aboutsummaryrefslogtreecommitdiffstats
path: root/contrib
diff options
context:
space:
mode:
authorshadchin <shadchin@yandex-team.ru>2022-04-28 12:56:06 +0300
committershadchin <shadchin@yandex-team.ru>2022-04-28 12:56:06 +0300
commit9a78ea94eb210d4fe778c0d71d6e364e3bbc6c7d (patch)
tree03f5fa0bcc9a882f49567726171c8951bd8974ef /contrib
parentd43b7ece11f69b40ce622932ca5984037e746f0d (diff)
downloadydb-9a78ea94eb210d4fe778c0d71d6e364e3bbc6c7d.tar.gz
Remove CHANGES from curl
ref:1e8497e3de108dc50a13b25f42f3cdbe913fda5d
Diffstat (limited to 'contrib')
-rw-r--r--contrib/libs/curl/CHANGES7732
1 files changed, 0 insertions, 7732 deletions
diff --git a/contrib/libs/curl/CHANGES b/contrib/libs/curl/CHANGES
deleted file mode 100644
index 2e6456681a..0000000000
--- a/contrib/libs/curl/CHANGES
+++ /dev/null
@@ -1,7732 +0,0 @@
- _ _ ____ _
- ___| | | | _ \| |
- / __| | | | |_) | |
- | (__| |_| | _ <| |___
- \___|\___/|_| \_\_____|
-
- Changelog
-
-Version 7.82.0 (5 Mar 2022)
-
-Daniel Stenberg (5 Mar 2022)
-- RELEASE-NOTES: synced
-
- The 7.82.0 release
-
-- THANKS: updates from the 7.82.0 release notes
-
-- misc: update copyright year ranges
-
-Jay Satiro (5 Mar 2022)
-- unit1610: init SSL library before calling SHA256 functions
-
- The SSL library must be initialized (via global initialization) because
- libcurl's SHA256 functions may call SHA256 functions in the SSL library.
-
- Reported-by: Gisle Vanem
-
- Fixes https://github.com/curl/curl/issues/8538
- Closes https://github.com/curl/curl/pull/8540
-
-- examples/curlx: support building with OpenSSL 1.1.0+
-
- - Access members of X509_STORE_CTX in OpenSSL 1.1.0+ by using API
- functions.
-
- The X509_STORE_CTX struct has been opaque since OpenSSL 1.1.0.
-
- Ref: https://curl.se/mail/lib-2022-03/0004.html
-
- Closes https://github.com/curl/curl/pull/8529
-
-- h2h3: fix typo
-
- Bug: https://github.com/curl/curl/issues/8381#issuecomment-1055440241
- Reported-by: Michael Kaufmann
-
-- [Farzin brought this change]
-
- CURLOPT_XFERINFOFUNCTION.3: fix example struct assignment
-
- Closes https://github.com/curl/curl/pull/8519
-
-Daniel Stenberg (26 Feb 2022)
-- azure-pipelines: add a build on Windows with libssh
-
- Closes #8511
-
-- runtests: make 'oldlibssh' be before 0.9.5
-
- Closes #8511
-
-- libssh: fix include files and defines use for Windows builds
-
- Reported-by: 梦终无痕
- Bug: https://curl.se/mail/lib-2022-02/0131.html
- Closes #8511
-
-- RELEASE-NOTES: synced
-
-- [illusory-dream brought this change]
-
- winbuild: add parameter WITH_SSH
-
- For building with libssh
- Closes #8514
-
-- configure: change output for cross-compiled alt-svc support
-
- It said 'no', while it actually is 'yes'
-
- Closes #8512
-
-- gha: add a macOS CI job with libssh
-
- Closes #8513
-
-- TODO: remove "Bring back libssh tests on Travis"
-
- The job was added to Circle CI in d8ddd0e7536
-
-- TODO: remove "better persistency for HTTP/1.0"
-
- Let's not bother.
-
-- TODO: remove "Option to ignore private IP"
-
- ... as curl ignores the IP entirely by default these days.
-
-- TODO: remove "hardcode the "localhost" addresses"
-
- This is implmented since 1a0ebf6632f88
-
-- TODO: 1.24 was a dupe of 1.1
-
-- TODO: remove "Typesafe curl_easy_setopt()"
-
- I don't consider this a serious TODO item
-
-- KNOWN_BUGS: remove "Uploading HTTP/3 files gets interrupted"
-
- This works now
-
-- KNOWN_BUGS: remove "HTTP/3 multipart POST with quiche fails"
-
- It works now
-
-- quiche: remove two leftover debug infof() outputs
-
-- [Tatsuhiro Tsujikawa brought this change]
-
- ngtcp2: Reset dynbuf when it is fully drained
-
- Reported-by: vl409 on github
- Fixes #7351
- Closes #8504
-
-- [Stewart Gebbie brought this change]
-
- hostip: avoid unused parameter error in Curl_resolv_check
-
- When built without DNS-over-HTTP and without asynchronous resolvers,
- neither the dns nor the data parameters are used.
-
- That is Curl_resolv_check appears to call
- Curl_resolver_is_resolved(data, dns). But,
- with CURL_DISABLE_DOH without CURLRES_ASYNCH, the call is actually
- elided via a macro definition.
-
- This fix resolves the resultant: "unused parameter 'data'" error.
-
- Closes #8505
-
-- http2: move two infof calls to debug-h2-only
-
- and remove a superflous one
-
- Ref: https://github.com/curl/curl/discussions/8498
- Closes #8502
-
-- [Jean-Philippe Menil brought this change]
-
- quiche: fix upload for bigger content-length
-
- Signed-off-by: Jean-Philippe Menil <jpmenil@gmail.com>
- Closes #8421
-
-Jay Satiro (23 Feb 2022)
-- [Farzin brought this change]
-
- CURLOPT_PROGRESSFUNCTION.3: fix example struct assignment
-
- Closes https://github.com/curl/curl/pull/8500
-
-Daniel Stenberg (22 Feb 2022)
-- [Rob Boeckermann brought this change]
-
- OS400/README: clarify compilation steps
-
- Closes #8494
-
-- [Rob Boeckermann brought this change]
-
- OS400: fix typos in rpg include file
-
- This resolves issues compiling rpg code that includes the curl header
- file.
-
- Closes #8494
-
-- [Michał Antoniak brought this change]
-
- vtls: fix socket check conditions
-
- fix condition to check the second socket during associate and
- disassociate connection
-
- Closes #8493
-
-- libssh2: don't typecast socket to int for libssh2_session_handshake
-
- Since libssh2_socket_t uses SOCKET on windows which can be larger than
- int.
-
- Closes #8492
-
-- RELEASE-NOTES: fix typo and make one desc shorter
-
-- RELEASE-NOTES: synced
-
-- CURLOPT_XFERINFOFUNCTION.3: fix typo in example
-
- Reported-by: coralw on github
- Fixes #8487
- Closes #8488
-
-- README: disable linkchecks for the sponsor links
-
- Closes #8489
-
-Jay Satiro (21 Feb 2022)
-- openssl: check if sessionid flag is enabled before retrieving session
-
- Ideally, Curl_ssl_getsessionid should not be called unless sessionid
- caching is enabled. There is a debug assertion in the function to help
- ensure that. Therefore, the pattern in all vtls is basically:
-
- if(primary.sessionid) {lock(); Curl_ssl_getsessionid(...); unlock();}
-
- There was one instance in openssl.c where sessionid was not checked
- beforehand and this change fixes that.
-
- Prior to this change an assertion would occur in openssl debug builds
- during connection stage if session caching was disabled.
-
- Reported-by: Jim Beveridge
-
- Fixes https://github.com/curl/curl/issues/8472
- Closes https://github.com/curl/curl/pull/8484
-
-- multi: allow user callbacks to call curl_multi_assign
-
- Several years ago a change was made to block user callbacks from calling
- back into the API when not supported (recursive calls). One of the calls
- blocked was curl_multi_assign. Recently the blocking was extended to the
- multi interface API, however curl_multi_assign may need to be called
- from within those user callbacks (eg CURLMOPT_SOCKETFUNCTION).
-
- I can't think of any callback where it would be unsafe to call
- curl_multi_assign so I removed the restriction entirely.
-
- Reported-by: Michael Wallner
-
- Ref: https://github.com/curl/curl/commit/b46cfbc
- Ref: https://github.com/curl/curl/commit/340bb19
-
- Fixes https://github.com/curl/curl/issues/8480
- Closes https://github.com/curl/curl/pull/8483
-
-Daniel Stenberg (21 Feb 2022)
-- [Michał Antoniak brought this change]
-
- ssl: reduce allocated space for ssl backend when FTP is disabled
-
- Add assert() for the backend pointer in many places
-
- Closes #8471
-
-- [Michał Antoniak brought this change]
-
- checkprefix: remove strlen calls
-
- Closes #8481
-
-Jay Satiro (20 Feb 2022)
-- [1337vt brought this change]
-
- curl.h: fix typo
-
- Closes https://github.com/curl/curl/pull/8482
-
-- [Jan Venekamp brought this change]
-
- sectransp: mark a 3DES cipher as weak
-
- - Change TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA strength to weak.
-
- All other 3DES ciphers are already marked as weak.
-
- Closes https://github.com/curl/curl/pull/8479
-
-- [Jan Venekamp brought this change]
-
- bearssl: fix EXC_BAD_ACCESS on incomplete CA cert
-
- - Do not create trust anchor object for a CA certificate until after it
- is processed.
-
- Prior to this change the object was created at state BR_PEM_BEGIN_OBJ
- (certificate processing begin state). An incomplete certificate (for
- example missing a newline at the end) never reaches BR_PEM_END_OBJ
- (certificate processing end state) and therefore the trust anchor data
- was not set in those objects, which caused EXC_BAD_ACCESS.
-
- Ref: https://github.com/curl/curl/pull/8106
-
- Closes https://github.com/curl/curl/pull/8476
-
-- [Jan Venekamp brought this change]
-
- bearssl: fix connect error on expired cert and no verify
-
- - When peer verification is disabled use the x509_decode engine instead
- of the x509_minimal engine to parse and extract the public key from
- the first cert of the chain.
-
- Prior to this change in such a case no key was extracted and that caused
- CURLE_SSL_CONNECT_ERROR. The x509_minimal engine will stop parsing if
- any validity check fails but the x509_decode won't.
-
- Ref: https://github.com/curl/curl/pull/8106
-
- Closes https://github.com/curl/curl/pull/8475
-
-- [Jan Venekamp brought this change]
-
- bearssl: fix session resumption (session id)
-
- Prior to this change br_ssl_client_reset was mistakenly called with
- resume_session param set to 0, which disabled session resumption.
-
- Ref: https://github.com/curl/curl/pull/8106
-
- Closes https://github.com/curl/curl/pull/8474
-
-Daniel Stenberg (18 Feb 2022)
-- [Michał Antoniak brought this change]
-
- openssl: fix build for version < 1.1.0
-
- Closes #8470
-
-- [Joel Depooter brought this change]
-
- schannel: move the algIds array out of schannel.h
-
- This array is only used by the SCHANNEL_CRED struct in the
- schannel_acquire_credential_handle function. It can therefore be kept as
- a local variable. This is a minor update to
- bbb71507b7bab52002f9b1e0880bed6a32834511.
-
- This change also updates the NUM_CIPHERS value to accurately count the
- number of ciphers options listed in schannel.c, which is 47 instead of
- 45. It is unlikely that anyone tries to set all 47 values, but if they
- had tried, the last two would not have been set.
-
- Closes #8469
-
-- [Alejandro R. Sedeño brought this change]
-
- configure.ac: use user-specified gssapi dir when using pkg-config
-
- Using the system pkg-config path in the face of a user-specified
- library path is asking to link the wrong library.
-
- Reported-by: Michael Kaufmann
- Fixes #8289
- Closes #8456
-
-- [Kevin Adler brought this change]
-
- os400: Add link to QADRT devkit to README.OS400
-
- Closes #8455
-
-- [Kevin Adler brought this change]
-
- os400: Add function wrapper for system command
-
- The wrapper will exit if the system command failed instead of blindly
- continuing on.
-
- In addition, only copy docs which exist, since now the copy failure will
- cause the build to stop.
-
- Closes #8455
-
-- [Kevin Adler brought this change]
-
- os400: Default build to target current release
-
- V6R1M0 is not available as a target release since IBM i 7.2. To keep
- from having to keep this up to date in git, default to the current
- release. Users can configure this to whatever release they want to
- actually build for.
-
- Closes #8455
-
-- docs/INTERNALS.md: clean up, refer to the book
-
- The explanatory parts are now in the everything curl book (which can
- also use images etc). This document now refers to that resource and only
- leaves listings of supported versions of libs, tools and operating
- systems. See https://everything.curl.dev/internals
-
- Closes #8467
-
-Marcel Raad (17 Feb 2022)
-- des: fix compile break for OpenSSL without DES
-
- When `USE_OPENSSL` was defined but OpenSSL had no DES support and a
- different crypto library was used for that, `Curl_des_set_odd_parity`
- was called but not defined. This could for example happen on Windows
- and macOS when using OpenSSL v3 with deprecated features disabled.
-
- Use the same condition for the function definition as used at the
- caller side, but leaving out the OpenSSL part to avoid including
- OpenSSL headers.
-
- Closes https://github.com/curl/curl/pull/8459
-
-Daniel Stenberg (17 Feb 2022)
-- RELEASE-NOTES: synced
-
-- docs/DEPRECATE: remove NPN support in August 2022
-
- Closes #8458
-
-- ftp: provide error message for control bytes in path
-
- Closes #8460
-
-- http: fix "unused parameter ‘conn’" warning
-
- Follow-up from 7d600ad1c395
-
- Spotted on appveyor
-
- Closes #8465
-
-Jay Satiro (17 Feb 2022)
-- [Alejandro R. Sedeño brought this change]
-
- sha256: Fix minimum OpenSSL version
-
- - Change the minimum OpenSSL version for using their SHA256
- implementation from 0.9.7 to 0.9.8.
-
- EVP_sha256() does not appear in the OpenSSL source before 0.9.7h, and
- does not get built by default until 0.9.8, so trying to use it for all
- 0.9.7 is wrong, and before 0.9.8 is unreliable.
-
- Closes https://github.com/curl/curl/pull/8464
-
-Daniel Stenberg (16 Feb 2022)
-- KNOWN_BUGS: remove "slow connect to localhost on Windows"
-
- localhost is not resolved anymore since 1a0ebf6632f88
-
-- KNOWN_BUGS: remove "HTTP/3 download is 5x times slower than HTTP/2"
-
- It's not actually a bug. More like room for improvement.
-
-- KNOWN_BUGS: remove "HTTP/3 download with quiche halts after a while"
-
- Follow-up to 96f85a0fef694
-
-- KNOWN_BUGS: remove "pulseUI vpn" as a problem
-
- We haven't heard about this for a long time and rumours have it they
- might have fixed it.
-
-- urldata: remove conn->bits.user_passwd
-
- The authentication status should be told by the transfer and not the
- connection.
-
- Reported-by: John H. Ayad
- Fixes #8449
- Closes #8451
-
-- [Kevin Adler brought this change]
-
- gskit: Convert to using Curl_poll
-
- As mentioned in 32766cb, gskit was the last user of Curl_select which is
- now gone. Convert to using Curl_poll to allow build to work on IBM i.
-
- Closes #8454
-
-- [Kevin Adler brought this change]
-
- gskit: Fix initialization of Curl_ssl_gskit struct
-
- In c30bf22, Curl_ssl_getsock was factored out in to a member of
- struct Curl_ssl but the gskit initialization was not updated to reflect
- this new member.
-
- Closes #8454
-
-- [Kevin Adler brought this change]
-
- gskit: Fix errors from Curl_strerror refactor
-
- 2f0bb864c1 replaced sterror with Curl_strerror, but the strerror buffer
- shadows the set_buffer "buffer" parameter. To keep consistency with the
- other functions that use Curl_strerror, rename the parameter.
-
- In addition, strerror.h is needed for the definition of STRERROR_LEN.
-
- Closes #8454
-
-Marcel Raad (15 Feb 2022)
-- ntlm: remove unused feature defines
-
- They're not used anymore and always supported.
-
- Closes https://github.com/curl/curl/pull/8453
-
-Daniel Stenberg (15 Feb 2022)
-- [Kantanat Wannapaka brought this change]
-
- README.md: fix link and layout
-
- replace <a></a> tags and <img></img> tags
-
- Closes #8448
-
-- KNOWN_BUGS: fix typo "libpsl"
-
-Jay Satiro (14 Feb 2022)
-- h2h3: fix compiler warning due to function prototype mismatch
-
- - Add missing const qualifier in Curl_pseudo_headers declaration.
-
-Daniel Stenberg (14 Feb 2022)
-- [Stefan Eissing brought this change]
-
- urlapi: handle "redirects" smarter
-
- - avoid one malloc when setting a new url via curl_url_set()
- and CURLUPART_URL.
- - extract common pattern into a new static function.
-
- Closes #8450
-
-- cijobs: pick up circleci configure lines better
-
-- circleci: add a job using wolfSSH
-
- Build only, no tests.
-
- Closes #8445
-
-- scripts/ciconfig.pl: show used options not available
-
-- circleci: add a job using libssh
-
- Closes #8444
-
-- runtests: set 'oldlibssh' for libssh versions before 0.9.6
-
- ... and make test 1459 check for the different return code then.
-
- Closes #8444
-
-Jay Satiro (13 Feb 2022)
-- Makefile.am: Generate VS 2022 projects
-
- Follow-up to f13d4d0 which added VS 2022 project support.
-
- Ref: https://github.com/curl/curl/pull/8438
-
-- [Daniel Stenberg brought this change]
-
- projects: remove support for MSVC before VC10 (Visual Studio 2010)
-
- - Remove Visual Studio project files for VC6, VC7, VC7.1, VC8 and VC9.
-
- Those versions are too old to be maintained any longer.
-
- Closes https://github.com/curl/curl/pull/8442
-
-- [Stav Nir brought this change]
-
- projects: add support for Visual Studio 17 (2022)
-
- Closes https://github.com/curl/curl/pull/8438
-
-Daniel Stenberg (13 Feb 2022)
-- RELEASE-NOTES: synced
-
-- connect: follow-up fix the copyright year
-
-- [Michał Antoniak brought this change]
-
- misc: remove unused data when IPv6 is not supported
-
- Closes #8430
-
-- scripts/ciconfig: show CI job config info
-
- Closes #8446
-
-- quiche: handle stream reset
-
- A stream reset now causes a CURLE_PARTIAL_FILE error. I'm not convinced
- this is the right action nor the right error code.
-
- Reported-by: Lucas Pardue
- Fixes #8437
- Closes #8440
-
-- mime: use a define instead of the magic number 24
-
- MIME_BOUNDARY_DASHES is now the number of leading dashes in the
- generated boundary string.
-
- Closes #8441
-
-- [Henrik Holst brought this change]
-
- hostcheck: reduce strlen calls on chained certificates
-
- Closes #8428
-
-- [Patrick Monnerat brought this change]
-
- mime: some more strlen() call removals.
-
- Closes #8423
-
-- scripts/cijobs.pl: detect zuul cmake jobs better
-
-- url: exclude zonefrom_url when no ipv6 is available
-
- Closes #8439
-
-- if2ip: make Curl_ipv6_scope a blank macro when IPv6-disabled
-
- Closes #8439
-
-- [Henrik Holst brought this change]
-
- mprintf: remove strlen calls on empty strings in dprintf_formatf
-
- Turns out that in dprintf_formatf we did a strlen on empty strings, a
- bit strange is how common this actually is, 24 alone when doing a simple
- GET from https://curl.se
-
- Closes #8427
-
-- wolfssl: return CURLE_AGAIN for the SSL_ERROR_NONE case
-
- Closes #8431
-
-- wolfssl: when SSL_read() returns zero, check the error
-
- Returning zero indicates end of connection, so if there's no data read
- but the connection is alive, it needs to return -1 with CURLE_AGAIN.
-
- Closes #8431
-
-- quiche: after leaving h3_recving state, poll again
-
- This could otherwise easily leave libcurl "hanging" after the entire
- transfer is done but without noticing the end-of-transfer signal.
-
- Assisted-by: Lucas Pardue
- Closes #8436
-
-- quiche: when *recv_body() returns data, drain it before polling again
-
- Assisted-by: Lucas Pardue
-
- Closes #8429
-
-- [gaoxingwang on github brought this change]
-
- configure: fix '--enable-code-coverage' typo
-
- Fixes #8425
- Closes #8426
-
-- lib/h2h3: #ifdef on ENABLE_QUIC, not the wrong define
-
- Otherwise the build fails when H3 is enabled but the build doesn't
- include nghttp2.
-
- Closes #8424
-
-- hostcheck: pass in pattern length too, to avoid a strlen call
-
- Removes one strlen() call per SAN name in a cert-check.
-
- Closes #8418
-
-- [Henrik Holst brought this change]
-
- misc: remove strlen for Curl_checkheaders + Curl_checkProxyheaders
-
- Closes #8409
-
-- configure: requires --with-nss-deprecated to build with NSS
-
- Add deprecation plans to docs/DEPRECATE.md
-
- Closes #8395
-
-- mqtt: free 'sendleftovers' in disconnect
-
- Fix a memory-leak
-
- Bug: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=43646
- Closes #8415
-
-- [Patrick Monnerat brought this change]
-
- openldap: pass string length arguments to client_write()
-
- This uses the new STRCONST() macro and saves 2 strlen() calls on short
- string constants per LDIF output line.
-
- Closes #8404
-
-- [Henrik Holst brought this change]
-
- misc: reduce strlen() calls with Curl_dyn_add()
-
- Use STRCONST() to switch from Curl_dyn_add() to Curl_dyn_addn() for
- string literals.
-
- Closes #8398
-
-- http2: fix the array copy to nghttp2_nv
-
- Bug: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=44517
- Follow-up to 9f985a11e794
- Closes #8414
-
-- RELEASE-NOTES: synced
-
-- scripts/cijobs.pl: output data about all currect CI jobs
-
- This script parses the config files for all the CI services currently in
- use and output the information in a uniform way. The idea is that the
- output from this script should be possible to massage into informational
- tables or graphs to help us visualize what they are all testing and NOT
- testing.
-
- Closes #8408
-
-- maketgz: return error if 'make dist' fails
-
- To better detect this problem in CI jobs
-
- Reported-by: Marcel Raad
- Bug: https://curl.se/mail/lib-2022-02/0070.html
- Closes #8402
-
-- h2h3: pass correct argument types to infof()
-
- Detected by Coverity. CID 1497993
-
- Closes #8401
-
-- lib/Makefile: remove config-tpf.h from the dist
-
- Follow-up from da15443dddea2bfb. Missed before because the 'distcheck'
- CI job was not working as intended.
-
- Reported-by: Marcel Raad
- Bug: https://curl.se/mail/lib-2022-02/0070.html
- Closes #8403
-
-- configure: remove support for "embedded ares"
-
- In March 2010 (commit 4259d2df7dd) we removed the embedded 'ares'
- directory from the curl source tree but we have since supported
- especially detecting and using that build directory. The time has come
- to remove that kludge and ask users to specify the c-ares dir correctly
- with --enable-ares.
-
- Closes #8397
-
-- [Sebastian Sterk brought this change]
-
- github/workflows/mbedtls: fix indent & remove unnecessary line breaks
-
- Closes #8399
-
-- CI: move the NSS job from zuul to GHA
-
- Closes #8396
-
-- tests/unit/Makefile.am: add NSS_LIBS to build with NSS fine
-
- Closes #8396
-
-Marcel Raad (7 Feb 2022)
-- curl-openssl: fix SRP check for OpenSSL 3.0
-
- When OpenSSL 3.0 is built with `--api=3.0` and `no-deprecated`, the SRP
- functions exist in the library, but are disabled for user code. Check
- if they are actually usable instead of only if they exist. Also, check
- for the functions actually required for TLS-SRP.
-
- TLS-SRP support is still enabled if OpenSSL is configured with just
- `--api=3.0` or with `--api=1.1.1 no-deprecated`.
-
- Closes https://github.com/curl/curl/pull/8394
-
-Daniel Stenberg (7 Feb 2022)
-- [Henrik Holst brought this change]
-
- http: make Curl_compareheader() take string length arguments too
-
- Also add STRCONST, a macro that returns a string literal and it's length
- for functions that take "string,len"
-
- Removes unnecesary calls to strlen().
-
- Closes #8391
-
-- vquic/vquic.h: removed the unused H3 psuedo defines
-
-- ngtcp2: use Curl_pseudo_headers
-
-- quiche: use Curl_pseudo_headers
-
-- http2: use Curl_pseudo_headers
-
-- h2h3: added Curl_pseudo_headers()
-
- For use with both http2 and http3 requests.
-
-- ngtcp2/quiche: make :scheme possible to set
-
-- http2: allow CURLOPT_HTTPHEADER change ":scheme"
-
- The only h2 psuedo header that wasn't previously possible to change by a
- user. This change also makes it impossible to send a HTTP/1 header that
- starts with a colon, which I don't think anyone does anyway.
-
- The other pseudo headers are possible to change indirectly by doing the
- rightly crafted request.
-
- Reported-by: siddharthchhabrap on github
- Fixes #8381
- Closes #8393
-
-- h2/h3: provide and refer to pseudo headers as defines
-
- ... and do sizeof() on the defines to use constants better.
-
- Closes #8389
-
-- [Michał Antoniak brought this change]
-
- smb: passing a socket for writing and reading data instead of FIRSTSOCKET
-
- Closes #8383
-
-- x509asn1: toggle off functions not needed for diff tls backends
-
- ... and clean the header file from private defines/structs (move to C
- file) and unused function prototypes.
-
- Closes #8386
-
-- lib: move hostcheck and x509sn1 sources to vtls/
-
- ... since they are used strictly by TLS code.
-
- Closes #8386
-
-Marcel Raad (4 Feb 2022)
-- version_win32: fix warning for `CURL_WINDOWS_APP`
-
- The build version is not supported by the UWP code.
-
- Closes https://github.com/curl/curl/pull/8385
-
-Daniel Stenberg (4 Feb 2022)
-- tests/disable-scan.pl: properly detect multiple symbols per line
-
- Test 1165 would fail on some systems because it didn't detect
- CURL_DISABLE_* symbols that were used to the right of another one on the
- same line! The script would only detect and extract the first one.
-
- Reported-by: Marcel Raad
- Fixes #8384
- Closes #8388
-
-Jay Satiro (4 Feb 2022)
-- config.d: Clarify _curlrc filename is still valid on Windows
-
- Recent changes added support for filename .curlrc on Windows, and
- when it's not found curl falls back on the original Windows filename
- _curlrc. _curlrc was removed from the doc, however it is still valid.
-
- Closes https://github.com/curl/curl/pull/8382
-
-Daniel Stenberg (4 Feb 2022)
-- lib: remove support for CURL_DOES_CONVERSIONS
-
- TPF was the only user and support for that was dropped.
-
- Closes #8378
-
-- TPF: drop support
-
- There has been no TPF related changes done since September 2010 (commit
- 7e1a45e224e57) and since this is a platform that is relatively different
- than many others (== needs attention), I draw the conclusion that this
- build is broken since a long time.
-
- Closes #8378
-
-- scripts/delta: check the file delta for current branch
-
- ... also polish the output style a little bit
-
-Jay Satiro (3 Feb 2022)
-- [Fabian Keil brought this change]
-
- runtests.pl: tolerate test directories without Makefile.inc
-
- Silences the following warnings when using a Makefile.inc-free
- TESTDIR using the "-o" argument:
-
- readline() on closed filehandle D at ./runtests.pl line 592.
- Use of uninitialized value $disttests in pattern match (m//) at
- ./runtests.pl line 3602.
-
- Closes https://github.com/curl/curl/pull/8379
-
-Daniel Stenberg (3 Feb 2022)
-- [Henrik Holst brought this change]
-
- setopt: do bounds-check before strdup
-
- Curl_setstropt() allocated memory for the string before checking if the
- string was within bounds. The bounds check should be done first.
