- Update from version 7.86.0 to 7.87.0
- Update of rootfile
- version 7.87.0 changed hoiw it deals with deprecated typecheck expressions. This caused
zabbix_agentd build to fail. Curl developers created a commit to fix this in next
version release. Added as patch here. Should be able to be removed with next curl
update.
- Changelog
curl and libcurl 7.87.0
This release includes the following changes:
o curl: add --url-query [52]
o CURLOPT_QUICK_EXIT: don't wait for DNS thread on exit [75]
o lib: add CURL_WRITEFUNC_ERROR to signal write callback error [47]
o openssl: reduce CA certificate bundle reparsing by caching [11]
o version: add a feature names array to curl_version_info_data [67]
This release includes the following bugfixes:
o altsvc: fix rejection of negative port numbers [144]
o aws_sigv4: consult x-%s-content-sha256 for payload hash [102]
o aws_sigv4: fix typos in aws_sigv4.c [101]
o base64: better alloc size [124]
o base64: encode without using snprintf [123]
o base64: faster base64 decoding [120]
o build: assume assert.h is always available [111]
o build: assume errno.h is always available [110]
o c-hyper: CONNECT respones are not server responses [137]
o c-hyper: fix multi-request mechanism [115]
o CI: Change FreeBSD image from 12.3 to 12.4 [108]
o CI: LGTM.com will be shut down in December 2022 [112]
o ci: Remove zuul fuzzing job as it's superseded by CIFuzz
o cmake: check for cross-compile, not for toolchain [54]
o CMake: fix build with `CURL_USE_GSSAPI` [78]
o cmake: really enable warnings with clang [25]
o cmake: set the soname on the shared library [140]
o cmdline-opts/gen.pl: fix the linkifier [64]
o cmdline-opts/page-footer: remove long option nroff formatting
o config-mac: define HAVE_SYS_IOCTL_H [107]
o config-mac: fix typo: size_T -> size_t [125]
o config-mac: remove HAVE_SYS_SELECT_H [116]
o config-win32: fix SIZEOF_OFF_T for MSVC and old MinGW [41]
o configure: require fork for NTLM-WB [36]
o contributors.sh: actually use $CURLWWW instead of just setting it [129]
o cookie: compare cookie prefixes case insensitively [14]
o cookie: expire cookies at once when max-age is negative [45]
o cookie: open cookie jar as a binary file [89]
o curl-openssl.m4: do not add $prefix/include/openssl to CPPFLAGS [90]
o curl-rustls.m4: on macOS, rustls also needs the Security framework [44]
o curl.h: include <sys/select.h> on SerenityOS [104]
o curl.h: name all public function parameters [118]
o curl.h: reword comment to not use deprecated option [132]
o curl: override the numeric locale and set "C" by force [60]
o curl: timeout in the read callback [15]
o curl_endian: remove Curl_write64_le from header [81]
o curl_get_line: allow last line without newline char [88]
o curl_path: do not add '/' if homedir ends with one [4]
o curl_url_get.3: remove spurious backtick [127]
o curl_url_set.3: document CURLU_DISALLOW_USER [139]
o curl_url_set.3: fix typo [148]
o CURLMOPT_SOCKETFUNCTION.3: clarify CURL_POLL_REMOVE [1]
o CURLOPT_COOKIEFILE.3: advice => advise [131]
o CURLOPT_DEBUGFUNCTION.3: do not assume nul-termination in example [31]
o CURLOPT_DEBUGFUNCTION.3: emphasize that incoming data is "raw" [130]
o CURLOPT_POST.3: Explain setting to 0 changes request type [61]
o docs/curl_ws_send: Fixed typo in websocket docs [114]
o docs/EARLY-RELEASE.md: how to determine an early release [37]
o docs/examples: spell correction ('Retrieve') [119]
o docs/INSTALL.md: expand on static builds [62]
o docs/WEBSOCKET.md: explain the URL use [71]
o docs: add missing parameters for --retry flag [2]
o docs: add more "SEE ALSO" links to CA related pages [82]
o docs: explain the noproxy CIDR notation support [17]
o docs: extend the dump-header documentation [150]
o docs: remove performance note in CURLOPT_SSL_VERIFYPEER [13]
o examples/10-at-a-time: fix possible skipped final transfers [85]
o examples: update descriptions [83]
o ftp: support growing files with CURLOPT_IGNORE_CONTENT_LENGTH [96]
o gen.pl: do not generate CURLHELP bitmask lines > 79 characters [10]
o GHA: clarify workflows permissions, set least possible privilege [79]
o GHA: NSS use clang instead of clang-9 [103]
o gnutls: use common gnutls init and verify code for ngtcp2 [98]
o headers: add endif comments [51]
o HTTP-COOKIES.md: mention that http://localhost is a secure context [76]
o HTTP-COOKIES.md: update the 6265bis link to draft-11 [70]
o http: do not send PROXY more than once [46]
