Wednesday 22nd April 2015
Local Packages
Updated curl to 7.42.0:
openssl: Show the cipher selection to use in verbose text
gtls: Implement CURLOPT_CERTINFO
Add CURLOPT_SSL_FALSESTART option (darwinssl and NSS)
curl: Add --false-start option
Add CURLOPT_PATH_AS_IS
curl: Add --path-as-is option
curl: Create output file on successful download of an empty file
ConnectionExists: For NTLM re-use, require credentials to match (CVE-2015-3143)
Cookie: Cookie parser out of boundary memory access (CVE-2015-3145)
fix_hostname: Zero length host name caused -1 index offset (CVE-2015-3144)
http_done: Close Negotiate connections when done (CVE-2015-3148)
sws: Timeout idle CONNECT connections
nss: Improve error handling in Curl_nss_random()
nss: Do not skip Curl_nss_seed() if data is NULL
curl-config.in: Eliminate double quotes around CURL_CA_BUNDLE
http2: Move lots of verbose output to be debug-only
dist: Add extern-scan.pl to the tarball
http2: Return recv error on unexpected EOF
Build: Use default RandomizedBaseAddress directive in VC9+ project files
Build: Removed DataExecutionPrevention directive from VC9+ project files
Tool: Updated the warnf() function to use the GlobalConfig structure
http2: Return error if stream was closed with other than NO_ERROR
mprintf.h: Remove #ifdef CURLDEBUG
libtest: Fixed linker errors on msvc
Tool: Use ENABLE_CURLX_PRINTF instead of _MPRINTF_REPLACE
curl.1: Fix "The the" typo
cmake: Handle build definitions CURLDEBUG/DEBUGBUILD
openssl: Remove all uses of USE_SSLEAY
multi: Fix memory-leak on timeout (regression)
curl_easy_setopt.3: Added CURLOPT_SSL_VERIFYSTATUS
metalink: Add some error checks
TLS: Make it possible to enable ALPN/NPN without HTTP/2
http2: Use CURL_HTTP_VERSION_* symbols instead of NPN_*
conncontrol: Only log changes to the connection bit
multi: Fix *getsock() with CONNECT
symbols.pl: Handle '-' in the deprecated field
MacOSX-Framework: Use @rpath instead of @executable_path
GnuTLS: Add support for CURLOPT_CAPATH
- GnuTLS: Print negotiated TLS version and full cipher suite name
- GnuTLS: Don't print double newline after certificate dates
memanalyze.pl: Handle free(NULL)
- proxy: Re-use proxy connections (regression)
mk-ca-bundle: Don't report SHA1 numbers with "-q"
http: Always send Host: header as first header
openssl: Sort ciphers to use based on strength
openssl: Use colons properly in the ciphers list
http2: Detect premature close without data transferred
hostip: Fix signal race in Curl_resolv_timeout
closesocket: Call multi socket callback on close even with custom close
mksymbolsmanpage.pl: Use std header and generate better nroff header
connect: Fix happy eyeballs logic for IPv4-only builds
curl_easy_perform.3: Remove superfluous close brace from example
HTTP: Don't use Expect: headers when on HTTP/2
Curl_sh_entry: Remove unused 'timestamp'
docs/libcurl: Makefile portability fix
mkhelp: Remove trailing carriage return from every line of input
nss: Explicitly tell NSS to disable NPN/ALPN when libcurl disables it
curl_easy_setopt.3: Added a few missing options
metalink: Fix resource leak in OOM
axtls: Version 1.5.2 now requires that config.h be manually included
HTTP: Don't switch to HTTP/2 from 1.1 until we get the 101
cyassl: Detect the library as renamed wolfssl
CURLOPT_HTTPHEADER.3: Add a "SECURITY CONCERNS" section
CURLOPT_URL.3: Added "SECURITY CONCERNS"
openssl: Try to avoid accessing OCSP structs when possible
test938: Added missing closing tags
testcurl: Allow '=' in values given on command line
tests/certs: Added make target to rebuild certificates
tests/certs: Rebuild certificates with modified key usage bits
gtls: Avoid uninitialized variable
gtls: Dereferencing NULL pointer
gtls: Add check of return code
test1513: Eliminated race condition in test run
dict: Rename byte to avoid compiler shadowed declaration warning
curl_easy_recv/send: Make them work with the multi interface
vtls: Fix compile with --disable-crypto-auth but with SSL
openssl: Adapt to ASN1/X509 things gone opaque in 1.1
openssl: verifystatus: Only use the OCSP work-around ≤ 1.0.2a
curl_memory: Make curl_memory.h the second-last header file loaded
testcurl.pl: Add the --notes option to supply more info about a build
cyassl: If wolfSSL then identify as such in version string
cyassl: Check for invalid length parameter in Curl_cyassl_random
cyassl: Default to highest possible TLS version
Curl_ssl_md5sum: Return CURLcode (fixes OOM)
polarssl: Remove dead code
polarssl: Called mbedTLS in 1.3.10 and later
- Globbing: Fix step parsing for character globbing ranges
- Globbing: Fix URL number calculation when using range with step
multi: On a request completion, check all CONNECT_PEND transfers
Build: Link curl to openssl libraries when openssl support is enabled
url: Don't accept CURLOPT_SSLVERSION unless USE_SSL is defined
vtls: Don't accept unknown CURLOPT_SSLVERSION values
Build: Fix libcurl.sln erroneous mixed configurations
cyassl: Remove undefined reference to CyaSSL_no_filesystem_verify
cyassl: Add SSL context callback support for CyaSSL
- Tool: Only set SSL options if SSL is enabled
multi: Remove_handle: move pending connections
configure: Use KRB5CONFIG for krb5-config
axtls: Add timeout within Curl_axtls_connect
CURLOPT_HTTP200ALIASES.3: Mainly SHOUTcast servers use "ICY 200"
cyassl: Fix library initialization return value
Cookie: Handle spaces after the name in Set-Cookie
http2: Fix missing nghttp2_session_send call in Curl_http2_switched
cyassl: Fix certificate load check
build-openssl.bat: Fix mixed line endings
checksrc.bat: Check lib\vtls source
- DNS: Fix refreshing of obsolete dns cache entries
CURLOPT_RESOLVE: Actually implement removals
checksrc.bat: Quotes to support a SRC_DIR with spaces
cyassl: Remove 'Connecting to' message from cyassl_connect_step2
cyassl: Use CYASSL_MAX_ERROR_SZ for error buffer size
lib/transfer.c: Remove factor of 8 from sleep time calculation
lib/makefile.m32: Add missing libs to build libcurl.dll
Build: Generate source prerequisites for Visual Studio in generate.bat
cyassl: Include the CyaSSL build config
firefox-db2pem: Fix wildcard to find Firefox default profile
BUGS: Refer to the github issue tracker now as primary
vtls_openssl: Improve several certificate error messages
cyassl: Add support for TLS extension SNI
parsecfg: Do not continue past a zero termination
configure --with-nss=PATH: Query pkg-config if available
configure --with-nss: Drop redundant if statement
cyassl: Fix include order
HTTP: Fix PUT regression with Negotiate
curl_version_info.3: Fixed the 'protocols' variable type
Updated perl-File-ShareDir-ProjectDistDir to 1.000007:
- Add a deterrent notice