxy`, +`--interface` or `--ftp-port` options) should not be URL encoded. + +## Mailing Lists + +For your convenience, we have several open mailing lists to discuss curl, its +development and things relevant to this. Get all info at +https://curl.se/mail/. + +Please direct curl questions, feature requests and trouble reports to one of +these mailing lists instead of mailing any individual. + +Available lists include: + +### `curl-users` + +Users of the command line tool. How to use it, what does not work, new +features, related tools, questions, news, installations, compilations, +running, porting etc. + +### `curl-library` + +Developers using or developing libcurl. Bugs, extensions, improvements. + +### `curl-announce` + +Low-traffic. Only receives announcements of new public versions. At worst, +that makes something like one or two mails per month, but usually only one +mail every second month. + +### `curl-and-php` + +Using the curl functions in PHP. Everything curl with a PHP angle. Or PHP with +a curl angle. + +### `curl-and-python` + +Python hackers using curl with or without the python binding pycurl. diff --git a/deps/curl/docs/README.md b/deps/curl/docs/README.md new file mode 100644 index 00000000..22d96ea9 --- /dev/null +++ b/deps/curl/docs/README.md @@ -0,0 +1,18 @@ + + +![curl logo](https://curl.se/logo/curl-logo.svg) + +# Documentation + +You find a mix of various documentation in this directory and subdirectories, +using several different formats. Some of them are not ideal for reading +directly in your browser. + +If you would rather see the rendered version of the documentation, check out the +curl website's [documentation section](https://curl.se/docs/) for +general curl stuff or the [libcurl section](https://curl.se/libcurl/) for +libcurl related documentation. diff --git a/deps/curl/docs/RELEASE-PROCEDURE.md b/deps/curl/docs/RELEASE-PROCEDURE.md new file mode 100644 index 00000000..826f7462 --- /dev/null +++ b/deps/curl/docs/RELEASE-PROCEDURE.md @@ -0,0 +1,141 @@ + + +curl release procedure - how to do a release +============================================ + +in the source code repo +----------------------- + +- edit `RELEASE-NOTES` to be accurate + +- update `docs/THANKS` + +- make sure all relevant changes are committed on the master branch + +- tag the git repo in this style: `git tag -a curl-7_34_0`. -a annotates the + tag and we use underscores instead of dots in the version number. Make sure + the tag is GPG signed (using -s). + +- run `./scripts/dmaketgz 7.34.0` to build the release tarballs. + +- push the git commits and the new tag + +- GPG sign the 4 tarballs as `maketgz` suggests + +- upload the 8 resulting files to the primary download directory + +in the curl-www repo +-------------------- + +- edit `Makefile` (version number and date), + +- edit `_newslog.html` (announce the new release) and + +- edit `_changes.html` (insert changes+bugfixes from RELEASE-NOTES) + +- commit all local changes + +- tag the repo with the same name as used for the source repo. + +- make sure all relevant changes are committed and pushed on the master branch + + (the website then updates its contents automatically) + +on GitHub +--------- + +- edit the newly made release tag so that it is listed as the latest release + +inform +------ + +- send an email to curl-users, curl-announce and curl-library. Insert the + RELEASE-NOTES into the mail. + +- if there are any advisories associated with the release, send each markdown + file to the above lists as well as to `oss-security@lists.openwall.com` + (unless the problem is unique to the non-open operating systems) + +celebrate +--------- + +- suitable beverage intake is encouraged for the festivities + +curl release scheduling +======================= + +Release Cycle +------------- + +We normally do releases every 8 weeks on Wednesdays. If important problems +arise, we can insert releases outside the schedule or we can move the release +date. + +Each 8 week (56 days) release cycle is divided into three distinct periods: + +- During the first 10 calendar days after a release, we are in "cool down". We + do not merge features but only bug-fixes. If a regression is reported, we + might do a follow-up patch release. + +- During the following 3 weeks (21 days) there is a feature window: we allow + new features and changes to curl and libcurl. If we accept any such changes, + we bump the minor number used for the next release. + +- During the next 25 days we are in feature freeze. We do not merge any + features or changes, and we only focus on fixing bugs and polishing things + to make the pending release a solid one. + +If a future release date happens to end up on a "bad date", like in the middle +of common public holidays or when the lead release manager is unavailable, the +release date can be moved forwards or backwards a full week. This is then +advertised well in advance. + +Release Candidates +------------------ + +We ship release candidate tarballs on three occasions in preparation for the +pending release: + +- Release candidate one (**rc1**) ships the same Saturday the feature freeze + starts. Twenty-five days before the release. + +- Release candidate two (**rc2**) ships nine days later, sixteen days before + the release. On a Monday. + +- Release candidate tree (**rc3**) ships nine days later, seven days before + the release. On a Wednesday. + +Release candidate tarballs are ephemeral and each such tarball is only kept +around for a few weeks. They are provided on their dedicated webpage at: +https://curl.se/rc/ + +**Do not use release candidates in production**. They are work in progress. +Use them for testing and verification only. Use actual releases in production. + +Critical problems +----------------- + +We can break the release cycle and do a patch release at any point if a +critical enough problem is reported. There is no exact definition of how to +assess such criticality, but if an issue is highly disturbing or has a +security impact on a large enough share of the user population it might +qualify. + +If you think an issue qualifies, bring it to the curl-library mailing list and +push for it. + +Coming dates +------------ + +Based on the description above, here are some planned future release dates: + +- February 5, 2025 +- April 2, 2025 +- May 28, 2025 +- July 23, 2025 +- September 17, 2025 +- November 12, 2025 diff --git a/deps/curl/docs/ROADMAP.md b/deps/curl/docs/ROADMAP.md new file mode 100644 index 00000000..abf306b3 --- /dev/null +++ b/deps/curl/docs/ROADMAP.md @@ -0,0 +1,17 @@ + + +# curl the next few years - perhaps + +Roadmap of things Daniel Stenberg wants to work on next. It is intended to +serve as a guideline for others for information, feedback and possible +participation. + +## WebSocket + +Agree that it is a good enough API and remove the EXPERIMENTAL label. + +## diff --git a/deps/curl/docs/RUSTLS.md b/deps/curl/docs/RUSTLS.md new file mode 100644 index 00000000..55c72605 --- /dev/null +++ b/deps/curl/docs/RUSTLS.md @@ -0,0 +1,36 @@ + + +# Rustls + +[Rustls is a TLS backend written in Rust](https://docs.rs/rustls/). curl can +be built to use it as an alternative to OpenSSL or other TLS backends. We use +the [rustls-ffi C bindings](https://github.com/rustls/rustls-ffi/). This +version of curl is compatible with `rustls-ffi` v0.14.x. + +# Building with Rustls + +First, [install Rust](https://rustup.rs/). + +Next, check out, build, and install the appropriate version of rustls-ffi: + + % git clone https://github.com/rustls/rustls-ffi -b v0.14.1 + % cd rustls-ffi + % make + % make DESTDIR=${HOME}/rustls-ffi-built/ install + +Now configure and build curl with Rustls: + + % git clone https://github.com/curl/curl + % cd curl + % autoreconf -fi + % ./configure --with-rustls=${HOME}/rustls-ffi-built + % make + +See the [rustls-ffi README] for more information on cryptography providers and +their build/platform requirements. + +[rustls-ffi README]: https://github.com/rustls/rustls-ffi/blob/main/README.md#cryptography-provide diff --git a/deps/curl/docs/SECURITY-ADVISORY.md b/deps/curl/docs/SECURITY-ADVISORY.md new file mode 100644 index 00000000..efb0e049 --- /dev/null +++ b/deps/curl/docs/SECURITY-ADVISORY.md @@ -0,0 +1,135 @@ + + +# Anatomy of a curl security advisory + +As described in the [Security Process](https://curl.se/dev/secprocess.html) +document, when a security vulnerability has been reported to the project and +confirmed, we author an advisory document for the issue. It should ideally +be written in cooperation with the reporter to make sure all the angles and +details of the problem are gathered and described correctly and succinctly. + +## New document + +A security advisory for curl is created in the `docs/` folder in the +[curl-www](https://github.com/curl/curl-www) repository. It should be named +`$CVEID.md` where `$CVEID` is the full CVE Id that has been registered for the +flaw. Like `CVE-2016-0755`. The `.md` extension of course means that the +document is written using markdown. + +The standard way to go about this is to first write the `VULNERABILITY` +section for the document, so that there is description of the flaw available, +then paste this description into the CVE Id request. + +### `vuln.pm` + +The new issue should be entered at the top of the list in the file `vuln.pm` +in the same directory. It holds a large array with all published curl +vulnerabilities. All fields should be filled in accordingly, separated by a +pipe character (`|`). + +The eleven fields for each CVE in `vuln.pm` are, in order: + + HTML page name, first vulnerable version, last vulnerable version, name of + the issue, CVE Id, announce date (`YYYYMMDD`), report to the project date + (`YYYYMMDD`), CWE, awarded reward amount (USD), area (single word), C-issue + (`-` if not a C issue at all, `OVERFLOW` , `OVERREAD`, `DOUBLE_FREE`, + `USE_AFTER_FREE`, `NULL_MISTAKE`, `UNINIT`) + +### `Makefile` + +The new CVE webpage filename needs to be added in the `Makefile`'s `CVELIST` +macro. + +When the markdown is in place and the `Makefile` and `vuln.pm` are updated, +all other files and metadata for all curl advisories and versions get +generated automatically using those files. + +## Document format + +The easy way is to start with a recent previously published advisory and just +blank out old texts and save it using a new name. Save the subtitles and +general layout. + +Some details and metadata are extracted from this document so it is important +to stick to the existing format. + +The first list must be the title of the issue. + +### VULNERABILITY + +The first subtitle should be `VULNERABILITY`. That should then include a +through and detailed description of the flaw. Including how it can be +triggered and maybe something about what might happen if triggered or +exploited. + +### INFO + +The next section is `INFO` which adds meta data information about the flaw. It +specifically mentions the official CVE Id for the issue and it must list the +CWE Id, starting on its own line. We write CWE identifiers in advisories with +the full (official) explanation on the right side of a colon. Like this: + +`CWE-305: Authentication Bypass by Primary Weakness` + +### AFFECTED VERSIONS + +The third section first lists what versions that are affected, then adds +clarity by stressing what versions that are *not* affected. A third line adds +information about which specific git commit that introduced the vulnerability. + +The `Introduced-in` commit should be a full URL that displays the commit, but +should work as a stand-alone commit hash if everything up to the last slash is +cut out. + +An example using the correct syntax: + +~~~ +- Affected versions: curl 7.16.1 to and including 7.88.1 +- Not affected versions: curl < 7.16.1 and curl >= 8.0.0 +- Introduced-in: https://github.com/curl/curl/commit/2147284cad +~~~ + +### THE SOLUTION + +This section describes and discusses the fix. The only mandatory information +here is the link to the git commit that fixes the problem. + +The `Fixed-in` value should be a full URL that displays the commit, but should +work as a stand-alone commit hash if everything up to the last slash is cut +out. + +Example: + +`- Fixed-in: https://github.com/curl/curl/commit/af369db4d3833272b8ed` + +### RECOMMENDATIONS + +This section lists the recommended actions for the users in a top to bottom +priority order and should ideally contain three items but no less than two. + +The top two are almost always `upgrade curl to version XXX` and `apply the +patch to your local version`. + +### TIMELINE + +Detail when this report was received in the project. When package distributors +were notified (via the distros mailing list or similar) + +When the advisory and fixed version are released. + +### CREDITS + +Mention the reporter and patch author at least, then everyone else involved +you think deserves a mention. + +If you want to mention more than one name, separate the names with comma +(`,`). + +~~~ +- Reported-by: Full Name +- Patched-by: Full Name +~~~ diff --git a/deps/curl/docs/SPONSORS.md b/deps/curl/docs/SPONSORS.md new file mode 100644 index 00000000..e4f61db6 --- /dev/null +++ b/deps/curl/docs/SPONSORS.md @@ -0,0 +1,55 @@ + + +# curl sponsors + +A sponsor is someone who donates money or resources to the curl project for no +specific service in return. + +curl accepts donations via [GitHub sponsors](https://github.com/sponsors/curl) +and [Open Collective](https://opencollective.com/curl). + +An even better way to contribute to the project might be to pay an engineer or +two to spend work hours on curl related tasks. + +We promise to use donated funds for things and activities that we believe are +beneficial for the project and its development. That includes but is not +limited to bug-bounties, developer conferences, infrastructure, development, +services and hardware. + +Recurring donations above a certain amount of money puts the sponsor at a +named sponsor level: **Silver**, **Gold**, **Platinum** or **Top**. + +Sponsors on a named level can provide their logo image and preferred URL and +get recognition on the curl website's [sponsor +page](https://curl.se/sponsors.html), assuming they meet the project's +standards and requirements. + +- **Silver Sponsor** at least 100 USD/month +- **Gold Sponsor** at least 500 USD/month +- **Platinum Sponsor** at least 1000 USD/month +- **Top Sponsor** outstanding extra valuable help + +## Sponsor requirements + +A named level sponsor is entitled a logo and link on the curl website assuming +the company, brand and link are not deemed unsuitable. The curl team reserves +the right to make that decision at its own discretion. + +Sponsors may be denied a website presence for example if involved with drugs, +gambling, pornography, social media manipulation etc. + +## Past Sponsors + +Sponsors that stop paying are considered *Past Sponsors* and are not displayed +on the sponsor page anymore. We thank you for your contributions. + +## Donations + +Please note that sponsorship and donations are exactly that: donations to the +curl project. They are used to help and further the project as the project +leadership deems best. No goods or services are expected or promised in +return. Requests for refunds for such purposes are rejected. diff --git a/deps/curl/docs/SSL-PROBLEMS.md b/deps/curl/docs/SSL-PROBLEMS.md new file mode 100644 index 00000000..620392c4 --- /dev/null +++ b/deps/curl/docs/SSL-PROBLEMS.md @@ -0,0 +1,97 @@ + + +# SSL problems + + First, let's establish that we often refer to TLS and SSL interchangeably as + SSL here. The current protocol is called TLS, it was called SSL a long time + ago. + + There are several known reasons why a connection that involves SSL might + fail. This is a document that attempts to detail the most common ones and + how to mitigate them. + +## CA certs + + CA certs are used to digitally verify the server's certificate. You need a + "ca bundle" for this. See lots of more details on this in the `SSLCERTS` + document. + +## CA bundle missing intermediate certificates + + When using said CA bundle to verify a server cert, you may experience + problems if your CA store does not contain the certificates for the + intermediates if the server does not provide them. + + The TLS protocol mandates that the intermediate certificates are sent in the + handshake, but as browsers have ways to survive or work around such + omissions, missing intermediates in TLS handshakes still happen that browser + users do not notice. + + Browsers work around this problem in two ways: they cache intermediate + certificates from previous transfers and some implement the TLS "AIA" + extension that lets the client explicitly download such certificates on + demand. + +## Protocol version + + Some broken servers fail to support the protocol negotiation properly that + SSL servers are supposed to handle. This may cause the connection to fail + completely. Sometimes you may need to explicitly select a SSL version to use + when connecting to make the connection succeed. + + An additional complication can be that modern SSL libraries sometimes are + built with support for older SSL and TLS versions disabled. + + All versions of SSL and the TLS versions before 1.2 are considered insecure + and should be avoided. Use TLS 1.2 or later. + +## Ciphers + + Clients give servers a list of ciphers to select from. If the list does not + include any ciphers the server wants/can use, the connection handshake + fails. + + curl has recently disabled the user of a whole bunch of seriously insecure + ciphers from its default set (slightly depending on SSL backend in use). + + You may have to explicitly provide an alternative list of ciphers for curl + to use to allow the server to use a weak cipher for you. + + Note that these weak ciphers are identified as flawed. For example, this + includes symmetric ciphers with less than 128 bit keys and RC4. + + Schannel in Windows XP is not able to connect to servers that no longer + support the legacy handshakes and algorithms used by those versions, so we + advise against building curl to use Schannel on really old Windows versions. + + Reference: [Prohibiting RC4 Cipher + Suites](https://datatracker.ietf.org/doc/html/draft-popov-tls-prohibiting-rc4-01) + +## Allow BEAST + + BEAST is the name of a TLS 1.0 attack that surfaced 2011. When adding means + to mitigate this attack, it turned out that some broken servers out there in + the wild did not work properly with the BEAST mitigation in place. + + To make such broken servers work, the --ssl-allow-beast option was + introduced. Exactly as it sounds, it re-introduces the BEAST vulnerability + but on the other hand it allows curl to connect to that kind of strange + servers. + +## Disabling certificate revocation checks + + Some SSL backends may do certificate revocation checks (CRL, OCSP, etc) + depending on the OS or build configuration. The --ssl-no-revoke option was + introduced in 7.44.0 to disable revocation checking but currently is only + supported for Schannel (the native Windows SSL library), with an exception + in the case of Windows' Untrusted Publishers block list which it seems cannot + be bypassed. This option may have broader support to accommodate other SSL + backends in the future. + + References: + + https://curl.se/docs/ssl-compared.html diff --git a/deps/curl/docs/SSLCERTS.md b/deps/curl/docs/SSLCERTS.md new file mode 100644 index 00000000..300039c7 --- /dev/null +++ b/deps/curl/docs/SSLCERTS.md @@ -0,0 +1,123 @@ + + +# TLS Certificate Verification + +## Native vs file based + +If curl was built with Schannel or Secure Transport support, then curl uses +the system native CA store for verification. All other TLS libraries use a +file based CA store by default. + +## Verification + +Every trusted server certificate is digitally signed by a Certificate +Authority, a CA. + +In your local CA store you have a collection of certificates from *trusted* +certificate authorities that TLS clients like curl use to verify servers. + +curl does certificate verification by default. This is done by verifying the +signature and making sure the certificate was crafted for the server name +provided in the URL. + +If you communicate with HTTPS, FTPS or other TLS-using servers using +certificates signed by a CA whose certificate is present in the store, you can +be sure that the remote server really is the one it claims to be. + +If the remote server uses a self-signed certificate, if you do not install a +CA cert store, if the server uses a certificate signed by a CA that is not +included in the store you use or if the remote host is an impostor +impersonating your favorite site, the certificate check fails and reports an +error. + +If you think it wrongly failed the verification, consider one of the following +sections. + +### Skip verification + +Tell curl to *not* verify the peer with `-k`/`--insecure`. + +We **strongly** recommend this is avoided and that even if you end up doing +this for experimentation or development, **never** skip verification in +production. + +### Use a custom CA store + +Get a CA certificate that can verify the remote server and use the proper +option to point out this CA cert for verification when connecting - for this +specific transfer only. + +With the curl command line tool: `--cacert [file]` + +If you use the curl command line tool without a native CA store, then you can +specify your own CA cert file by setting the environment variable +`CURL_CA_BUNDLE` to the path of your choice. + +If you are using the curl command line tool on Windows, curl searches for a CA +cert file named `curl-ca-bundle.crt` in these directories and in this order: + 1. application's directory + 2. current working directory + 3. Windows System directory (e.g. C:\Windows\System32) + 4. Windows Directory (e.g. C:\Windows) + 5. all directories along %PATH% + +curl 8.11.0 added a build-time option to disable this search behavior, and +another option to restrict search to the application's directory. + +### Use the native store + +In several environments, in particular on Windows, you can ask curl to use the +system's native CA store when verifying the certificate. + +With the curl command line tool: `--ca-native`. + +### Modify the CA store + +Add the CA cert for your server to the existing default CA certificate store. + +Usually you can figure out the path to the local CA store by looking at the +verbose output that `curl -v` shows when you connect to an HTTPS site. + +### Change curl's default CA store + +The default CA certificate store curl uses is set at build time. When you +build curl you can point out your preferred path. + +### Extract CA cert from a server + + curl -w %{certs} https://example.com > cacert.pem + +The certificate has `BEGIN CERTIFICATE` and `END CERTIFICATE` markers. + +### Get the Mozilla CA store + +Download a version of the Firefox CA store converted to PEM format on the [CA +Extract](https://curl.se/docs/caextract.html) page. It always features the +latest Firefox bundle. + +## Native CA store + +If curl was built with Schannel, Secure Transport or were instructed to use +the native CA Store, then curl uses the certificates that are built into the +OS. These are the same certificates that appear in the Internet Options +control panel (under Windows) or Keychain Access application (under macOS). +Any custom security rules for certificates are honored. + +Schannel runs CRL checks on certificates unless peer verification is disabled. +Secure Transport on iOS runs OCSP checks on certificates unless peer +verification is disabled. Secure Transport on macOS runs either OCSP or CRL +checks on certificates if those features are enabled, and this behavior can be +adjusted in the preferences of Keychain Access. + +## HTTPS proxy + +curl can do HTTPS to the proxy separately from the connection to the server. +This TLS connection is handled and verified separately from the server +connection so instead of `--insecure` and `--cacert` to control the +certificate verification, you use `--proxy-insecure` and `--proxy-cacert`. +With these options, you make sure that the TLS connection and the trust of the +proxy can be kept totally separate from the TLS connection to the server. diff --git a/deps/curl/docs/TheArtOfHttpScripting.md b/deps/curl/docs/TheArtOfHttpScripting.md new file mode 100644 index 00000000..46369d6e --- /dev/null +++ b/deps/curl/docs/TheArtOfHttpScripting.md @@ -0,0 +1,712 @@ + + +# The Art Of Scripting HTTP Requests Using curl + +## Background + + This document assumes that you are familiar with HTML and general networking. + + The increasing amount of applications moving to the web has made "HTTP + Scripting" more frequently requested and wanted. To be able to automatically + extract information from the web, to fake users, to post or upload data to + web servers are all important tasks today. + + curl is a command line tool for doing all sorts of URL manipulations and + transfers, but this particular document focuses on how to use it when doing + HTTP requests for fun and profit. This documents assumes that you know how to + invoke `curl --help` or `curl --manual` to get basic information about it. + + curl is not written to do everything for you. It makes the requests, it gets + the data, it sends data and it retrieves the information. You probably need + to glue everything together using some kind of script language or repeated + manual invokes. + +## The HTTP Protocol + + HTTP is the protocol used to fetch data from web servers. It is a simple + protocol that is built upon TCP/IP. The protocol also allows information to + get sent to the server from the client using a few different methods, as is + shown here. + + HTTP is plain ASCII text lines being sent by the client to a server to + request a particular action, and then the server replies a few text lines + before the actual requested content is sent to the client. + + The client, curl, sends an HTTP request. The request contains a method (like + GET, POST, HEAD etc), a number of request headers and sometimes a request + body. The HTTP server responds with a status line (indicating if things went + well), response headers and most often also a response body. The "body" part + is the plain data you requested, like the actual HTML or the image etc. + +## See the Protocol + + Using curl's option [`--verbose`](https://curl.se/docs/manpage.html#-v) (`-v` + as a short option) displays what kind of commands curl sends to the server, + as well as a few other informational texts. + + `--verbose` is the single most useful option when it comes to debug or even + understand the curl<->server interaction. + + Sometimes even `--verbose` is not enough. Then + [`--trace`](https://curl.se/docs/manpage.html#-trace) and + [`--trace-ascii`](https://curl.se/docs/manpage.html#--trace-ascii) + offer even more details as they show **everything** curl sends and + receives. Use it like this: + + curl --trace-ascii debugdump.txt http://www.example.com/ + +## See the Timing + + Many times you may wonder what exactly is taking all the time, or you just + want to know the amount of milliseconds between two points in a transfer. For + those, and other similar situations, the + [`--trace-time`](https://curl.se/docs/manpage.html#--trace-time) option is + what you need. It prepends the time to each trace output line: + + curl --trace-ascii d.txt --trace-time http://example.com/ + +## See which Transfer + + When doing parallel transfers, it is relevant to see which transfer is doing + what. When response headers are received (and logged) you need to know which + transfer these are for. + [`--trace-ids`](https://curl.se/docs/manpage.html#--trace-ids) option is what + you need. It prepends the transfer and connection identifier to each trace + output line: + + curl --trace-ascii d.txt --trace-ids http://example.com/ + +## See the Response + + By default curl sends the response to stdout. You need to redirect it + somewhere to avoid that, most often that is done with `-o` or `-O`. + +# URL + +## Spec + + The Uniform Resource Locator format is how you specify the address of a + particular resource on the Internet. You know these, you have seen URLs like + https://curl.se or https://example.com a million times. RFC 3986 is the + canonical spec. The formal name is not URL, it is **URI**. + +## Host + + The hostname is usually resolved using DNS or your /etc/hosts file to an IP + address and that is what curl communicates with. Alternatively you specify + the IP address directly in the URL instead of a name. + + For development and other trying out situations, you can point to a different + IP address for a hostname than what would otherwise be used, by using curl's + [`--resolve`](https://curl.se/docs/manpage.html#--resolve) option: + + curl --resolve www.example.org:80:127.0.0.1 http://www.example.org/ + +## Port number + + Each protocol curl supports operates on a default port number, be it over TCP + or in some cases UDP. Normally you do not have to take that into + consideration, but at times you run test servers on other ports or + similar. Then you can specify the port number in the URL with a colon and a + number immediately following the hostname. Like when doing HTTP to port + 1234: + + curl http://www.example.org:1234/ + + The port number you specify in the URL is the number that the server uses to + offer its services. Sometimes you may use a proxy, and then you may + need to specify that proxy's port number separately from what curl needs to + connect to the server. Like when using an HTTP proxy on port 4321: + + curl --proxy http://proxy.example.org:4321 http://remote.example.org/ + +## Username and password + + Some services are setup to require HTTP authentication and then you need to + provide name and password which is then transferred to the remote site in + various ways depending on the exact authentication protocol used. + + You can opt to either insert the user and password in the URL or you can + provide them separately: + + curl http://user:password@example.org/ + + or + + curl -u user:password http://example.org/ + + You need to pay attention that this kind of HTTP authentication is not what + is usually done and requested by user-oriented websites these days. They tend + to use forms and cookies instead. + +## Path part + + The path part is just sent off to the server to request that it sends back + the associated response. The path is what is to the right side of the slash + that follows the hostname and possibly port number. + +# Fetch a page + +## GET + + The simplest and most common request/operation made using HTTP is to GET a + URL. The URL could itself refer to a webpage, an image or a file. The client + issues a GET request to the server and receives the document it asked for. + If you issue the command line + + curl https://curl.se + + you get a webpage returned in your terminal window. The entire HTML document + this URL identifies. + + All HTTP replies contain a set of response headers that are normally hidden, + use curl's [`--include`](https://curl.se/docs/manpage.html#-i) (`-i`) + option to display them as well as the rest of the document. + +## HEAD + + You can ask the remote server for ONLY the headers by using the + [`--head`](https://curl.se/docs/manpage.html#-I) (`-I`) option which makes + curl issue a HEAD request. In some special cases servers deny the HEAD method + while others still work, which is a particular kind of annoyance. + + The HEAD method is defined and made so that the server returns the headers + exactly the way it would do for a GET, but without a body. It means that you + may see a `Content-Length:` in the response headers, but there must not be an + actual body in the HEAD response. + +## Multiple URLs in a single command line + + A single curl command line may involve one or many URLs. The most common case + is probably to just use one, but you can specify any amount of URLs. Yes any. + No limits. You then get requests repeated over and over for all the given + URLs. + + Example, send two GET requests: + + curl http://url1.example.com http://url2.example.com + + If you use [`--data`](https://curl.se/docs/manpage.html#-d) to POST to + the URL, using multiple URLs means that you send that same POST to all the + given URLs. + + Example, send two POSTs: + + curl --data name=curl http://url1.example.com http://url2.example.com + + +## Multiple HTTP methods in a single command line + + Sometimes you need to operate on several URLs in a single command line and do + different HTTP methods on each. For this, you might enjoy the + [`--next`](https://curl.se/docs/manpage.html#-:) option. It is basically a + separator that separates a bunch of options from the next. All the URLs + before `--next` get the same method and get all the POST data merged into + one. + + When curl reaches the `--next` on the command line, it resets the method and + the POST data and allow a new set. + + Perhaps this is best shown with a few examples. To send first a HEAD and then + a GET: + + curl -I http://example.com --next http://example.com + + To first send a POST and then a GET: + + curl -d score=10 http://example.com/post.cgi --next http://example.com/results.html + +# HTML forms + +## Forms explained + + Forms are the general way a website can present an HTML page with fields for + the user to enter data in, and then press some kind of 'OK' or 'Submit' + button to get that data sent to the server. The server then typically uses + the posted data to decide how to act. Like using the entered words to search + in a database, or to add the info in a bug tracking system, display the + entered address on a map or using the info as a login-prompt verifying that + the user is allowed to see what it is about to see. + + Of course there has to be some kind of program on the server end to receive + the data you send. You cannot just invent something out of the air. + +## GET + + A GET-form uses the method GET, as specified in HTML like: + +```html +
+ + +
+``` + + In your favorite browser, this form appears with a text box to fill in and a + press-button labeled "OK". If you fill in '1905' and press the OK button, + your browser then creates a new URL to get for you. The URL gets + `junk.cgi?birthyear=1905&press=OK` appended to the path part of the previous + URL. + + If the original form was seen on the page `www.example.com/when/birth.html`, + the second page you get becomes + `www.example.com/when/junk.cgi?birthyear=1905&press=OK`. + + Most search engines work this way. + + To make curl do the GET form post for you, just enter the expected created + URL: + + curl "http://www.example.com/when/junk.cgi?birthyear=1905&press=OK" + +## POST + + The GET method makes all input field names get displayed in the URL field of + your browser. That is generally a good thing when you want to be able to + bookmark that page with your given data, but it is an obvious disadvantage if + you entered secret information in one of the fields or if there are a large + amount of fields creating a long and unreadable URL. + + The HTTP protocol then offers the POST method. This way the client sends the + data separated from the URL and thus you do not see any of it in the URL + address field. + + The form would look similar to the previous one: + +```html +
+ + +
+``` + + And to use curl to post this form with the same data filled in as before, we + could do it like: + + curl --data "birthyear=1905&press=%20OK%20" http://www.example.com/when/junk.cgi + + This kind of POST uses the Content-Type `application/x-www-form-urlencoded` + and is the most widely used POST kind. + + The data you send to the server MUST already be properly encoded, curl does + not do that for you. For example, if you want the data to contain a space, + you need to replace that space with `%20`, etc. Failing to comply with this + most likely causes your data to be received wrongly and messed up. + + Recent curl versions can in fact url-encode POST data for you, like this: + + curl --data-urlencode "name=I am Daniel" http://www.example.com + + If you repeat `--data` several times on the command line, curl concatenates + all the given data pieces - and put a `&` symbol between each data segment. + +## File Upload POST + + Back in late 1995 they defined an additional way to post data over HTTP. It + is documented in the RFC 1867, why this method sometimes is referred to as + RFC 1867-posting. + + This method is mainly designed to better support file uploads. A form that + allows a user to upload a file could be written like this in HTML: + +
+ + +
+ + This clearly shows that the Content-Type about to be sent is + `multipart/form-data`. + + To post to a form like this with curl, you enter a command line like: + + curl --form upload=@localfilename --form press=OK [URL] + +## Hidden Fields + + A common way for HTML based applications to pass state information between + pages is to add hidden fields to the forms. Hidden fields are already filled + in, they are not displayed to the user and they get passed along just as all + the other fields. + + A similar example form with one visible field, one hidden field and one + submit button could look like: + +```html +
+ + + +
+``` + + To POST this with curl, you do not have to think about if the fields are + hidden or not. To curl they are all the same: + + curl --data "birthyear=1905&press=OK&person=daniel" [URL] + +## Figure Out What A POST Looks Like + + When you are about to fill in a form and send it to a server by using curl + instead of a browser, you are of course interested in sending a POST exactly + the way your browser does. + + An easy way to get to see this, is to save the HTML page with the form on + your local disk, modify the 'method' to a GET, and press the submit button + (you could also change the action URL if you want to). + + You then clearly see the data get appended to the URL, separated with a + `?`-letter as GET forms are supposed to. + +# HTTP upload + +## PUT + + Perhaps the best way to upload data to an HTTP server is to use PUT. Then + again, this of course requires that someone put a program or script on the + server end that knows how to receive an HTTP PUT stream. + + Put a file to an HTTP server with curl: + + curl --upload-file uploadfile http://www.example.com/receive.cgi + +# HTTP Authentication + +## Basic Authentication + + HTTP Authentication is the ability to tell the server your username and + password so that it can verify that you are allowed to do the request you are + doing. The Basic authentication used in HTTP (which is the type curl uses by + default) is **plain text** based, which means it sends username and password + only slightly obfuscated, but still fully readable by anyone that sniffs on + the network between you and the remote server. + + To tell curl to use a user and password for authentication: + + curl --user name:password http://www.example.com + +## Other Authentication + + The site might require a different authentication method (check the headers + returned by the server), and then + [`--ntlm`](https://curl.se/docs/manpage.html#--ntlm), + [`--digest`](https://curl.se/docs/manpage.html#--digest), + [`--negotiate`](https://curl.se/docs/manpage.html#--negotiate) or even + [`--anyauth`](https://curl.se/docs/manpage.html#--anyauth) might be + options that suit you. + +## Proxy Authentication + + Sometimes your HTTP access is only available through the use of an HTTP + proxy. This seems to be especially common at various companies. An HTTP proxy + may require its own user and password to allow the client to get through to + the Internet. To specify those with curl, run something like: + + curl --proxy-user proxyuser:proxypassword curl.se + + If your proxy requires the authentication to be done using the NTLM method, + use [`--proxy-ntlm`](https://curl.se/docs/manpage.html#--proxy-ntlm), if + it requires Digest use + [`--proxy-digest`](https://curl.se/docs/manpage.html#--proxy-digest). + + If you use any one of these user+password options but leave out the password + part, curl prompts for the password interactively. + +## Hiding credentials + + Do note that when a program is run, its parameters might be possible to see + when listing the running processes of the system. Thus, other users may be + able to watch your passwords if you pass them as plain command line + options. There are ways to circumvent this. + + It is worth noting that while this is how HTTP Authentication works, many + websites do not use this concept when they provide logins etc. See the Web + Login chapter further below for more details on that. + +# More HTTP Headers + +## Referer + + An HTTP request may include a 'referer' field (yes it is misspelled), which + can be used to tell from which URL the client got to this particular + resource. Some programs/scripts check the referer field of requests to verify + that this was not arriving from an external site or an unknown page. While + this is a stupid way to check something so easily forged, many scripts still + do it. Using curl, you can put anything you want in the referer-field and + thus more easily be able to fool the server into serving your request. + + Use curl to set the referer field with: + + curl --referer http://www.example.come http://www.example.com + +## User Agent + + Similar to the referer field, all HTTP requests may set the User-Agent + field. It names what user agent (client) that is being used. Many + applications use this information to decide how to display pages. Silly web + programmers try to make different pages for users of different browsers to + make them look the best possible for their particular browsers. They usually + also do different kinds of JavaScript etc. + + At times, you may learn that getting a page with curl does not return the + same page that you see when getting the page with your browser. Then you know + it is time to set the User Agent field to fool the server into thinking you + are one of those browsers. + + By default, curl uses curl/VERSION, such as User-Agent: curl/8.11.0. + + To make curl look like Internet Explorer 5 on a Windows 2000 box: + + curl --user-agent "Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0)" [URL] + + Or why not look like you are using Netscape 4.73 on an old Linux box: + + curl --user-agent "Mozilla/4.73 [en] (X11; U; Linux 2.2.15 i686)" [URL] + +## Redirects + +## Location header + + When a resource is requested from a server, the reply from the server may + include a hint about where the browser should go next to find this page, or a + new page keeping newly generated output. The header that tells the browser to + redirect is `Location:`. + + curl does not follow `Location:` headers by default, but simply displays such + pages in the same manner it displays all HTTP replies. It does however + feature an option that makes it attempt to follow the `Location:` pointers. + + To tell curl to follow a Location: + + curl --location http://www.example.com + + If you use curl to POST to a site that immediately redirects you to another + page, you can safely use [`--location`](https://curl.se/docs/manpage.html#-L) + (`-L`) and `--data`/`--form` together. curl only uses POST in the first + request, and then revert to GET in the following operations. + +## Other redirects + + Browsers typically support at least two other ways of redirects that curl + does not: first the html may contain a meta refresh tag that asks the browser + to load a specific URL after a set number of seconds, or it may use + JavaScript to do it. + +# Cookies + +## Cookie Basics + + The way the web browsers do "client side state control" is by using + cookies. Cookies are just names with associated contents. The cookies are + sent to the client by the server. The server tells the client for what path + and hostname it wants the cookie sent back, and it also sends an expiration + date and a few more properties. + + When a client communicates with a server with a name and path as previously + specified in a received cookie, the client sends back the cookies and their + contents to the server, unless of course they are expired. + + Many applications and servers use this method to connect a series of requests + into a single logical session. To be able to use curl in such occasions, we + must be able to record and send back cookies the way the web application + expects them. The same way browsers deal with them. + +## Cookie options + + The simplest way to send a few cookies to the server when getting a page with + curl is to add them on the command line like: + + curl --cookie "name=Daniel" http://www.example.com + + Cookies are sent as common HTTP headers. This is practical as it allows curl + to record cookies simply by recording headers. Record cookies with curl by + using the [`--dump-header`](https://curl.se/docs/manpage.html#-D) (`-D`) + option like: + + curl --dump-header headers_and_cookies http://www.example.com + + (Take note that the + [`--cookie-jar`](https://curl.se/docs/manpage.html#-c) option described + below is a better way to store cookies.) + + curl has a full blown cookie parsing engine built-in that comes in use if you + want to reconnect to a server and use cookies that were stored from a + previous connection (or hand-crafted manually to fool the server into + believing you had a previous connection). To use previously stored cookies, + you run curl like: + + curl --cookie stored_cookies_in_file http://www.example.com + + curl's "cookie engine" gets enabled when you use the + [`--cookie`](https://curl.se/docs/manpage.html#-b) option. If you only + want curl to understand received cookies, use `--cookie` with a file that + does not exist. Example, if you want to let curl understand cookies from a + page and follow a location (and thus possibly send back cookies it received), + you can invoke it like: + + curl --cookie nada --location http://www.example.com + + curl has the ability to read and write cookie files that use the same file + format that Netscape and Mozilla once used. It is a convenient way to share + cookies between scripts or invokes. The `--cookie` (`-b`) switch + automatically detects if a given file is such a cookie file and parses it, + and by using the `--cookie-jar` (`-c`) option you make curl write a new + cookie file at the end of an operation: + + curl --cookie cookies.txt --cookie-jar newcookies.txt \ + http://www.example.com + +# HTTPS + +## HTTPS is HTTP secure + + There are a few ways to do secure HTTP transfers. By far the most common + protocol for doing this is what is generally known as HTTPS, HTTP over + SSL. SSL encrypts all the data that is sent and received over the network and + thus makes it harder for attackers to spy on sensitive information. + + SSL (or TLS as the current version of the standard is called) offers a set of + advanced features to do secure transfers over HTTP. + + curl supports encrypted fetches when built to use a TLS library and it can be + built to use one out of a fairly large set of libraries - `curl -V` shows + which one your curl was built to use (if any). To get a page from an HTTPS + server, simply run curl like: + + curl https://secure.example.com + +## Certificates + + In the HTTPS world, you use certificates to validate that you are the one you + claim to be, as an addition to normal passwords. curl supports client- side + certificates. All certificates are locked with a passphrase, which you need + to enter before the certificate can be used by curl. The passphrase can be + specified on the command line or if not, entered interactively when curl + queries for it. Use a certificate with curl on an HTTPS server like: + + curl --cert mycert.pem https://secure.example.com + + curl also tries to verify that the server is who it claims to be, by + verifying the server's certificate against a locally stored CA cert bundle. + Failing the verification causes curl to deny the connection. You must then + use [`--insecure`](https://curl.se/docs/manpage.html#-k) (`-k`) in case you + want to tell curl to ignore that the server cannot be verified. + + More about server certificate verification and ca cert bundles can be read in + the [`SSLCERTS` document](https://curl.se/docs/sslcerts.html). + + At times you may end up with your own CA cert store and then you can tell + curl to use that to verify the server's certificate: + + curl --cacert ca-bundle.pem https://example.com/ + +# Custom Request Elements + +## Modify method and headers + + Doing fancy stuff, you may need to add or change elements of a single curl + request. + + For example, you can change the POST method to `PROPFIND` and send the data + as `Content-Type: text/xml` (instead of the default `Content-Type`) like + this: + + curl --data "" --header "Content-Type: text/xml" \ + --request PROPFIND example.com + + You can delete a default header by providing one without content. Like you + can ruin the request by chopping off the `Host:` header: + + curl --header "Host:" http://www.example.com + + You can add headers the same way. Your server may want a `Destination:` + header, and you can add it: + + curl --header "Destination: http://nowhere" http://example.com + +## More on changed methods + + It should be noted that curl selects which methods to use on its own + depending on what action to ask for. `-d` makes a POST, `-I` makes a HEAD and + so on. If you use the [`--request`](https://curl.se/docs/manpage.html#-X) / + `-X` option you can change the method keyword curl selects, but you do not + modify curl's behavior. This means that if you for example use -d "data" to + do a POST, you can modify the method to a `PROPFIND` with `-X` and curl still + thinks it sends a POST. You can change the normal GET to a POST method by + simply adding `-X POST` in a command line like: + + curl -X POST http://example.org/ + + curl however still acts as if it sent a GET so it does not send any request + body etc. + +# Web Login + +## Some login tricks + + While not strictly just HTTP related, it still causes a lot of people + problems so here's the executive run-down of how the vast majority of all + login forms work and how to login to them using curl. + + It can also be noted that to do this properly in an automated fashion, you + most certainly need to script things and do multiple curl invokes etc. + + First, servers mostly use cookies to track the logged-in status of the + client, so you need to capture the cookies you receive in the responses. + Then, many sites also set a special cookie on the login page (to make sure + you got there through their login page) so you should make a habit of first + getting the login-form page to capture the cookies set there. + + Some web-based login systems feature various amounts of JavaScript, and + sometimes they use such code to set or modify cookie contents. Possibly they + do that to prevent programmed logins, like this manual describes how to... + Anyway, if reading the code is not enough to let you repeat the behavior + manually, capturing the HTTP requests done by your browsers and analyzing the + sent cookies is usually a working method to work out how to shortcut the + JavaScript need. + + In the actual `
