#acl PaulHowarth:read,write,admin,revert,delete All:read === Wednesday 24th June 2020 === ==== Local Packages ==== * Updated `curl` to 7.71.0: * `CURLOPT_SSL_OPTIONS`: Optional use of Windows' CA store (with `openssl`) * `setopt`: Add `CURLOPT_PROXY_ISSUERCERT(_BLOB)` for coherency * `setopt`: Support certificate options in memory with `struct curl_blob` * tool: Add option `--retry-all-errors` to retry on any error * [[CVE:2020-8177|CVE-2020-8177]]: curl overwrite local file with `-J` * [[CVE:2020-8169|CVE-2020-8169]]: Partial password leak over DNS on HTTP redirect * `*_sspi`: Fix bad uses of `CURLE_NOT_BUILT_IN` * all: Fix codespell errors * altsvc: Bump to `h3-29` * altsvc: Fix '`dsthost`' may be used uninitialized in this function * altsvc: Fix parser for lines ending with CRLF * altsvc: Remove the `num` field from the altsvc struct * appveyor: Add non-debug plain autotools-based build * appveyor: Disable flaky test 1501 and ignore broken 1056 * appveyor: Disable test 1139 instead of ignoring it * `asyn-*`: Remove support for never-used `NULL` entry pointers * azure: Use matrix strategy to avoid configuration redundancy * build: Disable more code/data when built without proxy support * `buildconf`: Remove `-print` from the `find` command that removes files * `checksrc`: Enhance the `ASTERISKSPACE` and update code accordingly * CI/macos: Fix 'is already installed' errors by using bundle * cirrus: Disable SFTP and SCP tests * CMake: Add `ENABLE_ALT_SVC` option * CMake: Add HTTP/3 support (`ngtcp2+nghttp3`, `quiche`) * CMake: Add `libssh` build support * CMake: Do not build test programs by default * CMake: Fix `runtests.pl` with CMake, add new test targets * CMake: Ignore `INTERFACE_LIBRARY` targets for `pkg-config` file * CMake: Rebuild `Makefile.inc.cmake` when `Makefile.inc` changes * `CODE_REVIEW.md`: how to do code reviews in `curl` * `configure`: Fix `pthread` check with static `boringssl` * `configure`: For wolfSSL, check for the `DES` func needed for NTLM * `configure`: Only strip first `-L` from `LDFLAGS` * `configure`: Repair the check if `argv` can be written to * `configure`: The `wolfssh` backend does not provide SCP * `connect`: Improve happy eyeballs handling * `connect`: Make happy eyeballs work for QUIC (again) * `curl.1`: Quote globbed URLs * `curl`: Remove `-J` "informational" written on `stdout` * `Curl_addrinfo`: Use one `malloc` instead of three * `CURLINFO_ACTIVESOCKET.3`: Clarify the description * doc: Add missing closing parenthesis in `CURLINFO_SSL_VERIFYRESULT.3` * doc: Rename `VERSIONS` to `VERSIONS.md` as it already has Markdown syntax * `docs/HTTP3`: Add `qlog` to the `quiche` build instruction * `docs/options-in-versions`: Which version added each cmdline option * docs: Unify protocol lists * `dynbuf`: Introduce internal generic dynamic buffer functions * `easy`: Fix dangling pointer on `easy_perform` fail * `examples/ephiperfifo`: Turn off interval when setting `timerfd` * `examples/http2-down/upload`: Add error checks * examples: Remove `asiohiper.cpp` * `FILEFORMAT`: Add more features that tests can depend on * `FILEFORMAT`: Describe `verify`/`stderr` * ftp: Make `domore_getsock()` return the secondary socket properly * ftp: Mark `return`-ignoring calls to `Curl_GetFTPResponse` with `(void)` * ftp: Shut down the secondary connection properly when SSL is used * GnuTLS: Backend support for `CURLINFO_SSL_VERIFYRESULT` * `hostip`: Make `Curl_printable_address` not return anything * `hostip`: On macOS avoid DoH when given a numerical IP address * http2: Keep trying to send pending frames after `req.upload_done` * http2: Simplify and clean up trailer handling * `HTTP3.md`: Clarify cargo build directory * http: Move header storage to `Curl_easy` from `connectdata` * `libcurl.pc`: Merge `Libs.private` into `Libs` for static-only builds * `libssh2`: Improved error output for wrong quote syntax * `libssh2`: Keep sftp errors as '`unsigned long`' * `libssh2`: Set the expected total size in SCP