o http: fix the ::1 comparison for IPv6 localhost for cookies [155]
o http: set 'this_is_a_follow' in the Location: logic [40]
o http: use the IDN decoded name in HSTS checks [154]
o hyper: classify headers as CONNECT and 1XX [56]
o hyper: fix handling of hyper_task's when reusing the same address [33]
o idn: remove Curl_win32_ascii_to_idn [153]
o INSTALL: update operating systems and CPU archs [91]
o KNOWN_BUGS: remove eight entries [50]
o lib1560: add some basic IDN host name tests [151]
o lib: connection filters (cfilter) addition to curl: [43]
o lib: feature deprecation warnings in gcc >= 4.3 [58]
o lib: fix some type mismatches and remove unneeded typecasts [12]
o lib: parse numbers with fixed known base 10 [77]
o lib: remove bad set.opt_no_body assignments [42]
o lib: rewind BEFORE request instead of AFTER previous [65]
o lib: sync guard for Curl_getaddrinfo_ex() definition and use [6]
o lib: use size_t or int etc instead of longs [145]
o libcurl-errors.3: remove duplicate word [3]
o libssh2: return error when ssh_hostkeyfunc returns error [121]
o limit-rate.d: see also --rate
o log2changes.pl: wrap long lines at 80 columns [59]
o Makefile.mk: address minor issues [87]
o Makefile.mk: improve a GNU Make hack [122]
o Makefile.mk: portable Makefile.m32 [86]
o maketgz: set the right version in lib/libcurl.plist [53]
o mime: relax easy/mime structures binding [94]
o misc: Fix incorrect spelling [113]
o misc: remove duplicated include files [28]
o misc: typo and grammar fixes [23]
o negtelnetserver.py: have it call its close() method [68]
o netrc.d: provide mutext info [63]
o netware: remove leftover traces [80]
o noproxy: also match with adjacent comma [19]
o noproxy: guard against empty hostnames in noproxy check [136]
o noproxy: tailmatch like in 7.85.0 and earlier [35]
o nroff-scan.pl: detect double highlights
o ntlm: improve comment for encrypt_des [55]
o ntlm: silence ubsan warning about copying from null target_info pointer [69]
o openssl/mbedtls: use %d for outputing port with failf (int) [72]
o openssl: prefix errors with '[lib]/[version]: ' [105]
o os400: use platform socklen_t in Curl_getnameinfo_a [18]
o page-header: grammar improvement (display transfer rate) [126]
o proxy: refactor haproxy protocol handling as connection filter [57]
o README.md: remove badges and xmas-tree garnish [9]
o rtsp: fix RTSP auth [49]
o runtests: --no-debuginfod now disables DEBUGINFOD_URLS [100]
o runtests: do CRLF replacements per section only [97]
o scripts/checksrc.pl: detect duplicated include files [29]
o sendf: change Curl_read_plain to wrap Curl_recv_plain [48]
o sendf: remove unnecessary if condition [26]
o setup: do not require __MRC__ defined for Mac OS 9 builds [117]
o smb/telnet: do not free the protocol struct in *_done() [152]
o socks: fix username max size is 255 (0xFF) [146]
o spellcheck.words: remove 'github' as an accepted word [22]
o ssl-reqd.d: clarify that this is for upgrading connections only [138]
o strcase: use curl_str(n)equal for case insensitive matches [8]
o styled-output.d: this option does not work on Windows [93]
o system.h: fix socklen_t, curl_off_t, long long for Classic Mac OS [133]
o system.h: support 64-bit curl_off_t for NonStop 32-bit [21]
o test1421: fix typo [109]
o test3026: reduce runtime in legacy mingw builds [73]
o tests/sshserver.pl: re-enable ssh-rsa while using openssh 8.8+
o tests: add authorityInfoAccess to generated certs [99]
o tests: add HTTP/3 test case, custom location for proper nghttpx [106]
o tls: backends use connection filters for IO, enabling HTTPS-proxy [92]
o tool: determine the correct fopen option for -D [95]
o tool_cfgable: free the ssl_ec_curves on exit [142]
o tool_cfgable: make socks5_gssapi_nec a boolean [128]
o tool_formparse: avoid clobbering on function params [135]
o tool_getparam: make --no-get work as the opposite of --get [39]
o tool_operate: provide better errmsg for -G with bad URL [16]
o tool_operate: when aborting, make sure there is a non-NULL error buffer [20]
o tool_paramhlp: free the proto strings on exit [141]
o url: move back the IDN conversion of proxy names [74]
o urlapi: reject more bad letters from the host name: &+() [143]
o urldata: change port num storage to int and unsigned short [66]
o vms: remove SIZEOF_SHORT [134]
o vtls: fix build without proxy support [38]
o vtls: localization of state data in filters [84]
