PaulHowarth/Blog/2020-06-24

Wednesday 24th June 2020

Local Packages

• Updated curl to 7.71.0:

  • CURLOPT_SSL_OPTIONS: Optional use of Windows' CA store (with openssl)

  • setopt: Add CURLOPT_PROXY_ISSUERCERT(_BLOB) for coherency

  • setopt: Support certificate options in memory with struct curl_blob

  • tool: Add option --retry-all-errors to retry on any error

  • CVE-2020-8177: curl overwrite local file with -J

  • CVE-2020-8169: Partial password leak over DNS on HTTP redirect

  • *_sspi: Fix bad uses of CURLE_NOT_BUILT_IN

  • all: Fix codespell errors

  • altsvc: Bump to h3-29

  • altsvc: Fix 'dsthost' may be used uninitialized in this function

  • altsvc: Fix parser for lines ending with CRLF

  • altsvc: Remove the num field from the altsvc struct

  • appveyor: Add non-debug plain autotools-based build
  • appveyor: Disable flaky test 1501 and ignore broken 1056
  • appveyor: Disable test 1139 instead of ignoring it

  • asyn-*: Remove support for never-used NULL entry pointers

  • azure: Use matrix strategy to avoid configuration redundancy
  • build: Disable more code/data when built without proxy support

  • buildconf: Remove -print from the find command that removes files

  • checksrc: Enhance the ASTERISKSPACE and update code accordingly

  • CI/macos: Fix 'is already installed' errors by using bundle
  • cirrus: Disable SFTP and SCP tests

  • CMake: Add ENABLE_ALT_SVC option

  • CMake: Add HTTP/3 support (ngtcp2+nghttp3, quiche)

  • CMake: Add libssh build support

  • CMake: Do not build test programs by default

  • CMake: Fix runtests.pl with CMake, add new test targets

  • CMake: Ignore INTERFACE_LIBRARY targets for pkg-config file

  • CMake: Rebuild Makefile.inc.cmake when Makefile.inc changes

  • CODE_REVIEW.md: how to do code reviews in curl

  • configure: Fix pthread check with static boringssl

  • configure: For wolfSSL, check for the DES func needed for NTLM

  • configure: Only strip first -L from LDFLAGS

  • configure: Repair the check if argv can be written to

  • configure: The wolfssh backend does not provide SCP

  • connect: Improve happy eyeballs handling

  • connect: Make happy eyeballs work for QUIC (again)

  • curl.1: Quote globbed URLs

  • curl: Remove -J "informational" written on stdout

  • Curl_addrinfo: Use one malloc instead of three

  • CURLINFO_ACTIVESOCKET.3: Clarify the description

  • doc: Add missing closing parenthesis in CURLINFO_SSL_VERIFYRESULT.3

  • doc: Rename VERSIONS to VERSIONS.md as it already has Markdown syntax

  • docs/HTTP3: Add qlog to the quiche build instruction

  • docs/options-in-versions: Which version added each cmdline option

  • docs: Unify protocol lists

  • dynbuf: Introduce internal generic dynamic buffer functions

  • easy: Fix dangling pointer on easy_perform fail

  • examples/ephiperfifo: Turn off interval when setting timerfd

  • examples/http2-down/upload: Add error checks

  • examples: Remove asiohiper.cpp

  • FILEFORMAT: Add more features that tests can depend on

  • FILEFORMAT: Describe verify/stderr

  • ftp: Make domore_getsock() return the secondary socket properly

  • ftp: Mark return-ignoring calls to Curl_GetFTPResponse with (void)

  • ftp: Shut down the secondary connection properly when SSL is used

  • GnuTLS: Backend support for CURLINFO_SSL_VERIFYRESULT

  • hostip: Make Curl_printable_address not return anything

  • hostip: On macOS avoid DoH when given a numerical IP address

  • http2: Keep trying to send pending frames after req.upload_done

  • http2: Simplify and clean up trailer handling

  • HTTP3.md: Clarify cargo build directory

  • http: Move header storage to Curl_easy from connectdata

  • libcurl.pc: Merge Libs.private into Libs for static-only builds

  • libssh2: Improved error output for wrong quote syntax

  • libssh2: Keep sftp errors as 'unsigned long'