upload init * `libtest/cmake`: Remove commented code * `list-only.d`: This option existed already in 4.0 * manpage: Add three missing environment variables * multi: Add defensive check on `data->multi->num_alive` * multi: Implement wait using winsock events * `ngtcp2`: Clean up memory when failing to connect * `ngtcp2`: Fix build with current `ngtcp2` master implementing draft 28 * `ngtcp2`: Fix happy eyeballs quic connect crash * `ngtcp2`: Introduce qlog support * `ngtcp2`: Never call `fprintf()` in lib code in release version * `ngtcp2`: Update with recent API changes * ntlm: Enable NTLM support with wolfSSL * OpenSSL: Have `CURLOPT_CRLFILE` imply `CURLSSLOPT_NO_PARTIALCHAIN` * `openssl`: Set `FLAG_TRUSTED_FIRST` unconditionally * projects: Add `crypt32.lib` to dependencies for all OpenSSL configs * quiche: Clean up memory properly when failing to connect * quiche: Enable `qlog` output * quiche: Update `SSLKEYLOGFILE` support * Revert "buildconf: use find -execdir" * Revert "ssh: ignore timeouts during disconnect" * `runtests`: Remove sleep calls * `runtests`: Show elapsed test time with higher precision (ms) * `select`: Always use `Sleep` in `Curl_wait_ms` on Win32 * `select`: Fix overflow protection in `Curl_socket_check` * `sendf`: Make `failf()` use the `mvsnprintf()` return code * `server/sws`: Fix asan warning on use of uninitialized variable * `server/util`: Fix `logmsg` format using `curl_off_t` argument * `sha256`: Fixed potentially uninitialized variable * share: Don't set the `share` flag if something fails * `sockfilt`: Make `select_ws` stop waiting on exit signal event * socks: Detect connection close during handshake * socks: Fix expected length of SOCKS5 reply * socks: Remove unreachable `break`s in `socks.c` and `mime.c` * source clean-up: Remove all custom `typedef structs` * `test1167`: Fixes in `badsymbols.pl` * `test1177`: Look for `curl.h` in source directory * `test1238`: Avoid `tftpd` being busy for tests shortly following * `test613.pl`: Make tests 613 and 614 work with OpenSSH for Windows * `test75`: Remove `precheck` test * tests: Add https-proxy support to the test suite * tests: Add support for SSH server variant specific transfer paths * tests: Add two simple tests for `--login-options` * tests: Make test 1248 + 1249 use `%NOLISTENPORT` * tests: Pick a random port number for SSH * tests: Run `stunnel` for HTTPS and FTPS on dynamic ports * timeouts: Change millisecond timeouts to `timediff_t` from `time_t` * timeouts: Move ms timeouts to `timediff_t` from `int` and `long` * tool: Fix up a few `--help` descriptions * tool: Support UTF-16 command line on Windows * `tool_cfgable`: free `login_options` at exit * `tool_getparam`: Fix memory leak in `parse_args` * `tool_operate`: Fixed potentially uninitialized variables * `tool_paramhlp`: Fixed potentially uninitialized `strtol()` variable * transfer: Close connection after excess data has been read * travis: Add "`qlog`" as feature in the `quiche` build * travis: Add `ngtcp2` and `quiche` tests for CMake * travis: Upgrade to `bionic`, `clang-9`, improve readability * `typecheck-gcc.h`: `CURLINFO_PRIVATE` does not need a '`char *`' * `unit1604.c`: Fix implicit conv from '`SANITIZEcode`' to '`CURLcode`' * url: Accept "any length" credentials for proxy auth * url: `alloc` the download buffer at transfer start * url: Reject too long input when parsing credentials * url: Sort the protocol schemes in rough popularity order * urlapi: Accept `::` as a valid IPv6 address * urldata: Leave the HTTP method untouched in the `set.*` `struct` * urlglob: Treat literal IPv6 addresses with zone IDs as a host name * `user-agent.d`: Spell out what happens given a blank argument * `vauth/cleartext`: Fix theoretical integer overflow * `version.d`: Expanded and alpha-sorted * vtls: Extract and simplify key log file handling from OpenSSL * wolfssl: Add `SSLKEYLOGFILE` support * wording: Avoid blacklist/whitelist stereotypes * `write-out.d`: Added "`response_code`" ----