o WEBSOCKET.md: fix broken link [30]
o Websocket: fixes for partial frames and buffer updates [7]
o websockets: fix handling of partial frames [32]
o windows: fail early with a missing windres in autotools [5]
o windows: fix linking .rc to shared curl with autotools [24]
o winidn: drop WANT_IDN_PROTOTYPES [27]
o ws: if no connection is around, return error [149]
o ws: return CURLE_NOT_BUILT_IN when websockets not built in [34]
o x509asn1: avoid freeing unallocated pointers [147]
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Reviewed-by: Peter Müller <peter.mueller@ipfire.org>
- Update from version 7.84.0 to 7.86.0
- Update of rootfile
- curl-7.84.0-easy_lock_h_include_sched_h_if_available_to_fix_build.patch removed as this
is now built into the source tarball version
- Changelog - is too large to inclkude here. The details can be found in the RELEASE_NOTES
file in the source tarballs.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
- Update from version 7.83.1 to 7.84.0
- Update of rootfile
- Changelog
7.84.0 - June 27 2022
Changes:
curl: add --rate to set max request rate per time unit
curl: deprecate --random-file and --egd-file
curl_version_info: add CURL_VERSION_THREADSAFE
CURLINFO_CAPATH/CAINFO: get the default CA paths from libcurl
lib: make curl_global_init() threadsafe when possible
libssh2: add CURLOPT_SSH_HOSTKEYFUNCTION
opts: deprecate RANDOM_FILE and EGDSOCKET
socks: support unix sockets for socks proxy
Bugfixes:
aws-sigv4: fix potentional NULL pointer arithmetic
bindlocal: don't use a random port if port number would wrap
c-hyper: mark status line as status for Curl_client_write()
ci: avoid `cmake -Hpath`
CI: bump FreeBSD 13.0 to 13.1
ci: update github actions
cmake: add libpsl support
cmake: do not add libcurl.rc to the static libcurl library
cmake: enable curl.rc for all Windows targets
cmake: fix detecting libidn2
cmake: support adding a suffix to the OS value
configure: skip libidn2 detection when winidn is used
configure: use the SED value to invoke sed
configure: warn about rustls being experimental
content_encoding: return error on too many compression steps
cookie: address secure domain overlay
cookie: apply limits
copyright.pl: parse and use .reuse/dep5 for skips
copyright: make repository REUSE compliant
curl.1: add a few see also --tls-max
curl.1: mention exit code zero too
curl: re-enable --no-remote-name
curl_easy_pause.3: remove explanation of progress function
curl_getdate.3: document that some illegal dates pass through
Curl_parsenetrc: don't access local pwbuf outside of scope
curl_url_set.3: clarify by default using known schemes only
CURLOPT_ALTSVC.3: document the file format
CURLOPT_FILETIME.3: fix the protocols this works with
CURLOPT_HTTPHEADER.3: improve comment in example
CURLOPT_NETRC.3: document the .netrc file format
CURLOPT_PORT.3: We discourage using this option
CURLOPT_RANGE.3: remove ranged upload advice
digest: added detection of more syntax error in server headers
digest: tolerate missing "realm"
digest: unquote realm and nonce before processing
DISABLED: disable 1021 for hyper again
docs/cmdline-opts: add copyright and license identifier to each file
docs/CONTRIBUTE.md: document the 'needs-votes' concept
docs: clarify data replacement policy for MIME API
doh: remove UNITTEST macro definition
examples/crawler.c: use the curl license
examples: remove fopen.c and rtsp.c
FAQ: Clarify Windows double quote usage
fopen: add Curl_fopen() for better overwriting of files
ftp: restore protocol state after http proxy CONNECT
ftp: when failing to do a secure GSSAPI login, fail hard
GHA/hyper: enable debug in the build
gssapi: improve handling of errors from gss_display_status
gssapi: initialize gss_buffer_desc strings
headers api: remove EXPERIMENTAL tag
http2: always debug print stream id in decimal with %u
http2: reject overly many push-promise headers
http: restore header folding behavior
hyper: use 'alt-used'
krb5: return error properly on decode errors
lib: make more protocol specific struct fields #ifdefed
libcurl-security.3: add "Secrets in memory"
libcurl-security.3: document CRLF header injection
libssh: skip the fake-close when libssh does the right thing
links: update dead links to the curl-wiki
log2changes: do not indent empty lines [ci skip]
macos9: remove partial support
Makefile.am: fix portability issues
Makefile.m32: delete obsolete options, improve -On [ci skip]
