Anna Liberty [Thu, 19 Feb 2026 20:23:04 +0000 (12:23 -0800)]
docs: reword explanation of --variable option
Simplify the language expaining the --variable option, reducing
repetition. Also fix some minor grammar issues and makes language for
examples more consistent.
Viktor Szakats [Thu, 19 Feb 2026 17:34:35 +0000 (18:34 +0100)]
tests/server/sockfilt: check for NULL `tv` to silence clang-tidy
A NULL dereference cannot happen with existing use of this code.
linux-mingw, CM clang-tidy:
```
/home/runner/work/curl/curl/tests/server/sockfilt.c:720:24: error: Access
to field 'tv_sec' results in a dereference of a null pointer (loaded from
variable 'tv') [clang-analyzer-core.NullDereference,-warnings-as-errors]
720 | tv->tv_sec = 0;
| ~~ ^
```
Ref: https://github.com/curl/curl/actions/runs/22191200093/job/64179197235?pr=20631#step:10:283
Viktor Szakats [Thu, 19 Feb 2026 23:43:57 +0000 (00:43 +0100)]
clang-tidy: work around clang-tidy <=20 false positive (Windows)
clang-tidy <= v20 (as seen between 18.1.3 and 20.1.2) report
`readability-uppercase-literal-suffix` originating from mingw-w64 system
header `_mingw_mac.h` via `define __MSABI_LONG(x) x ## l`
Triggered by `SOCKENOMEM` (e.g. in tests/server/sockfilt.c):
```
warning: integer literal has suffix 'l', which is not uppercase [readability-uppercase-literal-suffix]
```
Work around by replacing Windows macro `WSA_NOT_ENOUGH_MEMORY`
with its literal value.
Viktor Szakats [Thu, 19 Feb 2026 15:43:08 +0000 (16:43 +0100)]
cmake: improve clang-tidy invocation for tests in cross-builds
By passing to clang-tidy the C compiler with `--target` and sysroot
options, if any.
Fixing (GHA/windows, linux-mingw, CM clang-tidy):
```
lib/curl_setup.h:841:10: error: 'io.h' file not found [clang-diagnostic-error]
841 | #include <io.h>
| ^~~~~~
Found compiler error(s).
FAILED: [code=1] tests/server/CMakeFiles/servers-clang-tidy bld/tests/server/CMakeFiles/servers-clang-tidy
cd tests/server && /usr/bin/clang-tidy --config-file=.clang-tidy.yml
--warnings-as-errors=* --checks=-clang-diagnostic-unused-function first.c getpart.c util.c dnsd.c [...]
-- <-D-options> <-I-options> <cflags>
```
For reference, this is CMake's built-in clang-tidy invocation:
```
/usr/local/bin/cmake -E __run_co_compile --tidy="/usr/bin/clang-tidy;--config-file=.clang-tidy.yml;
--warnings-as-errors=*;--extra-arg-before=--driver-mode=gcc" --source=lib/curl_fopen.c
-- /usr/bin/clang --target=x86_64-w64-mingw32 <-D-options> <-I-options> <cflags>
```
Also:
- bump cmakelint `--max-statements`. Needs 59 after this patch.
- use undocumented CMake variables:
- `CMAKE_C_COMPILE_OPTIONS_TARGET` for `--target=`
- `CMAKE_C_COMPILE_OPTIONS_SYSROOT` for `--sysroot=`
Viktor Szakats [Tue, 17 Feb 2026 23:55:27 +0000 (00:55 +0100)]
clang-tidy: sync argument names in prototype and definition
Discovered with clang-tidy checker
`readability-inconsistent-declaration-parameter-name`.
Also:
- do not enforce the above because of inconsistencies still present
between public API prototypes and definitions. (Also betwen man page
protos, and man page examples, and other parts of the code, e.g.