-
- Closes #8377
-
-- [Michał Antoniak brought this change]
-
- mbedtls: enable use of mbedtls without filesystem functions support
-
- Closes #8376
-
-- [Bernhard Walle brought this change]
-
- configure: support specification of a nghttp2 library path
-
- This enables using --with-nghttp2=<dir> on systems without pkg-config.
-
- Closes #8375
-
-- scripts/release-notes.pl: remove leftover debug output
-
-- RELEASE-NOTES: synced
-
-- scripts/release-notes.pl: fix number extraction for full URLs
-
-- [Leah Neukirchen brought this change]
-
- scripts/completion.pl: improve zsh completion
-
- - Detect all spellings of <file>, <file name> etc as well as <path>.
- - Only complete directories for <dir>.
- - Complete URLs for <URL>.
- - Complete --request and --ftp-method.
-
- Closes #8363
-
-- [Davide Cassioli brought this change]
-
- configure: use correct CFLAGS for threaded resolver with xlC on AIX
-
- Fixes #8276
- Closes #8374
-
-- mailmap: Henrik Holst
-
-Jay Satiro (2 Feb 2022)
-- build: fix ngtcp2 crypto library detection
-
- - Change library link check for ngtcp2_crypto_{gnutls,openssl} to
- to use function ngtcp2_crypto_recv_client_initial_cb instead of
- ngtcp2_crypto_ctx_initial.
-
- The latter function is no longer external since two days ago in
- ngtcp2/ngtcp2@533451f. curl HTTP/3 CI builds have been failing since
- then because they would not link to the ngtcp2 crypto library.
-
- Ref: https://github.com/ngtcp2/ngtcp2/pull/356
-
- Closes https://github.com/curl/curl/pull/8372
-
-- [Henrik Holst brought this change]
-
- urlapi: remove an unnecessary call to strlen
-
- - Use strcpy instead of strlen+memcpy to copy the url path.
-
- Ref: https://curl.se/mail/lib-2022-02/0006.html
-
- Closes https://github.com/curl/curl/pull/8370
-
-Daniel Stenberg (1 Feb 2022)
-- scripts/copyright.pl: fix for handling removed files better
-
-- vxworks: drop support
-
- No changes or fixes in vxworks related code since 2009 leads me to
- believe that this doesn't work anymore.
-
- Closes #8362
-
-- [Henrik Holst brought this change]
-
- base64: remove an unnecessary call to strlen
-
- Closes #8369
-
-- tool_getparam: initial --json support
-
- Adds these test cases:
-
- 383 - simple single command line option
- 384 - reading it from stdin
- 385 - getting two --json options on command line
- 386 - --next works after --json
-
- Closes #8314
-
-- [Bjarni Ingi Gislason brought this change]
-
- curl_getdate.3: remove pointless .PP line
-
- mandoc: WARNING: skipping paragraph macro: PP empty
-
- Reported-by: Samuel Henrique
- Closes #8365
-
-- [Sebastian Sterk brought this change]
-
- multi: grammar fix in comment
-
- After 'must', the verb is used without 'to'. Correct: "must" or "have
- to"
-
- Closes #8368
-
-- openldap: fix compiler warning when built without SSL support
-
- openldap.c:841:52: error: unused parameter ‘data’ [-Werror=unused-parameter]
-
- Closes #8367
-
-- [Samuel Henrique brought this change]
-
- CURLSHOPT_LOCKFUNC.3: fix typo "relased" -> "released"
-
- Found when packaging 7.81.0 for Debian.
-
- Closes #8364
-
-- netware: remove support
-
- There are no current users and no Netware related changes done in the
- code for over 13 years is a clear sign this is abandoned.
-
- Closes #8358
-
-- CI: move two jobs from Zuul to Circle CI
-
- - openssl-no-verbose
- - openssl-no-proxy
-
- Closes #8359
-
-- cirlceci: also run a c-ares job on arm with debug enabled
-
- Closes #8357
-
-- ci: move the OpenSSL + c-ares job from Zuul to Circle CI
-
- Closes #8357
-
-- mailmap: Jan-Piet Mens
-
-- [luminixinc on github brought this change]
-
- multi: remember connection_id before returning connection to pool
-
- Fix a bug that does not require a new CVE as discussed on hackerone.com.
- Previously `connection_id` was accessed after returning connection to
- the shared pool.
-
- Bug: https://hackerone.com/reports/1463013
- Closes #8355
-
-Jay Satiro (31 Jan 2022)
-- write-out.d: Fix num_headers formatting
-
-- [Jan-Piet Mens brought this change]
-
- docs: capitalize the name 'Netscape'
-
- Closes https://github.com/curl/curl/pull/8354
-
-Daniel Stenberg (30 Jan 2022)
-- RELEASE-NOTES: synced
-
-- [Antoine Pietri brought this change]
-
- docs: grammar proofread, typo fixes
-
- (Partially automated) proofread of most of the documentation, leading to
- various typo fixes.
-
- Closes #8353
-
-- urldata: CONN_IS_PROXIED replaces bits.close when proxy can be disabled
-
- To remove run-time checks for such builds.
-
- Closes #8350
-
-- setopt: fix the TLSAUTH #ifdefs for proxy-disabled builds
-
- Closes #8350
-
-- conncache: make conncache_add_bundle return the pointer
-
- Simplifies the logic a little and avoids a ternary operator.
-
- Ref: #8346
- Closes #8349
-
-- mailmap: neutric on github
-
-Jay Satiro (30 Jan 2022)
-- [neutric on github brought this change]
-
- docs/TheArtOfHttpScripting: fix example POST URL
-
- Closes https://github.com/curl/curl/pull/8352
-
-Daniel Stenberg (28 Jan 2022)
-- nss: handshake callback during shutdown has no conn->bundle
-
- The callback gets called because of the call to PR_Recv() done to
- attempt to avoid RST on the TCP connection. The conn->bundle pointer is
- already cleared at this point so avoid dereferencing it.
-
- Reported-by: Eric Musser
- Fixes #8341
- Closes #8342
-
-- [Michał Antoniak brought this change]
-
- mbedtls: remove #include <mbedtls/certs.h>
-
- mbedtls/certs.h file contains only certificates example (all definitions
- is beginning by mbedtls_test_*). None of them is used so we can avoid
- include the file.
-
- Closes #8343
-
-- [Michał Antoniak brought this change]
-
- mbedtls: enable use of mbedtls without CRL support
-
- Closes #8344
-
-- [Bernhard Walle brought this change]
-
- configure: set CURL_LIBRARY_PATH for nghttp2
-
- To execute the test program, we might need the library path so that the
- lib is found at runtime.
-
- Closes #8340
-
-Jay Satiro (28 Jan 2022)
-- schannel: restore debug message in schannel_connect_step2
-
- This is a follow-up to recent commit 2218c3a which removed the debug
- message to avoid an unused variable warning. The message has been
- reworked to avoid the warning.
-
- Ref: https://github.com/curl/curl/pull/8320#issuecomment-1022957904
-
- Closes https://github.com/curl/curl/pull/8336
-
-- test3021: disable all msys2 path transformation
-
- - Disable all MSYS2 path transformation in test3021 and test3022.
-
- Prior to this change path transformation in those tests was disabled
- only for arguments that start with forward slashes. However arguments
- that are in base64 contain forward slashes at any position and caused
- unwanted translations.
-
- == Info: Denied establishing ssh session: mismatch sha256 fingerprint.
- Remote +/EYG2YDzDGm6yiwepEMSuExgRRMoTi8Di1UN3kixZw= is not equal to
- +C:/msys64/EYG2YDzDGm6yiwepEMSuExgRRMoTi8Di1UN3kixZw
-
- In the above example an argument containing a base64 sha256 fingerprint
- was passed to curl after MSYS2 translated +/ into +C:/msys64/, and then
- the fingerprint didn't match what was expected.
-
- Ref: https://www.msys2.org/wiki/Porting/
-
- Fixes https://github.com/curl/curl/issues/8084
- Closes https://github.com/curl/curl/pull/8325
-
-Daniel Stenberg (27 Jan 2022)
-- CI: move scan-build job from Zuul to Azure Pipelines
-
- Closes #8338
-
-Marcel Raad (27 Jan 2022)
-- openssl: fix `ctx_option_t` for OpenSSL v3+
-
- The options have been changed to `uint64_t` in
- https://github.com/openssl/openssl/commit/56bd17830f2d5855b533d923d4e0649d3ed61d11.
-
- Closes https://github.com/curl/curl/pull/8331
-
-Daniel Stenberg (27 Jan 2022)
-- CI: move 'distcheck' job from zuul to azure pipelines
-
- Assisted-by: Kushal Das
-
- Closes #8334
-
-- vtls: pass on the right SNI name
-
- The TLS backends convert the host name to SNI name and need to use that.
- This involves cutting off any trailing dot and lowercasing.
-
- Co-authored-by: Jay Satiro
- Closes #8320
-
-- url: revert the removal of trailing dot from host name
-
- Reverts 5de8d84098db1bd24e (May 2014, shipped in 7.37.0) and the
- follow-up changes done afterward.
-
- Keep the dot in names for everything except the SNI to make curl behave
- more similar to current browsers. This means 'name' and 'name.' send the
- same SNI for different 'Host:' headers.
-
- Updated test 1322 accordingly
-
- Fixes #8290
- Reported-by: Charles Cazabon
- Closes #8320
-
-- [neutric on github brought this change]
-
- docs/TheArtOfHttpScripting: fix capitalization
-
- Closes #8333
-
-- tests/memanalyze.pl: also count and show "total allocations"
-
- This is the total number of bytes allocated, increasing for new
- allocations and never reduced when freed. The existing "Maximum
- allocated" is the high water mark.
-
- Closes #8330
-
-- mailmap: spellfix githuh => github
-
-- RELEASE-NOTES: synced
-
-- hostcheck: fixed to not touch used input strings
-
- Avoids the need to clone the strings before check, thus avoiding
- mallocs, which for cases where there are many SAN names in a cert could
- end up numerous.
-
- Closes #8321
-
-- ngtcp2: adapt to changed end of headers callback proto
-
- Closes #8322
-
-- [Xiaoke Wang brought this change]
-
- openssl: check SSL_get_ex_data to prevent potential NULL dereference
-
- Closes #8268
-
-Jay Satiro (23 Jan 2022)
-- md5: check md5_init_func return value
-
- Prior to this change the md5_init_func (my_md5_init) return value was
- ignored.
-
- Closes https://github.com/curl/curl/pull/8319
-
-- md5: refactor for standard compliance
-
- - Wrap OpenSSL / wolfSSL MD5 functions instead of taking their function
- addresses during static initialization.
-
- Depending on how curl was built the old way may have used a dllimport
- function address during static initialization, which is not standard
- compliant, resulting in Visual Studio warning C4232 (nonstandard
- extension). Instead the function pointers now point to the wrappers
- which call the MD5 functions.
-
- This change only affects OpenSSL and wolfSSL because calls to other SSL
- libraries' md5 functions were already wrapped. Also sha256.c already
- does this for all SSL libraries.
-
- Ref: https://github.com/curl/curl/pull/8298
-
- Closes https://github.com/curl/curl/pull/8318
-
-Daniel Stenberg (21 Jan 2022)
-- [Lucas Pardue brought this change]
-
- docs: update IETF links to use datatracker
-
- The tools.ietf.org domain has been deprecated a while now, with the
- links being redirected to datatracker.ietf.org.
-
- Rather than make people eat that redirect time, this change switches the
- URL to a more canonical source.
-
- Closes #8317
-
-- [Harry Sarson brought this change]
-
- CI: test building wolfssl with --enable-opensslextra
-
- Closes #8315
-
-- [Harry Sarson brought this change]
-
- misc: allow curl to build with wolfssl --enable-opensslextra
-
- put all #include of openssl files behind wolfssl ifdefs so that we can
- use the wolfssl/ prefixed include paths. Without these curl only builds
- when wolfssl is built with enable-all.
-
- Fixes #8292
- Closes #8315
-
-- [Lucas Pardue brought this change]
-
- quiche: change qlog file extension to `.sqlog`
-
- quiche has just switched it's qlog serialization format to JSON-SEQ by
- default . The spec says this SHOULD use `.sqlog` extension.
-
- I believe ngtcp2 also supports JSON-SEQ by default as of
- https://github.com/ngtcp2/ngtcp2/commit/9baf06fc3f352a1d062b6953ae1de22cae30639d
-
- Let's update curl so that tools know what format we are using!
-
- Closes #8316
-
-Jay Satiro (21 Jan 2022)
-- projects: Fix Visual Studio wolfSSL configurations
-
- - Change build-wolfssl.bat to disable SSLv3, enable TLSv1.3, enable
- wolfSSL_DES_ecb_encrypt (needed by NTLM) and enable alt cert chains.
-
- - Disable warning C4214 'bit field types other than int'.
-
- - Add include directory wolfssl\wolfssl.
-
- wolfSSL offers OpenSSL API compatibility that libcurl uses, and some
- recent change in libcurl included an include file for wolfSSL like
- openssl/foo.h, which has a path like wolfssl\wolfssl\openssl\foo.h.
-
- The include directory issue was reported in #8292 but it's currently
- unclear whether this type of change is needed for other build systems.
-
- Bug: https://github.com/curl/curl/issues/8292
- Reported-by: Harry Sarson
-
- Closes https://github.com/curl/curl/pull/8298
-
-Daniel Stenberg (21 Jan 2022)
-- openssl: return error if TLS 1.3 is requested when not supported
-
- Previously curl would just silently ignore it if the necessary defines
- are not present at build-time.
-
- Reported-by: Stefan Eissing
- Fixes #8309
- Closes #8310
-
-- TODO: Passing NOTIFY option to CURLOPT_MAIL_RCPT
-
- Closes #8232
-
-- [pheiduck on github brought this change]
-
- workflows/wolfssl: install impacket
-
- needed Python Package for SMB tests
-
- Closes #8307
-
-- url: make Curl_disconnect return void
-
- 1. The function would only ever return CURLE_OK anyway
- 2. Only one caller actually used the return code
- 3. Most callers did (void)Curl_disconnect()
-
- Closes #8303
-
-- docs: document HTTP/2 not insisting on TLS 1.2
-
- Both for --http2 and CURLOPT_HTTP_VERSION.
-
- Reported-by: jhoyla on github
- Fixes #8235
- Closes #8300
-
-- cmdline-opts/gen.pl: fix option matching to improve references
-
- Previously it could mistakenly match partial names when there are
- options that start with the same prefix, leading to the wrong references
- used.
-
- Closes #8299
-
-- TODO: Less memory massaging with Schannel
-
-- [Patrick Monnerat brought this change]
-
- runtests.pl: disable debuginfod
-
- Valgrind and gdb implement this feature: as this highly slows down tests,
- disable it.
-
- Closes #8291
-
-- RELEASE-NOTES: synced
-
-- CURLMOPT_TIMERFUNCTION/DATA.3: fix the examples
-
- ... to not call libcurl recursively back.
-
- Closes #8286
-
-- multi: set in_callback for multi interface callbacks
-
- This makes most libcurl functions return error if called from within a
- callback using the same multi handle. For example timer or socket
- callbacks calling curl_multi_socket_action.
-
- Reported-by: updatede on github
- Fixes #8282
- Closes #8286
-
-- docs/HISTORY.md: mention alt-svc and HSTS
-
-- misc: remove the final watcom references
-
- Follow-up to bbf8cae44dedc495e6
-
- We removed support for the watcom builds files back in September
- 2020. This removes all remaining watcom references and ifdefs.
-
- Closes #8287
-
-- misc: remove BeOS code and references
-
- There has not been a mention of this OS in any commit since December
- 2004 (58f4af7973e3d2). The OS is also long gone.
-
- Closes #8288
-
-- tool_getparam: DNS options that need c-ares now fail without it
-
- Just silently accepting the options and then not having any effect is
- not good.
-
- Ref: #8283
- Closes #8285
-
-- curl: remove "separators" (when using globbed URLs)
-
- Unless muted (with -s) When doing globbing, curl would output mime-like
- separators between the separate transfers. This is not documented
- anywhere, surprises users and clobbers the output. Gone now.
-
- Updated test 18 and 1235
-
- Reported-by: jonny112 on github
- Bug: https://github.com/curl/curl/discussions/8257
- Closes #8278
-
-Jay Satiro (15 Jan 2022)
-- [Niels Martignène brought this change]
-
- mbedtls: fix CURLOPT_SSLCERT_BLOB (again)
-
- - Increase the buffer length passed to mbedtls_x509_crt_parse to account
- for the null byte appended to the temporary blob.
-
- Follow-up to 867ad1c which uses a null terminated copy of the
- certificate blob, because mbedtls_x509_crt_parse requires PEM data
- to be null terminated.
-
- Ref: https://github.com/curl/curl/commit/867ad1c#r63439893
- Ref: https://github.com/curl/curl/pull/8146
-
- Closes https://github.com/curl/curl/pull/8260
-
-Daniel Stenberg (15 Jan 2022)
-- [Alessandro Ghedini brought this change]
-
- quiche: verify the server cert on connect
-
- Similarly to c148f0f551f9bea0e3d0, make quiche correctly acknowledge
- `CURLOPT_SSL_VERIFYPEER` and `CURLOPT_SSL_VERIFYHOST`.
-
- Fixes #8173
- Closes #8275
-
-- [Ikko Ashimine brought this change]
-
- checksrc: fix typo in comment
-
- enfore -> enforce
-
- Closes #8281
-
-- curl-openssl: remove the OpenSSL headers and library versions check
-
- It is more work to maintain that check than the (any?) benefit it
- brings.
-
- Fixes #8279
- Reported-by: Satadru Pramanik
- Closes #8280
-
-- mqtt: free any leftover when done
-
- Oss-fuzz found an issue when the "sendleftovers" pointer could leak memory.
- Fix this by always freeing it (if still assigned) in the done function.
-
- Bug: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=43515
- Closes #8274
-
-- formdata: avoid size_t => long typecast overflows
-
- Typically a problem for platforms with 32 bit long and 64 bit size_t
-
- Reported-by: Fabian Yamaguchi
- Bug: https://hackerone.com/reports/1444539
- Closes #8272
-
-- RELEASE-NOTES: synced
-
- bump next release to become 7.82.0
-
-Marcel Raad (13 Jan 2022)
-- build: enable -Warith-conversion
-
- This makes the behavior consistent between GCC 10 and earlier versions.
-
- Closes https://github.com/curl/curl/pull/8271
-
-- build: fix -Wenum-conversion handling
-
- Don't enable that warning when warnings are disabled.
- Also add it to CMake.
-
- Closes https://github.com/curl/curl/pull/8271
-
-- appveyor: use VS 2017 image for the autotools builds
-
- The newer images don't have all required MSYS2 packages.
-
- Fixes https://github.com/curl/curl/issues/8248
- Closes https://github.com/curl/curl/pull/8265
-
-- appveyor: update images from VS 2019 to 2022
-
- Closes https://github.com/curl/curl/pull/8265
-
-Daniel Stenberg (12 Jan 2022)
-- [Michał Antoniak brought this change]
-
- mbedtls: return CURLcode result instead of a mbedtls error code
-
- ... when a certificate fails to be loaded from a blob
-
- Closes #8266
-
-- curl_multi_socket.3: remove callback and typical usage descriptions
-
- 1. The callback is better described in the option for setting it. Having
- it in a single place reduces the risk that one of them is wrong.
-
- 2. The "typical usage" is wrong since the functions described in this
- man page are both deprecated so they cannot be used in any "typical" way
- anymore.
-
- Closes #8262
-
-- curl-functions.m4: revert DYLD_LIBRARY_PATH tricks in CURL_RUN_IFELSE
-
- Mostly reverts ba0657c343f, but now instead just run the plain macro on
- darwin. The approach as used on other platforms is simply not necessary
- on macOS.
-
- Fixes #8229
- Reported-by: Ryan Schmidt
- Closes #8247
-
-- [Patrick Monnerat brought this change]
-
- openldap: implement SASL authentication
-
- As credentials can be quite different depending on the mechanism used,
- there are no default mechanisms for LDAP and simple bind with a DN is
- then used.
-
- The caller has to provide mechanism(s) using CURLOPT_LOGIN_OPTIONS to
- enable SASL authentication and disable simple bind.
-
- Closes #8152
-
-Jay Satiro (10 Jan 2022)
-- [Cameron Will brought this change]
-
- CURLOPT_RESOLVE.3: change example port to 443
-
- 83cc966 changed documentation from using http to https. However,
- CURLOPT_RESOLVE being set to port 80 in the documentation means that it
- isn't valid for the new URL. Update to 443.
-
- Closes https://github.com/curl/curl/pull/8258
-
-Daniel Stenberg (10 Jan 2022)
-- [Fabian Keil brought this change]
-
- test374: gif data without new line at the end
-
- Closes #8239
-
-- [Fabian Keil brought this change]
-
- runtests.pl: support the nonewline attribute for the data part
-
- Added to FILEFORMAT
-
- Closes #8239
-
-- [Patrick Monnerat brought this change]
-
- curl tool: erase some more sensitive command line arguments
-
- As the ps command may reveal sensitive command line info, obfuscate
- options --tlsuser, --tlspasswd, --proxy-tlsuser, --proxy-tlspassword and
- --oauth2-bearer arguments.
-
- Reported-by: Stephen Boost <s.booth@epcc.ed.ac.uk>
-
- Closes #7964
-
-- mesalink: remove support
-
- Mesalink has ceased development. We can no longer encourage use of it.
- It seems to be continued under the name TabbySSL, but no attempts have
- (yet) been to make curl support it.
-
- Fixes #8188
- Closes #8191
-
-- ldap: return CURLE_URL_MALFORMAT for bad URL
-
- For consistency, use the same return code for URL malformats,
- independently of what scheme that is used. Previously this would return
- CURLE_LDAP_INVALID_URL, but starting now that error cannot be returned.
-
- Closes #8170
-
-- docs/cmdline-opts: add "mutexed" options for more http versions
-
- Update four http version man page sections.
-
- Closes #8254
-
-- [Stephen M. Coakley brought this change]
-
- rustls: add CURLOPT_CAINFO_BLOB support
-
- Add support for `CURLOPT_CAINFO_BLOB` `CURLOPT_PROXY_CAINFO_BLOB` to the
- rustls TLS backend. Multiple certificates in a single PEM string are
- supported just like OpenSSL does with this option.
-
- This is compatible at least with rustls-ffi 0.8+ which is our new
- minimum version anyway.
-
- I was able to build and run this on Windows, pulling trusted certs from
- the system and then add them to rustls by setting
- `CURLOPT_CAINFO_BLOB`. Handy!
-
- Closes #8255
-
-- scripts/copyright.pl: ignore missing files
-
-- RELEASE-NOTES: synced
-
-- data/DISABLED: disable test 313 for wolfssl builds
-
- It was previously disabled only in the CI jobs yaml
-
- Closes #8252
-
-- runtests: make 'wolfssl' a testable feature
-
- Closes #8252
-
-- GHA: install stunnel in the medbtls + wolfssl CI jobs
-
- Closes #8252
-
-- CI: move the rustls CI job to GHA from Zuul
-
- Closes #8251
-
-- DISABLE: disable a dozen tests in the rustls build
-
- Disables tests that don't yet work with the rustls backend.
-
- Fixes #8004
- Closes #8250
-
-- runtests: make 'rustls' a testable feature
-
-- remote-header-name.d: clarify
-
- - it strips off the path from the server provided name
- - it saves in current directory or --output-dir
-
- Ref: https://curl.se/mail/archive-2022-01/0032.html
- Closes #8249
-
-- url: given a user in the URL, find pwd for that user in netrc
-
- Add test 380 and 381 to verify, edited test 133
-
- Reported-by: Manfred Schwarb
- Fixes #8241
- Closes #8243
-
-- [Niels Martignène brought this change]
-
- mbedtls: Fix ssl_init error with mbedTLS 3.1.0+
-
- Since mbedTLS 3.1.0, mbedtls_ssl_setup() fails if the provided
- config struct is not valid.
-
- mbedtls_ssl_config_defaults() needs to be called before the config
- struct is passed to mbedtls_ssl_setup().
-
- Closes #8238
-
-- [Filip Lundgren brought this change]
-
- cmake: fix iOS CMake project generation error
-
- Closes #8244
-
-- ngtcp2: fix declaration of ‘result’ shadows a previous local
-
- Follow-up to 8fbd6feddfa587cfd3
-
- Closes #8245
-
-- openssl.h: avoid including OpenSSL headers here
-
- ... by instead using the struct version of the typedef'ed pointer. To
- fix build errors when both Schannel and OpenSSL are enabled.
-
- Fixes #8240
- Reported-by: Jan Ehrhardt
- Closes #8246
-
-- curl_url_set.3: mention when CURLU_ALLOW_SPACE was added
-
-- tool_findfile: free mem properly
-
- Follow-up to 764e4f066d5
-
- Closes #8242
-
-- tool_findfile: check ~/.config/curlrc too
-
- ... after the initial checks for .curlrc and if XDG_CONFIG_HOME is not
- set, use $HOME and $CURL_HOME to check if ~/.config/curlrc is present.
-
- Add test 436 to verify
-
- Reported-by: Sandro Jaeckel
- Fixes #8208
- Closes #8213
-
-- runtests: allow client/file to specify multiple directories
-
- ... and make sure to mkdir them all
-
-- scripts/copyright.pl: support many provided file names on the cmdline
-
-- [Fabian Keil brought this change]
-
- tests/FILEFORMAT.md: fix typo
-
-- [Fabian Keil brought this change]
-
- Add test373: multiple chunks with binary zeros
-
-- [Fabian Keil brought this change]
-
- Add test372: binary zero in data element
-
-- [Fabian Keil brought this change]
-
- tests/server/getpart.c: properly deal with binary data containing NUL bytes
-
-- [Fabian Keil brought this change]
-
- runtests.pl: properly print the test if it contains binary zeros
-
-- mailmap: Xiaoke Wang
-
-- openssl: copyright year update
-
- Follow-up to 30aea2b1ede
-
-- scripts/copyright.pl: hush unless -v (for verbose) is used
-
-- [Xiaoke Wang brought this change]
-
- openssl: check the return value of BIO_new_mem_buf()
-
- Closes #8233
-
-- examples/multi-app.c: call curl_multi_remove_handle as well
-
- Fixes #8234
- Reported-by: Melroy van den Berg
- Closes #8236
-
-- COPYING: bump copyright year range
-
-- RELEASE-NOTES: synced
-
- and bump curlver after release
-
-- docs: fix mandoc -T lint formatting complaints
-
- Closes #8228
-
-- next.d. remove .fi/.nf as they are handled by gen.pl
-
- Closes #8228
-
-- gen.pl: terminate "example" sections better
-
- If the example (section that is prefixed with spaces) ends the
- description gen.pl would previously miss to output the terminating .fi
-
- Closes #8228
-
-- [Satadru Pramanik brought this change]
-
- curl-functions.m4: fix LIBRARY_PATH adjustment to avoid eval
-
- $$ usage in a m4 file introduces the PID in linux.
- Instead, just duplicate previous working code with a case switch.
-
- Fixes #8229
- Closes #8230
-
-Version 7.81.0 (5 Jan 2022)
-
-Daniel Stenberg (5 Jan 2022)
-- RELEASE-NOTES: synced
-
- curl 7.81.0 release
-
-- THANKS: add names from 7.81.0 release
-
-- curl_multi_init.3: fix the copyright year range
-
-- test719-721: require "proxy" feature present to run
-
- Bug: https://github.com/curl/curl/pull/8223#issuecomment-1005188696
- Reported-by: Marc Hörsken
-
- Closes #8226
-
-- test719: require ipv6 support to run
-
- Follow-up to effd2bd7ba2a5fd244
- Reported-by: Marc Hörsken
- Bug: https://github.com/curl/curl/pull/8217#issuecomment-1004681145
-
- Closes #8223
-
-- test719-721: verify SOCKS details
-
- Using the new verify/socks details
-
-- runtests: add verify/socks check
-
- If used, this data is compared with the data in log/socksd-request.log
- which the socksd server logs.