Makefile.m32: delete two obsolete OpenSSL options [ci skip]
Makefile.m32: stop forcing XP target with ipv6 enabled [ci skip]
max-time.d: clarify max-time sets max transfer time
mprintf: ignore clang non-literal format string
netrc: check %USERPROFILE% as well on Windows
netrc: support quoted strings
ngtcp2: allow curl to send larger UDP datagrams
ngtcp2: correct use of ngtcp2 and nghttp3 signed integer types
ngtcp2: enable Linux GSO
ngtcp2: extend QUIC transport parameters buffer
ngtcp2: fix alert_read_func return value
ngtcp2: fix typo in preprocessor condition
ngtcp2: handle error from ngtcp2_conn_submit_crypto_data
ngtcp2: send appropriate connection close error code
ngtcp2: support boringssl crypto backend
ngtcp2: use helper funcs to simplify TLS handshake integration
ntlm: provide a fixed fake host name
projects: fix third-party SSL library build paths for Visual Studio
quic: add Curl_quic_idle
quiche: support ca-fallback
rand: stop detecting /dev/urandom in cross-builds
remote-name.d: mention --output-dir
runtests.pl: add the --repeat parameter to the --help output
runtests: fix skipping tests not done event-based
runtests: skip starting the ssh server if user name is lacking
scripts/copyright.pl: fix the exclusion to not ignore man pages
sectransp: check for a function defined when __BLOCKS__ is undefined
select: return error from "lethal" poll/select errors
server/sws: support spaces in the HTTP request path
speed-limit/time.d: mention these affect transfers in either direction
strcase: some optimisations
test 2081: add a valid reply for the second request
test 675: add missing CR so the test passes when run through Privoxy
test414: add the '--resolve' keyword
test681: verify --no-remote-name
tests 266, 116 and 1540: add a small write delay
tests/data/test1501: kill ftp server after slow LIST response
tests/getpart: fix getpartattr to work with "data" and "data2"
tests/server/sws.c: change the HTTP writedelay unit to milliseconds
test{440,441,493,977}: add "HTTP proxy" keywords
tool_getparam: fix --parallel-max maximum value constraint
tool_operate: make sure --fail-with-body works with --retry
transfer: fix potential NULL pointer dereference
transfer: maintain --path-as-is after redirects
transfer: upload performance; avoid tiny send
url: free old conn better on reuse
url: remove redundant #ifdefs in allocate_conn()
url: URL encode the path when extracted, if spaces were set
urlapi: make curl_url_set(url, CURLUPART_URL, NULL, 0) clear all parts
urlapi: support CURLU_URLENCODE for curl_url_get()
urldata: reduce size of a few struct fields
urldata: remove three unused booleans from struct UserDefined
urldata: store tcp_keepidle and tcp_keepintvl as ints
version: allow stricmp() for sorting the feature list
vtls: make curl_global_sslset thread-safe
wolfssh.h: removed
wolfssl: correct the failf() message when a handle can't be made
wolfSSL: explicitly use compatibility layer
x509asn1: mark msnprintf return as unchecked
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
- Update from 7.82.0 to 7.83.0
- Update of rootfile
- Changelog
7.83.0
Changes:
o curl: add %header{name} experimental support in -w handling
o curl: add %{header_json} experimental support in -w handling
o curl: add --no-clobber [28]
o curl: add --remove-on-error [11]
o header api: add curl_easy_header and curl_easy_nextheader [56]
o msh3: add support for QUIC and HTTP/3 using msh3 [84]
Bugfixes:
o appveyor: add Cygwin build [77]
o appveyor: only add MSYS2 to PATH where required [78]
o BearSSL: add CURLOPT_SSL_CIPHER_LIST support [27]
o BearSSL: add CURLOPT_SSL_CTX_FUNCTION support [26]
o BINDINGS.md: add Hollywood binding [34]
o CI: Do not use buildconf. Instead, just use: autoreconf -fi [42]
o CI: install Python package impacket to run SMB test 1451 [5]
o configure.ac: move -pthread CFLAGS setting back where it used to be [14]
o configure: bump the copyright year range int the generated output
o conncache: include the zone id in the "bundle" hashkey [112]
o connecache: remove duplicate connc->closure_handle check [90]
o connect: make Curl_getconnectinfo work with conn cache from share handle [22]
o connect: use TCP_KEEPALIVE only if TCP_KEEPIDLE is not defined [6]
o cookie.d: clarify when cookies are sent
o cookies: improve errorhandling for reading cookiefile [123]
o curl/system.h: update ifdef condition for MCST-LCC compiler [4]
