PaulHowarth/Blog/2021-11-10

Wednesday 10th November 2021

Fedora Project

  • Updated perl-Finance-Quote (1.51) in F-35 and Rawhide to add explicit dependency on perl(LWP::Protocol::https) (Bug #2021755)

  • Updated python-crypto (2.6.1) in Rawhide to fix Python 3.11 compatibility (Bug #2021808)

Local Packages

  • Updated curl to 7.80.0:

    • CURLOPT_MAXLIFETIME_CONN: Maximum allowed lifetime for conn reuse

    • CURLOPT_PREREQFUNCTION: Add new callback

    • libssh2: Add SHA256 fingerprint support

    • urlapi: Add curl_url_strerror()

    • urlapi: Support UNC paths in file: URLs on Windows

    • wolfssl: Allow setting of groups/curves

    • .github: Retry macos "brew install" command on failure

    • aws-sigv4: Make signature work when post data is binary

    • BINDINGS: URL updates

    • build: Remove checks for WinSock 1

    • c-hyper: Don't abort CONNECT responses early when auth-in-progress

    • c-hyper: Make Curl_http propagate errors better

    • c-hyper: Make CURLOPT_SUPPRESS_CONNECT_HEADERS work

    • c-hyper: Make test 217 run

    • c-hyper: Use hyper_request_set_uri_parts to make h2 better

    • checksrc: Ignore preprocessor lines

    • CI/makefiles: Introduce dedicated test target

    • ci: Update Lift config to match requirements of curl build
    • cirrus: Remove FreeBSD 11.4 from the matrix

    • cirrus: Switch to openldap24-client

    • cleanup: constify unmodified static structs

    • cmake: Add CURL_ENABLE_SSL option

    • cmake: Fix error getting LOCATION property on non-imported target

    • cmake: Restore support for SecureTransport on iOS

    • cmake: With OpenSSL, define OPENSSL_SUPPRESS_DEPRECATED

    • cmdline-opts: Made the 'Added:' field mandatory

    • configure.ac: Replace krb5-config with pkg-config

    • configure: When hyper is selected, deselect nghttp2

    • connect: Use sysaddr_un from sys/un.h or custom-defined for Windows

    • curl-confopts.m4: Remove --enable/disable-hidden-symbols

    • curl-openssl.m4: Modify library order for openssl linking

    • curl-openssl: Pass argument to sed single-quoted

    • curl.1: Remove mentions of really old version changes

    • curl: Actually append "-" to --range without number only

    • curl: Correct grammar in generated libcurl code

    • curl: Print help descriptions in an aligned right column

    • curl_gssapi: Fix link error on macOS Monterey

    • curl_multi_socket_action.3: Add a "RETURN VALUE" section

    • curl_ntlm_core: Use OpenSSL only if DES is available

    • Curl_updateconninfo: Store addresses for QUIC connections too

    • CURLOPT_ALTSVC_CTRL.3: Mention conn reuse is preferred

    • CURLOPT_HSTSWRITEFUNCTION.3: Using CURLOPT_HSTS_CTRL is required

    • CURLOPT_HTTPHEADER.3: Add description for specific headers

    • docs/HTTP3: Improve build instructions

    • docs/Makefile.am: Repair 'make html'

    • docs: Fix typo in CURLOPT_TRAILERFUNCTION example

    • docs: Provide "RETURN VALUE" section for more function manpages

    • docs: Reduce use of "very"

    • doh: Remove experimental code for DoH with GET

    • examples/htmltidy: Correct wrong printf() use

    • examples/imap-append: Fix end-of-data check

    • ftp: Make the MKD retry to retry once per directory

    • gen.pl: Insert the current date and version in generated man page

    • gen.pl: Replace leading single quotes with \(aq

    • http2: Make getsock not wait for write if there's no remote window

    • http3: Fix the HTTP/3 Explained book link
    • http: Fix Basic auth with empty name field in URL