-
- Added to FILEFORMAT.md
-
-- server/socksd: log atyp + address in a separate log
-
- To allow the test suite to verify that the right data arrived
-
-- socks5: use appropriate ATYP for numerical IP address host names
-
- When not resolving the address locallly (known as socks5h).
-
- Add test 719 and 720 to verify.
-
- Reported-by: Peter Piekarski
- Fixes #8216
- Closes #8217
-
-Jay Satiro (3 Jan 2022)
-- curl_multi_init.3: fix EXAMPLE formatting
-
-Daniel Stenberg (3 Jan 2022)
-- RELEASE-NOTES: synced
-
-- libtest: avoid "assignment within conditional expression"
-
- In lib530, lib540 and lib582
-
- Closes #8218
-
-- ftp: disable warning 4706 in MSVC
-
- Follow-up to 21248e052d
-
- Disabling "assignment within conditional expression" for MSVC needs to
- be done before the function starts, for it to take effect.
-
- Closes #8218
-
-- tool_operate: warn if too many output arguments were found
-
- More output instructions than URLs is likely a user error.
-
- Add test case 371 to verify
-
- Closes #8210
-
-- .github/workflows/mbedtls.yml: bump to mbedtls 3.1.0
-
- Closes #8215
-
-- zuul: remove the mbedtls jobs
-
- Now running as github workflows
-
- Closes #8215
-
-- github/workflows: add mbedtls and mbedtls-clang
-
- Closes #8215
-
-- [Valentin Richter brought this change]
-
- mbedtls: fix private member designations for v3.1.0
-
- "As a last resort, you can access the field foo of a structure bar by
- writing bar.MBEDTLS_PRIVATE(foo). Note that you do so at your own risk,
- since such code is likely to break in a future minor version of Mbed
- TLS." -
- https://github.com/ARMmbed/mbedtls/blob/f2d1199edc5834df4297f247f213e614f7782d1d/docs/3.0-migration-guide.md
-
- That future minor version is v3.1.0. I set the >= to == for the version
- checks because v3.1.0 is a release, and I am not sure when the private
- designation was reverted after v3.0.0.
-
- Closes #8214
-
-- [Valentin Richter brought this change]
-
- cmake: prevent dev warning due to mismatched arg
-
- -- curl version=[7.81.0-DEV]
- CMake Warning (dev) at /usr/share/cmake-3.22.1/Modules/FindPackageHandleStandardArgs.cmake:438 (message):
- The package name passed to `find_package_handle_standard_args` (MBEDTLS)
- does not match the name of the calling package (MbedTLS). This can lead to
- problems in calling code that expects `find_package` result variables
- (e.g., `_FOUND`) to follow a certain pattern.
- Call Stack (most recent call first):
- deps/curl/CMake/FindMbedTLS.cmake:31 (find_package_handle_standard_args)
- deps/curl/CMakeLists.txt:473 (find_package)
- This warning is for project developers. Use -Wno-dev to suppress it.
-
- Closes #8207
-
-- urlapi: if possible, shorten given numerical IPv6 addresses
-
- Extended test 1560 to verify
-
- Closes #8206
-
-- [Michał Antoniak brought this change]
-
- url: reduce ssl backend count for CURL_DISABLE_PROXY builds
-
- Closes #8212
-
-- KNOWN_BUGS: "Trying local ports fails on Windows"
-
- Reported-by: gclinch on github
- Closes #8112
-
-- misc: update copyright year range
-
-- zuul: remove the wolfssl even more
-
- Follow-up to 1914465cf180d32b3d
-
-- examples/multi-single.c: remove WAITMS()
-
- As it isn't used.
-
- Reported-by: Melroy van den Berg
- Fixes #8200
- Closes #8201
-
-- gtls: add gnutls include for the session type
-
- Follow-up to 8fbd6feddfa5 to make it build more universally
-
-- m4/curl-compilers: tell clang -Wno-pointer-bool-conversion
-
- To hush compiler warnings we don't care for: error: address of function
- 'X' will always evaluate to 'true'
-
- Fixes #8197
- Closes #8198
-
-- http_proxy: don't close the socket (too early)
-
- ... and double-check in the OpenSSL shutdown that the socket is actually
- still there before it is used.
-
- Fixes #8193
- Closes #8195
-
- Reported-by: Leszek Kubik
-
-- ngtcp2: verify the server certificate for the gnutls case
-
- Closes #8178
-
-- ngtcp2: verify the server cert on connect (quictls)
-
- Make ngtcp2+quictls correctly acknowledge `CURLOPT_SSL_VERIFYPEER` and
- `CURLOPT_SSL_VERIFYHOST`.
-
- The name check now uses a function from lib/vtls/openssl.c which will
- need attention for when TLS is not done by OpenSSL or is disabled while
- QUIC is enabled.
-
- Possibly the servercert() function in openssl.c should be adjusted to be
- able to use for both regular TLS and QUIC.
-
- Ref: #8173
- Closes #8178
-
-- zuul: remove the wolfssl build
-
-- github workflow: add wolfssl
-
- Closes #8196
-
-- [Nicolas Sterchele brought this change]
-
- zuul: fix quiche build pointing to wrong Cargo
-
- Fixes #8184
- Closes #8189
-
-- checksrc: detect more kinds of NULL comparisons we avoid
-
- Co-authored-by: Jay Satiro
- Closes #8180
-
-- RELEASE-NOTES: synced
-
-- mesalink: remove the BACKEND define kludge
-
- Closes #8183
-
-- schannel: remove the BACKEND define kludge
-
- Closes #8182
-
-- gtls: check return code for gnutls_alpn_set_protocols
-
- Closes #8181
-
-- [Stefan Huber brought this change]
-
- README: label the link to the support document
-
- Closes #8185
-
-- docs/HTTP3: describe how to setup a h3 reverse-proxy for testing
-
- Assisted-by: Matt Holt
-
- Closes #8177
-
-- libcurl-multi.3: "SOCKS proxy handshakes" are not blocking
-
- Since 4a4b63daaa0
-
-- [Vladimir Panteleev brought this change]
-
- tests: Add test for CURLOPT_HTTP200ALIASES
-
-- [Vladimir Panteleev brought this change]
-
- http: Fix CURLOPT_HTTP200ALIASES
-
- The httpcode < 100 check was also triggered when none of the fields were
- parsed, thus making the if(!nc) block unreachable.
-
- Closes #8171
-
-- RELEASE-NOTES: synced
-
-- language: "email"
-
- Missed three occurrences.
-
- Follow-up to 7a92f86
-
-- nss:set_cipher don't clobber the cipher list
-
- The string is set by the user and needs to remain intact for proper
- connection reuse etc.
-
- Reported-by: Eric Musser
- Fixes #8160
- Closes #8161
-
-- misc: s/e-mail/email
-
- Consistency is king. Following the lead in everything curl.
-
- Closes #8159
-
-- [Tobias Nießen brought this change]
-
- docs: fix typo in OpenSSL 3 build instructions
-
- Closes #8162
-
-- linkcheck.yml: add CI job that checks markdown links
-
- Closes #8158
-
-- RELEASE-PROCEDURE.md: remove ICAL link and old release dates
-
-- BINDINGS.md: "markdown-link-check-disable"
-
- It feels a bit unfortunate to litter an ugly tag for this functionality,
- but if we get link scans of all markdown files, this might be worth the
- price.
-
-- docs: fix dead links, remove ECH.md
-
-Jay Satiro (16 Dec 2021)
-- openssl: define HAVE_OPENSSL_VERSION for OpenSSL 1.1.0+
-
- Prior to this change OpenSSL_version was only detected in configure
- builds. For other builds the old version parsing code was used which
- would result in incorrect versioning for OpenSSL 3:
-
- Before:
-
- curl 7.80.0 (i386-pc-win32) libcurl/7.80.0 OpenSSL/3.0.0a zlib/1.2.11
- WinIDN libssh2/1.9.0
-
- After:
-
- curl 7.80.0 (i386-pc-win32) libcurl/7.80.0 OpenSSL/3.0.1 zlib/1.2.11
- WinIDN libssh2/1.9.0
-
- Reported-by: lllaffer@users.noreply.github.com
-
- Fixes https://github.com/curl/curl/issues/8154
- Closes https://github.com/curl/curl/pull/8155
-
-Daniel Stenberg (16 Dec 2021)
-- [James Fuller brought this change]
-
- docs: add known bugs list to HTTP3.md
-
- Closes #8156
-
-Dan Fandrich (15 Dec 2021)
-- BINDINGS: add one from Everything curl and update a link
-
-- libcurl-security.3: mention address and URL mitigations
-
- The new CURLOPT_PREREQFUNCTION callback is another way to sanitize
- addresses.
- Using the curl_url API is a way to mitigate against attacks relying on
- URL parsing differences.
-
-Daniel Stenberg (15 Dec 2021)
-- RELEASE-NOTES: synced
-
-- x509asn1: return early on errors
-
- Overhaul to make sure functions that detect errors bail out early with
- error rather than trying to continue and risk hiding the problem.
-
- Closes #8147
-
-- [Patrick Monnerat brought this change]
-
- openldap: several minor improvements
-
- - Early check proper LDAP URL syntax. Reject URLs with a userinfo part.
- - Use dynamic memory for ldap_init_fd() URL rather than a
- stack-allocated buffer.
- - Never chase referrals: supporting it would require additional parallel
- connections and alternate authentication credentials.
- - Do not wait 1 microsecond while polling/reading query response data.
- - Store last received server code for retrieval with CURLINFO_RESPONSE_CODE.
-
- Closes #8140
-
-- [Michał Antoniak brought this change]
-
- misc: remove unused doh flags when CURL_DISABLE_DOH is defined
-
- Closes #8148
-
-- mbedtls: fix CURLOPT_SSLCERT_BLOB
-
- The memory passed to mbedTLS for this needs to be null terminated.
-
- Reported-by: Florian Van Heghe
- Closes #8146
-
-- asyn-ares: ares_getaddrinfo needs no happy eyeballs timer
-
- Closes #8142
-
-- mailmap: add Yongkang Huang
-
- From #8141
-
-- [Yongkang Huang brought this change]
-
- check ssl_config when re-use proxy connection
-
-- mbedtls: do a separate malloc for ca_info_blob
-
- Since the mbedTLS API requires the data to the null terminated.
-
- Follow-up to 456c53730d21b1fad0c7f72c1817
-
- Fixes #8139
- Closes #8145
-
-Marc Hoersken (14 Dec 2021)
-- CI: build examples for additional code verification
-
- Some CIs already build them, let's do it on more of them.
-
- Reviewed-by: Daniel Stenberg
-
- Follow up to #7690 and 77311f420a541a0de5b3014e0e40ff8b4205d4af
- Replaces #7591
- Closes #7922
-
-- docs/examples: workaround broken -Wno-pedantic-ms-format
-
- Avoid CURL_FORMAT_CURL_OFF_T by using unsigned long instead.
- Improve size_t to long conversion in imap-append.c example.
-
- Ref: https://github.com/curl/curl/issues/6079
- Ref: https://github.com/curl/curl/pull/6082
- Assisted-by: Jay Satiro
- Reviewed-by: Daniel Stenberg
-
- Preparation of #7922
-
-- tests/data/test302[12]: fix MSYS2 path conversion of hostpubsha256
-
- Ref: https://www.msys2.org/wiki/Porting/#filesystem-namespaces
-
- Reviewed-by: Marcel Raad
- Reviewed-by: Jay Satiro
-
- Fixes #8084
- Closes #8138
-
-Daniel Stenberg (13 Dec 2021)
-- [Patrick Monnerat brought this change]
-
- openldap: simplify ldif generation code
-
- and take care of zero-length values, avoiding conversion to base64
- and/or trailing spaces.
-
- Closes #8136
-
-- example/progressfunc: remove code for old libcurls
-
- 7.61.0 is over three years old now, remove all #ifdefs for handling
- ancient libcurl versions so that the example gets easier to read and
- understand
-
- Closes #8137
-
-- [Xiaoke Wang brought this change]
-
- sha256/md5: return errors when init fails
-
- Closes #8133
-
-- TODO: 13.3 Defeat TLS fingerprinting
-
- Closes #8119
-
-- RELEASE-NOTES: synced
-
-- [Patrick Monnerat brought this change]
-
- openldap: process search query response messages one by one
-
- Upon receiving large result sets, this reduces memory consumption and
- allows starting to output results while the transfer is still in
- progress.
-
- Closes #8101
-
-- hash: lazy-alloc the table in Curl_hash_add()
-
- This makes Curl_hash_init() infallible which saves error paths.
-
- Closes #8132
-
-- multi: cleanup the socket hash when destroying it
-
- Since each socket hash entry may themselves have a hash table in them,
- the destroying of the socket hash needs to make sure all the subhashes
- are also correctly destroyed to avoid leaking memory.
-
- Fixes #8129
- Closes #8131
-
-- test1156: fixup the stdout check for Windows
-
- It is not text mode.
-
- Follow-up to 6f73e68d182
-
- Closes #8134
-
-- test1528: enable for hyper
-
- Closes #8128
-
-- test1527: enable for hyper
-
- Closes #8128
-
-- test1526: enable for hyper
-
- Closes #8128
-
-- test1525: slightly tweaked for hyper
-
- Closes #8128
-
-- test1156: enable for hyper
-
- Minor reorg of the lib1156 code and it works fine for hyper.
-
- Closes #8127
-
-- test661: enable for hyper
-
- Closes #8126
-
-- docs: fix proselint nits
-
- - remove a lot of exclamation marks
- - use consistent spaces (1, not 2)
- - use better words at some places
-
- Closes #8123
-
-- [RekGRpth brought this change]
-
- BINDINGS.md: add cURL client for PostgreSQL
-
- Closes #8125
-
-- [RekGRpth brought this change]
-
- CURLSHOPT_USERDATA.3: fix copy-paste mistake
-
- Closes #8124
-
-- docs: fix minor nroff format nits
-
- Repairs test 1140
-
- Follow-up to 436cdf82041
-
-- docs/URL-SYNTAX.md: space is not fine in a given URL
-
-- curl_multi_perform/socket_action.3: clarify what errors mean
-
- An error returned from one of these funtions mean that ALL still ongoing
- transfers are to be considered failed.
-
- Ref: #8114
- Closes #8120
-
-- libcurl-errors.3: add CURLM_ABORTED_BY_CALLBACK
-
- Follow-up to #8089 (2b3dd01)
-
- Closes #8116
-
-- hash: add asserts to help detect bad usage
-
- For example trying to add entries after the hash has been "cleaned up"
-
- Closes #8115
-
-- lib530: abort on curl_multi errors
-
- This makes torture tests run more proper.
-
- Also add an assert to trap situations where it would end up with no
- sockets to wait for.
-
- Closes #8121
-
-- FAQ: we never pronounced it "see URL", we say "kurl"
-
-- RELEASE-NOTES: synced
-
-- CURLOPT_RESOLVE.3: minor polish
-
- Minor rephrasing for some explanations.
-
- Put the format strings in stand-alone lines with .nf/.fi to be easier to spot.
-
- Move "added in" to AVAILABILITY
-
- Closed #8110
-
-- test1556: adjust for hyper
-
- Closes #8105
-
-- test1554: adjust for hyper
-
- Closes #8104
-
-- retry-all-errors.d: make the example complete
-
- ... as it needs --retry too to work
-
-- TODO: 5.7 Require HTTP version X or higher
-
- Closes #7980
-
-- CURLOPT_STDERR.3: does not work with libcurl as a win32 DLL
-
- This is the exact same limitation already documented for
- CURLOPT_WRITEDATA but should be clarified here. It also has a different
- work-around.
-
- Reported-by: Stephane Pellegrino
- Bug: https://github.com/curl/curl/issues/8102
- Closes #8103
-
-- multi: handle errors returned from socket/timer callbacks
-
- The callbacks were partially documented to support this. Now the
- behavior is documented and returning error from either of these
- callbacks will effectively kill all currently ongoing transfers.
-
- Added test 530 to verify
-
- Reported-by: Marcelo Juchem
- Fixes #8083
- Closes #8089
-
-- http2:set_transfer_url() return early on OOM
-
- If curl_url() returns NULL this should return early to avoid mistakes -
- even if right now the subsequent function invokes are all OK.
-
- Coverity (wrongly) pointed out this as a NULL deref.
-
- Closes #8100
-
-- tool_parsecfg: use correct free() call to free memory
-
- Detected by Coverity. CID 1494642.
- Follow-up from 2be1aa619bca
-
- Closes #8099
-
-- tool_operate: fix potential memory-leak
-
- A 'CURLU *' would leak if url_proto() is called with no URL.
-
- Detected by Coverity. CID 1494643.
- Follow-up to 18270893abdb19
- Closes #8098
-
-- [Patrick Monnerat brought this change]
-
- openldap: implement STARTTLS
-
- As this introduces use of CURLOPT_USE_SSL option for LDAP, also check
- this option in ldap.c as it is not supported by this backend.
-
- Closes #8065
-
-- [Jun Tseng brought this change]
-
- curl_easy_unescape.3: call curl_easy_cleanup in example
-
- Closes #8097
-
-- [Jun Tseng brought this change]
-
- curl_easy_escape.3: call curl_easy_cleanup in example
-
- Closes #8097
-
-- tool_listhelp: sync
-
- Follow-up to 172068b76f
-
-- [Damien Walsh brought this change]
-
- request.d: refer to 'method' rather than 'command'
-
- Closes #8094
-
-- RELEASE-NOTES: synced
-
-- writeout: fix %{http_version} for HTTP/3
-
- Output "3" properly when HTTP/3 was used.
-
- Reported-by: Bernat Mut
- Fixes #8072
- Closes #8092
-
-- urlapi: accept port number zero
-
- This is a regression since 7.62.0 (fb30ac5a2d).
-
- Updated test 1560 accordingly
-
- Reported-by: Brad Fitzpatrick
- Fixes #8090
- Closes #8091
-
-- [Mark Dodgson brought this change]
-
- lift: ignore is a deprecated config option, use ignoreRules
-
- Closes #8082
-
-- [Alessandro Ghedini brought this change]
-
- HTTP3: update quiche build instructions
-
- The repo repo was re-organized a bit, so the build instructions need to
- be updated.
-
- Closes #8076
-
-- CURLMOPT_TIMERFUNCTION.3: call it expire time, not interval
-
- Since we say it is a non-repating timer
-
-- [Florian Van Heghe brought this change]
-
- mbedTLS: include NULL byte in blob data length for CURLOPT_CAINFO_BLOB
-
- Fixes #8079
- Closes #8081
-
-Jay Satiro (2 Dec 2021)
-- [Wyatt O'Day brought this change]
-
- version_win32: Check build number and platform id
-
- Prior to this change the build number was not checked during version
- comparison, and the platform id was supposed to be checked but wasn't.
-
- Checking the build number is required for enabling "evergreen"
- Windows 10/11 features (like TLS 1.3).
-
- Ref: https://github.com/curl/curl/pull/7784
-
- Closes https://github.com/curl/curl/pull/7824
- Closes https://github.com/curl/curl/pull/7867
-
-- libssh2: fix error message for sha256 mismatch
-
- - On mismatch error show sha256 fingerprint in base64 format.
-
- Prior to this change the fingerprint was mistakenly printed in binary.
-
-Daniel Stenberg (1 Dec 2021)
-- [Xiaoke Wang brought this change]
-
- openssl: check the return value of BIO_new()
-
- Closes #8078
-
-Dan Fandrich (30 Nov 2021)
-- docs: Update the Reducing Size section
-
- Add many more options that can reduce the size of the binary that were
- added since the last update. Update the sample minimal binary size for
- version 7.80.0.
-
-- tests: Add some missing keywords to tests
-
- These are needed to skip some tests when configure options have disabled
- certain features.
-
-Daniel Stenberg (30 Nov 2021)
-- [Florian Van Heghe brought this change]
-
- mbedTLS: add support for CURLOPT_CAINFO_BLOB
-
- Closes #8071
-
-- [Glenn Strauss brought this change]
-
- digest: compute user:realm:pass digest w/o userhash
-
- https://datatracker.ietf.org/doc/html/rfc7616#section-3.4.4
- ... the client MUST calculate a hash of the username after
- any other hash calculation ...
-
- Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
- Closes #8066
-
-- config.d: update documentation to match the path search
-
- Assisted-by: Jay Satiro
-
-- tool_findfile: search for a file in the homedir
-
- The homedir() function is now renamed into findfile() and iterates over
- all the environment variables trying to access the file in question
- until it finds it. Last resort is then getpwuid() if
- available. Previously it would first try to find a home directory and if
- that was set, insist on checking only that directory for the file. This
- now returns the full file name it finds.
-
- The Windows specific checks are now done differently too and in this
- order:
-
- 1 - %USERPROFILE%
- 2 - %APPDATA%
- 3 - %USERPROFILE%\\Application Data
-
- The windows order is modified to match how the Windows 10 ssh tool works
- when it searches for .ssh/known_hosts.
-
- Reported-by: jeffrson on github
- Co-authored-by: Jay Satiro
- Fixes #8033
- Closes #8035
-
-- docs: consistent manpage SYNOPSIS
-
- Make all libcurl related options use .nf (no fill) for the SYNOPSIS
- section - for consistent look. roffit then renders that section using
- <pre> (monospace font) in html for the website.
-
- Extended manpage-syntax (test 1173) with a basic check for it.
-
- Closes #8062
-
-- RELEASE-NOTES: synced
-
-- [Patrick Monnerat brought this change]
-
- openldap: handle connect phase with a state machine
-
- Closes #8054
-
-- docs: address proselint nits
-
- - avoid exclamation marks
- - use consistent number of spaces after periods: one
- - avoid clichés
- - avoid using 'very'
-
- Closes #8060
-
-- [Bruno Baguette brought this change]
-
- FAQ: typo fix : "yout" ➤ "your"
-
- Closes #8059
-
-- [Bruno Baguette brought this change]
-
- docs/INSTALL.md: typo fix : added missing "get" verb
-
- Closes #8058
-
-- insecure.d: detail its use for SFTP and SCP as well
-
- Closes #8056
-
-Viktor Szakats (25 Nov 2021)
-- Makefile.m32: rename -winssl option to -schannel and tidy up
-
- - accept `-schannel` as an alternative to `CFG` option `-winssl`
- (latter still accepted, but deprecated)
- - rename internal variable `WINSSL` to `SCHANNEL`
- - make the `CFG` option evaluation shorter, without repeating the option
- name
-
- Reviewed-by: Marcel Raad
- Reviewed-by: Daniel Stenberg
- Closes #8053
-
-Daniel Stenberg (25 Nov 2021)
-- KNOWN_BUGS: 5.6 make distclean loops forever
-
- Reported-by: David Bohman
- Closes #7716
-
-- KNOWN_BUGS: add one, remove one
-
- - 5.10 SMB tests fail with Python 2
-
- Just use python 3.
-
- + 5.10 curl hangs on SMB upload over stdin
-
- Closes #7896
-
-- urlapi: provide more detailed return codes
-
- Previously, the return code CURLUE_MALFORMED_INPUT was used for almost
- 30 different URL format violations. This made it hard for users to
- understand why a particular URL was not acceptable. Since the API cannot
- point out a specific position within the URL for the problem, this now
- instead introduces a number of additional and more fine-grained error
- codes to allow the API to return more exactly in what "part" or section
- of the URL a problem was detected.
-
- Also bug-fixes curl_url_get() with CURLUPART_ZONEID, which previously
- returned CURLUE_OK even if no zoneid existed.
-
- Test cases in 1560 have been adjusted and extended. Tests 1538 and 1559
- have been updated.
-
- Updated libcurl-errors.3 and curl_url_strerror() accordingly.
-
- Closes #8049
-
-- urlapi: make Curl_is_absolute_url always use MAX_SCHEME_LEN
-
- Instad of having all callers pass in the maximum length, always use
- it. The passed in length is instead used only as the length of the
- target buffer for to storing the scheme name in, if used.
-
- Added the scheme max length restriction to the curl_url_set.3 man page.
-
- Follow-up to 45bcb2eaa78c79
-
- Closes #8047
-
-- [Jay Satiro brought this change]
-
- cmake: warn on use of the now deprecated symbols
-
- Follow-up to 9108da2c26d
-
- Closes #8052
-
-- [Kevin Burke brought this change]
-
- tests/CI.md: add more information on CI environments
-
- Fixes #8012
- Closes #8022
-
-- cmake: private identifiers use CURL_ instead of CMAKE_ prefix
-
- Since the 'CMAKE_' prefix is reserved for cmake's own private use.
- Ref: https://cmake.org/cmake/help/latest/manual/cmake-variables.7.html
-
- Reported-by: Boris Rasin
- Fixes #7988
- Closes #8044
-
-- urlapi: reject short file URLs
-
- file URLs that are 6 bytes or shorter are not complete. Return
- CURLUE_MALFORMED_INPUT for those. Extended test 1560 to verify.
-
- Triggered by #8041
- Closes #8042
-
-- curl: improve error message for --head with -J
-
- ... it now focuses on the "output of headers" combined with the
- --remote-header-name option, as that is actually the problem. Both
- --head and --include can output headers.
-
- Reported-by: nimaje on github
- Fixes #7987
- Closes #8045
-
-- RELEASE-NOTES: synced
-
-- [Stefan Eissing brought this change]
-
- urlapi: cleanup scheme parsing
-
- Makea Curl_is_absolute_url() always leave a defined 'buf' and avoids
- copying on urls that do not start with a scheme.
-
- Closes #8043
-
-- tool_operate: only set SSH related libcurl options for SSH URLs
-
- For example, this avoids trying to find and set the known_hosts file (or
- warn for its absence) if SFTP or SCP are not used.
-
- Closes #8040
-
-- [Jacob Hoffman-Andrews brought this change]
-
- rustls: remove comment about checking handshaking
-
- The comment is incorrect in two ways:
- - It says the check needs to be last, but the check is actually first.
- - is_handshaking actually starts out true.
-
- Closes #8038
-
-Marcel Raad (20 Nov 2021)
-- openssl: use non-deprecated API to read key parameters
-
- With OpenSSL 3.0, the parameters are read directly from the `EVP_PKEY`
- using `EVP_PKEY_get_bn_param`.
-
- Closes https://github.com/curl/curl/pull/7893
-
-- openssl: reduce code duplication
-
- `BN_print`'s `BIGNUM` parameter has been `const` since OpenSSL 0.9.4.
-
- Closes https://github.com/curl/curl/pull/7893
-
-- openssl: remove `RSA_METHOD_FLAG_NO_CHECK` handling if unavailable
-
- The flag has been deprecated without replacement in OpenSSL 3.0.
-
- Closes https://github.com/curl/curl/pull/7893
-
-- openssl: remove usage of deprecated `SSL_get_peer_certificate`
-
- The function name was changed to `SSL_get1_peer_certificate` in OpenSSL
- 3.0.
-
- Closes https://github.com/curl/curl/pull/7893
-
-Daniel Stenberg (19 Nov 2021)
-- page-footer: fix typo
-
- Closes #8036
-
-- http: enable haproxy support for hyper backend
-
- This is done by having native code do the haproxy header output before
- hyper issues its request. The little downside with this approach is that
- we need the entire Curl_buffer_send() function built, which is otherwise
- not used for hyper builds.
-
- If hyper ends up getting native support for the haproxy protocols we can
- backpedal on this.
-
- Enables test 1455 and 1456
-
- Closes #8034
-
-- [Bernhard Walle brought this change]
-
- configure: fix runtime-lib detection on macOS
-
- With a non-standard installation of openssl we get this error:
-
- checking run-time libs availability... failed
- configure: error: one or more libs available at link-time are not available run-time. Libs used at link-time: -lnghttp2 -lssl -lcrypto -lssl -lcrypto -lz
-
- There's already code to set LD_LIBRARY_PATH on Linux, so set
- DYLD_LIBRARY_PATH equivalent on macOS.