o curl: error out if -T and -d are used for the same URL [99]
o curl: error out when options need features not present in libcurl [18]
o curl: escape '?' in generated --libcurl code [117]
o curl: fix segmentation fault for empty output file names. [60]
o curl_easy_header: fix typos in documentation [74]
o CURLINFO_PRIMARY_PORT.3: clarify which port this is [126]
o CURLOPT*TLSAUTH.3: they only work with OpenSSL or GnuTLS [105]
o CURLOPT_DISALLOW_USERNAME_IN_URL.3: use uppercase URL
o CURLOPT_PREQUOTE.3: only works for FTP file transfers, not dirs [79]
o CURLOPT_PROGRESSFUNCTION.3: fix typo in example [63]
o CURLOPT_UNRESTRICTED_AUTH.3: extended explanation [127]
o CURLSHOPT_UNLOCKFUNC.3: fix the callback prototype [9]
o docs/HYPER.md: updated to reflect current hyper build needs
o docs/opts: Mention Schannel client cert type is P12 [50]
o docs: Fix missing semicolon in example code [102]
o docs: lots of minor language polish [51]
o English: use American spelling consistently [95]
o fail.d: tweak the description [101]
o firefox-db2pem.sh: make the shell script safer [47]
o ftp: fix error message for partial file upload [61]
o gen.pl: change wording for mutexed options [98]
o GHA: add openssl3 jobs moved over from zuul [88]
o GHA: build hyper with nightly rustc [7]
o GHA: move bearssl jobs over from zuul [85]
o gha: move the event-based test over from Zuul [59]
o gtls: fix build for disabled TLS-SRP [48]
o http2: handle DONE called for the paused stream [69]
o http2: RST the stream if we stop it on our own will [67]
o http: avoid auth/cookie on redirects same host diff port [110]
o http: close the stream (not connection) on time condition abort [68]
o http: reject header contents with nul bytes [41]
o http: return error on colon-less HTTP headers [31]
o http: streamclose "already downloaded" [57]
o hyper: fix status_line() return code [13]
o hyper: fix tests 580 and 581 for hyper [107]
o hyper: no h2c support [33]
o infof: consistent capitalization of warning messages [103]
o ipv4/6.d: clarify that they are about using IP addresses [3]
o json.d: fix typo (overriden -> overridden) [24]
o keepalive-time.d: It takes many probes to detect brokenness [29]
o lib/warnless.[ch]: only check for WIN32 and ignore _WIN32 [45]
o lib670: avoid double check result [71]
o lib: #ifdef on USE_HTTP2 better [65]
o lib: fix some misuse of curlx_convert_wchar_to_UTF8 [38]
o lib: remove exclamation marks [100]
o libssh2: compare sha256 strings case sensitively [114]
o libssh2: make the md5 comparison fail if wrong length [111]
o libssh: fix build with old libssh versions [12]
o libssh: fix double close [124]
o libssh: Improve fix for missing SSH_S_ stat macros [10]
o libssh: unstick SFTP transfers when done event-based [58]
o macos: set .plist version in autoconf [122]
o mbedtls: remove 'protocols' array from backend when ALPN is not used [66]
o mbedtls: remove server_fd from backend [91]
o mk-ca-bundle.pl: Use stricter logic to process the certificates [39]
o mk-ca-bundle.vbs: delete this script in favor of mk-ca-bundle.pl [8]
o mlc_config.json: add file to ignore known troublesome URLs [35]
o mqtt: better handling of TCP disconnect mid-message [55]
o ngtcp2: add client certificate authentication for OpenSSL [15]
o ngtcp2: avoid busy loop in low CWND situation [119]
o ngtcp2: deal with sub-millisecond timeout [116]
o ngtcp2: disconnect the QUIC connection proper [19]
o ngtcp2: enlarge H3_SEND_SIZE [82]
o ngtcp2: fix HTTP/3 upload stall and avoid busy loop [83]
o ngtcp2: fix memory leak [80]
o ngtcp2: fix QUIC_IDLE_TIMEOUT [94]
o ngtcp2: make curl 1ms faster [93]
o ngtcp2: remove remote_addr which is not used in a meaningful way [81]
o ngtcp2: update to work after recent ngtcp2 updates [62]
o ngtcp2: use token when detecting :status header field [92]
o nonblock: restore setsockopt method to curlx_nonblock [20]
o openssl: check SSL_get_peer_cert_chain return value [1]
o openssl: enable CURLOPT_SSL_EC_CURVES with BoringSSL [23]
o openssl: fix CN check error code [21]
o options: remove mistaken space before paren in prototype
o perl: removed a double semicolon at end of line [64]
o pop3/smtp: return *WEIRD_SERVER_REPLY when not understood [43]
o projects/README: converted to markdown [76]
o projects: Update VC version names for VS2017, VS2022 [52]
o rtsp: don't let CSeq error override earlier errors [37]
o runtests: add 'bearssl' as testable feature [87]