`easy` vs `curl` vs `d` vs `handle`) Perhaps subject for a future
effort:
https://github.com/curl/curl/actions/runs/22166472728/job/64094691653
- enable and fix `readability-named-parameter` where missing.
Viktor Szakats [Wed, 18 Feb 2026 18:04:12 +0000 (19:04 +0100)]
rtspd: fix to check `realloc()` result
Also enable `bugprone-suspicious-realloc-usage` clang-tidy option
to verify.
Fixing:
```
tests/server/rtspd.c:328:37: error: 'req->rtp_buffer' may be set to null if 'realloc' fails,
which may result in a leak of the original buffer
[bugprone-suspicious-realloc-usage,-warnings-as-errors]
328 | req->rtp_buffer = realloc(req->rtp_buffer,
| ~~~~~~~~~~~~~~~ ^ ~~~~~~~~~~~~~~~
```
Viktor Szakats [Wed, 18 Feb 2026 12:21:19 +0000 (13:21 +0100)]
cmake/FindMbedTLS: add workaround for missing static MSVC `mbedcrypto.lib` 4.0.0
Seen with mbedTLS 4.0.0. mbedTLS 4.0.0 renamed `mbedcrypto` lib to
`tfpsacrypto`, while also keeping a copy under the old name to aid
transition. However, this compatibility logic is broken for MSVC static
builds, and the old name missing.
Work around by looking for the new name in the raw detection codepath.
Note that using `pkg-config`-based detection also works as a workaround.
Reported-by: tawmoto on github
Fixes #20616
Ref: https://github.com/Mbed-TLS/mbedtls/blob/v4.0.0/library/CMakeLists.txt#L275-L282
Ref: https://github.com/Mbed-TLS/mbedtls/issues/10605
Viktor Szakats [Sun, 15 Feb 2026 22:58:39 +0000 (23:58 +0100)]
clang-tidy: fixes and improvements
Fix bigger and smaller kinks in how clang-tidy is configured and used.
Sync behavior more between autotools and cmake, lib/src and tests. Bump
clang-tidy minimum version and prepare logic to allow using clang-tidy
to a fuller extent.
- move clang-tidy settings from builds to a new `.clang-tidy.yml`.
To make it easy to see and edit checks at one place. Also to allow
using the `--checks=` option internally to silence tests-specific
checks. (clang-tidy does not support multiple `--check=` options via
the command-line.)
Use explicit `--config-file=` option to point to the configuration.
- .clang-tidy.yml: link to documentation.
- suppress `clang-diagnostic-nullability-extension` due to a false
positive in libtests with `CURL_WERROR=ON` and `PICKY_COMPILER=OFF`.
- .clang-tidy.yml: enable `portability-*`, `misc-const-correctness`.
- drop `--quiet` clang-tidy option by default to make its working a bit
more transparent. The extra output is minimial.
- consistently use double-dashes in clang-tidy command-line options.
Supported by clang-tidy 9.0.0+ (2019-09-19). Before this patch single
and double were used arbitrarily.
- src/tool_parsecfg: silence false positive `clang-analyzer-unix.Stream`.
Seen with clang 18 + clang-tidy 19 and 20 (only with autotools.)
- INTERNALS: require clang-tidy 14.0.0+. For the `--config-file` option.
- INTERNALS: recommend clang-tidy 19.1.0+, to avoid bogus
`clang-analyzer-valist.Uninitialized` warnings. (bug details below)
autotools:
- allow configuring the clang-tidy tool via `CLANG_TIDY` env.
Also to use in GHA to point to a suffixed clang-tody tool.
- fix to pass CFLAGS to lib, src sources.
(keep omitting them when using a non-clang compiler.)
- fix to pass `--warnings-as-errors=*` in quotes to avoid globbing.
cmake:
- fix to not pass an empty `-I` to clang-tidy.
- fix to pass CFLAGS (picky warnings) to clang-tidy for test sources.
(keep omitting them when using a non-clang compiler.)
- fix to disable `clang-diagnostic-unused-function` for test sources.