-
- Closes #8028
-
-- [Don J Olmstead brought this change]
-
- cmake: don't set _USRDLL on a static Windows build
-
- Closes #8030
-
-- page-footer: document more environment variables
-
- ... that curl might use.
-
- Closes #8027
-
-- netrc.d: edit the .netrc example to look nicer
-
- Works nicely thanks to d1828b470f43d
-
- Closes #8025
-
-- tftp: mark protocol as not possible to do over CONNECT
-
- ... and make connect_init() refusing trying to tunnel protocols marked
- as not working. Avoids a double-free.
-
- Reported-by: Even Rouault
- Fixes #8018
- Closes #8020
-
-- docs/cmdline-opts: do not say "protocols: all"
-
- Remove the lines saying "protocols: all". It makes the output in the
- manpage look funny, and the expectation is probably by default that if
- not anything is mentioned about protocols the option apply to them all.
-
- Closes #8021
-
-- curl.1: require "see also" for every documented option
-
- gen.pl now generates a warning if the "See Also" field is not filled in for a
- command line option
-
- All command line options now provide one or more related options. 167
- "See alsos" added!
-
- Closes #8019
-
-- insecure.d: expand and clarify
-
- Closes #8017
-
-- gen.pl: improve example output format
-
- Treat consecutive lines that start with a space to be "examples". They
- are output enclosed by .nf and .fi
-
- Updated form.d to use this new fanciness
-
- Closes #8016
-
-- Revert "form-escape.d: double the back-slashes for proper man page output"
-
- This reverts commit a2d8eac04a4eb1d5a98cf24b4e5cec5cec565d27.
-
- silly me, it was intended to be one backslash!
-
-- form-escape.d: double the back-slashes for proper man page output
-
-- page-footer: add a mention of how to report bugs to the man page
-
-- RELEASE-NOTES: synced
-
- and bump to 7.81.0-DEV
-
-- [Patrick Monnerat brought this change]
-
- mime: use percent-escaping for multipart form field and file names
-
- Until now, form field and file names where escaped using the
- backslash-escaping algorithm defined for multipart mails. This commit
- replaces this with the percent-escaping method for URLs.
-
- As this may introduce incompatibilities with server-side applications, a
- new libcurl option CURLOPT_MIME_OPTIONS with bitmask
- CURLMIMEOPT_FORMESCAPE is introduced to revert to legacy use of
- backslash-escaping. This is controlled by new cli tool option
- --form-escape.
-
- New tests and documentation are provided for this feature.
-
- Reported by: Ryan Sleevi
- Fixes #7789
- Closes #7805
-
-- [Kevin Burke brought this change]
-
- zuul.d: update rustls-ffi to version 0.8.2
-
- This version fixes errors with ALPN negotiation in rustls, which is
- necessary for HTTP/2 support. For more information see the rustls-ffi
- changelog.
-
- Closes #8013
-
-- configure: better diagnostics if hyper is built wrong
-
- If hyper is indeed present in the specified directory but couldn't be
- used to find the correct symbol, then offer a different error message to
- better help the user understand the issue.
-
- Suggested-by: Jacob Hoffman-Andrews
- Fixes #8001
- Closes #8005
-
-- test1939: require proxy support to run
-
- Follow-up to f0b7099a10d1a
-
- Closes #8011
-
-- test302[12]: run only with the libssh2 backend
-
- ... as the others don't support --hostpubsha256
-
- Reported-by: Paul Howarth
- Fixes #8009
- Closes #8010
-
-- runtests: make the SSH library a testable feature
-
- libssh2, libssh and wolfssh
-
-- [Jacob Hoffman-Andrews brought this change]
-
- rustls: read of zero bytes might be okay
-
- When we're reading out plaintext from rustls' internal buffers, we might
- get a read of zero bytes (meaning a clean TCP close, including
- close_notify). However, we shouldn't return immediately when that
- happens, since we may have already copied out some plaintext bytes.
- Break out of the loop when we get a read of zero bytes, and figure out
- which path we're dealing with.
-
- Acked-by: Kevin Burke
-
- Closes #8003
-
-- [Jacob Hoffman-Andrews brought this change]
-
- rustls: remove incorrect EOF check
-
- The update to rustls-ffi 0.8.0 changed handling of EOF and close_notify.
- From the CHANGELOG:
-
- > Handling of unclean close and the close_notify TLS alert. Mirroring
- > upstream changes, a rustls_connection now tracks TCP closed state like
- > so: rustls_connection_read_tls considers a 0-length read from its
- > callback to mean "TCP stream was closed by peer." If that happens
- > before the peer sent close_notify, rustls_connection_read will return
- > RUSTLS_RESULT_UNEXPECTED_EOF once the available plaintext bytes are
- > exhausted. This is useful to protect against truncation attacks. Note:
- > some TLS implementations don't send close_notify. If you are already
- > getting length information from your protocol (e.g. Content-Length in
- > HTTP) you may choose to ignore UNEXPECTED_EOF so long as the number of
- > plaintext bytes was as expected.
-
- That means we don't need to check for unclean EOF in `cr_recv()`,
- because `process_new_packets()` will give us an error if appropriate.
-
- Closes #8003
-
-- lib1939: make it endure torture tests
-
- Follow-up to f0b7099a10d1a
-
- Closes #8007
-
-- azure: make the "w/o HTTP/SMTP/IMAP" build disable SSL proper
-
- The configure line would previously depend on a configure mistake using
- --without-openssl that is fixed and now this configure line needs
- adjusting to use --without-ssl.
-
- Follow-up to b589696f0312d
-
- Closes #8006
-
-- [Jacob Hoffman-Andrews brought this change]
-
- configure: add -lm to configure for rustls build.
-
- Note: The list of libraries that rustc tells us we need to include is
- longer, but also includes some more platform-specific libraries that I
- am not sure how to effectively incorporate. Adding just -lm seems to
- solve an immediate problem, so I'm adding just that.
-
- Closes #8002
-
-- curl_share_setopt.3: refer to CURLSHOPT_USERDATA(3) properly
-
-- curl_share_setopt.3: split out options into their own manpages
-
- CURLSHOPT_LOCKFUNC.3
- CURLSHOPT_SHARE.3
- CURLSHOPT_UNLOCKFUNC.3
- CURLSHOPT_UNSHARE.3
- CURLSHOPT_USERDATA.3
-
- Closes #7998
-
-- http_proxy: make Curl_connect_done() work for proxy disabled builds
-
- ... by making it an empty macro then.
-
- Follow-up to f0b7099a10d1a
- Reported-by: Vincent Grande
- Fixes #7995
- Closes #7996
-
-- Curl_connect_done: handle being called twice
-
- Follow-up to f0b7099a10d1a7c
-
- When torture testing 1021, it turns out the Curl_connect_done function
- might be called twice and that previously then wrongly cleared the HTTP
- pointer in the second invoke.
-
- Closes #7999
-
-- [Stan Hu brought this change]
-
- configure: don't enable TLS when --without-* flags are used
-
- Previously specifying `--without-gnutls` would unexpectedly attempt to
- compile with GnuTLS, effectively interpreting this as
- `--with-gnutls`. This caused a significant amount of confusion when
- `libcurl` was built with SSL disabled since GnuTLS wasn't present.
-
- 68d89f24 dropped the `--without-*` options from the configure help, but
- `AC_ARG_WITH` still defines these flags automatically. As
- https://www.gnu.org/software/autoconf/manual/autoconf-2.60/html_node/External-Software.html
- describes, the `action-if-given` is called when the user specifies
- `--with-*` or `--without-*` options.
-
- To prevent this confusion, we make the `--without` flag do the right
- thing by ignoring the value if it set to "no".
-
- Closes #7994
-
-- [Rikard Falkeborn brought this change]
-
- docs/checksrc: Add documentation for STRERROR
-
- Closes #7991
-
-- vtls/rustls: adapt to the updated rustls_version proto
-
- Closes #7956
-
-- [Kevin Burke brought this change]
-
- vtls/rustls: handle RUSTLS_RESULT_PLAINTEXT_EMPTY
-
- Previously we'd return CURLE_READ_ERROR if we received this, instead
- of triggering the error handling logic that's present in the next if
- block down.
-
- After this change, curl requests to https://go.googlesource.com using
- HTTP/2 complete successfully.
-
- Fixes #7949
- Closes #7948
-
-- [Kevin Burke brought this change]
-
- zuul: update build environment for rustls-ffi 0.8.0
-
-- [Kevin Burke brought this change]
-
- vtls/rustls: update to compile with rustls-ffi v0.8.0
-
- Some method names, as well as the generated library name, were changed
- in a recent refactoring.
-
- Further, change the default configuration instructions to check for
- Hyper in either "target/debug" or "target/release" - the latter
- contains an optimized build configuration.
-
- Fixes #7947
- Closes #7948
-
-- RELEASE-NOTES: synced
-
- and bump the version to 7.80.1
-
-- multi: shut down CONNECT in Curl_detach_connnection
-
- ... to prevent a lingering pointer that would lead to a double-free.
-
- Added test 1939 to verify.
-
- Reported-by: Stephen M. Coakley
- Fixes #7982
- Closes #7986
-
-- curl_easy_cleanup.3: remove from multi handle first
-
- Easy handles that are used by the multi interface should be removed from
- the multi handle before they are cleaned up.
-
- Reported-by: Stephen M. Coakley
- Ref: #7982
- Closes #7983
-
-- url.c: fix the SIGPIPE comment for Curl_close
-
- Closes #7984
-
-Version 7.80.0 (10 Nov 2021)
-
-Daniel Stenberg (10 Nov 2021)
-- RELEASE-NOTES: synced
-
- for curl 7.80.0
-
-- THANKS: add contributors from the 7.80.0 cycle
-
-- [Tatsuhiro Tsujikawa brought this change]
-
- ngtcp2: advertise h3 as well as h3-29
-
- Advertise h3 as well as h3-29 since some servers out there require h3
- for QUIC v1.
-
- Closes #7979
-
-- [Tatsuhiro Tsujikawa brought this change]
-
- ngtcp2: use QUIC v1 consistently
-
- Since we switched to v1 quic_transport_parameters codepoint in #7960
- with quictls, lets use QUIC v1 consistently.
-
- Closes #7979
-
-- [Tatsuhiro Tsujikawa brought this change]
-
- ngtcp2: compile with the latest nghttp3
-
- Closes #7978
-
-Marc Hoersken (9 Nov 2021)
-- tests: add Schannel-specific tests and disable unsupported ones
-
- Adds Schannel variants of SSLpinning tests that include the option
- --ssl-revoke-best-effort to ignore certificate revocation check
- failures which is required due to our custom test CA certificate.
-
- Disable the original variants if the Schannel backend is enabled.
-
- Also skip all IDN tests which are broken while using an msys shell.
-
- This is a step to simplify test exclusions for Windows and MinGW.
-
- Reviewed-by: Jay Satiro
- Reviewed-by: Marcel Raad
- Reviewed-by: Daniel Stenberg
- Closes #7968
-
-Daniel Stenberg (8 Nov 2021)
-- docs: NAME fixes in easy option man pages
-
- Closes #7975
-
-- [Roger Young brought this change]
-
- ftp: make the MKD retry to retry once per directory
-
- Reported-by: Roger Young
- Fixes #7967
- Closes #7976
-
-- tool_operate: reorder code to avoid compiler warning
-
- tool_operate.c(889) : warning C4701: potentially uninitialized local
- variable 'per' use
-
- Follow-up to cc71d352651a0d95
- Reported-by: Marc Hörsken
- Bug: https://github.com/curl/curl/pull/7922#issuecomment-963042676
- Closes #7971
-
-- curl_easy_perform.3: add a para about recv and send data
-
- Reported-by: Godwin Stewart
- Fixes #7973
- Closes #7974
-
-- tool_operate: fclose stream only if fopened
-
- Fixes torture test failures
- Follow-up to cc71d352651
-
- Closes #7972
-
-- libcurl-easy.3: language polish
-
-- limit-rate.d: this is average over several seconds
-
- Closes #7970
-
-- docs: reduce/avoid English contractions
-
- You're => You are
- Hasn't => Has not
- Doesn't => Does not
- Don't => Do not
- You'll => You will
- etc
-
- Closes #7930
-
-- tool_operate: fix torture leaks with etags
-
- Spotted by torture testing 343 344 345 347.
-
- Follow-up from cc71d352651a0
- Pointed-out-by: Dan Fandrich
-
- Closes #7969
-
-- [Amaury Denoyelle brought this change]
-
- ngtcp2: support latest QUIC TLS RFC9001
-
- QUIC Transport Parameters Extension has been changed between draft-29
- and latest RFC9001. Most notably, its identifier has been updated from
- 0xffa5 to 0x0039. The version is selected through the QUIC TLS library
- via the legacy codepoint.
-
- Disable the usage of legacy codepoint in curl to switch to latest
- RFC9001. This is required to be able to keep up with latest QUIC
- implementations.
-
- Acked-by: Tatsuhiro Tsujikawa
- Closes #7960
-
-- test1173: make manpage-syntax.pl spot \n errors in examples
-
-- man pages: fix backslash-n in examples
-
- ... to be proper backslash-backslash-n sequences to render nicely in man
- and on website.
-
- Follow-up to 24155569d8a
- Reported-by: Sergey Markelov
-
- Fixes https://github.com/curl/curl-www/issues/163
- Closes #7962
-
-- scripts/release-notes.pl: use out of repo links verbatim in refs
-
-- tool_operate: a failed etag save now only fails that transfer
-
- When failing to create the output file for saving an etag, only fail
- that particular single transfer and allow others to follow.
-
- In a serial transfer setup, if no transfer at all is done due to them
- all being skipped because of this error, curl will output an error
- message and return exit code 26.
-
- Added test 369 and 370 to verify.
-
- Reported-by: Earnestly on github
- Ref: #7942
- Closes #7945
-
-- [Kevin Burke brought this change]
-
- .github: retry macos "brew install" command on failure
-
- Previously we saw errors attempting to run "brew install", see
- https://github.com/curl/curl/runs/4095721123?check_suite_focus=true for
- an example, since this command is idempotent, it is safe to run again.
-
- Closes #7955
-
-- CURLOPT_ALTSVC_CTRL.3: mention conn reuse is preferred
-
- Ref: https://github.com/curl/curl/discussions/7954
-
- Closes #7957
-
-- RELEASE-NOTES: synced
-
-- zuul: pin the quiche build to use an older cmake-rs
-
- The latest cmake-rs assumes cmake's --parallel works. That was added in
- cmake 3.12, but a lot of our CI builds run on Ubuntu Bionic which only
- has cmake 3.10.
-
- Fixes #7927
- Closes #7952
-
-- [Marc Hoersken brought this change]
-
- Revert "src/tool_filetime: disable -Wformat on mingw for this file"
-
- This reverts commit 7c88fe375b15c44d77bccc9ab733b8069d228e6f.
-
- Follow up to #6535 as the pragma is obsolete with warnf
-
- Closes #7941
-
-Jay Satiro (2 Nov 2021)
-- schannel: fix memory leak due to failed SSL connection
-
- - Call schannel_shutdown if the SSL connection fails.
-
- Prior to this change schannel_shutdown (which shuts down the SSL
- connection as well as memory cleanup) was not called when the SSL
- connection failed (eg due to failed handshake).
-
- Co-authored-by: Gisle Vanem
-
- Fixes https://github.com/curl/curl/issues/7877
- Closes https://github.com/curl/curl/pull/7878
-
-Daniel Stenberg (2 Nov 2021)
-- Curl_updateconninfo: store addresses for QUIC connections too
-
- So that CURLINFO_PRIMARY_IP etc work for HTTP/3 like for other HTTP
- versions.
-
- Reported-by: Jerome Mao
- Fixes #7939
- Closes #7944
-
-- [Sergio Durigan Junior brought this change]
-
- curl.1: fix typos in the manpage
-
- s/transfering/transferring/
- s/transfered/transferred/
-
- Signed-off-by: Sergio Durigan Junior <sergiodj@sergiodj.net>
- Closes #7937
-
-Marc Hoersken (1 Nov 2021)
-- tests/smbserver.py: fix compatibility with impacket 0.9.23+
-
- impacket now performs sanity checks if the requested and to
- be served file path actually is inside the real share path.
-
- Ref: https://github.com/SecureAuthCorp/impacket/pull/1066
-
- Fixes #7924
- Closes #7935
-
-Daniel Stenberg (1 Nov 2021)
-- docs: reduce use of "very"
-
- "Very" should be avoided in most texts. If intensifiers are needed, try
- find better words instead.
-
- Closes #7936
-
-- [Tatsuhiro Tsujikawa brought this change]
-
- ngtcp2: specify the missing required callback functions
-
- Closes #7929
-
-- CURLOPT_[PROXY]_SSL_CIPHER_LIST.3: bold instead of quote
-
- Bold the example ciphers instead of using single quotes, which then also
- avoids the problem of how to use single quotes when first in a line.
-
- Also rephrased the pages a little.
-
- Reported-by: Sergio Durigan Junior
- Ref: #7928
- Closes #7934
-
-- gen.pl: replace leading single quotes with \(aq
-
- ... and allow single quotes to be used "normally" in the .d files.
-
- Makes the output curl.1 use better nroff.
-
- Reported-by: Sergio Durigan Junior
- Ref: #7928
- Closes #7933
-
-Marc Hoersken (1 Nov 2021)
-- tests: kill some test servers afterwards to avoid locked logfiles
-
- Reviewed-by: Daniel Stenberg
- Closes #7925
-
-Daniel Stenberg (1 Nov 2021)
-- smooth-gtk-thread.c: enhance the mutex lock use
-
- Reported-by: ryancaicse on github
- Fixes #7926
- Closes #7931
-
-Marc Hoersken (31 Oct 2021)
-- CI/runtests.pl: restore -u flag, but remove it from CI runs
-
- This makes it possible to use -u again for local testing,
- but removes the flag from CI config files and make targets.
-
- Reviewed-by: Daniel Stenberg
-
- Partially reverts #7841
- Closes #7921
-
-Daniel Stenberg (29 Oct 2021)
-- [Jonathan Cardoso Machado brought this change]
-
- CURLOPT_HSTSWRITEFUNCTION.3: using CURLOPT_HSTS_CTRL is required
-
- Closes #7923
-
-- [Axel Morawietz brought this change]
-
- imap: display quota information
-
- Show response to "GETQUOTAROOT INBOX" command.
-
- Closes #6973
-
-- RELEASE-NOTES: synced
-
-- [Boris Rasin brought this change]
-
- cmake: fix error getting LOCATION property on non-imported target
-
- Closes #7885
-
-- [Xiaoke Wang brought this change]
-
- url: check the return value of curl_url()
-
- Closes #7917
-
-- [Roy Li brought this change]
-
- configure.ac: replace krb5-config with pkg-config
-
- The rationale is that custom *-config tools don't work well when
- cross-compiling or using sysroots (such as when using Yocto project) and
- require custom fixing for each of them; pkg-config on the other hand
- works similarly everywhere.
-
- Signed-off-by: Roy Li <rongqing.li@windriver.com>
- Signed-off-by: Alexander Kanavin <alex@linutronix.de>
-
- Closes #7916
-
-- test1160: edited to work with hyper
-
- Closes #7912
-
-- data/DISABLED: enable tests that now work with hyper
-
- Closes #7911
-
-- test559: add 'HTTP' in keywords
-
- Makes it run fine with hyper
-
- Closes #7911
-
-- test552: updated to work with hyper
-
- Closes #7911
-
-Marc Hoersken (27 Oct 2021)
-- github: fix incomplete permission to label PRs for Hacktoberfest
-
- Unfortunately the GitHub API requires a token with write permission
- for both issues and pull-requests to edit labels on even just PRs.
-
- Follow up to #7897
-
-Daniel Stenberg (27 Oct 2021)
-- opt-manpages: use 'Added in' instead of 'Since'
-
- Closes #7913
-
-Marc Hoersken (27 Oct 2021)
-- github: fix missing permission to label PRs for Hacktoberfest
-
- Follow up to #7897
-
- Test references to see if permissions are now sufficient:
-
- Closes #7832
- Closes #7897
-
-- CI: more use of test-ci make target and verbose output
-
- Replace test-nonflaky with test-ci and enable verbose output
- in all remaining CIs except Zuul which is customized a lot.
-
- Reviewed-by: Daniel Stenberg
- Reviewed-by: Jay Satiro
-
- Follow up to #7785
- Closes #7832
-
-- github: add support for Hacktoberfest using labels
-
- Automatically add hacktoberfest-accepted label to PRs opened between
- September 30th and November 1st once a commit with a close reference
- to it is pushed onto the master branch.
-
- With this workflow we can participate in Hacktoberfest while not
- relying on GitHub to identify PRs as merged due to our rebasing.
-
- Requires hacktoberfest-accepted labels to exist for PRs on the
- participating repository. Also requires hacktoberfest topic on
- the participating repository to avoid applying to forked repos.
-
- Reviewed-by: Daniel Stenberg
-
- Fixes #7865
- Closes #7897
-
-Daniel Stenberg (27 Oct 2021)
-- http: reject HTTP response codes < 100
-
- ... which then also includes negative ones as test 1430 uses.
-
- This makes native + hyper backend act identically on this and therefore
- test 1430 can now be enabled when building with hyper. Adjust test 1431
- as well.
-
- Closes #7909
-
-- [Kerem Kat brought this change]
-
- docs: fix typo in CURLOPT_TRAILERFUNCTION example
-
- Closes #7910
-
-- docs/HYPER: remove some remaining issues, add HTTP/0.9 limitation
-
-- configure: when hyper is selected, deselect nghttp2
-
- Closes #7908
-
-- [Patrick Monnerat brought this change]
-
- sendf: accept zero-length data in Curl_client_write()
-
- Historically, Curl_client_write() used a length value of 0 as a marker
- for a null-terminated data string. This feature has been removed in
- commit f4b85d2. To detect leftover uses of the feature, a DEBUGASSERT
- statement rejecting a length with value 0 was introduced, effectively
- precluding use of this function with zero-length data.
-
- The current commit removes the DEBUGASSERT and makes the function to
- return immediately if length is 0.
-
- A direct effect is to fix trying to output a zero-length distinguished
- name in openldap.
-
- Another DEBUGASSERT statement is also rephrased for better readability.
-
- Closes #7898
-
-- hyper: disable test 1294 since hyper doesn't allow such crazy headers
-
- Closes #7905
-
-- c-hyper: make CURLOPT_SUPPRESS_CONNECT_HEADERS work
-
- Verified by the enabled test 1288
-
- Closes #7905
-
-- test1287: make work on hyper
-
- Closes #7905
-
-- test1266/1267: disabled on hyper: no HTTP/0.9 support
-
- Closes #7905
-
-Viktor Szakats (25 Oct 2021)
-- Makefile.m32: fix to not require OpenSSL with -libssh2 or -rtmp options
-
- Previously, -libssh2/-rtmp options assumed that OpenSSL is also enabled
- (and then failed with an error when not finding expected OpenSSL headers),
- but this isn't necessarly true, e.g. when building both libssh2 and curl
- against Schannel. This patch makes sure to only enable the OpenSSL backend
- with -libssh2/-rtmp, when there was no SSL option explicitly selected.
-
- - Re-implement the logic as a single block of script.
- - Also fix an indentation while there.
-
- Assisted-by: Jay Satiro
-
- Closes #7895
-
-Daniel Stenberg (25 Oct 2021)
-- docs: consistent use of "Added in"
-
- Make them all say "Added in [version]" without using 'curl' or 'libcurl'
- in that phrase.
-
-- man pages: require all to use the same section header order
-
- This is the same order we already enforce among the options' man pages:
- consistency is good. Add lots of previously missing examples.
-
- Adjust the manpage-syntax script for this purpose, used in test 1173.
-
- Closes #7904
-
-- [David Hu brought this change]
-
- docs/HTTP3: improve build instructions
-
- 1. If writing to a system path if the command is not prefixed with
- `sudo` it will cause a permission denied error
-
- 2. The patched OpenSSL branch has been updated to `openssl-3.0.0+quic`
- to match upstream OpenSSL version.
-
- 3. We should not disable GnuTLS docs.
-
- Updated some commands about `make install`
-
- Closes #7842
-
-- [Ricardo Martins brought this change]
-
- CMake: restore support for SecureTransport on iOS
-
- Restore support for building curl for iOS with SecureTransport enabled.
-
- Closes #7501
-
-- tests: enable more tests with hyper
-
- Adjusted 1144, 1164 and 1176.
-
- Closes #7900
-
-- docs: provide "RETURN VALUE" section for more func manpages
-
- Three were missing, one used a non-standard name for the header.
-
- Closes #7902
-
-Jay Satiro (25 Oct 2021)
-- curl_multi_socket_action.3: add a "RETURN VALUE" section
-
- .. because it may not be immediately clear to the user what
- curl_multi_socket_action returns.
-
- Ref: https://curl.se/mail/lib-2021-10/0035.html
-
- Closes https://github.com/curl/curl/pull/7901
-
-Daniel Stenberg (24 Oct 2021)
-- RELEASE-NOTES: synced
-
-- [Samuel Henrique brought this change]
-
- tests: use python3 in test 1451
-
- This is a continuation of commit ec91b5a69000bea0794bbb3 in which
- changing this test was missed. There are no other python2 leftovers
- now.
-
- Based on a Debian patch originally written by Alessandro Ghedini
- <ghedo@debian.org>
-
- Closes #7899
-
-- [Eddie Lumpkin brought this change]
-
- lib: fixing comment spelling typos in lib files
-
- Closes #7894
- Signed-off-by: ewlumpkin <ewlumpkin@gmail.com>
-
-- openssl: if verifypeer is not requested, skip the CA loading
-
- It was previously done mostly to show a match/non-match in the verbose
- output even when verification was not asked for. This change skips the
- loading of the CA certs unless verifypeer is set to save memory and CPU.
-
- Closes #7892
-
-- curl-confopts.m4: remove --enable/disable-hidden-symbols
-
- These configure options have been saying "deprecated" since 9e24b9c7af
- (April 2012). It was about time we remove them.
-
- Closes #7891
-
-- c-hyper: don't abort CONNECT responses early when auth-in-progress
-
- ... and make sure to stop ignoring the body once the CONNECT is done.
-
- This should make test 206 work proper again and not be flaky.
-
- Closes #7889
-
-- hyper: does not support disabling CURLOPT_HTTP_TRANSFER_DECODING
-
- Simply because hyper doesn't have this ability. Mentioned in docs now.
-
- Skip test 326 then
-
- Closes #7889
-
-- test262: don't attempt with hyper
-
- This test verifies that curl works with binary zeroes in HTTP response
- headers and hyper refuses such. They're not kosher http.
-
- Closes #7889
-
-- c-hyper: make test 217 run
-
- Closes #7889
-
-- DISABLED: enable test 209+213 for hyper
-
- Follow-up to 823d3ab855c
-
- Closes #7889
-
-- test207: accept a different error code for hyper
-
- It returns HYPERE_UNEXPECTED_EOF for this case which we convert to the
- somewhat generic CURLE_RECV_ERROR.
-
- Closes #7889
-
-- [Érico Nogueira brought this change]
-
- INSTALL: update symbol hiding option
-
- --enable-hidden-symbols was deprecated in
- 9e24b9c7afbcb81120af4cf3f6cdee49a06d8224.
-
- Closes #7890
-
-- http_proxy: multiple CONNECT with hyper done better
-
- Enabled test 206
-
- Closes #7888
-
-- hyper: pass the CONNECT line to the debug callback
-
- Closes #7887
-
-- mailmap: Malik Idrees Hasan Khan
-
-Jay Satiro (21 Oct 2021)
-- [Malik Idrees Hasan Khan brought this change]
-
- build: fix typos
-
- Closes https://github.com/curl/curl/pull/7886
-
-- URL-SYNTAX: add IMAP UID SEARCH example
-
- - Explain the difference between IMAP search via URL (which returns
- message sequence numbers) and IMAP search via custom request (which
- can return UID numbers if prefixed with UID, eg "UID SEARCH ...").
