Wednesday 18th May 2016
Local Packages
Updated curl to 7.49.0:
schannel: Add ALPN support
SSH: Support CURLINFO_FILETIME
SSH: New CURLOPT_QUOTE command "statvfs"
wolfssl: Add ALPN support
http2: Added --http2-prior-knowledge
http2: Added CURL_HTTP_VERSION_2_PRIOR_KNOWLEDGE
libcurl: Added CURLOPT_CONNECT_TO
curl: Added --connect-to
libcurl: Added CURLOPT_TCP_FASTOPEN
curl: Added --tcp-fastopen
curl: Remove support for --ftpport, -http-request and --socks (deprecated versions since around 10 years)
CVE-2016-3739: TLS certificate check bypass with mbedTLS/PolarSSL
checksrc.bat: Updated the help to be consistent with generate.bat
checksrc.bat: Added support for scanning the tests and examples
openssl: Fix ERR_remove_thread_state() for boringssl/libressl
- openssl: boringssl provides the same numbering as openssl
multi: Fix "Operation timed out after" timer
url: Don't use bad offset in tld_check_name to show error
sshserver.pl: Use quotes for given options
Makefile.am: Skip the scripts dir
curl: Warn for --capath use if not supported by libcurl
- http2: Fix connection reuse
GSS: Make Curl_gss_log_error more verbose
- build-wolfssl: Allow a broader range of ciphers (Visual Studio)
- wolfssl: Use ECC supported curves extension
- openssl: Fix compilation warnings
Curl_add_buffer_send: Avoid possible NULL dereference
SOCKS5_gssapi_negotiate: Don't assume little-endian ints
strerror: Don't bit shift a signed integer
url: Corrected get protocol family for FTP and LDAP
curl/mprintf.h: Remove support for _MPRINTF_REPLACE
upload: Missing rewind call could make libcurl hang
- IMAP: Check pointer before dereferencing it
- build: Changed the Visual Studio project's warning level from 3 to 4
checksrc: Now stricter, wider checks, code cleaned up
checksrc: Added docs/CHECKSRC.md
curl_sasl: Fixed potential null pointer utilization
- krb5: Fixed missing client response when mutual authentication enabled
- krb5: Only process challenge when present
- krb5: Only generate a SPN when it's not known
formdata: Use appropriate fopen() macros
curl.1: -w filename_effective was introduced in 7.26.0
http2: Make use of the nghttp2 error callback
http2: Fix connection reuse when PING comes after last DATA
curl.1: Change example for -F
- HTTP2: Add a space character after the status code
curl.1: Use example.com more
mbedtls.c: Changed private prefix to mbed_
mbedtls: Implement and provide *_data_pending() to avoid hang
mbedtls: Fix MBEDTLS_DEBUG builds
- ftp/imap/pop3/smtp: Allow the service name to be overridden
CURLOPT_SOCKS5_GSSAPI_SERVICE: Merged with CURLOPT_PROXY_SERVICE_NAME
build: Include scripts/ in the dist
- http2: Add handling stream level error
- http2: Improve header parsing
makefile.vc6: Use d suffix on debug object
configure: Remove check for libresolve
scripts/make: Use $(EXEEXT) for executables
checksrc: Got rid of the whitelist files
sendf: Added ability to call recv() before send() as workaround
NTLM: Check for NULL pointer before dereferencing
- openssl: Builds with OpenSSL 1.1.0-pre5
configure: ac_cv_ → curl_cv_ for all cached vars
winbuild: Add mbedtls support
curl: Make --ftp-create-dirs retry on failure
- PolarSSL: Implement public key pinning
multi: Accidentally used resolved host name instead of proxy
CURLINFO_TLS_SESSION.3: clarify TLS library support before 7.48.0
CONNECT_ONLY: Don't close connection on GSS 401/407 responses
- opts: Fix some syntax errors in example code fragments
- mbedtls: Fix session resume
test1139: Verifies libcurl option man page presence
CURLINFO_TLS_SSL_PTR.3: Clarify SSL pointer availability
curl: Make --disable work as long form of -q
curl: Use --telnet-option as documented
curl.1: Document --ftp-ssl-reqd, --krb4 and --ntlm-wb
curl: -h output lacked --proxy-header and --ntlm-wb
curl -J: Make it work even without http:// scheme on URL
lib: Include curl_printf.h as one of the last headers
- tests: Handle path properly on Msys/Cygwin
curl.1: --mail-rcpt can be used multiple times
CURLOPT_ACCEPT_ENCODING.3: Clarified
- docs: Fixed lots of broken man page references
tls: Make setting pinnedkey option fail if not supported
test1140: Run nroff-scan to verify man pages
http: Make sure a blank header overrides accept_decoding
- connections: Do not reuse non-HTTP proxies on different ports
connect: Fix invalid "Network is unreachable" errors
- TLS: Move the ALPN/NPN enable bits to the connection
TLS: SSL_peek is not a const operation
- http2: Add space between colon and header value
- darwinssl: Fix certificate verification disable on OS X 10.8
mprintf: Fix processing of width and prec args
ftp wildcard: segfault due to init only in multi_perform
Cleaned up (added perl-generators as build requirement, simplified find commands using -empty and -delete options) perl-B-Hooks-OP-Annotation (0.44), perl-Data-UUID (1.221), perl-Taint-Util (0.08) and perl-true (0.18)