(tests have static entry points, which trigger this check when
checking them as individidual sources.)
- fix forwarding `CURL_CLANG_TIDYFLAGS` to clang-tidy.
- force disable picky warnings when running clang-tidy with a non-clang
compiler. To not pass these flags when checking lib and src.
CI:
- GHA/linux: avoid clang-tidy bug by upgrading to v19, and drop the
workaround.
- GHA/linux: switch to clang from gcc in the clang-tidy job. Using gcc
doesn't allow passing CFLAGS to clang-tidy, making it less effective.
(My guess this was one factor contributing to this job often missing
to find certain issues compared to GHA/macos.)
I recomment using clang-tidy with a clang compiler, preferably the same
version or one that's compatible. Other cases are best effort, and may
fail if a C flag is passed to clang-tidy that it does not understand.
Picky warnings are mostly omitted when using a non-clang compiler,
reducing its usefulness.
Details and reproducer for the v18 (and earlier) clang-tidy bug,
previously affecting the GHA/linux job:
clang-tidy <=18 emits false warnings way when passing multiple C sources
at once (as done with autotools):
Viktor Szakats [Fri, 13 Feb 2026 16:05:36 +0000 (17:05 +0100)]
build: fix `-Wunused-macros` warnings, and related tidy-ups
- fix internal macro `AN_APPLE_OS` reused between sources without
resetting it. It may potentially have left the system sha256
function unused.
- fix to define `WOLFSSL_OPTIONS_IGNORE_SYS` so that it always applies
to wolfSSL headers, also during feature detection.
- md4, md5, sha256: simplify fallback logic.
- delete 20+ unused macros.
- scope or move macros to avoid `-Wunused-macros` warnings.
- examples: delete unused code.
The warning detects macros defined but not used within the same C
source. It does not warn for macros defined in headers. It also works
with unity builds, but to a lesser extent.
Stefan Eissing [Tue, 17 Feb 2026 08:50:25 +0000 (09:50 +0100)]
easy: reset errorbuf on eyeballing success
Any failf() that fill the errorbuf need to be forgotten once happy
eyeballing finds a succssful winner. Because the errorbuf, once set, is
not overwritten with future error information.
Adds test_05_05 to verify.
Reported-by: Tim Friedrich Brüggemann
Fixes #20608
Viktor Szakats [Sat, 14 Feb 2026 11:03:16 +0000 (12:03 +0100)]
cmake: enable binutils ld workaround for all toolchains at build-time (revert)
The change was valid, but caused an annoying warning with perfectly
working non-binutils ld linkers:
```
ld: warning: ignoring duplicate libraries: 'my/path/usr/local/lib/libcrypto.a'
```
(seen with Apple clang, when using static `libcrypto.a`)
It means that for the binutil ld hack to work at consumption-time, curl
must be built with the same picky binutils (gcc) toolchain.
Viktor Szakats [Sat, 14 Feb 2026 12:30:33 +0000 (13:30 +0100)]
examples/usercertinmem: use modern OpenSSL API, drop mentions of RSA
Replacing API calls deprecated by OpenSSL 3, and also missing
from OpenSSL 3 no-deprecated builds, fixing builds with the latter:
`PEM_read_bio_RSAPrivateKey()`, `RSA_free()`,
`SSL_CTX_use_RSAPrivateKey()`
Also: rename callback to match its `cacertinmem.c` sibling.
Refactor and simplify the Schannel code, primarily by reducing
duplicated buffer-management and credential-setup logic.
- split client certificate selection into get_client_cert() and SSPI
credential acquisition into acquire_sspi_handle()
- introduce a struct sbuffer for encrypted/decrypted buffering
- Add ensure_encoding_size() and ensure_decoding_size() helpers to
centralize buffer growth/realloc decisions
- Tighten variable scopes and tidy indentation/logging in the handshake
and receive/decrypt loops.
