PaulHowarth/Blog/2022-03-06

Sunday 6th March 2022

Local Packages

• Updated curl to 7.82.0:

  • curl: Add --json

  • mesalink: Remove support
  • appveyor: Update images from VS 2019 to 2022
  • appveyor: Use VS 2017 image for the autotools builds

  • azure-pipelines: Add a build on Windows with libssh

  • bearssl: Fix connect error on expired cert and no verify

  • bearssl: Fix EXC_BAD_ACCESS on incomplete CA cert

  • bearssl: Fix session resumption (session id)

  • build: Enable -Warith-conversion

  • build: Fix -Wenum-conversion handling

  • build: Fix ngtcp2 crypto library detection

  • checkprefix: Remove strlen calls

  • checksrc: Fix typo in comment

  • CI: Move 'distcheck' job from Zuul to Azure pipelines
  • CI: Move scan-build job from Zuul to Azure Pipelines
  • CI: Move the NSS job from Zuul to GHA

  • CI: Move the OpenSSL + c-ares job from Zuul to Circle CI

  • CI: Move the rustls CI job to GHA from Zuul
  • CI: Move two jobs from Zuul to Circle CI

  • CI: Test building wolfssl with --enable-opensslextra

  • CI: workflows/wolfssl: Install impacket

  • circleci: Add a job using libssh

  • cirlceci: Also run a c-ares job on arm with debug enabled

  • cmake: Fix iOS CMake project generation error

  • cmdline-opts/gen.pl: Fix option matching to improve references

  • config.d: Clarify _curlrc filename is still valid on Windows

  • configure.ac: Use user-specified gssapi dir when using pkg-config

  • configure: Change output for cross-compiled alt-svc support

  • configure: Fix '--enable-code-coverage' typo

  • configure: Remove support for "embedded ares"

  • configure: Requires --with-nss-deprecated to build with NSS

  • configure: Set CURL_LIBRARY_PATH for nghttp2

  • configure: Support specification of a nghttp2 library path

  • configure: Use correct CFLAGS for threaded resolver with xlC on AIX

  • curl tool: Erase some more sensitive command line arguments

  • curl-functions.m4: Fix LIBRARY_PATH adjustment to avoid eval

  • curl-functions.m4: Revert DYLD_LIBRARY_PATH tricks in CURL_RUN_IFELSE

  • curl-openssl: Fix SRP check for OpenSSL 3.0

  • curl-openssl: Remove the OpenSSL headers and library versions check

  • curl.h: Fix typo

  • curl: Remove "separators" (when using globbed URLs)

  • curl_getdate.3: Remove pointless .PP line

  • curl_multi_socket.3: Remove callback and typical usage descriptions

  • curl_url_set.3: Mention when CURLU_ALLOW_SPACE was added

  • CURLMOPT_TIMERFUNCTION/DATA.3: Fix the examples

  • CURLOPT_PROGRESSFUNCTION.3: Fix example struct assignment

  • CURLOPT_RESOLVE.3: Change example port to 443

  • CURLOPT_XFERINFOFUNCTION.3: Fix example struct assignment

  • CURLOPT_XFERINFOFUNCTION.3: Fix typo in example

  • CURLSHOPT_LOCKFUNC.3: Fix typo "relased" ⇒ "released"

  • DES: Fix compile break for OpenSSL without DES

  • docs/cmdline-opts: Add "mutexed" options for more http versions

  • docs/DEPRECATE: Remove NPN support in August 2022

  • docs: Capitalize the name 'Netscape'
  • docs: Document HTTP/2 not insisting on TLS 1.2

  • docs: Fix mandoc -T lint formatting complaints

  • docs: Update IETF links to use datatracker

  • examples/curlx: Support building with OpenSSL 1.1.0+

  • examples/multi-app.c: Call curl_multi_remove_handle as well

  • formdata: Avoid size_t → long typecast overflows

  • ftp: Provide error message for control bytes in path

  • gen.pl: Terminate "example" sections better

  • GHA: Add a macOS CI job with libssh

  • gskit: Convert to using Curl_poll

  • gskit: Fix errors from Curl_strerror refactor

  • gskit: Fix initialization of Curl_ssl_gskit struct

  • h2/h3: Allow CURLOPT_HTTPHEADER change ":scheme"

  • hostcheck: Fixed to not touch used input strings

  • hostcheck: Reduce strlen calls on chained certificates

  • hostip: Avoid unused parameter error in Curl_resolv_check

  • http2: Move two infof calls to debug-h2-only

  • http: Make Curl_compareheader() take string length arguments too

  • if2ip: Make Curl_ipv6_scope a blank macro when IPv6-disabled

  • KNOWN_BUGS: Fix typo "libpsl"

  • ldap: Return CURLE_URL_MALFORMAT for bad URL

  • lib: Remove support for CURL_DOES_CONVERSIONS

  • libssh2: Don't typecast socket to int for libssh2_session_handshake

  • libssh: Fix include files and defines use for Windows builds

  • Makefile.am: Generate VS 2022 projects

  • maketgz: Return error if 'make dist' fails

  • mbedtls: Enable use of mbedtls without CRL support

  • mbedtls: Enable use of mbedtls without filesystem functions support

  • mbedtls: Fix CURLOPT_SSLCERT_BLOB (again)