o runtests: make 'oldlibssh' be before 0.9.4 [2]
o schannel: remove dead code that will never run [89]
o scripts/copyright.pl: ignore the new mlc_config.json file
o scripts: move three scripts from lib/ to scripts/ [44]
o test1135: sync with recent API updates [54]
o test1459: disable for oldlibssh [53]
o test375: fix line endings on Windows [40]
o test386: Fix an incorrect test markup tag
o test718: edited slightly to return better HTTP [32]
o tests/server/util.h: align WIN32 condition with util.c [46]
o tests: refactor server/socksd.c to support --unix-socket [96]
o timediff.[ch]: add curlx helper functions for timeval conversions [86]
o tls: make mbedtls and NSS check for h2, not nghttp2 [70]
o tool and tests: force flush of all buffers at end of program [17]
o tool_cb_hdr: Turn the Location: into a terminal hyperlink [30]
o tool_getparam: error out on missing -K file [115]
o tool_listhelp.c: uppercase URL
o tool_operate: fix a scan-build warning [16]
o tool_paramhlp: use feof(3) to identify EOF correctly when using fread(3) [97]
o transfer: redirects to other protocols or ports clear auth [109]
o unit1620: call global_init before calling Curl_open [125]
o url: check sasl additional parameters for connection reuse. [113]
o vtls: provide a unified APLN-disagree string for all backends [75]
o vtls: use a backend standard message for "ALPN: offers %s" [73]
o vtls: use a generic "ALPN, server accepted" message [72]
o winbuild/README.md: fixup dead link [36]
o winbuild: Add a Visual Studio example to the README [49]
o wolfssl: fix compiler error without IPv6 [25]
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Reviewed-by: Peter Müller <peter.mueller@ipfire.org>
- Update from 7.80.0 to 7.81.0
- Update of rootfile
- Changelog
7.81.0
This release includes the following changes:
o mime: use percent-escaping for multipart form field and file names [1]
This release includes the following bugfixes:
o asyn-ares: ares_getaddrinfo needs no happy eyeballs timer [73]
o azure: make the "w/o HTTP/SMTP/IMAP" build disable SSL proper [12]
o BINDINGS: add cURL client for PostgreSQL [68]
o BINDINGS: add one from Everything curl and update a link
o checksrc: detect more kinds of NULL comparisons we avoid [105]
o CI: build examples for additional code verification [75]
o CI: bump job to use mbedtls 3.1.0 [90]
o cmake: don't set _USRDLL on a static Windows build [22]
o cmake: prevent dev warning due to mismatched arg [94]
o cmake: private identifiers use CURL_ instead of CMAKE_ prefix [40]
o config.d: update documentation to match the path search
o configure: add -lm to configure for rustls build. [13]
o configure: better diagnostics if hyper is built wrong [6]
o configure: don't enable TLS when --without-* flags are used [17]
o configure: fix runtime-lib detection on macOS [21]
o curl.1: require "see also" for every documented option [27]
o curl: improve error message for --head with -J [42]
o curl_easy_cleanup.3: remove from multi handle first [3]
o curl_easy_escape.3: call curl_easy_cleanup in example [58]
o curl_easy_unescape.3: call curl_easy_cleanup in example [57]
o curl_multi_init.3: fix EXAMPLE formatting
o curl_multi_perform/socket_action.3: clarify what errors mean [70]
o curl_share_setopt.3: split out options into their own manpages [14]
o CURLOPT_STDERR.3: does not work with libcurl as a win32 DLL [51]
o digest: compute user:realm:pass digest w/o userhash [45]
o docs/checksrc: Add documentation for STRERROR [18]
o docs/cmdline-opts: do not say "protocols: all" [26]
o docs/examples: workaround broken -Wno-pedantic-ms-format
o docs/HTTP3: describe how to setup a h3 reverse-proxy for testing [88]
o docs/INSTALL.md: typo fix : added missing "get" verb [31]
o docs/URL-SYNTAX.md: space is not fine in a given URL
o docs: add known bugs list to HTTP3.md [83]
o docs: address proselint nits [16]
o docs: consistent manpage SYNOPSIS [47]
o docs: fix dead links, remove ECH.md
o docs: fix typo in OpenSSL 3 build instructions [80]
o docs: Update the Reducing Size section
o example/progressfunc: remove code for old libcurls [78]
o examples/multi-single.c: remove WAITMS() [98]
o FAQ: typo fix : "yout" ➤ "your" [30]
o ftp: disable warning 4706 in MSVC [85]
o gen.pl: improve example output format [29]
o github workflow: add wolfssl (removed from zuul) [103]
o github/workflows: add mbedtls and mbedtls-clang (removed from zuul) [92]
o gtls: check return code for gnutls_alpn_set_protocols [86]
o hash: lazy-alloc the table in Curl_hash_add() [54]
o http2:set_transfer_url() return early on OOM [53]
o HTTP3: update quiche build instructions [37]
o http: enable haproxy support for hyper backend [20]
o http: Fix CURLOPT_HTTP200ALIASES [89]
o http_proxy: don't close the socket (too early) [100]
o insecure.d: detail its use for SFTP and SCP as well [32]
o insecure.d: expand and clarify [28]
o libcurl-multi.3: "SOCKS proxy handshakes" are not blocking
o libcurl-security.3: mention address and URL mitigations
o libssh2: fix error message for sha256 mismatch
o libtest: avoid "assignment within conditional expression" [84]
o lift: ignore is a deprecated config option, use ignoreRules [35]
o linkcheck.yml: add CI job that checks markdown links [82]
o m4/curl-compilers: tell clang -Wno-pointer-bool-conversion [99]
o Makefile.m32: rename -winssl option to -schannel and tidy up [33]
o mbedTLS: add support for CURLOPT_CAINFO_BLOB [44]
o mbedtls: fix CURLOPT_SSLCERT_BLOB [72]
o mbedtls: fix private member designations for v3.1.0 [93]
o misc: remove unused doh flags when CURL_DISABLE_DOH is defined [71]
o misc: s/e-mail/email [74]
o multi: cleanup the socket hash when destroying it [55]
o multi: handle errors returned from socket/timer callbacks [52]
o multi: shut down CONNECT in Curl_detach_connnection [2]
o netrc.d: edit the .netrc example to look nicer [24]
o ngtcp2: verify the server cert on connect (quictls) [102]
o ngtcp2: verify the server certificate for the gnutls case [101]
o nss:set_cipher don't clobber the cipher list [38]
o openldap: implement STARTTLS [56]
o openldap: process search query response messages one by one [50]
o openldap: several minor improvements [69]
o openldap: simplify ldif generation code [77]
o openssl: check the return value of BIO_new() [43]
o openssl: define HAVE_OPENSSL_VERSION for OpenSSL 1.1.0+
o openssl: remove `RSA_METHOD_FLAG_NO_CHECK` handling if unavailable
o openssl: remove usage of deprecated `SSL_get_peer_certificate`
o openssl: use non-deprecated API to read key parameters
o page-footer: add a mention of how to report bugs to the man page
o page-footer: document more environment variables [23]
o request.d: refer to 'method' rather than 'command' [59]
o retry-all-errors.d: make the example complete
o runtests: make the SSH library a testable feature
o rustls: read of zero bytes might be okay [9]
o rustls: remove comment about checking handshaking [15]
o rustls: remove incorrect EOF check [10]
o sha256/md5: return errors when init fails [79]
o socks5: use appropriate ATYP for numerical IP address host names [91]
o test1156: enable for hyper [65]
o test1156: fixup the stdout check for Windows [60]
o test1525: tweaked for hyper [64]
o test1526: enable for hyper [63]
o test1527: enable for hyper [62]
o test1528: enable for hyper [61]
o test1554: adjust for hyper [49]
o test1556: adjust for hyper [48]
o test302[12]: run only with the libssh2 backend [8]
o test661: enable for hyper [66]
o tests/CI.md: add more information on CI environments [39]
o tests/data/test302[12]: fix MSYS2 path conversion of hostpubsha256 [76]
o tftp: mark protocol as not possible to do over CONNECT [25]
o tool_findfile: updated search for a file in the homedir [46]
o tool_operate: only set SSH related libcurl options for SSH URLs [11]
o tool_operate: warn if too many output arguments were found [87]
o url.c: fix the SIGPIPE comment for Curl_close [4]
o url: check ssl_config when re-use proxy connection [81]
o url: reduce ssl backend count for CURL_DISABLE_PROXY builds [96]
o urlapi: accept port number zero [34]
o urlapi: if possible, shorten given numerical IPv6 addresses [95]
o urlapi: provide more detailed return codes [36]
o urlapi: reject short file URLs [41]
o version_win32: Check build number and platform id
o vtls/rustls: adapt to the updated rustls_version proto [19]
o writeout: fix %{http_version} for HTTP/3 [7]
o x509asn1: return early on errors [67]
o zuul.d: update rustls-ffi to version 0.8.2 [5]
o zuul: fix quiche build pointing to wrong Cargo [104]
This release includes the following known bugs:
o see docs/KNOWN_BUGS (https://curl.se/docs/knownbugs.html)
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Reviewed-by: Peter Müller <peter.mueller@ipfire.org>
- Update from 7.79.1 to 7.80.0
- Update of rootfile
- Changelog is too long to include here.