- Update comments and adjusts some receive error-condition handling to
better preserve buffered-data behavior.
Viktor Szakats [Thu, 12 Feb 2026 16:59:18 +0000 (17:59 +0100)]
msvc: VS2026: unlock picky warning in cmake, test in CI
Upgrade a GHA/windows job to VS2026 (from VS2022), using a runner image
released a week ago. It also comes with the same Windows SDK as VS2022:
v10.0.26100.0.
The runner image uses Windows 2025 unfortunately, which makes the job
run significantly slower than before this patch:
- configure: 49s -> 1m10s
- build: 3s -> 5s
- install test prereqs: 23s -> 27s
- run tests: 3m18s -> 4m11s
- build examples: 15s -> 25s
It's a shame.
Also:
- cmake: enable picky warnings for VS2026 internal version 19.50.
Build is clean with existing options.
- GHA/windows: make the built-in OpenSSH intall path recognize
the windows-2025-vs2026 image as windows-2025.
- windows-2025-vs2026 is able to load the cached stunnel made on
the windows-2022 runner.
- disk use of the build is almost identical to VS2022.
Viktor Szakats [Thu, 12 Feb 2026 14:21:12 +0000 (15:21 +0100)]
cmake: add `BORINGSSL_VERSION` configuration variable, test in CI
To simplify setting BoringSSL version, using:
`-DBORINGSSL_VERSION=0.20260211.0`
or
`-DBORINGSSL_VERSION=${boringssl_version}`
Previously it could be set via C flags, using complicated shell quotes:
`-DCMAKE_C_FLAGS="-DCURL_BORINGSSL_VERSION=\\\"${boringssl_version}\\\""`
(the C flags method remains, also for autotools)
It'd be nice if BoringSSL published its version not just via
`MODULE.bazel` in its source tree, but from its public headers, to make
these workarounds unnecessary.
Viktor Szakats [Wed, 11 Feb 2026 23:33:20 +0000 (00:33 +0100)]
windows: tidy up `wincrypt.h` / BoringSSL/AWS-LC coexist workaround
- openssl: move and expand explanatory comment.
- openssl: drop duplicate workaround.
- schannel: drop workaround. Unnecessary, because OpenSSL headers are
not included in or after schannel code.
- schannel: drop explicit `wincrypt.h` include. It's indirectly
included by system `<schannel.h>`.
- ldap: drop explicit `wincrypt.h` include.
It isn't used there, and also not required for the workaround.
`winldap.h` keeps including it indirectly.
Tested with BoringSSL and AWS-LC (MultiSSL with Schannel), also LDAP
enabled, and H3, unity and non-unity, and all tested cases build fine.
In lib in general, the point is to have the `#undef`s between the first
`wincrypt.h` include [1] and the first OpenSSL include [2], within a
single compilation unit. For non-unity builds the only such source is
`openssl.c`. For unity ones, depending on batch size, in theory we
should `#undef` after each `wincrypt.h` include. In practice this is
overkill and most cases are covered by `#undef`-fing _first_ in
`vtls/openssl.c`, and `#undef` in `ldap.c`. It's not impossible that we
need to add more undefs after further `wincrypt.h` includes to cover so
far undiscovered build cases [3]. Though I could not find more with the
current sources and source order.
It's also an option to include OpenSSL first, then `wincrypt.h`, as
done in libtests, but for lib and `vtls/openssl.c` it's more practical
to do the opposite.
[1] can be indirect, e.g. via `iphlpapi.h`, `schannel.h`, `winldap.h`.
[3] `lib/Makefile.inc` defines the order of unity sources.
For libtests, the case is simpler: There is always one compilation unit,
with a fixed order, and at the moment `cli_hx_download.c` is including
OpenSSL first, then wincrypt, and in this order they don't bother each
other. Also, at the moment `lib758.c` is the only other OpenSSL header
user, but it's compiled after `cli_hx_download.c` so the include is
skipped there. We may need to revisit this if either header gets
included before it.
