                                  _   _ ____  _
                              ___| | | |  _ \| |
                             / __| | | | |_) | |
                            | (__| |_| |  _ <| |___
                             \___|\___/|_| \_\_____|

                                  Changelog

Version 8.9.0 (24 Jul 2024)

Daniel Stenberg (24 Jul 2024)

- RELEASE-NOTES: synced

- THANKS: updates from the 8.9.0 release

- curl_easy_escape.md: move historic details to HISTORY

  Closes #14261

- docs/libcurl: add to cleanup docs that their inputs go invalid

  Reported-by: icy17 on github
  Fixes #14248
  Closes #14258

dependabot[bot] (23 Jul 2024)

- GHA: bump github/codeql-action from 3.25.11 to 3.25.13

  Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.
  25.11 to 3.25.13.
  - [Release notes](https://github.com/github/codeql-action/releases)
  - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
  - [Commits](https://github.com/github/codeql-action/compare/b611370bb5703a7ef
  b587f9d136a52ea24c5c38c...2d790406f505036ef40ecba973cc774a50395aac)

  ---
  updated-dependencies:
  - dependency-name: github/codeql-action
    dependency-type: direct:production
    update-type: version-update:semver-patch
  ...

  Signed-off-by: dependabot[bot] <support@github.com>
  Closes #14255

Stefan Eissing (23 Jul 2024)

- conncache: connection shutdown, multi_socket handling

  - implement the socket hash user/reader/writer processing also
    for connections that are being shut down by the connection cache.
  - split out handling of current vs. last pollset socket event handling
    into a function available in other code parts
  - add `shutdown_poll` pollset to `connectdata` struct so that changes
    in the pollset can be recorded during shutdown. (The internal handle
    cannot keep it since it might be used for many connections)

  Reported-by: calvin2021y on github
  Fixes #14252
  Closes #14257

Daniel Stenberg (22 Jul 2024)

- tool_cb_prg: output "flying saucers" with leading carriage return

  Because that is how the progress-bar is output, so when the progress-bar
  has been shown at least once and the information is reset, like for a
  redirect, there might be a moment where the size goes from known to
  unknown and then the flying saucerts are shown after a brief display of
  the progress-bar.

  It could previously cause accidental character leftovers on the right
  side of the bar when using a narrow display.

  Reported-by: Chris Webb
  Fixes #14213
  Closes #14246

- lib: Curl_posttransfer => multi_posttransfer

  Moved from transfer.c to multi.c as it was only used within multi.c

  Made a void, as it returned a fixed return code nothing checked.

  Closes #14240

- CURLOPT_SSL_VERIFYHOST.md: refresh

  Move mentions of old behavior to the HISTORY section to make it easier
  to read about modern behavior.

  Added a MATCHING section.

  Closes #14241

- multi: do a final progress update on connect failure

  To fix timing metric etc

  Co-authored-by: Justin Maggard
  Fixes #14204
  Closes #14239

Orgad Shaneh (19 Jul 2024)

- md4: fix compilation with OpenSSL 1.x with md4 disabled

  If OpenSSL 1.x is used, and it is configured with md4 disabled,
  OPENSSL_NO_MD4 is defined in opensslconf.h, but this header was not
  included before checking for this define.

  Later in md4.c, openssl/md4.h is included, and it includes that header
  indirectly, leading to inconsistency within md4.c.

  Since the md4.h branch was taken, wincrypt.h (or others) is not
  included, and later below the USE_WIN32_CRYPTO branch is taken, but the
  types are not defined.

  Closes #14218

martinevsky (19 Jul 2024)

- ftp: remove redundant null pointer check in loop condition

  Closes #14234

Justin Maggard (19 Jul 2024)

- mbedtls: check version before getting tls version

  mbedtls_ssl_get_version_number() was added in mbedtls 3.2.0. Check for
  that version before using it.

  Closes #14228

martinevsky (19 Jul 2024)

- urlapi: remove unused definition of HOST_BAD

  Closes #14235

Daniel Stenberg (19 Jul 2024)

- curldown: fixups

  - make DEFAULT sections less repetitive

  - make historic mentions use HISTORY

  - generate the protocols section on `# %PROTOCOLS%` instead of guessing
    where to put it

  - generate the availability section on `# %AVAILABILITY%` instead of
    guessing where to put it

  - make the protocols section more verbose

  Closes #14227

Tal Regev (19 Jul 2024)

- GHA/windows: enable libssh in !ssl MSVC job

  Closes #14232

- GHA/windows: enable libidn2 in !ssl MSVC job

  Closes #14200

Viktor Szakats (19 Jul 2024)

- GHA/macos: improve, fix gcc/llvm, add new test matrix

  This PR began as an attempt to drop GCC support, after repeated reports
  on fallouts when trying to use it on macOS.

  Then it transformed into a 3-week project turning up the issues causing
  the fallouts, ending up including llvm and all available Xcode / macOS
  SDK, macOS runner image, build tools and compiler vendors and versions.
  Accumulating 400 sub-commits.

  I developed and tested all fixes under this PR, then merged them as
  separate patches.

  This PR retained CI jobs updates, extensively reworking and extending
  them: [1]

  At first it seemed GCC and the Apple SDK is "naturally" growing more
  incompatible, as Apple added further non-standard features to their
  headers. This is partly true, but reality is more complicated.

  Besides some issues local to curl, there were bugs in Apple SDK
  headers, Homebrew GCC builds, feature missing in the old llvm version
  pre-installed on GitHub CI runner images, and subtle incompatibilities
  between GCC and llvm/clang when handling language extensions.

  Resulting compiler errors seldom pointed to a useful direction, and
  internet search was silent about these issues too. Thus, I had to peel
  them off layer by layer, using trial and error, and by recognizing
  patterns of failures accross 150-200 builds combinations. Exposing
  configure logs, and curl_config.h in the CI logs helped too.

  1. GCC header compatibility layer ("hack" as GCC calls it)

  The toughest issue is GCC's built-in compatibility layer:
    https://github.com/gcc-mirror/gcc/tree/master/fixincludes

  This patch layer is further patched by a "Darwin compatibility" project
  applied on top by Homebrew GCC via:
    https://github.com/iains/gcc-12-branch
    https://github.com/iains/gcc-13-branch
    https://github.com/iains/gcc-14-branch

  The hack layer is designed in a way that breaks more builds than it
  fixes, esp. in context of GHA runners. The idea is to build GCC
  specifically for the SDK for the target macOS version. The problem with
  this approach is that the Xcode + SDK installed on the local/CI machine
  often does not match with the SDK used on while building GCC on
  Homebrew's build machines. In these cases the GCC compatibility layer
  turns into an "uncompatibility" layer and consistently breaks builds.
  curl cannot offer a fix for this, because the solution (I found) is to
  patch the toolchain on the local machine. I implemented this for our CI
  builds and curl-for-win. In other case the user must do this patching
  manually, or choose a compatible GCC + Xcode/SDK combination.

  An upstream fix doesn't seem trivial either, because the issue is
  ingrained in the compatibility layer's design. Offering an `-fapplesdk`
  (or recognizing `-target`) option and/or fixing them within the compiler
  would seem like a more robust option, and also how mainline llvm solves
  this.

  Here's a table summarizing the GCC + SDK combinations and curl build
  failures: [2]

  More info: https://github.com/curl/curl/issues/10356#issuecomment-2222734103

  db135f8d7207b20d531e7e2100a49f3e16bdcfab #14119 macos: add workaround for gcc
  , non-c-ares, IPv6, compile error
  Ref: https://github.com/curl/curl-for-win/commit/e2db3c475f5981352e6e6a79854a
  255805b28deb
  Ref: https://github.com/curl/curl-for-win/commit/f5c58d7fef78e972be33ca2355dc
  b42ba56622a6

  2. Homebrew GCC's `availability` extension

  A recent minor Homebrew GCC upgrade caused major breakage. The "Darwin
  compatibility" patch applied to GCC implemented the `availability`
  compiler attribute in GCC. Apple SDK detected this and enabled using
  them, but as it turns out GCC accepts compiler attributes with slightly
  different rules than llvm/clang, and how the Apple SDK uses them,
  breaking builds.

  Affected Homebrew GCC versions are: 12.4.0, 13.3.0 and 14.1.0.

  Possibly tracked here: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=108796
  More info: https://github.com/llvm/llvm-project/issues/81767

  Commit implementing the `availability` macro:
  gcc-12: https://github.com/iains/gcc-12-branch/commit/fd5530b7cb0012bf4faeddd
  45e13054a1dfa6783
  gcc-13: https://github.com/iains/gcc-13-branch/commit/cb7e4eca68cfc4763474e2e
  b0935a844458842a8
  gcc-14: https://github.com/iains/gcc-14-branch/commit/ff62a108865a6403f501738
  0d7018250c1d3306f

  That applied to Homebrew GCC (12.4.0):
  https://github.com/Homebrew/homebrew-core/commit/b904223d9893f62bec2a8f7483bf
  5992747fc6c7#diff-89dd0b4176eca7fcc24b591943509bf8a8d6ea904d71e5dfcd6b78fed62
  fc574R44-R48

  Ref: #13700
  More info: https://github.com/curl/curl/pull/14091#issuecomment-2222703468

  e91fcbac7d86292858718a0bfebad57978761af4 #14155 macos: undo `availability` ma
  cro enabled by Homebrew gcc

  3. Proprietary Apple SDK macros

  Apple SDK expects certain macros predefined by the compiler. Missing
  them may causes odd issues. Mainline llvm is keeping up with Apple
  clang, but it needs a fresh version, while the one installed on GitHub
  runners is old (v15). I patched these in `lib/curl_setup.h`.

  baa3270846b2a7307cbd0dd5c02c4e5f00e388dd #14134 build: fix llvm 16 or older +
   Xcode 15 or newer, and gcc

  4. Apple SDK header bug

  Without certain predefined macros, SDK headers can take a codepath where
  it mis-defines its own `TARGET_OS_OSX` macro, which make it break its
  own headers later. I patched it in `lib/curl_setup.h`.

  ff784af461175584c73e7e2b65af00b1a5a6f67f #14159 build: fix llvm 17 and older 
  + macOS SDK 14.4 and newer

  5. `TargetConditionals.h` requires `sys/types.h`

  Fixed in curl. It caused feature-detection failurs with autotools, and
  could break builds in certain configurations.

  e1f6192939c9c5ab2310b60bedf4c07d635193f6 #14130 configure: fix `SystemConfigu
  ration` detection

  6. Differences between autotools and CMake compiler options

  Fixed it by syncing compiler warning options.

  59cadacfcc1d39472245979cdbd614c7a9af6f0d #14128 build: sync warning options b
  etween autotools, cmake & compilers

  7. Differences between autotools and CMake dependency detection

  Fixed it by improving detection of libidn2, with some more fixes
  pending for the next feature window.

  f43adc2c4978f7f82a359e89186e58a31d17b0ad #14137 cmake: detect `libidn2` also 
  via `pkg-config`
  Ref: #14136 cmake: detect `nghttp2` via `pkg-config`, enable by default

  8. libidn2 detection bug with CMake

  Fixed the root cause and also the trigger in the CI config.

  764fbabf6ed4c1d36c0ab2033ac8df52d9923cd7 #14175 cmake: fix builds with detect
  ed libidn2 lib but undetected header

  9. Suppressed compiler warnings inside Apple-specific curl code

  Fixed these warnings, which allowed to stop silencing them.

  b05dc7eb3592305de9fa85640767f3dd2a8d4c93 #14122 sectransp: fix `HAVE_BUILTIN_
  AVAILABLE` checks to not emit warnings
  5fa534b0dacdc120aaab0766047e0ecac37be4b3 #14162 sectransp: fix clang compiler
   warnings, stop silencing them

  10. CMake mis-detecting a CA bundle path on macOS

  d2ef6255f4a040397d2f40ab7cbf65a203201cd9 #14182 cmake: sync CA bundle/path de
  tection with autotools

  11. Failure to build tests with LibreSSL or wolfSSL with CMake

  Fixed by dropping unnecessary includes, makign test builds dependent
  on dependency headers.

  3765d75ce47b66289f946382b649d0e99389dc77 #14172 cmake: fix building `unit1600
  ` due to missing `ssl/openssl.h`

  12. curl tests with CMake

  curl's CMake was missing bits for running the C preprocessor accurately.
  It made tests 1119 and 1167 fail. I implemented the missing bits.

  efc2c5184d008fe2e5910fd03263e1ab0331d4e6 #14124 tests: include current direct
  ory when running test Perl commands
  c09db8b51b88ee6ad55bd637dcb4b47678e30906 #14129 cmake: create `configurehelp.
  pm` like autotools does
  67cc1e3400b77536a3ca529c986247e1ef985e6e #14125 test1119: adapt for `.md` inp
  ut

  13. GCC missing `__builtin_available()` support

  curl source code assumes this is available to enable certain codepaths.
  It's also intermixed with monotonic timer support.

  14. Monotonic timer support with GCC

  Detected by GCC, while it probably shouldn't be. llvm/clang detects it
  depending on target OS version. I've been playing with this, but so far
  without a conclusion or fix.

  15. Runtime/test failures with GCC

  I couldn't find the reason for most of this. A bunch of RTSP tests fail
  with GCC. SecureTransport + HTTP/2 is failing a bunch of tests. With
  OpenSSL it fails two of those. SecureTransport builds also fail one DoH
  test.

  16. Runtime/test failure in llvm/clang

  AppleIDN support received a fix with two more remaining.

  fd0250869f7837e4a48d7e6f54cc0801ad3820e8 #14179 #14176 IDN: fix ß with Apple
  IDN

  17. Other issues found and fixed while working on this:

  2c15aa5765900d4351e733671a1c8c3785beee1a        GHA/macos: delete misplaced `
  CFLAGS`, drop redundant CMake option
  80fb7c0bef209735ab352bf4afa31193a7bc65f1 #14126 configure: limit `SystemConfi
  guration` test to non-c-ares, IPv6 builds
  cfd6f43d6ca7e57670b422bab7bbf10221a2cf3e #14127 build: tidy up `__builtin_ava
  ilable` feature checks (Apple)
  bae555359979016999a9425a2d489f219a78abdd #14174 runtests: show name and keywo
  rds for failed tests in summary
  09cdf7e5315711dea4ce7dcf5d99a4d41e7f658b #14178 cmake: delete unused `HAVE_LI
  BSSH2`, `HAVE_LIBSOCKET` macros
  d3595c74fab829f07ef44da1b7fc2f5668767020 #14186 configure: CA bundle/path det
  ection fixes
  58772b0e082eda333e0a5fc8fb0bc7f17a3cd99c #14187 runtests: set `SOURCE_DATE_EP
  OCH` to fix failing around midnight
  18f1cd7a77c4beecfd977d43f55634eb593ac99e #14183 tests: sync feature names wit
  h `curl -V`
  4c22d97be786ed801e050da6872dd3143d6d0a59 #14181 build: use `#error` instead o
  f invalid syntax

  Pending merges:

  - #14185 runtests: fold test details for GitHub CI runs
  - #14197 cmake: grab-bag of tidy-ups
  - #14196 configure: limit `__builtin_available` test to Darwin

  Summary:

  In general GCC doesn't seem to be a good fit with curl and macOS for
  now. These "lucky" combinations (GitHub Actions runner) will build out
  of the box now: macos-14 + Xcode 15.0.1 + gcc-11, gcc-12, gcc-14. The
  rest builds with the ugly workaround in place, but all this still leaves
  some runtime issues.

  More info and links in the commit messages and source code.

  [1]: This PR:
  - add info about target OS version requirements per feature, with OS
    names and release years.
  - stop using `-Wno-deprecated-declarations` to suppress warnings.
  - use `LDFLAGS=-w` to suppress 'object file was built for newer macOS
    version than being linked' warnings.
    (there were tens of thousands of them in some jobs)
  - allow overriding Xcode version in all jobs.
  - improve job names.
  - abbreviate CMake as CM, autotools as AM for more compact job names.
  - shorten job names by using `!` instead of `no-` and `non-`.
  - bump parellel tests to 10 (from 5).
  - drop using `--enable-maintainer-mode` `./configure` option.
  - add gcc-12 no-ssl, autotools job with tests, ignore failing test
    results. (It's not yet clear why gcc-12 builds have different runtime
    results than clang/llvm ones.)
  - add comments with OS names and release years next to version numbers,
    e.g. 10.15  # Catalina (2019)
  - fix broken gcc-12 SecureTransport build.
  - show compiler, Xcode, SDK, gcc hack SDK versions, Homebrew
    preinstalled packages and C compiler predefined macros for each job.
    Useful for debugging all the strange problems these builds might have.
  - merge brew bundle and install steps.
  - move step names to the top.
  - dump configure log for both cmake and autotools also for successful
    builds. Useful for debugging.
  - dump curl_config.h in short (sorted #defines) and full form.
  - add support for the mainline llvm compiler.
  - set sysroot for gcc and llvm.
  - add timeout for cmake jobs.
  - add new job matrix: combinations
    It supports building all possible compiler, runner image, Xcode/SDK
    combinations, with cmake and autotools, target OS versions and with or
    without SecureTransport. It's quick. GHA limits the maximum number of
    matrix jobs at 256.
    I used this as a test-rig to fix the macOS build fallouts with gcc and
    llvm.
    I settled with 16 jobs, trying to maximize fallout coverage.
  - implement hack to make Homebrew gcc work with all available SDKs.
  - add handy mini-table about Xcode / SDK versions, OS names, years for
    each GHA images, with the defaults.
  - add tests for cmake jobs.
  - make cmake config hack to link GnuTLS less intrusive.
  - stop ignoring test 1452, seems fine now.
  - fix to enable libpsl in autotools builds.
  - enable libpsl in cmake builds.
  - add an llvm job with tests (both autotools and cmake).
  - delete similar macOS jobs from Circle CI. GHA is now arm64 too.

  [2]: Homebrew GCC vs GHA runner images vs curl builds:
  ```
  macOS      Xcode   gcc         gcc SDK hacks      Xcode SDK   SDK major Build
   Compile
             (*def)  (Homebrew)  (CommandLineTools)             versions       
   error
  --------  -------- ----------  ------------------ ----------  --------- -----
   ---------------------
  macos-12   13.1    GCC 11.4.0  MacOSX12           MacOSX12.0
  macos-12   13.2.1  GCC 11.4.0  MacOSX12           MacOSX12.1
  macos-12   13.3.1  GCC 11.4.0  MacOSX12           MacOSX12.3
  macos-12   13.4.1  GCC 11.4.0  MacOSX12           MacOSX12.3
  macos-12   14.0.1  GCC 11.4.0  MacOSX12           MacOSX12.3
  macos-12   14.1    GCC 11.4.0  MacOSX12           MacOSX13.0  MISMATCH  FAIL 
   /Applications/Xcode_14.1.app/Contents/Developer/Platforms/MacOSX.platform/De
  veloper/SDKs/MacOSX.sdk/usr/include/os/object.h:275:1: error: expected ';' be
  fore 'extern'
  macos-12  *14.2    GCC 11.4.0  MacOSX12           MacOSX13.1  MISMATCH  FAIL 
   /Applications/Xcode_14.2.app/Contents/Developer/Platforms/MacOSX.platform/De
  veloper/SDKs/MacOSX.sdk/usr/include/os/object.h:275:1: error: expected ';' be
  fore 'extern'
  macos-13   14.1    GCC 11.4.0  MacOSX13           MacOSX13.0
  macos-13   14.2    GCC 11.4.0  MacOSX13           MacOSX13.1
  macos-13   14.3.1  GCC 11.4.0  MacOSX13           MacOSX13.3
  macos-13  *15.0.1  GCC 11.4.0  MacOSX13           MacOSX14.0  MISMATCH  FAIL 
   /Applications/Xcode_15.0.1.app/Contents/Developer/Platforms/MacOSX.platform/
  Developer/SDKs/MacOSX.sdk/usr/include/dispatch/queue.h:103:1: error: unknown 
  type name 'dispatch_queue_t'
  macos-13   15.1    GCC 11.4.0  MacOSX13           MacOSX14.2  MISMATCH  FAIL 
   /Applications/Xcode_15.1.app/Contents/Developer/Platforms/MacOSX.platform/De
  veloper/SDKs/MacOSX.sdk/usr/include/dispatch/queue.h:103:1: error: unknown ty
  pe name 'dispatch_queue_t'
  macos-13   15.2    GCC 11.4.0  MacOSX13           MacOSX14.2  MISMATCH  FAIL 
   /Applications/Xcode_15.2.app/Contents/Developer/Platforms/MacOSX.platform/De
  veloper/SDKs/MacOSX.sdk/usr/include/dispatch/queue.h:103:1: error: unknown ty
  pe name 'dispatch_queue_t'
  macos-14   14.3.1  GCC 11.4.0  MacOSX14           MacOSX13.3  MISMATCH  FAIL 
   /Users/runner/work/curl/curl/bld/lib/curl_config.h:792:19: error: two or mor
  e data types in declaration specifiers
  macos-14  *15.0.1  GCC 11.4.0  MacOSX14           MacOSX14.0
  macos-14   15.1    GCC 11.4.0  MacOSX14           MacOSX14.2
  macos-14   15.2    GCC 11.4.0  MacOSX14           MacOSX14.2
  macos-14   15.3    GCC 11.4.0  MacOSX14           MacOSX14.4
  macos-14   15.4    GCC 11.4.0  MacOSX14           MacOSX14.5
  macos-14   16.0    GCC 11.4.0  MacOSX14           MacOSX15.0  MISMATCH  FAIL 
   /opt/homebrew/Cellar/gcc@11/11.4.0/lib/gcc/11/gcc/aarch64-apple-darwin23/11/
  include-fixed/stdio.h:83:8: error: unknown type name 'FILE'
  macos-12   13.1    GCC 12.4.0  MacOSX12           MacOSX12.0
  macos-12   13.2.1  GCC 12.4.0  MacOSX12           MacOSX12.1
  macos-12   13.3.1  GCC 12.4.0  MacOSX12           MacOSX12.3
  macos-12   13.4.1  GCC 12.4.0  MacOSX12           MacOSX12.3
  macos-12   14.0.1  GCC 12.4.0  MacOSX12           MacOSX12.3
  macos-12   14.1    GCC 12.4.0  MacOSX12           MacOSX13.0  MISMATCH  FAIL 
   /Applications/Xcode_14.1.app/Contents/Developer/Platforms/MacOSX.platform/De
  veloper/SDKs/MacOSX.sdk/usr/include/os/object.h:275:1: error: expected ';' be
  fore 'extern'
  macos-12  *14.2    GCC 12.4.0  MacOSX12           MacOSX13.1  MISMATCH  FAIL 
   /Applications/Xcode_14.2.app/Contents/Developer/Platforms/MacOSX.platform/De
  veloper/SDKs/MacOSX.sdk/usr/include/os/object.h:275:1: error: expected ';' be
  fore 'extern'
  macos-13   14.1    GCC 12.4.0  MacOSX13           MacOSX13.0
  macos-13   14.2    GCC 12.4.0  MacOSX13           MacOSX13.1
  macos-13   14.3.1  GCC 12.4.0  MacOSX13           MacOSX13.3
  macos-13  *15.0.1  GCC 12.4.0  MacOSX13           MacOSX14.0  MISMATCH  FAIL 
   /Applications/Xcode_15.0.1.app/Contents/Developer/Platforms/MacOSX.platform/
  Developer/SDKs/MacOSX.sdk/usr/include/dispatch/queue.h:103:1: error: unknown 
  type name 'dispatch_queue_t'
  macos-13   15.1    GCC 12.4.0  MacOSX13           MacOSX14.2  MISMATCH  FAIL 
   /Applications/Xcode_15.1.app/Contents/Developer/Platforms/MacOSX.platform/De
  veloper/SDKs/MacOSX.sdk/usr/include/dispatch/queue.h:103:1: error: unknown ty
  pe name 'dispatch_queue_t'
  macos-13   15.2    GCC 12.4.0  MacOSX13           MacOSX14.2  MISMATCH  FAIL 
   /Applications/Xcode_15.2.app/Contents/Developer/Platforms/MacOSX.platform/De
  veloper/SDKs/MacOSX.sdk/usr/include/dispatch/queue.h:103:1: error: unknown ty
  pe name 'dispatch_queue_t'
  macos-14   14.3.1  GCC 12.4.0  MacOSX14           MacOSX13.3  MISMATCH
  macos-14  *15.0.1  GCC 12.4.0  MacOSX14           MacOSX14.0
  macos-14   15.1    GCC 12.4.0  MacOSX14           MacOSX14.2
  macos-14   15.2    GCC 12.4.0  MacOSX14           MacOSX14.2
  macos-14   15.3    GCC 12.4.0  MacOSX14           MacOSX14.4
  macos-14   15.4    GCC 12.4.0  MacOSX14           MacOSX14.5
  macos-14   16.0    GCC 12.4.0  MacOSX14           MacOSX15.0  MISMATCH  FAIL 
   /opt/homebrew/Cellar/gcc@12/12.4.0/lib/gcc/12/gcc/aarch64-apple-darwin23/12/
  include-fixed/stdio.h:83:8: error: unknown type name 'FILE'
  macos-12   13.1    GCC 13.3.0  MacOSX12           MacOSX12.0
  macos-12   13.2.1  GCC 13.3.0  MacOSX12           MacOSX12.1
  macos-12   13.3.1  GCC 13.3.0  MacOSX12           MacOSX12.3
  macos-12   13.4.1  GCC 13.3.0  MacOSX12           MacOSX12.3
  macos-12   14.0.1  GCC 13.3.0  MacOSX12           MacOSX12.3
  macos-12   14.1    GCC 13.3.0  MacOSX12           MacOSX13.0  MISMATCH  FAIL 
   /Users/runner/work/curl/curl/bld/lib/curl_config.h:792:19: error: two or mor
  e data types in declaration specifiers
  macos-12  *14.2    GCC 13.3.0  MacOSX12           MacOSX13.1  MISMATCH  FAIL 
   /Users/runner/work/curl/curl/bld/lib/curl_config.h:792:19: error: two or mor
  e data types in declaration specifiers
  macos-13   14.1    GCC 13.3.0  MacOSX13           MacOSX13.0
  macos-13   14.2    GCC 13.3.0  MacOSX13           MacOSX13.1
  macos-13   14.3.1  GCC 13.3.0  MacOSX13           MacOSX13.3
  macos-13  *15.0.1  GCC 13.3.0  MacOSX13           MacOSX14.0  MISMATCH  FAIL 
   /Users/runner/work/curl/curl/bld/lib/curl_config.h:792:19: error: two or mor
  e data types in declaration specifiers
  macos-13   15.1    GCC 13.3.0  MacOSX13           MacOSX14.2  MISMATCH  FAIL 
   /Users/runner/work/curl/curl/bld/lib/curl_config.h:792:19: error: two or mor
  e data types in declaration specifiers
  macos-13   15.2    GCC 13.3.0  MacOSX13           MacOSX14.2  MISMATCH  FAIL 
   /Users/runner/work/curl/curl/bld/lib/curl_config.h:792:19: error: two or mor
  e data types in declaration specifiers
  macos-14   14.3.1  GCC 13.3.0  MacOSX14           MacOSX13.3  MISMATCH  FAIL 
   /Users/runner/work/curl/curl/bld/lib/curl_config.h:792:19: error: two or mor
  e data types in declaration specifiers
  macos-14  *15.0.1  GCC 13.3.0  MacOSX14           MacOSX14.0            FAIL 
   /Users/runner/work/curl/curl/bld/lib/curl_config.h:792:19: error: two or mor
  e data types in declaration specifiers
  macos-14   15.1    GCC 13.3.0  MacOSX14           MacOSX14.2            FAIL 
   /Users/runner/work/curl/curl/bld/lib/curl_config.h:792:19: error: two or mor
  e data types in declaration specifiers
  macos-14   15.2    GCC 13.3.0  MacOSX14           MacOSX14.2            FAIL 
   /Users/runner/work/curl/curl/bld/lib/curl_config.h:792:19: error: two or mor
  e data types in declaration specifiers
  macos-14   15.3    GCC 13.3.0  MacOSX14           MacOSX14.4
  macos-14   15.4    GCC 13.3.0  MacOSX14           MacOSX14.5
  macos-14   16.0    GCC 13.3.0  MacOSX14           MacOSX15.0  MISMATCH  FAIL 
   /opt/homebrew/Cellar/gcc@13/13.3.0/lib/gcc/13/gcc/aarch64-apple-darwin23/13/
  include-fixed/stdio.h:83:8: error: unknown type name 'FILE'
  macos-12   13.1    GCC 14.1.0  MacOSX12           MacOSX12.0
  macos-12   13.2.1  GCC 14.1.0  MacOSX12           MacOSX12.1
  macos-12   13.3.1  GCC 14.1.0  MacOSX12           MacOSX12.3
  macos-12   13.4.1  GCC 14.1.0  MacOSX12           MacOSX12.3
  macos-12   14.0.1  GCC 14.1.0  MacOSX12           MacOSX12.3
  macos-12   14.1    GCC 14.1.0  MacOSX12           MacOSX13.0  MISMATCH  FAIL 
   /Applications/Xcode_14.1.app/Contents/Developer/Platforms/MacOSX.platform/De
  veloper/SDKs/MacOSX.sdk/usr/include/os/object.h:275:1: error: expected ';' be
  fore 'extern'
  macos-12  *14.2    GCC 14.1.0  MacOSX12           MacOSX13.1  MISMATCH  FAIL 
   /Applications/Xcode_14.2.app/Contents/Developer/Platforms/MacOSX.platform/De
  veloper/SDKs/MacOSX.sdk/usr/include/os/object.h:275:1: error: expected ';' be
  fore 'extern'
  macos-13   14.1    GCC 14.1.0  MacOSX13           MacOSX13.0
  macos-13   14.2    GCC 14.1.0  MacOSX13           MacOSX13.1
  macos-13   14.3.1  GCC 14.1.0  MacOSX13           MacOSX13.3
  macos-13  *15.0.1  GCC 14.1.0  MacOSX13           MacOSX14.0  MISMATCH  FAIL 
   /Applications/Xcode_15.0.1.app/Contents/Developer/Platforms/MacOSX.platform/
  Developer/SDKs/MacOSX.sdk/usr/include/dispatch/queue.h:70:1: error: type defa
  ults to 'int' in declaration of 'DISPATCH_DECL_FACTORY_CLASS_SWIFT' [-Wimplic
  it-int]
  macos-13   15.1    GCC 14.1.0  MacOSX13           MacOSX14.2  MISMATCH  FAIL 
   /Applications/Xcode_15.1.app/Contents/Developer/Platforms/MacOSX.platform/De
  veloper/SDKs/MacOSX.sdk/usr/include/dispatch/queue.h:70:1: error: type defaul
  ts to 'int' in declaration of 'DISPATCH_DECL_FACTORY_CLASS_SWIFT' [-Wimplicit
  -int]
  macos-13   15.2    GCC 14.1.0  MacOSX13           MacOSX14.2  MISMATCH  FAIL 
   /Applications/Xcode_15.2.app/Contents/Developer/Platforms/MacOSX.platform/De
  veloper/SDKs/MacOSX.sdk/usr/include/dispatch/queue.h:70:1: error: type defaul
  ts to 'int' in declaration of 'DISPATCH_DECL_FACTORY_CLASS_SWIFT' [-Wimplicit
  -int]
  macos-14   14.3.1  GCC 14.1.0  MacOSX14           MacOSX13.3  MISMATCH
  macos-14  *15.0.1  GCC 14.1.0  MacOSX14           MacOSX14.0
  macos-14   15.1    GCC 14.1.0  MacOSX14           MacOSX14.2
  macos-14   15.2    GCC 14.1.0  MacOSX14           MacOSX14.2
  macos-14   15.3    GCC 14.1.0  MacOSX14           MacOSX14.4
  macos-14   15.4    GCC 14.1.0  MacOSX14           MacOSX14.5
  macos-14   16.0    GCC 14.1.0  MacOSX14           MacOSX15.0  MISMATCH  FAIL 
   /opt/homebrew/Cellar/gcc/14.1.0_1/lib/gcc/current/gcc/aarch64-apple-darwin23
  /14/include-fixed/stdio.h:83:8: error: unknown type name 'FILE'
  ```
  Source: https://github.com/curl/curl/actions/runs/9883956647/job/27299564218

  This commit fixes earlier commit
  1e75edd372868048c9f805ac4ca6d2cb5a88ff5a, reverted in
  41a7e0dcc9681afd91e066411bcee4f369c23366, where I cut the commit
  message in half by accident. The patch itself is identical.

  Closes #14097

- Revert "GHA/macos: improve, fix gcc/llvm, add new test matrix"

  This reverts commit 1e75edd372868048c9f805ac4ca6d2cb5a88ff5a.

  Due to some parts of the commit message missing (my bad.)

Daniel Stenberg (19 Jul 2024)

- Revert "lib: send eos flag"

  This reverts commit be93299f10ef0b2bf7fe5c82140120073831867a.

Viktor Szakats (19 Jul 2024)

- GHA/windows: use default shell CI feature

  It makes repeating a line in each step unnecessary.

  Closes #14206

- GHA/macos: improve, fix gcc/llvm, add new test matrix

  This PR began as an attempt to drop GCC support, after repeated reports
  on fallouts when trying to use it on macOS.

  Then it transformed into a 3-week project turning up the issues causing
  the fallouts, ending up including llvm and all available Xcode / macOS
  SDK, macOS runner image, build tools and compiler vendors and versions.
  Accumulating 400 sub-commits.

  I developed and tested all fixes under this PR, then merged them as
  separate patches.

  This PR retained CI jobs updates, extensively reworking and extending
  them: [1]

  At first it seemed GCC and the Apple SDK is "naturally" growing more
  incompatible, as Apple added further non-standard features to their
  headers. This is partly true, but reality is more complicated.

  Besides some issues local to curl, there were bugs in Apple SDK
  headers, Homebrew GCC builds, feature missing in the old llvm version
  pre-installed on GitHub CI runner images, and subtle incompatibilities
  between GCC and llvm/clang when handling language extensions.

  Resulting compiler errors seldom pointed to a useful direction, and
  internet search was silent about these issues too. Thus, I had to peel
  them off layer by layer, using trial and error, and by recognizing
  patterns of failures accross 150-200 builds combinations. Exposing
  configure logs, and curl_config.h in the CI logs helped too.

  1. GCC header compatibility layer ("hack" as GCC calls it)

  The toughest issue is GCC's built-in compatibility layer:
    https://github.com/gcc-mirror/gcc/tree/master/fixincludes

  This patch layer is further patched by a "Darwin compatibility" project
  applied on top by Homebrew GCC via:
    https://github.com/iains/gcc-12-branch
    https://github.com/iains/gcc-13-branch
    https://github.com/iains/gcc-14-branch

  The hack layer is designed in a way that breaks more builds than it
  fixes, esp. in context of GHA runners. The idea is to build GCC
  specifically for the SDK for the target macOS version. The problem with
  this approach is that the Xcode + SDK installed on the local/CI machine
  often does not match with the SDK used on while building GCC on
  Homebrew's build machines. In these cases the GCC compatibility layer
  turns into an "uncompatibility" layer and consistently breaks builds.
  curl cannot offer a fix for this, because the solution (I found) is to
  patch the toolchain on the local machine. I implemented this for our CI
  builds and curl-for-win. In other case the user must do this patching
  manually, or choose a compatible GCC + Xcode/SDK combination.

  An upstream fix doesn't seem trivial either, because the issue is
  ingrained in the compatibility layer's design. Offering an `-fapplesdk`
  (or recognizing `-target`) option and/or fixing them within the compiler
  would seem like a more robust option, and also how mainline llvm solves
  this.

  Here's a table summarizing the GCC + SDK combinations and curl build
  failures: [2]

  More info: https://github.com/curl/curl/issues/10356#issuecomment-2222734103

  db135f8d7207b20d531e7e2100a49f3e16bdcfab #14119 macos: add workaround for gcc
  , non-c-ares, IPv6, compile error
  Ref: https://github.com/curl/curl-for-win/commit/e2db3c475f5981352e6e6a79854a
  255805b28deb
  Ref: https://github.com/curl/curl-for-win/commit/f5c58d7fef78e972be33ca2355dc
  b42ba56622a6

  2. Homebrew GCC's `availability` extension

  A recent minor Homebrew GCC upgrade caused major breakage. The "Darwin
  compatibility" patch applied to GCC implemented the `availability`
  compiler attribute in GCC. Apple SDK detected this and enabled using
  them, but as it turns out GCC accepts compiler attributes with slightly
  different rules than llvm/clang, and how the Apple SDK uses them,
  breaking builds.

  Affected Homebrew GCC versions are: 12.4.0, 13.3.0 and 14.1.0.

  Possibly tracked here: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=108796
  More info: https://github.com/llvm/llvm-project/issues/81767

  Commit implementing the `availability` macro:
  gcc-12: https://github.com/iains/gcc-12-branch/commit/fd5530b7cb0012bf4faeddd
  45e13054a1dfa6783
  gcc-13: https://github.com/iains/gcc-13-branch/commit/cb7e4eca68cfc4763474e2e
  b0935a844458842a8
  gcc-14: https://github.com/iains/gcc-14-branch/commit/ff62a108865a6403f501738
  0d7018250c1d3306f

  That applied to Homebrew GCC (12.4.0):
  https://github.com/Homebrew/homebrew-core/commit/b904223d9893f62bec2a8f7483bf
  5992747fc6c7#diff-89dd0b4176eca7fcc24b591943509bf8a8d6ea904d71e5dfcd6b78fed62
  fc574R44-R48

  Ref: #13700
  More info: https://github.com/curl/curl/pull/14091#issuecomment-2222703468

  e91fcbac7d86292858718a0bfebad57978761af4 #14155 macos: undo `availability` ma
  cro enabled by Homebrew gcc

  3. Proprietary Apple SDK macros

  Apple SDK expects certain macros predefined by the compiler. Missing
  them may causes odd issues. Mainline llvm is keeping up with Apple
  clang, but it needs a fresh version, while the one installed on GitHub
  runners is old (v15). I patched these in `lib/curl_setup.h`.

  baa3270846b2a7307cbd0dd5c02c4e5f00e388dd #14134 build: fix llvm 16 or older +
   Xcode 15 or newer, and gcc

  4. Apple SDK header bug

  Without certain predefined macros, SDK headers can take a codepath where
  it mis-defines its own `TARGET_OS_OSX` macro, which make it break its
  own headers later. I patched it in `lib/curl_setup.h`.

  ff784af461175584c73e7e2b65af00b1a5a6f67f #14159 build: fix llvm 17 and older 
  + macOS SDK 14.4 and newer

  5. `TargetConditionals.h` requires `sys/types.h`

  Fixed in curl. It caused feature-detection failurs with autotools, and
  could break builds in certain configurations.

  e1f6192939c9c5ab2310b60bedf4c07d635193f6 #14130 configure: fix `SystemConfigu
  ration` detection

  6. Differences between autotools and CMake compiler options

  Fixed it by syncing compiler warning options.

  59cadacfcc1d39472245979cdbd614c7a9af6f0d #14128 build: sync warning options b
  etween autotools, cmake & compilers

  7. Differences between autotools and CMake dependency detection

  Fixed it by improving detection of libidn2, with some more fixes
  pending for the next feature window.

  f43adc2c4978f7f82a359e89186e58a31d17b0ad #14137 cmake: detect `libidn2` also 
  via `pkg-config`
  Ref: #14136 cmake: detect `nghttp2` via `pkg-config`, enable by default

  8. libidn2 detection bug with CMake

  Fixed the root cause and also the trigger in the CI config.

  764fbabf6ed4c1d36c0ab2033ac8df52d9923cd7 #14175 cmake: fix builds with detect
  ed libidn2 lib but undetected header

  9. Suppressed compiler warnings inside Apple-specific curl code

  Fixed these warnings, which allowed to stop silencing them.

  b05dc7eb3592305de9fa85640767f3dd2a8d4c93 #14122 sectransp: fix `HAVE_BUILTIN_
  AVAILABLE` checks to not emit warnings
  5fa534b0dacdc120aaab0766047e0ecac37be4b3 #14162 sectransp: fix clang compiler
   warnings, stop silencing them

  10. CMake mis-detecting a CA bundle path on macOS

  d2ef6255f4a040397d2f40ab7cbf65a203201cd9 #14182 cmake: sync CA bundle/path de
  tection with autotools

  11. Failure to build tests with LibreSSL or wolfSSL with CMake

  Fixed by dropping unnecessary includes, makign test builds dependent
  on dependency headers.

  3765d75ce47b66289f946382b649d0e99389dc77 #14172 cmake: fix building `unit1600
  ` due to missing `ssl/openssl.h`

  12. curl tests with CMake

  curl's CMake was missing bits for running the C preprocessor accurately.
  It made tests 1119 and 1167 fail. I implemented the missing bits.

  efc2c5184d008fe2e5910fd03263e1ab0331d4e6 #14124 tests: include current direct
  ory when running test Perl commands
  c09db8b51b88ee6ad55bd637dcb4b47678e30906 #14129 cmake: create `configurehelp.
  pm` like autotools does
  67cc1e3400b77536a3ca529c986247e1ef985e6e #14125 test1119: adapt for `.md` inp
  ut

  13. GCC missing `__builtin_available()` support

  curl source code assumes this is available to enable certain codepaths.
  It's also intermixed with monotonic timer support.

  14. Monotonic timer support with GCC

  Detected by GCC, while it probably shouldn't be. llvm/clang detects it
  depending on target OS version. I've been playing with this, but so far
  without a conclusion or fix.

  15. Runtime/test failures with GCC

  I couldn't find the reason for most of this. A bunch of RTSP tests fail
  with GCC. SecureTransport + HTTP/2 is failing a bunch of tests. With
  OpenSSL it fails two of those. SecureTransport builds also fail one DoH
  test.

  16. Runtime/test failure in llvm/clang

  AppleIDN support received a fix with two more remaining.

  fd0250869f7837e4a48d7e6f54cc0801ad3820e8 #14179 #14176 IDN: fix ß with Apple
  IDN

  17. Other issues found and fixed while working on this:

  2c15aa5765900d4351e733671a1c8c3785beee1a        GHA/macos: delete misplaced `
  CFLAGS`, drop redundant CMake option
  80fb7c0bef209735ab352bf4afa31193a7bc65f1 #14126 configure: limit `SystemConfi
  guration` test to non-c-ares, IPv6 builds
  cfd6f43d6ca7e57670b422bab7bbf10221a2cf3e #14127 build: tidy up `__builtin_ava
  ilable` feature checks (Apple)
  bae555359979016999a9425a2d489f219a78abdd #14174 runtests: show name and keywo
  rds for failed tests in summary
  09cdf7e5315711dea4ce7dcf5d99a4d41e7f658b #14178 cmake: delete unused `HAVE_LI
  BSSH2`, `HAVE_LIBSOCKET` macros
  d3595c74fab829f07ef44da1b7fc2f5668767020 #14186 configure: CA bundle/path det
  ection fixes
  58772b0e082eda333e0a5fc8fb0bc7f17a3cd99c #14187 runtests: set `SOURCE_DATE_EP
  OCH` to fix failing around midnight
  18f1cd7a77c4beecfd977d43f55634eb593ac99e #14183 tests: sync feature names wit
  h `curl -V`
  4c22d97be786ed801e050da6872dd3143d6d0a59 #14181 build: use `#error` instead o
  f invalid syntax

  Pending merge:

Daniel Stenberg (19 Jul 2024)

- RELEASE-NOTES: synced

Stefan Eissing (18 Jul 2024)

- lib: send eos flag

  Adds a `bool eos` flag to send methods to indicate that the data is the
  last chunk the invovled transfer wants to send to the server.

  This will help protocol filters like HTTP/2 and 3 to forward the
  stream's EOF flag and also allow to EAGAIN such calls when buffers are
  not yet fully flushed.

  Closes #14220

Bhanu Prakash (18 Jul 2024)

- mbedtls: correct the error message for cert blob parsing failure

  Closes #14224

Daniel Stenberg (18 Jul 2024)

- curldown: make 'added-in:' a mandatory header field

  - generate AVAILABILITY manpage sections automatically - for consistent
    wording

  - allows us to double-check against other documumentation (symbols-in-version
  s
    etc)

  - enables proper automation/scripting based on this data

  - lots of them were wrong or missing in the manpages

  - several of them repeated (sometimes mismatching) backend support info

  Add test 1488 to verify "added-in" version numbers against
  symbols-in-versions.

  Closes #14217

Stefan Eissing (18 Jul 2024)

- doh: fix cleanup

  When removing an easy handle that had DoH sub-easy handles going, those
  were not removed from the multi handle. Their memory was reclaimed on
  curl_easy_cleanup() of the owning handle, but multi still had them in
  their list.

  Add `Curl_doh_close()` and `Curl_doh_cleanup()` as common point for
  handling the DoH resource management. Use the `multi` present in the doh
  handles (if so), for removal, as the `data->multi` might already have
  been NULLed at this time.

  Reported-by: 罗朝辉
  Fixes #14207
  Closes #14212

Daniel Stenberg (18 Jul 2024)

- tests/scripts: call it 'manpage' (single word)

  Mostly in comments

  Closes #14216

Alex Snast (18 Jul 2024)

- http/3: resume upload on ack if we have more data to send

  Currently we're waiting for sendbuf_len_in_flight to hit zero before
  resuming upload which means we're blocking and waiting for _all_ acks to
  arrive before sending more data. This causes significant delays especially
  when ack delay is used on the server side.

  The fix addresses several issues in h3 over ngtcp2:
    - On ack we now call nghttp3_conn_resume_stream() when we have more
      data to send.
    - upload_left was incorrectly computed on CF_CTRL_DATA_DONE_SEND as
      we need to subtract the ammount of data we have in flight.
    - Remove upload_blocked_len as we Curl_bufq_write call will do the
      right thing when called from cf_ngtcp2_send.

  Fixes #14198
  Closes #14209

Daniel Stenberg (18 Jul 2024)

- idn: make macidn fail before trying conversion if name too long

  - double the max name length to 512 bytes