-
- Bug: https://github.com/curl/curl/issues/7626
- Reported-by: orycho@users.noreply.github.com
-
- Ref: https://github.com/curl/curl/issues/2789
-
- Closes https://github.com/curl/curl/pull/7881
-
-Daniel Stenberg (20 Oct 2021)
-- manpage: adjust the asterisk in some SYNOPSIS sections
-
- Closes #7884
-
-- curl_multi_perform.3: polish wording
-
- - simplify the example by using curl_multi_poll
-
- - mention curl_multi_add_handle in the text
-
- - cut out the description of pre-7.20.0 return code behavior - that version
- is now more than eleven years old and is basically no longer out there
-
- - adjust the "typical usage" to mention curl_multi_poll
-
- Closes #7883
-
-- docs/THANKS: removed on request
-
-- FAQ: polish the explanation of libcurl
-
-- curl_easy_perform.3: minor wording tweak
-
-- [Erik Stenlund brought this change]
-
- mime: mention CURL_DISABLE_MIME in comment
-
- CURL_DISABLE_MIME is not mentioned in the comment describing the if else
- preprocessor directive.
-
- Closes #7882
-
-- tls: remove newline from three infof() calls
-
- Follow-up to e7416cf
-
- Reported-by: billionai on github
- Fixes #7879
- Closes #7880
-
-- RELEASE-NOTES: synced
-
-- curl_gssapi: fix build warnings by removing const
-
- Follow-up to 20e980f85b0ea6
-
- In #7875 these inits were modified but I get two warnings that these new
- typecasts are necessary for.
-
- Closes #7876
-
-- [Bo Anderson brought this change]
-
- curl_gssapi: fix link error on macOS Monterey
-
- Fixes #7657
- Closes #7875
-
-- test1185: verify checksrc
-
- Closes #7866
-
-- checksrc: improve the SPACESEMICOLON error message
-
- and adjust the MULTISPACE one to use plural
-
- Closes #7866
-
-- url: set "k->size" -1 at start of request
-
- The size of the transfer is unknown at that point.
-
- Fixes #7871
- Closes #7872
-
-Daniel Gustafsson (18 Oct 2021)
-- doh: remove experimental code for DoH with GET
-
- The code for sending DoH requests with GET was never enabled in a way
- such that it could be used or tested. As there haven't been requests
- for this feature, and since it at this is effectively dead, remove it
- and favor reimplementing the feature in case anyone is interested.
-
- Closes #7870
- Reviewed-by: Daniel Stenberg <daniel@haxx.se>
-
-Daniel Stenberg (18 Oct 2021)
-- cirrus: remove FreeBSD 11.4 from the matrix
-
- It has reached End-Of-Life and causes some LDAP CI issues.
-
- Closes #7869
-
-- cirrus: switch to openldap24-client
-
- ... as it seems openldap-client doesn't exist anymore.
-
- Reported-by: Jay Satiro
- Fixes #7868
- Closes #7869
-
-- checksrc: ignore preprocessor lines
-
- In order to check the actual code better, checksrc now ignores
- everything that look like preprocessor instructions. It also means
- that code in macros are now longer checked.
-
- Note that some rules then still don't need to be followed when code is
- exactly below a cpp instruction.
-
- Removes two checksrc exceptions we needed previously because of
- preprocessor lines being checked.
-
- Reported-by: Marcel Raad
- Fixes #7863
- Closes #7864
-
-- urlapi: skip a strlen(), pass in zero
-
- ... to let curl_easy_escape() itself do the strlen. This avoids a (false
- positive) Coverity warning and it avoids us having to store the strlen()
- return value in an int variable.
-
- Reviewed-by: Daniel Gustafsson
- Closes #7862
-
-- misc: update copyright years
-
-- examples/htmltidy: correct wrong printf() use
-
- ... and update the includes to match how current htmltidy wants them
- used.
-
- Reported-by: Stathis Kapnidis
- Fixes #7860
- Closes #7861
-
-Jay Satiro (15 Oct 2021)
-- http: set content length earlier
-
- - Make content length (ie download size) accessible to the user in the
- header callback, but only after all headers have been processed (ie
- only in the final call to the header callback).
-
- Background:
-
- For a long time the content length could be retrieved in the header
- callback via CURLINFO_CONTENT_LENGTH_DOWNLOAD_T as soon as it was parsed
- by curl.
-
- Changes were made in 8a16e54 (precedes 7.79.0) to ignore content length
- if any transfer encoding is used. A side effect of that was that
- content length was not set by libcurl until after the header callback
- was called the final time, because until all headers are processed it
- cannot be determined if content length is valid.
-
- This change keeps the same intention --all headers must be processed--
- but now the content length is available before the final call to the
- header function that indicates all headers have been processed (ie
- a blank header).
-
- Bug: https://github.com/curl/curl/commit/8a16e54#r57374914
- Reported-by: sergio-nsk@users.noreply.github.com
-
- Co-authored-by: Daniel Stenberg
-
- Fixes https://github.com/curl/curl/issues/7804
- Closes https://github.com/curl/curl/pull/7803
-
-Daniel Stenberg (15 Oct 2021)
-- [Abhinav Singh brought this change]
-
- aws-sigv4: make signature work when post data is binary
-
- User sets the post fields size for binary data. Hence, we should not be
- using strlen on it.
-
- Added test 1937 and 1938 to verify.
-
- Closes #7844
-
-- [a1346054 brought this change]
-
- MacOSX-Framework: remove redundant ';'
-
- Closes #7859
-
-- RELEASE-NOTES: synced
-
-- openssl: with OpenSSL 1.1.0+ a failed RAND_status means goaway
-
- One reason we know it can fail is if a provider is used that doesn't do
- a proper job or is wrongly configured.
-
- Reported-by: Michael Baentsch
- Fixes #7840
- Closes #7856
-
-Marcel Raad (14 Oct 2021)
-- [Ryan Mast brought this change]
-
- cmake: add CURL_ENABLE_SSL option and make CMAKE_USE_* SSL backend options depend on it
-
- Closes https://github.com/curl/curl/pull/7822
-
-Daniel Stenberg (14 Oct 2021)
-- http: remove assert that breaks hyper
-
- Reported-by: Jay Satiro
- Fixes #7852
- Closes #7855
-
-- http_proxy: fix one more result assign for hyper
-
- and remove the bad assert again, since it was run even with no error!
-
- Closes #7854
-
-Jay Satiro (14 Oct 2021)
-- sws: fix memory leak on exit
-
- - Free the allocated http request struct on cleanup.
-
- Prior to this change if sws was built with leak sanitizer it would
- report a memory leak error during testing.
-
- Closes https://github.com/curl/curl/pull/7849
-
-Daniel Stenberg (14 Oct 2021)
-- c-hyper: make Curl_http propagate errors better
-
- Pass on better return codes when errors occur within Curl_http instead
- of insisting that CURLE_OUT_OF_MEMORY is the only possible one.
-
- Pointed-out-by: Jay Satiro
- Closes #7851
-
-- http_proxy: make hyper CONNECT() return the correct error code
-
- For every 'goto error', make sure the result variable holds the error
- code for what went wrong.
-
- Reported-by: Rafał Mikrut
- Fixes #7825
- Closes #7846
-
-- docs/Makefile.am: repair 'make html'
-
- by removing index.html which isn't around anymore
-
- Closes #7853
-
-- [Борис Верховский brought this change]
-
- curl: correct grammar in generated libcurl code
-
- Closes #7802
-
-- tests: disable test 2043
-
- It uses revoked.badssl.com which now is expired and therefor this now
- permafails. We should not use external sites for tests, this test should
- be converted to use our own infra.
-
- Closes #7845
-
-- runtests: split out ignored tests
-
- Report ignore tests separately from the actual fails.
-
- Don't exit non-zero if test servers couldn't get killed.
-
- Assisted-by: Jay Satiro
-
- Fixes #7818
- Closes #7841
-
-- http2: make getsock not wait for write if there's no remote window
-
- While uploading, check for remote window availability in the getsock
- function so that we don't wait for a writable socket if no data can be
- sent.
-
- Reported-by: Steini2000 on github
- Fixes #7821
- Closes #7839
-
-- test368: verify dash is appended for "-r [num]"
-
- Follow-up to 8758a26f8878
-
-- [Борис Верховский brought this change]
-
- curl: actually append "-" to --range without number only
-
- Closes #7837
-
-- RELEASE-NOTES: synced
-
-- urlapi: URL decode percent-encoded host names
-
- The host name is stored decoded and can be encoded when used to extract
- the full URL. By default when extracting the URL, the host name will not
- be URL encoded to work as similar as possible as before. When not URL
- encoding the host name, the '%' character will however still be encoded.
-
- Getting the URL with the CURLU_URLENCODE flag set will percent encode
- the host name part.
-
- As a bonus, setting the host name part with curl_url_set() no longer
- accepts a name that contains space, CR or LF.
-
- Test 1560 has been extended to verify percent encodings.
-
- Reported-by: Noam Moshe
- Reported-by: Sharon Brizinov
- Reported-by: Raul Onitza-Klugman
- Reported-by: Kirill Efimov
- Fixes #7830
- Closes #7834
-
-Marc Hoersken (8 Oct 2021)
-- CI/makefiles: introduce dedicated test target
-
- Make it easy to use the same set of test flags
- throughout all current and future CI builds.
-
- Reviewed-by: Jay Satiro
-
- Follow up to #7690
- Closes #7785
-
-Daniel Stenberg (8 Oct 2021)
-- maketgz: redirect updatemanpages.pl output to /dev/null
-
-- CURLOPT_HTTPHEADER.3: add descripion for specific headers
-
- Settting Host: or Transfer-Encoding: chunked actually have special
- meanings to libcurl. This change tries to document them
-
- Closes #7829
-
-- c-hyper: use hyper_request_set_uri_parts to make h2 better
-
- and make sure to not send Host: over h2.
-
- Fixes #7679
- Reported-by: David Cook
- Closes #7827
-
-- [Michael Afanasiev brought this change]
-
- curl-openssl.m4: modify library order for openssl linking
-
- lcrypto may depend on lz, and configure corrently fails with when
- statically linking as the order is "-lz -lcrypto". This commit switches
- the order to "-lcrypto -lz".
-
- Closes #7826
-
-Marcel Raad (7 Oct 2021)
-- sha256: use high-level EVP interface for OpenSSL
-
- Available since OpenSSL 0.9.7. The low-level SHA256 interface is
- deprecated in OpenSSL v3, and its usage was discouraged even before.
-
- Closes https://github.com/curl/curl/pull/7808
-
-- curl_ntlm_core: use OpenSSL only if DES is available
-
- This selects another SSL backend then if available, or otherwise at
- least gives a meaningful error message.
-
- Closes https://github.com/curl/curl/pull/7808
-
-- md5: fix compilation with OpenSSL 3.0 API
-
- Only use OpenSSL's MD5 code if it's available.
-
- Also fix wolfSSL build with `NO_MD5`, in which case neither the
- wolfSSL/OpenSSL implementation nor the fallback implementation was
- used.
-
- Closes https://github.com/curl/curl/pull/7808
-
-Daniel Stenberg (7 Oct 2021)
-- print_category: printf %*s needs an int argument
-
- ... not a size_t!
-
- Detected by Coverity: CID 1492331.
- Closes #7823
-
-Jay Satiro (7 Oct 2021)
-- version_win32: use actual version instead of manifested version
-
- - Use RtlVerifyVersionInfo instead of VerifyVersionInfo, when possible.
-
- Later versions of Windows have normal version functions that compare and
- return versions based on the way the application is manifested, instead
- of the actual version of Windows the application is running on. We
- prefer the actual version of Windows so we'll now call the Rtl variant
- of version functions (RtlVerifyVersionInfo) which does a proper
- comparison of the actual version.
-
- Reported-by: Wyatt O'Day
-
- Ref: https://github.com/curl/curl/pull/7727
-
- Fixes https://github.com/curl/curl/issues/7742
- Closes https://github.com/curl/curl/pull/7810
-
-Daniel Stenberg (6 Oct 2021)
-- RELEASE-NOTES: synced
-
-- http: fix Basic auth with empty name field in URL
-
- Add test 367 to verify.
-
- Reported-by: Rick Lane
- Fixes #7819
- Closes #7820
-
-- [Jeffrey Tolar brought this change]
-
- CURLOPT_MAXLIFETIME_CONN: maximum allowed lifetime for conn reuse
-
- ... and close connections that are too old instead of reusing them.
-
- By default, this behavior is disabled.
-
- Bug: https://curl.se/mail/lib-2021-09/0058.html
- Closes #7751
-
-Daniel Gustafsson (6 Oct 2021)
-- docs/examples: add missing binaries to gitignore
-
- Commit f65d7889b added getreferrer, and commit ae8e11ed5 multi-legacy,
- both of which missed adding .gitignore clauses for the built binaries.
-
- Closes #7817
- Reviewed-by: Daniel Stenberg <daniel@haxx.se>
-
-Daniel Stenberg (5 Oct 2021)
-- [Josip Medved brought this change]
-
- HTTP3: fix the HTTP/3 Explained book link
-
- Closes #7813
-
-- [Lucas Holt brought this change]
-
- misc: fix a few issues on MidnightBSD
-
- Closes #7812
-
-Daniel Gustafsson (4 Oct 2021)
-- [8U61ife brought this change]
-
- tool_main: fix typo in comment
-
- Closes: #7811
- Reviewed-by: Daniel Gustafsson <daniel@yesql.se>
-
-Daniel Stenberg (4 Oct 2021)
-- [Ryan Mast brought this change]
-
- BINDINGS: URL updates
-
- For cpr, BBHTTP, Eiffel, Harbour, Haskell, Mono, and Rust
-
- Closes #7809
-
-- scripts/delta: hide a git error message we don't care about
-
- fatal: path 'src/tool_listhelp.c' exists on disk, but not in [tag]
-
-- [Patrick Monnerat brought this change]
-
- sasl: binary messages
-
- Capabilities of sasl module are extended to exchange messages in binary
- as an alternative to base64.
-
- If http authentication flags have been set, those are used as sasl
- default preferred mechanisms.
-
- Closes #6930
-
-- [Hayden Roche brought this change]
-
- wolfssl: use for SHA256, MD4, MD5, and setting DES odd parity
-
- Prior to this commit, OpenSSL could be used for all these functions, but
- not wolfSSL. This commit makes it so wolfSSL will be used if USE_WOLFSSL
- is defined.
-
- Closes #7806
-
-- scripts/delta: count command line options in the new file
-
- ... which makes the shown delta number wrong until next release.
-
-- RELEASE-NOTES: synced
-
-- print_category: print help descriptions aligned
-
- Adjust the description position to make an aligned column when doing
- help listings, which is more pleasing to the eye.
-
- Suggested-by: Gisle Vanem
- Closes #7792
-
-- lib/mk-ca-bundle.pl: skip certs passed Not Valid After date
-
- With this change applied, the now expired 'DST Root CA X3' cert will no
- longer be included in the output.
-
- Details: https://letsencrypt.org/docs/dst-root-ca-x3-expiration-september-2021/
-
- Closes #7801
-
-- tool_listhelp: easier to generate with gen.pl
-
- tool_listhelp.c is now a separate file with only the command line --help
- output, exactly as generated by gen.pl. This makes it easier to generate
- updates according to what's in the docs/cmdline-opts docs.
-
- cd $srcroot/docs/cmdline-opts
- ./gen.pl listhelp *.d > $srcroot/src/tool_listhelp.c
-
- With a configure build, this also works:
-
- make -C src listhelp
-
- Closes #7787
-
-- [Anthony Hu brought this change]
-
- wolfssl: allow setting of groups/curves
-
- In particular, the quantum safe KEM and hybrid curves if wolfSSL is
- built to support them.
-
- Closes #7728
-
-- [Jan Mazur brought this change]
-
- connnect: use sysaddr_un fron sys/un.h or custom-defined for windows
-
- Closes #7737
-
-Jay Satiro (30 Sep 2021)
-- [Rikard Falkeborn brought this change]
-
- hostip: Move allocation to clarify there is no memleak
-
- By just glancing at the code, it looks like there is a memleak if the
- call to Curl_inet_pton() fails. Looking closer, it is clear that the
- call to Curl_inet_pton() can not fail, so the code will never leak
- memory. However, we can make this obvious by moving the allocation
- after the if-statement.
-
- Closes https://github.com/curl/curl/pull/7796
-
-Daniel Stenberg (30 Sep 2021)
-- gen.pl: make the output date format work better
-
- Follow-up to 15910dfd143dd
-
- The previous strftime format used didn't work correctly on Windows, so
- change to %B %d %Y which today looks like "September 29 2021".
-
- Reported-by: Gisle Vanem
- Bug: #7782
- Closes #7793
-
-- typecheck-gcc.h: add CURLOPT_PREREQDATA awareness
-
- Follow-up to a517378de58358a
-
- To make test 1912 happy again
-
- Closes #7799
-
-Marcel Raad (29 Sep 2021)
-- configure: remove `HAVE_WINSOCK_H` definition
-
- It's not used anymore.
-
- Closes https://github.com/curl/curl/pull/7795
-
-- CMake: remove `HAVE_WINSOCK_H` definition
-
- It's not used anymore.
-
- Closes https://github.com/curl/curl/pull/7795
-
-- config: remove `HAVE_WINSOCK_H` definition
-
- It's not used anymore.
-
- Closes https://github.com/curl/curl/pull/7795
-
-- lib: remove `HAVE_WINSOCK_H` usage
-
- WinSock v1 is not supported anymore. Exclusively use `HAVE_WINSOCK2_H`
- instead.
-
- Closes https://github.com/curl/curl/pull/7795
-
-Daniel Stenberg (29 Sep 2021)
-- easyoptions: add the two new PRE* options
-
- Follow-up to a517378de58358a
-
- Also fix optiontable.pl to do the correct remainder on the entry.
-
- Reported-by: Gisle Vanem
- Bug: https://github.com/curl/curl/commit/a517378de58358a85b7cfe9efecb56051268f629#commitcomment-57224830
- Closes #7791
-
-- Revert "build: remove checks for WinSock 1"
-
- Due to CI issues
-
- This reverts commit c2ea04f92b00b6271627cb218647527b5a50f2fc.
-
- Closes #7790
-
-Daniel Gustafsson (29 Sep 2021)
-- lib: avoid fallthrough cases in switch statements
-
- Commit b5a434f7f0ee4d64857f8592eced5b9007d83620 inhibits the warning
- on implicit fallthrough cases, since the current coding of indicating
- fallthrough with comments is falling out of fashion with new compilers.
- This attempts to make the issue smaller by rewriting fallthroughs to no
- longer fallthrough, via either breaking the cases or turning switch
- statements into if statements.
-
- lib/content_encoding.c: the fallthrough codepath is simply copied
- into the case as it's a single line.
- lib/http_ntlm.c: the fallthrough case skips a state in the state-
- machine and fast-forwards to NTLMSTATE_LAST. Do this before the
- switch statement instead to set up the states that we actually
- want.
- lib/http_proxy.c: the fallthrough is just falling into exiting the
- switch statement which can be done easily enough in the case.
- lib/mime.c: switch statement rewritten as if statement.
- lib/pop3.c: the fallthrough case skips to the next state in the
- statemachine, do this explicitly instead.
- lib/urlapi.c: switch statement rewritten as if statement.
- lib/vssh/wolfssh.c: the fallthrough cases fast-forwards the state
- machine, do this by running another iteration of the switch
- statement instead.
- lib/vtls/gtls.c: switch statement rewritten as if statement.
- lib/vtls/nss.c: the fallthrough codepath is simply copied into the
- case as it's a single line. Also twiddle a comment to not be
- inside a non-brace if statement.
-
- Closes: #7322
- See-also: #7295
- Reviewed-by: Daniel Stenberg <daniel@haxx.se>
-
-Marcel Raad (28 Sep 2021)
-- config-win32ce: enable WinSock 2
-
- WinSock 2.2 is supported by Windows CE .NET 4.1 (from 2002, out of
- support since 2013).
-
- Ref: https://docs.microsoft.com/en-us/previous-versions/windows/embedded/ms899586(v=msdn.10)
-
- Closes https://github.com/curl/curl/pull/7778
-
-- externalsocket: use WinSock 2.2
-
- That's the only version we support.
-
- Closes https://github.com/curl/curl/pull/7778
-
-- build: remove checks for WinSock 1
-
- It's not supported anymore.
-
- Closes https://github.com/curl/curl/pull/7778
-
-Daniel Stenberg (28 Sep 2021)
-- scripts/copyright: .muse is .lift now
-
- And update 5 files with old copyright year range
-
-- cmdline-opts: made the 'Added:' field mandatory
-
- Since "too old" versions are no longer included in the generated man
- page, this field is now mandatory so that it won't be forgotten and then
- not included in the documentation.
-
- Closes #7786
-
-- curl.1: remove mentions of really old version changes
-
- To make the man page more readable, this change removes all references
- to changes in support/versions etc that happened before 7.30.0 from the
- curl.1 output file. 7.30.0 was released on Apr 12 2013. This particular
- limit is a bit arbitrary but was fairly easy to grep for.
-
- It is handled like this: the 'Added' keyword is only used in output if
- it refers to 7.30.0 or later. All occurances of "(Added in $VERSION)" in
- description will be stripped out if the mentioned $VERSION is from
- before 7.30.0. It is therefore important that the "Added in..."
- references are always written exactly like that - and on a single line,
- not split over two.
-
- This change removes about 80 version number references from curl.1, down
- to 138 from 218.
-
- Closes #7786
-
-- RELEASE-NOTES: synced
-
-- tool_cb_prg: make resumed upload progress bar show better
-
- This is a regression that was *probably* injected in the larger progress
- bar overhaul in 2018.
-
- Reported-by: beslick5 on github
- Fixes #7760
- Closes #7777
-
-- gen.pl: insert the current date and version in generated man page
-
- Reported-by: Gisle Vanem
- Ref: #7780
- Closes #7782
-
-- NTLM: use DES_set_key_unchecked with OpenSSL
-
- ... as the previously used function DES_set_key() will in some cases
- reject using a key that it deems "weak" which will cause curl to
- continue using the unitialized buffer content as key instead.
-
- Assisted-by: Harry Sintonen
- Fixes #7779
- Closes #7781
-
-Marc Hoersken (27 Sep 2021)
-- CI: align make and test flags in various config files
-
- 1. Use Makefile target to run tests in autotools builds on AppVeyor.
- 2. Disable testing of SCP protocol on native Windows environments.
- 3. Remove redundant parameters -a -p from target test-nonflaky.
- 4. Don't use -vc parameter which is reserved for debugging.
-
- Replaces #7591
- Closes #7690
-
-Daniel Stenberg (27 Sep 2021)
-- mailmap: unify Max!
-
-- [Max Dymond brought this change]
-
- CURLOPT_PREREQFUNCTION: add new callback
-
- Triggered before a request is made but after a connection is set up
-
- Changes:
-
- - callback: Update docs and callback for pre-request callback
- - Add documentation for CURLOPT_PREREQDATA and CURLOPT_PREREQFUNCTION,
- - Add redirect test and callback failure test
- - Note that the function may be called multiple times on a redirection
- - Disable new 2086 test due to Windows weirdness
-
- Closes #7477
-
-- KNOWN_BUGS: HTTP/2 connections through HTTPS proxy frequently stall
-
- Closes #6936
-
-- TODO: make configure use --cache-file more and better
-
- Closes #7753
-
-- [Sergey Markelov brought this change]
-
- urlapi: support UNC paths in file: URLs on Windows
-
- - file://host.name/path/file.txt is a valid UNC path
- \\host.name\path\files.txt to a non-local file transformed into URI
- (RFC 8089 Appendix E.3)
-
- - UNC paths on other OSs must be smb: URLs
-
- Closes #7366
-
-- [Gleb Ivanovsky brought this change]
-
- urlapi: add curl_url_strerror()
-
- Add curl_url_strerror() to convert CURLUcode into readable string and
- facilitate easier troubleshooting in programs using URL API.
- Extend CURLUcode with CURLU_LAST for iteration in unit tests.
- Update man pages with a mention of new function.
- Update example code and tests with new functionality where it fits.
-
- Closes #7605
-
-- RELEASE-NOTES: synced
-
-- [Mats Lindestam brought this change]
-
- libssh2: add SHA256 fingerprint support
-
- Added support for SHA256 fingerprint in command line curl and in
- libcurl.
-
- Closes #7646
-
-- libcurl.rc: switch out the copyright symbol for plain ASCII
-
- Reported-by: Vitaly Varyvdin
- Assisted-by: Viktor Szakats
- Fixes #7765
- Closes #7776
-
-- [Jun-ya Kato brought this change]
-
- ngtcp2: fix QUIC transport parameter version
-
- fix inappropriate version setting for QUIC transport parameters.
- this patch keeps curl with ngtcp2 uses QUIC draft version (h3-29).
-
- Closes #7771
-
-- examples/imap-append: fix end-of-data check
-
- Reported-by: Alexander Chuykov
- Fixes #7774
- Closes #7775
-
-Michael Kaufmann (24 Sep 2021)
-- vtls: Fix a memory leak if an SSL session cannot be added to the cache
-
- On connection shutdown, a new TLS session ticket may arrive after the
- SSL session cache has already been destructed. In this case, the new
- SSL session cannot be added to the SSL session cache.
-
- The callers of Curl_ssl_addsessionid() need to know whether the SSL
- session has been added to the cache. If it has not been added, the
- reference counter of the SSL session must not be incremented, or memory
- used by the SSL session must be freed. This is now possible with the new
- output parameter "added" of Curl_ssl_addsessionid().
-
- Fixes #7683
- Closes #7752
-
-Daniel Stenberg (24 Sep 2021)
-- [Momoka Yamamoto brought this change]
-
- HTTP3.md: use 'autoreconf -fi' instead of buildconf
-
- buildconf is not used since #5853
-
- Closes #7746
-
-- GIT-INFO: rephrase to adapt to s/buildconf/autoreconf
-
-- [h1zzz brought this change]
-
- llist: remove redundant code, branch will not be executed
-
- Closes #7770
-
-- [tlahn brought this change]
-
- HTTP-COOKIES.md: remove duplicate 'each'
-
- Closes #7772
-
-Jay Satiro (24 Sep 2021)
-- [Joel Depooter brought this change]
-
- libssh2: Get the version at runtime if possible
-
- Previously this code used a compile time constant, meaning that libcurl
- always reported the libssh2 version that libcurl was built with. This
- could differ from the libssh2 version actually being used. The new code
- uses the CURL_LIBSSH2_VERSION macro, which is defined in ssh.h. The
- macro calls the libssh2_version function if it is available, otherwise
- it falls back to the compile time version.
-
- Closes https://github.com/curl/curl/pull/7768
-
-- [Joel Depooter brought this change]
-
- schannel: fix typo
-
- Closes https://github.com/curl/curl/pull/7769
-
-Daniel Stenberg (23 Sep 2021)
-- cmake: with OpenSSL, define OPENSSL_SUPPRESS_DEPRECATED
-
- To avoid the "... is deprecated" warnings brought by OpenSSL v3.
- (We need to address the underlying code at some point of course.)
-
- Assisted-by: Jakub Zakrzewski
- Closes #7767
-
-- curl-openssl: pass argument to sed single-quoted
-
- ... instead of using an escaped double-quote. This is an attempt to make
- this work better with ksh that otherwise would insist on a double
- escape!
-
- Reported-by: Randall S. Becker
- Fixes #7758
- Closes #7764
-
-- RELEASE-NOTES: synced
-
- Bumped curlver to 7.80.0-dev
-
-- [a1346054 brought this change]
-
- misc: fix typos in docs and comments
-
- No user facing output from curl/libcurl is changed by this, just
- comments.
-
- Closes #7747
-
-- [Thomas M. DuBuisson brought this change]
-
- ci: update Lift config to match requirements of curl build
-
- Also renamed Muse -> Lift, the new tool name.
-
- Closes #7761
-
-- [Rikard Falkeborn brought this change]
-
- cleanup: constify unmodified static structs
-
- Constify a number of static structs that are never modified. Make them
- const to show this.