All this said it'd be nice if BoringSSL/AWS-LC restored the built-in
workaround to behave like LibreSSL and OpenSSL and not require local
workarounds like these.
Viktor Szakats [Wed, 11 Feb 2026 12:54:27 +0000 (13:54 +0100)]
windows: tidy up includes, macros, document dependencies
- define `SECURITY_WIN32` globally in `curl_setup.h`.
To make sure it applies to all includes.
- document which Windows headers require `SECURITY_WIN32`.
- stop suppressing MSVC warning:
`C4201 is: nonstandard extension used : nameless struct/union`
The warning is no longer seen in supported build envs with the current
codebase.
Follow-up to 8beff4355956e3d18ceb3afc21c1f3edec82543c #8419
- document why `SCHANNEL_USE_BLACKLISTS` is needed.
- just define `SCHANNEL_USE_BLACKLISTS`, drop the unnecessary value `1`.
Viktor Szakats [Wed, 11 Feb 2026 03:10:00 +0000 (04:10 +0100)]
build: check `MSG_NOSIGNAL` directly, drop detection and interim macro
Drop detecting it at configure time, along with the interim macro
`HAVE_MSG_NOSIGNAL`. There is no longer a reason for this workaround,
and allows to save the work at configure time and simplify.
Also say in a comment that `sys/socket.h` is defining this macro.
Viktor Szakats [Wed, 11 Feb 2026 00:51:21 +0000 (01:51 +0100)]
curl_setup.h: merge back single-use internal header `curl_setup_once.h`
Originally split in 2006, but the issues cited are no longer present in
current code. As of now both `curl_setup.h` and `curl_setup_once.h` are
included once per compiler invocation, without recursion. The latter is
a sub-header of the former with no clear distinction in their contents.
Merge them to avoid having to decide where to put new global PP logic.
Also to make it easier to overview what gets defined/included globally
and in what order. (Perhaps even allowing some tidying up here.)
Jay Satiro [Thu, 5 Feb 2026 22:43:55 +0000 (17:43 -0500)]
vtls: use ALPN http/1.0 & http/1.1 for HTTP/1.0 requests
- For compatibility reasons send both ALPN ids http/1.0 and http/1.1 for
HTTP/1.0 requests.
Prior to this change for compatibility reasons curl would send ALPN
http/1.1 for HTTP/1.0 requests, since some servers do not recognize
ALPN http/1.0. However some servers may recognize only ALPN http/1.0 for
HTTP/1.0 requests. Therefore curl now sends both.
Viktor Szakats [Sat, 7 Feb 2026 16:57:39 +0000 (17:57 +0100)]
build: tidy up and simplify `setmode()` detection and use
- move macro to `curl_setup.h` (from curlx), and rename.
It's required by src, test servers, libtests. Also used by unit/tunit,
(which is fixable but this patch doesn't touch it.)
- special-case it for Windows/Cygwin/MS-DOS.
- build: drop `setmode()`/`_setmode()` detection.
This also avoids detecting the different `setmode()` on BSDs,
and a lot of complexity and overhead.
- use `CURL_O_BINARY`.
Viktor Szakats [Sun, 8 Feb 2026 02:36:45 +0000 (03:36 +0100)]
curl_setup.h: drop extra header guard for internal include
The included local header starts with this same guard. The original
commit added it for fixing VMS builds along with many other changes, but
without mention of this specific one in the commit message.
`curl_setup.h` is included once, which includes `curl_setup_once.h`
once, even if the latter wouldn't have it's own guard.
Stefan Eissing [Wed, 28 Jan 2026 16:20:57 +0000 (17:20 +0100)]
url.c: code/comment cleanup around conn creation
Several comments were outdated and parameters to create_conn() and
ConnectionExists() were not needed. Give functions better names and
consistently use terms `needle` and `conn`.
projects / thirdparty / curl.git / log
