PaulHowarth/Blog/2016-05-18

Wednesday 18th May 2016

Local Packages

  • Updated curl to 7.49.0:

    • schannel: Add ALPN support

    • SSH: Support CURLINFO_FILETIME

    • SSH: New CURLOPT_QUOTE command "statvfs"

    • wolfssl: Add ALPN support

    • http2: Added --http2-prior-knowledge

    • http2: Added CURL_HTTP_VERSION_2_PRIOR_KNOWLEDGE

    • libcurl: Added CURLOPT_CONNECT_TO

    • curl: Added --connect-to

    • libcurl: Added CURLOPT_TCP_FASTOPEN

    • curl: Added --tcp-fastopen

    • curl: Remove support for --ftpport, -http-request and --socks (deprecated versions since around 10 years)

    • CVE-2016-3739: TLS certificate check bypass with mbedTLS/PolarSSL

    • checksrc.bat: Updated the help to be consistent with generate.bat

    • checksrc.bat: Added support for scanning the tests and examples

    • openssl: Fix ERR_remove_thread_state() for boringssl/libressl

    • openssl: boringssl provides the same numbering as openssl
    • multi: Fix "Operation timed out after" timer

    • url: Don't use bad offset in tld_check_name to show error

    • sshserver.pl: Use quotes for given options

    • Makefile.am: Skip the scripts dir

    • curl: Warn for --capath use if not supported by libcurl

    • http2: Fix connection reuse
    • GSS: Make Curl_gss_log_error more verbose

    • build-wolfssl: Allow a broader range of ciphers (Visual Studio)
    • wolfssl: Use ECC supported curves extension
    • openssl: Fix compilation warnings
    • Curl_add_buffer_send: Avoid possible NULL dereference

    • SOCKS5_gssapi_negotiate: Don't assume little-endian ints

    • strerror: Don't bit shift a signed integer

    • url: Corrected get protocol family for FTP and LDAP

    • curl/mprintf.h: Remove support for _MPRINTF_REPLACE

    • upload: Missing rewind call could make libcurl hang

    • IMAP: Check pointer before dereferencing it
    • build: Changed the Visual Studio project's warning level from 3 to 4
    • checksrc: Now stricter, wider checks, code cleaned up

    • checksrc: Added docs/CHECKSRC.md

    • curl_sasl: Fixed potential null pointer utilization

    • krb5: Fixed missing client response when mutual authentication enabled
    • krb5: Only process challenge when present
    • krb5: Only generate a SPN when it's not known
    • formdata: Use appropriate fopen() macros

    • curl.1: -w filename_effective was introduced in 7.26.0

    • http2: Make use of the nghttp2 error callback

    • http2: Fix connection reuse when PING comes after last DATA

    • curl.1: Change example for -F

    • HTTP2: Add a space character after the status code
    • curl.1: Use example.com more

    • mbedtls.c: Changed private prefix to mbed_

    • mbedtls: Implement and provide *_data_pending() to avoid hang

    • mbedtls: Fix MBEDTLS_DEBUG builds

    • ftp/imap/pop3/smtp: Allow the service name to be overridden
    • CURLOPT_SOCKS5_GSSAPI_SERVICE: Merged with CURLOPT_PROXY_SERVICE_NAME

    • build: Include scripts/ in the dist

    • http2: Add handling stream level error
    • http2: Improve header parsing
    • makefile.vc6: Use d suffix on debug object

    • configure: Remove check for libresolve

    • scripts/make: Use $(EXEEXT) for executables

    • checksrc: Got rid of the whitelist files

    • sendf: Added ability to call recv() before send() as workaround

    • NTLM: Check for NULL pointer before dereferencing

    • openssl: Builds with OpenSSL 1.1.0-pre5
    • configure: ac_cv_curl_cv_ for all cached vars

    • winbuild: Add mbedtls support

    • curl: Make --ftp-create-dirs retry on failure

    • PolarSSL: Implement public key pinning
    • multi: Accidentally used resolved host name instead of proxy

    • CURLINFO_TLS_SESSION.3: clarify TLS library support before 7.48.0

    • CONNECT_ONLY: Don't close connection on GSS 401/407 responses

    • opts: Fix some syntax errors in example code fragments
    • mbedtls: Fix session resume
    • test1139: Verifies libcurl option man page presence

    • CURLINFO_TLS_SSL_PTR.3: Clarify SSL pointer availability

    • curl: Make --disable work as long form of -q

    • curl: Use --telnet-option as documented

    • curl.1: Document --ftp-ssl-reqd, --krb4 and --ntlm-wb

    • curl: -h output lacked --proxy-header and --ntlm-wb

    • curl -J: Make it work even without http:// scheme on URL

    • lib: Include curl_printf.h as one of the last headers

    • tests: Handle path properly on Msys/Cygwin
    • curl.1: --mail-rcpt can be used multiple times

    • CURLOPT_ACCEPT_ENCODING.3: Clarified

    • docs: Fixed lots of broken man page references
    • tls: Make setting pinnedkey option fail if not supported

    • test1140: Run nroff-scan to verify man pages

    • http: Make sure a blank header overrides accept_decoding

    • connections: Do not reuse non-HTTP proxies on different ports
    • connect: Fix invalid "Network is unreachable" errors

    • TLS: Move the ALPN/NPN enable bits to the connection
    • TLS: SSL_peek is not a const operation

    • http2: Add space between colon and header value
    • darwinssl: Fix certificate verification disable on OS X 10.8
    • mprintf: Fix processing of width and prec args

    • ftp wildcard: segfault due to init only in multi_perform

  • Cleaned up (added perl-generators as build requirement, simplified find commands using -empty and -delete options) perl-B-Hooks-OP-Annotation (0.44), perl-Data-UUID (1.221), perl-Taint-Util (0.08) and perl-true (0.18)


Recent