  • mbedtls: Fix ssl_init error with mbedTLS 3.1.0+

  • mbedtls: Remove #include <mbedtls/certs.h>

  • mbedtls: Return CURLcode result instead of a mbedtls error code

  • md5: Check md5_init_func return value

  • mime: Use a define instead of the magic number 24

  • misc: Allow curl to build with wolfssl --enable-opensslextra

  • misc: Remove BeOS code and references
  • misc: Remove the final watcom references
  • misc: Remove unused data when IPv6 is not supported

  • mqtt: Free 'sendleftovers' in disconnect

  • mqtt: Free any send leftover data when done

  • multi: Allow user callbacks to call curl_multi_assign

  • multi: Grammar fix in comment

  • multi: Remember connection_id before returning connection to pool

  • multi: Set in_callback for multi interface callbacks

  • netware: Remove support

  • next.d: Remove .fi/.nf as they are handled by gen.pl

  • ngtcp2: Adapt to changed end of headers callback proto

  • ngtcp2: Fix declaration of ‘result’ shadows a previous local

  • ngtcp2: Reset dynbuf when it is fully drained

  • nss: Handshake callback during shutdown has no conn->bundle

  • ntlm: Remove unused feature defines
  • openldap: Fix compiler warning when built without SSL support
  • openldap: Implement SASL authentication

  • openldap: Pass string length arguments to client_write()

  • openssl.h: Avoid including OpenSSL headers here

  • openssl: Check if sessionid flag is enabled before retrieving session

  • openssl: Check SSL_get_ex_data to prevent potential NULL dereference

  • openssl: Check the return value of BIO_new_mem_buf()

  • openssl: Fix 'ctx_option_t' for OpenSSL v3+

  • openssl: Fix build for version < 1.1.0

  • openssl: Return error if TLS 1.3 is requested when not supported
  • os400: Add function wrapper for system command

  • os400: Add link to QADRT devkit to README.OS400

  • os400: Default build to target current release
  • OS400: Fix typos in rpg include file
  • projects: Add support for Visual Studio 17 (2022)
  • projects: Fix Visual Studio wolfSSL configurations
  • projects: Remove support for MSVC before VC10 (Visual Studio 2010)

  • quiche: After leaving h3_recving state, poll again

  • quiche: Change qlog file extension to '.sqlog'

  • quiche: Fix upload for bigger content-length

  • quiche: Handle stream reset

  • quiche: Remove two leftover debug infof() outputs

  • quiche: Verify the server cert on connect

  • quiche: When *recv_body() returns data, drain it before polling again

  • README.md: Fix links

  • remote-header-name.d: Clarify

  • runtests.pl: Disable debuginfod

  • runtests.pl: Properly print the test if it contains binary zeros

  • runtests.pl: Support the nonewline attribute for the data part

  • runtests.pl: Tolerate test directories without Makefile.inc

  • runtests: Allow client/file to specify multiple directories

  • runtests: Make 'rustls' a testable feature

  • runtests: Make 'wolfssl' a testable feature

  • runtests: Set 'oldlibssh' for libssh versions before 0.9.5

  • rustls: Add CURLOPT_CAINFO_BLOB support

  • schannel: Move the algIds array out of schannel.h

  • scripts/cijobs.pl: Output data about all current CI jobs

  • scripts/completion.pl: Improve zsh completion

  • scripts/copyright.pl: Support many provided file names on the cmdline

  • scripts/delta: Check the file delta for current branch

  • sectransp: Mark a 3DES cipher as weak

  • setopt: Do bounds-check before strdup

  • setopt: Fix the TLSAUTH #ifdefs for proxy-disabled builds

  • sha256: Fix minimum OpenSSL version

  • smb: Pass socket for writing and reading data instead of FIRSTSOCKET

  • ssl: Reduce allocated space for ssl backend when FTP is disabled

  • test3021: Disable all msys2 path transformation

  • test374: GIF data without newline at the end

  • tests/disable-scan.pl: Properly detect multiple symbols per line

  • tests/unit/Makefile.am: Add NSS_LIBS to build with NSS fine

  • tool_findfile: Check ~/.config/curlrc too

  • tool_getparam: DNS options that need c-ares now fail without it

  • TPF: Drop support

  • unit1610: Init SSL library before calling SHA256 functions

  • url: Exclude zonefrom_url when no ipv6 is available

  • url: Given a user in the URL, find pwd for that user in netrc

  • url: Keep trailing dot in host name

  • url: Make Curl_disconnect return void

  • urlapi: Handle "redirects" smarter

  • urldata: CONN_IS_PROXIED replaces bits.proxy when proxy can be disabled

  • urldata: Remove conn->bits.user_passwd

  • version_win32: Fix warning for 'CURL_WINDOWS_APP'

  • vtls: Fix socket check conditions
  • vtls: Pass on the right SNI name
  • vxworks: Drop support

  • winbuild: Add parameter WITH_SSH

  • wolfssl: Return CURLE_AGAIN for the SSL_ERROR_NONE case

  • wolfssl: When SSL_read() returns zero, check the error

  • write-out.d: Fix num_headers formatting

  • x509asn1: Toggle off functions not needed for different tls backends

• I had to add a fix for failing test1459 on EL-8 with libssh 0.9.4 (GH#8548)