This update fixes 172 bugs the details of which can be found in the CHANGES file in
the source tarball.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
- Update from 7.76.1 to 7.77.0
- Update rootfile
- Changelog is too large to include here. It can be accesed at
https://curl.se/changes.html
There are 5 changes and 133 bug fixes of which 3 are related to CVE's
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- Update from 7.75.0 to 7.76.1
- Update of rootfile
- Changelog is too large to include here.
Full details can be found in the CHANGES file in the source tarball
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Hi,
For details see:
https://curl.haxx.se/changes.html
This came rather unexpected - if I'd known, I'd have waited with 7.63.0.
"Changes:
cookies: leave secure cookies alone
hostip: support wildcard hosts
http: Implement trailing headers for chunked transfers
http: added options for allowing HTTP/0.9 responses
timeval: Use high resolution timestamps on Windows
Bugfixes:
CVE-2018-16890: NTLM type-2 out-of-bounds buffer read
CVE-2019-3822: NTLMv2 type-3 header stack buffer overflow
CVE-2019-3823: SMTP end-of-response out-of-bounds read
FAQ: remove mention of sourceforge for github
OS400: handle memory error in list conversion
OS400: upgrade ILE/RPG binding.
README: add codacy code quality badge
Revert http_negotiate: do not close connection
THANKS: added several missing names from year <= 2000
build: make 'tidy' target work for metalink builds
cmake: added checks for variadic macros
cmake: updated check for HAVE_POLL_FINE to match autotools
cmake: use lowercase for function name like the rest of the code
configure: detect xlclang separately from clang
configure: fix recv/send/select detection on Android
configure: rewrite --enable-code-coverage
conncache_unlock: avoid indirection by changing input argument type
cookie: fix comment typo
cookies: allow secure override when done over HTTPS
cookies: extend domain checks to non psl builds
cookies: skip custom cookies when redirecting cross-site
curl --xattr: strip credentials from any URL that is stored
curl -J: refuse to append to the destination file
curl/urlapi.h: include "curl.h" first
curl_multi_remove_handle() don't block terminating c-ares requests
darwinssl: accept setting max-tls with default min-tls
disconnect: separate connections and easy handles better
disconnect: set conn->data for protocol disconnect
docs/version.d: mention MultiSSL
docs: fix the --tls-max description
docs: use $(INSTALL_DATA) to install man page
docs: use meaningless port number in CURLOPT_LOCALPORT example
gopher: always include the entire gopher-path in request
http2: clear pause stream id if it gets closed
if2ip: remove unused function Curl_if_is_interface_name
libssh: do not let libssh create socket
libssh: enable CURLOPT_SSH_KNOWNHOSTS and CURLOPT_SSH_KEYFUNCTION for libssh
libssh: free sftp_canonicalize_path() data correctly
libtest/stub_gssapi: use "real" snprintf
mbedtls: use VERIFYHOST
multi: multiplexing improvements
multi: set the EXPIRE_*TIMEOUT timers at TIMER_STARTSINGLE time
ntlm: fix NTMLv2 compliance
ntlm_sspi: add support for channel binding
openssl: adapt to 3.0.0, OpenSSL_version_num() is deprecated
openssl: fix the SSL_get_tlsext_status_ocsp_resp call
openvms: fix OpenSSL discovery on VAX
openvms: fix typos in documentation
os400: add a missing closing bracket
os400: fix extra parameter syntax error
pingpong: change default response timeout to 120 seconds
pingpong: ignore regular timeout in disconnect phase
printf: fix format specifiers
runtests.pl: Fix perl call to include srcdir
schannel: fix compiler warning
schannel: preserve original certificate path parameter
schannel: stop calling it "winssl"
sigpipe: if mbedTLS is used, ignore SIGPIPE
smb: fix incorrect path in request if connection reused
ssh: log the libssh2 error message when ssh session startup fails
test1558: verify CURLINFO_PROTOCOL on file:// transfer
test1561: improve test name
test1653: make it survive torture tests
tests: allow tests to pass by 2037-02-12
tests: move objnames-* from lib into tests
timediff: fix math for unsigned time_t
timeval: Disable MSVC Analyzer GetTickCount warning
tool_cb_prg: avoid integer overflow
travis: added cmake build for osx
urlapi: Fix port parsing of eol colon
urlapi: distinguish possibly empty query
urlapi: fix parsing ipv6 with zone index
urldata: rename easy_conn to just conn
winbuild: conditionally use /DZLIB_WINAPI
wolfssl: fix memory-leak in threaded use
spnego_sspi: add support for channel binding"
Best,
Matthias
Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
