Wednesday 27th April 2022
Local Packages
Updated curl to 7.83.0:
curl: Add %header{name} experimental support in -w handling
curl: Add %{header_json} experimental support in -w handling
curl: Add --no-clobber
curl: Add --remove-on-error
header api: Add curl_easy_header and curl_easy_nextheader
msh3: Add support for QUIC and HTTP/3 using msh3
- appveyor: Add Cygwin build
- appveyor: Only add MSYS2 to PATH where required
BearSSL: Add CURLOPT_SSL_CIPHER_LIST support
BearSSL: Add CURLOPT_SSL_CTX_FUNCTION support
- BINDINGS.md: Add Hollywood binding
CI: Do not use buildconf; instead, just use: autoreconf -fi
CI: Install Python package impacket to run SMB test 1451
configure.ac: Move -pthread CFLAGS setting back where it used to be
configure: Bump the copyright year range in the generated output
conncache: Include the zone id in the "bundle" hashkey (CVE-2022-27775)
connecache: Remove duplicate connc->closure_handle check
connect: Make Curl_getconnectinfo work with conn cache from share handle
connect: Use TCP_KEEPALIVE only if TCP_KEEPIDLE is not defined
cookie.d: Clarify when cookies are sent
- cookies: Improve error handling for reading cookiefile
curl/system.h: Update ifdef condition for MCST-LCC compiler
curl: Error out if -T and -d are used for the same URL
curl: Error out when options need features not present in libcurl
curl: Escape '?' in generated --libcurl code
- curl: Fix segmentation fault for empty output file names
curl_easy_header: Fix typos in documentation
CURLINFO_PRIMARY_PORT.3: Clarify which port this is
CURLOPT*TLSAUTH.3: They only work with OpenSSL or GnuTLS
CURLOPT_DISALLOW_USERNAME_IN_URL.3: Use uppercase URL
CURLOPT_PREQUOTE.3: Only works for FTP file transfers, not dirs
CURLOPT_PROGRESSFUNCTION.3: Fix typo in example
CURLOPT_UNRESTRICTED_AUTH.3: Extended explanation
CURLSHOPT_UNLOCKFUNC.3: Fix the callback prototype
docs/HYPER.md: Updated to reflect current hyper build needs
docs/opts: Mention Schannel client cert type is P12
- docs: Fix missing semicolon in example code
- docs: Lots of minor language polish
- English: Use American spelling consistently
fail.d: Tweak the description
firefox-db2pem.sh: Make the shell script safer
- ftp: Fix error message for partial file upload
gen.pl: Change wording for mutexed options
- GHA: Add openssl3 jobs moved over from Zuul
- GHA: Build hyper with nightly rustc
- GHA: Move bearssl jobs over from Zuul
- GHA: Move the event-based test over from Zuul
- gtls: Fix build for disabled TLS-SRP
http2: Handle DONE called for the paused stream
http2: RST the stream if we stop it on our own will
http: Avoid auth/cookie on redirects same host diff port (CVE-2022-27776)
- http: Close the stream (not connection) on time condition abort
- http: Reject header contents with nul bytes
- http: Return error on colon-less HTTP headers
- http: streamclose "already downloaded"
hyper: Fix status_line() return code
- hyper: Fix tests 580 and 581 for hyper
- hyper: No h2c support
- infof: Consistent capitalization of warning messages
ipv4/6.d: Clarify that they are about using IP addresses
json.d: Fix typo (overriden → overridden)
keepalive-time.d: It takes many probes to detect brokenness
lib/warnless.[ch]: Only check for WIN32 and ignore _WIN32
lib670: Avoid double check result
lib: #ifdef on USE_HTTP2 better
lib: Fix some misuse of curlx_convert_wchar_to_UTF8
- lib: Remove exclamation marks
- libssh2: Compare sha256 strings case sensitively
- libssh2: Make the md5 comparison fail if wrong length
- libssh: Fix build with old libssh versions
- libssh: Fix double close
libssh: Improve fix for missing SSH_S_ stat macros
- libssh: Unstick SFTP transfers when done event-based
macos: Set .plist version in autoconf
- mbedtls: Remove 'protocols' array from backend when ALPN is not used
mbedtls: Remove server_fd from backend
mk-ca-bundle.pl: Use stricter logic to process the certificates
mk-ca-bundle.vbs: Delete this script in favor of mk-ca-bundle.pl
mlc_config.json: Add file to ignore known troublesome URLs
- mqtt: Better handling of TCP disconnect mid-message
- ngtcp2: Add client certificate authentication for OpenSSL
ngtcp2: Avoid busy loop in low CWND situation
- ngtcp2: Deal with sub-millisecond timeout
- ngtcp2: Disconnect the QUIC connection properly
ngtcp2: Enlarge H3_SEND_SIZE
- ngtcp2: Fix HTTP/3 upload stall and avoid busy loop
- ngtcp2: Fix memory leak
ngtcp2: Fix QUIC_IDLE_TIMEOUT
- ngtcp2: Make curl 1ms faster
ngtcp2: Remove remote_addr, which is not used in a meaningful way
- ngtcp2: Update to work after recent ngtcp2 updates
ngtcp2: Use token when detecting :status header field
nonblock: Restore setsockopt method to curlx_nonblock
openssl: Check SSL_get_peer_cert_chain return value
openssl: Enable CURLOPT_SSL_EC_CURVES with BoringSSL
- openssl: Fix CN check error code
- options: Remove mistaken space before paren in prototype
- perl: Removed a double semicolon at end of line
pop3/smtp: return *WEIRD_SERVER_REPLY when not understood
projects/README: Converted to markdown
- projects: Update VC version names for VS2017, VS2022
rtsp: Don't let CSeq error override earlier errors
- runtests: Add 'bearssl' as testable feature
- runtests: Make 'oldlibssh' be before 0.9.4
- schannel: Remove dead code that will never run
scripts/copyright.pl: Ignore the new mlc_config.json file
scripts: Move three scripts from lib/ to scripts/
test1135: Sync with recent API updates
test1459: Disable for oldlibssh
test375: Fix line endings on Windows
test386: Fix an incorrect test markup tag
test718: Edited slightly to return better HTTP
tests/server/util.h: Align WIN32 condition with util.c
tests: Refactor server/socksd.c to support --unix-socket
timediff.[ch]: Add curlx helper functions for timeval conversions
tls: Make mbedtls and NSS check for h2, not nghttp2
- tool and tests: Force flush of all buffers at end of program
tool_cb_hdr: Turn the Location: into a terminal hyperlink
tool_getparam: Error out on missing -K file
tool_listhelp.c: Uppercase URL
tool_operate: Fix a scan-build warning
tool_paramhlp: Use feof(3) to identify EOF correctly when using fread(3)
transfer: Redirects to other protocols or ports clear auth (CVE-2022-27774)
unit1620: Call global_init before calling Curl_open
url: Check sasl additional parameters for connection reuse (CVE-2022-22576)
- vtls: Provide a unified ALPN-disagree string for all backends
- vtls: Use a backend standard message for "ALPN: offers %s"
- vtls: Use a generic "ALPN, server accepted" message
winbuild/README.md: Fix up dead link
winbuild: Add a Visual Studio example to the README
- wolfssl: Fix compiler error without IPv6
Cleaned up and rebuilt demoroniser
Cleaned up and rebuilt plusnet-fttc