` tag for the login, lots of sites fill-in + random/session or otherwise secretly generated hidden tags and you may need + to first capture the HTML code for the login form and extract all the hidden + fields to be able to do a proper login POST. Remember that the contents need + to be URL encoded when sent in a normal POST. + +# Debug + +## Some debug tricks + + Many times when you run curl on a site, you notice that the site does not + seem to respond the same way to your curl requests as it does to your + browser's. + + Then you need to start making your curl requests more similar to your + browser's requests: + + - Use the `--trace-ascii` option to store fully detailed logs of the requests + for easier analyzing and better understanding + + - Make sure you check for and use cookies when needed (both reading with + `--cookie` and writing with `--cookie-jar`) + + - Set user-agent (with [`-A`](https://curl.se/docs/manpage.html#-A)) to + one like a recent popular browser does + + - Set referer (with [`-E`](https://curl.se/docs/manpage.html#-E)) like + it is set by the browser + + - If you use POST, make sure you send all the fields and in the same order as + the browser does it. + +## Check what the browsers do + + A good helper to make sure you do this right, is the web browsers' developers + tools that let you view all headers you send and receive (even when using + HTTPS). + + A more raw approach is to capture the HTTP traffic on the network with tools + such as Wireshark or tcpdump and check what headers that were sent and + received by the browser. (HTTPS forces you to use `SSLKEYLOGFILE` to do + that.) diff --git a/deps/curl/docs/URL-SYNTAX.md b/deps/curl/docs/URL-SYNTAX.md new file mode 100644 index 00000000..61682f42 --- /dev/null +++ b/deps/curl/docs/URL-SYNTAX.md @@ -0,0 +1,395 @@ + + +# URL syntax and their use in curl + +## Specifications + +The official "URL syntax" is primarily defined in these two different +specifications: + + - [RFC 3986](https://datatracker.ietf.org/doc/html/rfc3986) (although URL is called + "URI" in there) + - [The WHATWG URL Specification](https://url.spec.whatwg.org/) + +RFC 3986 is the earlier one, and curl has always tried to adhere to that one +(since it shipped in January 2005). + +The WHATWG URL spec was written later, is incompatible with the RFC 3986 and +changes over time. + +## Variations + +URL parsers as implemented in browsers, libraries and tools usually opt to +support one of the mentioned specifications. Bugs, differences in +interpretations and the moving nature of the WHATWG spec does however make it +unlikely that multiple parsers treat URLs the same way. + +## Security + +Due to the inherent differences between URL parser implementations, it is +considered a security risk to mix different implementations and assume the +same behavior. + +For example, if you use one parser to check if a URL uses a good hostname or +the correct auth field, and then pass on that same URL to a *second* parser, +there is always a risk it treats the same URL differently. There is no right +and wrong in URL land, only differences of opinions. + +libcurl offers a separate API to its URL parser for this reason, among others. + +Applications may at times find it convenient to allow users to specify URLs +for various purposes and that string would then end up fed to curl. Getting a +URL from an external untrusted party and using it with curl brings several +security concerns: + +1. If you have an application that runs as or in a server application, getting + an unfiltered URL can trick your application to access a local resource + instead of a remote resource. Protecting yourself against localhost accesses + is hard when accepting user provided URLs. + +2. Such custom URLs can access other ports than you planned as port numbers + are part of the regular URL format. The combination of a local host and a + custom port number can allow external users to play tricks with your local + services. + +3. Such a URL might use other schemes than you thought of or planned for. + +## "RFC 3986 plus" + +curl recognizes a URL syntax that we call "RFC 3986 plus". It is grounded on +the well established RFC 3986 to make sure previously written command lines +and curl using scripts remain working. + +curl's URL parser allows a few deviations from the spec in order to +inter-operate better with URLs that appear in the wild. + +### Spaces + +A URL provided to curl cannot contain spaces. They need to be provided URL +encoded to be accepted in a URL by curl. + +An exception to this rule: `Location:` response headers that indicate to a +client where a resource has been redirected to, sometimes contain spaces. This +is a violation of RFC 3986 but is fine in the WHATWG spec. curl handles these +by re-encoding them to `%20`. + +### Non-ASCII + +Byte values in a provided URL that are outside of the printable ASCII range +are percent-encoded by curl. + +### Multiple slashes + +An absolute URL always starts with a "scheme" followed by a colon. For all the +schemes curl supports, the colon must be followed by two slashes according to +RFC 3986 but not according to the WHATWG spec - which allows one to infinity +amount. + +curl allows one, two or three slashes after the colon to still be considered a +valid URL. + +### "scheme-less" + +curl supports "URLs" that do not start with a scheme. This is not supported by +any of the specifications. This is a shortcut to entering URLs that was +supported by browsers early on and has been mimicked by curl. + +Based on what the hostname starts with, curl "guesses" what protocol to use: + + - `ftp.` means FTP + - `dict.` means DICT + - `ldap.` means LDAP + - `imap.` means IMAP + - `smtp.` means SMTP + - `pop3.` means POP3 + - all other means HTTP + +### Globbing letters + +The curl command line tool supports "globbing" of URLs. It means that you can +create ranges and lists using `[N-M]` and `{one,two,three}` sequences. The +letters used for this (`[]{}`) are reserved in RFC 3986 and can therefore not +legitimately be part of such a URL. + +They are however not reserved or special in the WHATWG specification, so +globbing can mess up such URLs. Globbing can be turned off for such occasions +(using `--globoff`). + +# URL syntax details + +A URL may consist of the following components - many of them are optional: + + [scheme][divider][userinfo][hostname][port number][path][query][fragment] + +Each component is separated from the following component with a divider +character or string. + +For example, this could look like: + + http://user:password@www.example.com:80/index.html?foo=bar#top + +## Scheme + +The scheme specifies the protocol to use. A curl build can support a few or +many different schemes. You can limit what schemes curl should accept. + +curl supports the following schemes on URLs specified to transfer. They are +matched case insensitively: + +`dict`, `file`, `ftp`, `ftps`, `gopher`, `gophers`, `http`, `https`, `imap`, +`imaps`, `ldap`, `ldaps`, `mqtt`, `pop3`, `pop3s`, `rtmp`, `rtmpe`, `rtmps`, +`rtmpt`, `rtmpte`, `rtmpts`, `rtsp`, `smb`, `smbs`, `smtp`, `smtps`, `telnet`, +`tftp` + +When the URL is specified to identify a proxy, curl recognizes the following +schemes: + +`http`, `https`, `socks4`, `socks4a`, `socks5`, `socks5h`, `socks` + +## Userinfo + +The userinfo field can be used to set username and password for +authentication purposes in this transfer. The use of this field is discouraged +since it often means passing around the password in plain text and is thus a +security risk. + +URLs for IMAP, POP3 and SMTP also support *login options* as part of the +userinfo field. They are provided as a semicolon after the password and then +the options. + +## Hostname + +The hostname part of the URL contains the address of the server that you want +to connect to. This can be the fully qualified domain name of the server, the +local network name of the machine on your network or the IP address of the +server or machine represented by either an IPv4 or IPv6 address (within +brackets). For example: + + http://www.example.com/ + + http://hostname/ + + http://192.168.0.1/ + + http://[2001:1890:1112:1::20]/ + +### "localhost" + +Starting in curl 7.77.0, curl uses loopback IP addresses for the name +`localhost`: `127.0.0.1` and `::1`. It does not resolve the name using the +resolver functions. + +This is done to make sure the host accessed is truly the localhost - the local +machine. + +### IDNA + +If curl was built with International Domain Name (IDN) support, it can also +handle hostnames using non-ASCII characters. + +When built with libidn2, curl uses the IDNA 2008 standard. This is equivalent +to the WHATWG URL spec, but differs from certain browsers that use IDNA 2003 +Transitional Processing. The two standards have a huge overlap but differ +slightly, perhaps most famously in how they deal with the German "double s" +(`ß`). + +When WinIDN is used, curl uses IDNA 2003 Transitional Processing, like the rest +of Windows. + +## Port number + +If there is a colon after the hostname, that should be followed by the port +number to use. 1 - 65535. curl also supports a blank port number field - but +only if the URL starts with a scheme. + +If the port number is not specified in the URL, curl uses a default port +number based on the provide scheme: + +DICT 2628, FTP 21, FTPS 990, GOPHER 70, GOPHERS 70, HTTP 80, HTTPS 443, +IMAP 132, IMAPS 993, LDAP 369, LDAPS 636, MQTT 1883, POP3 110, POP3S 995, +RTMP 1935, RTMPS 443, RTMPT 80, RTSP 554, SCP 22, SFTP 22, SMB 445, SMBS 445, +SMTP 25, SMTPS 465, TELNET 23, TFTP 69 + +# Scheme specific behaviors + +## FTP + +The path part of an FTP request specifies the file to retrieve and from which +directory. If the file part is omitted then libcurl downloads the directory +listing for the directory specified. If the directory is omitted then the +directory listing for the root / home directory is returned. + +FTP servers typically put the user in its "home directory" after login, which +then differs between users. To explicitly specify the root directory of an FTP +server, start the path with double slash `//` or `/%2f` (2F is the hexadecimal +value of the ASCII code for the slash). + +## FILE + +When a `FILE://` URL is accessed on Windows systems, it can be crafted in a +way so that Windows attempts to connect to a (remote) machine when curl wants +to read or write such a path. + +curl only allows the hostname part of a FILE URL to be one out of these three +alternatives: `localhost`, `127.0.0.1` or blank ("", zero characters). +Anything else makes curl fail to parse the URL. + +### Windows-specific FILE details + +curl accepts that the FILE URL's path starts with a "drive letter". That is a +single letter `a` to `z` followed by a colon or a pipe character (`|`). + +The Windows operating system itself converts some file accesses to perform +network accesses over SMB/CIFS, through several different file path patterns. +This way, a `file://` URL passed to curl *might* be converted into a network +access inadvertently and unknowingly to curl. This is a Windows feature curl +cannot control or disable. + +## IMAP + +The path part of an IMAP request not only specifies the mailbox to list or +select, but can also be used to check the `UIDVALIDITY` of the mailbox, to +specify the `UID`, `SECTION` and `PARTIAL` octets of the message to fetch and +to specify what messages to search for. + +A top level folder list: + + imap://user:password@mail.example.com + +A folder list on the user's inbox: + + imap://user:password@mail.example.com/INBOX + +Select the user's inbox and fetch message with `uid = 1`: + + imap://user:password@mail.example.com/INBOX/;UID=1 + +Select the user's inbox and fetch the first message in the mail box: + + imap://user:password@mail.example.com/INBOX/;MAILINDEX=1 + +Select the user's inbox, check the `UIDVALIDITY` of the mailbox is 50 and +fetch message 2 if it is: + + imap://user:password@mail.example.com/INBOX;UIDVALIDITY=50/;UID=2 + +Select the user's inbox and fetch the text portion of message 3: + + imap://user:password@mail.example.com/INBOX/;UID=3/;SECTION=TEXT + +Select the user's inbox and fetch the first 1024 octets of message 4: + + imap://user:password@mail.example.com/INBOX/;UID=4/;PARTIAL=0.1024 + +Select the user's inbox and check for NEW messages: + + imap://user:password@mail.example.com/INBOX?NEW + +Select the user's inbox and search for messages containing "shadows" in the +subject line: + + imap://user:password@mail.example.com/INBOX?SUBJECT%20shadows + +Searching via the query part of the URL `?` is a search request for the +results to be returned as message sequence numbers (`MAILINDEX`). It is +possible to make a search request for results to be returned as unique ID +numbers (`UID`) by using a custom curl request via `-X`. `UID` numbers are +unique per session (and multiple sessions when `UIDVALIDITY` is the same). For +example, if you are searching for `"foo bar"` in header+body (`TEXT`) and you +want the matching `MAILINDEX` numbers returned then you could search via URL: + + imap://user:password@mail.example.com/INBOX?TEXT%20%22foo%20bar%22 + +If you want matching `UID` numbers you have to use a custom request: + + imap://user:password@mail.example.com/INBOX -X "UID SEARCH TEXT \"foo bar\"" + +For more information about IMAP commands please see RFC 9051. For more +information about the individual components of an IMAP URL please see RFC 5092. + +* Note old curl versions would `FETCH` by message sequence number when `UID` +was specified in the URL. That was a bug fixed in 7.62.0, which added +`MAILINDEX` to `FETCH` by mail sequence number. + +## LDAP + +The path part of a LDAP request can be used to specify the: Distinguished +Name, Attributes, Scope, Filter and Extension for a LDAP search. Each field is +separated by a question mark and when that field is not required an empty +string with the question mark separator should be included. + +Search for the `DN` as `My Organization`: + + ldap://ldap.example.com/o=My%20Organization + +the same search but only return `postalAddress` attributes: + + ldap://ldap.example.com/o=My%20Organization?postalAddress + +Search for an empty `DN` and request information about the +`rootDomainNamingContext` attribute for an Active Directory server: + + ldap://ldap.example.com/?rootDomainNamingContext + +For more information about the individual components of a LDAP URL please +see [RFC 4516](https://datatracker.ietf.org/doc/html/rfc4516). + +## POP3 + +The path part of a POP3 request specifies the message ID to retrieve. If the +ID is not specified then a list of waiting messages is returned instead. + +## SCP + +The path part of an SCP URL specifies the path and file to retrieve or +upload. The file is taken as an absolute path from the root directory on the +server. + +To specify a path relative to the user's home directory on the server, prepend +`~/` to the path portion. + +## SFTP + +The path part of an SFTP URL specifies the file to retrieve or upload. If the +path ends with a slash (`/`) then a directory listing is returned instead of a +file. If the path is omitted entirely then the directory listing for the root +/ home directory is returned. + +## SMB +The path part of a SMB request specifies the file to retrieve and from what +share and directory or the share to upload to and as such, may not be omitted. +If the username is embedded in the URL then it must contain the domain name +and as such, the backslash must be URL encoded as %2f. + +When uploading to SMB, the size of the file needs to be known ahead of time, +meaning that you can upload a file passed to curl over a pipe like stdin. + +curl supports SMB version 1 (only) + +## SMTP + +The path part of a SMTP request specifies the hostname to present during +communication with the mail server. If the path is omitted, then libcurl +attempts to resolve the local computer's hostname. However, this may not +return the fully qualified domain name that is required by some mail servers +and specifying this path allows you to set an alternative name, such as your +machine's fully qualified domain name, which you might have obtained from an +external function such as gethostname or getaddrinfo. + +The default smtp port is 25. Some servers use port 587 as an alternative. + +## RTMP + +There is no official URL spec for RTMP so libcurl uses the URL syntax supported +by the underlying librtmp library. It has a syntax where it wants a +traditional URL, followed by a space and a series of space-separated +`name=value` pairs. + +While space is not typically a "legal" letter, libcurl accepts them. When a +user wants to pass in a `#` (hash) character it is treated as a fragment and +it gets cut off by libcurl if provided literally. You have to escape it by +providing it as backslash and its ASCII value in hexadecimal: `\23`. diff --git a/deps/curl/docs/VERSIONS.md b/deps/curl/docs/VERSIONS.md new file mode 100644 index 00000000..93a39a45 --- /dev/null +++ b/deps/curl/docs/VERSIONS.md @@ -0,0 +1,63 @@ + + +Version Numbers and Releases +============================ + + The command line tool curl and the library libcurl are individually + versioned, but they usually follow each other closely. + + The version numbering is always built up using the same system: + + X.Y.Z + + - X is main version number + - Y is release number + - Z is patch number + +## Bumping numbers + + One of these numbers get bumped in each new release. The numbers to the right + of a bumped number are reset to zero. + + The main version number is bumped when *really* big, world colliding changes + are made. The release number is bumped when changes are performed or + things/features are added. The patch number is bumped when the changes are + mere bugfixes. + + It means that after release 1.2.3, we can release 2.0.0 if something really + big has been made, 1.3.0 if not that big changes were made or 1.2.4 if only + bugs were fixed. + + Bumping, as in increasing the number with 1, is unconditionally only + affecting one of the numbers (except the ones to the right of it, that may be + set to zero). 1 becomes 2, 3 becomes 4, 9 becomes 10, 88 becomes 89 and 99 + becomes 100. So, after 1.2.9 comes 1.2.10. After 3.99.3, 3.100.0 might come. + + All original curl source release archives are named according to the libcurl + version (not according to the curl client version that, as said before, might + differ). + + As a service to any application that might want to support new libcurl + features while still being able to build with older versions, all releases + have the libcurl version stored in the `curl/curlver.h` file using a static + numbering scheme that can be used for comparison. The version number is + defined as: + +```c +#define LIBCURL_VERSION_NUM 0xXXYYZZ +``` + + Where `XX`, `YY` and `ZZ` are the main version, release and patch numbers in + hexadecimal. All three number fields are always represented using two digits + (eight bits each). 1.2 would appear as "0x010200" while version 9.11.7 + appears as `0x090b07`. + + This 6-digit hexadecimal number is always a greater number in a more recent + release. It makes comparisons with greater than and less than work. + + This number is also available as three separate defines: + `LIBCURL_VERSION_MAJOR`, `LIBCURL_VERSION_MINOR` and `LIBCURL_VERSION_PATCH`. diff --git a/deps/curl/docs/VULN-DISCLOSURE-POLICY.md b/deps/curl/docs/VULN-DISCLOSURE-POLICY.md new file mode 100644 index 00000000..35063053 --- /dev/null +++ b/deps/curl/docs/VULN-DISCLOSURE-POLICY.md @@ -0,0 +1,339 @@ + + +# curl vulnerability disclosure policy + +This document describes how security vulnerabilities are handled in the curl +project. + +## Publishing Information + +All known and public curl or libcurl related vulnerabilities are listed on +[the curl website security page](https://curl.se/docs/security.html). + +Security vulnerabilities **should not** be entered in the project's public bug +tracker. + +## Vulnerability Handling + +The typical process for handling a new security vulnerability is as follows. + +No information should be made public about a vulnerability until it is +formally announced at the end of this process. That means, for example, that a +bug tracker entry must NOT be created to track the issue since that makes the +issue public and it should not be discussed on any of the project's public +mailing lists. Messages associated with any commits should not make any +reference to the security nature of the commit if done prior to the public +announcement. + +- The person discovering the issue, the reporter, reports the vulnerability on + [HackerOne](https://hackerone.com/curl). Issues filed there reach a handful + of selected and trusted people. + +- Messages that do not relate to the reporting or managing of an undisclosed + security vulnerability in curl or libcurl are ignored and no further action + is required. + +- A person in the security team responds to the original report to acknowledge + that a human has seen the report. + +- The security team investigates the report and either rejects it or accepts + it. See below for examples of problems that are not considered + vulnerabilities. + +- If the report is rejected, the team writes to the reporter to explain why. + +- If the report is accepted, the team writes to the reporter to let them + know it is accepted and that they are working on a fix. + +- The security team discusses the problem, works out a fix, considers the + impact of the problem and suggests a release schedule. This discussion + should involve the reporter as much as possible. + +- The release of the information should be "as soon as possible" and is most + often synchronized with an upcoming release that contains the fix. If the + reporter, or anyone else involved, thinks the next planned release is too + far away, then a separate earlier release should be considered. + +- Write a security advisory draft about the problem that explains what the + problem is, its impact, which versions it affects, solutions or workarounds, + when the release is out and make sure to credit all contributors properly. + Figure out the CWE (Common Weakness Enumeration) number for the flaw. See + [SECURITY-ADVISORY](https://curl.se/dev/advisory.html) for help on creating + the advisory. + +- Request a CVE Id for the issue. curl is a CNA (CVE Numbering Authority) and + can request its own numbers. + +- Update the "security advisory" with the CVE number. + +- The security team commits the fix in a private branch. The commit message + should ideally contain the CVE number. If the severity level of the issue is + set to Low or Medium, the fix is allowed to get merged into the master + repository via a normal PR - but without mentioning it being a security + vulnerability. + +- The monetary reward part of the bug-bounty is managed by the Internet Bug + Bounty team and the reporter is asked to request the reward from them after + the issue has been completely handled and published by curl. + +- No more than 10 days before release, inform + [distros@openwall](https://oss-security.openwall.org/wiki/mailing-lists/distros) + to prepare them about the upcoming public security vulnerability + announcement - attach the advisory draft for information with CVE and + current patch. 'distros' does not accept an embargo longer than 14 days and + they do not care for Windows-specific flaws. + +- No more than 48 hours before the release, the private branch is merged into + the master branch and pushed. Once pushed, the information is accessible to + the public and the actual release should follow suit immediately afterwards. + The time between the push and the release is used for final tests and + reviews. + +- The project team creates a release that includes the fix. + +- The project team announces the release and the vulnerability to the world in + the same manner we always announce releases. It gets sent to the + curl-announce, curl-library and curl-users mailing lists. + +- The security webpage on the website should get the new vulnerability + mentioned. + +## security (at curl dot se) + +This is a private mailing list for discussions on and about curl security +issues. + +Who is on this list? There are a couple of criteria you must meet, and then we +might ask you to join the list or you can ask to join it. It really is not a +formal process. We basically only require that you have a long-term presence +in the curl project and you have shown an understanding for the project and +its way of working. You must have been around for a good while and you should +have no plans of vanishing in the near future. + +We do not make the list of participants public mostly because it tends to vary +somewhat over time and a list somewhere only risks getting outdated. + +## Publishing Security Advisories + +1. Write up the security advisory, using markdown syntax. Use the same + subtitles as last time to maintain consistency. + +2. Name the advisory file after the allocated CVE id. + +3. Add a line on the top of the array in `curl-www/docs/vuln.pm`. + +4. Put the new advisory markdown file in the `curl-www/docs/` directory. Add it + to the git repository. + +5. Run `make` in your local web checkout and verify that things look fine. + +6. On security advisory release day, push the changes on the curl-www + repository's remote master branch. + +## HackerOne + +Request the issue to be disclosed. If there are sensitive details present in +the report and discussion, those should be redacted from the disclosure. The +default policy is to disclose as much as possible as soon as the vulnerability +has been published. + +## Bug Bounty + +See [BUG-BOUNTY](https://curl.se/docs/bugbounty.html) for details on the +bug bounty program. + +# Severity levels + +The curl project's security team rates security problems using four severity +levels depending how serious we consider the problem to be. We use **Low**, +**Medium**, **High** and **Critical**. We refrain from using numerical scoring +of vulnerabilities. + +We do not support CVSS as a method to grade security vulnerabilities, so we do +not set them for CVE records published by the curl project. We believe CVSS is +a broken system that often does not properly evaluate to suitable severity +levels that reflect all dimensions and factors involved. Other organizations +however set and provide CVSS scores for curl vulnerabilities. You need to +decide for yourself if you believe they know enough about the subjects +involved to make reasonable assessments. Deciding between four different +severity levels is hard enough for us. + +When deciding severity level on a particular issue, we take all the factors +into account: attack vector, attack complexity, required privileges, necessary +build configuration, protocols involved, platform specifics and also what +effects a possible exploit or trigger of the issue can lead do, including +confidentiality, integrity or availability problems. + +## Low + +This is a security problem that is truly hard or unlikely to exploit or +trigger. Due to timing, platform requirements or the fact that options or +protocols involved are rare etc. [Past +example](https://curl.se/docs/CVE-2022-43552.html) + +## Medium + +This is a security problem that is less hard than **Low** to exploit or +trigger. Less strict timing, wider platforms availability or involving more +widely used options or protocols. A problem that usually needs something else +to also happen to become serious. [Past +example](https://curl.se/docs/CVE-2022-32206.html) + +## High + +This issue in itself a serious problem with real world impact. Flaws that can +easily compromise the confidentiality, integrity or availability of resources. +Exploiting or triggering this problem is not hard. [Past +example](https://curl.se/docs/CVE-2019-3822.html) + +## Critical + +Easily exploitable by a remote unauthenticated attacker and lead to system +compromise (arbitrary code execution) without requiring user interaction, with +a common configuration on a popular platform. This issue has few restrictions +and requirements and can be exploited easily using most curl configurations. +[Past example](https://curl.se/docs/CVE-2000-0973.html) + +# Not security issues + +This is an incomplete list of issues that are not considered vulnerabilities. + +## Small memory leaks + +We do not consider a small memory leak a security problem; even if the amount +of allocated memory grows by a small amount every now and then. Long-living +applications and services already need to have counter-measures and deal with +growing memory usage, be it leaks or just increased use. A small memory or +resource leak is then expected to *not* cause a security problem. + +Of course there can be a discussion if a leak is small or not. A large leak +can be considered a security problem due to the DOS risk. If leaked memory +contains sensitive data it might also qualify as a security problem. + +## Never-ending transfers + +We do not consider flaws that cause a transfer to never end to be a security +problem. There are already several benign and likely reasons for transfers to +stall and never end, so applications that cannot deal with never-ending +transfers already need to have counter-measures established. + +If the problem avoids the regular counter-measures when it causes a never- +ending transfer, it might be a security problem. + +## Not practically possible + +If the flaw or vulnerability cannot practically get executed on existing +hardware it is not a security problem. + +## API misuse + +If a reported issue only triggers by an application using the API in a way +that is not documented to work or even documented to not work, it is probably +not going to be considered a security problem. We only guarantee secure and +proper functionality when the APIs are used as expected and documented. + +There can be a discussion about what the documentation actually means and how +to interpret the text, which might end up with us still agreeing that it is a +security problem. + +## Local attackers already present + +When an issue can only be attacked or misused by an attacker present on the +local system or network, the bar is raised. If a local user wrongfully has +elevated rights on your system enough to attack curl, they can probably +already do much worse harm and the problem is not really in curl. + +## Debug & Experiments + +Vulnerabilities in features which are off by default (in the build) and +documented as experimental, or exist only in debug mode, are not eligible for a +reward and we do not consider them security problems. + +## URL inconsistencies + +URL parser inconsistencies between browsers and curl are expected and are not +considered security vulnerabilities. The WHATWG URL Specification and RFC +3986+ (the plus meaning that it is an extended version) [are not completely +interoperable](https://github.com/bagder/docs/blob/master/URL-interop.md). + +Obvious parser bugs can still be vulnerabilities of course. + +## Visible command line arguments + +The curl command blanks the contents of a number of command line arguments to +prevent them from appearing in process listings. It does not blank all +arguments even if some of them that are not blanked might contain sensitive +data. We consider this functionality a best-effort and omissions are not +security vulnerabilities. + + - not all systems allow the arguments to be blanked in the first place + - since curl blanks the argument itself they are readable for a short moment + no matter what + - virtually every argument can contain sensitive data, depending on use + - blanking all arguments would make it impractical for users to differentiate + curl command lines in process listings + +## Busy-loops + +Busy-loops that consume 100% CPU time but eventually end (perhaps due to a set +timeout value or otherwise) are not considered security problems. Applications +are supposed to already handle situations when the transfer loop legitimately +consumes 100% CPU time, so while a prolonged such busy-loop is a nasty bug, we +do not consider it a security problem. + +## Saving files + +curl cannot protect against attacks where an attacker has write access to the +same directory where curl is directed to save files. + +## Tricking a user to run a command line + +A creative, misleading or funny looking command line is not a security +problem. The curl command line tool takes options and URLs on the command line +and if an attacker can trick the user to run a specifically crafted curl +command line, all bets are off. Such an attacker can just as well have the +user run a much worse command that can do something fatal (like +`sudo rm -rf /`). + +## Terminal output and escape sequences + +Content that is transferred from a server and gets displayed in a terminal by +curl may contain escape sequences or use other tricks to fool the user. This +is curl working as designed and is not a curl security problem. Escape +sequences, moving cursor, changing color etc, is also frequently used for +good. To reduce the risk of getting fooled, save files and browse them after +download using a display method that minimizes risks. + +## NULL dereferences and crashes + +If a malicious server can trigger a NULL dereference in curl or otherwise +cause curl to crash (and nothing worse), chances are big that we do not +consider that a security problem. + +Malicious servers can already cause considerable harm and denial of service +like scenarios without having to trigger such code paths. For example by +stalling, being terribly slow or by delivering enormous amounts of data. +Additionally, applications are expected to handle "normal" crashes without +that being the end of the world. + +There need to be more and special circumstances to treat such problems as +security issues. + +## Legacy dependencies + +Problems that can be triggered only by the use of a *legacy dependency* are +not considered security problems. + +A *legacy dependency* is here defined as: + +- the legacy version was released over ten years ago AND + +- the legacy version is no longer in use by any existing still supported + operating system or distribution AND + +- there are modern versions of equivalent or better functionality offered and + in common use diff --git a/deps/curl/docs/cmdline-opts/CMakeLists.txt b/deps/curl/docs/cmdline-opts/CMakeLists.txt new file mode 100644 index 00000000..712d729b --- /dev/null +++ b/deps/curl/docs/cmdline-opts/CMakeLists.txt @@ -0,0 +1,42 @@ +#*************************************************************************** +# _ _ ____ _ +# Project ___| | | | _ \| | +# / __| | | | |_) | | +# | (__| |_| | _ <| |___ +# \___|\___/|_| \_\_____| +# +# Copyright (C) Daniel Stenberg, , et al. +# +# This software is licensed as described in the file COPYING, which +# you should have received as part of this distribution. The terms +# are also available at https://curl.se/docs/copyright.html. +# +# You may opt to use, copy, modify, merge, publish, distribute and/or sell +# copies of the Software, and permit persons to whom the Software is +# furnished to do so, under the terms of the COPYING file. +# +# This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY +# KIND, either express or implied. +# +# SPDX-License-Identifier: curl +# +########################################################################### +# Get 'DPAGES' variable +curl_transform_makefile_inc("Makefile.inc" "${CMAKE_CURRENT_BINARY_DIR}/Makefile.inc.cmake") +include("${CMAKE_CURRENT_BINARY_DIR}/Makefile.inc.cmake") + +add_custom_command(OUTPUT "${CURL_MANPAGE}" "${CURL_ASCIIPAGE}" + WORKING_DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR} + COMMAND "${PERL_EXECUTABLE}" "${PROJECT_SOURCE_DIR}/scripts/managen" mainpage ${DPAGES} > "${CURL_MANPAGE}" + COMMAND "${PERL_EXECUTABLE}" "${PROJECT_SOURCE_DIR}/scripts/managen" ascii ${DPAGES} > "${CURL_ASCIIPAGE}" + DEPENDS + "${PROJECT_SOURCE_DIR}/scripts/managen" + ${DPAGES} + VERBATIM +) + +add_custom_target(generate-curl.1 ALL DEPENDS "${CURL_MANPAGE}") + +if(NOT CURL_DISABLE_INSTALL) + install(FILES "${CURL_MANPAGE}" DESTINATION "${CMAKE_INSTALL_MANDIR}/man1") +endif() diff --git a/deps/curl/docs/cmdline-opts/MANPAGE.md b/deps/curl/docs/cmdline-opts/MANPAGE.md new file mode 100644 index 00000000..3e2e7151 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/MANPAGE.md @@ -0,0 +1,118 @@ + + +# curl man page generator + +`managen` is the curl man page generator. It generates a single nroff man page +output from the set of sources files in this directory. + +The `mainpage.idx` file lists all files that are rendered in that order to +produce the output. The magic `%options` keyword inserts all command line +options documented. + +The `%options` documentation is created with one source file for each +supported command line option. + +The documentation file format is described below. It is meant to look similar +to markdown which is why it uses `.md` file extensions. + +## Option files + +Each command line option is described in a file named `.d`, where +option name is written without any prefixing dashes. Like the filename for the +`-v, --verbose` option is named `verbose.d`. + +Each file has a set of meta-data in the top of the file, followed by a body of +text. + +The documentation files that do not document options have no meta-data part. + +A line that starts with ``. + +### Meta-data + + --- (start of meta-data) + Added: (version number in which this was added) + Arg: (the argument the option takes) + c: (copyright line) + Example: + - (an example command line, without "curl" and can use `$URL`) + - (another example) + Experimental: yes (if so) + Help: (short text for the --help output for this option) + Long: (long form name, without dashes) + Magic: (description of "magic" options) + Multi: single/append/boolean/mutex/custom/per-URL (if used more than once) + Mutexed: (space separated list of options this overrides, no dashes) + Protocols: (space separated list for which protocols this option works) + Requires: (space separated list of features this requires, no dashes) + Scope: global (if the option is global) + See-also: + - (a related option, no dashes) + - (another related option, no dashes) + Short: (single letter, without dash) + SPDX-License-Identifier: curl + Tags: (space separated list) + --- (end of meta-data) + +### Body + +The body of the description. Only refer to options with their long form option +version, like `--verbose`. The output generator replaces such option with the +correct markup that shows both short and long version. + +Text written within `*asterisks*` is shown using italics. Text within two +`**asterisks**` is shown using bold. + +Text that is prefixed with a space is treated like an "example" and gets +output in monospace. + +Within the body, describe a list of items like this: + + ## item 1 + description + + ## item 2 + second description + +The list is automatically terminated at end of file, or you can do it +explicitly with an empty "header": + + ## + +Angle brackets (`<>`) need to be escaped when used in text like `\<` and +`\>`. This, to ensure that the text renders nicely as markdown. + +### Headers + +The `#` header can be used by non-option files and it produces a +`.SH` output. + +If the `#` header is used for a command line option file, that header is +simply ignored in the generated output. It can still serve a purpose in the +source file as it helps the user identify what option the file is for. + +### Variables + +There are three different "variables" that can be used when creating the +output. They need to be written within backticks in the source file (to escape +getting spellchecked by CI jobs): `%DATE`, `%VERSION` and `%GLOBALS`. + +## Generate + +`managen mainpage [list of markdown option file names]` + +This command outputs a single huge nroff file, meant to become `curl.1`. The +full curl man page. + +`managen ascii [list of markdown option file names]` + +This command outputs a single text file, meant to become `curl.txt`. The full +curl man page in text format, used to build `tool_hugehelp.c`. + +`managen listhelp` + +Generates a full `curl --help` output for all known command line options. diff --git a/deps/curl/docs/cmdline-opts/_AUTHORS.md b/deps/curl/docs/cmdline-opts/_AUTHORS.md new file mode 100644 index 00000000..0c9bfb95 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/_AUTHORS.md @@ -0,0 +1,5 @@ + + +# AUTHORS +Daniel Stenberg is the main author, but the whole list of contributors is +found in the separate THANKS file. diff --git a/deps/curl/docs/cmdline-opts/_BUGS.md b/deps/curl/docs/cmdline-opts/_BUGS.md new file mode 100644 index 00000000..45630d43 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/_BUGS.md @@ -0,0 +1,5 @@ + + +# BUGS +If you experience any problems with curl, submit an issue in the project's bug +tracker on GitHub: https://github.com/curl/curl/issues diff --git a/deps/curl/docs/cmdline-opts/_DESCRIPTION.md b/deps/curl/docs/cmdline-opts/_DESCRIPTION.md new file mode 100644 index 00000000..3e06c1b3 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/_DESCRIPTION.md @@ -0,0 +1,11 @@ + + +# DESCRIPTION + +**curl** is a tool for transferring data from or to a server using URLs. It +supports these protocols: DICT, FILE, FTP, FTPS, GOPHER, GOPHERS, HTTP, HTTPS, +IMAP, IMAPS, LDAP, LDAPS, MQTT, POP3, POP3S, RTMP, RTMPS, RTSP, SCP, SFTP, +SMB, SMBS, SMTP, SMTPS, TELNET, TFTP, WS and WSS. + +curl is powered by libcurl for all transfer-related features. See +*libcurl(3)* for details. diff --git a/deps/curl/docs/cmdline-opts/_ENVIRONMENT.md b/deps/curl/docs/cmdline-opts/_ENVIRONMENT.md new file mode 100644 index 00000000..97c75bcb --- /dev/null +++ b/deps/curl/docs/cmdline-opts/_ENVIRONMENT.md @@ -0,0 +1,114 @@ + + +# ENVIRONMENT +The environment variables can be specified in lower case or upper case. The +lower case version has precedence. `http_proxy` is an exception as it is only +available in lower case. + +Using an environment variable to set the proxy has the same effect as using +the --proxy option. + +## `http_proxy` [protocol://][:port] +Sets the proxy server to use for HTTP. + +## `HTTPS_PROXY` [protocol://][:port] +Sets the proxy server to use for HTTPS. + +## `[url-protocol]_PROXY` [protocol://][:port] +Sets the proxy server to use for [url-protocol], where the protocol is a +protocol that curl supports and as specified in a URL. FTP, FTPS, POP3, IMAP, +SMTP, LDAP, etc. + +## `ALL_PROXY` [protocol://][:port] +Sets the proxy server to use if no protocol-specific proxy is set. + +## `NO_PROXY` +list of hostnames that should not go through any proxy. If set to an asterisk +'*' only, it matches all hosts. Each name in this list is matched as either a +domain name which contains the hostname, or the hostname itself. + +This environment variable disables use of the proxy even when specified with +the --proxy option. That is + + NO_PROXY=direct.example.com curl -x http://proxy.example.com + http://direct.example.com + +accesses the target URL directly, and + + NO_PROXY=direct.example.com curl -x http://proxy.example.com + http://somewhere.example.com + +accesses the target URL through the proxy. + +The list of hostnames can also be include numerical IP addresses, and IPv6 +versions should then be given without enclosing brackets. + +IP addresses can be specified using CIDR notation: an appended slash and +number specifies the number of "network bits" out of the address to use in the +comparison (added in 7.86.0). For example "192.168.0.0/16" would match all +addresses starting with "192.168". + +## `APPDATA` +On Windows, this variable is used when trying to find the home directory. If +the primary home variables are all unset. + +## `COLUMNS` +If set, the specified number of characters is used as the terminal width when +the alternative progress-bar is shown. If not set, curl tries to figure it out +using other ways. + +## `CURL_CA_BUNDLE` +If set, it is used as the --cacert value. This environment variable is ignored +if Schannel is used as the TLS backend. + +## `CURL_HOME` +If set, is the first variable curl checks when trying to find its home +directory. If not set, it continues to check *XDG_CONFIG_HOME* + +## `CURL_SSL_BACKEND` +If curl was built with support for "MultiSSL", meaning that it has built-in +support for more than one TLS backend, this environment variable can be set to +the case insensitive name of the particular backend to use when curl is +invoked. Setting a name that is not a built-in alternative makes curl stay +with the default. + +SSL backend names (case-insensitive): **bearssl**, **gnutls**, **mbedtls**, +**openssl**, **rustls**, **schannel**, **secure-transport**, **wolfssl** + +## `HOME` +If set, this is used to find the home directory when that is needed. Like when +looking for the default .curlrc. *CURL_HOME* and *XDG_CONFIG_HOME* +have preference. + +## `QLOGDIR` +If curl was built with HTTP/3 support, setting this environment variable to a +local directory makes curl produce **qlogs** in that directory, using file +names named after the destination connection id (in hex). Do note that these +files can become rather large. Works with the ngtcp2 and quiche QUIC backends. + +## `SHELL` +Used on VMS when trying to detect if using a **DCL** or a **Unix** shell. + +## `SSL_CERT_DIR` +If set, it is used as the --capath value. This environment variable is ignored +if Schannel is used as the TLS backend. + +## `SSL_CERT_FILE` +If set, it is used as the --cacert value. This environment variable is ignored +if Schannel is used as the TLS backend. + +## `SSLKEYLOGFILE` +If you set this environment variable to a filename, curl stores TLS secrets +from its connections in that file when invoked to enable you to analyze the +TLS traffic in real time using network analyzing tools such as Wireshark. This +works with the following TLS backends: OpenSSL, LibreSSL (TLS 1.2 max), +BoringSSL, GnuTLS and wolfSSL. + +## `USERPROFILE` +On Windows, this variable is used when trying to find the home directory. If +the other, primary, variable are all unset. If set, curl uses the path +**"$USERPROFILE\Application Data"**. + +## `XDG_CONFIG_HOME` +If *CURL_HOME* is not set, this variable is checked when looking for a +default .curlrc file. diff --git a/deps/curl/docs/cmdline-opts/_EXITCODES.md b/deps/curl/docs/cmdline-opts/_EXITCODES.md new file mode 100644 index 00000000..03ca1b4c --- /dev/null +++ b/deps/curl/docs/cmdline-opts/_EXITCODES.md @@ -0,0 +1,203 @@ + + +# EXIT CODES +There are a bunch of different error codes and their corresponding error +messages that may appear under error conditions. At the time of this writing, +the exit codes are: +## 0 +Success. The operation completed successfully according to the instructions. +## 1 +Unsupported protocol. This build of curl has no support for this protocol. +## 2 +Failed to initialize. +## 3 +URL malformed. The syntax was not correct. +## 4 +A feature or option that was needed to perform the desired request was not +enabled or was explicitly disabled at build-time. To make curl able to do +this, you probably need another build of libcurl. +## 5 +Could not resolve proxy. The given proxy host could not be resolved. +## 6 +Could not resolve host. The given remote host could not be resolved. +## 7 +Failed to connect to host. +## 8 +Weird server reply. The server sent data curl could not parse. +## 9 +FTP access denied. The server denied login or denied access to the particular +resource or directory you wanted to reach. Most often you tried to change to a +directory that does not exist on the server. +## 10 +FTP accept failed. While waiting for the server to connect back when an active +FTP session is used, an error code was sent over the control connection or +similar. +## 11 +FTP weird PASS reply. curl could not parse the reply sent to the PASS request. +## 12 +During an active FTP session while waiting for the server to connect back to +curl, the timeout expired. +## 13 +FTP weird PASV reply, curl could not parse the reply sent to the PASV request. +## 14 +FTP weird 227 format. curl could not parse the 227-line the server sent. +## 15 +FTP cannot use host. Could not resolve the host IP we got in the 227-line. +## 16 +HTTP/2 error. A problem was detected in the HTTP2 framing layer. This is +somewhat generic and can be one out of several problems, see the error message +for details. +## 17 +FTP could not set binary. Could not change transfer method to binary. +## 18 +Partial file. Only a part of the file was transferred. +## 19 +FTP could not download/access the given file, the RETR (or similar) command +failed. +## 21 +FTP quote error. A quote command returned error from the server. +## 22 +HTTP page not retrieved. The requested URL was not found or returned another +error with the HTTP error code being 400 or above. This return code only +appears if --fail is used. +## 23 +Write error. curl could not write data to a local filesystem or similar. +## 25 +Failed starting the upload. For FTP, the server typically denied the STOR +command. +## 26 +Read error. Various reading problems. +## 27 +Out of memory. A memory allocation request failed. +## 28 +Operation timeout. The specified time-out period was reached according to the +conditions. +## 30 +FTP PORT failed. The PORT command failed. Not all FTP servers support the PORT +command, try doing a transfer using PASV instead. +## 31 +FTP could not use REST. The REST command failed. This command is used for +resumed FTP transfers. +## 33 +HTTP range error. The range "command" did not work. +## 34 +HTTP post error. Internal post-request generation error. +## 35 +SSL connect error. The SSL handshaking failed. +## 36 +Bad download resume. Could not continue an earlier aborted download. +## 37 +FILE could not read file. Failed to open the file. Permissions? +## 38 +LDAP cannot bind. LDAP bind operation failed. +## 39 +LDAP search failed. +## 41 +Function not found. A required LDAP function was not found. +## 42 +Aborted by callback. An application told curl to abort the operation. +## 43 +Internal error. A function was called with a bad parameter. +## 45 +Interface error. A specified outgoing interface could not be used. +## 47 +Too many redirects. When following redirects, curl hit the maximum amount. +## 48 +Unknown option specified to libcurl. This indicates that you passed a weird +option to curl that was passed on to libcurl and rejected. Read up in the +manual. +## 49 +Malformed telnet option. +## 52 +The server did not reply anything, which here is considered an error. +## 53 +SSL crypto engine not found. +## 54 +Cannot set SSL crypto engine as default. +## 55 +Failed sending network data. +## 56 +Failure in receiving network data. +## 58 +Problem with the local certificate. +## 59 +Could not use specified SSL cipher. +## 60 +Peer certificate cannot be authenticated with known CA certificates. +## 61 +Unrecognized transfer encoding. +## 63 +Maximum file size exceeded. +## 64 +Requested FTP SSL level failed. +## 65 +Sending the data requires a rewind that failed. +## 66 +Failed to initialize SSL Engine. +## 67 +The username, password, or similar was not accepted and curl failed to log in. +## 68 +File not found on TFTP server. +## 69 +Permission problem on TFTP server. +## 70 +Out of disk space on TFTP server. +## 71 +Illegal TFTP operation. +## 72 +Unknown TFTP transfer ID. +## 73 +File already exists (TFTP). +## 74 +No such user (TFTP). +## 77 +Problem reading the SSL CA cert (path? access rights?). +## 78 +The resource referenced in the URL does not exist. +## 79 +An unspecified error occurred during the SSH session. +## 80 +Failed to shut down the SSL connection. +## 82 +Could not load CRL file, missing or wrong format (added in 7.19.0). +## 83 +Issuer check failed (added in 7.19.0). +## 84 +The FTP PRET command failed. +## 85 +Mismatch of RTSP CSeq numbers. +## 86 +Mismatch of RTSP Session Identifiers. +## 87 +Unable to parse FTP file list. +## 88 +FTP chunk callback reported error. +## 89 +No connection available, the session is queued. +## 90 +SSL public key does not matched pinned public key. +## 91 +Invalid SSL certificate status. +## 92 +Stream error in HTTP/2 framing layer. +## 93 +An API function was called from inside a callback. +## 94 +An authentication function returned an error. +## 95 +A problem was detected in the HTTP/3 layer. This is somewhat generic and can +be one out of several problems, see the error message for details. +## 96 +QUIC connection error. This error may be caused by an SSL library error. QUIC +is the protocol used for HTTP/3 transfers. +## 97 +Proxy handshake error. +## 98 +A client-side certificate is required to complete the TLS handshake. +## 99 +Poll or select returned fatal error. +## 100 +A value or data field grew larger than allowed. +## XX +More error codes might appear here in future releases. The existing ones are +meant to never change. diff --git a/deps/curl/docs/cmdline-opts/_FILES.md b/deps/curl/docs/cmdline-opts/_FILES.md new file mode 100644 index 00000000..8c5d3faa --- /dev/null +++ b/deps/curl/docs/cmdline-opts/_FILES.md @@ -0,0 +1,6 @@ + + +# FILES +*~/.curlrc* + +Default config file, see --config for details. diff --git a/deps/curl/docs/cmdline-opts/_GLOBBING.md b/deps/curl/docs/cmdline-opts/_GLOBBING.md new file mode 100644 index 00000000..282356c3 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/_GLOBBING.md @@ -0,0 +1,40 @@ + + +# GLOBBING +You can specify multiple URLs or parts of URLs by writing lists within braces +or ranges within brackets. We call this "globbing". + +Provide a list with three different names like this: + + "http://site.{one,two,three}.com" + +Do sequences of alphanumeric series by using [] as in: + + "ftp://ftp.example.com/file[1-100].txt" + +With leading zeroes: + + "ftp://ftp.example.com/file[001-100].txt" + +With letters through the alphabet: + + "ftp://ftp.example.com/file[a-z].txt" + +Nested sequences are not supported, but you can use several ones next to each +other: + + "http://example.com/archive[1996-1999]/vol[1-4]/part{a,b,c}.html" + +You can specify a step counter for the ranges to get every Nth number or +letter: + + "http://example.com/file[1-100:10].txt" + + "http://example.com/file[a-z:2].txt" + +When using [] or {} sequences when invoked from a command line prompt, you +probably have to put the full URL within double quotes to avoid the shell from +interfering with it. This also goes for other characters treated special, like +for example '&', '?' and '*'. + +Switch off globbing with --globoff. diff --git a/deps/curl/docs/cmdline-opts/_NAME.md b/deps/curl/docs/cmdline-opts/_NAME.md new file mode 100644 index 00000000..b0d89161 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/_NAME.md @@ -0,0 +1,4 @@ + + +# NAME +curl - transfer a URL diff --git a/deps/curl/docs/cmdline-opts/_OPTIONS.md b/deps/curl/docs/cmdline-opts/_OPTIONS.md new file mode 100644 index 00000000..c4493647 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/_OPTIONS.md @@ -0,0 +1,33 @@ + + +# OPTIONS + +Options start with one or two dashes. Many of the options require an +additional value next to them. If provided text does not start with a dash, it +is presumed to be and treated as a URL. + +The short "single-dash" form of the options, -d for example, may be used with +or without a space between it and its value, although a space is a recommended +separator. The long double-dash form, --data for example, requires a space +between it and its value. + +Short version options that do not need any additional values can be used +immediately next to each other, like for example you can specify all the +options *-O*, *-L* and *-v* at once as *-OLv*. + +In general, all boolean options are enabled with --**option** and yet again +disabled with --**no-**option. That is, you use the same option name but +prefix it with `no-`. However, in this list we mostly only list and show the +--**option** version of them. + +When --next is used, it resets the parser state and you start again with a +clean option state, except for the options that are global. Global options +retain their values and meaning even after --next. + +The first argument that is exactly two dashes (`--`), marks the end of +options; any argument after the end of options is interpreted as a URL +argument even if it starts with a dash. + +The following options are global: `%GLOBALS`. + +# ALL OPTIONS diff --git a/deps/curl/docs/cmdline-opts/_OUTPUT.md b/deps/curl/docs/cmdline-opts/_OUTPUT.md new file mode 100644 index 00000000..32a5457a --- /dev/null +++ b/deps/curl/docs/cmdline-opts/_OUTPUT.md @@ -0,0 +1,11 @@ + + +# OUTPUT +If not told otherwise, curl writes the received data to stdout. It can be +instructed to instead save that data into a local file, using the --output or +--remote-name options. If curl is given multiple URLs to transfer on the +command line, it similarly needs multiple options for where to save them. + +curl does not parse or otherwise "understand" the content it gets or writes as +output. It does no encoding or decoding, unless explicitly asked to with +dedicated command line options. diff --git a/deps/curl/docs/cmdline-opts/_PROGRESS.md b/deps/curl/docs/cmdline-opts/_PROGRESS.md new file mode 100644 index 00000000..4cbbd8eb --- /dev/null +++ b/deps/curl/docs/cmdline-opts/_PROGRESS.md @@ -0,0 +1,25 @@ + + +# PROGRESS METER + +curl normally displays a progress meter during operations, indicating the +amount of transferred data, transfer speeds and estimated time left, etc. The +progress meter displays the transfer rate in bytes per second. The suffixes +(k, M, G, T, P) are 1024 based. For example 1k is 1024 bytes. 1M is 1048576 +bytes. + +curl displays this data to the terminal by default, so if you invoke curl to +do an operation and it is about to write data to the terminal, it *disables* +the progress meter as otherwise it would mess up the output mixing progress +meter and response data. + +If you want a progress meter for HTTP POST or PUT requests, you need to +redirect the response output to a file, using shell redirect (\>), --output +or similar. + +This does not apply to FTP upload as that operation does not spit out any +response data to the terminal. + +If you prefer a progress bar instead of the regular meter, --progress-bar is +your friend. You can also disable the progress meter completely with the +--silent option. diff --git a/deps/curl/docs/cmdline-opts/_PROTOCOLS.md b/deps/curl/docs/cmdline-opts/_PROTOCOLS.md new file mode 100644 index 00000000..af7019ab --- /dev/null +++ b/deps/curl/docs/cmdline-opts/_PROTOCOLS.md @@ -0,0 +1,53 @@ + + +# PROTOCOLS +curl supports numerous protocols, or put in URL terms: schemes. Your +particular build may not support them all. +## DICT +Lets you lookup words using online dictionaries. +## FILE +Read or write local files. curl does not support accessing file:// URL +remotely, but when running on Microsoft Windows using the native UNC approach +works. +## FTP(S) +curl supports the File Transfer Protocol with a lot of tweaks and levers. With +or without using TLS. +## GOPHER(S) +Retrieve files. +## HTTP(S) +curl supports HTTP with numerous options and variations. It can speak HTTP +version 0.9, 1.0, 1.1, 2 and 3 depending on build options and the correct +command line options. +## IMAP(S) +Using the mail reading protocol, curl can download emails for you. With or +without using TLS. +## LDAP(S) +curl can do directory lookups for you, with or without TLS. +## MQTT +curl supports MQTT version 3. Downloading over MQTT equals subscribe to a +topic while uploading/posting equals publish on a topic. MQTT over TLS is not +supported (yet). +## POP3(S) +Downloading from a pop3 server means getting a mail. With or without using +TLS. +## RTMP(S) +The **Realtime Messaging Protocol** is primarily used to serve streaming media +and curl can download it. +## RTSP +curl supports RTSP 1.0 downloads. +## SCP +curl supports SSH version 2 scp transfers. +## SFTP +curl supports SFTP (draft 5) done over SSH version 2. +## SMB(S) +curl supports SMB version 1 for upload and download. +## SMTP(S) +Uploading contents to an SMTP server means sending an email. With or without +TLS. +## TELNET +Fetching a telnet URL starts an interactive session where it sends what it +reads on stdin and outputs what the server sends it. +## TFTP +curl can do TFTP downloads and uploads. +## WS(S) +WebSocket done over HTTP/1. WSS implies that it works over HTTPS. diff --git a/deps/curl/docs/cmdline-opts/_PROXYPREFIX.md b/deps/curl/docs/cmdline-opts/_PROXYPREFIX.md new file mode 100644 index 00000000..297b56c4 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/_PROXYPREFIX.md @@ -0,0 +1,22 @@ + + +# PROXY PROTOCOL PREFIXES +The proxy string may be specified with a protocol:// prefix to specify +alternative proxy protocols. (Added in 7.21.7) + +If no protocol is specified in the proxy string or if the string does not +match a supported one, the proxy is treated as an HTTP proxy. + +The supported proxy protocol prefixes are as follows: +## http:// +Makes it use it as an HTTP proxy. The default if no scheme prefix is used. +## https:// +Makes it treated as an **HTTPS** proxy. +## socks4:// +Makes it the equivalent of --socks4 +## socks4a:// +Makes it the equivalent of --socks4a +## socks5:// +Makes it the equivalent of --socks5 +## socks5h:// +Makes it the equivalent of --socks5-hostname diff --git a/deps/curl/docs/cmdline-opts/_SEEALSO.md b/deps/curl/docs/cmdline-opts/_SEEALSO.md new file mode 100644 index 00000000..f4d0b55c --- /dev/null +++ b/deps/curl/docs/cmdline-opts/_SEEALSO.md @@ -0,0 +1,5 @@ + + +# SEE ALSO + +**ftp (1)**, **wget (1)** diff --git a/deps/curl/docs/cmdline-opts/_SYNOPSIS.md b/deps/curl/docs/cmdline-opts/_SYNOPSIS.md new file mode 100644 index 00000000..38158774 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/_SYNOPSIS.md @@ -0,0 +1,5 @@ + + +# SYNOPSIS + +**curl [options / URLs]** diff --git a/deps/curl/docs/cmdline-opts/_URL.md b/deps/curl/docs/cmdline-opts/_URL.md new file mode 100644 index 00000000..48ae02a5 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/_URL.md @@ -0,0 +1,28 @@ + + +# URL +The URL syntax is protocol-dependent. You find a detailed description in +RFC 3986. + +If you provide a URL without a leading **protocol://** scheme, curl guesses +what protocol you want. It then defaults to HTTP but assumes others based on +often-used hostname prefixes. For example, for hostnames starting with `ftp.` +curl assumes you want FTP. + +You can specify any amount of URLs on the command line. They are fetched in a +sequential manner in the specified order unless you use --parallel. You can +specify command line options and URLs mixed and in any order on the command +line. + +curl attempts to reuse connections when doing multiple transfers, so that +getting many files from the same server do not use multiple connects and setup +handshakes. This improves speed. Connection reuse can only be done for URLs +specified for a single command line invocation and cannot be performed between +separate curl runs. + +Provide an IPv6 zone id in the URL with an escaped percentage sign. Like in + + "http://[fe80::3%25eth0]/" + +Everything provided on the command line that is not a command line option or +its argument, curl assumes is a URL and treats it as such. diff --git a/deps/curl/docs/cmdline-opts/_VARIABLES.md b/deps/curl/docs/cmdline-opts/_VARIABLES.md new file mode 100644 index 00000000..62b56ca3 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/_VARIABLES.md @@ -0,0 +1,44 @@ + + +# VARIABLES +curl supports command line variables (added in 8.3.0). Set variables with +--variable name=content or --variable name@file (where `file` can be stdin if +set to a single dash (-)). + +Variable contents can be expanded in option parameters using `{{name}}` if the +option name is prefixed with `--expand-`. This gets the contents of the +variable `name` inserted, or a blank if the name does not exist as a +variable. Insert `{{` verbatim in the string by prefixing it with a backslash, +like `\{{`. + +You access and expand environment variables by first importing them. You +select to either require the environment variable to be set or you can provide +a default value in case it is not already set. Plain `--variable %name` +imports the variable called `name` but exits with an error if that environment +variable is not already set. To provide a default value if it is not set, use +`--variable %name=content` or `--variable %name@content`. + +Example. Get the USER environment variable into the URL, fail if USER is not +set: + + --variable '%USER' + --expand-url = "https://example.com/api/{{USER}}/method" + +When expanding variables, curl supports a set of functions that can make the +variable contents more convenient to use. It can trim leading and trailing +white space with `trim`, it can output the contents as a JSON quoted string +with `json`, URL encode the string with `url`, base64 encode it with `b64` and +base64 decode it with `64dec`. To apply functions to a variable expansion, add +them colon separated to the right side of the variable. Variable content +holding null bytes that are not encoded when expanded cause error. + +Example: get the contents of a file called $HOME/.secret into a variable +called "fix". Make sure that the content is trimmed and percent-encoded when +sent as POST data: + + --variable %HOME + --expand-variable fix@{{HOME}}/.secret + --expand-data "{{fix:trim:url}}" + https://example.com/ + +Command line variables and expansions were added in 8.3.0. diff --git a/deps/curl/docs/cmdline-opts/_VERSION.md b/deps/curl/docs/cmdline-opts/_VERSION.md new file mode 100644 index 00000000..e0228fe9 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/_VERSION.md @@ -0,0 +1,15 @@ + + +# VERSION + +This man page describes curl `%VERSION`. If you use a later version, chances +are this man page does not fully document it. If you use an earlier version, +this document tries to include version information about which specific +version that introduced changes. + +You can always learn which the latest curl version is by running + + curl https://curl.se/info + +The online version of this man page is always showing the latest incarnation: +https://curl.se/docs/manpage.html diff --git a/deps/curl/docs/cmdline-opts/_WWW.md b/deps/curl/docs/cmdline-opts/_WWW.md new file mode 100644 index 00000000..35d94669 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/_WWW.md @@ -0,0 +1,4 @@ + + +# WWW +https://curl.se diff --git a/deps/curl/docs/cmdline-opts/abstract-unix-socket.md b/deps/curl/docs/cmdline-opts/abstract-unix-socket.md new file mode 100644 index 00000000..7078e642 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/abstract-unix-socket.md @@ -0,0 +1,21 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: abstract-unix-socket +Arg: +Help: Connect via abstract Unix domain socket +Added: 7.53.0 +Protocols: HTTP +Category: connection +Multi: single +See-also: + - unix-socket +Example: + - --abstract-unix-socket socketpath $URL +--- + +# `--abstract-unix-socket` + +Connect through an abstract Unix domain socket, instead of using the network. +Note: netstat shows the path of an abstract socket prefixed with `@`, however +the \ argument should not have this leading character. diff --git a/deps/curl/docs/cmdline-opts/alt-svc.md b/deps/curl/docs/cmdline-opts/alt-svc.md new file mode 100644 index 00000000..257f4d5b --- /dev/null +++ b/deps/curl/docs/cmdline-opts/alt-svc.md @@ -0,0 +1,28 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: alt-svc +Arg: +Protocols: HTTPS +Help: Enable alt-svc with this cache file +Added: 7.64.1 +Category: http +Multi: append +See-also: + - resolve + - connect-to +Example: + - --alt-svc svc.txt $URL +--- + +# `--alt-svc` + +Enable the alt-svc parser. If the filename points to an existing alt-svc cache +file, that gets used. After a completed transfer, the cache is saved to the +filename again if it has been modified. + +Specify a "" filename (zero length) to avoid loading/saving and make curl just +handle the cache in memory. + +If this option is used several times, curl loads contents from all the +files but the last one is used for saving. diff --git a/deps/curl/docs/cmdline-opts/anyauth.md b/deps/curl/docs/cmdline-opts/anyauth.md new file mode 100644 index 00000000..31b27c4a --- /dev/null +++ b/deps/curl/docs/cmdline-opts/anyauth.md @@ -0,0 +1,30 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: anyauth +Help: Pick any authentication method +Protocols: HTTP +Category: http proxy auth +Added: 7.10.6 +Multi: mutex +See-also: + - proxy-anyauth + - basic + - digest +Example: + - --anyauth --user me:pwd $URL +--- + +# `--anyauth` + +Figure out authentication method automatically, and use the most secure one +the remote site claims to support. This is done by first doing a request and +checking the response-headers, thus possibly inducing an extra network +round-trip. This option is used instead of setting a specific authentication +method, which you can do with --basic, --digest, --ntlm, and --negotiate. + +Using --anyauth is not recommended if you do uploads from stdin, since it may +require data to be sent twice and then the client must be able to rewind. If +the need should arise when uploading from stdin, the upload operation fails. + +Used together with --user. diff --git a/deps/curl/docs/cmdline-opts/append.md b/deps/curl/docs/cmdline-opts/append.md new file mode 100644 index 00000000..3d0030d6 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/append.md @@ -0,0 +1,23 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Short: a +Long: append +Help: Append to target file when uploading +Protocols: FTP SFTP +Category: ftp sftp +Added: 4.8 +Multi: boolean +See-also: + - range + - continue-at +Example: + - --upload-file local --append ftp://example.com/ +--- + +# `--append` + +When used in an upload, this option makes curl append to the target file +instead of overwriting it. If the remote file does not exist, it is +created. Note that this flag is ignored by some SFTP servers (including +OpenSSH). diff --git a/deps/curl/docs/cmdline-opts/aws-sigv4.md b/deps/curl/docs/cmdline-opts/aws-sigv4.md new file mode 100644 index 00000000..517cc1c5 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/aws-sigv4.md @@ -0,0 +1,30 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: aws-sigv4 +Protocols: HTTP +Arg: +Help: AWS V4 signature auth +Category: auth http +Added: 7.75.0 +Multi: single +See-also: + - basic + - user +Example: + - --aws-sigv4 "aws:amz:us-east-2:es" --user "key:secret" $URL +--- + +# `--aws-sigv4` + +Use AWS V4 signature authentication in the transfer. + +The provider argument is a string that is used by the algorithm when creating +outgoing authentication headers. + +The region argument is a string that points to a geographic area of +a resources collection (region-code) when the region name is omitted from +the endpoint. + +The service argument is a string that points to a function provided by a cloud +(service-code) when the service name is omitted from the endpoint. diff --git a/deps/curl/docs/cmdline-opts/basic.md b/deps/curl/docs/cmdline-opts/basic.md new file mode 100644 index 00000000..16acd4cb --- /dev/null +++ b/deps/curl/docs/cmdline-opts/basic.md @@ -0,0 +1,23 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: basic +Help: HTTP Basic Authentication +Protocols: HTTP +Category: auth +Added: 7.10.6 +Multi: mutex +See-also: + - proxy-basic +Example: + - -u name:password --basic $URL +--- + +# `--basic` + +Use HTTP Basic authentication with the remote host. This method is the default +and this option is usually pointless, unless you use it to override a +previously set option that sets a different authentication method (such as +--ntlm, --digest, or --negotiate). + +Used together with --user. diff --git a/deps/curl/docs/cmdline-opts/ca-native.md b/deps/curl/docs/cmdline-opts/ca-native.md new file mode 100644 index 00000000..1cd28490 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/ca-native.md @@ -0,0 +1,38 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: ca-native +Help: Load CA certs from the OS +Protocols: TLS +Category: tls +Added: 8.2.0 +Multi: boolean +See-also: + - cacert + - capath + - dump-ca-embed + - insecure + - proxy-ca-native +Example: + - --ca-native $URL +--- + +# `--ca-native` + +Use the operating system's native CA store for certificate verification. + +This option is independent of other CA certificate locations set at run time or +build time. Those locations are searched in addition to the native CA store. + +This option works with OpenSSL and its forks (LibreSSL, BoringSSL, etc) on +Windows. (Added in 7.71.0) + +This option works with wolfSSL on Windows, Linux (Debian, Ubuntu, Gentoo, +Fedora, RHEL), macOS, Android and iOS. (Added in 8.3.0) + +This option works with GnuTLS. (Added in 8.5.0) + +This option currently has no effect for Schannel or Secure Transport. Those are +native TLS libraries from Microsoft and Apple, respectively, that by default +use the native CA store for verification unless overridden by a CA certificate +location setting. diff --git a/deps/curl/docs/cmdline-opts/cacert.md b/deps/curl/docs/cmdline-opts/cacert.md new file mode 100644 index 00000000..00c277e2 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/cacert.md @@ -0,0 +1,46 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: cacert +Arg: +Help: CA certificate to verify peer against +Protocols: TLS +Category: tls +Added: 7.5 +Multi: single +See-also: + - capath + - dump-ca-embed + - insecure +Example: + - --cacert CA-file.txt $URL +--- + +# `--cacert` + +Use the specified certificate file to verify the peer. The file may contain +multiple CA certificates. The certificate(s) must be in PEM format. Normally +curl is built to use a default file for this, so this option is typically used +to alter that default file. + +curl recognizes the environment variable named 'CURL_CA_BUNDLE' if it is set +and the TLS backend is not Schannel, and uses the given path as a path to a CA +cert bundle. This option overrides that variable. + +(Windows) curl automatically looks for a CA certs file named +'curl-ca-bundle.crt', either in the same directory as curl.exe, or in the +Current Working Directory, or in any folder along your PATH. + +curl 8.11.0 added a build-time option to disable this search behavior, and +another option to restrict search to the application's directory. + +(iOS and macOS only) If curl is built against Secure Transport, then this +option is supported for backward compatibility with other SSL engines, but it +should not be set. If the option is not set, then curl uses the certificates +in the system and user Keychain to verify the peer, which is the preferred +method of verifying the peer's certificate chain. + +(Schannel only) This option is supported for Schannel in Windows 7 or later +(added in 7.60.0). This option is supported for backward compatibility with +other SSL engines; instead it is recommended to use Windows' store of root +certificates (the default for Schannel). diff --git a/deps/curl/docs/cmdline-opts/capath.md b/deps/curl/docs/cmdline-opts/capath.md new file mode 100644 index 00000000..51be39e2 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/capath.md @@ -0,0 +1,29 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: capath +Arg: +Help: CA directory to verify peer against +Protocols: TLS +Category: tls +Added: 7.9.8 +Multi: single +See-also: + - cacert + - dump-ca-embed + - insecure +Example: + - --capath /local/directory $URL +--- + +# `--capath` + +Use the specified certificate directory to verify the peer. Multiple paths can +be provided by separated with colon (`:`) (e.g. `path1:path2:path3`). The +certificates must be in PEM format, and if curl is built against OpenSSL, the +directory must have been processed using the c_rehash utility supplied with +OpenSSL. Using --capath can allow OpenSSL-powered curl to make SSL-connections +much more efficiently than using --cacert if the --cacert file contains many +CA certificates. + +If this option is set, the default capath value is ignored. diff --git a/deps/curl/docs/cmdline-opts/cert-status.md b/deps/curl/docs/cmdline-opts/cert-status.md new file mode 100644 index 00000000..8b6e57b9 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/cert-status.md @@ -0,0 +1,25 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: cert-status +Protocols: TLS +Added: 7.41.0 +Help: Verify server cert status OCSP-staple +Category: tls +Multi: boolean +See-also: + - pinnedpubkey +Example: + - --cert-status $URL +--- + +# `--cert-status` + +Verify the status of the server certificate by using the Certificate Status +Request (aka. OCSP stapling) TLS extension. + +If this option is enabled and the server sends an invalid (e.g. expired) +response, if the response suggests that the server certificate has been +revoked, or no response at all is received, the verification fails. + +This support is currently only implemented in the OpenSSL and GnuTLS backends. diff --git a/deps/curl/docs/cmdline-opts/cert-type.md b/deps/curl/docs/cmdline-opts/cert-type.md new file mode 100644 index 00000000..a280fcc4 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/cert-type.md @@ -0,0 +1,26 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: cert-type +Protocols: TLS +Arg: +Help: Certificate type (DER/PEM/ENG/PROV/P12) +Category: tls +Added: 7.9.3 +Multi: single +See-also: + - cert + - key + - key-type +Example: + - --cert-type PEM --cert file $URL +--- + +# `--cert-type` + +Set type of the provided client certificate. PEM, DER, ENG, PROV and P12 are +recognized types. + +The default type depends on the TLS backend and is usually PEM, however for +Secure Transport and Schannel it is P12. If --cert is a pkcs11: URI then ENG +or PROV is the default type (depending on OpenSSL version). diff --git a/deps/curl/docs/cmdline-opts/cert.md b/deps/curl/docs/cmdline-opts/cert.md new file mode 100644 index 00000000..5aaaac20 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/cert.md @@ -0,0 +1,60 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Short: E +Long: cert +Arg: +Help: Client certificate file and password +Protocols: TLS +Category: tls +Added: 5.0 +Multi: single +See-also: + - cert-type + - key + - key-type +Example: + - --cert certfile --key keyfile $URL +--- + +# `--cert` + +Use the specified client certificate file when getting a file with HTTPS, FTPS +or another SSL-based protocol. The certificate must be in PKCS#12 format if +using Secure Transport, or PEM format if using any other engine. If the +optional password is not specified, it is queried for on the terminal. Note +that this option assumes a certificate file that is the private key and the +client certificate concatenated. See --cert and --key to specify them +independently. + +In the \ portion of the argument, you must escape the character +`:` as `\:` so that it is not recognized as the password delimiter. Similarly, +you must escape the double quote character as \" so that it is not recognized +as an escape character. + +If curl is built against OpenSSL library, and the engine pkcs11 or pkcs11 +provider is available, then a PKCS#11 URI (RFC 7512) can be used to specify a +certificate located in a PKCS#11 device. A string beginning with `pkcs11:` is +interpreted as a PKCS#11 URI. If a PKCS#11 URI is provided, then the --engine +option is set as `pkcs11` if none was provided and the --cert-type option is +set as `ENG` or `PROV` if none was provided (depending on OpenSSL version). + +If curl is built against GnuTLS library, a PKCS#11 URI can be used to specify +a certificate located in a PKCS#11 device. A string beginning with `pkcs11:` +is interpreted as a PKCS#11 URI. + +(iOS and macOS only) If curl is built against Secure Transport, then the +certificate string can either be the name of a certificate/private key in the +system or user keychain, or the path to a PKCS#12-encoded certificate and +private key. If you want to use a file from the current directory, please +precede it with `./` prefix, in order to avoid confusion with a nickname. + +(Schannel only) Client certificates must be specified by a path expression to +a certificate store. (Loading *PFX* is not supported; you can import it to a +store first). You can use "\\\\\" +to refer to a certificate in the system certificates store, for example, +*"CurrentUser\MY\934a7ac6f8a5d579285a74fa61e19f23ddfe8d7a"*. Thumbprint is +usually a SHA-1 hex string which you can see in certificate details. Following +store locations are supported: *CurrentUser*, *LocalMachine*, +*CurrentService*, *Services*, *CurrentUserGroupPolicy*, +*LocalMachineGroupPolicy* and *LocalMachineEnterprise*. diff --git a/deps/curl/docs/cmdline-opts/ciphers.md b/deps/curl/docs/cmdline-opts/ciphers.md new file mode 100644 index 00000000..6a597a2c --- /dev/null +++ b/deps/curl/docs/cmdline-opts/ciphers.md @@ -0,0 +1,25 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: ciphers +Arg: +Help: TLS 1.2 (1.1, 1.0) ciphers to use +Protocols: TLS +Category: tls +Added: 7.9 +Multi: single +See-also: + - tls13-ciphers + - proxy-ciphers + - curves +Example: + - --ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256 $URL +--- + +# `--ciphers` + +Specifies which cipher suites to use in the connection if it negotiates +TLS 1.2 (1.1, 1.0). The list of ciphers suites must specify valid ciphers. +Read up on cipher suite details on this URL: + +https://curl.se/docs/ssl-ciphers.html diff --git a/deps/curl/docs/cmdline-opts/compressed-ssh.md b/deps/curl/docs/cmdline-opts/compressed-ssh.md new file mode 100644 index 00000000..b404f62d --- /dev/null +++ b/deps/curl/docs/cmdline-opts/compressed-ssh.md @@ -0,0 +1,19 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: compressed-ssh +Help: Enable SSH compression +Protocols: SCP SFTP +Added: 7.56.0 +Category: scp ssh +Multi: boolean +See-also: + - compressed +Example: + - --compressed-ssh sftp://example.com/ +--- + +# `--compressed-ssh` + +Enables built-in SSH compression. This is a request, not an order; the server +may or may not do it. diff --git a/deps/curl/docs/cmdline-opts/compressed.md b/deps/curl/docs/cmdline-opts/compressed.md new file mode 100644 index 00000000..35bbab81 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/compressed.md @@ -0,0 +1,27 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: compressed +Help: Request compressed response +Protocols: HTTP +Category: http +Added: 7.10 +Multi: boolean +See-also: + - compressed-ssh +Example: + - --compressed $URL +--- + +# `--compressed` + +Request a compressed response using one of the algorithms curl supports, and +automatically decompress the content. + +Response headers are not modified when saved, so if they are "interpreted" +separately again at a later point they might appear to be saying that the +content is (still) compressed; while in fact it has already been decompressed. + +If this option is used and the server sends an unsupported encoding, curl +reports an error. This is a request, not an order; the server may or may not +deliver data compressed. diff --git a/deps/curl/docs/cmdline-opts/config.md b/deps/curl/docs/cmdline-opts/config.md new file mode 100644 index 00000000..1281a3d9 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/config.md @@ -0,0 +1,84 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: config +Arg: +Help: Read config from a file +Short: K +Category: curl +Added: 4.10 +Multi: append +See-also: + - disable +Example: + - --config file.txt $URL +--- + +# `--config` + +Specify a text file to read curl arguments from. The command line arguments +found in the text file are used as if they were provided on the command +line. + +Options and their parameters must be specified on the same line in the file, +separated by whitespace, colon, or the equals sign. Long option names can +optionally be given