-
- Closes #7759
-
-Version 7.79.1 (22 Sep 2021)
-
-Daniel Stenberg (22 Sep 2021)
-- RELEASE-NOTES: synced
-
- curl 7.79.1 release
-
-- THANKS: added names from the 7.79.1 release
-
-- test897: verify delivery of IMAP post-body header content
-
- The "content" is delivered as "body" by curl, but the envelope continues
- after the body and the rest of it should be delivered as header.
-
- The IMAP server can now get 'POSTFETCH' set to include more data to
- include after the body and test 897 is done to verify that such "extra"
- header data is in fact delivered by curl as header.
-
- Ref: #7284 but fails to reproduce the issue
-
- Closes #7748
-
-- KNOWN_BUGS: connection migration doesn't work
-
- Closes #7695
-
-- RELEASE-NOTES: synced
-
-- http: fix the broken >3 digit response code detection
-
- When the "reason phrase" in the HTTP status line starts with a digit,
- that was treated as the forth response code digit and curl would claim
- the response to be non-compliant.
-
- Added test 1466 to verify this case.
-
- Regression brought by 5dc594e44f73b17
- Reported-by: Glenn de boer
- Fixes #7738
- Closes #7739
-
-Jay Satiro (17 Sep 2021)
-- strerror: use sys_errlist instead of strerror on Windows
-
- - Change Curl_strerror to use sys_errlist[errnum] instead of strerror to
- retrieve the error message on Windows.
-
- Windows' strerror writes to a static buffer and is not thread-safe.
-
- Follow-up to 2f0bb86 which removed most instances of strerror in favor
- of calling Curl_strerror (which calls strerror_r for other platforms).
-
- Ref: https://github.com/curl/curl/pull/7685
- Ref: https://github.com/curl/curl/commit/2f0bb86
-
- Closes https://github.com/curl/curl/pull/7735
-
-Daniel Stenberg (16 Sep 2021)
-- dist: provide lib/.checksrc in the tarball
-
- So that debug builds work (checksrc really)
-
- Reported-by: Marcel Raad
- Reported-by: tawmoto on github
- Fixes #7733
- Closes #7734
-
-- TODO: Improve documentation about fork safety
-
- Closes #6968
-
-- hsts: CURLSTS_FAIL from hsts read callback should fail transfer
-
- ... and have CURLE_ABORTED_BY_CALLBACK returned.
-
- Extended test 1915 to verify.
-
- Reported-by: Jonathan Cardoso
- Fixes #7726
- Closes #7729
-
-- test1184: disable
-
- The test should be fine and it works for me repeated when run manually,
- but clearly it causes CI failures and it needs more research.
-
- Reported-by: RiderALT on github
- Fixes #7725
- Closes #7732
-
-- Curl_http2_setup: don't change connection data on repeat invokes
-
- Regression from 3cb8a748670ab88c (releasde in 7.79.0). That change moved
- transfer oriented inits to before the check but also erroneously moved a
- few connection oriented ones, which causes problems.
-
- Reported-by: Evangelos Foutras
- Fixes #7730
- Closes #7731
-
-- RELEASE-NOTES: synced
-
- and bump to 7.79.1
-
-Kamil Dudka (16 Sep 2021)
-- tests/sshserver.pl: make it work with openssh-8.7p1
-
- ... by not using options with no argument where an argument is required:
-
- === Start of file tests/log/ssh_server.log
- curl_sshd_config line 6: no argument after keyword "DenyGroups"
- curl_sshd_config line 7: no argument after keyword "AllowGroups"
- curl_sshd_config line 10: Deprecated option AuthorizedKeysFile2
- curl_sshd_config line 29: Deprecated option KeyRegenerationInterval
- curl_sshd_config line 39: Deprecated option RhostsRSAAuthentication
- curl_sshd_config line 40: Deprecated option RSAAuthentication
- curl_sshd_config line 41: Deprecated option ServerKeyBits
- curl_sshd_config line 45: Deprecated option UseLogin
- curl_sshd_config line 56: no argument after keyword "AcceptEnv"
- curl_sshd_config: terminating, 3 bad configuration options
- === End of file tests/log/ssh_server.log
-
- === Start of file log/sftp_server.log
- curl_sftp_config line 33: Unsupported option "rhostsrsaauthentication"
- curl_sftp_config line 34: Unsupported option "rsaauthentication"
- curl_sftp_config line 52: no argument after keyword "sendenv"
- curl_sftp_config: terminating, 1 bad configuration options
- Connection closed.
- Connection closed
- === End of file log/sftp_server.log
-
- Closes #7724
-
-Daniel Stenberg (15 Sep 2021)
-- hsts: handle unlimited expiry
-
- When setting a blank expire string, meaning unlimited, curl would pass
- TIME_T_MAX to getime_r() when creating the output, while on 64 bit
- systems such a large value cannot be convetered to a tm struct making
- curl to exit the loop with an error instead. It can't be converted
- because the year it would represent doesn't fit in the 'int tm_year'
- field!
-
- Starting now, unlimited expiry is instead handled differently by using a
- human readable expiry date spelled out as "unlimited" instead of trying
- to use a distant actual date.
-
- Test 1660 and 1915 have been updated to help verify this change.
-
- Reported-by: Jonathan Cardoso
- Fixes #7720
- Closes #7721
-
-- curl_multi_fdset: make FD_SET() not operate on sockets out of range
-
- The VALID_SOCK() macro was made to only check for FD_SETSIZE if curl was
- built to use select(), even though the curl_multi_fdset() function
- always and unconditionally uses FD_SET and needs the check.
-
- Reported-by: 0xee on github
- Fixes #7718
- Closes #7719
-
-- FAQ: add GOPHERS + curl works on data, not files
-
-Version 7.79.0 (14 Sep 2021)
-
-Daniel Stenberg (14 Sep 2021)
-- RELEASE-NOTES: synced
-
- For the 7.79.0 release
-
-- THANKS: add contributors from 7.79.0 release cycle
-
-- FAQ: add two dev related questions
-
- 8.1 Why does curl use C89?
- 8.2 Will curl be rewritten?
-
- Spell-checked-by: Paul Johnson
- Closes #7715
-
-- zuul.d/jobs: disable three tests for *-openssl-disable-proxy
-
- ... as they mysteriously seem to permfail without being related to
- proxy.
-
- Closes #7714
-
-- [Patrick Monnerat brought this change]
-
- ftp,imap,pop3,smtp: reject STARTTLS server response pipelining
-
- If a server pipelines future responses within the STARTTLS response, the
- former are preserved in the pingpong cache across TLS negotiation and
- used as responses to the encrypted commands.
-
- This fix detects pipelined STARTTLS responses and rejects them with an
- error.
-
- CVE-2021-22947
-
- Bug: https://curl.se/docs/CVE-2021-22947.html
-
-- [Patrick Monnerat brought this change]
-
- ftp,imap,pop3: do not ignore --ssl-reqd
-
- In imap and pop3, check if TLS is required even when capabilities
- request has failed.
-
- In ftp, ignore preauthentication (230 status of server greeting) if TLS
- is required.
-
- Bug: https://curl.se/docs/CVE-2021-22946.html
-
- CVE-2021-22946
-
-- [z2_ on hackerone brought this change]
-
- mqtt: clear the leftovers pointer when sending succeeds
-
- CVE-2021-22945
-
- Bug: https://curl.se/docs/CVE-2021-22945.html
-
-- zuul: bump the rustls job to use v0.7.2
-
- ... and add -lm when using a rust library.
-
- Closes #7701
-
-- RELEASE-PROCEDURE: add release dates from now to 8.0.0 in 2023
-
-- SECURITY-PROCESS: tweak a little to match current practices
-
- Closes #7713
-
-- http_proxy: fix the User-Agent inclusion in CONNECT
-
- It should not refer to the uagent string that is allocated and created
- for the end server http request, as that pointer may be cleared on
- subsequent CONNECT requests.
-
- Added test case 1184 to verify.
-
- Reported-by: T200proX7 on github
- Fixes #7705
- Closes #7707
-
-- Curl_hsts_loadcb: don't attempt to load if hsts wasn't inited
-
- Reported-by: Jonathan Cardoso
- Fixes #7710
- Closes #7711
-
-- [Tatsuhiro Tsujikawa brought this change]
-
- ngtcp2: fix build with ngtcp2 and nghttp3
-
- ngtcp2_conn_client_new and nghttp3_conn_client_new are now macros.
- Check the wrapped functions instead.
-
- ngtcp2_stream_close callback now takes flags parameter.
-
- Closes #7709
-
-- write-out.d: clarify size_download/upload
-
- They show the number of "body" bytes transfered.
- Fixes #7702
- Closes #7706
-
-- http2: Curl_http2_setup needs to init stream data in all invokes
-
- Thus function was written to avoid doing multiple connection data
- initializations, which is fine, but since it also initiates stream
- related data it is crucial that it doesn't skip those even if called
- again for the same connection. Solved by moving the stream
- initializations before the "doing-it-again" check.
-
- Reported-by: Inho Oh
- Fixes #7630
- Closes #7692
-
-- url: fix compiler warning in no-verbose builds
-
- Follow-up from 2f0bb864c12
-
- Closes #7700
-
-- non-ascii: fix build errors from strerror fix
-
- Follow-up to 2f0bb864c12
-
- Closes #7697
-
-- parse_args: redo the warnings for --remote-header-name combos
-
- ... to avoid the memory leak risk pointed out by scan-build.
-
- Follow-up from 7a3e981781d6c18a
-
- Closes #7698
-
-- ngtcp2: adapt to new size defintions upstream
-
- Reviewed-by: Tatsuhiro Tsujikawa
- Closes #7699
-
-- rustls: add strerror.h include
-
- Follow-up to 2f0bb864c12
-
-- docs: the security list is reached at security at curl.se now
-
- Also update the FAQ section a bit to encourage users to rather submit
- security issues on hackerone than sending email.
-
- Closes #7689
-
-Marc Hoersken (9 Sep 2021)
-- runtests: add option -u to error on server unexpectedly alive
-
- Let's try to actually handle the server unexpectedly alive
- case by first making them visible on CI builds as failures.
-
- This is needed to detect issues with killing of the test
- servers completely including nested process chains with
- multiple PIDs per test server (including bash and perl).
-
- On Windows/cygwin platforms this is especially helpful with
- debugging PID mixups due to cygwin using its own PID space.
-
- Reviewed-by: Daniel Stenberg
- Closes #7180
-
-Daniel Stenberg (9 Sep 2021)
-- opts docs: unify phrasing in NAME header
-
- - avoid writing "set ..." or "enable/disable ..." or "specify ..."
- *All* options for curl_easy_setopt() are about setting or enabling
- things and most of the existing options didn't use that way of
- description.
-
- - start with lowercase letter, unless abbreviation. For consistency.
-
- - Some additional touch-ups
-
- Closes #7688
-
-- strerror.h: remove the #include from files not using it
-
-- lib: don't use strerror()
-
- We have and provide Curl_strerror() internally for a reason: strerror()
- is not necessarily thread-safe so we should always try to avoid it.
-
- Extended checksrc to warn for this, but feature the check disabled by
- default and only enable it in lib/
-
- Closes #7685
-
-Daniel Gustafsson (8 Sep 2021)
-- cirrus: Add FreeBSD 13.0 job and disable sanitizer build
-
- As alluded to the in the now removed comment, a 13.0 image became
- available and is now ready to be used.
-
- The sanitizer builds were running on the 12.1 image which since has
- been removed from the config, leaving the builds not running at all.
- When enabled it turns out that they don't actually work due to very
- long timeouts in executing the tests, so keep the disabled for now
- but a bit more controlled.
-
- Closes #7592
-
-Daniel Stenberg (8 Sep 2021)
-- copyrights: update copyright year ranges
-
-- RELEASE-NOTES: synced
-
-- INTERNALS: c-ares has a new home: c-ares.org
-
-- docs: remove experimental mentions from HSTS and MQTT
-
- Reported-by: Jonathan Cardoso
- Bug: https://github.com/curl/curl/pull/6700#issuecomment-913792863
- Closes #7681
-
-- [Cao ZhenXiang brought this change]
-
- curl: add warning for incompatible parameters usage
-
- --continue-at - and --remote-header-name are known incompatible parameters
-
- Closes #7674
-
-- [git-bruh brought this change]
-
- examples/*hiperfifo.c: fix calloc arguments to match function proto
-
- Closes #7678
-
-- INTERNALS: bump c-ares requirement to 1.16.0
-
- Since ba904db0705c93 we use ares_getaddrinfo, added in c-ares 1.16.0
-
-- curl: stop retry if Retry-After: is longer than allowed
-
- If Retry-After: specifies a period that is longer than what fits within
- --retry-max-time, then stop retrying immediately.
-
- Added test 366 to verify.
-
- Reported-by: Kari Pahula
- Fixes #7675
- Closes #7676
-
-- [Michał Antoniak brought this change]
-
- mbedtls: avoid using a large buffer on the stack
-
- Use dynamic memory allocation for the buffer used in checking "pinned
- public key". The PUB_DER_MAX_BYTES parameter with default settings is
- set to a value greater than 2kB.
-
- Co-authored-by: Daniel Stenberg
- Closes #7586
-
-- configure: make --disable-hsts work
-
- The AC_ARG_ENABLE() macro itself uses a variable called
- 'enable_[option]', so when our script also used a variable with that
- name for the purpose of storing what the user wants, it also
- accidentally made it impossible to switch off the feature with
- --disable-hsts. Fix this by renaming our variable.
-
- Reported-by: Michał Antoniak
- Fixes #7669
- Closes #7672
-
-Jay Satiro (5 Sep 2021)
-- config.d: note that curlrc is used even when --config
-
- Bug: https://github.com/curl/curl/pull/7666#issuecomment-912214751
- Reported-by: Viktor Szakats
-
- Closes https://github.com/curl/curl/pull/7667
-
-Daniel Stenberg (4 Sep 2021)
-- RELEASE-NOTES: synced
-
-- test1173: check references to libcurl options
-
- ... that they refer to actual existing libcurl options.
-
- Reviewed-by: Daniel Gustafsson
- Closes #7656
-
-- CURLOPT_UNIX_SOCKET_PATH.3: remove nginx reference, add see also
-
- Closes #7656
-
-- opt-docs: verify man page sections + order
-
- In every libcurl option man page there are now 8 mandatory sections that
- must use the right name in the correct order and test 1173 verifies
- this. Only 14 man pages needed adjustments.
-
- The sections and the order is as follows:
-
- - NAME
- - SYNOPSIS
- - DESCRIPTION
- - PROTOCOLS
- - EXAMPLE
- - AVAILABILITY
- - RETURN VALUE
- - SEE ALSO
-
- Reviewed-by: Daniel Gustafsson
- Closes #7656
-
-- opt-docs: make sure all man pages have examples
-
- Extended manpage-syntax.pl (run by test 1173) to check that every man
- page for a libcurl option has an EXAMPLE section that is more than two
- lines. Then fixed all errors it found and added examples.
-
- Reviewed-by: Daniel Gustafsson
- Closes #7656
-
-- get.d: provide more useful examples
-
- Closes #7668
-
-- page-header: add GOPHERS, simplify wording in the 1st para
-
- Closes #7665
-
-- connect: get local port + ip also when reusing connections
-
- Regression. In d6a37c23a3c (7.75.0) we removed the duplicated storage
- (connection + easy handle), so this info needs be extracted again even
- for re-used connections.
-
- Add test 435 to verify
-
- Reported-by: Max Dymond
- Fixes #7660
- Closes #7662
-
-Marcel Raad (2 Sep 2021)
-- multi: fix compiler warning with `CURL_DISABLE_WAKEUP`
-
- `use_wakeup` is unused in this case.
-
- Closes https://github.com/curl/curl/pull/7661
-
-Daniel Stenberg (1 Sep 2021)
-- tests: adjust the tftpd output to work with hyper mode
-
- By making them look less like http headers, the hyper mode "tweak"
- doesn't interfere.
-
- Enable test 2002 and 2003 in hyper builds (and 1280 which is unrelated
- but should be enabled).
-
- Closes #7658
-
-Daniel Gustafsson (1 Sep 2021)
-- [Gisle Vanem brought this change]
-
- openssl: annotate SSL3_MT_SUPPLEMENTAL_DATA
-
- This adds support for the previously unhandled supplemental data which
- in -v output was printed like:
-
- TLSv1.2 (IN), TLS header, Unknown (23):
-
- These will now be printed with proper annotation:
-
- TLSv1.2 (OUT), TLS header, Supplemental data (23):
-
- Closes #7652
- Reviewed-by: Daniel Stenberg <daniel@haxx.se>
-
-Daniel Stenberg (1 Sep 2021)
-- curl.1: provide examples for each option
-
- The file format for each option now features a "Example:" header that
- can provide one or more examples that get rendered appropriately in the
- output. All options MUST have at least one example or gen.pl complains
- at build-time.
-
- This fix also does a few other minor format and consistency cleanups.
-
- Closes #7654
-
-- progress: make trspeed avoid floats
-
- and compiler warnings for data conversions.
-
- Reported-by: Michał Antoniak
- Fixes #7645
- Closes #7653
-
-- test365: verify response with chunked AND Content-Length headers
-
-- http: ignore content-length if any transfer-encoding is used
-
- Fixes #7643
- Closes #7649
-
-- RELEASE-NOTES: synced
-
-- Revert "http2: skip immediate parsing of payload following protocol switch"
-
- This reverts commit 455a63c66f188598275e87d32de2c4e8e26b80cb.
-
- Reported-by: Tk Xiong
- Fixes #7633
- Closes #7648
-
-- KNOWN_BUGS: HTTP/3 doesn't support client certs
-
- Closes #7625
-
-- mailing lists: move from cool.haxx.se to lists.haxx.se
-
-- http_proxy: only wait for writable socket while sending request
-
- Otherwise it would wait socket writability even after the entire CONNECT
- request has sent and make curl basically busy-loop while waiting for a
- response to come back.
-
- The previous fix attempt in #7484 (c27a70a591a4) was inadequate.
-
- Reported-by: zloi-user on github
- Reported-by: Oleguer Llopart
- Fixes #7589
- Closes #7647
-
-- http: disallow >3-digit response codes
-
- Make the built-in HTTP parser behave similar to hyper and reject any
- HTTP response using more than 3 digits for the response code.
-
- Updated test 1432 accordingly.
- Enabled test 1432 in the hyper builds.
-
- Closes #7641
-
-- [Tatsuhiro Tsujikawa brought this change]
-
- ngtcp2: stop buffering crypto data
-
- Stop buffering crypto data because libngtcp2 now buffers submitted
- crypto data.
-
- Closes #7637
-
-- test1280: CRLFify the response to please hyper
-
- Closes #7639
-
-- tests: enable test 1129 for hyper builds
-
- Closes #7638
-
-- curl: better error message when -O fails to get a good name
-
- Due to how this currently works internally, it needs a working initial
- file name to store contents in, so it may still fail even with -J is
- used (and thus accepting a name from content-disposition:) if the file
- name part of the URL isn't "good enough".
-
- Fixes #7628
- Closes #7635
-
-- curl_easy_setopt: tweak the string copy wording
-
- Reported-by: Yaobin Wen
- Fixes #7632
- Closes #7634
-
-- RELEASE-NOTES: synced
-
-- [Don J Olmstead brought this change]
-
- cmake: sync CURL_DISABLE options
-
- Adds the full listing of CURL_DISABLE options to the CMake build. Moves
- all option code, except for CURL_DISABLE_OPENSSL_AUTO_LOA_CONFIG which
- resides near OpenSSL configuration, to the same block of code. Also
- sorts the options here and in the cmake config header.
-
- Additionally sorted the CURL-DISABLE listing and fixed the
- CURL_DISABLE_POP3 option.
-
- Closes #7624
-
-Jay Satiro (25 Aug 2021)
-- KNOWN_BUGS: FTPS upload data loss with TLS 1.3
-
- Bug: https://github.com/curl/curl/issues/6149
- Reported-by: Bylon2@users.noreply.github.com
-
- Closes https://github.com/curl/curl/pull/7623
-
-Daniel Stenberg (24 Aug 2021)
-- cmake: avoid poll() on macOS
-
- ... like we do in configure builds. Since poll() on macOS is not
- reliable enough.
-
- Reported-by: marc-groundctl
- Fixes #7595
- Closes #7619
-
-- c-hyper: handle HTTP/1.1 => HTTP/1.0 downgrade on reused connection
-
- Enable test 1074
-
- Closes #7617
-
-- c-hyper: deal with Expect: 100-continue combined with POSTFIELDS
-
- Enable test 1130 and 1131
-
- Closes #7616
-
-- [a1346054 brought this change]
-
- tests: be explicit about using 'python3' instead of 'python'
-
- This fixes running tests in virtualenvs (or on distros) that no longer
- have a symlink from python to python2 or python3.
-
- Closes #7602
-
-- [a1346054 brought this change]
-
- scripts: invoke interpreters through /usr/bin/env
-
- Closes #7602
-
-- DISABLED: enable 11 more tests for hyper builds
-
- Closes #7612
-
-- setopt: enable CURLOPT_IGNORE_CONTENT_LENGTH for hyper
-
- Since this option is also used for FTP, it needs to work to set for
- applications even if hyper doesn't support it for HTTP. Verified by test
- 1137.
-
- Updated docs to specify that the option doesn't work for HTTP when using
- the hyper backend.
-
- Closes #7614
-
-- test1138: remove trailing space to make work with hyper
-
- Closes #7613
-
-- libcurl-errors.3: clarify two CURLUcode errors
-
- CURLUE_BAD_HANDLE and CURLUE_BAD_PARTPOINTER should be for "bad" or
- wrong pointers in a generic sense, not just for NULL pointers.
-
- Reviewed-by: Jay Satiro
-
- Ref: #7605
- Closes #7611
-
-Jay Satiro (23 Aug 2021)
-- symbols-in-versions: fix CURLSSLBACKEND_QSOSSL last used version
-
- ... and also change the 'Removed' column name to 'Last' since that
- column is for the last version to contain the symbol.
-
- Closes https://github.com/curl/curl/pull/7609
-
-Daniel Stenberg (23 Aug 2021)
-- urlapi.c:seturl: assert URL instead of using if-check
-
- There's no code flow possible where this can happen. The assert makes
- sure it also won't be introduced undetected in the future.
-
- Closes #7610
-
-- curl-openssl.m4: show correct output for OpenSSL v3
-
- Using 3.0.0 versions configure should now show this:
-
- checking for OpenSSL headers version... 3.0.0 - 0x300
- checking for OpenSSL library version... 3.0.0
- checking for OpenSSL headers and library versions matching... yes
-
- This output doesn't actually change what configure generates but is only
- "cosmetic".
-
- Reported-by: Randall S. Becker
- Fixes #7606
- Closes #7608
-
-Jay Satiro (22 Aug 2021)
-- mksymbolsmanpage.pl: Fix showing symbol's last used version
-
- Prior to this change the symbol's deprecated version was erroneously
- shown as its last used version.
-
- Bug: https://github.com/curl/curl/commit/4e53b94#commitcomment-55239509
- Reported-by: i-ky@users.noreply.github.com
-
-Daniel Stenberg (21 Aug 2021)
-- mksymbolsmanpage.pl: match symbols case insenitively
-
- Follow-up to 4e53b9430c750 which made this bug show.
-
- Reported-by: i-ky
- Bug: https://github.com/curl/curl/commit/4e53b9430c7504de8984796e2a2091ec16f27136#commitcomment-55239253
- Closes #7607
-
-- asyn-ares: call ares_freeaddrinfo() to clean up addrinfo results
-
- As this leaks memory otherwise
-
- Follow-up to ba904db0705c931
-
- Closes #7599
-
-- [Ehren Bendler brought this change]
-
- wolfssl: clean up wolfcrypt error queue
-
- If wolfSSL is built in certain ways (OPENSSL_EXTRA or Debug), the error
- queue gets added on to for each session and never freed. Fix it by
- calling ERR_clear_error() like in vtls/openssl when needed. This func is
- a no-op in wolfcrypt if the error queue is not enabled.
-
- Closes #7594
-
-- man pages: remove trailing whitespaces
-
- Extended test 1173 (via the manpage-syntax.pl script) to detect and warn
- for them.
-
- Ref: #7602
- Reported-by: a1346054 on github
- Closes #7604
-
-- mailmap: add Gleb Ivanovsky
-
-- config.d: escape the backslash properly
-
- Closes #7603
-
-- [Don J Olmstead brought this change]
-
- curl_setup.h: sync values for HTTP_ONLY
-
- The values for HTTP_ONLY differed between CMakeLists.txt and
- curl_setup.h. Sync them and sort the values in curl_setup.h to make it
- easier to spot differences.
-
- Closes #7601
-
-Jay Satiro (21 Aug 2021)
-- configure: set classic mingw minimum OS version to XP
-
- - If the user has not specified a minimum OS version (via WINVER or
- _WIN32_WINNT macros) then set it to Windows XP.
-
- Prior to this change classic MinGW defaulted the minimum OS version
- to Windows NT 4.0 which is way too old. At least Windows XP is needed
- for getaddrinfo (which resolves hostnames to IPv6 addresses).
-
- Ref: https://github.com/curl/curl/issues/7483#issuecomment-891597034
-
- Closes https://github.com/curl/curl/pull/7581
-
-- schannel: Work around typo in classic mingw macro
-
- - Define ALG_CLASS_DHASH (the typo from the include) to ALG_CLASS_HASH.
-
- Prior to this change there was an incomplete fix to ignore the
- CALG_TLS1PRF macro on those versions of MinGW where it uses the
- ALG_CLASS_DHASH typoed macro.
-
- Ref: 48cf45c
- Ref: https://osdn.net/projects/mingw/ticket/38391
- Ref: https://github.com/curl/curl/issues/2924
-
- Closes https://github.com/curl/curl/pull/7580
-
-Daniel Stenberg (20 Aug 2021)
-- RELEASE-NOTES: synced
-
-- http_proxy: fix user-agent and custom headers for CONNECT with hyper
-
- Enable test 287
-
- Closes #7598
-
-- c-hyper: initial support for "dumping" 1xx HTTP responses
-
- With the use hyper_request_on_informational()
-
- Enable test 155 and 158
-
- Closes #7597
-
-Marc Hoersken (18 Aug 2021)
-- tests/*server.pl: flush output before executing subprocess
-
- Also avoid shell processes staying around by using exec.
- This is necessary to avoid output data being buffering
- inside the process chain of Perl, Bash/Shell and our
- test server binaries. On non-Windows systems the exec
- will also make the subprocess replace the intermediate
- shell, but on Windows it will at least bind the processes
- together since there is no real fork or exec available.
-
- See: https://cygwin.com/cygwin-ug-net/highlights.html
- and: https://docs.microsoft.com/cpp/c-runtime-library/exec-wexec-functions
- Ref: https://github.com/curl/curl/pull/7530#issuecomment-900949010
-
- Reviewed-by: Daniel Stenberg
- Reviewed-by: Jay Satiro
- Closes #7530
-
-- CI: use GitHub Container Registry instead of Docker Hub
-
- Avoid limits on Docker Hub and improve image pull/download speed.
-
- Closes #7587
-
-Daniel Stenberg (18 Aug 2021)
-- openssl: when creating a new context, there cannot be an old one
-
- Remove the previous handling that would call SSL_CTX_free(), and instead
- add an assert that halts a debug build if there ever is a context
- already set at this point.
-
- Closes #7585
-
-Jay Satiro (18 Aug 2021)
-- KNOWN_BUGS: Renegotiate from server may cause hang for OpenSSL backend
-
- Closes https://github.com/curl/curl/issues/6785
-
-Viktor Szakats (17 Aug 2021)
-- docs/BINDINGS: URL update
-
-Marc Hoersken (17 Aug 2021)
-- tests/server/*.c: align handling of portfile argument and file
-
- 1. Call the internal variable portname (like pidname) everywhere.
- 2. Have a variable wroteportfile (like wrotepidfile) everywhere.