  • libssh2: Set the expected total size in SCP upload init

  • libtest/cmake: Remove commented code

  • list-only.d: This option existed already in 4.0

  • manpage: Add three missing environment variables

  • multi: Add defensive check on data->multi->num_alive

  • multi: Implement wait using winsock events

  • ngtcp2: Clean up memory when failing to connect

  • ngtcp2: Fix build with current ngtcp2 master implementing draft 28

  • ngtcp2: Fix happy eyeballs quic connect crash

  • ngtcp2: Introduce qlog support

  • ngtcp2: Never call fprintf() in lib code in release version

  • ngtcp2: Update with recent API changes

  • ntlm: Enable NTLM support with wolfSSL

  • OpenSSL: Have CURLOPT_CRLFILE imply CURLSSLOPT_NO_PARTIALCHAIN

  • openssl: Set FLAG_TRUSTED_FIRST unconditionally

  • projects: Add crypt32.lib to dependencies for all OpenSSL configs

  • quiche: Clean up memory properly when failing to connect

  • quiche: Enable qlog output

  • quiche: Update SSLKEYLOGFILE support

  • Revert "buildconf: use find -execdir"
  • Revert "ssh: ignore timeouts during disconnect"

  • runtests: Remove sleep calls

  • runtests: Show elapsed test time with higher precision (ms)

  • select: Always use Sleep in Curl_wait_ms on Win32

  • select: Fix overflow protection in Curl_socket_check

  • sendf: Make failf() use the mvsnprintf() return code

  • server/sws: Fix asan warning on use of uninitialized variable

  • server/util: Fix logmsg format using curl_off_t argument

  • sha256: Fixed potentially uninitialized variable

  • share: Don't set the share flag if something fails

  • sockfilt: Make select_ws stop waiting on exit signal event

  • socks: Detect connection close during handshake
  • socks: Fix expected length of SOCKS5 reply

  • socks: Remove unreachable breaks in socks.c and mime.c

  • source clean-up: Remove all custom typedef structs

  • test1167: Fixes in badsymbols.pl

  • test1177: Look for curl.h in source directory

  • test1238: Avoid tftpd being busy for tests shortly following

  • test613.pl: Make tests 613 and 614 work with OpenSSH for Windows

  • test75: Remove precheck test

  • tests: Add https-proxy support to the test suite
  • tests: Add support for SSH server variant specific transfer paths

  • tests: Add two simple tests for --login-options

  • tests: Make test 1248 + 1249 use %NOLISTENPORT

  • tests: Pick a random port number for SSH

  • tests: Run stunnel for HTTPS and FTPS on dynamic ports

  • timeouts: Change millisecond timeouts to timediff_t from time_t

  • timeouts: Move ms timeouts to timediff_t from int and long

  • tool: Fix up a few --help descriptions

  • tool: Support UTF-16 command line on Windows

  • tool_cfgable: free login_options at exit

  • tool_getparam: Fix memory leak in parse_args

  • tool_operate: Fixed potentially uninitialized variables

  • tool_paramhlp: Fixed potentially uninitialized strtol() variable

  • transfer: Close connection after excess data has been read

  • travis: Add "qlog" as feature in the quiche build

  • travis: Add ngtcp2 and quiche tests for CMake

  • travis: Upgrade to bionic, clang-9, improve readability

  • typecheck-gcc.h: CURLINFO_PRIVATE does not need a 'char *'

  • unit1604.c: Fix implicit conv from 'SANITIZEcode' to 'CURLcode'

  • url: Accept "any length" credentials for proxy auth

  • url: alloc the download buffer at transfer start

  • url: Reject too long input when parsing credentials
  • url: Sort the protocol schemes in rough popularity order

  • urlapi: Accept :: as a valid IPv6 address

  • urldata: Leave the HTTP method untouched in the set.* struct

  • urlglob: Treat literal IPv6 addresses with zone IDs as a host name

  • user-agent.d: Spell out what happens given a blank argument

  • vauth/cleartext: Fix theoretical integer overflow

  • version.d: Expanded and alpha-sorted

  • vtls: Extract and simplify key log file handling from OpenSSL

  • wolfssl: Add SSLKEYLOGFILE support

  • wording: Avoid blacklist/whitelist stereotypes

  • write-out.d: Added "response_code"