in the config file without the initial double dashes and +if so, the colon or equals characters can be used as separators. If the option +is specified with one or two dashes, there can be no colon or equals character +between the option and its parameter. + +If the parameter contains whitespace or starts with a colon (:) or equals sign +(=), it must be specified enclosed within double quotes ("like this"). Within +double quotes the following escape sequences are available: \\, \", \t, \n, \r +and \v. A backslash preceding any other letter is ignored. + +If the first non-blank column of a config line is a '#' character, that line +is treated as a comment. + +Only write one option per physical line in the config file. A single line is +required to be no more than 10 megabytes (since 8.2.0). + +Specify the filename to --config as minus "-" to make curl read the file from +stdin. + +Note that to be able to specify a URL in the config file, you need to specify +it using the --url option, and not by simply writing the URL on its own +line. So, it could look similar to this: + + url = "https://curl.se/docs/" + + # --- Example file --- + # this is a comment + url = "example.com" + output = "curlhere.html" + user-agent = "superagent/1.0" + + # and fetch another URL too + url = "example.com/docs/manpage.html" + -O + referer = "http://nowhereatall.example.com/" + # --- End of example file --- + +When curl is invoked, it (unless --disable is used) checks for a default +config file and uses it if found, even when --config is used. The default +config file is checked for in the following places in this order: + +1) **"$CURL_HOME/.curlrc"** + +2) **"$XDG_CONFIG_HOME/curlrc"** (Added in 7.73.0) + +3) **"$HOME/.curlrc"** + +4) Windows: **"%USERPROFILE%\.curlrc"** + +5) Windows: **"%APPDATA%\.curlrc"** + +6) Windows: **"%USERPROFILE%\Application Data\.curlrc"** + +7) Non-Windows: use getpwuid to find the home directory + +8) On Windows, if it finds no *.curlrc* file in the sequence described above, it +checks for one in the same directory the curl executable is placed. + +On Windows two filenames are checked per location: *.curlrc* and *_curlrc*, +preferring the former. Older versions on Windows checked for *_curlrc* only. diff --git a/deps/curl/docs/cmdline-opts/connect-timeout.md b/deps/curl/docs/cmdline-opts/connect-timeout.md new file mode 100644 index 00000000..dc5f9270 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/connect-timeout.md @@ -0,0 +1,28 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: connect-timeout +Arg: +Help: Maximum time allowed to connect +Category: connection timeout +Added: 7.7 +Multi: single +See-also: + - max-time +Example: + - --connect-timeout 20 $URL + - --connect-timeout 3.14 $URL +--- + +# `--connect-timeout` + +Maximum time in seconds that you allow curl's connection to take. This only +limits the connection phase, so if curl connects within the given period it +continues - if not it exits. + +This option accepts decimal values (added in 7.32.0). The decimal value needs +to be provided using a dot (.) as decimal separator - not the local version +even if it might be using another separator. + +The connection phase is considered complete when the DNS lookup and requested +TCP, TLS or QUIC handshakes are done. diff --git a/deps/curl/docs/cmdline-opts/connect-to.md b/deps/curl/docs/cmdline-opts/connect-to.md new file mode 100644 index 00000000..57825616 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/connect-to.md @@ -0,0 +1,40 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: connect-to +Arg: +Help: Connect to host2 instead of host1 +Added: 7.49.0 +Category: connection dns +Multi: append +See-also: + - resolve + - header +Example: + - --connect-to example.com:443:example.net:8443 $URL +--- + +# `--connect-to` + +For a request intended for the `HOST1:PORT1` pair, connect to `HOST2:PORT2` +instead. This option is only used to establish the network connection. It does +NOT affect the hostname/port number that is used for TLS/SSL (e.g. SNI, +certificate verification) or for the application protocols. + +`HOST1` and `PORT1` may be empty strings, meaning any host or any port number. +`HOST2` and `PORT2` may also be empty strings, meaning use the request's +original hostname and port number. + +A hostname specified to this option is compared as a string, so it needs to +match the name used in request URL. It can be either numerical such as +`127.0.0.1` or the full host name such as `example.org`. + +Example: redirect connects from the example.com hostname to 127.0.0.1 +independently of port number: + + curl --connect-to example.com::127.0.0.1: https://example.com/ + +Example: redirect connects from all hostnames to 127.0.0.1 independently of +port number: + + curl --connect-to ::127.0.0.1: http://example.com/ diff --git a/deps/curl/docs/cmdline-opts/continue-at.md b/deps/curl/docs/cmdline-opts/continue-at.md new file mode 100644 index 00000000..969068f2 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/continue-at.md @@ -0,0 +1,32 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Short: C +Long: continue-at +Arg: +Help: Resumed transfer offset +Category: connection +Added: 4.8 +Multi: single +See-also: + - range +Example: + - -C - $URL + - -C 400 $URL +--- + +# `--continue-at` + +Resume a previous transfer from the given byte offset. The given offset is the +exact number of bytes that are skipped, counting from the beginning of the +source file before it is transferred to the destination. If used with uploads, +the FTP server command SIZE is not used by curl. + +Use "-C -" to instruct curl to automatically find out where/how to resume the +transfer. It then uses the given output/input files to figure that out. + +This command line option is mutually exclusive with --range: you can only use +one of them for a single transfer. + +The --no-clobber and --remove-on-error options cannot be used together with +--continue-at. diff --git a/deps/curl/docs/cmdline-opts/cookie-jar.md b/deps/curl/docs/cmdline-opts/cookie-jar.md new file mode 100644 index 00000000..103144ac --- /dev/null +++ b/deps/curl/docs/cmdline-opts/cookie-jar.md @@ -0,0 +1,39 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Short: c +Long: cookie-jar +Arg: +Protocols: HTTP +Help: Save cookies to after operation +Category: http +Added: 7.9 +Multi: single +See-also: + - cookie + - junk-session-cookies +Example: + - -c store-here.txt $URL + - -c store-here.txt -b read-these $URL +--- + +# `--cookie-jar` + +Specify to which file you want curl to write all cookies after a completed +operation. curl writes all cookies from its in-memory cookie storage to the +given file at the end of operations. Even if no cookies are known, a file is +created so that it removes any formerly existing cookies from the file. The +file uses the Netscape cookie file format. If you set the filename to a single +minus, "-", the cookies are written to stdout. + +The file specified with --cookie-jar is only used for output. No cookies are +read from the file. To read cookies, use the --cookie option. Both options +can specify the same file. + +This command line option activates the cookie engine that makes curl record +and use cookies. The --cookie option also activates it. + +If the cookie jar cannot be created or written to, the whole curl operation +does not fail or even report an error clearly. Using --verbose gets a warning +displayed, but that is the only visible feedback you get about this possibly +lethal situation. diff --git a/deps/curl/docs/cmdline-opts/cookie.md b/deps/curl/docs/cmdline-opts/cookie.md new file mode 100644 index 00000000..50f977e7 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/cookie.md @@ -0,0 +1,62 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Short: b +Long: cookie +Arg: +Protocols: HTTP +Help: Send cookies from string/load from file +Category: http +Added: 4.9 +Multi: append +See-also: + - cookie-jar + - junk-session-cookies +Example: + - -b "" $URL + - -b cookiefile $URL + - -b cookiefile -c cookiefile $URL + - -b name=Jane $URL +--- + +# `--cookie` + +This option has two slightly separate cookie sending functions. + +Either: pass the exact data to send to the HTTP server in the Cookie header. +It is supposedly data previously received from the server in a `Set-Cookie:` +line. The data should be in the format `NAME1=VALUE1; NAME2=VALUE2`. When +given a set of specific cookies, curl populates its cookie header with this +content explicitly in all outgoing request(s). If multiple requests are done +due to authentication, followed redirects or similar, they all get this cookie +header passed on. + +Or: If no `=` symbol is used in the argument, it is instead treated as a +filename to read previously stored cookie from. This option also activates the +cookie engine which makes curl record incoming cookies, which may be handy if +you are using this in combination with the --location option or do multiple +URL transfers on the same invoke. + +If the filename is a single minus ("-"), curl reads the contents from stdin. +If the filename is an empty string ("") and is the only cookie input, curl +activates the cookie engine without any cookies. + +The file format of the file to read cookies from should be plain HTTP headers +(Set-Cookie style) or the Netscape/Mozilla cookie file format. + +The file specified with --cookie is only used as input. No cookies are written +to that file. To store cookies, use the --cookie-jar option. + +If you use the Set-Cookie file format and do not specify a domain then the +cookie is not sent since the domain never matches. To address this, set a +domain in Set-Cookie line (doing that includes subdomains) or preferably: use +the Netscape format. + +Users often want to both read cookies from a file and write updated cookies +back to a file, so using both --cookie and --cookie-jar in the same command +line is common. + +If curl is built with PSL (**Public Suffix List**) support, it detects and +discards cookies that are specified for such suffix domains that should not be +allowed to have cookies. If curl is *not* built with PSL support, it has no +ability to stop super cookies. diff --git a/deps/curl/docs/cmdline-opts/create-dirs.md b/deps/curl/docs/cmdline-opts/create-dirs.md new file mode 100644 index 00000000..89d24f76 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/create-dirs.md @@ -0,0 +1,26 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: create-dirs +Help: Create necessary local directory hierarchy +Category: output +Added: 7.10.3 +Multi: boolean +See-also: + - ftp-create-dirs + - output-dir +Example: + - --create-dirs --output local/dir/file $URL +--- + +# `--create-dirs` + +When used in conjunction with the --output option, curl creates the necessary +local directory hierarchy as needed. This option creates the directories +mentioned with the --output option combined with the path possibly set with +--output-dir. If the combined output filename uses no directory, or if the +directories it mentions already exist, no directories are created. + +Created directories are made with mode 0750 on Unix-style file systems. + +To create remote directories when using FTP or SFTP, try --ftp-create-dirs. diff --git a/deps/curl/docs/cmdline-opts/create-file-mode.md b/deps/curl/docs/cmdline-opts/create-file-mode.md new file mode 100644 index 00000000..c6467d15 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/create-file-mode.md @@ -0,0 +1,23 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: create-file-mode +Arg: +Help: File mode for created files +Protocols: SFTP SCP FILE +Category: sftp scp file upload +Added: 7.75.0 +Multi: single +See-also: + - ftp-create-dirs +Example: + - --create-file-mode 0777 -T localfile sftp://example.com/new +--- + +# `--create-file-mode` + +When curl is used to create files remotely using one of the supported +protocols, this option allows the user to set which 'mode' to set on the file +at creation time, instead of the default 0644. + +This option takes an octal number as argument. diff --git a/deps/curl/docs/cmdline-opts/crlf.md b/deps/curl/docs/cmdline-opts/crlf.md new file mode 100644 index 00000000..c3688411 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/crlf.md @@ -0,0 +1,19 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: crlf +Help: Convert LF to CRLF in upload +Protocols: FTP SMTP +Category: ftp smtp +Added: 5.7 +Multi: boolean +See-also: + - use-ascii +Example: + - --crlf -T file ftp://example.com/ +--- + +# `--crlf` + +Convert line feeds to carriage return plus line feeds in upload. Useful for +**MVS (OS/390)**. diff --git a/deps/curl/docs/cmdline-opts/crlfile.md b/deps/curl/docs/cmdline-opts/crlfile.md new file mode 100644 index 00000000..a762af09 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/crlfile.md @@ -0,0 +1,21 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: crlfile +Arg: +Protocols: TLS +Help: Certificate Revocation list +Added: 7.19.7 +Category: tls +Multi: single +See-also: + - cacert + - capath +Example: + - --crlfile rejects.txt $URL +--- + +# `--crlfile` + +Provide a file using PEM format with a Certificate Revocation List that may +specify peer certificates that are to be considered revoked. diff --git a/deps/curl/docs/cmdline-opts/curves.md b/deps/curl/docs/cmdline-opts/curves.md new file mode 100644 index 00000000..9473aeaa --- /dev/null +++ b/deps/curl/docs/cmdline-opts/curves.md @@ -0,0 +1,28 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: curves +Arg: +Help: (EC) TLS key exchange algorithms to request +Protocols: TLS +Added: 7.73.0 +Category: tls +Multi: single +See-also: + - ciphers +Example: + - --curves X25519 $URL +--- + +# `--curves` + +Set specific curves to use during SSL session establishment according to RFC +8422, 5.1. Multiple algorithms can be provided by separating them with `:` +(e.g. `X25519:P-521`). The parameter is available identically in the OpenSSL +`s_client` and `s_server` utilities. + +--curves allows a OpenSSL powered curl to make SSL-connections with exactly +the (EC) curve requested by the client, avoiding nontransparent client/server +negotiations. + +If this option is set, the default curves list built into OpenSSL are ignored. diff --git a/deps/curl/docs/cmdline-opts/data-ascii.md b/deps/curl/docs/cmdline-opts/data-ascii.md new file mode 100644 index 00000000..5763d81f --- /dev/null +++ b/deps/curl/docs/cmdline-opts/data-ascii.md @@ -0,0 +1,21 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: data-ascii +Arg: +Help: HTTP POST ASCII data +Protocols: HTTP +Category: http post upload +Added: 7.2 +Multi: append +See-also: + - data-binary + - data-raw + - data-urlencode +Example: + - --data-ascii @file $URL +--- + +# `--data-ascii` + +This option is just an alias for --data. diff --git a/deps/curl/docs/cmdline-opts/data-binary.md b/deps/curl/docs/cmdline-opts/data-binary.md new file mode 100644 index 00000000..4c5e4da8 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/data-binary.md @@ -0,0 +1,32 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: data-binary +Arg: +Help: HTTP POST binary data +Protocols: HTTP +Category: http post upload +Added: 7.2 +Multi: append +See-also: + - data-ascii +Example: + - --data-binary @filename $URL +--- + +# `--data-binary` + +Post data exactly as specified with no extra processing whatsoever. + +If you start the data with the letter @, the rest should be a filename. +`@-` makes curl read the data from stdin. Data is posted in a similar +manner as --data does, except that newlines and carriage returns are +preserved and conversions are never done. + +Like --data the default content-type sent to the server is +application/x-www-form-urlencoded. If you want the data to be treated as +arbitrary binary data by the server then set the content-type to octet-stream: +-H "Content-Type: application/octet-stream". + +If this option is used several times, the ones following the first append +data as described in --data. diff --git a/deps/curl/docs/cmdline-opts/data-raw.md b/deps/curl/docs/cmdline-opts/data-raw.md new file mode 100644 index 00000000..1033678b --- /dev/null +++ b/deps/curl/docs/cmdline-opts/data-raw.md @@ -0,0 +1,21 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: data-raw +Arg: +Protocols: HTTP +Help: HTTP POST data, '@' allowed +Added: 7.43.0 +Category: http post upload +Multi: append +See-also: + - data +Example: + - --data-raw "hello" $URL + - --data-raw "@at@at@" $URL +--- + +# `--data-raw` + +Post data similarly to --data but without the special interpretation of the @ +character. diff --git a/deps/curl/docs/cmdline-opts/data-urlencode.md b/deps/curl/docs/cmdline-opts/data-urlencode.md new file mode 100644 index 00000000..b4680e61 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/data-urlencode.md @@ -0,0 +1,51 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: data-urlencode +Arg: +Help: HTTP POST data URL encoded +Protocols: HTTP +Added: 7.18.0 +Category: http post upload +Multi: append +See-also: + - data + - data-raw +Example: + - --data-urlencode name=val $URL + - --data-urlencode =encodethis $URL + - --data-urlencode name@file $URL + - --data-urlencode @fileonly $URL +--- + +# `--data-urlencode` + +Post data, similar to the other --data options with the exception that this +performs URL-encoding. + +To be CGI-compliant, the \ part should begin with a *name* followed by +a separator and a content specification. The \ part can be passed to +curl using one of the following syntaxes: + +## content +URL-encode the content and pass that on. Just be careful so that the content +does not contain any `=` or `@` symbols, as that makes the syntax match one of +the other cases below. + +## =content +URL-encode the content and pass that on. The preceding `=` symbol is not +included in the data. + +## name=content +URL-encode the content part and pass that on. Note that the name part is +expected to be URL-encoded already. + +## @filename +load data from the given file (including any newlines), URL-encode that data +and pass it on in the POST. Using `@-` makes curl read the data from stdin. + +## name@filename +load data from the given file (including any newlines), URL-encode that data +and pass it on in the POST. The name part gets an equal sign appended, +resulting in *name=urlencoded-file-content*. Note that the name is expected to +be URL-encoded already. diff --git a/deps/curl/docs/cmdline-opts/data.md b/deps/curl/docs/cmdline-opts/data.md new file mode 100644 index 00000000..6b6e7028 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/data.md @@ -0,0 +1,49 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: data +Short: d +Arg: +Help: HTTP POST data +Protocols: HTTP MQTT +Mutexed: form head upload-file +Category: important http post upload +Added: 4.0 +Multi: append +See-also: + - data-binary + - data-urlencode + - data-raw +Example: + - -d "name=curl" $URL + - -d "name=curl" -d "tool=cmdline" $URL + - -d @filename $URL +--- + +# `--data` + +Sends the specified data in a POST request to the HTTP server, in the same way +that a browser does when a user has filled in an HTML form and presses the +submit button. This option makes curl pass the data to the server using the +content-type application/x-www-form-urlencoded. Compare to --form. + +--data-raw is almost the same but does not have a special interpretation of +the @ character. To post data purely binary, you should instead use the +--data-binary option. To URL-encode the value of a form field you may use +--data-urlencode. + +If any of these options is used more than once on the same command line, the +data pieces specified are merged with a separating &-symbol. Thus, using +'-d name=daniel -d skill=lousy' would generate a post chunk that looks like +'name=daniel&skill=lousy'. + +If you start the data with the letter @, the rest should be a filename to read +the data from, or - if you want curl to read the data from stdin. Posting data +from a file named 'foobar' would thus be done with --data @foobar. When --data +is told to read from a file like that, carriage returns, newlines and null +bytes are stripped out. If you do not want the @ character to have a special +interpretation use --data-raw instead. + +The data for this option is passed on to the server exactly as provided on the +command line. curl does not convert, change or improve it. It is up to the +user to provide the data in the correct form. diff --git a/deps/curl/docs/cmdline-opts/delegation.md b/deps/curl/docs/cmdline-opts/delegation.md new file mode 100644 index 00000000..c874a2b5 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/delegation.md @@ -0,0 +1,30 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: delegation +Arg: +Help: GSS-API delegation permission +Protocols: GSS/kerberos +Category: auth +Added: 7.22.0 +Multi: single +See-also: + - insecure + - ssl +Example: + - --delegation "none" $URL +--- + +# `--delegation` + +Set LEVEL what curl is allowed to delegate when it comes to user credentials. + +## none +Do not allow any delegation. + +## policy +Delegates if and only if the OK-AS-DELEGATE flag is set in the Kerberos +service ticket, which is a matter of realm policy. + +## always +Unconditionally allow the server to delegate. diff --git a/deps/curl/docs/cmdline-opts/digest.md b/deps/curl/docs/cmdline-opts/digest.md new file mode 100644 index 00000000..04c5a79a --- /dev/null +++ b/deps/curl/docs/cmdline-opts/digest.md @@ -0,0 +1,23 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: digest +Help: HTTP Digest Authentication +Protocols: HTTP +Mutexed: basic ntlm negotiate +Category: proxy auth http +Added: 7.10.6 +Multi: boolean +See-also: + - user + - proxy-digest + - anyauth +Example: + - -u name:password --digest $URL +--- + +# `--digest` + +Enables HTTP Digest authentication. This authentication scheme avoids sending +the password over the wire in clear text. Use this in combination with the +normal --user option to set username and password. diff --git a/deps/curl/docs/cmdline-opts/disable-eprt.md b/deps/curl/docs/cmdline-opts/disable-eprt.md new file mode 100644 index 00000000..768b689c --- /dev/null +++ b/deps/curl/docs/cmdline-opts/disable-eprt.md @@ -0,0 +1,32 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: disable-eprt +Help: Inhibit using EPRT or LPRT +Protocols: FTP +Category: ftp +Added: 7.10.5 +Multi: boolean +See-also: + - disable-epsv + - ftp-port +Example: + - --disable-eprt ftp://example.com/ +--- + +# `--disable-eprt` + +Disable the use of the EPRT and LPRT commands when doing active FTP transfers. +curl normally first attempts to use EPRT before using PORT, but with this +option, it uses PORT right away. EPRT is an extension to the original FTP +protocol, and does not work on all servers, but enables more functionality in +a better way than the traditional PORT command. + +--eprt can be used to explicitly enable EPRT again and --no-eprt is an alias +for --disable-eprt. + +If the server is accessed using IPv6, this option has no effect as EPRT is +necessary then. + +Disabling EPRT only changes the active behavior. If you want to switch to +passive mode you need to not use --ftp-port or force it with --ftp-pasv. diff --git a/deps/curl/docs/cmdline-opts/disable-epsv.md b/deps/curl/docs/cmdline-opts/disable-epsv.md new file mode 100644 index 00000000..d13e0769 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/disable-epsv.md @@ -0,0 +1,30 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: disable-epsv +Help: Inhibit using EPSV +Protocols: FTP +Category: ftp +Added: 7.9.2 +Multi: boolean +See-also: + - disable-eprt + - ftp-port +Example: + - --disable-epsv ftp://example.com/ +--- + +# `--disable-epsv` + +Disable the use of the EPSV command when doing passive FTP transfers. curl +normally first attempts to use EPSV before PASV, but with this option, it does +not try EPSV. + +--epsv can be used to explicitly enable EPSV again and --no-epsv is an alias +for --disable-epsv. + +If the server is an IPv6 host, this option has no effect as EPSV is necessary +then. + +Disabling EPSV only changes the passive behavior. If you want to switch to +active mode you need to use --ftp-port. diff --git a/deps/curl/docs/cmdline-opts/disable.md b/deps/curl/docs/cmdline-opts/disable.md new file mode 100644 index 00000000..1370b91d --- /dev/null +++ b/deps/curl/docs/cmdline-opts/disable.md @@ -0,0 +1,20 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: disable +Short: q +Help: Disable .curlrc +Category: curl +Added: 5.0 +Multi: boolean +See-also: + - config +Example: + - -q $URL +--- + +# `--disable` + +If used as the **first** parameter on the command line, the *curlrc* config +file is not read or used. See the --config for details on the default config +file search path. diff --git a/deps/curl/docs/cmdline-opts/disallow-username-in-url.md b/deps/curl/docs/cmdline-opts/disallow-username-in-url.md new file mode 100644 index 00000000..012f2d0d --- /dev/null +++ b/deps/curl/docs/cmdline-opts/disallow-username-in-url.md @@ -0,0 +1,18 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: disallow-username-in-url +Help: Disallow username in URL +Added: 7.61.0 +Category: curl +Multi: boolean +See-also: + - proto +Example: + - --disallow-username-in-url $URL +--- + +# `--disallow-username-in-url` + +Exit with error if passed a URL containing a username. Probably most useful +when the URL is being provided at runtime or similar. diff --git a/deps/curl/docs/cmdline-opts/dns-interface.md b/deps/curl/docs/cmdline-opts/dns-interface.md new file mode 100644 index 00000000..aee7400b --- /dev/null +++ b/deps/curl/docs/cmdline-opts/dns-interface.md @@ -0,0 +1,23 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: dns-interface +Arg: +Help: Interface to use for DNS requests +Protocols: DNS +Added: 7.33.0 +Requires: c-ares +Category: dns +Multi: single +See-also: + - dns-ipv4-addr + - dns-ipv6-addr +Example: + - --dns-interface eth0 $URL +--- + +# `--dns-interface` + +Send outgoing DNS requests through the given interface. This option is a +counterpart to --interface (which does not affect DNS). The supplied string +must be an interface name (not an address). diff --git a/deps/curl/docs/cmdline-opts/dns-ipv4-addr.md b/deps/curl/docs/cmdline-opts/dns-ipv4-addr.md new file mode 100644 index 00000000..4a43cb1d --- /dev/null +++ b/deps/curl/docs/cmdline-opts/dns-ipv4-addr.md @@ -0,0 +1,23 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: dns-ipv4-addr +Arg:
+Help: IPv4 address to use for DNS requests +Protocols: DNS +Added: 7.33.0 +Requires: c-ares +Category: dns +Multi: single +See-also: + - dns-interface + - dns-ipv6-addr +Example: + - --dns-ipv4-addr 10.1.2.3 $URL +--- + +# `--dns-ipv4-addr` + +Bind to a specific IP address when making IPv4 DNS requests, so that the DNS +requests originate from this address. The argument should be a single IPv4 +address. diff --git a/deps/curl/docs/cmdline-opts/dns-ipv6-addr.md b/deps/curl/docs/cmdline-opts/dns-ipv6-addr.md new file mode 100644 index 00000000..71123117 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/dns-ipv6-addr.md @@ -0,0 +1,23 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: dns-ipv6-addr +Arg:
+Help: IPv6 address to use for DNS requests +Protocols: DNS +Added: 7.33.0 +Requires: c-ares +Category: dns +Multi: single +See-also: + - dns-interface + - dns-ipv4-addr +Example: + - --dns-ipv6-addr 2a04:4e42::561 $URL +--- + +# `--dns-ipv6-addr` + +Bind to a specific IP address when making IPv6 DNS requests, so that the DNS +requests originate from this address. The argument should be a single IPv6 +address. diff --git a/deps/curl/docs/cmdline-opts/dns-servers.md b/deps/curl/docs/cmdline-opts/dns-servers.md new file mode 100644 index 00000000..bf6ba3fe --- /dev/null +++ b/deps/curl/docs/cmdline-opts/dns-servers.md @@ -0,0 +1,24 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: dns-servers +Arg: +Help: DNS server addrs to use +Protocols: DNS +Requires: c-ares +Added: 7.33.0 +Category: dns +Multi: single +See-also: + - dns-interface + - dns-ipv4-addr +Example: + - --dns-servers 192.168.0.1,192.168.0.2 $URL + - --dns-servers 10.0.0.1:53 $URL +--- + +# `--dns-servers` + +Set the list of DNS servers to be used instead of the system default. The list +of IP addresses should be separated with commas. Port numbers may also +optionally be given, appended to the IP address separated with a colon. diff --git a/deps/curl/docs/cmdline-opts/doh-cert-status.md b/deps/curl/docs/cmdline-opts/doh-cert-status.md new file mode 100644 index 00000000..920c5b43 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/doh-cert-status.md @@ -0,0 +1,26 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: doh-cert-status +Help: Verify DoH server cert status OCSP-staple +Added: 7.76.0 +Category: dns tls +Multi: boolean +See-also: + - doh-insecure +Example: + - --doh-cert-status --doh-url https://doh.example $URL +--- + +# `--doh-cert-status` + +Same as --cert-status but used for DoH (DNS-over-HTTPS). + +Verifies the status of the DoH servers' certificate by using the Certificate +Status Request (aka. OCSP stapling) TLS extension. + +If this option is enabled and the DoH server sends an invalid (e.g. expired) +response, if the response suggests that the server certificate has been +revoked, or no response at all is received, the verification fails. + +This support is currently only implemented in the OpenSSL and GnuTLS backends. diff --git a/deps/curl/docs/cmdline-opts/doh-insecure.md b/deps/curl/docs/cmdline-opts/doh-insecure.md new file mode 100644 index 00000000..72f3cb77 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/doh-insecure.md @@ -0,0 +1,27 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: doh-insecure +Help: Allow insecure DoH server connections +Added: 7.76.0 +Category: dns tls +Multi: boolean +See-also: + - doh-url + - insecure + - proxy-insecure +Example: + - --doh-insecure --doh-url https://doh.example $URL +--- + +# `--doh-insecure` + +By default, every connection curl makes to a DoH server is verified to be +secure before the transfer takes place. This option tells curl to skip the +verification step and proceed without checking. + +**WARNING**: using this option makes the DoH transfer and name resolution +insecure. + +This option is equivalent to --insecure and --proxy-insecure but used for DoH +(DNS-over-HTTPS) only. diff --git a/deps/curl/docs/cmdline-opts/doh-url.md b/deps/curl/docs/cmdline-opts/doh-url.md new file mode 100644 index 00000000..0f745af3 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/doh-url.md @@ -0,0 +1,30 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: doh-url +Arg: +Help: Resolve hostnames over DoH +Added: 7.62.0 +Category: dns +Multi: single +See-also: + - doh-insecure +Example: + - --doh-url https://doh.example $URL + - --doh-url https://doh.example --resolve doh.example:443:192.0.2.1 $URL +--- + +# `--doh-url` + +Specifies which DNS-over-HTTPS (DoH) server to use to resolve hostnames, +instead of using the default name resolver mechanism. The URL must be HTTPS. + +Some SSL options that you set for your transfer also applies to DoH since the +name lookups take place over SSL. However, the certificate verification +settings are not inherited but are controlled separately via --doh-insecure +and --doh-cert-status. + +By default, DoH is bypassed when initially looking up DNS records of the DoH server. You can specify the IP address(es) of the DoH server with --resolve to avoid this. + +This option is unset if an empty string "" is used as the URL. +(Added in 7.85.0) diff --git a/deps/curl/docs/cmdline-opts/dump-ca-embed.md b/deps/curl/docs/cmdline-opts/dump-ca-embed.md new file mode 100644 index 00000000..2ad12301 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/dump-ca-embed.md @@ -0,0 +1,25 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: dump-ca-embed +Help: Write the embedded CA bundle to standard output +Protocols: TLS +Category: http proxy tls +Added: 8.10.0 +Multi: boolean +See-also: + - ca-native + - cacert + - capath + - proxy-ca-native + - proxy-cacert + - proxy-capath +Example: + - --dump-ca-embed +--- + +# `--dump-ca-embed` + +Write the CA bundle embedded in curl to standard output, then quit. + +If curl was not built with a default CA bundle embedded, the output is empty. diff --git a/deps/curl/docs/cmdline-opts/dump-header.md b/deps/curl/docs/cmdline-opts/dump-header.md new file mode 100644 index 00000000..bdb0e874 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/dump-header.md @@ -0,0 +1,35 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: dump-header +Short: D +Arg: +Help: Write the received headers to +Protocols: HTTP FTP +Category: http ftp +Added: 5.7 +Multi: single +See-also: + - output +Example: + - --dump-header store.txt $URL + - --dump-header - $URL -o save +--- + +# `--dump-header` + +Write the received protocol headers to the specified file. If no headers are +received, the use of this option creates an empty file. Specify `-` as +filename (a single minus) to have it written to stdout. + +Starting in curl 8.10.0, specify `%` (a single percent sign) as filename +writes the output to stderr. + +When used in FTP, the FTP server response lines are considered being "headers" +and thus are saved there. + +Starting in curl 8.11.0, using the --create-dirs option can also create +missing directory components for the path provided in --dump-header. + +Having multiple transfers in one set of operations (i.e. the URLs in one +--next clause), appends them to the same file, separated by a blank line. diff --git a/deps/curl/docs/cmdline-opts/ech.md b/deps/curl/docs/cmdline-opts/ech.md new file mode 100644 index 00000000..ed16cd81 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/ech.md @@ -0,0 +1,52 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: ech +Arg: +Help: Configure ECH +Added: 8.8.0 +Category: tls +Protocols: HTTPS +Multi: single +See-also: + - doh-url +Example: + - --ech true $URL +--- + +# `--ech` + +Specifies how to do ECH (Encrypted Client Hello). + +The values allowed for \ can be: + +## `false` + +Do not attempt ECH. The is the default. + +## `grease` + +Send a GREASE ECH extension + +## `true` + +Attempt ECH if possible, but do not fail if ECH is not attempted. +(The connection fails if ECH is attempted but fails.) + +## `hard` + +Attempt ECH and fail if that is not possible. ECH only works with TLS 1.3 and +also requires using DoH or providing an ECHConfigList on the command line. + +## `ecl:` + +A base64 encoded ECHConfigList that is used for ECH. + +## `pn:` + +A name to use to over-ride the `public_name` field of an ECHConfigList (only +available with OpenSSL TLS support) + +## + +Most ECH related errors cause error *CURLE_ECH_REQUIRED* (101). diff --git a/deps/curl/docs/cmdline-opts/egd-file.md b/deps/curl/docs/cmdline-opts/egd-file.md new file mode 100644 index 00000000..ef16b996 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/egd-file.md @@ -0,0 +1,23 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: egd-file +Arg: +Help: EGD socket path for random data +Protocols: TLS +Category: deprecated +Added: 7.7 +Multi: single +See-also: + - random-file +Example: + - --egd-file /random/here $URL +--- + +# `--egd-file` + +Deprecated option (added in 7.84.0). Prior to that it only had an effect on +curl if built to use old versions of OpenSSL. + +Specify the path name to the Entropy Gathering Daemon socket. The socket is +used to seed the random engine for SSL connections. diff --git a/deps/curl/docs/cmdline-opts/engine.md b/deps/curl/docs/cmdline-opts/engine.md new file mode 100644 index 00000000..51119002 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/engine.md @@ -0,0 +1,22 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: engine +Arg: +Help: Crypto engine to use +Protocols: TLS +Category: tls +Added: 7.9.3 +Multi: single +See-also: + - ciphers + - curves +Example: + - --engine flavor $URL +--- + +# `--engine` + +Select the OpenSSL crypto engine to use for cipher operations. Use --engine +list to print a list of build-time supported engines. Note that not all (and +possibly none) of the engines may be available at runtime. diff --git a/deps/curl/docs/cmdline-opts/etag-compare.md b/deps/curl/docs/cmdline-opts/etag-compare.md new file mode 100644 index 00000000..64ab80cd --- /dev/null +++ b/deps/curl/docs/cmdline-opts/etag-compare.md @@ -0,0 +1,30 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: etag-compare +Arg: +Help: Load ETag from file +Protocols: HTTP +Added: 7.68.0 +Category: http +Multi: single +See-also: + - etag-save + - time-cond +Example: + - --etag-compare etag.txt $URL +--- + +# `--etag-compare` + +Make a conditional HTTP request for the specific ETag read from the given file +by sending a custom If-None-Match header using the stored ETag. + +For correct results, make sure that the specified file contains only a single +line with the desired ETag. A non-existing or empty file is treated as an +empty ETag. + +Use the option --etag-save to first save the ETag from a response, and then +use this option to compare against the saved ETag in a subsequent request. + +Use this option with a single URL only. diff --git a/deps/curl/docs/cmdline-opts/etag-save.md b/deps/curl/docs/cmdline-opts/etag-save.md new file mode 100644 index 00000000..237b5dc5 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/etag-save.md @@ -0,0 +1,25 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: etag-save +Arg: +Help: Parse incoming ETag and save to a file +Protocols: HTTP +Added: 7.68.0 +Category: http +Multi: single +See-also: + - etag-compare +Example: + - --etag-save storetag.txt $URL +--- + +# `--etag-save` + +Save an HTTP ETag to the specified file. An ETag is a caching related header, +usually returned in a response. Use this option with a single URL only. + +If no ETag is sent by the server, an empty file is created. + +Starting in curl 8.12.0, using the --create-dirs option can also create +missing directory components for the path provided in --etag-save. diff --git a/deps/curl/docs/cmdline-opts/expect100-timeout.md b/deps/curl/docs/cmdline-opts/expect100-timeout.md new file mode 100644 index 00000000..80cf4eba --- /dev/null +++ b/deps/curl/docs/cmdline-opts/expect100-timeout.md @@ -0,0 +1,25 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: expect100-timeout +Arg: +Help: How long to wait for 100-continue +Protocols: HTTP +Added: 7.47.0 +Category: http timeout +Multi: single +See-also: + - connect-timeout +Example: + - --expect100-timeout 2.5 -T file $URL +--- + +# `--expect100-timeout` + +Maximum time in seconds that you allow curl to wait for a 100-continue +response when curl emits an Expects: 100-continue header in its request. By +default curl waits one second. This option accepts decimal values. When curl +stops waiting, it continues as if a response was received. + +The decimal value needs to be provided using a dot (`.