- 3. Make sure the file is cleaned up on exit (like pidfile).
- 4. Add parameter --portfile to usage outputs everywhere.
-
- Reviewed-by: Daniel Stenberg
-
- Replaces #7523
- Closes #7574
-
-Daniel Gustafsson (17 Aug 2021)
-- KNOWN_BUGS: Fix a number of typos in KNOWN_BUGS
-
- Fixes a set of typos found in section 11.3.
-
-Daniel Stenberg (17 Aug 2021)
-- getparameter: fix the --local-port number parser
-
- It could previously get tricked into parsing the uninitialized stack
- based buffer.
-
- Reported-by: Brian Carpenter
- Closes #7582
-
-- KNOWN_BUGS: Can't use Secure Transport with Crypto Token Kit
-
- Closes #7048
-
-- [Jan Verbeek brought this change]
-
- curl: add warning for ignored data after quoted form parameter
-
- In an argument like `-F 'x=@/etc/hostname;filename="foo"abc'` the `abc`
- is ignored. This adds a warning if the ignored data isn't all
- whitespace.
-
- Closes #7394
-
-Jay Satiro (17 Aug 2021)
-- codeql: fix error "Resource not accessible by integration"
-
- - Enable codeql writing security-events.
-
- GitHub set the default permissions to read, apparently since earlier
- this year.
-
- Ref: https://github.com/github/codeql-action/issues/464
- Ref: https://github.blog/changelog/2021-04-20-github-actions-control-permissions-for-github_token/
-
- Fixes https://github.com/curl/curl/issues/7575
- Closes https://github.com/curl/curl/pull/7576
-
-- tool_operate: Fix --fail-early with parallel transfers
-
- - Abort via progress callback to fail early during parallel transfers.
-
- When a critical error occurs during a transfer (eg --fail-early
- constraint) then other running transfers will be aborted via progress
- callback and finish with error CURLE_ABORTED_BY_CALLBACK (42). In this
- case, the callback error does not become the most recent error and a
- custom error message is used for those transfers:
-
- curld --fail --fail-early --parallel
- https://httpbin.org/status/404 https://httpbin.org/delay/10
-
- curl: (22) The requested URL returned error: 404
- curl: (42) Transfer aborted due to critical error in another transfer
-
- > echo %ERRORLEVEL%
- 22
-
- Fixes https://github.com/curl/curl/issues/6939
- Closes https://github.com/curl/curl/pull/6984
-
-Daniel Stenberg (17 Aug 2021)
-- [Sergey Markelov brought this change]
-
- sectransp: support CURLINFO_CERTINFO
-
- Fixes #4130
- Closes #7372
-
-- ngtcp2: remove the acked_crypto_offset struct field init
-
- ... as it is gone from the API upstream.
-
- Closes #7578
-
-- misc: update incorrect copyright year ranges
-
- Closes #7577
-
-- KNOWN_BUGS: HTTP/3 quiche upload large file fails
-
- Closes #7532
-
-- KNOWN_BUGS: CMake build with MIT Kerberos does not work
-
- Closes #6904
-
-- TODO: add asynch getaddrinfo support
-
- Closes #6746
-
-- RELEASE-NOTES: synced
-
-- [Artur Sinila brought this change]
-
- http2: revert call the handle-closed function correctly on closed stream
-
- Reverts 252790c5335a221
-
- Assisted-by: Gergely Nagy
- Fixes #7400
- Closes #7525
-
-- [Patrick Monnerat brought this change]
-
- auth: do not append zero-terminator to authorisation id in kerberos
-
- RFC4752 Section 3.1 states "The authorization identity is not terminated
- with a zero-valued (%x00) octet". Although a comment in code said it may
- be needed anyway, nothing confirms it. In addition, servers may consider
- it as part of the identity, causing a failure.
-
- Closes #7008
-
-- [Patrick Monnerat brought this change]
-
- auth: use sasl authzid option in kerberos
-
- ... instead of deriving it from active ticket.
- Closes #7008
-
-- [Patrick Monnerat brought this change]
-
- auth: we do not support a security layer after kerberos authentication
-
- Closes #7008
-
-- [Patrick Monnerat brought this change]
-
- auth: properly handle byte order in kerberos security message
-
- Closes #7008
-
-- [z2_ brought this change]
-
- x509asn1: fix heap over-read when parsing x509 certificates
-
- Assisted-by: Patrick Monnerat
- Closes #7536
-
-- KNOWN_BUGS: Disconnects don't do verbose
-
- Closes #6995
-
-- mailmap: fixup Michał Antoniak
-
-- [Michał Antoniak brought this change]
-
- build: fix compiler warnings
-
- For when CURL_DISABLE_VERBOSE_STRINGS and DEBUGBUILD flags are both
- active.
-
- - socks.c : warning C4100: 'lineno': unreferenced formal parameter
- (co-authored by Daniel Stenberg)
-
- - mbedtls.c: warning C4189: 'port': local variable is initialized but
- not referenced
-
- - schannel.c: warning C4189: 'hostname': local variable is initialized
- but not referenced
-
- Cloes #7528
-
-- [Gleb Ivanovsky brought this change]
-
- CODE_STYLE-md: fix bold font style
-
- Markdown gets confused with abundance of asterisks, so use underscores
- instead.
-
- Reviewed-by: Daniel Gustafsson
- Closes #7569
-
-- [Gleb Ivanovsky brought this change]
-
- CODE_STYLE-md: add missing comma
-
- Reviewed-by: Daniel Gustafsson
- Closes #7570
-
-- [Daniel Gustafsson brought this change]
-
- examples/ephiperfifo.c: simplify signal handler
-
- The signal handler registered for SIGINT is only handling SIGINT
- so there isn't much need for inspecting the signo. While there,
- rename the handler to be more specific.
-
- g_should_exit should really be of sig_atomic_t type, but relying
- on autoconf in the examples seems like a bad idea so keep that
- for now.
-
- Reviewed-by: Daniel Stenberg
- Closes #7310
-
-- c-hyper: initial step for 100-continue support
-
- Enabled test 154
-
- Closes #7568
-
-- [Ikko Ashimine brought this change]
-
- vtls: fix typo in schannel_verify.c
-
- occurence -> occurrence
-
- Closes #7566
-
-- [Emil Engler brought this change]
-
- curl_url_get.3: clarify about path and query
-
- The current man-page lacks some details regarding the obtained path and
- query.
-
- Closes #7563
-
-- c-hyper: fix header value passed to debug callback
-
- Closes #7567
-
-Viktor Szakats (12 Aug 2021)
-- cleanup: URL updates
-
- - replace broken URL with the one it was most probably pointing to
- when added (lib/tftp.c)
- - replace broken URL with archive.org link (lib/curl_ntlm_wb.c)
- - delete unnecessary protocol designator from archive.org URL
- (docs/BINDINGS.md)
-
- Closes #7562
-
-Daniel Stenberg (12 Aug 2021)
-- [April King brought this change]
-
- DEPRECATE.md: linkify curl-library mailing list
-
- Closes #7561
-
-- [Barry Pollard brought this change]
-
- output.d: add method to suppress response bodies
-
- Closes #7560
-
-- TODO: remove 'c-ares deviates on http://1346569778'
-
- Fixed since 56a037cc0ad1b2 (7.77.0)
-
-- [Colin O'Dell brought this change]
-
- BINDINGS.md: update links to use https where available
-
- Closes #7558
-
-- asyn-ares.c: move all version number checks to the top
-
- ... and use #ifdef [feature] in the code as per our guidelines.
-
-- ares: use ares_getaddrinfo()
-
- ares_getaddrinfo() is the getaddrinfo() cloned provided by c-ares, introduced
- in version 1.16.0.
-
- With older c-ares versions, curl invokes ares_gethostbyname() twice - once for
- IPv4 and once for IPv6 to resolve both addresses, and then combines the
- returned results.
-
- Reported-by: jjandesmet
- Fixes #7364
- Closes #7552
-
-- [Tatsuhiro Tsujikawa brought this change]
-
- ngtcp2: utilize crypto API functions to simplify
-
- Closes #7551
-
-- [megatronking brought this change]
-
- ngtcp2: reset the oustanding send buffer again when drained
-
- Closes #7538
-
-Michael Kaufmann (10 Aug 2021)
-- progress: fix a compile warning on some systems
-
- lib/progress.c:380:40: warning: conversion to 'long double' from
- 'curl_off_t {aka long long int}' may alter its value [-Wconversion]
-
- Closes #7549
-
-Daniel Stenberg (10 Aug 2021)
-- RELEASE-NOTES: synced
-
-- http: consider cookies over localhost to be secure
-
- Updated test31.
- Added test 392 to verify secure cookies used for http://localhost
-
- Reviewed-by: Daniel Gustafsson
- Fixes #6733
- Closes #7263
-
-- TODO: erase secrets from heap/stack after use
-
- Closes #7268
-
-Jay Satiro (10 Aug 2021)
-- hostip: Make Curl_ipv6works function independent of getaddrinfo
-
- - Do not assume IPv6 is not working when getaddrinfo is not present.
-
- The check to see if IPv6 actually works is now independent of whether
- there is any resolver that can potentially resolve a hostname to IPv6.
-
- Prior to this change if getaddrinfo() was not found at compile time then
- Curl_ipv6works() would be defined as a macro that returns FALSE.
-
- When getaddrinfo is not found then libcurl is built with CURLRES_IPV4
- defined instead of CURLRES_IPV6, meaning that it cannot do IPv6 lookups
- in the traditional way. With this commit if libcurl is built with IPv6
- support (ENABLE_IPV6) but without getaddrinfo (CURLRES_IPV6), and the
- IPv6 stack is actually working, then it is possible for libcurl to
- resolve IPv6 addresses by using DoH.
-
- Ref: https://github.com/curl/curl/issues/7483#issuecomment-890765378
-
- Closes https://github.com/curl/curl/pull/7529
-
-- test1565: fix windows build errors
-
- - Use our wait_ms() instead of sleep() since Windows doesn't have the
- latter.
-
- - Use a separate variable to keep track of whether the pthread_t thread
- id is valid.
-
- On Windows pthread_t is not an integer type. pthread offers no macro for
- invalid pthread_t thread id, so validity is kept track of separately.
-
- Closes https://github.com/curl/curl/pull/7527
-
-- [Jeremy Falcon brought this change]
-
- winbuild/README.md: clarify GEN_PDB option
-
- - Document that GEN_PDB option creates an external database.
-
- Ref: https://github.com/curl/curl/issues/7502
-
-Daniel Stenberg (9 Aug 2021)
-- [Tatsuhiro Tsujikawa brought this change]
-
- ngtcp2: replace deprecated functions with nghttp3_conn_shutdown_stream_read
-
- Closes #7546
-
-- [Tatsuhiro Tsujikawa brought this change]
-
- ngtcp2: rework the return value handling of ngtcp2_conn_writev_stream
-
- Rework the return value handling of ngtcp2_conn_writev_stream and treat
- NGTCP2_ERR_STREAM_SHUT_WR separately.
-
- Closes #7546
-
-- configure: error out if both ngtcp2 and quiche are specified
-
- Reported-by: Vincent Grande
- See #7539
- Closes #7545
-
-- [Jeff Mears brought this change]
-
- easy: use a custom implementation of wcsdup on Windows
-
- ... so that malloc/free overrides from curl_global_init are used for
- wcsdup correctly.
-
- Closes #7540
-
-- zuul: add an mbedtls3 CI job
-
- Closes #7544
-
-- [Benau brought this change]
-
- mbedTLS: initial 3.0.0 support
-
- Closes #7428
-
-- RELEASE-NOTES: synced
-
-- configure.ac: revert bad nghttp2 library detection improvements
-
- This reverts commit b4b34db65f9f8, 673753344c5f and 29c7cf79e8b.
-
- The logic is now back to assuming that the nghttp2 lib is called nghttp2 and
- nothing else.
-
- Reported-by: Rui Pinheiro
- Reported-by: Alex Crichton
- Fixes #7514
- Closes #7515
-
-- happy-eyeballs-timeout-ms.d: polish the wording
-
- Reported-by: Josh Soref
- Fixes #7433
- Closes #7542
-
-- [modbw brought this change]
-
- mbedtls_threadlock: fix unused variable warning
-
- Closes #7393
-
-- [Tatsuhiro Tsujikawa brought this change]
-
- ngtcp2: compile with the latest ngtcp2 and nghttp3
-
- Closes #7541
-
-Marc Hoersken (31 Jul 2021)
-- CI/cirrus: reduce compile time with increased parallism
-
- Cirrus CI VMs have 2 CPUs, let's use them also for Windows builds.
-
- Reviewed-by: Daniel Stenberg
- Closes #7505
-
-Daniel Stenberg (30 Jul 2021)
-- [Bin Lan brought this change]
-
- tool/tests: fix potential year 2038 issues
-
- The length of 'long' in a 32-bit system is 32 bits, which cannot be used
- to save timestamps after 2038. Most operating systems have extended
- time_t to 64 bits.
-
- Remove the castings to long.
-
- Closes #7466
-
-- compressed.d: it's a request, not an order
-
- Clarified
-
- Reported-by: Dan Jacobson
- Reviewed-by: Daniel Gustafsson
- Fixes #7516
- Closes #7517
-
-- [Bernhard M. Wiedemann brought this change]
-
- tests: make three tests pass until 2037
-
- after 2038 something in test1915 fails on 32-bit OSes
-
- Closes #7512
-
-Daniel Gustafsson (30 Jul 2021)
-- connect: remove superfluous conditional
-
- Commit dbd16c3e2 cleaned up the logic for traversing the addrinfos,
- but the move left a conditional on ai which no longer is needed as
- the while loop reevaluation will cover it.
-
- Closes #7511
- Reviewed-by: Carlo Marcelo Arenas Belón
- Reviewed-by: Daniel Stenberg <daniel@haxx.se>
-
-Daniel Stenberg (29 Jul 2021)
-- RELEASE-NOTES: synced
-
- and bump curlver to 7.79.0 for next release
-
-Marc Hoersken (29 Jul 2021)
-- tests/*server.py: remove pidfile on server termination
-
- Avoid pidfile leaking/laying around after server already exited.
-
- Reviewed-by: Daniel Stenberg
- Closes #7506
-
-Daniel Gustafsson (27 Jul 2021)
-- tool_main: fix typo in comment
-
- The referred to library is NSPR, so fix the switched around characters.
-
-Daniel Stenberg (28 Jul 2021)
-- [Aleksandr Krotov brought this change]
-
- bearssl: support CURLOPT_CAINFO_BLOB
-
- Closes #7468
-
-- curl.1: mention "global" flags
-
- Mention options that are "global". A global command line option is one
- that doesn't get reset at --next uses and therefore don't need to be
- used again.
-
- Reported-by: Josh Soref
-
- Fixes #7457
- Closes #7510
-
-- CURLOPT_DOH_URL.3: CURLOPT_OPENSOCKETFUNCTION is not inherited
-
- Reported-by: Daniel Woelfel
- Fixes #7441
- Closes #7509
-
-- KNOWN_BUGS: add more HTTP/3 problems
-
- Closes #7351
- Closes #7339
- Closes #7125
-
-Marc Hoersken (27 Jul 2021)
-- CI/azure: reduce compile time with increased parallism
-
- Azure Pipelines CI VMs have 2 CPUs, let's use them.
-
- Closes #7489
-
-Jay Satiro (27 Jul 2021)
-- [Josh Soref brought this change]
-
- docs: fix grammar
-
- Fixes https://github.com/curl/curl/issues/7444
- Fixes https://github.com/curl/curl/issues/7451
- Fixes https://github.com/curl/curl/issues/7465
- Closes https://github.com/curl/curl/pull/7495
-
-- mail-rcpt.d: fix grammar
-
- Remove confusing sentence that says to specify an e-mail address for
- mail transfer, since that's implied.
-
- Reported-by: Josh Soref
-
- Fixes https://github.com/curl/curl/issues/7452
- Closes https://github.com/curl/curl/pull/7495
-
-Daniel Stenberg (27 Jul 2021)
-- c-hyper: remove the hyper_executor_poll() loop from Curl_http
-
- 1. it's superfluous
- 2. it didn't work identically to the Curl_hyper_stream one which could
- cause problems like #7486
-
- Pointed-out-by: David Cook
- Closes #7499
-
-- curl-openssl.m4: check lib64 for the pkg-config file
-
- OpenSSL recently started putting the libs in $prefix/lib64 on 'make
- install', so we check that directory for pkg-config data if the 'lib'
- check fails.
-
- Closes #7503
-
-- CURLOPT_SSL_CTX_*.3: tidy up the example
-
- Use the proper code style. Don't store return codes that aren't read.
- Copy the same example into CURLOPT_SSL_CTX_FUNCTION.3 as well.
-
- Closes #7500
-
-- example/cookie_interface: fix scan-build printf warning
-
- Follow-up to 4b79c4fb565
-
- Fixes #7497
- Closes #7498
-
-- [Josh Soref brought this change]
-
- limit-rate.d: clarify base unit
-
- Fixes #7439
- Closes #7494
-
-- [Carlo Marcelo Arenas Belón brought this change]
-
- examples/cookie_interface: avoid printfing time_t directly
-
- time_t representation is undefined and varies on bitsize and signedness,
- and as of C11 could be even non integer.
-
- instead of casting to unsigned long (which would truncate in systems
- with a 32bit long after 2106) use difftime to get the elapsed time as a
- double and print that (without decimals) instead.
-
- alternatively a cast to curl_off_t and its corresponding print
- formatting could have been used (at least in POSIX) but portability and
- curl agnostic code was prioritized.
-
- Closes #7490
-
-Marc Hoersken (25 Jul 2021)
-- tests/servers: remove obsolete pid variable
-
- Variable is not used since pidfile handling moved to util.[ch]
-
- Reviewed-by: Jay Satiro
- Closes #7482
-
-- tests/servers: use our platform-aware pid for server verification
-
- The pid used for server verification is later stored as pid2 in
- the hash of running test servers and therefore used for shutdown.
-
- The pid used for shutdown must be the platform-aware (Win32) pid
- to avoid leaking test servers while running them using Cygwin/msys.
-
- Reviewed-by: Jay Satiro
- Closes #7481
-
-- tests/runtests.pl: cleanup copy&paste mistakes and unused code
-
- Reviewed-by: Jay Satiro
- Part of #7481
-
-Daniel Stenberg (25 Jul 2021)
-- RELEASE-NOTES: synced
-
- bumped to 7.78.1 for next release
-
-- http_proxy: clear 'sending' when the outgoing request is sent
-
- ... so that Curl_connect_getsock() will know how to wait for the socket
- to become readable and not writable after the entire CONNECT request has
- been issued.
-
- Regression added in 7.77.0
-
- Reported-by: zloi-user on github
- Assisted-by: Jay Satiro
- Fixes #7155
- Closes #7484
-
-Jay Satiro (25 Jul 2021)
-- [Josh Soref brought this change]
-
- openssl: fix grammar
-
- Closes https://github.com/curl/curl/pull/7480
-
-- configure.ac: tweak nghttp2 library name fix again
-
- - Change extraction to handle multiple library names returned by
- pkg-config (eg a possible scenario with pkg-config --static).
-
- Ref: https://github.com/curl/curl/pull/7472
-
- Closes https://github.com/curl/curl/pull/7485
-
-Dan Fandrich (23 Jul 2021)
-- Get rid of the unused HAVE_SIG_ATOMIC_T et. al.
-
- It was added in 2006 but I see no evidence it was ever used.
-
-Jay Satiro (23 Jul 2021)
-- docs: change max-filesize caveat again
-
- - Add protocols field to max-filesize.d.
-
- - Revert wording on unknown file size caveat and do not discuss specific
- protocols in that section.
-
- Partial revert of ecf0225. All max-filesize options now have the list of
- protocols and it's clearer just to have that list without discussing
- specific protocols in the caveat.
-
- Reported-by: Josh Soref
-
- Ref: https://github.com/curl/curl/issues/7453#issuecomment-884128762
-
-Daniel Stenberg (22 Jul 2021)
-- [Christian Weisgerber brought this change]
-
- configure: tweak nghttp2 library name fix
-
- commit 29c7cf79e8b44cf (shipped in 7.78.0) introduced a problem by
- assuming that LIB_H2 does not have any leading whitespace. At least
- OpenBSD's native pkg-config can produce such whitespace, though:
-
- $ pkg-config --libs-only-l libnghttp2
- -lnghttp2
-
- As a result, the configure check for libnghttp2 will erroneously fail.
-
- Bug: https://curl.se/mail/lib-2021-07/0050.html
- Closes #7472
-
-- [Bastian Krause brought this change]
-
- docs/MQTT: update state of username/password support
-
- PR #7243 implemented username/password support for MQTT, so let's drop
- these items from the caveats.
-
- Signed-off-by: Bastian Krause <bst@pengutronix.de>
-
- Closes #7474
-
-- [Oleg Pudeyev brought this change]
-
- CURLMOPT_TIMERFUNCTION.3: remove misplaced "time"
-
- Closes #7470
-
-Version 7.78.0 (21 Jul 2021)
-
-Daniel Stenberg (21 Jul 2021)
-- RELEASE-NOTES: synced
-
- curl 7.78.0 release
-
-- winbuild/MakefileBuild.vc: bump copyright year
-
-Jay Satiro (21 Jul 2021)
-- docs: mention max-filesize options also apply to MQTT transfers
-
- Also make it clearer that the caveat 'if the file size is unknown it
- the option will have no effect' may apply to protocols other than FTP
- and HTTP.
-
- Reported-by: Josh Soref
-
- Fixes https://github.com/curl/curl/issues/7453
-
-- [Josh Soref brought this change]
-
- docs/cmdline: fix grammar and typos
-
-- [Josh Soref brought this change]
-
- dump-header.d: Drop suggestion to use for cookie storage
-
- Since --cookie-jar is the preferred way to store cookies, no longer
- suggest using --dump-header to do so.
-
- Co-authored-by: Daniel Stenberg
-
- Closes https://github.com/curl/curl/issues/7414
-
-- [Josh Soref brought this change]
-
- doc/cmdline: fix grammar and typos
-
- Closes https://github.com/curl/curl/pull/7454
- Closes https://github.com/curl/curl/pull/7455
- Closes https://github.com/curl/curl/pull/7456
- Closes https://github.com/curl/curl/pull/7459
- Closes https://github.com/curl/curl/pull/7460
- Closes https://github.com/curl/curl/pull/7461
- Closes https://github.com/curl/curl/pull/7462
- Closes https://github.com/curl/curl/pull/7463
-
-Daniel Stenberg (20 Jul 2021)
-- vtls: fix connection reuse checks for issuer cert and case sensitivity
-
- CVE-2021-22924
-
- Reported-by: Harry Sintonen
- Bug: https://curl.se/docs/CVE-2021-22924.html
-
-- sectransp: check for client certs by name first, then file
-
- CVE-2021-22926
-
- Bug: https://curl.se/docs/CVE-2021-22926.html
-
- Assisted-by: Daniel Gustafsson
- Reported-by: Harry Sintonen
-
-- telnet: fix option parser to not send uninitialized contents
-
- CVS-2021-22925
-
- Reported-by: Red Hat Product Security
- Bug: https://curl.se/docs/CVE-2021-22925.html
-
-Jay Satiro (20 Jul 2021)
-- connect: fix wrong format specifier in connect error string
-
- 0842175 (not in any release) used the wrong format specifier (long int)
- for timediff_t. On an OS such as Windows libcurl's timediff_t (usually
- 64-bit) is bigger than long int (32-bit). In 32-bit Windows builds the
- upper 32-bits of the timediff_t were erroneously then used by the next
- format specifier. Usually since the timeout isn't larger than 32-bits
- this would result in null as a pointer to the string with the reason for
- the connection failing. On other OSes or maybe other compilers it could
- probably result in garbage values (ie crash on deref).
-
- Before:
- Failed to connect to localhost port 12345 after 1201 ms: (nil)
-
- After:
- Failed to connect to localhost port 12345 after 1203 ms: Connection refused
-
- Closes https://github.com/curl/curl/pull/7449
-
-- winbuild: support alternate nghttp2 static lib name
-
- - Support both nghttp2.lib and nghttp2_static.lib for static nghttp2.
-
- nghttp2 briefly changed its static lib name to nghttp2_static, but then
- made the _static suffix optional.
-
- Ref: https://github.com/nghttp2/nghttp2/pull/1394
- Ref: https://github.com/nghttp2/nghttp2/pull/1418
- Ref: https://github.com/nghttp2/nghttp2/issues/1466
-
- Reported-by: Pierre Yager
-
- Fixes https://github.com/curl/curl/issues/7446
- Closes https://github.com/curl/curl/pull/7447
-
-- [Josh Soref brought this change]
-
- docs/cmdline: fix grammar and typos
-
- Closes https://github.com/curl/curl/pull/7432
- Closes https://github.com/curl/curl/pull/7436
- Closes https://github.com/curl/curl/pull/7438
- Closes https://github.com/curl/curl/pull/7440
- Closes https://github.com/curl/curl/pull/7445
-
-- [Josh Soref brought this change]
-
- delegation.d: mention what happens when used multiple times
-
- Closes https://github.com/curl/curl/pull/7408
-
-- [Josh Soref brought this change]
-
- create-file-mode.d: mention what happens when used multiple times
-
- Closes https://github.com/curl/curl/pull/7407
-
-- [Josh Soref brought this change]
-
- config.d: split comments and option-per line
-
- Closes https://github.com/curl/curl/pull/7405
-
-Daniel Stenberg (19 Jul 2021)
-- misc: copyright year range updates
-
-- mailmap: add Tobias and Timur
-
-Daniel Gustafsson (18 Jul 2021)
-- [Josh Soref brought this change]
-
- docs: spell out directories instead of dirs in create-dirs
-
- Write out directories rather than using the dirs abbrevation. Also
- use plural form consistently, even if the code in the end might just
- create a single directory.
-
- Closes #7406
- Reviewed-by: Daniel Stenberg <daniel@haxx.se>
- Reviewed-by: Daniel Gustafsson <daniel@yesql.se>
-
-- [Tobias Nyholm brought this change]
-
- docs: correct spelling errors and a broken link
-
- Update grammar and spelling in docs and source code comments.
-
- Closes: #7427
- Reviewed-by: Daniel Stenberg <daniel@haxx.se>
-
-Marc Hoersken (18 Jul 2021)
-- CI/cirrus: install impacket from PyPI instead of FreeBSD packages
-
- Availability of impacket as FreeBSD package is too flaky.
-
- Stick to legacy version of cryptography which still
- supports OpenSSL version 1.0.2 due to FreeBSD 11.
-
- Reviewed-by: Daniel Stenberg
-
- Closes #7418
-
-Daniel Stenberg (18 Jul 2021)
-- [Josh Soref brought this change]
-
- docs/cmdline: mention what happens when used multiple times
-
- For --dns-ipv4-addr, --dns-ipv6-addr and --dns-servers
-
- Closes #7410
- Closes #7411
- Closes #7412
-
-- [Michał Antoniak brought this change]
-
- lib: fix compiler warnings with CURL_DISABLE_NETRC
-
- warning C4189: 'netrc_user_changed': local variable is initialized but
- not referenced
-
- warning C4189: 'netrc_passwd_changed': local variable is initialized but
- not referenced
-
- Closes #7423
-
-- disable-epsv.d: remove duplicate "(FTP)"
-
- ... since the tooling adds that to the output based on the "Protocols:"
- tag.
-
-- [Max Zettlmeißl brought this change]
-
- docs: make the documentation for --etag-save match the program behaviour
-
- When using curl with the option `--etag-save` I expected it to save the
- ETag without its surrounding quotes, as stated by the documentation in
- the repository and by the generated man pages.
-
- My first endeavour was to fix the program, but while investigating the
- history of the relevant parts, I discovered that curl once saved the
- ETag without the quotes. This was undone by Daniel Stenberg in commit
- `98c94596f5928840177b6bd3c7b0f0dd03a431af`, therefore I decided that in
- this case the documentation should be adjusted to match the behaviour of
- curl.