    • http: Reject HTTP response codes < 100

    • http: Remove assert that breaks hyper
    • http: Set content length earlier

    • http_proxy: Make hyper CONNECT() return the correct error code

    • http_proxy: Multiple CONNECT with hyper done better

    • hyper: Disable test 1294 since hyper doesn't allow such crazy headers

    • hyper: Does not support disabling CURLOPT_HTTP_TRANSFER_DECODING

    • hyper: Pass the CONNECT line to the debug callback

    • imap: Display quota information

    • INSTALL: Update symbol hiding option

    • lib/mk-ca-bundle.pl: Skip certs passed Not Valid After date

    • lib: Avoid fall-through cases in switch statements

    • libcurl.rc: Switch out the copyright symbol for plain ASCII

    • libssh2: Get the version at runtime if possible

    • limit-rate.d: This is average over several seconds

    • llist: Remove redundant code, branch will not be executed

    • Makefile.m32: Fix to not require OpenSSL with -libssh2 or -rtmp options

    • maketgz: Redirect updatemanpages.pl output to /dev/null

    • man pages: Require all to use the same section header order

    • manpage: Adjust the asterisk in some SYNOPSIS sections

    • md5: Fix compilation with OpenSSL 3.0 API
    • misc: Fix a few issues on MidnightBSD
    • misc: Fix typos in docs and comments

    • ngtcp2: Advertise h3 as well as h3-29

    • ngtcp2: Compile with the latest nghttp3

    • ngtcp2: Specify the missing required callback functions

    • ngtcp2: Use latest QUIC TLS RFC9001

    • NTLM: Use DES_set_key_unchecked with OpenSSL

    • openssl: If verifypeer is not requested, skip the CA loading

    • openssl: With OpenSSL 1.1.0+ a failed RAND_status means goaway

    • Revert "src/tool_filetime: Disable -Wformat on mingw for this file"
    • sasl: Binary messages
    • schannel: Fix memory leak due to failed SSL connection

    • scripts/delta: Count command line options in the new file

    • sendf: Accept zero-length data in Curl_client_write()

    • sha256: Use high-level EVP interface for OpenSSL

    • smooth-gtk-thread.c: Enhance the mutex lock use

    • sws: Fix memory leak on exit

    • test1160: Edited to work with hyper

    • test1173: Make manpage-syntax.pl spot \n errors in examples

    • test1185: Verify checksrc

    • test1266/1267: Disabled on hyper: no HTTP/0.9 support

    • test1287: Make work on hyper

    • test207: Accept a different error code for hyper

    • test262: Don't attempt with hyper

    • test552: Updated to work with hyper

    • test559: Add 'HTTP' in keywords

    • tests/smbserver.py: Fix compatibility with impacket 0.9.23+

    • tests: Add Schannel-specific tests and disable unsupported ones
    • tests: Disable test 2043
    • tests: Kill some test servers afterwards to avoid locked logfiles

    • tests: Use python3 in test 1451

    • tls: Remove newline from three infof() calls

    • tool_cb_prg: Make resumed upload progress bar show better

    • tool_listhelp: Easier generated with gen.pl

    • tool_main: Fix typo in comment

    • tool_operate: A failed etag save now only fails that transfer

    • URL-SYNTAX: Add IMAP UID SEARCH example

    • url: Check the return value of curl_url()

    • url: Set "k->size" -1 at start of request

    • urlapi: Skip a strlen(), pass in zero

    • urlapi: URL decode percent-encoded host names

    • version_win32: Use actual version instead of manifested version

    • vtls: Fix a memory leak if an SSL session cannot be added to the cache
    • wolfssl: Use for SHA256, MD4, MD5, and setting DES odd parity

    • zuul: Pin the quiche build to use an older cmake-rs

  • I had to add a workaround for GSSAPI detection in Fedora 19 and Fedora 20, which have only krb5-config and no corresponding pkg-config file

Recent