`) as decimal separator - +not the local version even if it might be using another separator. diff --git a/deps/curl/docs/cmdline-opts/fail-early.md b/deps/curl/docs/cmdline-opts/fail-early.md new file mode 100644 index 00000000..67edbf91 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/fail-early.md @@ -0,0 +1,32 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: fail-early +Help: Fail on first transfer error +Added: 7.52.0 +Category: curl global +Multi: boolean +Scope: global +See-also: + - fail + - fail-with-body +Example: + - --fail-early $URL https://two.example +--- + +# `--fail-early` + +Fail and exit on the first detected transfer error. + +When curl is used to do multiple transfers on the command line, it attempts to +operate on each given URL, one by one. By default, it ignores errors if there +are more URLs given and the last URL's success determines the error code curl +returns. Early failures are "hidden" by subsequent successful transfers. + +Using this option, curl instead returns an error on the first transfer that +fails, independent of the amount of URLs that are given on the command +line. This way, no transfer failures go undetected by scripts and similar. + +This option does not imply --fail, which causes transfers to fail due to the +server's HTTP status code. You can combine the two options, however note --fail +is not global and is therefore contained by --next. diff --git a/deps/curl/docs/cmdline-opts/fail-with-body.md b/deps/curl/docs/cmdline-opts/fail-with-body.md new file mode 100644 index 00000000..670959ba --- /dev/null +++ b/deps/curl/docs/cmdline-opts/fail-with-body.md @@ -0,0 +1,27 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: fail-with-body +Protocols: HTTP +Help: Fail on HTTP errors but save the body +Category: http output +Added: 7.76.0 +Mutexed: fail +Multi: boolean +See-also: + - fail + - fail-early +Example: + - --fail-with-body $URL +--- + +# `--fail-with-body` + +Return an error on server errors where the HTTP response code is 400 or +greater). In normal cases when an HTTP server fails to deliver a document, it +returns an HTML document stating so (which often also describes why and more). +This option allows curl to output and save that content but also to return +error 22. + +This is an alternative option to --fail which makes curl fail for the same +circumstances but without saving the content. diff --git a/deps/curl/docs/cmdline-opts/fail.md b/deps/curl/docs/cmdline-opts/fail.md new file mode 100644 index 00000000..0c8db136 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/fail.md @@ -0,0 +1,35 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: fail +Short: f +Protocols: HTTP +Help: Fail fast with no output on HTTP errors +Category: important http +Mutexed: fail-with-body +Added: 4.0 +Multi: boolean +See-also: + - fail-with-body + - fail-early +Example: + - --fail $URL +--- + +# `--fail` + +Fail with error code 22 and with no response body output at all for HTTP +transfers returning HTTP response codes at 400 or greater. + +In normal cases when an HTTP server fails to deliver a document, it returns a +body of text stating so (which often also describes why and more) and a 4xx +HTTP response code. This command line option prevents curl from outputting +that data and instead returns error 22 early. By default, curl does not +consider HTTP response codes to indicate failure. + +To get both the error code and also save the content, use --fail-with-body +instead. + +This method is not fail-safe and there are occasions where non-successful +response codes slip through, especially when authentication is involved +(response codes 401 and 407). diff --git a/deps/curl/docs/cmdline-opts/false-start.md b/deps/curl/docs/cmdline-opts/false-start.md new file mode 100644 index 00000000..c6c44ad5 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/false-start.md @@ -0,0 +1,23 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: false-start +Help: Enable TLS False Start +Protocols: TLS +Added: 7.42.0 +Category: tls +Multi: boolean +See-also: + - tcp-fastopen +Example: + - --false-start $URL +--- + +# `--false-start` + +Use false start during the TLS handshake. False start is a mode where a TLS +client starts sending application data before verifying the server's Finished +message, thus saving a round trip when performing a full handshake. + +This functionality is currently only implemented in the Secure Transport (on +iOS 7.0 or later, or macOS 10.9 or later) backend. diff --git a/deps/curl/docs/cmdline-opts/form-escape.md b/deps/curl/docs/cmdline-opts/form-escape.md new file mode 100644 index 00000000..0f93fde7 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/form-escape.md @@ -0,0 +1,19 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: form-escape +Help: Escape form fields using backslash +Protocols: HTTP imap smtp +Added: 7.81.0 +Category: http upload post +Multi: single +See-also: + - form +Example: + - --form-escape -F 'field\name=curl' -F 'file=@load"this' $URL +--- + +# `--form-escape` + +Pass on names of multipart form fields and files using backslash-escaping +instead of percent-encoding. diff --git a/deps/curl/docs/cmdline-opts/form-string.md b/deps/curl/docs/cmdline-opts/form-string.md new file mode 100644 index 00000000..e58ad625 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/form-string.md @@ -0,0 +1,23 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: form-string +Help: Specify multipart MIME data +Protocols: HTTP SMTP IMAP +Arg: +Category: http upload post smtp imap +Added: 7.13.2 +Multi: append +See-also: + - form +Example: + - --form-string "name=data" $URL +--- + +# `--form-string` + +Similar to --form except that the value string for the named parameter is used +literally. Leading @ and \< characters, and the `;type=` string in the value +have no special meaning. Use this in preference to --form if there is any +possibility that the string value may accidentally trigger the @ or \< +features of --form. diff --git a/deps/curl/docs/cmdline-opts/form.md b/deps/curl/docs/cmdline-opts/form.md new file mode 100644 index 00000000..17bfcac0 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/form.md @@ -0,0 +1,145 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: form +Short: F +Arg: +Help: Specify multipart MIME data +Protocols: HTTP SMTP IMAP +Mutexed: data head upload-file +Category: http upload post imap smtp +Added: 5.0 +Multi: append +See-also: + - data + - form-string + - form-escape +Example: + - --form "name=curl" --form "file=@loadthis" $URL +--- + +# `--form` + +For the HTTP protocol family, emulate a filled-in form in which a user has +pressed the submit button. This makes curl POST data using the Content-Type +multipart/form-data according to RFC 2388. + +For SMTP and IMAP protocols, this composes a multipart mail message to +transmit. + +This enables uploading of binary files etc. To force the 'content' part to be +a file, prefix the filename with an @ sign. To just get the content part from +a file, prefix the filename with the symbol \<. The difference between @ and +\< is then that @ makes a file get attached in the post as a file upload, +while the \< makes a text field and just get the contents for that text field +from a file. + +Read content from stdin instead of a file by using a single "-" as filename. +This goes for both @ and \< constructs. When stdin is used, the contents is +buffered in memory first by curl to determine its size and allow a possible +resend. Defining a part's data from a named non-regular file (such as a named +pipe or similar) is not subject to buffering and is instead read at +transmission time; since the full size is unknown before the transfer starts, +such data is sent as chunks by HTTP and rejected by IMAP. + +Example: send an image to an HTTP server, where 'profile' is the name of the +form-field to which the file **portrait.jpg** is the input: + + curl -F profile=@portrait.jpg https://example.com/upload.cgi + +Example: send your name and shoe size in two text fields to the server: + + curl -F name=John -F shoesize=11 https://example.com/ + +Example: send your essay in a text field to the server. Send it as a plain +text field, but get the contents for it from a local file: + + curl -F "story=HTML message;type=text/html' \ + -F '=)' -F '=@textfile.txt' ... smtp://example.com + +Data can be encoded for transfer using encoder=. Available encodings are +*binary* and *8bit* that do nothing else than adding the corresponding +Content-Transfer-Encoding header, *7bit* that only rejects 8-bit characters +with a transfer error, *quoted-printable* and *base64* that encodes data +according to the corresponding schemes, limiting lines length to 76 +characters. + +Example: send multipart mail with a quoted-printable text message and a +base64 attached file: + + curl -F '=text message;encoder=quoted-printable' \ + -F '=@localfile;encoder=base64' ... smtp://example.com + +See further examples and details in the MANUAL. diff --git a/deps/curl/docs/cmdline-opts/ftp-account.md b/deps/curl/docs/cmdline-opts/ftp-account.md new file mode 100644 index 00000000..e275349d --- /dev/null +++ b/deps/curl/docs/cmdline-opts/ftp-account.md @@ -0,0 +1,20 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: ftp-account +Arg: +Help: Account data string +Protocols: FTP +Added: 7.13.0 +Category: ftp auth +Multi: single +See-also: + - user +Example: + - --ftp-account "mr.robot" ftp://example.com/ +--- + +# `--ftp-account` + +When an FTP server asks for "account data" after username and password has +been provided, this data is sent off using the ACCT command. diff --git a/deps/curl/docs/cmdline-opts/ftp-alternative-to-user.md b/deps/curl/docs/cmdline-opts/ftp-alternative-to-user.md new file mode 100644 index 00000000..9bd36860 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/ftp-alternative-to-user.md @@ -0,0 +1,23 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: ftp-alternative-to-user +Arg: +Help: String to replace USER [name] +Protocols: FTP +Added: 7.15.5 +Category: ftp +Multi: single +See-also: + - ftp-account + - user +Example: + - --ftp-alternative-to-user "U53r" ftp://example.com +--- + +# `--ftp-alternative-to-user` + +If authenticating with the USER and PASS commands fails, send this command. +When connecting to Tumbleweed's Secure Transport server over FTPS using a +client certificate, using "SITE AUTH" tells the server to retrieve the +username from the certificate. diff --git a/deps/curl/docs/cmdline-opts/ftp-create-dirs.md b/deps/curl/docs/cmdline-opts/ftp-create-dirs.md new file mode 100644 index 00000000..3e851cca --- /dev/null +++ b/deps/curl/docs/cmdline-opts/ftp-create-dirs.md @@ -0,0 +1,20 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: ftp-create-dirs +Protocols: FTP SFTP +Help: Create the remote dirs if not present +Category: ftp sftp +Added: 7.10.7 +Multi: boolean +See-also: + - create-dirs +Example: + - --ftp-create-dirs -T file ftp://example.com/remote/path/file +--- + +# `--ftp-create-dirs` + +When an FTP or SFTP URL/operation uses a path that does not currently exist on +the server, the standard behavior of curl is to fail. Using this option, curl +instead attempts to create missing directories. diff --git a/deps/curl/docs/cmdline-opts/ftp-method.md b/deps/curl/docs/cmdline-opts/ftp-method.md new file mode 100644 index 00000000..d2bff21d --- /dev/null +++ b/deps/curl/docs/cmdline-opts/ftp-method.md @@ -0,0 +1,36 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: ftp-method +Arg: +Help: Control CWD usage +Protocols: FTP +Added: 7.15.1 +Category: ftp +Multi: single +See-also: + - list-only +Example: + - --ftp-method multicwd ftp://example.com/dir1/dir2/file + - --ftp-method nocwd ftp://example.com/dir1/dir2/file + - --ftp-method singlecwd ftp://example.com/dir1/dir2/file +--- + +# `--ftp-method` + +Control what method curl should use to reach a file on an FTP(S) +server. The method argument should be one of the following alternatives: + +## multicwd +Do a single CWD operation for each path part in the given URL. For deep +hierarchies this means many commands. This is how RFC 1738 says it should be +done. This is the default but the slowest behavior. + +## nocwd +Do no CWD at all. curl does SIZE, RETR, STOR etc and gives the full path to +the server for each of these commands. This is the fastest behavior. + +## singlecwd +Do one CWD with the full target directory and then operate on the file +"normally" (like in the multicwd case). This is somewhat more standards +compliant than `nocwd` but without the full penalty of `multicwd`. diff --git a/deps/curl/docs/cmdline-opts/ftp-pasv.md b/deps/curl/docs/cmdline-opts/ftp-pasv.md new file mode 100644 index 00000000..964f9769 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/ftp-pasv.md @@ -0,0 +1,26 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: ftp-pasv +Help: Send PASV/EPSV instead of PORT +Protocols: FTP +Added: 7.11.0 +Category: ftp +Multi: boolean +See-also: + - disable-epsv +Example: + - --ftp-pasv ftp://example.com/ +--- + +# `--ftp-pasv` + +Use passive mode for the data connection. Passive is the internal default +behavior, but using this option can be used to override a previous --ftp-port +option. + +Reversing an enforced passive really is not doable but you must then instead +enforce the correct --ftp-port again. + +Passive mode means that curl tries the EPSV command first and then PASV, +unless --disable-epsv is used. diff --git a/deps/curl/docs/cmdline-opts/ftp-port.md b/deps/curl/docs/cmdline-opts/ftp-port.md new file mode 100644 index 00000000..ff6d41c1 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/ftp-port.md @@ -0,0 +1,51 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: ftp-port +Arg:
+Help: Send PORT instead of PASV +Short: P +Protocols: FTP +Category: ftp +Added: 4.0 +Multi: single +See-also: + - ftp-pasv + - disable-eprt +Example: + - -P - ftp:/example.com + - -P eth0 ftp:/example.com + - -P 192.168.0.2 ftp:/example.com +--- + +# `--ftp-port` + +Reverses the default initiator/listener roles when connecting with FTP. This +option makes curl use active mode. curl then commands the server to connect +back to the client's specified address and port, while passive mode asks the +server to setup an IP address and port for it to connect to. \ +should be one of: + +## interface +e.g. **eth0** to specify which interface's IP address you want to use (Unix only) + +## IP address +e.g. **192.168.10.1** to specify the exact IP address + +## hostname +e.g. **my.host.domain** to specify the machine + +## - +make curl pick the same IP address that is already used for the control +connection. This is the recommended choice. + +## + +Disable the use of PORT with --ftp-pasv. Disable the attempt to use the EPRT +command instead of PORT by using --disable-eprt. EPRT is really PORT++. + +You can also append ":[start]-[end]" to the right of the address, to tell +curl what TCP port range to use. That means you specify a port range, from a +lower to a higher number. A single number works as well, but do note that it +increases the risk of failure since the port may not be available. +(Added in 7.19.5) diff --git a/deps/curl/docs/cmdline-opts/ftp-pret.md b/deps/curl/docs/cmdline-opts/ftp-pret.md new file mode 100644 index 00000000..48c48e3e --- /dev/null +++ b/deps/curl/docs/cmdline-opts/ftp-pret.md @@ -0,0 +1,21 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: ftp-pret +Help: Send PRET before PASV +Protocols: FTP +Added: 7.20.0 +Category: ftp +Multi: boolean +See-also: + - ftp-port + - ftp-pasv +Example: + - --ftp-pret ftp://example.com/ +--- + +# `--ftp-pret` + +Send a PRET command before PASV (and EPSV). Certain FTP servers, mainly +drftpd, require this non-standard command for directory listings as well as up +and downloads in PASV mode. diff --git a/deps/curl/docs/cmdline-opts/ftp-skip-pasv-ip.md b/deps/curl/docs/cmdline-opts/ftp-skip-pasv-ip.md new file mode 100644 index 00000000..dfa546d1 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/ftp-skip-pasv-ip.md @@ -0,0 +1,24 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: ftp-skip-pasv-ip +Help: Skip the IP address for PASV +Protocols: FTP +Added: 7.14.2 +Category: ftp +Multi: boolean +See-also: + - ftp-pasv +Example: + - --ftp-skip-pasv-ip ftp://example.com/ +--- + +# `--ftp-skip-pasv-ip` + +Do not use the IP address the server suggests in its response to curl's PASV +command when curl connects the data connection. Instead curl reuses the same +IP address it already uses for the control connection. + +This option is enabled by default (added in 7.74.0). + +This option has no effect if PORT, EPRT or EPSV is used instead of PASV. diff --git a/deps/curl/docs/cmdline-opts/ftp-ssl-ccc-mode.md b/deps/curl/docs/cmdline-opts/ftp-ssl-ccc-mode.md new file mode 100644 index 00000000..5f428dc0 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/ftp-ssl-ccc-mode.md @@ -0,0 +1,22 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: ftp-ssl-ccc-mode +Arg: +Help: Set CCC mode +Protocols: FTP +Added: 7.16.2 +Category: ftp tls +Multi: boolean +See-also: + - ftp-ssl-ccc +Example: + - --ftp-ssl-ccc-mode active --ftp-ssl-ccc ftps://example.com/ +--- + +# `--ftp-ssl-ccc-mode` + +Sets the CCC mode. The passive mode does not initiate the shutdown, but +instead waits for the server to do it, and does not reply to the shutdown from +the server. The active mode initiates the shutdown and waits for a reply from +the server. diff --git a/deps/curl/docs/cmdline-opts/ftp-ssl-ccc.md b/deps/curl/docs/cmdline-opts/ftp-ssl-ccc.md new file mode 100644 index 00000000..d477606f --- /dev/null +++ b/deps/curl/docs/cmdline-opts/ftp-ssl-ccc.md @@ -0,0 +1,22 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: ftp-ssl-ccc +Help: Send CCC after authenticating +Protocols: FTP +Added: 7.16.1 +Category: ftp tls +Multi: boolean +See-also: + - ssl + - ftp-ssl-ccc-mode +Example: + - --ftp-ssl-ccc ftps://example.com/ +--- + +# `--ftp-ssl-ccc` + +Use CCC (Clear Command Channel) Shuts down the SSL/TLS layer after +authenticating. The rest of the control channel communication is be +unencrypted. This allows NAT routers to follow the FTP transaction. The +default mode is passive. diff --git a/deps/curl/docs/cmdline-opts/ftp-ssl-control.md b/deps/curl/docs/cmdline-opts/ftp-ssl-control.md new file mode 100644 index 00000000..a68359a7 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/ftp-ssl-control.md @@ -0,0 +1,20 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: ftp-ssl-control +Help: Require TLS for login, clear for transfer +Protocols: FTP +Added: 7.16.0 +Category: ftp tls +Multi: boolean +See-also: + - ssl +Example: + - --ftp-ssl-control ftp://example.com +--- + +# `--ftp-ssl-control` + +Require SSL/TLS for the FTP login, clear for transfer. Allows secure +authentication, but non-encrypted data transfers for efficiency. Fails the +transfer if the server does not support SSL/TLS. diff --git a/deps/curl/docs/cmdline-opts/get.md b/deps/curl/docs/cmdline-opts/get.md new file mode 100644 index 00000000..ac0560ab --- /dev/null +++ b/deps/curl/docs/cmdline-opts/get.md @@ -0,0 +1,28 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: get +Short: G +Help: Put the post data in the URL and use GET +Protocols: HTTP +Category: http +Added: 7.8.1 +Multi: boolean +See-also: + - data + - request +Example: + - --get $URL + - --get -d "tool=curl" -d "age=old" $URL + - --get -I -d "tool=curl" $URL +--- + +# `--get` + +When used, this option makes all data specified with --data, --data-binary or +--data-urlencode to be used in an HTTP GET request instead of the POST request +that otherwise would be used. curl appends the provided data to the URL as a +query string. + +If used in combination with --head, the POST data is instead appended to the +URL with a HEAD request. diff --git a/deps/curl/docs/cmdline-opts/globoff.md b/deps/curl/docs/cmdline-opts/globoff.md new file mode 100644 index 00000000..3c8c3414 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/globoff.md @@ -0,0 +1,22 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: globoff +Short: g +Help: Disable URL globbing with {} and [] +Category: curl +Added: 7.6 +Multi: boolean +See-also: + - config + - disable +Example: + - -g "https://example.com/{[]}}}}" +--- + +# `--globoff` + +Switch off the URL globbing function. When you set this option, you can +specify URLs that contain the letters {}[] without having curl itself +interpret them. Note that these letters are not normal legal URL contents but +they should be encoded according to the URI standard. diff --git a/deps/curl/docs/cmdline-opts/happy-eyeballs-timeout-ms.md b/deps/curl/docs/cmdline-opts/happy-eyeballs-timeout-ms.md new file mode 100644 index 00000000..f4b492db --- /dev/null +++ b/deps/curl/docs/cmdline-opts/happy-eyeballs-timeout-ms.md @@ -0,0 +1,28 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: happy-eyeballs-timeout-ms +Arg: +Help: Time for IPv6 before IPv4 +Added: 7.59.0 +Category: connection timeout +Multi: single +See-also: + - max-time + - connect-timeout +Example: + - --happy-eyeballs-timeout-ms 500 $URL +--- + +# `--happy-eyeballs-timeout-ms` + +Happy Eyeballs is an algorithm that attempts to connect to both IPv4 and IPv6 +addresses for dual-stack hosts, giving IPv6 a head-start of the specified +number of milliseconds. If the IPv6 address cannot be connected to within that +time, then a connection attempt is made to the IPv4 address in parallel. The +first connection to be established is the one that is used. + +The range of suggested useful values is limited. Happy Eyeballs RFC 6555 says +"It is RECOMMENDED that connection attempts be paced 150-250 ms apart to +balance human factors against network load." libcurl currently defaults to +200 ms. Firefox and Chrome currently default to 300 ms. diff --git a/deps/curl/docs/cmdline-opts/haproxy-clientip.md b/deps/curl/docs/cmdline-opts/haproxy-clientip.md new file mode 100644 index 00000000..fde085a9 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/haproxy-clientip.md @@ -0,0 +1,33 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: haproxy-clientip +Arg: +Help: Set address in HAProxy PROXY +Protocols: HTTP +Added: 8.2.0 +Category: http proxy +Multi: single +See-also: + - proxy +Example: + - --haproxy-clientip $IP +--- + +# `--haproxy-clientip` + +Sets a client IP in HAProxy PROXY protocol v1 header at the beginning of the +connection. + +For valid requests, IPv4 addresses must be indicated as a series of exactly +4 integers in the range [0..255] inclusive written in decimal representation +separated by exactly one dot between each other. Heading zeroes are not +permitted in front of numbers in order to avoid any possible confusion +with octal numbers. IPv6 addresses must be indicated as series of 4 hexadecimal +digits (upper or lower case) delimited by colons between each other, with the +acceptance of one double colon sequence to replace the largest acceptable range +of consecutive zeroes. The total number of decoded bits must exactly be 128. + +Otherwise, any string can be accepted for the client IP and get sent. + +It replaces --haproxy-protocol if used, it is not necessary to specify both flags. diff --git a/deps/curl/docs/cmdline-opts/haproxy-protocol.md b/deps/curl/docs/cmdline-opts/haproxy-protocol.md new file mode 100644 index 00000000..26456c80 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/haproxy-protocol.md @@ -0,0 +1,23 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: haproxy-protocol +Help: Send HAProxy PROXY protocol v1 header +Protocols: HTTP +Added: 7.60.0 +Category: http proxy +Multi: boolean +See-also: + - proxy +Example: + - --haproxy-protocol $URL +--- + +# `--haproxy-protocol` + +Send a HAProxy PROXY protocol v1 header at the beginning of the connection. +This is used by some load balancers and reverse proxies to indicate the +client's true IP address and port. + +This option is primarily useful when sending test requests to a service that +expects this header. diff --git a/deps/curl/docs/cmdline-opts/head.md b/deps/curl/docs/cmdline-opts/head.md new file mode 100644 index 00000000..353ef9a0 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/head.md @@ -0,0 +1,23 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: head +Short: I +Help: Show document info only +Protocols: HTTP FTP FILE +Category: http ftp file +Added: 4.0 +Multi: boolean +See-also: + - get + - verbose + - trace-ascii +Example: + - -I $URL +--- + +# `--head` + +Fetch the headers only. HTTP-servers feature the command HEAD which this uses +to get nothing but the header of a document. When used on an FTP or FILE URL, +curl displays the file size and last modification time only. diff --git a/deps/curl/docs/cmdline-opts/header.md b/deps/curl/docs/cmdline-opts/header.md new file mode 100644 index 00000000..66816aac --- /dev/null +++ b/deps/curl/docs/cmdline-opts/header.md @@ -0,0 +1,68 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: header +Short: H +Arg:
+Help: Pass custom header(s) to server +Protocols: HTTP IMAP SMTP +Category: http imap smtp +Added: 5.0 +Multi: append +See-also: + - user-agent + - referer +Example: + - -H "X-First-Name: Joe" $URL + - -H "User-Agent: yes-please/2000" $URL + - -H "Host:" $URL + - -H @headers.txt $URL +--- + +# `--header` + +Extra header to include in information sent. When used within an HTTP request, +it is added to the regular request headers. + +For an IMAP or SMTP MIME uploaded mail built with --form options, it is +prepended to the resulting MIME document, effectively including it at the mail +global level. It does not affect raw uploaded mails (Added in 7.56.0). + +You may specify any number of extra headers. Note that if you should add a +custom header that has the same name as one of the internal ones curl would +use, your externally set header is used instead of the internal one. This +allows you to make even trickier stuff than curl would normally do. You should +not replace internally set headers without knowing perfectly well what you are +doing. Remove an internal header by giving a replacement without content on +the right side of the colon, as in: -H `Host:`. If you send the custom header +with no-value then its header must be terminated with a semicolon, such as -H +`X-Custom-Header;` to send `X-Custom-Header:`. + +curl makes sure that each header you add/replace is sent with the proper +end-of-line marker, you should thus **not** add that as a part of the header +content: do not add newlines or carriage returns, they only mess things up for +you. curl passes on the verbatim string you give it without any filter or +other safe guards. That includes white space and control characters. + +This option can take an argument in @filename style, which then adds a header +for each line in the input file. Using @- makes curl read the header file from +stdin. (Added in 7.55.0) + +Please note that most anti-spam utilities check the presence and value of +several MIME mail headers: these are `From:`, `To:`, `Date:` and `Subject:` +among others and should be added with this option. + +You need --proxy-header to send custom headers intended for an HTTP proxy. +(Added in 7.37.0) + +Passing on a `Transfer-Encoding: chunked` header when doing an HTTP request +with a request body, makes curl send the data using chunked encoding. + +**WARNING**: headers set with this option are set in all HTTP requests - even +after redirects are followed, like when told with --location. This can lead to +the header being sent to other hosts than the original host, so sensitive +headers should be used with caution combined with following redirects. + +`Authorization:` and `Cookie:` headers are explicitly *not* passed on in HTTP +requests when following redirects to other origins, unless --location-trusted +is used. diff --git a/deps/curl/docs/cmdline-opts/help.md b/deps/curl/docs/cmdline-opts/help.md new file mode 100644 index 00000000..122c55cd --- /dev/null +++ b/deps/curl/docs/cmdline-opts/help.md @@ -0,0 +1,39 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: help +Arg: +Short: h +Help: Get help for commands +Category: important curl +Added: 4.0 +Multi: custom +See-also: + - verbose +Example: + - --help all + - --help --insecure + - --help -f +--- + +# `--help` + +Usage help. Provide help for the subject given as an optional argument. + +If no argument is provided, curl displays the most important command line +arguments. + +The argument can either be a **category** or a **command line option**. When a +category is provided, curl shows all command line options within the given +category. Specify category `all` to list all available options. + +If `category` is specified, curl displays all available help categories. + +If the provided subject is instead an existing command line option, specified +either in its short form with a single dash and a single letter, or in the +long form with two dashes and a longer name, curl displays a help text for +that option in the terminal. + +The help output is extensive for some options. + +If the provided command line option is not known, curl says so. diff --git a/deps/curl/docs/cmdline-opts/hostpubmd5.md b/deps/curl/docs/cmdline-opts/hostpubmd5.md new file mode 100644 index 00000000..5d480a5b --- /dev/null +++ b/deps/curl/docs/cmdline-opts/hostpubmd5.md @@ -0,0 +1,21 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: hostpubmd5 +Arg: +Help: Acceptable MD5 hash of host public key +Protocols: SFTP SCP +Added: 7.17.1 +Category: sftp scp ssh +Multi: single +See-also: + - hostpubsha256 +Example: + - --hostpubmd5 e5c1c49020640a5ab0f2034854c321a8 sftp://example.com/ +--- + +# `--hostpubmd5` + +Pass a string containing 32 hexadecimal digits. The string should be the 128 +bit **MD5** checksum of the remote host's public key, curl refuses the +connection with the host unless the checksums match. diff --git a/deps/curl/docs/cmdline-opts/hostpubsha256.md b/deps/curl/docs/cmdline-opts/hostpubsha256.md new file mode 100644 index 00000000..e695a10c --- /dev/null +++ b/deps/curl/docs/cmdline-opts/hostpubsha256.md @@ -0,0 +1,23 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: hostpubsha256 +Arg: +Help: Acceptable SHA256 hash of host public key +Protocols: SFTP SCP +Added: 7.80.0 +Category: sftp scp ssh +Multi: single +See-also: + - hostpubmd5 +Example: + - --hostpubsha256 NDVkMTQxMGQ1ODdmMjQ3MjczYjAyOTY5MmRkMjVmNDQ= sftp://example.com/ +--- + +# `--hostpubsha256` + +Pass a string containing a Base64-encoded SHA256 hash of the remote host's +public key. curl refuses the connection with the host unless the hashes match. + +This feature requires libcurl to be built with libssh2 and does not work with +other SSH backends. diff --git a/deps/curl/docs/cmdline-opts/hsts.md b/deps/curl/docs/cmdline-opts/hsts.md new file mode 100644 index 00000000..9cae80c2 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/hsts.md @@ -0,0 +1,32 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: hsts +Arg: +Protocols: HTTPS +Help: Enable HSTS with this cache file +Added: 7.74.0 +Category: http +Multi: append +See-also: + - proto +Example: + - --hsts cache.txt $URL +--- + +# `--hsts` + +Enable HSTS for the transfer. If the filename points to an existing HSTS cache +file, that is used. After a completed transfer, the cache is saved to the +filename again if it has been modified. + +If curl is told to use HTTP:// for a transfer involving a hostname that exists +in the HSTS cache, it upgrades the transfer to use HTTPS. Each HSTS cache +entry has an individual life time after which the upgrade is no longer +performed. + +Specify a "" filename (zero length) to avoid loading/saving and make curl just +handle HSTS in memory. + +If this option is used several times, curl loads contents from all the +files but the last one is used for saving. diff --git a/deps/curl/docs/cmdline-opts/http0.9.md b/deps/curl/docs/cmdline-opts/http0.9.md new file mode 100644 index 00000000..41b76ffd --- /dev/null +++ b/deps/curl/docs/cmdline-opts/http0.9.md @@ -0,0 +1,27 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: http0.9 +Tags: Versions +Protocols: HTTP +Help: Allow HTTP/0.9 responses +Category: http +Added: 7.64.0 +Multi: boolean +See-also: + - http1.1 + - http2 + - http3 +Example: + - --http0.9 $URL +--- + +# `--http0.9` + +Accept an HTTP version 0.9 response. + +HTTP/0.9 is a response without headers and therefore you can also connect with +this to non-HTTP servers and still get a response since curl simply +transparently downgrades - if allowed. + +HTTP/0.9 is disabled by default (added in 7.66.0) diff --git a/deps/curl/docs/cmdline-opts/http1.0.md b/deps/curl/docs/cmdline-opts/http1.0.md new file mode 100644 index 00000000..0252f052 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/http1.0.md @@ -0,0 +1,22 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Short: 0 +Long: http1.0 +Tags: Versions +Protocols: HTTP +Added: 7.9.1 +Mutexed: http1.1 http2 http2-prior-knowledge http3 +Help: Use HTTP/1.0 +Category: http +Multi: mutex +See-also: + - http0.9 + - http1.1 +Example: + - --http1.0 $URL +--- + +# `--http1.0` + +Use HTTP version 1.0 instead of using its internally preferred HTTP version. diff --git a/deps/curl/docs/cmdline-opts/http1.1.md b/deps/curl/docs/cmdline-opts/http1.1.md new file mode 100644 index 00000000..14e5c747 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/http1.1.md @@ -0,0 +1,21 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: http1.1 +Tags: Versions +Protocols: HTTP +Added: 7.33.0 +Mutexed: http1.0 http2 http2-prior-knowledge http3 +Help: Use HTTP/1.1 +Category: http +Multi: mutex +See-also: + - http1.0 + - http0.9 +Example: + - --http1.1 $URL +--- + +# `--http1.1` + +Use HTTP version 1.1. This is the default with HTTP:// URLs. diff --git a/deps/curl/docs/cmdline-opts/http2-prior-knowledge.md b/deps/curl/docs/cmdline-opts/http2-prior-knowledge.md new file mode 100644 index 00000000..25a32db7 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/http2-prior-knowledge.md @@ -0,0 +1,29 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: http2-prior-knowledge +Tags: Versions +Protocols: HTTP +Added: 7.49.0 +Mutexed: http1.1 http1.0 http2 http3 +Requires: HTTP/2 +Help: Use HTTP/2 without HTTP/1.1 Upgrade +Category: http +Multi: boolean +See-also: + - http2 + - http3 +Example: + - --http2-prior-knowledge $URL +--- + +# `--http2-prior-knowledge` + +Issue a non-TLS HTTP requests using HTTP/2 directly without HTTP/1.1 Upgrade. +It requires prior knowledge that the server supports HTTP/2 straight away. +HTTPS requests still do HTTP/2 the standard way with negotiated protocol +version in the TLS handshake. + +Since 8.10.0 if this option is set for an HTTPS request then the application +layer protocol version (ALPN) offered to the server is only HTTP/2. Prior to +that both HTTP/1.1 and HTTP/2 were offered. diff --git a/deps/curl/docs/cmdline-opts/http2.md b/deps/curl/docs/cmdline-opts/http2.md new file mode 100644 index 00000000..ae4d2697 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/http2.md @@ -0,0 +1,33 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: http2 +Tags: Versions +Protocols: HTTP +Added: 7.33.0 +Mutexed: http1.1 http1.0 http2-prior-knowledge http3 +Requires: HTTP/2 +Help: Use HTTP/2 +Category: http +Multi: mutex +See-also: + - http1.1 + - http3 + - no-alpn +Example: + - --http2 $URL +--- + +# `--http2` + +Use HTTP/2. + +For HTTPS, this means curl negotiates HTTP/2 in the TLS handshake. curl does +this by default. + +For HTTP, this means curl attempts to upgrade the request to HTTP/2 using the +Upgrade: request header. + +When curl uses HTTP/2 over HTTPS, it does not itself insist on TLS 1.2 or +higher even though that is required by the specification. A user can add this +version requirement with --tlsv1.2. diff --git a/deps/curl/docs/cmdline-opts/http3-only.md b/deps/curl/docs/cmdline-opts/http3-only.md new file mode 100644 index 00000000..0ee5f188 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/http3-only.md @@ -0,0 +1,32 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: http3-only +Tags: Versions +Protocols: HTTP +Added: 7.88.0 +Mutexed: http1.1 http1.0 http2 http2-prior-knowledge http3 +Requires: HTTP/3 +Help: Use HTTP/3 only +Category: http +Multi: mutex +See-also: + - http1.1 + - http2 + - http3 +Example: + - --http3-only $URL +--- + +# `--http3-only` + +Instructs curl to use HTTP/3 to the host in the URL, with no fallback to +earlier HTTP versions. HTTP/3 can only be used for HTTPS and not for HTTP +URLs. For HTTP, this option triggers an error. + +This option allows a user to avoid using the Alt-Svc method of upgrading to +HTTP/3 when you know that the target speaks HTTP/3 on the given host and port. + +This option makes curl fail if a QUIC connection cannot be established, it +does not attempt any other HTTP versions on its own. Use --http3 for similar +functionality *with* a fallback. diff --git a/deps/curl/docs/cmdline-opts/http3.md b/deps/curl/docs/cmdline-opts/http3.md new file mode 100644 index 00000000..a66d7978 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/http3.md @@ -0,0 +1,35 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: http3 +Tags: Versions +Protocols: HTTP +Added: 7.66.0 +Mutexed: http1.1 http1.0 http2 http2-prior-knowledge http3-only +Requires: HTTP/3 +Help: Use HTTP/3 +Category: http +Multi: mutex +See-also: + - http1.1 + - http2 +Example: + - --http3 $URL +--- + +# `--http3` + +Attempt HTTP/3 to the host in the URL, but fallback to earlier HTTP versions +if the HTTP/3 connection establishment fails or is slow. HTTP/3 is only +available for HTTPS and not for HTTP URLs. + +This option allows a user to avoid using the Alt-Svc method of upgrading to +HTTP/3 when you know or suspect that the target speaks HTTP/3 on the given +host and port. + +When asked to use HTTP/3, curl issues a separate attempt to use older HTTP +versions with a slight delay, so if the HTTP/3 transfer fails or is slow, curl +still tries to proceed with an older HTTP version. The fallback performs the +regular negotiation between HTTP/1 and HTTP/2. + +Use --http3-only for similar functionality *without* a fallback. diff --git a/deps/curl/docs/cmdline-opts/ignore-content-length.md b/deps/curl/docs/cmdline-opts/ignore-content-length.md new file mode 100644 index 00000000..01ff43b0 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/ignore-content-length.md @@ -0,0 +1,23 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: ignore-content-length +Help: Ignore the size of the remote resource +Protocols: FTP HTTP +Category: http ftp +Added: 7.14.1 +Multi: boolean +See-also: + - ftp-skip-pasv-ip +Example: + - --ignore-content-length $URL +--- + +# `--ignore-content-length` + +For HTTP, ignore the Content-Length header. This is particularly useful for +servers running Apache 1.x, which reports incorrect Content-Length for files +larger than 2 gigabytes. + +For FTP, this makes curl skip the SIZE command to figure out the size before +downloading a file (added in 7.46.0). diff --git a/deps/curl/docs/cmdline-opts/insecure.md b/deps/curl/docs/cmdline-opts/insecure.md new file mode 100644 index 00000000..6b7009f2 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/insecure.md @@ -0,0 +1,41 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: insecure +Short: k +Help: Allow insecure server connections +Protocols: TLS SFTP SCP +Category: tls sftp scp ssh +Added: 7.10 +Multi: boolean +See-also: + - proxy-insecure + - cacert + - capath +Example: + - --insecure $URL +--- + +# `--insecure` + +By default, every secure connection curl makes is verified to be secure before +the transfer takes place. This option makes curl skip the verification step +and proceed without checking. + +When this option is not used for protocols using TLS, curl verifies the +server's TLS certificate before it continues: that the certificate contains +the right name which matches the hostname used in the URL and that the +certificate has been signed by a CA certificate present in the cert store. See +this online resource for further details: +**https://curl.se/docs/sslcerts.html** + +For SFTP and SCP, this option makes curl skip the *known_hosts* verification. +*known_hosts* is a file normally stored in the user's home directory in the +".ssh" subdirectory, which contains hostnames and their public keys. + +**WARNING**: using this option makes the transfer insecure. + +When curl uses secure protocols it trusts responses and allows for example +HSTS and Alt-Svc information to be stored and used subsequently. Using +--insecure can make curl trust and use such information from malicious +servers. diff --git a/deps/curl/docs/cmdline-opts/interface.md b/deps/curl/docs/cmdline-opts/interface.md new file mode 100644 index 00000000..539e3927 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/interface.md @@ -0,0 +1,51 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: interface +Arg: +Help: Use network interface +Category: connection +Added: 7.3 +Multi: single +See-also: + - dns-interface +Example: + - --interface eth0 $URL + - --interface "host!10.0.0.1" $URL + - --interface "if!enp3s0" $URL +--- + +# `--interface` + +Perform the operation using a specified interface. You can enter interface +name, IP address or hostname. If you prefer to be specific, you can use the +following special syntax: + +## if! + +Interface name. If the provided name does not match an existing interface, +curl returns with error 45. + +## host! + +IP address or hostname. + +## ifhost!! + +Interface name and IP address or hostname. This syntax requires libcurl 8.9.0 +or later. + +If the provided name does not match an existing interface, curl returns with +error 45. + +## + +curl does not support using network interface names for this option on +Windows. + +That name resolve operation if a hostname is provided does **not** use +DNS-over-HTTPS even if --doh-url is set. + +On Linux this option can be used to specify a **VRF** (Virtual Routing and +Forwarding) device, but the binary then needs to either have the +**CAP_NET_RAW** capability set or to be run as root. diff --git a/deps/curl/docs/cmdline-opts/ip-tos.md b/deps/curl/docs/cmdline-opts/ip-tos.md new file mode 100644 index 00000000..3d6473f3 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/ip-tos.md @@ -0,0 +1,27 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: ip-tos +Arg: +Help: Set IP Type of Service or Traffic Class +Added: 8.9.0 +Category: connection +Protocols: All +Multi: single +See-also: + - tcp-nodelay + - vlan-priority +Example: + - --ip-tos CS5 $URL +--- + +# `--ip-tos` + +Set Type of Service (TOS) for IPv4 or Traffic Class for IPv6. + +The values allowed for \ can be a numeric value between 1 and 255 +or one of the following: + +CS0, CS1, CS2, CS3, CS4, CS5, CS6, CS7, AF11, AF12, AF13, AF21, AF22, AF23, +AF31, AF32, AF33, AF41, AF42, AF43, EF, VOICE-ADMIT, ECT1, ECT0, CE, LE, +LOWCOST, LOWDELAY, THROUGHPUT, RELIABILITY, MINCOST diff --git a/deps/curl/docs/cmdline-opts/ipfs-gateway.md b/deps/curl/docs/cmdline-opts/ipfs-gateway.md new file mode 100644 index 00000000..e5e8b10b --- /dev/null +++ b/deps/curl/docs/cmdline-opts/ipfs-gateway.md @@ -0,0 +1,40 @@ +--- +c: Copyright (C) Mark Gaiser, +SPDX-License-Identifier: curl +Long: ipfs-gateway +Arg: +Help: Gateway for IPFS +Protocols: IPFS +Added: 8.4.0 +Category: curl +Multi: single +See-also: + - help + - manual +Example: + - --ipfs-gateway $URL ipfs:// +--- + +# `--ipfs-gateway` + +Specify which gateway to use for IPFS and IPNS URLs. Not specifying this +instead makes curl check if the IPFS_GATEWAY environment variable is set, or +if a `~/.ipfs/gateway` file holding the gateway URL exists. + +If you run a local IPFS node, this gateway is by default available under +`http://localhost:8080`. A full example URL would look like: + + curl --ipfs-gateway http://localhost:8080 \ + ipfs://bafybeigagd5nmnn2iys2f3 + +There are many public IPFS gateways. See for example: +https://ipfs.github.io/public-gateway-checker/ + +If you opt to go for a remote gateway you need to be aware that you completely +trust the gateway. This might be fine in local gateways that you host +yourself. With remote gateways there could potentially be malicious actors +returning you data that does not match the request you made, inspect or even +interfere with the request. You may not notice this when using curl. A +mitigation could be to go for a "trustless" gateway. This means you locally +verify that the data. Consult the docs page on trusted vs trustless: +https://docs.ipfs.tech/reference/http/gateway/#trusted-vs-trustless diff --git a/deps/curl/docs/cmdline-opts/ipv4.md b/deps/curl/docs/cmdline-opts/ipv4.md new file mode 100644 index 00000000..b790cc65 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/ipv4.md @@ -0,0 +1,24 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Short: 4 +Long: ipv4 +Tags: Versions +Protocols: +Added: 7.10.8 +Mutexed: ipv6 +Requires: +Help: Resolve names to IPv4 addresses +Category: connection dns +Multi: mutex +See-also: + - http1.1 + - http2 +Example: + - --ipv4 $URL +--- + +# `--ipv4` + +Use IPv4 addresses only when resolving hostnames, and not for example try +IPv6. diff --git a/deps/curl/docs/cmdline-opts/ipv6.md b/deps/curl/docs/cmdline-opts/ipv6.md new file mode 100644 index 00000000..547f4917 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/ipv6.md @@ -0,0 +1,28 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Short: 6 +Long: ipv6 +Tags: Versions +Protocols: +Added: 7.10.8 +Mutexed: ipv4 +Requires: +Help: Resolve names to IPv6 addresses +Category: connection dns +Multi: mutex +See-also: + - http1.1 + - http2 +Example: + - --ipv6 $URL +--- + +# `--ipv6` + +Use IPv6 addresses only when resolving hostnames, and not for example try +IPv4. + +Your resolver may respond to an IPv6-only resolve request by returning IPv6 +addresses that contain "mapped" IPv4 addresses for compatibility purposes. +macOS is known to do this. diff --git a/deps/curl/docs/cmdline-opts/json.md b/deps/curl/docs/cmdline-opts/json.md new file mode 100644 index 00000000..7763d81e --- /dev/null +++ b/deps/curl/docs/cmdline-opts/json.md @@ -0,0 +1,42 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: json +Arg: +Help: HTTP POST JSON +Protocols: HTTP +Mutexed: form head upload-file +Category: http post upload +Added: 7.82.0 +Multi: append +See-also: + - data-binary + - data-raw +Example: + - --json '{ "drink": "coffe" }' $URL + - --json '{ "drink":' --json ' "coffe" }' $URL + - --json @prepared $URL + - --json @- $URL < json.txt +--- + +# `--json` + +Sends the specified JSON data in a POST request to the HTTP server. --json +works as a shortcut for passing on these three options: + + --data-binary [arg] + --header "Content-Type: application/json" + --header "Accept: application/json" + +There is **no verification** that the passed in data is actual JSON or that +the syntax is correct. + +If you start the data with the letter @, the rest should be a filename to read +the data from, or a single dash (-) if you want curl to read the data from +stdin. Posting data from a file named 'foobar' would thus be done with --json +@foobar and to instead read the data from stdin, use --json @-. + +If this option is used more than once on the same command line, the additional +data pieces are concatenated to the previous before sending. + +The headers this option sets can be overridden with --header as usual. diff --git a/deps/curl/docs/cmdline-opts/junk-session-cookies.md b/deps/curl/docs/cmdline-opts/junk-session-cookies.md new file mode 100644 index 00000000..63971050 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/junk-session-cookies.md @@ -0,0 +1,22 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: junk-session-cookies +Short: j +Help: Ignore session cookies read from file +Protocols: HTTP +Category: http +Added: 7.9.7 +Multi: boolean +See-also: + - cookie + - cookie-jar +Example: + - --junk-session-cookies -b cookies.txt $URL +--- + +# `--junk-session-cookies` + +When curl is told to read cookies from a given file, this option makes it +discard all "session cookies". This has the same effect as if a new session is +started. Typical browsers discard session cookies when they are closed down. diff --git a/deps/curl/docs/cmdline-opts/keepalive-cnt.md b/deps/curl/docs/cmdline-opts/keepalive-cnt.md new file mode 100644 index 00000000..e56c976e --- /dev/null +++ b/deps/curl/docs/cmdline-opts/keepalive-cnt.md @@ -0,0 +1,27 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: keepalive-cnt +Arg: +Help: Maximum number of keepalive probes +Added: 8.9.0 +Category: connection +Multi: single +See-also: + - keepalive-time + - no-keepalive +Example: + - --keepalive-cnt 3 $URL +--- + +# `--keepalive-cnt` + +Set the maximum number of keepalive probes TCP should send but get no response +before dropping the connection. This option is usually used in conjunction +with --keepalive-time. + +This option is supported on Linux, *BSD/macOS, Windows \>=10.0.16299, Solaris +11.4, and recent AIX, HP-UX and more. This option has no effect if +--no-keepalive is used. + +If unspecified, the option defaults to 9. diff --git a/deps/curl/docs/cmdline-opts/keepalive-time.md b/deps/curl/docs/cmdline-opts/keepalive-time.md new file mode 100644 index 00000000..4b10ff6f --- /dev/null +++ b/deps/curl/docs/cmdline-opts/keepalive-time.md @@ -0,0 +1,30 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: keepalive-time +Arg: +Help: Interval time for keepalive probes +Added: 7.18.0 +Category: connection timeout +Multi: single +See-also: + - no-keepalive + - keepalive-cnt + - max-time +Example: + - --keepalive-time 20 $URL +--- + +# `--keepalive-time` + +Set the time a connection needs to remain idle before sending keepalive probes +and the time between individual keepalive probes. It is currently effective on +operating systems offering the `TCP_KEEPIDLE` and `TCP_KEEPINTVL` socket +options (meaning Linux, *BSD/macOS, Windows, Solaris, and recent AIX, HP-UX and more). +Keepalive is used by the TCP stack to detect broken networks on idle connections. +The number of missed keepalive probes before declaring the connection down is OS +dependent and is commonly 8 (*BSD/macOS/AIX), 9 (Linux/AIX) or 5/10 (Windows), and +this number can be changed by specifying the curl option `keepalive-cnt`. +Note that this option has no effect if --no-keepalive is used. + +If unspecified, the option defaults to 60 seconds. diff --git a/deps/curl/docs/cmdline-opts/key-type.md b/deps/curl/docs/cmdline-opts/key-type.md new file mode 100644 index 00000000..4128bfea --- /dev/null +++ b/deps/curl/docs/cmdline-opts/key-type.md @@ -0,0 +1,20 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: key-type +Arg: +Help: Private key file type (DER/PEM/ENG) +Protocols: TLS +Category: tls +Added: 7.9.3 +Multi: single +See-also: + - key +Example: + - --key-type DER --key here $URL +--- + +# `--key-type` + +Private key file type. Specify which type your --key provided private key +is. DER, PEM, and ENG are supported. If not specified, PEM is assumed. diff --git a/deps/curl/docs/cmdline-opts/key.md b/deps/curl/docs/cmdline-opts/key.md new file mode 100644 index 00000000..355f4fcd --- /dev/null +++ b/deps/curl/docs/cmdline-opts/key.md @@ -0,0 +1,34 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: key +Arg: +Protocols: TLS SSH +Help: Private key filename +Category: tls ssh +Added: 7.9.3 +Multi: single +See-also: + - key-type + - cert +Example: + - --cert certificate --key here $URL +--- + +# `--key` + +Private key filename. Allows you to provide your private key in this separate +file. For SSH, if not specified, curl tries the following candidates in order: +`~/.ssh/id_rsa`, `~/.ssh/id_dsa`, `./id_rsa`, `./id_dsa`. + +If curl is built against OpenSSL library, and the engine pkcs11 or pkcs11 +provider is available, then a PKCS#11 URI (RFC 7512) can be used to specify a +private key located in a PKCS#11 device. A string beginning with `pkcs11:` is +interpreted as a PKCS#11 URI. If a PKCS#11 URI is provided, then the --engine +option is set as `pkcs11` if none was provided and the --key-type option is +set as `ENG` or `PROV` if none was provided (depending on OpenSSL version). + +If curl is built against Secure Transport or Schannel then this option is +ignored for TLS protocols (HTTPS, etc). Those backends expect the private key +to be already present in the keychain or PKCS#12 file containing the +certificate. diff --git a/deps/curl/docs/cmdline-opts/krb.md b/deps/curl/docs/cmdline-opts/krb.md new file mode 100644 index 00000000..c353a0c7 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/krb.md @@ -0,0 +1,23 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: krb +Arg: +Help: Enable Kerberos with security +Protocols: FTP +Requires: Kerberos +Category: ftp +Added: 7.3 +Multi: single +See-also: + - delegation + - ssl +Example: + - --krb clear ftp://example.com/ +--- + +# `--krb` + +Enable Kerberos authentication and use. The level must be entered and should +be one of 'clear', 'safe', 'confidential', or 'private'. Should you use a +level that is not one of these, 'private' is used. diff --git a/deps/curl/docs/cmdline-opts/libcurl.md b/deps/curl/docs/cmdline-opts/libcurl.md new file mode 100644 index 00000000..e37e5aa0 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/libcurl.md @@ -0,0 +1,21 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: libcurl +Arg: +Help: Generate libcurl code for this command line +Added: 7.16.1 +Category: curl global +Multi: single +Scope: global +See-also: + - verbose +Example: + - --libcurl client.c $URL +--- + +# `--libcurl` + +Append this option to any ordinary curl command line, and you get +libcurl-using C source code written to the file that does the equivalent of +what your command-line operation does. diff --git a/deps/curl/docs/cmdline-opts/limit-rate.md b/deps/curl/docs/cmdline-opts/limit-rate.md new file mode 100644 index 00000000..273a2ce5 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/limit-rate.md @@ -0,0 +1,37 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: limit-rate +Arg: +Help: Limit transfer speed to RATE +Category: connection +Added: 7.10 +Multi: single +See-also: + - rate + - speed-limit + - speed-time +Example: + - --limit-rate 100K $URL + - --limit-rate 1000 $URL + - --limit-rate 10M $URL +--- + +# `--limit-rate` + +Specify the maximum transfer rate you want curl to use - for both downloads +and uploads. This feature is useful if you have a limited pipe and you would +like your transfer not to use your entire bandwidth. To make it slower than it +otherwise would be. + +The given speed is measured in bytes/second, unless a suffix is appended. +Appending 'k' or 'K' counts the number as kilobytes, 'm' or 'M' makes it +megabytes, while 'g' or 'G' makes it gigabytes. The suffixes (k, M, G, T, P) +are 1024 based. For example 1k is 1024. Examples: 200K, 3m and 1G. + +The rate limiting logic works on averaging the transfer speed to no more than +the set threshold over a period of multiple seconds. + +If you also use the --speed-limit option, that option takes precedence and +might cripple the rate-limiting slightly, to help keeping the speed-limit +logic working. diff --git a/deps/curl/docs/cmdline-opts/list-only.md b/deps/curl/docs/cmdline-opts/list-only.md new file mode 100644 index 00000000..2800a8f7 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/list-only.md @@ -0,0 +1,43 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: list-only +Short: l +Protocols: FTP POP3 SFTP FILE +Help: List only mode +Added: 4.0 +Category: ftp pop3 sftp file +Multi: boolean +See-also: + - quote + - request +Example: + - --list-only ftp://example.com/dir/ +--- + +# `--list-only` + +When listing an FTP directory, force a name-only view. Maybe particularly +useful if the user wants to machine-parse the contents of an FTP directory +since the normal directory view does not use a standard look or format. When +used like this, the option causes an NLST command to be sent to the server +instead of LIST. + +Note: Some FTP servers list only files in their response to NLST; they do not +include sub-directories and symbolic links. + +When listing an SFTP directory, this switch forces a name-only view, one per +line. This is especially useful if the user wants to machine-parse the +contents of an SFTP directory since the normal directory view provides more +information than just filenames. + +When retrieving a specific email from POP3, this switch forces a LIST command +to be performed instead of RETR. This is particularly useful if the user wants +to see if a specific message-id exists on the server and what size it is. + +For FILE, this option has no effect yet as directories are always listed in +this mode. + +Note: When combined with --request, this option can be used to send a UIDL +command instead, so the user may use the email's unique identifier rather than +its message-id to make the request. diff --git a/deps/curl/docs/cmdline-opts/local-port.md b/deps/curl/docs/cmdline-opts/local-port.md new file mode 100644 index 00000000..b8c0d3fd --- /dev/null +++ b/deps/curl/docs/cmdline-opts/local-port.md @@ -0,0 +1,21 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: local-port +Arg: +Help: Use a local port number within RANGE +Added: 7.15.2 +Category: connection +Multi: single +See-also: + - globoff +Example: + - --local-port 1000-3000 $URL +--- + +# `--local-port` + +Set a preferred single number or range (FROM-TO) of local port numbers to use +for the connection(s). Note that port numbers by nature are a scarce resource +so setting this range to something too narrow might cause unnecessary +connection setup failures. diff --git a/deps/curl/docs/cmdline-opts/location-trusted.md b/deps/curl/docs/cmdline-opts/location-trusted.md new file mode 100644 index 00000000..06458a46 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/location-trusted.md @@ -0,0 +1,26 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: location-trusted +Help: As --location, but send secrets to other hosts +Protocols: HTTP +Category: http auth +Added: 7.10.4 +Multi: boolean +See-also: + - user +Example: + - --location-trusted -u user:password $URL + - --location-trusted -H "Cookie: session=abc" $URL +--- + +# `--location-trusted` + +Instructs curl to like --location follow HTTP redirects, but permits it to +send credentials and other secrets along to other hosts than the initial one. + +This may or may not introduce a security breach if the site redirects you to a +site to which you send this sensitive data to. Another host means that one or +more of hostname, protocol scheme or port number changed. + +This option also allows curl to pass long cookies set explicitly with --header. diff --git a/deps/curl/docs/cmdline-opts/location.md b/deps/curl/docs/cmdline-opts/location.md new file mode 100644 index 00000000..8d17e45e --- /dev/null +++ b/deps/curl/docs/cmdline-opts/location.md @@ -0,0 +1,41 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: location +Short: L +Help: Follow redirects +Protocols: HTTP +Category: http +Added: 4.9 +Multi: boolean +See-also: + - resolve + - alt-svc +Example: + - -L $URL +--- + +# `--location` + +If the server reports that the requested page has moved to a different +location (indicated with a Location: header and a 3XX response code), this +option makes curl redo the request to the new place. If used together with +--show-headers or --head, headers from all requested pages are shown. + +When authentication is used, or when sending a cookie with `-H Cookie:`, curl +only sends its credentials to the initial host. If a redirect takes curl to a +different host, it does not get the credentials passed on. See +--location-trusted on how to change this. + +Limit the amount of redirects to follow by using the --max-redirs option. + +When curl follows a redirect and if the request is a POST, it sends the +following request with a GET if the HTTP response was 301, 302, or 303. If the +response code was any other 3xx code, curl resends the following request using +the same unmodified method. + +You can tell curl to not change POST requests to GET after a 30x response by +using the dedicated options for that: --post301, --post302 and --post303. + +The method set with --request overrides the method curl would otherwise select +to use. diff --git a/deps/curl/docs/cmdline-opts/login-options.md b/deps/curl/docs/cmdline-opts/login-options.md new file mode 100644 index 00000000..fc8292a2 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/login-options.md @@ -0,0 +1,32 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: login-options +Arg: +Protocols: IMAP LDAP POP3 SMTP +Help: Server login options +Added: 7.34.0 +Category: imap pop3 smtp auth ldap +Multi: single +See-also: + - user +Example: + - --login-options 'AUTH=*' imap://example.com +--- + +# `--login-options` + +Specify the login options to use during server authentication. + +You can use login options to specify protocol specific options that may be +used during authentication. At present only IMAP, POP3 and SMTP support login +options. For more information about login options please see RFC 2384, +RFC 5092 and the IETF draft +https://datatracker.ietf.org/doc/html/draft-earhart-url-smtp-00 + +Since 8.2.0, IMAP supports the login option `AUTH=+LOGIN`. With this option, +curl uses the plain (not SASL) `LOGIN IMAP` command even if the server +advertises SASL authentication. Care should be taken in using this option, as +it sends your password over the network in plain text. This does not work if +the IMAP server disables the plain `LOGIN` (e.g. to prevent password +snooping). diff --git a/deps/curl/docs/cmdline-opts/mail-auth.md b/deps/curl/docs/cmdline-opts/mail-auth.md new file mode 100644 index 00000000..deabb38b --- /dev/null +++ b/deps/curl/docs/cmdline-opts/mail-auth.md @@ -0,0 +1,21 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: mail-auth +Arg:
+Protocols: SMTP +Help: Originator address of the original email +Added: 7.25.0 +Category: smtp +Multi: single +See-also: + - mail-rcpt + - mail-from +Example: + - --mail-auth user@example.com -T mail smtp://example.com/ +--- + +# `--mail-auth` + +Specify a single address. This is used to specify the authentication address +(identity) of a submitted message that is being relayed to another server. diff --git a/deps/curl/docs/cmdline-opts/mail-from.md b/deps/curl/docs/cmdline-opts/mail-from.md new file mode 100644 index 00000000..96b06250 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/mail-from.md @@ -0,0 +1,20 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: mail-from +Arg:
+Help: Mail from this address +Protocols: SMTP +Added: 7.20.0 +Category: smtp +Multi: single +See-also: + - mail-rcpt + - mail-auth +Example: + - --mail-from user@example.com -T mail smtp://example.com/ +--- + +# `--mail-from` + +Specify a single address that the given mail should get sent from. diff --git a/deps/curl/docs/cmdline-opts/mail-rcpt-allowfails.md b/deps/curl/docs/cmdline-opts/mail-rcpt-allowfails.md new file mode 100644 index 00000000..a82948bb --- /dev/null +++ b/deps/curl/docs/cmdline-opts/mail-rcpt-allowfails.md @@ -0,0 +1,28 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: mail-rcpt-allowfails +Help: Allow RCPT TO command to fail +Protocols: SMTP +Added: 7.69.0 +Category: smtp +Multi: boolean +See-also: + - mail-rcpt +Example: + - --mail-rcpt-allowfails --mail-rcpt dest@example.com smtp://example.com +--- + +# `--mail-rcpt-allowfails` + +When sending data to multiple recipients, by default curl aborts SMTP +conversation if at least one of the recipients causes RCPT TO command to +return an error. + +The default behavior can be changed by passing --mail-rcpt-allowfails +command-line option which makes curl ignore errors and proceed with the +remaining valid recipients. + +If all recipients trigger RCPT TO failures and this flag is specified, curl +still aborts the SMTP conversation and returns the error received from to the +last RCPT TO command. diff --git a/deps/curl/docs/cmdline-opts/mail-rcpt.md b/deps/curl/docs/cmdline-opts/mail-rcpt.md new file mode 100644 index 00000000..bd787c2f --- /dev/null +++ b/deps/curl/docs/cmdline-opts/mail-rcpt.md @@ -0,0 +1,28 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: mail-rcpt +Arg:
+Help: Mail to this address +Protocols: SMTP +Added: 7.20.0 +Category: smtp +Multi: append +See-also: + - mail-rcpt-allowfails +Example: + - --mail-rcpt user@example.net smtp://example.com +--- + +# `--mail-rcpt` + +Specify a single email address, username or mailing list name. Repeat this +option several times to send to multiple recipients. + +When performing an address verification (**VRFY** command), the recipient +should be specified as the username or username and domain (as per Section 3.5 +of RFC 5321). (Added in 7.34.0) + +When performing a mailing list expand (EXPN command), the recipient should be +specified using the mailing list name, such as "Friends" or "London-Office". +(Added in 7.34.0) diff --git a/deps/curl/docs/cmdline-opts/manual.md b/deps/curl/docs/cmdline-opts/manual.md new file mode 100644 index 00000000..bf44f3b8 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/manual.md @@ -0,0 +1,20 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: manual +Short: M +Help: Display the full manual +Category: curl +Added: 5.2 +Multi: custom +See-also: + - verbose + - libcurl + - trace +Example: + - --manual +--- + +# `--manual` + +Manual. Display the huge help text. diff --git a/deps/curl/docs/cmdline-opts/max-filesize.md b/deps/curl/docs/cmdline-opts/max-filesize.md new file mode 100644 index 00000000..cf2ac653 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/max-filesize.md @@ -0,0 +1,34 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: max-filesize +Arg: +Help: Maximum file size to download +Protocols: FTP HTTP MQTT +Category: connection +Added: 7.10.8 +Multi: single +See-also: + - limit-rate +Example: + - --max-filesize 100K $URL +--- + +# `--max-filesize` + +When set to a non-zero value, it specifies the maximum size (in bytes) of a +file to download. If the file requested is larger than this value, the +transfer does not start and curl returns with exit code 63. + +Setting the maximum value to zero disables the limit. + +A size modifier may be used. For example, Appending 'k' or 'K' counts the +number as kilobytes, 'm' or 'M' makes it megabytes, while 'g' or 'G' makes it +gigabytes. Examples: 200K, 3m and 1G. (Added in 7.58.0) + +**NOTE**: before curl 8.4.0, when the file size is not known prior to +download, for such files this option has no effect even if the file transfer +ends up being larger than this given limit. + +Starting with curl 8.4.0, this option aborts the transfer if it reaches the +threshold during transfer. diff --git a/deps/curl/docs/cmdline-opts/max-redirs.md b/deps/curl/docs/cmdline-opts/max-redirs.md new file mode 100644 index 00000000..52b0c572 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/max-redirs.md @@ -0,0 +1,21 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: max-redirs +Arg: +Help: Maximum number of redirects allowed +Protocols: HTTP +Category: http +Added: 7.5 +Multi: single +See-also: + - location +Example: + - --max-redirs 3 --location $URL +--- + +# `--max-redirs` + +Set maximum number of redirections to follow. When --location is used, to +prevent curl from following too many redirects, by default, the limit is +set to 50 redirects. Set this option to -1 to make it unlimited. diff --git a/deps/curl/docs/cmdline-opts/max-time.md b/deps/curl/docs/cmdline-opts/max-time.md new file mode 100644 index 00000000..dd5fb23a --- /dev/null +++ b/deps/curl/docs/cmdline-opts/max-time.md @@ -0,0 +1,30 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: max-time +Short: m +Arg: +Help: Maximum time allowed for transfer +Category: connection timeout +Added: 4.0 +Multi: single +See-also: + - connect-timeout + - retry-max-time +Example: + - --max-time 10 $URL + - --max-time 2.92 $URL +--- + +# `--max-time` + +Set maximum time in seconds that you allow each transfer to take. Prevents +your batch jobs from hanging for hours due to slow networks or links going +down. This option accepts decimal values (added in 7.32.0). + +If you enable retrying the transfer (--retry) then the maximum time counter is +reset each time the transfer is retried. You can use --retry-max-time to limit +the retry time. + +The decimal value needs to be provided using a dot (.) as decimal separator - +not the local version even if it might be using another separator. diff --git a/deps/curl/docs/cmdline-opts/metalink.md b/deps/curl/docs/cmdline-opts/metalink.md new file mode 100644 index 00000000..d3d3e257 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/metalink.md @@ -0,0 +1,18 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: metalink +Help: Process given URLs as metalink XML file +Added: 7.27.0 +Category: deprecated +Multi: single +See-also: + - parallel +Example: + - --metalink file $URL +--- + +# `--metalink` + +This option was previously used to specify a Metalink resource. Metalink +support is disabled in curl for security reasons (added in 7.78.0). diff --git a/deps/curl/docs/cmdline-opts/mptcp.md b/deps/curl/docs/cmdline-opts/mptcp.md new file mode 100644 index 00000000..698b6937 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/mptcp.md @@ -0,0 +1,31 @@ +--- +c: Copyright (C) Dorian Craps, +SPDX-License-Identifier: curl +Long: mptcp +Added: 8.9.0 +Help: Enable Multipath TCP +Category: connection +Multi: boolean +See-also: + - tcp-fastopen +Example: + - --mptcp $URL +--- + +# `--mptcp` + +Enables the use of Multipath TCP (MPTCP) for connections. MPTCP is an extension +to the standard TCP that allows multiple TCP streams over different network +paths between the same source and destination. This can enhance bandwidth and +improve reliability by using multiple paths simultaneously. + +MPTCP is beneficial in networks where multiple paths exist between clients and +servers, such as mobile networks where a device may switch between WiFi and +cellular data or in wired networks with multiple Internet Service Providers. + +This option is currently only supported on Linux starting from kernel 5.6. Only +TCP connections are modified, hence this option does not effect HTTP/3 (QUIC) +or UDP connections. + +The server curl connects to must also support MPTCP. If not, the connection +seamlessly falls back to TCP. diff --git a/deps/curl/docs/cmdline-opts/negotiate.md b/deps/curl/docs/cmdline-opts/negotiate.md new file mode 100644 index 00000000..bba3f6a0 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/negotiate.md @@ -0,0 +1,28 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: negotiate +Help: Use HTTP Negotiate (SPNEGO) authentication +Protocols: HTTP +Category: auth http +Added: 7.10.6 +Multi: mutex +See-also: + - basic + - ntlm + - anyauth + - proxy-negotiate +Example: + - --negotiate -u : $URL +--- + +# `--negotiate` + +Enable Negotiate (SPNEGO) authentication. + +This option requires a library built with GSS-API or SSPI support. Use +--version to see if your curl supports GSS-API/SSPI or SPNEGO. + +When using this option, you must also provide a fake --user option to activate +the authentication code properly. Sending a '-u :' is enough as the username +and password from the --user option are not actually used. diff --git a/deps/curl/docs/cmdline-opts/netrc-file.md b/deps/curl/docs/cmdline-opts/netrc-file.md new file mode 100644 index 00000000..3df72ce1 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/netrc-file.md @@ -0,0 +1,24 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: netrc-file +Help: Specify FILE for netrc +Arg: +Added: 7.21.5 +Mutexed: netrc +Category: auth +Multi: single +See-also: + - netrc + - user + - config +Example: + - --netrc-file netrc $URL +--- + +# `--netrc-file` + +Set the netrc file to use. Similar to --netrc, except that you also provide +the path (absolute or relative). + +It abides by --netrc-optional if specified. diff --git a/deps/curl/docs/cmdline-opts/netrc-optional.md b/deps/curl/docs/cmdline-opts/netrc-optional.md new file mode 100644 index 00000000..9b9c068c --- /dev/null +++ b/deps/curl/docs/cmdline-opts/netrc-optional.md @@ -0,0 +1,19 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: netrc-optional +Help: Use either .netrc or URL +Mutexed: netrc +Category: auth +Added: 7.9.8 +Multi: boolean +See-also: + - netrc-file +Example: + - --netrc-optional $URL +--- + +# `--netrc-optional` + +Similar to --netrc, but this option makes the .netrc usage **optional** +and not mandatory as the --netrc option does. diff --git a/deps/curl/docs/cmdline-opts/netrc.md b/deps/curl/docs/cmdline-opts/netrc.md new file mode 100644 index 00000000..3e9fcb19 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/netrc.md @@ -0,0 +1,38 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: netrc +Short: n +Help: Must read .netrc for username and password +Category: auth +Added: 4.6 +Mutexed: netrc-file netrc-optional +Multi: boolean +See-also: + - netrc-file + - config + - user +Example: + - --netrc $URL +--- + +# `--netrc` + +Make curl scan the *.netrc* file in the user's home directory for login name +and password. This is typically used for FTP on Unix. If used with HTTP, curl +enables user authentication. See *netrc(5)* and *ftp(1)* for details on the +file format. curl does not complain if that file does not have the right +permissions (it should be neither world- nor group-readable). The environment +variable "HOME" is used to find the home directory. + +On Windows two filenames in the home directory are checked: *.netrc* and +*_netrc*, preferring the former. Older versions on Windows checked for *_netrc* +only. + +A quick and simple example of how to setup a *.netrc* to allow curl to FTP to +the machine host.example.com with username 'myself' and password 'secret' could +look similar to: + + machine host.example.com + login myself + password secret diff --git a/deps/curl/docs/cmdline-opts/next.md b/deps/curl/docs/cmdline-opts/next.md new file mode 100644 index 00000000..cb67e907 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/next.md @@ -0,0 +1,33 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Short: : +Long: next +Tags: +Protocols: +Added: 7.36.0 +Magic: divider +Help: Make next URL use separate options +Category: curl +Multi: append +See-also: + - parallel + - config +Example: + - $URL --next -d postthis www2.example.com + - -I $URL --next https://example.net/ +--- + +# `--next` + +Use a separate operation for the following URL and associated options. This +allows you to send several URL requests, each with their own specific options, +for example, such as different usernames or custom requests for each. + +--next resets all local options and only global ones have their values survive +over to the operation following the --next instruction. Global options include +--verbose, --trace, --trace-ascii and --fail-early. + +For example, you can do both a GET and a POST in a single command line: + + curl www1.example.com --next -d postthis www2.example.com diff --git a/deps/curl/docs/cmdline-opts/no-alpn.md b/deps/curl/docs/cmdline-opts/no-alpn.md new file mode 100644 index 00000000..47529487 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/no-alpn.md @@ -0,0 +1,26 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: no-alpn +Tags: HTTP/2 +Protocols: HTTPS +Added: 7.36.0 +Requires: TLS +Help: Disable the ALPN TLS extension +Category: tls http +Multi: boolean +See-also: + - no-npn + - http2 +Example: + - --no-alpn $URL +--- + +# `--no-alpn` + +Disable the ALPN TLS extension. ALPN is enabled by default if libcurl was built +with an SSL library that supports ALPN. ALPN is used by a libcurl that supports +HTTP/2 to negotiate HTTP/2 support with the server during https sessions. + +Note that this is the negated option name documented. You can use --alpn to +enable ALPN. diff --git a/deps/curl/docs/cmdline-opts/no-buffer.md b/deps/curl/docs/cmdline-opts/no-buffer.md new file mode 100644 index 00000000..e0860155 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/no-buffer.md @@ -0,0 +1,24 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: no-buffer +Short: N +Help: Disable buffering of the output stream +Category: output +Added: 6.5 +Multi: boolean +See-also: + - progress-bar +Example: + - --no-buffer $URL +--- + +# `--no-buffer` + +Disables the buffering of the output stream. In normal work situations, curl +uses a standard buffered output stream that has the effect that it outputs the +data in chunks, not necessarily exactly when the data arrives. Using this +option disables that buffering. + +Note that this is the negated option name documented. You can use --buffer to +enable buffering again. diff --git a/deps/curl/docs/cmdline-opts/no-clobber.md b/deps/curl/docs/cmdline-opts/no-clobber.md new file mode 100644 index 00000000..02a74b25 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/no-clobber.md @@ -0,0 +1,28 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: no-clobber +Help: Do not overwrite files that already exist +Category: output +Added: 7.83.0 +Multi: boolean +See-also: + - output + - remote-name +Example: + - --no-clobber --output local/dir/file $URL +--- + +# `--no-clobber` + +When used in conjunction with the --output, --remote-header-name, +--remote-name, or --remote-name-all options, curl avoids overwriting files +that already exist. Instead, a dot and a number gets appended to the name of +the file that would be created, up to filename.100 after which it does not +create any file. + +Note that this is the negated option name documented. You can thus use +--clobber to enforce the clobbering, even if --remote-header-name is +specified. + +The --continue-at option cannot be used together with --no-clobber. diff --git a/deps/curl/docs/cmdline-opts/no-keepalive.md b/deps/curl/docs/cmdline-opts/no-keepalive.md new file mode 100644 index 00000000..2c2115fe --- /dev/null +++ b/deps/curl/docs/cmdline-opts/no-keepalive.md @@ -0,0 +1,22 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: no-keepalive +Help: Disable TCP keepalive on the connection +Category: connection +Added: 7.18.0 +Multi: boolean +See-also: + - keepalive-time + - keepalive-cnt +Example: + - --no-keepalive $URL +--- + +# `--no-keepalive` + +Disables the use of keepalive messages on the TCP connection. curl otherwise +enables them by default. + +Note that this is the negated option name documented. You can thus use +--keepalive to enforce keepalive. diff --git a/deps/curl/docs/cmdline-opts/no-npn.md b/deps/curl/docs/cmdline-opts/no-npn.md new file mode 100644 index 00000000..dbb69e91 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/no-npn.md @@ -0,0 +1,26 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: no-npn +Tags: Versions HTTP/2 +Protocols: HTTPS +Added: 7.36.0 +Mutexed: +Requires: TLS +Help: Disable the NPN TLS extension +Category: deprecated +Multi: boolean +See-also: + - no-alpn + - http2 +Example: + - --no-npn $URL +--- + +# `--no-npn` + +curl never uses NPN, this option has no effect (added in 7.86.0). + +Disable the NPN TLS extension. NPN is enabled by default if libcurl was built +with an SSL library that supports NPN. NPN is used by a libcurl that supports +HTTP/2 to negotiate HTTP/2 support with the server during https sessions. diff --git a/deps/curl/docs/cmdline-opts/no-progress-meter.md b/deps/curl/docs/cmdline-opts/no-progress-meter.md new file mode 100644 index 00000000..72ec9937 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/no-progress-meter.md @@ -0,0 +1,22 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: no-progress-meter +Help: Do not show the progress meter +Added: 7.67.0 +Category: verbose +Multi: boolean +See-also: + - verbose + - silent +Example: + - --no-progress-meter -o store $URL +--- + +# `--no-progress-meter` + +Option to switch off the progress meter output without muting or otherwise +affecting warning and informational messages like --silent does. + +Note that this is the negated option name documented. You can thus use +--progress-meter to enable the progress meter again. diff --git a/deps/curl/docs/cmdline-opts/no-sessionid.md b/deps/curl/docs/cmdline-opts/no-sessionid.md new file mode 100644 index 00000000..08ba990b --- /dev/null +++ b/deps/curl/docs/cmdline-opts/no-sessionid.md @@ -0,0 +1,25 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: no-sessionid +Help: Disable SSL session-ID reusing +Protocols: TLS +Added: 7.16.0 +Category: tls +Multi: boolean +See-also: + - insecure +Example: + - --no-sessionid $URL +--- + +# `--no-sessionid` + +Disable curl's use of SSL session-ID caching. By default all transfers are +done using the cache. Note that while nothing should ever get hurt by +attempting to reuse SSL session-IDs, there seem to be broken SSL +implementations in the wild that may require you to disable this in order for +you to succeed. + +Note that this is the negated option name documented. You can thus use +--sessionid to enforce session-ID caching. diff --git a/deps/curl/docs/cmdline-opts/noproxy.md b/deps/curl/docs/cmdline-opts/noproxy.md new file mode 100644 index 00000000..698549e1 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/noproxy.md @@ -0,0 +1,33 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: noproxy +Arg: +Help: List of hosts which do not use proxy +Added: 7.19.4 +Category: proxy +Multi: single +See-also: + - proxy +Example: + - --noproxy "www.example" $URL +--- + +# `--noproxy` + +Comma-separated list of hosts for which not to use a proxy, if one is +specified. The only wildcard is a single `*` character, which matches all +hosts, and effectively disables the proxy. Each name in this list is matched +as either a domain which contains the hostname, or the hostname itself. For +example, `local.com` would match `local.com`, `local.com:80`, and +`www.local.com`, but not `www.notlocal.com`. + +This option overrides the environment variables that disable the proxy +(`no_proxy` and `NO_PROXY`) (added in 7.53.0). If there is an environment +variable disabling a proxy, you can set the no proxy list to "" to override +it. + +IP addresses specified to this option can be provided using CIDR notation +(added in 7.86.0): an appended slash and number specifies the number of +network bits out of the address to use in the comparison. For example +`192.168.0.0/16` would match all addresses starting with `192.168`. diff --git a/deps/curl/docs/cmdline-opts/ntlm-wb.md b/deps/curl/docs/cmdline-opts/ntlm-wb.md new file mode 100644 index 00000000..3a1d35cb --- /dev/null +++ b/deps/curl/docs/cmdline-opts/ntlm-wb.md @@ -0,0 +1,22 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: ntlm-wb +Help: HTTP NTLM authentication with winbind +Protocols: HTTP +Category: deprecated +Added: 7.22.0 +Multi: mutex +See-also: + - ntlm + - proxy-ntlm +Example: + - --ntlm-wb -u user:password $URL +--- + +# `--ntlm-wb` + +Deprecated option (added in 8.8.0). + +Enabled NTLM much in the style --ntlm does, but handed over the authentication +to a separate executable that was executed when needed. diff --git a/deps/curl/docs/cmdline-opts/ntlm.md b/deps/curl/docs/cmdline-opts/ntlm.md new file mode 100644 index 00000000..b37716bc --- /dev/null +++ b/deps/curl/docs/cmdline-opts/ntlm.md @@ -0,0 +1,28 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: ntlm +Help: HTTP NTLM authentication +Mutexed: basic negotiate digest anyauth +Protocols: HTTP +Requires: TLS +Category: auth http +Added: 7.10.6 +Multi: mutex +See-also: + - proxy-ntlm +Example: + - --ntlm -u user:password $URL +--- + +# `--ntlm` + +Use NTLM authentication. The NTLM authentication method was designed by +Microsoft and is used by IIS web servers. It is a proprietary protocol, +reverse-engineered by clever people and implemented in curl based on their +efforts. This kind of behavior should not be endorsed, you should encourage +everyone who uses NTLM to switch to a public and documented authentication +method instead, such as Digest. + +If you want to enable NTLM for your proxy authentication, then use +--proxy-ntlm. diff --git a/deps/curl/docs/cmdline-opts/oauth2-bearer.md b/deps/curl/docs/cmdline-opts/oauth2-bearer.md new file mode 100644 index 00000000..b66477fc --- /dev/null +++ b/deps/curl/docs/cmdline-opts/oauth2-bearer.md @@ -0,0 +1,25 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: oauth2-bearer +Help: OAuth 2 Bearer Token +Arg: +Protocols: IMAP LDAP POP3 SMTP HTTP +Category: auth imap pop3 smtp ldap +Added: 7.33.0 +Multi: single +See-also: + - basic + - ntlm + - digest +Example: + - --oauth2-bearer "mF_9.B5f-4.1JqM" $URL +--- + +# `--oauth2-bearer` + +Specify the Bearer Token for OAUTH 2.0 server authentication. The Bearer Token +is used in conjunction with the username which can be specified as part of the +--url or --user options. + +The Bearer Token and username are formatted according to RFC 6750. diff --git a/deps/curl/docs/cmdline-opts/output-dir.md b/deps/curl/docs/cmdline-opts/output-dir.md new file mode 100644 index 00000000..468ecc8a --- /dev/null +++ b/deps/curl/docs/cmdline-opts/output-dir.md @@ -0,0 +1,26 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: output-dir +Arg: +Help: Directory to save files in +Added: 7.73.0 +Category: output +Multi: single +See-also: + - remote-name + - remote-header-name +Example: + - --output-dir "tmp" -O $URL +--- + +# `--output-dir` + +Specify the directory in which files should be stored, when --remote-name or +--output are used. + +The given output directory is used for all URLs and output options on the +command line, up until the first --next. + +If the specified target directory does not exist, the operation fails unless +--create-dirs is also used. diff --git a/deps/curl/docs/cmdline-opts/output.md b/deps/curl/docs/cmdline-opts/output.md new file mode 100644 index 00000000..48360a49 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/output.md @@ -0,0 +1,62 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: output +Arg: +Short: o +Help: Write to file instead of stdout +Category: important output +Added: 4.0 +Multi: per-URL +See-also: + - remote-name + - remote-name-all + - remote-header-name +Example: + - -o file $URL + - "http://{one,two}.example.com" -o "file_#1.txt" + - "http://{site,host}.host[1-5].example" -o "#1_#2" + - -o file $URL -o file2 https://example.net +--- + +# `--output` + +Write output to the given file instead of stdout. If you are using globbing to +fetch multiple documents, you should quote the URL and you can use `#` +followed by a number in the filename. That variable is then replaced with the +current string for the URL being fetched. Like in: + + curl "http://{one,two}.example.com" -o "file_#1.txt" + +or use several variables like: + + curl "http://{site,host}.host[1-5].example" -o "#1_#2" + +You may use this option as many times as the number of URLs you have. For +example, if you specify two URLs on the same command line, you can use it like +this: + + curl -o aa example.com -o bb example.net + +and the order of the -o options and the URLs does not matter, just that the +first -o is for the first URL and so on, so the above command line can also be +written as + + curl example.com example.net -o aa -o bb + +See also the --create-dirs option to create the local directories +dynamically. Specifying the output as '-' (a single dash) passes the output to +stdout. + +To suppress response bodies, you can redirect output to /dev/null: + + curl example.com -o /dev/null + +Or for Windows: + + curl example.com -o nul + +Specify the filename as single minus to force the output to stdout, to +override curl's internal binary output in terminal prevention: + + curl https://example.com/jpeg -o - diff --git a/deps/curl/docs/cmdline-opts/parallel-immediate.md b/deps/curl/docs/cmdline-opts/parallel-immediate.md new file mode 100644 index 00000000..4d7a3ad5 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/parallel-immediate.md @@ -0,0 +1,25 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: parallel-immediate +Help: Do not wait for multiplexing +Added: 7.68.0 +Category: connection curl global +Multi: boolean +Scope: global +See-also: + - parallel + - parallel-max +Example: + - --parallel-immediate -Z $URL -o file1 $URL -o file2 +--- + +# `--parallel-immediate` + +When doing parallel transfers, this option instructs curl to prefer opening up +more connections in parallel at once rather than waiting to see if new +transfers can be added as multiplexed streams on another connection. + +By default, without this option set, curl prefers to wait a little and +multiplex new transfers over existing connections. It keeps the number of +connections low at the expense of risking a slightly slower transfer startup. diff --git a/deps/curl/docs/cmdline-opts/parallel-max.md b/deps/curl/docs/cmdline-opts/parallel-max.md new file mode 100644 index 00000000..6b3684b8 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/parallel-max.md @@ -0,0 +1,22 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: parallel-max +Arg: +Help: Maximum concurrency for parallel transfers +Added: 7.66.0 +Category: connection curl global +Multi: single +Scope: global +See-also: + - parallel +Example: + - --parallel-max 100 -Z $URL ftp://example.com/ +--- + +# `--parallel-max` + +When asked to do parallel transfers, using --parallel, this option controls +the maximum amount of transfers to do simultaneously. + +The default is 50. 300 is the largest supported value. diff --git a/deps/curl/docs/cmdline-opts/parallel.md b/deps/curl/docs/cmdline-opts/parallel.md new file mode 100644 index 00000000..fb9221bc --- /dev/null +++ b/deps/curl/docs/cmdline-opts/parallel.md @@ -0,0 +1,32 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Short: Z +Long: parallel +Help: Perform transfers in parallel +Added: 7.66.0 +Category: connection curl global +Multi: boolean +Scope: global +See-also: + - next + - verbose + - parallel-max + - parallel-immediate +Example: + - --parallel $URL -o file1 $URL -o file2 +--- + +# `--parallel` + +Makes curl perform all transfers in parallel as compared to the regular serial +manner. Parallel transfer means that curl runs up to N concurrent transfers +simultaneously and if there are more than N transfers to handle, it starts new +ones when earlier transfers finish. + +With parallel transfers, the progress meter output is different than when +doing serial transfers, as it then displays the transfer status for multiple +transfers in a single line. + +The maximum amount of concurrent transfers is set with --parallel-max and it +defaults to 50. diff --git a/deps/curl/docs/cmdline-opts/pass.md b/deps/curl/docs/cmdline-opts/pass.md new file mode 100644 index 00000000..98bc35b2 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/pass.md @@ -0,0 +1,20 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: pass +Arg: +Help: Passphrase for the private key +Protocols: SSH TLS +Category: ssh tls auth +Added: 7.9.3 +Multi: single +See-also: + - key + - user +Example: + - --pass secret --key file $URL +--- + +# `--pass` + +Passphrase for the private key. diff --git a/deps/curl/docs/cmdline-opts/path-as-is.md b/deps/curl/docs/cmdline-opts/path-as-is.md new file mode 100644 index 00000000..f3a60cff --- /dev/null +++ b/deps/curl/docs/cmdline-opts/path-as-is.md @@ -0,0 +1,19 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: path-as-is +Help: Do not squash .. sequences in URL path +Added: 7.42.0 +Category: curl +Multi: boolean +See-also: + - request-target +Example: + - --path-as-is https://example.com/../../etc/passwd +--- + +# `--path-as-is` + +Do not handle sequences of /../ or /./ in the given URL path. Normally curl +squashes or merges them according to standards but with this option set you +tell it not to do that. diff --git a/deps/curl/docs/cmdline-opts/pinnedpubkey.md b/deps/curl/docs/cmdline-opts/pinnedpubkey.md new file mode 100644 index 00000000..d21a18f6 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/pinnedpubkey.md @@ -0,0 +1,45 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: pinnedpubkey +Arg: +Help: Public key to verify peer against +Protocols: TLS +Category: tls +Added: 7.39.0 +Multi: single +See-also: + - hostpubsha256 +Example: + - --pinnedpubkey keyfile $URL + - --pinnedpubkey 'sha256//ce118b51897f4452dc' $URL +--- + +# `--pinnedpubkey` + +Use the specified public key file (or hashes) to verify the peer. This can be +a path to a file which contains a single public key in PEM or DER format, or +any number of base64 encoded sha256 hashes preceded by 'sha256//' and +separated by ';'. + +When negotiating a TLS or SSL connection, the server sends a certificate +indicating its identity. A public key is extracted from this certificate and +if it does not exactly match the public key provided to this option, curl +aborts the connection before sending or receiving any data. + +This option is independent of option --insecure. If you use both options +together then the peer is still verified by public key. + +PEM/DER support: + +OpenSSL and GnuTLS (added in 7.39.0), wolfSSL (added in 7.43.0), mbedTLS +(added in 7.47.0), Secure Transport macOS 10.7+/iOS 10+ (added in 7.54.1), +Schannel (added in 7.58.1) + +sha256 support: + +OpenSSL, GnuTLS and wolfSSL (added in 7.44.0), mbedTLS (added in 7.47.0), +Secure Transport macOS 10.7+/iOS 10+ (added in 7.54.1), Schannel +(added in 7.58.1) + +Other SSL backends not supported. diff --git a/deps/curl/docs/cmdline-opts/post301.md b/deps/curl/docs/cmdline-opts/post301.md new file mode 100644 index 00000000..d9506f7d --- /dev/null +++ b/deps/curl/docs/cmdline-opts/post301.md @@ -0,0 +1,24 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: post301 +Help: Do not switch to GET after a 301 redirect +Protocols: HTTP +Added: 7.17.1 +Category: http post +Multi: boolean +See-also: + - post302 + - post303 + - location +Example: + - --post301 --location -d "data" $URL +--- + +# `--post301` + +Respect RFC 7231/6.4.2 and do not convert POST requests into GET requests when +following a 301 redirect. The non-RFC behavior is ubiquitous in web browsers, +so curl does the conversion by default to maintain consistency. However, a +server may require a POST to remain a POST after such a redirection. This +option is meaningful only when using --location. diff --git a/deps/curl/docs/cmdline-opts/post302.md b/deps/curl/docs/cmdline-opts/post302.md new file mode 100644 index 00000000..9b2c2f65 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/post302.md @@ -0,0 +1,24 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: post302 +Help: Do not switch to GET after a 302 redirect +Protocols: HTTP +Added: 7.19.1 +Category: http post +Multi: boolean +See-also: + - post301 + - post303 + - location +Example: + - --post302 --location -d "data" $URL +--- + +# `--post302` + +Respect RFC 7231/6.4.3 and do not convert POST requests into GET requests when +following a 302 redirect. The non-RFC behavior is ubiquitous in web browsers, +so curl does the conversion by default to maintain consistency. However, a +server may require a POST to remain a POST after such a redirection. This +option is meaningful only when using --location. diff --git a/deps/curl/docs/cmdline-opts/post303.md b/deps/curl/docs/cmdline-opts/post303.md new file mode 100644 index 00000000..63dc0d79 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/post303.md @@ -0,0 +1,22 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: post303 +Help: Do not switch to GET after a 303 redirect +Protocols: HTTP +Added: 7.26.0 +Category: http post +Multi: boolean +See-also: + - post302 + - post301 + - location +Example: + - --post303 --location -d "data" $URL +--- + +# `--post303` + +Violate RFC 7231/6.4.4 and do not convert POST requests into GET requests when +following 303 redirect. A server may require a POST to remain a POST after a +303 redirection. This option is meaningful only when using --location. diff --git a/deps/curl/docs/cmdline-opts/preproxy.md b/deps/curl/docs/cmdline-opts/preproxy.md new file mode 100644 index 00000000..dabccfc5 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/preproxy.md @@ -0,0 +1,33 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: preproxy +Arg: [protocol://]host[:port] +Help: Use this proxy first +Added: 7.52.0 +Category: proxy +Multi: single +See-also: + - proxy + - socks5 +Example: + - --preproxy socks5://proxy.example -x http://http.example $URL +--- + +# `--preproxy` + +Use the specified SOCKS proxy before connecting to an HTTP or HTTPS --proxy. In +such a case curl first connects to the SOCKS proxy and then connects (through +SOCKS) to the HTTP or HTTPS proxy. Hence pre proxy. + +The pre proxy string should be specified with a protocol:// prefix to specify +alternative proxy protocols. Use socks4://, socks4a://, socks5:// or +socks5h:// to request the specific SOCKS version to be used. No protocol +specified makes curl default to SOCKS4. + +If the port number is not specified in the proxy string, it is assumed to be +1080. + +User and password that might be provided in the proxy string are URL decoded +by curl. This allows you to pass in special characters such as @ by using %40 +or pass in a colon with %3a. diff --git a/deps/curl/docs/cmdline-opts/progress-bar.md b/deps/curl/docs/cmdline-opts/progress-bar.md new file mode 100644 index 00000000..6f08d7f7 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/progress-bar.md @@ -0,0 +1,26 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Short: # +Long: progress-bar +Help: Display transfer progress as a bar +Category: verbose global +Added: 5.10 +Multi: boolean +Scope: global +See-also: + - styled-output +Example: + - -# -O $URL +--- + +# `--progress-bar` + +Make curl display transfer progress as a simple progress bar instead of the +standard, more informational, meter. + +This progress bar draws a single line of '#' characters across the screen and +shows a percentage if the transfer size is known. For transfers without a +known size, there is a space ship (-=o=-) that moves back and forth but only +while data is being transferred, with a set of flying hash sign symbols on +top. diff --git a/deps/curl/docs/cmdline-opts/proto-default.md b/deps/curl/docs/cmdline-opts/proto-default.md new file mode 100644 index 00000000..209e5cdc --- /dev/null +++ b/deps/curl/docs/cmdline-opts/proto-default.md @@ -0,0 +1,26 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: proto-default +Help: Use PROTOCOL for any URL missing a scheme +Arg: +Added: 7.45.0 +Category: connection curl +Multi: single +See-also: + - proto + - proto-redir +Example: + - --proto-default https ftp.example.com +--- + +# `--proto-default` + +Use *protocol* for any provided URL missing a scheme. + +An unknown or unsupported protocol causes error *CURLE_UNSUPPORTED_PROTOCOL*. + +This option does not change the default proxy protocol (http). + +Without this option set, curl guesses protocol based on the hostname, see +--url for details. diff --git a/deps/curl/docs/cmdline-opts/proto-redir.md b/deps/curl/docs/cmdline-opts/proto-redir.md new file mode 100644 index 00000000..9332f3f0 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/proto-redir.md @@ -0,0 +1,27 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: proto-redir +Arg: +Help: Enable/disable PROTOCOLS on redirect +Added: 7.20.2 +Category: connection curl +Multi: single +See-also: + - proto +Example: + - --proto-redir =http,https $URL +--- + +# `--proto-redir` + +Limit what protocols to allow on redirects. Protocols denied by --proto are +not overridden by this option. See --proto for how protocols are represented. + +Example, allow only HTTP and HTTPS on redirect: + + curl --proto-redir -all,http,https http://example.com + +By default curl only allows HTTP, HTTPS, FTP and FTPS on redirects +(added in 7.65.2). Specifying *all* or *+all* enables all protocols on +redirects, which is not good for security. diff --git a/deps/curl/docs/cmdline-opts/proto.md b/deps/curl/docs/cmdline-opts/proto.md new file mode 100644 index 00000000..704c6493 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/proto.md @@ -0,0 +1,48 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: proto +Arg: +Help: Enable/disable PROTOCOLS +Added: 7.20.2 +Category: connection curl +Multi: single +See-also: + - proto-redir + - proto-default +Example: + - --proto =http,https,sftp $URL +--- + +# `--proto` + +Limit what protocols to allow for transfers. Protocols are evaluated left to +right, are comma separated, and are each a protocol name or 'all', optionally +prefixed by zero or more modifiers. Available modifiers are: + +## + +Permit this protocol in addition to protocols already permitted (this is +the default if no modifier is used). + +## - +Deny this protocol, removing it from the list of protocols already permitted. + +## = +Permit only this protocol (ignoring the list already permitted), though +subject to later modification by subsequent entries in the comma separated +list. + +## + +For example: --proto -ftps uses the default protocols, but disables ftps + +--proto -all,https,+http only enables http and https + +--proto =http,https also only enables http and https + +Unknown and disabled protocols produce a warning. This allows scripts to +safely rely on being able to disable potentially dangerous protocols, without +relying upon support for that protocol being built into curl to avoid an error. + +This option can be used multiple times, in which case the effect is the same +as concatenating the protocols into one instance of the option. diff --git a/deps/curl/docs/cmdline-opts/proxy-anyauth.md b/deps/curl/docs/cmdline-opts/proxy-anyauth.md new file mode 100644 index 00000000..78e67ee7 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/proxy-anyauth.md @@ -0,0 +1,20 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: proxy-anyauth +Help: Pick any proxy authentication method +Added: 7.13.2 +Category: proxy auth +Multi: mutex +See-also: + - proxy + - proxy-basic + - proxy-digest +Example: + - --proxy-anyauth --proxy-user user:passwd -x proxy $URL +--- + +# `--proxy-anyauth` + +Automatically pick a suitable authentication method when communicating with +the given HTTP proxy. This might cause an extra request/response round-trip. diff --git a/deps/curl/docs/cmdline-opts/proxy-basic.md b/deps/curl/docs/cmdline-opts/proxy-basic.md new file mode 100644 index 00000000..2fae3d5b --- /dev/null +++ b/deps/curl/docs/cmdline-opts/proxy-basic.md @@ -0,0 +1,21 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: proxy-basic +Help: Use Basic authentication on the proxy +Category: proxy auth +Added: 7.12.0 +Multi: mutex +See-also: + - proxy + - proxy-anyauth + - proxy-digest +Example: + - --proxy-basic --proxy-user user:passwd -x proxy $URL +--- + +# `--proxy-basic` + +Use HTTP Basic authentication when communicating with the given proxy. Use +--basic for enabling HTTP Basic with a remote host. Basic is the default +authentication method curl uses with proxies. diff --git a/deps/curl/docs/cmdline-opts/proxy-ca-native.md b/deps/curl/docs/cmdline-opts/proxy-ca-native.md new file mode 100644 index 00000000..0252e993 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/proxy-ca-native.md @@ -0,0 +1,30 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: proxy-ca-native +Help: Load CA certs from the OS to verify proxy +Protocols: TLS +Category: tls +Added: 8.2.0 +Multi: boolean +See-also: + - ca-native + - cacert + - capath + - dump-ca-embed + - insecure +Example: + - --proxy-ca-native $URL +--- + +# `--proxy-ca-native` + +Use the operating system's native CA store for certificate verification of the +HTTPS proxy. + +This option is independent of other HTTPS proxy CA certificate locations set at +run time or build time. Those locations are searched in addition to the native +CA store. + +Equivalent to --ca-native but used in HTTPS proxy context. Refer to --ca-native +for TLS backend limitations. diff --git a/deps/curl/docs/cmdline-opts/proxy-cacert.md b/deps/curl/docs/cmdline-opts/proxy-cacert.md new file mode 100644 index 00000000..682349a7 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/proxy-cacert.md @@ -0,0 +1,28 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: proxy-cacert +Help: CA certificates to verify proxy against +Arg: +Added: 7.52.0 +Category: proxy tls +Multi: single +See-also: + - proxy-capath + - cacert + - capath + - dump-ca-embed + - proxy +Example: + - --proxy-cacert CA-file.txt -x https://proxy $URL +--- + +# `--proxy-cacert` + +Use the specified certificate file to verify the HTTPS proxy. The file may +contain multiple CA certificates. The certificate(s) must be in PEM format. + +This allows you to use a different trust for the proxy compared to the remote +server connected to via the proxy. + +Equivalent to --cacert but used in HTTPS proxy context. diff --git a/deps/curl/docs/cmdline-opts/proxy-capath.md b/deps/curl/docs/cmdline-opts/proxy-capath.md new file mode 100644 index 00000000..3a3aabf1 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/proxy-capath.md @@ -0,0 +1,31 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: proxy-capath +Help: CA directory to verify proxy against +Arg: +Added: 7.52.0 +Category: proxy tls +Multi: single +See-also: + - proxy-cacert + - proxy + - capath + - dump-ca-embed +Example: + - --proxy-capath /local/directory -x https://proxy $URL +--- + +# `--proxy-capath` + +Same as --capath but used in HTTPS proxy context. + +Use the specified certificate directory to verify the proxy. Multiple paths +can be provided by separated with colon (`:`) (e.g. `path1:path2:path3`). The +certificates must be in PEM format, and if curl is built against OpenSSL, the +directory must have been processed using the c_rehash utility supplied with +OpenSSL. Using --proxy-capath can allow OpenSSL-powered curl to make +SSL-connections much more efficiently than using --proxy-cacert if the +--proxy-cacert file contains many CA certificates. + +If this option is set, the default capath value is ignored. diff --git a/deps/curl/docs/cmdline-opts/proxy-cert-type.md b/deps/curl/docs/cmdline-opts/proxy-cert-type.md new file mode 100644 index 00000000..927ec29b --- /dev/null +++ b/deps/curl/docs/cmdline-opts/proxy-cert-type.md @@ -0,0 +1,26 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: proxy-cert-type +Arg: +Added: 7.52.0 +Help: Client certificate type for HTTPS proxy +Category: proxy tls +Multi: single +See-also: + - proxy-cert + - proxy-key +Example: + - --proxy-cert-type PEM --proxy-cert file -x https://proxy $URL +--- + +# `--proxy-cert-type` + +Set type of the provided client certificate when using HTTPS proxy. PEM, DER, +ENG, PROV and P12 are recognized types. + +The default type depends on the TLS backend and is usually PEM, however for +Secure Transport and Schannel it is P12. If --proxy-cert is a pkcs11: URI then +ENG or PROV is the default type (depending on OpenSSL version). + +Equivalent to --cert-type but used in HTTPS proxy context. diff --git a/deps/curl/docs/cmdline-opts/proxy-cert.md b/deps/curl/docs/cmdline-opts/proxy-cert.md new file mode 100644 index 00000000..a588329d --- /dev/null +++ b/deps/curl/docs/cmdline-opts/proxy-cert.md @@ -0,0 +1,26 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: proxy-cert +Arg: +Help: Set client certificate for proxy +Added: 7.52.0 +Category: proxy tls +Multi: single +See-also: + - proxy + - proxy-key + - proxy-cert-type +Example: + - --proxy-cert file -x https://proxy $URL +--- + +# `--proxy-cert` + +Use the specified client certificate file when communicating with an HTTPS +proxy. The certificate must be in PKCS#12 format if using Secure Transport, or +PEM format if using any other engine. If the optional password is not +specified, it is queried for on the terminal. Use --proxy-key to provide the +private key. + +This option is the equivalent to --cert but used in HTTPS proxy context. diff --git a/deps/curl/docs/cmdline-opts/proxy-ciphers.md b/deps/curl/docs/cmdline-opts/proxy-ciphers.md new file mode 100644 index 00000000..420e7563 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/proxy-ciphers.md @@ -0,0 +1,27 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: proxy-ciphers +Arg: +Help: TLS 1.2 (1.1, 1.0) ciphers to use for proxy +Protocols: TLS +Added: 7.52.0 +Category: proxy tls +Multi: single +See-also: + - proxy-tls13-ciphers + - ciphers + - proxy +Example: + - --proxy-ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256 -x https://proxy $URL +--- + +# `--proxy-ciphers` + +Same as --ciphers but used in HTTPS proxy context. + +Specify which cipher suites to use in the connection to your HTTPS proxy when +it negotiates TLS 1.2 (1.1, 1.0). The list of ciphers suites must specify +valid ciphers. Read up on cipher suite details on this URL: + +https://curl.se/docs/ssl-ciphers.html diff --git a/deps/curl/docs/cmdline-opts/proxy-crlfile.md b/deps/curl/docs/cmdline-opts/proxy-crlfile.md new file mode 100644 index 00000000..726e4495 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/proxy-crlfile.md @@ -0,0 +1,23 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: proxy-crlfile +Arg: +Help: Set a CRL list for proxy +Added: 7.52.0 +Category: proxy tls +Multi: single +See-also: + - crlfile + - proxy +Example: + - --proxy-crlfile rejects.txt -x https://proxy $URL +--- + +# `--proxy-crlfile` + +Provide filename for a PEM formatted file with a Certificate Revocation List +that specifies peer certificates that are considered revoked when +communicating with an HTTPS proxy. + +Equivalent to --crlfile but only used in HTTPS proxy context. diff --git a/deps/curl/docs/cmdline-opts/proxy-digest.md b/deps/curl/docs/cmdline-opts/proxy-digest.md new file mode 100644 index 00000000..77b88d7e --- /dev/null +++ b/deps/curl/docs/cmdline-opts/proxy-digest.md @@ -0,0 +1,20 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: proxy-digest +Help: Digest auth with the proxy +Category: proxy tls +Added: 7.12.0 +Multi: mutex +See-also: + - proxy + - proxy-anyauth + - proxy-basic +Example: + - --proxy-digest --proxy-user user:passwd -x proxy $URL +--- + +# `--proxy-digest` + +Use HTTP Digest authentication when communicating with the given proxy. Use +--digest for enabling HTTP Digest with a remote host. diff --git a/deps/curl/docs/cmdline-opts/proxy-header.md b/deps/curl/docs/cmdline-opts/proxy-header.md new file mode 100644 index 00000000..0361fdff --- /dev/null +++ b/deps/curl/docs/cmdline-opts/proxy-header.md @@ -0,0 +1,38 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: proxy-header +Arg:
+Help: Pass custom header(s) to proxy +Protocols: HTTP +Added: 7.37.0 +Category: proxy +Multi: append +See-also: + - proxy +Example: + - --proxy-header "X-First-Name: Joe" -x http://proxy $URL + - --proxy-header "User-Agent: surprise" -x http://proxy $URL + - --proxy-header "Host:" -x http://proxy $URL +--- + +# `--proxy-header` + +Extra header to include in the request when sending HTTP to a proxy. You may +specify any number of extra headers. This is the equivalent option to --header +but is for proxy communication only like in CONNECT requests when you want a +separate header sent to the proxy to what is sent to the actual remote host. + +curl makes sure that each header you add/replace is sent with the proper +end-of-line marker, you should thus **not** add that as a part of the header +content: do not add newlines or carriage returns, they only mess things up for +you. + +Headers specified with this option are not included in requests that curl +knows are not be sent to a proxy. + +This option can take an argument in @filename style, which then adds a header +for each line in the input file (added in 7.55.0). Using @- makes curl read +the headers from stdin. + +This option can be used multiple times to add/replace/remove multiple headers. diff --git a/deps/curl/docs/cmdline-opts/proxy-http2.md b/deps/curl/docs/cmdline-opts/proxy-http2.md new file mode 100644 index 00000000..ca6a091f --- /dev/null +++ b/deps/curl/docs/cmdline-opts/proxy-http2.md @@ -0,0 +1,24 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: proxy-http2 +Tags: Versions HTTP/2 +Protocols: HTTP +Added: 8.1.0 +Mutexed: +Requires: HTTP/2 +Help: Use HTTP/2 with HTTPS proxy +Category: http proxy +Multi: boolean +See-also: + - proxy +Example: + - --proxy-http2 -x proxy $URL +--- + +# `--proxy-http2` + +Negotiate HTTP/2 with an HTTPS proxy. The proxy might still only offer HTTP/1 +and then curl sticks to using that version. + +This has no effect for any other kinds of proxies. diff --git a/deps/curl/docs/cmdline-opts/proxy-insecure.md b/deps/curl/docs/cmdline-opts/proxy-insecure.md new file mode 100644 index 00000000..5796c362 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/proxy-insecure.md @@ -0,0 +1,30 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: proxy-insecure +Help: Skip HTTPS proxy cert verification +Added: 7.52.0 +Category: proxy tls +Multi: boolean +See-also: + - proxy + - insecure +Example: + - --proxy-insecure -x https://proxy $URL +--- + +# `--proxy-insecure` + +Same as --insecure but used in HTTPS proxy context. + +Every secure connection curl makes is verified to be secure before the +transfer takes place. This option makes curl skip the verification step with a +proxy and proceed without checking. + +When this option is not used for a proxy using HTTPS, curl verifies the +proxy's TLS certificate before it continues: that the certificate contains the +right name which matches the hostname and that the certificate has been signed +by a CA certificate present in the cert store. See this online resource for +further details: **https://curl.se/docs/sslcerts.html** + +**WARNING**: using this option makes the transfer to the proxy insecure. diff --git a/deps/curl/docs/cmdline-opts/proxy-key-type.md b/deps/curl/docs/cmdline-opts/proxy-key-type.md new file mode 100644 index 00000000..587c13c5 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/proxy-key-type.md @@ -0,0 +1,22 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: proxy-key-type +Arg: +Help: Private key file type for proxy +Added: 7.52.0 +Category: proxy tls +Multi: single +See-also: + - proxy-key + - proxy +Example: + - --proxy-key-type DER --proxy-key here -x https://proxy $URL +--- + +# `--proxy-key-type` + +Specify the private key file type your --proxy-key provided private key uses. +DER, PEM, and ENG are supported. If not specified, PEM is assumed. + +Equivalent to --key-type but used in HTTPS proxy context. diff --git a/deps/curl/docs/cmdline-opts/proxy-key.md b/deps/curl/docs/cmdline-opts/proxy-key.md new file mode 100644 index 00000000..7caa636e --- /dev/null +++ b/deps/curl/docs/cmdline-opts/proxy-key.md @@ -0,0 +1,21 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: proxy-key +Help: Private key for HTTPS proxy +Arg: +Category: proxy tls +Added: 7.52.0 +Multi: single +See-also: + - proxy-key-type + - proxy +Example: + - --proxy-key here -x https://proxy $URL +--- + +# `--proxy-key` + +Specify the filename for your private key when using client certificates with +your HTTPS proxy. This option is the equivalent to --key but used in HTTPS +proxy context. diff --git a/deps/curl/docs/cmdline-opts/proxy-negotiate.md b/deps/curl/docs/cmdline-opts/proxy-negotiate.md new file mode 100644 index 00000000..0285155c --- /dev/null +++ b/deps/curl/docs/cmdline-opts/proxy-negotiate.md @@ -0,0 +1,21 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: proxy-negotiate +Help: HTTP Negotiate (SPNEGO) auth with the proxy +Added: 7.17.1 +Category: proxy auth +Multi: mutex +See-also: + - proxy-anyauth + - proxy-basic + - proxy-service-name +Example: + - --proxy-negotiate --proxy-user user:passwd -x proxy $URL +--- + +# `--proxy-negotiate` + +Use HTTP Negotiate (SPNEGO) authentication when communicating with the given +proxy. Use --negotiate for enabling HTTP Negotiate (SPNEGO) with a remote +host. diff --git a/deps/curl/docs/cmdline-opts/proxy-ntlm.md b/deps/curl/docs/cmdline-opts/proxy-ntlm.md new file mode 100644 index 00000000..e403f98e --- /dev/null +++ b/deps/curl/docs/cmdline-opts/proxy-ntlm.md @@ -0,0 +1,20 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: proxy-ntlm +Help: NTLM authentication with the proxy +Category: proxy auth +Added: 7.10.7 +Multi: mutex +See-also: + - proxy-negotiate + - proxy-anyauth + - proxy-user +Example: + - --proxy-ntlm --proxy-user user:passwd -x http://proxy $URL +--- + +# `--proxy-ntlm` + +Use HTTP NTLM authentication when communicating with the given proxy. Use +--ntlm for enabling NTLM with a remote host. diff --git a/deps/curl/docs/cmdline-opts/proxy-pass.md b/deps/curl/docs/cmdline-opts/proxy-pass.md new file mode 100644 index 00000000..88cefd54 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/proxy-pass.md @@ -0,0 +1,21 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: proxy-pass +Arg: +Help: Passphrase for private key for HTTPS proxy +Added: 7.52.0 +Category: proxy tls auth +Multi: single +See-also: + - proxy + - proxy-key +Example: + - --proxy-pass secret --proxy-key here -x https://proxy $URL +--- + +# `--proxy-pass` + +Passphrase for the private key for HTTPS proxy client certificate. + +Equivalent to --pass but used in HTTPS proxy context. diff --git a/deps/curl/docs/cmdline-opts/proxy-pinnedpubkey.md b/deps/curl/docs/cmdline-opts/proxy-pinnedpubkey.md new file mode 100644 index 00000000..df0b0bb9 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/proxy-pinnedpubkey.md @@ -0,0 +1,31 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: proxy-pinnedpubkey +Arg: +Help: FILE/HASHES public key to verify proxy with +Protocols: TLS +Category: proxy tls +Added: 7.59.0 +Multi: single +See-also: + - pinnedpubkey + - proxy +Example: + - --proxy-pinnedpubkey keyfile $URL + - --proxy-pinnedpubkey 'sha256//ce118b51897f4452dc' $URL +--- + +# `--proxy-pinnedpubkey` + +Use the specified public key file (or hashes) to verify the proxy. This can be +a path to a file which contains a single public key in PEM or DER format, or +any number of base64 encoded sha256 hashes preceded by 'sha256//' and +separated by ';'. + +When negotiating a TLS or SSL connection, the server sends a certificate +indicating its identity. A public key is extracted from this certificate and +if it does not exactly match the public key provided to this option, curl +aborts the connection before sending or receiving any data. + +Before curl 8.10.0 this option did not work due to a bug. diff --git a/deps/curl/docs/cmdline-opts/proxy-service-name.md b/deps/curl/docs/cmdline-opts/proxy-service-name.md new file mode 100644 index 00000000..b3d665d8 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/proxy-service-name.md @@ -0,0 +1,20 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: proxy-service-name +Arg: +Help: SPNEGO proxy service name +Added: 7.43.0 +Category: proxy tls +Multi: single +See-also: + - service-name + - proxy + - proxy-negotiate +Example: + - --proxy-service-name "shrubbery" -x proxy $URL +--- + +# `--proxy-service-name` + +Set the service name for SPNEGO when doing proxy authentication. diff --git a/deps/curl/docs/cmdline-opts/proxy-ssl-allow-beast.md b/deps/curl/docs/cmdline-opts/proxy-ssl-allow-beast.md new file mode 100644 index 00000000..089038de --- /dev/null +++ b/deps/curl/docs/cmdline-opts/proxy-ssl-allow-beast.md @@ -0,0 +1,29 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: proxy-ssl-allow-beast +Help: Allow this security flaw for HTTPS proxy +Added: 7.52.0 +Category: proxy tls +Multi: boolean +See-also: + - ssl-allow-beast + - proxy +Example: + - --proxy-ssl-allow-beast -x https://proxy $URL +--- + +# `--proxy-ssl-allow-beast` + +Do not work around a security flaw in the TLS1.0 protocol known as BEAST when +communicating to an HTTPS proxy. If this option is not used, the TLS layer may +use workarounds known to cause interoperability problems with some older +server implementations. + +This option only changes how curl does TLS 1.0 with an HTTPS proxy and has no +effect on later TLS versions. + +**WARNING**: this option loosens the TLS security, and by using this flag you +ask for exactly that. + +Equivalent to --ssl-allow-beast but used in HTTPS proxy context. diff --git a/deps/curl/docs/cmdline-opts/proxy-ssl-auto-client-cert.md b/deps/curl/docs/cmdline-opts/proxy-ssl-auto-client-cert.md new file mode 100644 index 00000000..578a7a64 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/proxy-ssl-auto-client-cert.md @@ -0,0 +1,20 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: proxy-ssl-auto-client-cert +Help: Auto client certificate for proxy +Added: 7.77.0 +Category: proxy tls +Multi: boolean +See-also: + - ssl-auto-client-cert + - proxy +Example: + - --proxy-ssl-auto-client-cert -x https://proxy $URL +--- + +# `--proxy-ssl-auto-client-cert` + +Same as --ssl-auto-client-cert but used in HTTPS proxy context. + +This is only supported by Schannel. diff --git a/deps/curl/docs/cmdline-opts/proxy-tls13-ciphers.md b/deps/curl/docs/cmdline-opts/proxy-tls13-ciphers.md new file mode 100644 index 00000000..72bae4e7 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/proxy-tls13-ciphers.md @@ -0,0 +1,33 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: proxy-tls13-ciphers +Arg: +help: TLS 1.3 proxy cipher suites +Protocols: TLS +Category: proxy tls +Added: 7.61.0 +Multi: single +See-also: + - proxy-ciphers + - tls13-ciphers + - proxy +Example: + - --proxy-tls13-ciphers TLS_AES_128_GCM_SHA256 -x proxy $URL +--- + +# `--proxy-tls13-ciphers` + +Same as --tls13-ciphers but used in HTTPS proxy context. + +Specify which cipher suites to use in the connection to your HTTPS proxy when +it negotiates TLS 1.3. The list of ciphers suites must specify valid ciphers. +Read up on TLS 1.3 cipher suite details on this URL: + +https://curl.se/docs/ssl-ciphers.html + +This option is used when curl is built to use OpenSSL 1.1.1 or later, +Schannel, wolfSSL, or mbedTLS 3.6.0 or later. + +Before curl 8.10.0 with mbedTLS or wolfSSL, TLS 1.3 cipher suites were set +by using the --proxy-ciphers option. diff --git a/deps/curl/docs/cmdline-opts/proxy-tlsauthtype.md b/deps/curl/docs/cmdline-opts/proxy-tlsauthtype.md new file mode 100644 index 00000000..684a7d55 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/proxy-tlsauthtype.md @@ -0,0 +1,24 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: proxy-tlsauthtype +Arg: +Help: TLS authentication type for HTTPS proxy +Added: 7.52.0 +Category: proxy tls auth +Multi: single +See-also: + - proxy + - proxy-tlsuser + - proxy-tlspassword +Example: + - --proxy-tlsauthtype SRP -x https://proxy $URL +--- + +# `--proxy-tlsauthtype` + +Set TLS authentication type with HTTPS proxy. The only supported option is +`SRP`, for TLS-SRP (RFC 5054). This option works only if the underlying +libcurl is built with TLS-SRP support. + +Equivalent to --tlsauthtype but used in HTTPS proxy context. diff --git a/deps/curl/docs/cmdline-opts/proxy-tlspassword.md b/deps/curl/docs/cmdline-opts/proxy-tlspassword.md new file mode 100644 index 00000000..fe9ae7d2 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/proxy-tlspassword.md @@ -0,0 +1,25 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: proxy-tlspassword +Arg: +Help: TLS password for HTTPS proxy +Added: 7.52.0 +Category: proxy tls auth +Multi: single +See-also: + - proxy + - proxy-tlsuser +Example: + - --proxy-tlspassword passwd -x https://proxy $URL +--- + +# `--proxy-tlspassword` + +Set password to use with the TLS authentication method specified with +--proxy-tlsauthtype when using HTTPS proxy. Requires that --proxy-tlsuser is +set. + +This option does not work with TLS 1.3. + +Equivalent to --tlspassword but used in HTTPS proxy context. diff --git a/deps/curl/docs/cmdline-opts/proxy-tlsuser.md b/deps/curl/docs/cmdline-opts/proxy-tlsuser.md new file mode 100644 index 00000000..35177011 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/proxy-tlsuser.md @@ -0,0 +1,23 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: proxy-tlsuser +Arg: +Help: TLS username for HTTPS proxy +Added: 7.52.0 +Category: proxy tls auth +Multi: single +See-also: + - proxy + - proxy-tlspassword +Example: + - --proxy-tlsuser smith -x https://proxy $URL +--- + +# `--proxy-tlsuser` + +Set username for use for HTTPS proxy with the TLS authentication method +specified with --proxy-tlsauthtype. Requires that --proxy-tlspassword also is +set. + +This option does not work with TLS 1.3. diff --git a/deps/curl/docs/cmdline-opts/proxy-tlsv1.md b/deps/curl/docs/cmdline-opts/proxy-tlsv1.md new file mode 100644 index 00000000..7b322e3a --- /dev/null +++ b/deps/curl/docs/cmdline-opts/proxy-tlsv1.md @@ -0,0 +1,20 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: proxy-tlsv1 +Help: TLSv1 for HTTPS proxy +Added: 7.52.0 +Category: proxy tls auth +Multi: mutex +See-also: + - proxy +Example: + - --proxy-tlsv1 -x https://proxy $URL +--- + +# `--proxy-tlsv1` + +Use at least TLS version 1.x when negotiating with an HTTPS proxy. That means +TLS version 1.0 or higher + +Equivalent to --tlsv1 but for an HTTPS proxy context. diff --git a/deps/curl/docs/cmdline-opts/proxy-user.md b/deps/curl/docs/cmdline-opts/proxy-user.md new file mode 100644 index 00000000..8ba19322 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/proxy-user.md @@ -0,0 +1,29 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: proxy-user +Short: U +Arg: +Help: Proxy user and password +Category: proxy auth +Added: 4.0 +Multi: single +See-also: + - proxy-pass +Example: + - --proxy-user smith:secret -x proxy $URL +--- + +# `--proxy-user` + +Specify the username and password to use for proxy authentication. + +If you use a Windows SSPI-enabled curl binary and do either Negotiate or NTLM +authentication then you can tell curl to select the username and password from +your environment by specifying a single colon with this option: "-U :". + +On systems where it works, curl hides the given option argument from process +listings. This is not enough to protect credentials from possibly getting seen +by other users on the same system as they still are visible for a moment +before cleared. Such sensitive data should be retrieved from a file instead or +similar and never used in clear text in a command line. diff --git a/deps/curl/docs/cmdline-opts/proxy.md b/deps/curl/docs/cmdline-opts/proxy.md new file mode 100644 index 00000000..596308fe --- /dev/null +++ b/deps/curl/docs/cmdline-opts/proxy.md @@ -0,0 +1,62 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: proxy +Short: x +Arg: [protocol://]host[:port] +Help: Use this proxy +Category: proxy +Added: 4.0 +Multi: single +See-also: + - socks5 + - proxy-basic +Example: + - --proxy http://proxy.example $URL +--- + +# `--proxy` + +Use the specified proxy. + +The proxy string can be specified with a protocol:// prefix. No protocol +specified or http:// it is treated as an HTTP proxy. Use socks4://, +socks4a://, socks5:// or socks5h:// to request a specific SOCKS version to be +used. (Added in 7.21.7) + +Unix domain sockets are supported for socks proxy. Set localhost for the host +part. e.g. socks5h://localhost/path/to/socket.sock + +HTTPS proxy support works set with the https:// protocol prefix for OpenSSL +and GnuTLS (added in 7.52.0). It also works for BearSSL, mbedTLS, Rustls, +Schannel, Secure Transport and wolfSSL (added in 7.87.0). + +Unrecognized and unsupported proxy protocols cause an error (added in 7.52.0). +Ancient curl versions ignored unknown schemes and used http:// instead. + +If the port number is not specified in the proxy string, it is assumed to be +1080. + +This option overrides existing environment variables that set the proxy to +use. If there is an environment variable setting a proxy, you can set proxy to +"" to override it. + +All operations that are performed over an HTTP proxy are transparently +converted to HTTP. It means that certain protocol specific operations might +not be available. This is not the case if you can tunnel through the proxy, as +one with the --proxytunnel option. + +User and password that might be provided in the proxy string are URL decoded +by curl. This allows you to pass in special characters such as @ by using %40 +or pass in a colon with %3a. + +The proxy host can be specified the same way as the proxy environment +variables, including the protocol prefix (http://) and the embedded user + +password. + +When a proxy is used, the active FTP mode as set with --ftp-port, cannot be +used. + +Doing FTP over an HTTP proxy without --proxytunnel makes curl do HTTP with an +FTP URL over the proxy. For such transfers, common FTP specific options do not +work, including --ssl-reqd and --ftp-ssl-control. diff --git a/deps/curl/docs/cmdline-opts/proxy1.0.md b/deps/curl/docs/cmdline-opts/proxy1.0.md new file mode 100644 index 00000000..4d3203a0 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/proxy1.0.md @@ -0,0 +1,25 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: proxy1.0 +Arg: +Help: Use HTTP/1.0 proxy on given port +Category: proxy +Added: 7.19.4 +Multi: mutex +See-also: + - proxy + - socks5 + - preproxy +Example: + - --proxy1.0 http://proxy $URL +--- + +# `--proxy1.0` + +Use the specified HTTP 1.0 proxy. If the port number is not specified, it is +assumed at port 1080. + +The only difference between this and the HTTP proxy option --proxy, is that +attempts to use CONNECT through the proxy specifies an HTTP 1.0 protocol +instead of the default HTTP 1.1. diff --git a/deps/curl/docs/cmdline-opts/proxytunnel.md b/deps/curl/docs/cmdline-opts/proxytunnel.md new file mode 100644 index 00000000..169d2ad8 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/proxytunnel.md @@ -0,0 +1,24 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: proxytunnel +Short: p +Help: HTTP proxy tunnel (using CONNECT) +Category: proxy +Added: 7.3 +Multi: boolean +See-also: + - proxy +Example: + - --proxytunnel -x http://proxy $URL +--- + +# `--proxytunnel` + +When an HTTP proxy is used --proxy, this option makes curl tunnel the traffic +through the proxy. The tunnel approach is made with the HTTP proxy CONNECT +request and requires that the proxy allows direct connect to the remote port +number curl wants to tunnel through to. + +To suppress proxy CONNECT response headers when curl is set to output headers +use --suppress-connect-headers. diff --git a/deps/curl/docs/cmdline-opts/pubkey.md b/deps/curl/docs/cmdline-opts/pubkey.md new file mode 100644 index 00000000..373d113c --- /dev/null +++ b/deps/curl/docs/cmdline-opts/pubkey.md @@ -0,0 +1,25 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: pubkey +Arg: +Protocols: SFTP SCP +Help: SSH Public key filename +Category: sftp scp ssh auth +Added: 7.16.2 +Multi: single +See-also: + - pass +Example: + - --pubkey file.pub sftp://example.com/ +--- + +# `--pubkey` + +Public key filename. Allows you to provide your public key in this separate +file. + +curl attempts to automatically extract the public key from the private key +file, so passing this option is generally not required. Note that this public +key extraction requires libcurl to be linked against a copy of libssh2 1.2.8 +or higher that is itself linked against OpenSSL. (Added in 7.39.0.) diff --git a/deps/curl/docs/cmdline-opts/quote.md b/deps/curl/docs/cmdline-opts/quote.md new file mode 100644 index 00000000..4972c96f --- /dev/null +++ b/deps/curl/docs/cmdline-opts/quote.md @@ -0,0 +1,90 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: quote +Arg: +Short: Q +Help: Send command(s) to server before transfer +Protocols: FTP SFTP +Category: ftp sftp +Added: 5.3 +Multi: append +See-also: + - request +Example: + - --quote "DELE file" ftp://example.com/foo +--- + +# `--quote` + +Send an arbitrary command to the remote FTP or SFTP server. Quote commands are +sent BEFORE the transfer takes place (just after the initial **PWD** command +in an FTP transfer, to be exact). To make commands take place after a +successful transfer, prefix them with a dash '-'. + +(FTP only) To make commands be sent after curl has changed the working +directory, just before the file transfer command(s), prefix the command with a +'+'. This is not performed when a directory listing is performed. + +You may specify any number of commands. + +By default curl stops at first failure. To make curl continue even if the +command fails, prefix the command with an asterisk (*). Otherwise, if the +server returns failure for one of the commands, the entire operation is +aborted. + +You must send syntactically correct FTP commands as RFC 959 defines to FTP +servers, or one of the commands listed below to SFTP servers. + +SFTP is a binary protocol. Unlike for FTP, curl interprets SFTP quote commands +itself before sending them to the server. Filenames may be quoted shell-style +to embed spaces or special characters. Following is the list of all supported +SFTP quote commands: + +## atime date file +The atime command sets the last access time of the file named by the file +operand. The date expression can be all sorts of date strings, see the +*curl_getdate(3)* man page for date expression details. (Added in 7.73.0) + +## chgrp group file +The chgrp command sets the group ID of the file named by the file operand to +the group ID specified by the group operand. The group operand is a decimal +integer group ID. + +## chmod mode file +The chmod command modifies the file mode bits of the specified file. The +mode operand is an octal integer mode number. + +## chown user file +The chown command sets the owner of the file named by the file operand to the +user ID specified by the user operand. The user operand is a decimal +integer user ID. + +## ln source_file target_file +The ln and symlink commands create a symbolic link at the target_file location +pointing to the source_file location. + +## mkdir directory_name +The mkdir command creates the directory named by the directory_name operand. + +## mtime date file +The mtime command sets the last modification time of the file named by the +file operand. The date expression can be all sorts of date strings, see the +*curl_getdate(3)* man page for date expression details. (Added in 7.73.0) + +## pwd +The pwd command returns the absolute path name of the current working directory. + +## rename source target +The rename command renames the file or directory named by the source +operand to the destination path named by the target operand. + +## rm file +The rm command removes the file specified by the file operand. + +## rmdir directory +The rmdir command removes the directory entry specified by the directory +operand, provided it is empty. + +## symlink source_file target_file +See ln. diff --git a/deps/curl/docs/cmdline-opts/random-file.md b/deps/curl/docs/cmdline-opts/random-file.md new file mode 100644 index 00000000..e2c8624a --- /dev/null +++ b/deps/curl/docs/cmdline-opts/random-file.md @@ -0,0 +1,22 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: random-file +Arg: +Help: File for reading random data from +Category: deprecated +Added: 7.7 +Multi: single +See-also: + - egd-file +Example: + - --random-file rubbish $URL +--- + +# `--random-file` + +Deprecated option. This option is ignored (added in 7.84.0). Prior to that it +only had an effect on curl if built to use old versions of OpenSSL. + +Specify the path name to file containing random data. The data may be used to +seed the random engine for SSL connections. diff --git a/deps/curl/docs/cmdline-opts/range.md b/deps/curl/docs/cmdline-opts/range.md new file mode 100644 index 00000000..fcd4fe3b --- /dev/null +++ b/deps/curl/docs/cmdline-opts/range.md @@ -0,0 +1,61 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: range +Short: r +Help: Retrieve only the bytes within RANGE +Arg: +Protocols: HTTP FTP SFTP FILE +Category: http ftp sftp file +Added: 4.0 +Multi: single +See-also: + - continue-at + - append +Example: + - --range 22-44 $URL +--- + +# `--range` + +Retrieve a byte range (i.e. a partial document) from an HTTP/1.1, FTP or SFTP +server or a local FILE. Ranges can be specified in a number of ways. + +## 0-499 +specifies the first 500 bytes + +## 500-999 +specifies the second 500 bytes + +## -500 +specifies the last 500 bytes + +## 9500- +specifies the bytes from offset 9500 and forward + +## 0-0,-1 +specifies the first and last byte only(*)(HTTP) + +## 100-199,500-599 +specifies two separate 100-byte ranges(*) (HTTP) + +## + +(*) = NOTE that if specifying multiple ranges and the server supports it then +it replies with a multiple part response that curl returns as-is. It +contains meta information in addition to the requested bytes. Parsing or +otherwise transforming this response is the responsibility of the caller. + +Only digit characters (0-9) are valid in the 'start' and 'stop' fields of the +'start-stop' range syntax. If a non-digit character is given in the range, the +server's response is unspecified, depending on the server's configuration. + +Many HTTP/1.1 servers do not have this feature enabled, so that when you +attempt to get a range, curl instead gets the whole document. + +FTP and SFTP range downloads only support the simple 'start-stop' syntax +(optionally with one of the numbers omitted). FTP use depends on the extended +FTP command SIZE. + +This command line option is mutually exclusive with --continue-at: you can only +use one of them for a single transfer. diff --git a/deps/curl/docs/cmdline-opts/rate.md b/deps/curl/docs/cmdline-opts/rate.md new file mode 100644 index 00000000..6de65165 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/rate.md @@ -0,0 +1,46 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: rate +Arg: +Help: Request rate for serial transfers +Category: connection global +Added: 7.84.0 +Multi: single +Scope: global +See-also: + - limit-rate + - retry-delay +Example: + - --rate 2/s $URL ... + - --rate 3/h $URL ... + - --rate 14/m $URL ... +--- + +# `--rate` + +Specify the maximum transfer frequency you allow curl to use - in number of +transfer starts per time unit (sometimes called request rate). Without this +option, curl starts the next transfer as fast as possible. + +If given several URLs and a transfer completes faster than the allowed rate, +curl waits until the next transfer is started to maintain the requested +rate. This option has no effect when --parallel is used. + +The request rate is provided as "N/U" where N is an integer number and U is a +time unit. Supported units are 's' (second), 'm' (minute), 'h' (hour) and 'd' +/(day, as in a 24 hour unit). The default time unit, if no "/U" is provided, +is number of transfers per hour. + +If curl is told to allow 10 requests per minute, it does not start the next +request until 6 seconds have elapsed since the previous transfer was started. + +This function uses millisecond resolution. If the allowed frequency is set +more than 1000 per second, it instead runs unrestricted. + +When retrying transfers, enabled with --retry, the separate retry delay logic +is used and not this setting. + +Starting in version 8.10.0, you can specify number of time units in the rate +expression. Make curl do no more than 5 transfers per 15 seconds with "5/15s" +or limit it to 3 transfers per 4 hours with "3/4h". No spaces allowed. diff --git a/deps/curl/docs/cmdline-opts/raw.md b/deps/curl/docs/cmdline-opts/raw.md new file mode 100644 index 00000000..ca63dc31 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/raw.md @@ -0,0 +1,19 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: raw +Help: Do HTTP raw; no transfer decoding +Added: 7.16.2 +Protocols: HTTP +Category: http +Multi: boolean +See-also: + - tr-encoding +Example: + - --raw $URL +--- + +# `--raw` + +When used, it disables all internal HTTP decoding of content or transfer +encodings and instead makes them passed on unaltered, raw. diff --git a/deps/curl/docs/cmdline-opts/referer.md b/deps/curl/docs/cmdline-opts/referer.md new file mode 100644 index 00000000..1fec2485 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/referer.md @@ -0,0 +1,27 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: referer +Short: e +Arg: +Protocols: HTTP +Help: Referrer URL +Category: http +Added: 4.0 +Multi: single +See-also: + - user-agent + - header +Example: + - --referer "https://fake.example" $URL + - --referer "https://fake.example;auto" -L $URL + - --referer ";auto" -L $URL +--- + +# `--referer` + +Set the referrer URL in the HTTP request. This can also be set with the +--header flag of course. When used with --location you can append `;auto`" to +the --referer URL to make curl automatically set the previous URL when it +follows a Location: header. The `;auto` string can be used alone, even if you +do not set an initial --referer. diff --git a/deps/curl/docs/cmdline-opts/remote-header-name.md b/deps/curl/docs/cmdline-opts/remote-header-name.md new file mode 100644 index 00000000..88c2808a --- /dev/null +++ b/deps/curl/docs/cmdline-opts/remote-header-name.md @@ -0,0 +1,39 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: remote-header-name +Short: J +Protocols: HTTP +Help: Use the header-provided filename +Category: output +Added: 7.20.0 +Multi: boolean +See-also: + - remote-name +Example: + - -OJ https://example.com/file +--- + +# `--remote-header-name` + +Tell the --remote-name option to use the server-specified Content-Disposition +filename instead of extracting a filename from the URL. If the server-provided +filename contains a path, that is