-
- The changed save behaviour also made parts of the `--etag-compare`
- documentation wrong or superfluous, so I adjusted those accordingly.
-
- Closes #7429
-
-- [Josh Soref brought this change]
-
- write-out.d: add missing periods
-
- Closes #7404
-
-- [Josie Huddleston brought this change]
-
- easy: during upkeep, attach Curl_easy to connections in the cache
-
- During the protocol-specific parts of connection upkeep, some code
- assumes that the data->conn pointer already is set correctly. However,
- there's currently no guarantee of that in the code.
-
- This fix temporarily attaches each connection to the Curl_easy object
- before performing the protocol-specific connection check on it, in a
- similar manner to the connection checking in extract_if_dead().
-
- Fixes #7386
- Closes #7387
- Reported-by: Josie Huddleston
-
-- [Josh Soref brought this change]
-
- cleanup: spell DoH with a lowercase o
-
- Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
-
- Closes #7413
-
-- [Josh Soref brought this change]
-
- TheArtOfHttpScripting: polish
-
- - add missing backticks and comma
-
- - fix proxy description:
-
- * example proxy isn't local
- * locally doesn't really make sense
-
- Closes #7416
-
-- [Josh Soref brought this change]
-
- form.d: add examples of `,`/`;` for file[name]
-
- Fixes #7415
- Closes #7417
-
-- [Michał Antoniak brought this change]
-
- mbedtls: Remove unnecessary include
-
- - curl_setup.h: all references to mbedtls_md4* functions and structures
- are in the md4.c. This file already includes the <mbedtls/md4.h> file
- along with the file existence control (defined (MBEDTLS_MD4_C))
-
- - curl_ntlm_core.c: unnecessary include - repeated below
-
- Closes #7419
-
-- RELEASE-NOTES: synced
-
-Jay Satiro (16 Jul 2021)
-- [User Sg brought this change]
-
- multi: fix crash in curl_multi_wait / curl_multi_poll
-
- Appears to have been caused by 51c0ebc (precedes 7.77.0) which added a
- VALID_SOCK check to one of the loops through the sockets but not the
- other.
-
- Reported-by: sylgal@users.noreply.github.com
- Authored-by: sylgal@users.noreply.github.com
-
- Fixes https://github.com/curl/curl/issues/7379
- Closes https://github.com/curl/curl/pull/7389
-
-- [Daniel Gustafsson brought this change]
-
- tool_help: remove unused define
-
- The PRINT_LINES_PAUSE macro is no longer used, and has been mostly
- cleaned out but one occurrence remained.
-
- Closes https://github.com/curl/curl/pull/7380
-
-- [Sergey Markelov brought this change]
-
- build: fix compiler warnings when CURL_DISABLE_VERBOSE_STRINGS
-
- fix compiler warnings about unused variables and parameters when
- built with --disable-verbose.
-
- Closes https://github.com/curl/curl/pull/7377
-
-- [Andrea Pappacoda brought this change]
-
- build: fix IoctlSocket FIONBIO check
-
- Prior to this change HAVE_IOCTLSOCKET_CAMEL_FIONBIO mistakenly checked
- for (lowercase) ioctlsocket when it should have checked for IoctlSocket.
-
- Closes https://github.com/curl/curl/pull/7375
-
-- [Timur Artikov brought this change]
-
- configure: fix nghttp2 library name for static builds
-
- Don't hardcode the nghttp2 library name,
- because it can vary, be "nghttp2_static" for example.
-
- Fixes https://github.com/curl/curl/issues/7367
- Closes https://github.com/curl/curl/pull/7368
-
-Gisle Vanem (16 Jul 2021)
-- [PellesC] fix _lseeki64() macro
-
-- [SChannel] Use '_tcsncmp()' instead
-
- Revert previous change for PellesC.
-
- Instead replace all use of `_tcsnccmp()` with `_tcsncmp()`.
-
-- [PellesC] missing '_tcsnccmp'
-
- PellesC compiler does not have this macro in it's `<tchar.h>`
-
-Daniel Gustafsson (14 Jul 2021)
-- TODO: add mention of mbedTLS 3 incompatibilities
-
- Wyatt OʼDay reported in #7385 that mbedTLS isn't backwards compatible
- and curl no longer builds with it. Document the need to fix our support
- until so has been done.
-
- Closes #7390
- Fixes #7385
- Reported-by: Wyatt OʼDay
- Reviewed-by: Jay Satiro <raysatiro@yahoo.com>
-
-- docs: fix inconsistencies in EGDSOCKET documentation
-
- Only the OpenSSL backend actually use the EGDSOCKET, and also use
- TLS consistently rather than mixing SSL and TLS. While there, also
- fix a minor spelling nit.
-
- Closes: #7391
- Reviewed-by: Jay Satiro <raysatiro@yahoo.com>
-
-- [Борис Верховский brought this change]
-
- docs: document missing arguments to commands
-
- This is a followup to commit f410b9e538129e77607fef1 fixing a few
- more commands which takes arguments.
-
- Closes #7382
- Reviewed-by: Daniel Gustafsson <daniel@yesql.se>
-
-- [Randolf J brought this change]
-
- docs: fix incorrect argument name reference
-
- The documentation for the read callback was erroneously referencing
- the nitems argument by nmemb. The error was introduced in commit
- ce0881edee3c7.
-
- Closes #7383
- Reviewed-by: Daniel Gustafsson <daniel@yesql.se>
-
-- [Борис Верховский brought this change]
-
- tool_help: Document that --tlspassword takes a password
-
- Closes #7378
- Reviewed-by: Daniel Stenberg <daniel@haxx.se>
-
-- scripts: Fix typo in release-notes instructions
-
- The command to run had a typo in the pathname which prevented copy
- pasting it to work, which has annoyed me enough to fix this now.
-
-- RELEASE-NOTES: synced
-
-Jay Satiro (10 Jul 2021)
-- write-out.d: Clarify urlnum is not unique for de-globbed URLs
-
- Reported-by: Коваленко Анатолий Викторович
-
- Fixes https://github.com/curl/curl/issues/7342
- Closes https://github.com/curl/curl/pull/7369
-
-Daniel Gustafsson (3 Jul 2021)
-- [William Desportes brought this change]
-
- docs: Fix typos
-
- Closes: #7370
- Reviewed-by: Daniel Gustafsson <daniel@yesql.se>
-
-Daniel Stenberg (8 Jul 2021)
-- [Jonathan Wernberg brought this change]
-
- Revert "ftp: Expression 'ftpc->wait_data_conn' is always false"
-
- The reverted commit introduced a logic error in code that was
- correct.
-
- The client using libcurl would notice the error since FTP file
- uploads in active transfer mode would somtimes complete with
- success despite no transfer having been performed and the
- "uploaded" file thus not being on the remote server afterwards.
-
- The FTP server would notice the error because it receives a
- RST on the data connection it has established with the client
- before any data was transferred at all.
-
- The logic error happens if the STOR response from the server have
- arrived by the time ftp_multi_statemach() in the affected code path
- is called, but the incoming data connection have not arrived yet.
- In that case, the processing of the STOR response will cause
- 'ftpc->wait_data_conn' to be set to TRUE, contradicting the comment
- in the code. Since 'complete' will also be set, later logic would
- believe the transfer was done.
-
- In most cases, the STOR response will not have arrived yet when
- the affected code path is executed, or the incoming connection will
- also have arrived, and thus the error would not express itself.
- But if the speed difference of the device using libcurl and the
- FTP server is exactly right, the error may happen as often as in
- one out of hundred file transfers.
-
- This reverts commit 49f3117a238b6eac0e22a32f50699a9eddcb66ab.
-
- Bug: https://curl.se/mail/lib-2021-07/0025.html
- Closes #7362
-
-- msnprintf: return number of printed characters excluding null byte
-
- ... even when the output is "capped" by the maximum length argument.
-
- Clarified in the docs.
-
- Closes #7361
-
-- infof: remove newline from format strings, always append it
-
- - the data needs to be "line-based" anyway since it's also passed to the
- debug callback/application
-
- - it makes infof() work like failf() and consistency is good
-
- - there's an assert that triggers on newlines in the format string
-
- - Also removes a few instances of "..."
-
- - Removes the code that would append "..." to the end of the data *iff*
- it was truncated in infof()
-
- Closes #7357
-
-- examples/multi-single: fix scan-build warning
-
- warning: Value stored to 'mc' during its initialization is never read
-
- Follow-up to ae8e11ed5fd2ce
-
- Closes #7360
-
-- wolfssl: failing to set a session id is not reason to error out
-
- ... as it is *probably* just timed out.
-
- Reported-by: Francisco Munoz
-
- Closes #7358
-
-- docs/examples: use curl_multi_poll() in multi examples
-
- The API is soon two years old and deserves being shown as the primary
- way to drive multi code as it makes it much easier to write code.
-
- multi-poll: removed
-
- multi-legacy: add to show how we did multi API use before
- curl_multi_wait/poll.
-
- Closes #7352
-
-- KNOWN_BUGS: flaky Windows CI builds
-
- Closes #6972
-
-- RELEASE-NOTES: synced
-
-- test1147: hyper doesn't allow "crazy" request headers like built-in
-
- ... so strip that from the test.
-
- Closes #7349
-
-- c-hyper: bail on too long response headers
-
- To match with built-in behaviors. Makes test 1154 work.
-
- Closes #7350
-
-- test1151: added missing CRLF to work with hyper
-
- Closes #7350
-
-- c-hyper: add support for transfer-encoding in the request
-
- Closes #7348
-
-- [Andrea Pappacoda brought this change]
-
- cmake: remove libssh2 feature checks
-
- libssh2 features are detected based on version since commit
- 9dbbba997608f7c3c5de1c627c77c8cd2aa85b73
-
- Closes #7343
-
-- test1116: hyper doesn't pass through "surprise-trailers"
-
- Closes #7344
-
-- socks4: scan for the IPv4 address in resolve results
-
- Follow-up to 84d2839740 which changed the resolving to always resolve
- both address families, but since SOCKS4 only supports IPv4 it should
- scan for and use the first available IPv4 address.
-
- Reported-by: shithappens2016 on github
- Fixes #7345
- Closes #7346
-
-Jay Satiro (5 Jul 2021)
-- proto.d: fix formatting for paragraphs after margin changes
-
- Closes https://github.com/curl/curl/pull/7341
-
-- pinnedpubkey.d: fix formatting for version support lists
-
- Closes https://github.com/curl/curl/pull/7340
-
-Daniel Stenberg (2 Jul 2021)
-- TODO: "Support in-memory certs/ca certs/keys" done
-
- Has been suppored for a while now with the *BLOB options.
-
-- examples: safer and more proper read callback logic
-
- The same callback code is used in:
-
- imap-append.c
- smtp-authzid.c
- smtp-mail.c
- smtp-multi.c
- smtp-ssl.c
- smtp-tls.c
-
- It should not assume that it can copy full lines into the buffer as it
- will encourage sloppy coding practices. Instead use byte-wise logic and
- check/acknowledge the buffer size appropriately.
-
- Reported-by: Harry Sintonen
- Fixes #7330
- Closes #7331
-
-- test1519: adjusted to work with hyper
-
- Closes #7333
-
-- test1518: adjusted to work with hyper
-
- ... by making sure the stdout output doesn't look like HTTP headers.
-
- Closes #7333
-
-- test1514: add a CRLF to the response to make it correct
-
- Makes hyper accept it fine instead returning HYPERE_UNEXPECTED_EOF on
- us.
-
- Closes #7334
-
-- formdata: avoid "Argument cannot be negative" warning
-
- ... when converting a curl_off_t to size_t, by using
- CURL_ZERO_TERMINATED before passing the argument to the function.
-
- Detected by Coverity CID 1486590.
-
- Closes #7328
- Assisted-by: Daniel Gustafsson
-
-- lib: more %u for port and int for %*s fixes
-
- Detected by Coverity
-
- Closes #7329
-
-- doh: (void)-prefix call to curl_easy_setopt
-
-- lib: fix type of len passed to *printf's %*s
-
- ... it needs to be 'int'. Detected by Coverity CID 1486611 (etc)
-
- Closes #7326
-
-- lib: use %u instead of %ld for port number printf
-
- Follow-up to 764c6bd3bf which changed the type of some port number
- fields. Detected by Coverity (CID 1486624) etc.
-
- Closes #7325
-
-- version: turn version number functions into returning void
-
- ... as we never use the return codes from them.
-
- Reviewed-by: Daniel Gustafsson
- Closes #7319
-
-- mqtt: extend the error message for no topic
-
- ... and mention that it needs URL encoding.
-
- Reported-by: Peter Körner
- Fixes #7316
- Closes #7317
-
-- formdata: correct typecast in curl_mime_data call
-
- Coverity pointed out it the mismatch. CID 1486590
-
- Closes #7327
-
-- url: (void)-prefix a curl_url_get() call
-
- Coverity (CID 1486645) pointed out a use of curl_url_get() in the
- parse_proxy function where the return code wasn't checked. A
- (void)-prefix makes the intention obvious.
-
- Closes #7320
-
-- glob: pass an 'int' as len when using printf's %*s
-
- Detected by Coverity CID 1486629.
-
- Closes #7324
-
-- vtls: use free() not curl_free()
-
- curl_free() is provided for users of the API to free returned data,
- there's no need to use it internally.
-
- Closes #7318
-
-- zuul: use the new rustls directory name
-
- Follow-up to 6d972c8b1cbb3 which missed updating this directory name.
-
- Also no longer call it crustls in the docs and bump to rusttls-ffi 0.7.1
-
- Closes #7311
-
-Jay Satiro (29 Jun 2021)
-- http: fix crash in rate-limited upload
-
- - Don't set the size of the piece of data to send to the rate limit if
- that limit is larger than the buffer size that will hold the piece.
-
- Prior to this change if CURLOPT_MAX_SEND_SPEED_LARGE
- (curl tool: --limit-rate) was set then it was possible that a temporary
- buffer used for uploading could be written to out of bounds. A likely
- scenario for this would be a non-trivial amount of post data combined
- with a rate limit larger than CURLOPT_UPLOAD_BUFFERSIZE (default 64k).
-
- The bug was introduced in 24e469f which is in releases since 7.76.0.
-
- perl -e "print '0' x 200000" > tmp
- curl --limit-rate 128k -d @tmp httpbin.org/post
-
- Reported-by: Richard Marion
-
- Fixes https://github.com/curl/curl/issues/7308
- Closes https://github.com/curl/curl/pull/7315
-
-Daniel Stenberg (29 Jun 2021)
-- copyright: add boiler-plate headers to CI config files
-
- And whitelist .zuul.ignore
-
- Closes #7314
-
-- CI: remove travis details
-
- Rename still used leftovers to "zuul" as that's now the CI using them.
-
- Closes #7313
-
-- RELEASE-NOTES: synced
-
-- openssl: avoid static variable for seed flag
-
- Avoid the race condition risk by instead storing the "seeded" flag in
- the multi handle. Modern OpenSSL versions handle the seeding itself so
- doing the seeding once per multi-handle instead of once per process is
- less of an issue.
-
- Reported-by: Gerrit Renker
- Fixes #7296
- Closes #7306
-
-- configure: inhibit the implicit-fallthrough warning on gcc-12
-
- ... since it no longer acknowledges the comment markup we use for that
- purpose.
-
- Reported-by: Younes El-karama
- Fixes #7295
- Closes #7307
-
-Daniel Gustafsson (28 Jun 2021)
-- [Andrei Rybak brought this change]
-
- misc: fix typos in comments which repeat a word
-
- Fix typos in code comments which repeat various words. In trivial
- cases, just delete the repeated word. Reword the affected sentence in
- "lib/url.c" for it to make sense.
-
- Closes #7303
- Reviewed-by: Daniel Gustafsson <daniel@yesql.se>
-
-Daniel Stenberg (27 Jun 2021)
-- lib677: make it survive torture testing
-
- Follow-up to a5ab72d5edd7
-
- Closes #7300
-
-- [Tommy Chiang brought this change]
-
- docs/BINDINGS: fix outdated links
-
- * luacurl page is now not accessible, fix it with wayback machine page
- * Scheme one seems not providing https now, change it back to http one
-
- Closes #7301
-
-- [Jacob Hoffman-Andrews brought this change]
-
- curstls: bump crustls version and use new URL
-
- crustls moved to https://github.com/rustls/rustls-ffi. This also bumps
- the expected version to 0.7.0.
-
- Closes #7297
-
-- RELEASE-NOTES: synced
-
-- examples: length-limit two sscanf() uses of %s
-
- Reported-by: Jishan Shaikh
- Fixes #7293
- Closes #7294
-
-- [Richard Whitehouse brought this change]
-
- multi: alter transfer timeout ordering
-
- - Check whether a connection has succeded before checking whether it's
- timed out.
-
- This means if we've connected quickly, but subsequently been
- descheduled, we allow the connection to succeed. Note, if we timeout,
- but between checking the timeout, and connecting to the server the
- connection succeeds, we will allow it to go ahead. This is viewed as
- an acceptable trade off.
-
- - Add additional failf logging around failed connection attempts to
- propogate the cause up to the caller.
-
- Co-Authored-by: Martin Howarth
- Closes #7178
-
-- test677: IMAP CONNECT_ONLY, custom command and then exit
-
- Adjusted ftpserver.pl to add support for the IMAP IDLE command
-
- Adjusted test 660 to sync with the fix
-
-- multi: do not switch off connect_only flag when closing
-
- ... as it made protocol specific disconnect commands wrongly get used.
-
- Bug: https://curl.se/mail/lib-2021-06/0024.html
- Reported-by: Aleksander Mazur
- Closes #7288
-
-- http: make the haproxy support work with unix domain sockets
-
- ... it should then pass on "PROXY UNKNOWN" since it doesn't know the
- involved IP addresses.
-
- Reported-by: Valentín Gutiérrez
- Fixes #7290
- Closes #7291
-
-- [Xiang Xiao brought this change]
-
- curl.h: include sys/select.h for NuttX RTOS
-
- Closes #7287
-
-- [Bin Meng brought this change]
-
- curl.h: remove the execution bit
-
- The execution bit of curl.h file was wrongly added:
-
- commit 2621025d6f96 ("curl.h: <sys/select.h> is supported by VxWorks7")
-
- and should be removed.
-
- Follow-up to 2621025d6f96 ("curl.h: <sys/select.h> is supported by VxWorks7")
- Signed-off-by: Bin Meng <bmeng.cn@gmail.com>
- Closes #7286
-
-- [Bin Lan brought this change]
-
- curl.h: <sys/select.h> is supported by VxWorks7
-
- Closes #7285
-
-- [Bachue Zhou brought this change]
-
- quiche: use send() instead of sendto() to avoid macOS issue
-
- sendto() always returns "Socket is already connected" error on macos
-
- Closes #7260
-
-- [Li Xinwei brought this change]
-
- cmake: fix support for UnixSockets feature on Win32
-
- Move the definition of sockaddr_un struct from config-win32.h to
- curl_setup.h, so that it could be shared by all build systems.
-
- Add ADDRESS_FAMILY typedef for old mingw, now old mingw can also use
- unix sockets.
-
- Also fix the build of tests/server/sws.c on Win32 when USE_UNIX_SOCKETS
- is defined.
-
- Closes #7034
-
-- [Gregory Muchka brought this change]
-
- hostip: (macOS) free returned memory of SCDynamicStoreCopyProxies
-
- From Apples documentation on SCDynamicStoreCopyProxies, "Return Value: A
- dictionary of key-value pairs that represent the current internet proxy
- settings, or NULL if no proxy settings have been defined or if an error
- occurred. You must release the returned value."
-
- Failure to release the returned value of SCDynamicStoreCopyProxies can
- result in a memory leak.
-
- Source: https://developer.apple.com/documentation/systemconfiguration/1517088-scdynamicstorecopyproxies
-
- Closes #7265
-
-- RELEASE-NOTES: synced
-
-Jay Satiro (21 Jun 2021)
-- vtls: fix warning due to function prototype mismatch
-
- b09c8ee changed the function prototype. Caught by Visual Studio.
-
-- curl_multibyte: Remove local encoding fallbacks
-
- - If the UTF-8 to UTF-16 conversion fails in Windows Unicode builds then
- no longer fall back to assuming the string is in a local encoding.
-
- Background:
-
- Some functions in Windows Unicode builds must convert UTF-8 to UTF-16 to
- pass to the Windows CRT API wide-character functions since in Windows
- UTF-8 is not a valid locale (or at least 99% of the time right now).
-
- Prior to this change if the Unicode encoding conversion failed then
- libcurl would assume, for backwards compatibility with applications that
- may have written their code for non-Unicode builds, attempt to convert
- the string from local encoding to UTF-16.
-
- That type of "best effort" could theoretically cause some type of
- security or other problem if a string that was locally encoded was also
- valid UTF-8, and therefore an unexpected UTF-8 to UTF-16 conversion
- could occur.
-
- Ref: https://github.com/curl/curl/pull/7246
-
- Closes https://github.com/curl/curl/pull/7257
-
-Daniel Stenberg (20 Jun 2021)
-- curl_endian: remove the unused Curl_write64_le function
-
- The last usage was removed in cca455a36
-
- Closes #7280
-
-- vtls: only store TIMER_APPCONNECT for non-proxy connect
-
- Introducing a 'isproxy' argument to the connect function so that it
- knows wether to store the time stamp or not.
-
- Reported-by: Yongkang Huang
- Fixes #7274
- Closes #7274
-
-- gnutls: set the preferred TLS versions in correct order
-
- Regression since 781864bedbc57 (curl 7.77.0)
-
- Reported-by: civodul on github
- Assisted-by: Nikos Mavrogiannopoulos
- Fixes #7277
- Closes #7278
-
-- [Gergely Nagy brought this change]
-
- configure/cmake: remove checks for unused gethostbyaddr and gethostbyaddr_r
-
- Closes #7276
-
-- [Gergely Nagy brought this change]
-
- configure/cmake: remove checks for unused inet_ntoa and inet_ntoa_r
-
- Closes #7276
-
-- [Gergely Nagy brought this change]
-
- configure/cmake: remove unused define HAVE_PERROR
-
- Closes #7276
-
-- [Gergely Nagy brought this change]
-
- configure: remove unused check for gai_strerror
-
- Closes #7276
-
-- [Gergely Nagy brought this change]
-
- configure/cmake: remove unused define HAVE_FREEIFADDRS
-
- Closes #7276
-
-- [Gergely Nagy brought this change]
-
- configure/cmake: remove unused define HAVE_FORK
-
- Closes #7276
-
-- [Gergely Nagy brought this change]
-
- configure/cmake: remove unused define HAVE_FDOPEN
-
- Closes #7276
-
-- [Gergely Nagy brought this change]
-
- configure/cmake: remove checks for unused sgtty.h
-
- Closes #7276
-
-- [Gergely Nagy brought this change]
-
- configure/cmake: remove remaining checks for rsa.h
-
- Closes #7276
-
-- [Gergely Nagy brought this change]
-
- configure/cmake: remove remaining checks for err.h
-
- Closes #7276
-
-- [Gergely Nagy brought this change]
-
- configure/cmake: remove remaining checks for crypto.h
-
- Closes #7276
-
-- [Gergely Nagy brought this change]
-
- configure/cmake: remove checks for unused getservbyport_r
-
- Closes #7276
-
-- --socks4[a]: clarify where the host name is resolved
-
- Closes #7273
-
-- libcurl-security.3: mention file descriptors and forks
-
- ... and move the security report section last.
-
- Reported-by: Harry Sintonen
- Closes #7270
-
-- [Alex Xu (Hello71) brought this change]
-
- configure.ac: make non-executable
-
- it needs to be processed by autoconf or autoreconf, and doesn't have a
- suitable shebang to be directly executed. other projects normally set
- configure.ac -x.
-
- Closes #7272
-
-- configure: do not strip out debug flags
-
- To allow users to set them when invoking configure without using
- --with-debug.
-
- Reported-by: Alex Xu
- Fixes #7216
- Closes #7267
-
-- libssh2: limit time a disconnect can take to 1 second
-
- Closes #7271
-
-- TLS: prevent shutdown loops to get stuck
-
- ... by making sure the loops are only allowed to read the shutdown
- traffic a limited number of times.
-
- Reported-by: Harry Sintonen
- Closes #7271
-
-- hyper: propagate errors back up from read callbacks
-
- Makes test 513 work with hyper
-
- Closes #7266
-
-- KNOWN_BUGS: Negotiate on Windows fails
-
- Closes #5881
-
-- KNOWN_BUGS: renames instead of locking for atomic operations
-
- Closes #6882
- Closes #6884
-
-- zuul: add two missing CI jobs
-
- ... that were configured, just not run
-
- Closes #7261
-
-Viktor Szakats (15 Jun 2021)
-- idn: fix libidn2 with windows unicode builds
-
- Unicode Windows builds use UTF-8 strings internally in libcurl,
- so make sure to call the UTF-8 flavour of the libidn2 API. Also
- document that Windows builds with libidn2 and UNICODE do expect
- CURLOPT_URL as an UTF-8 string.
-
- Reported-by: dEajL3kA on github
- Assisted-by: Jay Satiro
- Reviewed-by: Marcel Raad
- Closes #7246
- Fixes #7228
-
-Daniel Stenberg (15 Jun 2021)
-- curl_url_set: reject spaces in URLs w/o CURLU_ALLOW_SPACE
-
- They were never officially allowed and slipped in only due to sloppy
- parsing. Spaces (ascii 32) should be correctly encoded (to %20) before
- being part of a URL.
-
- The new flag bit CURLU_ALLOW_SPACE when a full URL is set, makes libcurl
- allow spaces.
-
- Updated test 1560 to verify.
-
- Closes #7073
-
-- RELEASE-NOTES: synced
-
- ... and bump to version 7.78.0 for the next planned release.
-
-Jay Satiro (15 Jun 2021)
-- docs: Remove outdated curl tool limitation
-
- - Document that HTTP/2 multiplexing is supported by the curl tool when
- parallel transfers are used.
-
- Supported since 7.66.0 via --parallel, but the doc wasn't updated.
-
- Closes https://github.com/curl/curl/pull/7259
-
-- http2: Clarify 'Using HTTP2' verbose message
-
- - Change phrasing from multi-use to multiplexing since the former may
- not be as well understood.
-
- Before: * Using HTTP2, server supports multi-use
-
- After: * Using HTTP2, server supports multiplexing
-
- Bug: https://github.com/curl/curl/discussions/7255
- Reported-by: David Hu
-
- Closes https://github.com/curl/curl/pull/7258
-
-Daniel Stenberg (14 Jun 2021)
-- winbuild/README: VC should be set to 6 'or larger'
-
- Previously it listed all versions up to 15 (missing 16) but this new
- phrasing is more open ended.
-
- Reported-by: Hugh Macdonald
- Fixes #7253
- Closes #7254
-
-- [Jacob Hoffman-Andrews brought this change]
-
- rustls: remove native_roots fallback
-
- For the commandline tool, we expect to be passed
- SSL_CONN_CONFIG(CAfile); for library use, the use should pass a set of
- trusted roots (like in other TLS backends).
-
- This also removes a dependency on Security.framework when building on
- macOS.
-
- Closes #7250
-
-- [Albin Vass brought this change]
-
- travis: remove jobs that have migrated to zuul
-
- Closes #7245
-
-- [Mohammed Naser brought this change]
-
- CI: add jobs using Zuul
-
- It also includes a few changes to get the builds going:
- - Added autoconf to common dependencies
- - Added automake to common dependencies
- - Added libtool to common dependencies
- - Added libssl-dev to common dependencies
-
- Co-authored-by: Albin Vass
-
- Closes #7245
-
-- netrc: skip 'macdef' definitions
-
- Add test 494 to verify
-
- Reported-by: Harry Sintonen
- Fixes #7238
- Closes #7244
-
-- multi: add scan-build-6 work-around in curl_multi_fdset
-
- scan-build-6 otherwise warns, saying: warning: The left operand of '>='
- is a garbage value otherwise, which is false.
-
- Later scan-builds don't claim this on the same code.
-
- Closes #7248