diff --git a/.github/workflows/macos.yml b/.github/workflows/macos.yml
index f1a96aeaa5..96ac6704a4 100644
--- a/.github/workflows/macos.yml
+++ b/.github/workflows/macos.yml
@@ -39,11 +39,11 @@ permissions: {}
# deprecation warnings with llvm/clang:
#
# - 10.7 Lion (2011) - GSS
-# - 10.8 Mountain Lion (2012) - CFURLCreateDataAndPropertiesFromResource (used by curl SecureTransport code)
+# - 10.8 Mountain Lion (2012) - CFURLCreateDataAndPropertiesFromResource (used by curl Secure Transport code)
# - 10.9 Maverick (2013) - LDAP
-# - 10.14 Mojave (2018) - SecureTransport
+# - 10.14 Mojave (2018) - Secure Transport
#
-# For SecureTransport, curl implements features that require a target
+# For Secure Transport, curl implements features that require a target
# newer than the 10.8 required by `CFURLCreateDataAndPropertiesFromResource`.
# In this case `-Wno-deprecated-declarations` still comes handy to pacify
# deprecation warnings, though the real solution would be to avoid calling
@@ -238,14 +238,14 @@ jobs:
TFLAGS+=' ~1156 ~1539' # HTTP Content-Range, Content-Length
if [[ '${{ matrix.configure }}' = *'--with-secure-transport'* ]]; then
TFLAGS+=' ~2100' # 2100:'HTTP GET using DoH' https://github.com/curl/curl/actions/runs/9942146678/job/27462937524#step:15:5059
- TFLAGS+=' ~HTTP/2' # 2400 2401 2402 2403 2404 2406, SecureTransport + nghttp2
+ TFLAGS+=' ~HTTP/2' # 2400 2401 2402 2403 2404 2406, Secure Transport + nghttp2
else
- TFLAGS+=' ~2402 ~2404' # non-SecureTransport + nghttp2
+ TFLAGS+=' ~2402 ~2404' # non-Secure Transport + nghttp2
fi
fi
if [[ '${{ matrix.configure }}' = *'--with-secure-transport'* ]]; then
- TFLAGS+=' ~313' # SecureTransport does not support crl file
- TFLAGS+=' ~1631 ~1632' # SecureTransport is not able to shutdown ftp over https gracefully yet
+ TFLAGS+=' ~313' # Secure Transport does not support crl file
+ TFLAGS+=' ~1631 ~1632' # Secure Transport is not able to shutdown ftp over https gracefully yet
fi
source $HOME/venv/bin/activate
rm -f $HOME/.curlrc
@@ -389,14 +389,14 @@ jobs:
TFLAGS+=' ~1156 ~1539' # HTTP Content-Range, Content-Length
if [[ '${{ matrix.build.generate }}' = *'-DCURL_USE_SECTRANSP=ON'* ]]; then
TFLAGS+=' ~2100' # 2100:'HTTP GET using DoH' https://github.com/curl/curl/actions/runs/9942146678/job/27462937524#step:15:5059
- TFLAGS+=' ~HTTP/2' # 2400 2401 2402 2403 2404 2406, SecureTransport + nghttp2
+ TFLAGS+=' ~HTTP/2' # 2400 2401 2402 2403 2404 2406, Secure Transport + nghttp2
else
- TFLAGS+=' ~2402 ~2404' # non-SecureTransport + nghttp2
+ TFLAGS+=' ~2402 ~2404' # non-Secure Transport + nghttp2
fi
fi
if [[ '${{ matrix.build.generate }}' = *'-DCURL_USE_SECTRANSP=ON'* ]]; then
- TFLAGS+=' ~313' # SecureTransport does not support crl file
- TFLAGS+=' ~1631 ~1632' # SecureTransport is not able to shutdown ftp over https gracefully yet
+ TFLAGS+=' ~313' # Secure Transport does not support crl file
+ TFLAGS+=' ~1631 ~1632' # Secure Transport is not able to shutdown ftp over https gracefully yet
fi
fi
source $HOME/venv/bin/activate
@@ -407,7 +407,7 @@ jobs:
if: ${{ contains(matrix.name, '+examples') }}
run: make -C bld VERBOSE=1
- combinations: # Test buildability with host OS, Xcode / SDK, compiler, target-OS, SecureTransport/not, built tool, combinations
+ combinations: # Test buildability with host OS, Xcode / SDK, compiler, target-OS, Secure Transport/not, built tool, combinations
if: true # Set to `true` to enable this test matrix. It runs quickly.
name: "${{ matrix.build == 'cmake' && 'CM' || 'AM' }} ${{ matrix.compiler }} ${{ matrix.image }} ${{ matrix.xcode }} ${{ matrix.config }}"
runs-on: ${{ matrix.image }}
diff --git a/docs/TODO b/docs/TODO
index 92b76c410c..92c4cceb11 100644
--- a/docs/TODO
+++ b/docs/TODO
@@ -945,7 +945,7 @@
15.4 Add option to allow abrupt server closure
- libcurl w/schannel errors without a known termination point from the server
+ libcurl with Schannel errors without a known termination point from the server
(such as length of transfer, or SSL "close notify" alert) to prevent against
a truncation attack. Really old servers may neglect to send any termination
point. An option could be added to ignore such abrupt closures.
diff --git a/docs/libcurl/opts/CURLOPT_ALTSVC_CTRL.md b/docs/libcurl/opts/CURLOPT_ALTSVC_CTRL.md
index 2255854433..190d28f973 100644
--- a/docs/libcurl/opts/CURLOPT_ALTSVC_CTRL.md
+++ b/docs/libcurl/opts/CURLOPT_ALTSVC_CTRL.md
@@ -35,7 +35,7 @@ CURLcode curl_easy_setopt(CURL *handle, CURLOPT_ALTSVC_CTRL, long bitmask);
Populate the long *bitmask* with the correct set of features to instruct
libcurl how to handle Alt-Svc for the transfers using this handle.
-libcurl only accepts Alt-Svc headers over a secure transport, meaning
+libcurl only accepts Alt-Svc headers over a Secure Transport, meaning
HTTPS. It also only completes a request to an alternative origin if that
origin is properly hosted over HTTPS. These requirements are there to make
sure both the source and the destination are legitimate.
diff --git a/lib/curl_setup.h b/lib/curl_setup.h
index 6a74340233..c9771d7544 100644
--- a/lib/curl_setup.h
+++ b/lib/curl_setup.h
@@ -45,8 +45,8 @@
/* Workaround for Homebrew gcc 12.4.0, 13.3.0, 14.1.0 and newer (as of 14.1.0)
that started advertising the `availability` attribute, which then gets used
- by Apple SDK, but, in a way incompatible with gcc, resulting in a misc
- errors inside SDK headers, e.g.:
+ by Apple SDK, but, in a way incompatible with gcc, resulting in misc errors
+ inside SDK headers, e.g.:
error: attributes should be specified before the declarator in a function
definition
error: expected ',' or '}' before
diff --git a/lib/curl_sha512_256.c b/lib/curl_sha512_256.c
index 576eda244b..80fd8cf129 100644
--- a/lib/curl_sha512_256.c
+++ b/lib/curl_sha512_256.c
@@ -34,7 +34,7 @@
* * GnuTLS
* * wolfSSL
* * Schannel SSPI
- * * SecureTransport (Darwin)
+ * * Secure Transport (Darwin)
* * mbedTLS
* * BearSSL
* * Rustls
diff --git a/lib/url.c b/lib/url.c
index 01b6fb5bc5..cac8d71edb 100644
--- a/lib/url.c
+++ b/lib/url.c
@@ -426,9 +426,9 @@ CURLcode Curl_init_userdefined(struct Curl_easy *data)
/* Set the default CA cert bundle/path detected/specified at build time.
*
- * If Schannel or SecureTransport is the selected SSL backend then these
- * locations are ignored. We allow setting CA location for schannel and
- * securetransport when explicitly specified by the user via
+ * If Schannel or Secure Transport is the selected SSL backend then these
+ * locations are ignored. We allow setting CA location for Schannel and
+ * Secure Transport when explicitly specified by the user via
* CURLOPT_CAINFO / --cacert.
*/
if(Curl_ssl_backend() != CURLSSLBACKEND_SCHANNEL &&
diff --git a/lib/vtls/sectransp.c b/lib/vtls/sectransp.c
index 0038cdf5cf..27e2aea0ab 100644
--- a/lib/vtls/sectransp.c
+++ b/lib/vtls/sectransp.c
@@ -24,7 +24,7 @@
***************************************************************************/
/*
- * Source file for all iOS and macOS SecureTransport-specific code for the
+ * Source file for all iOS and macOS Secure Transport-specific code for the
* TLS/SSL layer. No code but vtls.c should ever call or use these functions.
*/
@@ -197,7 +197,7 @@ static const uint16_t default_ciphers[] = {
TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256, /* 0xCCA8 */
TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256, /* 0xCCA9 */
- /* TLSv1.3 is not supported by sectransp, but there is also other
+ /* TLSv1.3 is not supported by Secure Transport, but there is also other
* code referencing TLSv1.3, like: kTLSProtocol13 ? */
TLS_AES_128_GCM_SHA256, /* 0x1301 */
TLS_AES_256_GCM_SHA384, /* 0x1302 */
@@ -1227,8 +1227,7 @@ static CURLcode sectransp_connect_step1(struct Curl_cfilter *cf,
Mountain Lion.
So we need to call SSLSetEnableCertVerify() on those older cats in order
to disable certificate validation if the user turned that off.
- (SecureTransport will always validate the certificate chain by
- default.)
+ (Secure Transport always validates the certificate chain by default.)
Note:
Darwin 11.x.x is Lion (10.7)
Darwin 12.x.x is Mountain Lion (10.8)
@@ -2463,7 +2462,7 @@ static CURLcode sectransp_shutdown(struct Curl_cfilter *cf,
}
else {
/* We would like to read the close notify from the server using
- * secure transport, however SSLRead() no longer works after we
+ * Secure Transport, however SSLRead() no longer works after we
* sent the notify from our side. So, we just read from the
* underlying filter and hope it will end. */
nread = Curl_conn_cf_recv(cf->next, data, buf, sizeof(buf), &result);
diff --git a/lib/vtls/vtls_int.h b/lib/vtls/vtls_int.h
index 836bfad708..ce5e7cf396 100644
--- a/lib/vtls/vtls_int.h
+++ b/lib/vtls/vtls_int.h
@@ -220,7 +220,7 @@ CURLcode Curl_ssl_set_sessionid(struct Curl_cfilter *cf,
#include "gtls.h" /* GnuTLS versions */
#include "wolfssl.h" /* wolfSSL versions */
#include "schannel.h" /* Schannel SSPI version */
-#include "sectransp.h" /* SecureTransport (Darwin) version */
+#include "sectransp.h" /* Secure Transport (Darwin) version */
#include "mbedtls.h" /* mbedTLS versions */
#include "bearssl.h" /* BearSSL versions */
#include "rustls.h" /* Rustls versions */
diff --git a/m4/curl-override.m4 b/m4/curl-override.m4
index bc3f669c3a..a640169c6e 100644
--- a/m4/curl-override.m4
+++ b/m4/curl-override.m4
@@ -44,7 +44,7 @@ dnl -------------------------------------------------
dnl This is done to prevent compiler warning
dnl 'function declaration isn't a prototype'
dnl in function main. This requires at least
-dnl a c89 compiler and does not support K&R.
+dnl a C89 compiler and does not support K&R.
m4_define([AC_LANG_PROGRAM(C)],
[$1
diff --git a/src/tool_operate.c b/src/tool_operate.c
index 275f2584b8..289ce588df 100644
--- a/src/tool_operate.c
+++ b/src/tool_operate.c
@@ -3041,7 +3041,7 @@ static CURLcode transfer_per_config(struct GlobalConfig *global,
* default filename curl-ca-bundle.crt in the user's PATH.
*
* If Schannel is the selected SSL backend then these locations are
- * ignored. We allow setting CA location for schannel only when explicitly
+ * ignored. We allow setting CA location for Schannel only when explicitly
* specified by the user via CURLOPT_CAINFO / --cacert.
*/
if(tls_backend_info->backend != CURLSSLBACKEND_SCHANNEL) {
diff --git a/tests/data/test2033 b/tests/data/test2033
index 2a9f90091f..c23d8d0c3b 100644
--- a/tests/data/test2033
+++ b/tests/data/test2033
@@ -35,7 +35,7 @@ https Server-localhost-sv.pem
simple HTTPS GET with DER public key pinning (Schannel variant)
-# This test is pointless if we're not using the schannel backend
+# This test is pointless if we are not using the Schannel backend
CURL_SSL_BACKEND=schannel
diff --git a/tests/data/test2070 b/tests/data/test2070
index 38b6ca89d0..678f3f210f 100644
--- a/tests/data/test2070
+++ b/tests/data/test2070
@@ -34,7 +34,7 @@ https Server-localhost-sv.pem
Ignore certificate revocation "best effort" strategy
-# This test is pointless if we're not using the schannel backend
+# This test is pointless if we are not using the Schannel backend
CURL_SSL_BACKEND=schannel
diff --git a/tests/data/test2079 b/tests/data/test2079
index 0164d1b3b3..da531902a1 100644
--- a/tests/data/test2079
+++ b/tests/data/test2079
@@ -35,7 +35,7 @@ https Server-localhost-sv.pem
simple HTTPS GET with PEM public key pinning (Schannel variant)
-# This test is pointless if we're not using the schannel backend
+# This test is pointless if we are not using the Schannel backend
CURL_SSL_BACKEND=schannel
diff --git a/tests/data/test2087 b/tests/data/test2087
index 13efe48b65..61de80a5e6 100644
--- a/tests/data/test2087
+++ b/tests/data/test2087
@@ -35,7 +35,7 @@ https Server-localhost-sv.pem
simple HTTPS GET with base64-sha256 public key pinning (Schannel variant)
-# This test is pointless if we're not using the schannel backend
+# This test is pointless if we are not using the Schannel backend
CURL_SSL_BACKEND=schannel
diff --git a/tests/data/test3023 b/tests/data/test3023
index fe43c199f6..258f34eb0f 100644
--- a/tests/data/test3023
+++ b/tests/data/test3023
@@ -34,7 +34,7 @@ https Server-localhost-firstSAN-sv.pem
HTTPS GET to localhost, first subject alt name matches, CN does not match (Schannel variant)
-# This test is pointless if we're not using the schannel backend
+# This test is pointless if we are not using the Schannel backend
CURL_SSL_BACKEND=schannel
diff --git a/tests/data/test3024 b/tests/data/test3024
index 55b26788e9..57c1273484 100644
--- a/tests/data/test3024
+++ b/tests/data/test3024
@@ -34,7 +34,7 @@ https Server-localhost-lastSAN-sv.pem
HTTPS GET to localhost, last subject alt name matches, CN does not match (Schannel variant)
-# This test is pointless if we're not using the schannel backend
+# This test is pointless if we are not using the Schannel backend
CURL_SSL_BACKEND=schannel
diff --git a/tests/http/test_17_ssl_use.py b/tests/http/test_17_ssl_use.py
index c7dc2ad5f7..4228a3147a 100644
--- a/tests/http/test_17_ssl_use.py
+++ b/tests/http/test_17_ssl_use.py
@@ -231,7 +231,7 @@ class TestSSLUse:
tls_proto = 'TLSv1.2'
elif env.curl_uses_lib('sectransp'): # not in CI, so untested
if tls_proto == 'TLSv1.3':
- pytest.skip('SecureTransport does not support TLSv1.3')
+ pytest.skip('Secure Transport does not support TLSv1.3')
tls_proto = 'TLSv1.2'
# test
extra_args = ['--tls13-ciphers', ':'.join(ciphers13)] if ciphers13 else []