stripped off before the filename is used. + +The file is saved in the current directory, or in the directory specified with +--output-dir. + +If the server specifies a filename and a file with that name already exists in +the destination directory, it is not overwritten and an error occurs - unless +you allow it by using the --clobber option. If the server does not specify a +filename then this option has no effect. + +There is no attempt to decode %-sequences (yet) in the provided filename, so +this option may provide you with rather unexpected filenames. + +This feature uses the name from the `filename` field, it does not yet support +the `filename*` field (filenames with explicit character sets). + +**WARNING**: Exercise judicious use of this option, especially on Windows. A +rogue server could send you the name of a DLL or other file that could be +loaded automatically by Windows or some third party software. diff --git a/deps/curl/docs/cmdline-opts/remote-name-all.md b/deps/curl/docs/cmdline-opts/remote-name-all.md new file mode 100644 index 00000000..92d348e2 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/remote-name-all.md @@ -0,0 +1,20 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: remote-name-all +Help: Use the remote filename for all URLs +Added: 7.19.0 +Category: output +Multi: boolean +See-also: + - remote-name +Example: + - --remote-name-all ftp://example.com/file1 ftp://example.com/file2 +--- + +# `--remote-name-all` + +Change the default action for all given URLs to be dealt with as if +--remote-name were used for each one. If you want to disable that for a +specific URL after --remote-name-all has been used, you must use "-o -" or +--no-remote-name. diff --git a/deps/curl/docs/cmdline-opts/remote-name.md b/deps/curl/docs/cmdline-opts/remote-name.md new file mode 100644 index 00000000..e39dd51a --- /dev/null +++ b/deps/curl/docs/cmdline-opts/remote-name.md @@ -0,0 +1,42 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: remote-name +Short: O +Help: Write output to file named as remote file +Category: important output +Added: 4.0 +Multi: per-URL +See-also: + - remote-name-all + - output-dir + - remote-header-name +Example: + - -O https://example.com/filename + - -O https://example.com/filename -O https://example.com/file2 +--- + +# `--remote-name` + +Write output to a local file named like the remote file we get. (Only the file +part of the remote file is used, the path is cut off.) + +The file is saved in the current working directory. If you want the file saved +in a different directory, make sure you change the current working directory +before invoking curl with this option or use --output-dir. + +The remote filename to use for saving is extracted from the given URL, nothing +else, and if it already exists it is overwritten. If you want the server to be +able to choose the filename refer to --remote-header-name which can be used in +addition to this option. If the server chooses a filename and that name +already exists it is not overwritten. + +There is no URL decoding done on the filename. If it has %20 or other URL +encoded parts of the name, they end up as-is as filename. + +You may use this option as many times as the number of URLs you have. + +Before curl 8.10.0, curl returned an error if the URL ended with a slash, +which means that there is no filename part in the URL. Starting in 8.10.0, +curl sets the filename to the last directory part of the URL or if that also +is missing to `curl_response` (without extension) for this situation. diff --git a/deps/curl/docs/cmdline-opts/remote-time.md b/deps/curl/docs/cmdline-opts/remote-time.md new file mode 100644 index 00000000..7c5d21f0 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/remote-time.md @@ -0,0 +1,21 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: remote-time +Short: R +Help: Set remote file's time on local output +Category: output +Added: 7.9 +Multi: boolean +See-also: + - remote-name + - time-cond +Example: + - --remote-time -o foo $URL +--- + +# `--remote-time` + +Makes curl attempt to figure out the timestamp of the remote file that is +getting downloaded, and if that is available make the local file get that same +timestamp. diff --git a/deps/curl/docs/cmdline-opts/remove-on-error.md b/deps/curl/docs/cmdline-opts/remove-on-error.md new file mode 100644 index 00000000..a88daf99 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/remove-on-error.md @@ -0,0 +1,23 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: remove-on-error +Help: Remove output file on errors +Category: output +Added: 7.83.0 +Multi: boolean +See-also: + - fail +Example: + - --remove-on-error -o output $URL +--- + +# `--remove-on-error` + +Remove output file if an error occurs. If curl returns an error when told to +save output in a local file. This prevents curl from leaving a partial file in +the case of an error during transfer. + +If the output is not a regular file, this option has no effect. + +The --continue-at option cannot be used together with --remove-on-error. diff --git a/deps/curl/docs/cmdline-opts/request-target.md b/deps/curl/docs/cmdline-opts/request-target.md new file mode 100644 index 00000000..44285114 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/request-target.md @@ -0,0 +1,25 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: request-target +Arg: +Help: Specify the target for this request +Protocols: HTTP +Added: 7.55.0 +Category: http +Multi: single +See-also: + - request +Example: + - --request-target "*" -X OPTIONS $URL +--- + +# `--request-target` + +Use an alternative target (path) instead of using the path as provided in the +URL. Particularly useful when wanting to issue HTTP requests without leading +slash or other data that does not follow the regular URL pattern, like +"OPTIONS *". + +curl passes on the verbatim string you give it its the request without any +filter or other safe guards. That includes white space and control characters. diff --git a/deps/curl/docs/cmdline-opts/request.md b/deps/curl/docs/cmdline-opts/request.md new file mode 100644 index 00000000..86cf10de --- /dev/null +++ b/deps/curl/docs/cmdline-opts/request.md @@ -0,0 +1,57 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: request +Short: X +Arg: +Help: Specify request method to use +Category: connection pop3 ftp imap smtp +Added: 6.0 +Multi: single +See-also: + - request-target +Example: + - -X "DELETE" $URL + - -X NLST ftp://example.com/ +--- + +# `--request` + +Change the method to use when starting the transfer. + +curl passes on the verbatim string you give it in the request without any +filter or other safe guards. That includes white space and control characters. + +## HTTP +Specifies a custom request method to use when communicating with the HTTP +server. The specified request method is used instead of the method otherwise +used (which defaults to *GET*). Read the HTTP 1.1 specification for details +and explanations. Common additional HTTP requests include *PUT* and *DELETE*, +while related technologies like WebDAV offers *PROPFIND*, *COPY*, *MOVE* and +more. + +Normally you do not need this option. All sorts of *GET*, *HEAD*, *POST* and +*PUT* requests are rather invoked by using dedicated command line options. + +This option only changes the actual word used in the HTTP request, it does not +alter the way curl behaves. For example if you want to make a proper HEAD +request, using -X HEAD does not suffice. You need to use the --head option. + +The method string you set with --request is used for all requests, which +if you for example use --location may cause unintended side-effects when curl +does not change request method according to the HTTP 30x response codes - and +similar. + +## FTP +Specifies a custom FTP command to use instead of *LIST* when doing file lists +with FTP. + +## POP3 +Specifies a custom POP3 command to use instead of *LIST* or *RETR*. +(Added in 7.26.0) + +## IMAP +Specifies a custom IMAP command to use instead of *LIST*. (Added in 7.30.0) + +## SMTP +Specifies a custom SMTP command to use instead of *HELP* or **VRFY**. (Added in 7.34.0) diff --git a/deps/curl/docs/cmdline-opts/resolve.md b/deps/curl/docs/cmdline-opts/resolve.md new file mode 100644 index 00000000..18733df0 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/resolve.md @@ -0,0 +1,50 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: resolve +Arg: <[+]host:port:addr[,addr]...> +Help: Resolve host+port to address +Added: 7.21.3 +Category: connection dns +Multi: append +See-also: + - connect-to + - alt-svc +Example: + - --resolve example.com:443:127.0.0.1 $URL + - --resolve example.com:443:[2001:db8::252f:efd6] $URL +--- + +# `--resolve` + +Provide a custom address for a specific host and port pair. Using this, you +can make the curl requests(s) use a specified address and prevent the +otherwise normally resolved address to be used. Consider it a sort of +/etc/hosts alternative provided on the command line. The port number should be +the number used for the specific protocol the host is used for. It means you +need several entries if you want to provide addresses for the same host but +different ports. + +By specifying `*` as host you can tell curl to resolve any host and specific +port pair to the specified address. Wildcard is resolved last so any --resolve +with a specific host and port is used first. + +The provided address set by this option is used even if --ipv4 or --ipv6 is +set to make curl use another IP version. + +By prefixing the host with a '+' you can make the entry time out after curl's +default timeout (1 minute). Note that this only makes sense for long running +parallel transfers with a lot of files. In such cases, if this option is used +curl tries to resolve the host as it normally would once the timeout has +expired. + +Provide IPv6 addresses within [brackets]. + +To redirect connects from a specific hostname or any hostname, independently +of port number, consider the --connect-to option. + +Support for resolving with wildcard was added in 7.64.0. + +Support for the '+' prefix was added in 7.75.0. + +Support for specifying the host component as an IPv6 address was added in 8.13.0. diff --git a/deps/curl/docs/cmdline-opts/retry-all-errors.md b/deps/curl/docs/cmdline-opts/retry-all-errors.md new file mode 100644 index 00000000..230e7306 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/retry-all-errors.md @@ -0,0 +1,40 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: retry-all-errors +Help: Retry all errors (with --retry) +Added: 7.71.0 +Category: curl +Multi: boolean +See-also: + - retry +Example: + - --retry 5 --retry-all-errors $URL +--- + +# `--retry-all-errors` + +Retry on any error. This option is used together with --retry. + +This option is the "sledgehammer" of retrying. Do not use this option by +default (for example in your **curlrc**), there may be unintended consequences +such as sending or receiving duplicate data. Do not use with redirected input +or output. You might be better off handling your unique problems in a shell +script. Please read the example below. + +**WARNING**: For server compatibility curl attempts to retry failed flaky +transfers as close as possible to how they were started, but this is not +possible with redirected input or output. For example, before retrying it +removes output data from a failed partial transfer that was written to an +output file. However this is not true of data redirected to a | pipe or \> +file, which are not reset. We strongly suggest you do not parse or record +output via redirect in combination with this option, since you may receive +duplicate data. + +By default curl does not return error for transfers with an HTTP response code +that indicates an HTTP error, if the transfer was successful. For example, if +a server replies 404 Not Found and the reply is fully received then that is +not an error. When --retry is used then curl retries on some HTTP response +codes that indicate transient HTTP errors, but that does not include most 4xx +response codes such as 404. If you want to retry on all response codes that +indicate HTTP errors (4xx and 5xx) then combine with --fail. diff --git a/deps/curl/docs/cmdline-opts/retry-connrefused.md b/deps/curl/docs/cmdline-opts/retry-connrefused.md new file mode 100644 index 00000000..22345cd8 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/retry-connrefused.md @@ -0,0 +1,19 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: retry-connrefused +Help: Retry on connection refused (with --retry) +Added: 7.52.0 +Category: curl +Multi: boolean +See-also: + - retry + - retry-all-errors +Example: + - --retry-connrefused --retry 7 $URL +--- + +# `--retry-connrefused` + +In addition to the other conditions, consider ECONNREFUSED as a transient +error too for --retry. This option is used together with --retry. diff --git a/deps/curl/docs/cmdline-opts/retry-delay.md b/deps/curl/docs/cmdline-opts/retry-delay.md new file mode 100644 index 00000000..fcee1767 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/retry-delay.md @@ -0,0 +1,21 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: retry-delay +Arg: +Help: Wait time between retries +Added: 7.12.3 +Category: curl timeout +Multi: single +See-also: + - retry +Example: + - --retry-delay 5 --retry 7 $URL +--- + +# `--retry-delay` + +Make curl sleep this amount of time before each retry when a transfer has +failed with a transient error (it changes the default backoff time algorithm +between retries). This option is only interesting if --retry is also +used. Setting this delay to zero makes curl use the default backoff time. diff --git a/deps/curl/docs/cmdline-opts/retry-max-time.md b/deps/curl/docs/cmdline-opts/retry-max-time.md new file mode 100644 index 00000000..e95a381a --- /dev/null +++ b/deps/curl/docs/cmdline-opts/retry-max-time.md @@ -0,0 +1,23 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: retry-max-time +Arg: +Help: Retry only within this period +Added: 7.12.3 +Category: curl timeout +Multi: single +See-also: + - retry +Example: + - --retry-max-time 30 --retry 10 $URL +--- + +# `--retry-max-time` + +The retry timer is reset before the first transfer attempt. Retries are done +as usual (see --retry) as long as the timer has not reached this given +limit. Notice that if the timer has not reached the limit, the request is +made and while performing, it may take longer than this given time period. To +limit a single request's maximum time, use --max-time. Set this option to zero +to not timeout retries. diff --git a/deps/curl/docs/cmdline-opts/retry.md b/deps/curl/docs/cmdline-opts/retry.md new file mode 100644 index 00000000..1cd595dd --- /dev/null +++ b/deps/curl/docs/cmdline-opts/retry.md @@ -0,0 +1,31 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: retry +Arg: +Added: 7.12.3 +Help: Retry request if transient problems occur +Category: curl +Multi: single +See-also: + - retry-max-time +Example: + - --retry 7 $URL +--- + +# `--retry` + +If a transient error is returned when curl tries to perform a transfer, it +retries this number of times before giving up. Setting the number to 0 +makes curl do no retries (which is the default). Transient error means either: +a timeout, an FTP 4xx response code or an HTTP 408, 429, 500, 502, 503 or 504 +response code. + +When curl is about to retry a transfer, it first waits one second and then for +all forthcoming retries it doubles the waiting time until it reaches 10 +minutes which then remains delay between the rest of the retries. By using +--retry-delay you disable this exponential backoff algorithm. See also +--retry-max-time to limit the total time allowed for retries. + +curl complies with the Retry-After: response header if one was present to know +when to issue the next retry (added in 7.66.0). diff --git a/deps/curl/docs/cmdline-opts/sasl-authzid.md b/deps/curl/docs/cmdline-opts/sasl-authzid.md new file mode 100644 index 00000000..4c4282d1 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/sasl-authzid.md @@ -0,0 +1,25 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: sasl-authzid +Arg: +Help: Identity for SASL PLAIN authentication +Added: 7.66.0 +Category: auth +Multi: single +See-also: + - login-options +Example: + - --sasl-authzid zid imap://example.com/ +--- + +# `--sasl-authzid` + +Use this authorization identity (**authzid**), during SASL PLAIN +authentication, in addition to the authentication identity (**authcid**) as +specified by --user. + +If the option is not specified, the server derives the **authzid** from the +**authcid**, but if specified, and depending on the server implementation, it +may be used to access another user's inbox, that the user has been granted +access to, or a shared mailbox for example. diff --git a/deps/curl/docs/cmdline-opts/sasl-ir.md b/deps/curl/docs/cmdline-opts/sasl-ir.md new file mode 100644 index 00000000..b11137df --- /dev/null +++ b/deps/curl/docs/cmdline-opts/sasl-ir.md @@ -0,0 +1,17 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: sasl-ir +Help: Initial response in SASL authentication +Added: 7.31.0 +Category: auth +Multi: boolean +See-also: + - sasl-authzid +Example: + - --sasl-ir imap://example.com/ +--- + +# `--sasl-ir` + +Enable initial response in SASL authentication. diff --git a/deps/curl/docs/cmdline-opts/service-name.md b/deps/curl/docs/cmdline-opts/service-name.md new file mode 100644 index 00000000..f98409aa --- /dev/null +++ b/deps/curl/docs/cmdline-opts/service-name.md @@ -0,0 +1,19 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: service-name +Help: SPNEGO service name +Arg: +Added: 7.43.0 +Category: auth +Multi: single +See-also: + - negotiate + - proxy-service-name +Example: + - --service-name sockd/server $URL +--- + +# `--service-name` + +Set the service name for SPNEGO. diff --git a/deps/curl/docs/cmdline-opts/show-error.md b/deps/curl/docs/cmdline-opts/show-error.md new file mode 100644 index 00000000..aaf865bc --- /dev/null +++ b/deps/curl/docs/cmdline-opts/show-error.md @@ -0,0 +1,19 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: show-error +Short: S +Help: Show error even when -s is used +Category: curl global +Added: 5.9 +Multi: boolean +Scope: global +See-also: + - no-progress-meter +Example: + - --show-error --silent $URL +--- + +# `--show-error` + +When used with --silent, it makes curl show an error message if it fails. diff --git a/deps/curl/docs/cmdline-opts/show-headers.md b/deps/curl/docs/cmdline-opts/show-headers.md new file mode 100644 index 00000000..b2a45d6c --- /dev/null +++ b/deps/curl/docs/cmdline-opts/show-headers.md @@ -0,0 +1,33 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: show-headers +Short: i +Help: Show response headers in output +Protocols: HTTP FTP +Category: important verbose output +Added: 4.8 +Multi: boolean +See-also: + - verbose + - dump-header +Example: + - -i $URL +--- + +# `--show-headers` + +Show response headers in the output. HTTP response headers can include things +like server name, cookies, date of the document, HTTP version and more. With +non-HTTP protocols, the "headers" are other server communication. + +This option makes the response headers get saved in the same stream/output as +the data. --dump-header exists to save headers in a separate stream. + +To view the request headers, consider the --verbose option. + +Prior to 7.75.0 curl did not print the headers if --fail was used in +combination with this option and there was error reported by server. + +This option was called --include before 8.10.0. The previous name remains +functional. diff --git a/deps/curl/docs/cmdline-opts/silent.md b/deps/curl/docs/cmdline-opts/silent.md new file mode 100644 index 00000000..4e80ee76 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/silent.md @@ -0,0 +1,25 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: silent +Short: s +Help: Silent mode +Category: important verbose +Added: 4.0 +Multi: boolean +See-also: + - verbose + - stderr + - no-progress-meter +Example: + - -s $URL +--- + +# `--silent` + +Silent or quiet mode. Do not show progress meter or error messages. Makes curl +mute. It still outputs the data you ask for, potentially even to the +terminal/stdout unless you redirect it. + +Use --show-error in addition to this option to disable progress meter but +still show error messages. diff --git a/deps/curl/docs/cmdline-opts/skip-existing.md b/deps/curl/docs/cmdline-opts/skip-existing.md new file mode 100644 index 00000000..cfb7c2f9 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/skip-existing.md @@ -0,0 +1,22 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: skip-existing +Help: Skip download if local file already exists +Category: curl output +Added: 8.10.0 +Multi: boolean +See-also: + - output + - remote-name + - no-clobber +Example: + - --skip-existing --output local/dir/file $URL +--- + +# `--skip-existing` + +If there is a local file present when a download is requested, the operation +is skipped. Note that curl cannot know if the local file was previously +downloaded fine, or if it is incomplete etc, it just knows if there is a +filename present in the file system or not and it skips the transfer if it is. diff --git a/deps/curl/docs/cmdline-opts/socks4.md b/deps/curl/docs/cmdline-opts/socks4.md new file mode 100644 index 00000000..99a7fc92 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/socks4.md @@ -0,0 +1,36 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: socks4 +Arg: +Help: SOCKS4 proxy on given host + port +Added: 7.15.2 +Category: proxy +Multi: single +See-also: + - socks4a + - socks5 + - socks5-hostname +Example: + - --socks4 hostname:4096 $URL +--- + +# `--socks4` + +Use the specified SOCKS4 proxy. If the port number is not specified, it is +assumed at port 1080. Using this socket type make curl resolve the hostname +and passing the address on to the proxy. + +To specify proxy on a Unix domain socket, use localhost for host, e.g. +`socks4://localhost/path/to/socket.sock` + +This option overrides any previous use of --proxy, as they are mutually +exclusive. + +This option is superfluous since you can specify a socks4 proxy with --proxy +using a socks4:// protocol prefix. (Added in 7.21.7) + +--preproxy can be used to specify a SOCKS proxy at the same time proxy is used +with an HTTP/HTTPS proxy (added in 7.52.0). In such a case, curl first +connects to the SOCKS proxy and then connects (through SOCKS) to the HTTP or +HTTPS proxy. diff --git a/deps/curl/docs/cmdline-opts/socks4a.md b/deps/curl/docs/cmdline-opts/socks4a.md new file mode 100644 index 00000000..04d60b81 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/socks4a.md @@ -0,0 +1,35 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: socks4a +Arg: +Help: SOCKS4a proxy on given host + port +Added: 7.18.0 +Category: proxy +Multi: single +See-also: + - socks4 + - socks5 + - socks5-hostname +Example: + - --socks4a hostname:4096 $URL +--- + +# `--socks4a` + +Use the specified SOCKS4a proxy. If the port number is not specified, it is +assumed at port 1080. This asks the proxy to resolve the hostname. + +To specify proxy on a Unix domain socket, use localhost for host, e.g. +`socks4a://localhost/path/to/socket.sock` + +This option overrides any previous use of --proxy, as they are mutually +exclusive. + +This option is superfluous since you can specify a socks4a proxy with --proxy +using a socks4a:// protocol prefix. (Added in 7.21.7) + +--preproxy can be used to specify a SOCKS proxy at the same time --proxy is +used with an HTTP/HTTPS proxy (added in 7.52.0). In such a case, curl first +connects to the SOCKS proxy and then connects (through SOCKS) to the HTTP or +HTTPS proxy. diff --git a/deps/curl/docs/cmdline-opts/socks5-basic.md b/deps/curl/docs/cmdline-opts/socks5-basic.md new file mode 100644 index 00000000..dc2a5532 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/socks5-basic.md @@ -0,0 +1,19 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: socks5-basic +Help: Username/password auth for SOCKS5 proxies +Added: 7.55.0 +Category: proxy auth +Multi: mutex +See-also: + - socks5 +Example: + - --socks5-basic --socks5 hostname:4096 $URL +--- + +# `--socks5-basic` + +Use username/password authentication when connecting to a SOCKS5 proxy. The +username/password authentication is enabled by default. Use --socks5-gssapi to +force GSS-API authentication to SOCKS5 proxies. diff --git a/deps/curl/docs/cmdline-opts/socks5-gssapi-nec.md b/deps/curl/docs/cmdline-opts/socks5-gssapi-nec.md new file mode 100644 index 00000000..eef6b2de --- /dev/null +++ b/deps/curl/docs/cmdline-opts/socks5-gssapi-nec.md @@ -0,0 +1,20 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: socks5-gssapi-nec +Help: Compatibility with NEC SOCKS5 server +Added: 7.19.4 +Category: proxy auth +Multi: boolean +See-also: + - socks5 +Example: + - --socks5-gssapi-nec --socks5 hostname:4096 $URL +--- + +# `--socks5-gssapi-nec` + +As part of the GSS-API negotiation a protection mode is negotiated. RFC 1961 +says in section 4.3/4.4 it should be protected, but the NEC reference +implementation does not. The option --socks5-gssapi-nec allows the +unprotected exchange of the protection mode negotiation. diff --git a/deps/curl/docs/cmdline-opts/socks5-gssapi-service.md b/deps/curl/docs/cmdline-opts/socks5-gssapi-service.md new file mode 100644 index 00000000..d847e65e --- /dev/null +++ b/deps/curl/docs/cmdline-opts/socks5-gssapi-service.md @@ -0,0 +1,18 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: socks5-gssapi-service +Arg: +Help: SOCKS5 proxy service name for GSS-API +Added: 7.19.4 +Category: proxy auth +Multi: single +See-also: + - socks5 +Example: + - --socks5-gssapi-service sockd --socks5 hostname:4096 $URL +--- + +# `--socks5-gssapi-service` + +Set the service name for a socks server. Default is **rcmd/server-fqdn**. diff --git a/deps/curl/docs/cmdline-opts/socks5-gssapi.md b/deps/curl/docs/cmdline-opts/socks5-gssapi.md new file mode 100644 index 00000000..e1742543 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/socks5-gssapi.md @@ -0,0 +1,20 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: socks5-gssapi +Help: Enable GSS-API auth for SOCKS5 proxies +Added: 7.55.0 +Category: proxy auth +Multi: boolean +See-also: + - socks5 +Example: + - --socks5-gssapi --socks5 hostname:4096 $URL +--- + +# `--socks5-gssapi` + +Use GSS-API authentication when connecting to a SOCKS5 proxy. The GSS-API +authentication is enabled by default (if curl is compiled with GSS-API +support). Use --socks5-basic to force username/password authentication to +SOCKS5 proxies. diff --git a/deps/curl/docs/cmdline-opts/socks5-hostname.md b/deps/curl/docs/cmdline-opts/socks5-hostname.md new file mode 100644 index 00000000..0ea2ed73 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/socks5-hostname.md @@ -0,0 +1,34 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: socks5-hostname +Arg: +Help: SOCKS5 proxy, pass hostname to proxy +Added: 7.18.0 +Category: proxy +Multi: single +See-also: + - socks5 + - socks4a +Example: + - --socks5-hostname proxy.example:7000 $URL +--- + +# `--socks5-hostname` + +Use the specified SOCKS5 proxy (and let the proxy resolve the hostname). If +the port number is not specified, it is assumed at port 1080. + +To specify proxy on a Unix domain socket, use localhost for host, e.g. +`socks5h://localhost/path/to/socket.sock` + +This option overrides any previous use of --proxy, as they are mutually +exclusive. + +This option is superfluous since you can specify a socks5 hostname proxy with +--proxy using a socks5h:// protocol prefix. (Added in 7.21.7) + +--preproxy can be used to specify a SOCKS proxy at the same time --proxy is +used with an HTTP/HTTPS proxy (added in 7.52.0). In such a case, curl first +connects to the SOCKS proxy and then connects (through SOCKS) to the HTTP or +HTTPS proxy. diff --git a/deps/curl/docs/cmdline-opts/socks5.md b/deps/curl/docs/cmdline-opts/socks5.md new file mode 100644 index 00000000..4ea660d6 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/socks5.md @@ -0,0 +1,36 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: socks5 +Arg: +Help: SOCKS5 proxy on given host + port +Added: 7.18.0 +Category: proxy +Multi: single +See-also: + - socks5-hostname + - socks4a +Example: + - --socks5 proxy.example:7000 $URL +--- + +# `--socks5` + +Use the specified SOCKS5 proxy - but resolve the hostname locally. If the +port number is not specified, it is assumed at port 1080. + +To specify proxy on a Unix domain socket, use localhost for host, e.g. +`socks5://localhost/path/to/socket.sock` + +This option overrides any previous use of --proxy, as they are mutually +exclusive. + +This option is superfluous since you can specify a socks5 proxy with --proxy +using a socks5:// protocol prefix. (Added in 7.21.7) + +--preproxy can be used to specify a SOCKS proxy at the same time --proxy is +used with an HTTP/HTTPS proxy (added in 7.52.0). In such a case, curl first +connects to the SOCKS proxy and then connects (through SOCKS) to the HTTP or +HTTPS proxy. + +This option does not work with FTPS or LDAP. diff --git a/deps/curl/docs/cmdline-opts/speed-limit.md b/deps/curl/docs/cmdline-opts/speed-limit.md new file mode 100644 index 00000000..b95d6e7d --- /dev/null +++ b/deps/curl/docs/cmdline-opts/speed-limit.md @@ -0,0 +1,23 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: speed-limit +Short: Y +Arg: +Help: Stop transfers slower than this +Category: connection +Added: 4.7 +Multi: single +See-also: + - speed-time + - limit-rate + - max-time +Example: + - --speed-limit 300 --speed-time 10 $URL +--- + +# `--speed-limit` + +If a transfer is slower than this set speed (in bytes per second) for a given +number of seconds, it gets aborted. The time period is set with --speed-time +and is 30 seconds by default. diff --git a/deps/curl/docs/cmdline-opts/speed-time.md b/deps/curl/docs/cmdline-opts/speed-time.md new file mode 100644 index 00000000..f27702be --- /dev/null +++ b/deps/curl/docs/cmdline-opts/speed-time.md @@ -0,0 +1,25 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: speed-time +Short: y +Arg: +Help: Trigger 'speed-limit' abort after this time +Category: connection timeout +Added: 4.7 +Multi: single +See-also: + - speed-limit + - limit-rate +Example: + - --speed-limit 300 --speed-time 10 $URL +--- + +# `--speed-time` + +If a transfer runs slower than speed-limit bytes per second during a +speed-time period, the transfer is aborted. If speed-time is used, the default +speed-limit is 1 unless set with --speed-limit. + +This option controls transfers (in both directions) but does not affect slow +connects etc. If this is a concern for you, try the --connect-timeout option. diff --git a/deps/curl/docs/cmdline-opts/ssl-allow-beast.md b/deps/curl/docs/cmdline-opts/ssl-allow-beast.md new file mode 100644 index 00000000..f9933b77 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/ssl-allow-beast.md @@ -0,0 +1,27 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: ssl-allow-beast +Help: Allow security flaw to improve interop +Protocols: TLS +Added: 7.25.0 +Category: tls +Multi: boolean +See-also: + - proxy-ssl-allow-beast + - insecure +Example: + - --ssl-allow-beast $URL +--- + +# `--ssl-allow-beast` + +Do not work around a security flaw in the TLS1.0 protocol known as BEAST. If +this option is not used, the TLS layer may use workarounds known to cause +interoperability problems with some older server implementations. + +This option only changes how curl does TLS 1.0 and has no effect on later TLS +versions. + +**WARNING**: this option loosens the TLS security, and by using this flag you +ask for exactly that. diff --git a/deps/curl/docs/cmdline-opts/ssl-auto-client-cert.md b/deps/curl/docs/cmdline-opts/ssl-auto-client-cert.md new file mode 100644 index 00000000..4f0be5bd --- /dev/null +++ b/deps/curl/docs/cmdline-opts/ssl-auto-client-cert.md @@ -0,0 +1,21 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: ssl-auto-client-cert +Help: Use auto client certificate (Schannel) +Added: 7.77.0 +Category: tls +Protocols: TLS +Multi: boolean +See-also: + - proxy-ssl-auto-client-cert +Example: + - --ssl-auto-client-cert $URL +--- + +# `--ssl-auto-client-cert` + +(Schannel) Automatically locate and use a client certificate for +authentication, when requested by the server. Since the server can request any +certificate that supports client authentication in the OS certificate store it +could be a privacy violation and unexpected. diff --git a/deps/curl/docs/cmdline-opts/ssl-no-revoke.md b/deps/curl/docs/cmdline-opts/ssl-no-revoke.md new file mode 100644 index 00000000..16981f14 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/ssl-no-revoke.md @@ -0,0 +1,19 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: ssl-no-revoke +Help: Disable cert revocation checks (Schannel) +Added: 7.44.0 +Protocols: TLS +Category: tls +Multi: boolean +See-also: + - crlfile +Example: + - --ssl-no-revoke $URL +--- + +# `--ssl-no-revoke` + +(Schannel) Disable certificate revocation checks. WARNING: this option loosens +the SSL security, and by using this flag you ask for exactly that. diff --git a/deps/curl/docs/cmdline-opts/ssl-reqd.md b/deps/curl/docs/cmdline-opts/ssl-reqd.md new file mode 100644 index 00000000..f21c145f --- /dev/null +++ b/deps/curl/docs/cmdline-opts/ssl-reqd.md @@ -0,0 +1,31 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: ssl-reqd +Help: Require SSL/TLS +Protocols: FTP IMAP POP3 SMTP LDAP +Added: 7.20.0 +Category: tls imap pop3 smtp ldap +Multi: boolean +See-also: + - ssl + - insecure +Example: + - --ssl-reqd ftp://example.com +--- + +# `--ssl-reqd` + +Require SSL/TLS for the connection - often referred to as STARTTLS or STLS +because of the involved commands. Terminates the connection if the transfer +cannot be upgraded to use SSL/TLS. + +This option is handled in LDAP (added in 7.81.0). It is fully supported by the +OpenLDAP backend and rejected by the generic ldap backend if explicit TLS is +required. + +This option is unnecessary if you use a URL scheme that in itself implies +immediate and implicit use of TLS, like for FTPS, IMAPS, POP3S, SMTPS and +LDAPS. Such a transfer always fails if the TLS handshake does not work. + +This option was formerly known as --ftp-ssl-reqd. diff --git a/deps/curl/docs/cmdline-opts/ssl-revoke-best-effort.md b/deps/curl/docs/cmdline-opts/ssl-revoke-best-effort.md new file mode 100644 index 00000000..0257e05f --- /dev/null +++ b/deps/curl/docs/cmdline-opts/ssl-revoke-best-effort.md @@ -0,0 +1,20 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: ssl-revoke-best-effort +Help: Ignore missing cert CRL dist points +Added: 7.70.0 +Protocols: TLS +Category: tls +Multi: boolean +See-also: + - crlfile + - insecure +Example: + - --ssl-revoke-best-effort $URL +--- + +# `--ssl-revoke-best-effort` + +(Schannel) Ignore certificate revocation checks when they failed due to +missing/offline distribution points for the revocation check lists. diff --git a/deps/curl/docs/cmdline-opts/ssl-sessions.md b/deps/curl/docs/cmdline-opts/ssl-sessions.md new file mode 100644 index 00000000..aefc20a1 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/ssl-sessions.md @@ -0,0 +1,35 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: ssl-sessions +Arg: +Protocols: TLS +Help: Load/save SSL session tickets from/to this file +Added: 8.12.0 +Category: tls +Multi: single +See-also: + - tls-earlydata +Example: + - --ssl-sessions sessions.txt $URL +--- + +# `--ssl-sessions` + +Use the given file to load SSL session tickets into curl's cache before +starting any transfers. At the end of a successful curl run, the cached +SSL sessions tickets are save to the file, replacing any previous content. + +The file does not have to exist, but curl reports an error if it is +unable to create it. Unused loaded tickets are saved again, unless they +get replaced or purged from the cache for space reasons. + +Using a session file allows `--tls-earlydata` to send the first request +in "0-RTT" mode, should an SSL session with the feature be found. Note that +a server may not support early data. Also note that early data does +not provide forward secrecy, e.g. is not as secure. + +The SSL session tickets are stored as base64 encoded text, each ticket on +its own line. The hostnames are cryptographically salted and hashed. While +this prevents someone to easily see the hosts you contacted, they could still +check if a specific hostname matches one of the values. diff --git a/deps/curl/docs/cmdline-opts/ssl.md b/deps/curl/docs/cmdline-opts/ssl.md new file mode 100644 index 00000000..0c0f2817 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/ssl.md @@ -0,0 +1,35 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: ssl +Help: Try enabling TLS +Protocols: FTP IMAP POP3 SMTP LDAP +Added: 7.20.0 +Category: tls imap pop3 smtp ldap +Multi: boolean +See-also: + - ssl-reqd + - insecure + - ciphers +Example: + - --ssl pop3://example.com/ +--- + +# `--ssl` + +Warning: this is considered an insecure option. Consider using --ssl-reqd +instead to be sure curl upgrades to a secure connection. + +Try to use SSL/TLS for the connection - often referred to as STARTTLS or STLS +because of the involved commands. Reverts to a non-secure connection if the +server does not support SSL/TLS. See also --ftp-ssl-control and --ssl-reqd for +different levels of encryption required. + +This option is handled in LDAP (added in 7.81.0). It is fully supported by the +OpenLDAP backend and ignored by the generic ldap backend. + +Please note that a server may close the connection if the negotiation does +not succeed. + +This option was formerly known as --ftp-ssl (added in 7.11.0). That option +name can still be used but might be removed in a future version. diff --git a/deps/curl/docs/cmdline-opts/sslv2.md b/deps/curl/docs/cmdline-opts/sslv2.md new file mode 100644 index 00000000..ea92a2cb --- /dev/null +++ b/deps/curl/docs/cmdline-opts/sslv2.md @@ -0,0 +1,24 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Short: 2 +Long: sslv2 +Tags: Versions +Protocols: SSL +Added: 5.9 +Mutexed: sslv3 tlsv1 tlsv1.1 tlsv1.2 +Requires: TLS +Help: SSLv2 +Category: deprecated +Multi: mutex +See-also: + - http1.1 + - http2 +Example: + - --sslv2 $URL +--- + +# `--sslv2` + +This option previously asked curl to use SSLv2, but is now ignored +(added in 7.77.0). SSLv2 is widely considered insecure (see RFC 6176). diff --git a/deps/curl/docs/cmdline-opts/sslv3.md b/deps/curl/docs/cmdline-opts/sslv3.md new file mode 100644 index 00000000..f022124e --- /dev/null +++ b/deps/curl/docs/cmdline-opts/sslv3.md @@ -0,0 +1,24 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Short: 3 +Long: sslv3 +Tags: Versions +Protocols: SSL +Added: 5.9 +Mutexed: sslv2 tlsv1 tlsv1.1 tlsv1.2 +Requires: TLS +Help: SSLv3 +Category: deprecated +Multi: mutex +See-also: + - http1.1 + - http2 +Example: + - --sslv3 $URL +--- + +# `--sslv3` + +This option previously asked curl to use SSLv3, but is now ignored +(added in 7.77.0). SSLv3 is widely considered insecure (see RFC 7568). diff --git a/deps/curl/docs/cmdline-opts/stderr.md b/deps/curl/docs/cmdline-opts/stderr.md new file mode 100644 index 00000000..7030e557 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/stderr.md @@ -0,0 +1,21 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: stderr +Arg: +Help: Where to redirect stderr +Category: verbose global +Added: 6.2 +Multi: single +Scope: global +See-also: + - verbose + - silent +Example: + - --stderr output.txt $URL +--- + +# `--stderr` + +Redirect all writes to stderr to the specified file instead. If the filename +is a plain '-', it is instead written to stdout. diff --git a/deps/curl/docs/cmdline-opts/styled-output.md b/deps/curl/docs/cmdline-opts/styled-output.md new file mode 100644 index 00000000..8193896c --- /dev/null +++ b/deps/curl/docs/cmdline-opts/styled-output.md @@ -0,0 +1,23 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: styled-output +Help: Enable styled output for HTTP headers +Added: 7.61.0 +Category: verbose global +Multi: boolean +Scope: global +See-also: + - head + - verbose +Example: + - --styled-output -I $URL +--- + +# `--styled-output` + +Enable automatic use of bold font styles when writing HTTP headers to the +terminal. Use --no-styled-output to switch them off. + +Styled output requires a terminal that supports bold fonts. This feature is +not present on curl for Windows due to lack of this capability. diff --git a/deps/curl/docs/cmdline-opts/suppress-connect-headers.md b/deps/curl/docs/cmdline-opts/suppress-connect-headers.md new file mode 100644 index 00000000..e9e32c0a --- /dev/null +++ b/deps/curl/docs/cmdline-opts/suppress-connect-headers.md @@ -0,0 +1,23 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: suppress-connect-headers +Help: Suppress proxy CONNECT response headers +Category: proxy +Added: 7.54.0 +Multi: boolean +See-also: + - dump-header + - show-headers + - proxytunnel +Example: + - --suppress-connect-headers --show-headers -x proxy $URL +--- + +# `--suppress-connect-headers` + +When --proxytunnel is used and a CONNECT request is made do not output proxy +CONNECT response headers. This option is meant to be used with --dump-header +or --show-headers which are used to show protocol headers in the output. It +has no effect on debug options such as --verbose or --trace, or any +statistics. diff --git a/deps/curl/docs/cmdline-opts/tcp-fastopen.md b/deps/curl/docs/cmdline-opts/tcp-fastopen.md new file mode 100644 index 00000000..9a7c2b0a --- /dev/null +++ b/deps/curl/docs/cmdline-opts/tcp-fastopen.md @@ -0,0 +1,19 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: tcp-fastopen +Added: 7.49.0 +Help: Use TCP Fast Open +Category: connection +Multi: boolean +See-also: + - false-start +Example: + - --tcp-fastopen $URL +--- + +# `--tcp-fastopen` + +Enable use of TCP Fast Open (RFC 7413). TCP Fast Open is a TCP extension that +allows data to get sent earlier over the connection (before the final +handshake ACK) if the client and server have been connected previously. diff --git a/deps/curl/docs/cmdline-opts/tcp-nodelay.md b/deps/curl/docs/cmdline-opts/tcp-nodelay.md new file mode 100644 index 00000000..6944d701 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/tcp-nodelay.md @@ -0,0 +1,21 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: tcp-nodelay +Help: Set TCP_NODELAY +Added: 7.11.2 +Category: connection +Multi: boolean +See-also: + - no-buffer +Example: + - --tcp-nodelay $URL +--- + +# `--tcp-nodelay` + +Turn on the TCP_NODELAY option. See the *curl_easy_setopt(3)* man page for +details about this option. + +curl sets this option by default and you need to explicitly switch it off if +you do not want it on (added in 7.50.2). diff --git a/deps/curl/docs/cmdline-opts/telnet-option.md b/deps/curl/docs/cmdline-opts/telnet-option.md new file mode 100644 index 00000000..a332b1a5 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/telnet-option.md @@ -0,0 +1,28 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: telnet-option +Short: t +Arg: +Help: Set telnet option +Category: telnet +Added: 7.7 +Multi: append +See-also: + - config +Example: + - -t TTYPE=vt100 telnet://example.com/ +--- + +# `--telnet-option` + +Pass options to the telnet protocol. Supported options are: + +## `TTYPE=` +Sets the terminal type. + +## `XDISPLOC=` +Sets the X display location. + +## `NEW_ENV=` +Sets an environment variable. diff --git a/deps/curl/docs/cmdline-opts/tftp-blksize.md b/deps/curl/docs/cmdline-opts/tftp-blksize.md new file mode 100644 index 00000000..21d8476a --- /dev/null +++ b/deps/curl/docs/cmdline-opts/tftp-blksize.md @@ -0,0 +1,21 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: tftp-blksize +Arg: +Help: Set TFTP BLKSIZE option +Protocols: TFTP +Added: 7.20.0 +Category: tftp +Multi: single +See-also: + - tftp-no-options +Example: + - --tftp-blksize 1024 tftp://example.com/file +--- + +# `--tftp-blksize` + +Set the TFTP **BLKSIZE** option (must be 512 or larger). This is the block +size that curl tries to use when transferring data to or from a TFTP +server. By default 512 bytes are used. diff --git a/deps/curl/docs/cmdline-opts/tftp-no-options.md b/deps/curl/docs/cmdline-opts/tftp-no-options.md new file mode 100644 index 00000000..063da92e --- /dev/null +++ b/deps/curl/docs/cmdline-opts/tftp-no-options.md @@ -0,0 +1,20 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: tftp-no-options +Help: Do not send any TFTP options +Protocols: TFTP +Added: 7.48.0 +Category: tftp +Multi: boolean +See-also: + - tftp-blksize +Example: + - --tftp-no-options tftp://192.168.0.1/ +--- + +# `--tftp-no-options` + +Do not to send TFTP options requests. This improves interop with some legacy +servers that do not acknowledge or properly implement TFTP options. When this +option is used --tftp-blksize is ignored. diff --git a/deps/curl/docs/cmdline-opts/time-cond.md b/deps/curl/docs/cmdline-opts/time-cond.md new file mode 100644 index 00000000..44cb1663 --- /dev/null +++ b/deps/curl/docs/cmdline-opts/time-cond.md @@ -0,0 +1,34 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: time-cond +Short: z +Arg: