Upload page content

You can upload content for the page named below. If you change the page name, you can also upload content for another page. If the page name is empty, we derive the page name from the file name.

File to load page content from
Page name
Comment

    PaulHowarth/Blog/2022-04-27

Wednesday 27th April 2022

Local Packages

  • Updated curl to 7.83.0:

    • curl: Add %header{name} experimental support in -w handling

    • curl: Add %{header_json} experimental support in -w handling

    • curl: Add --no-clobber

    • curl: Add --remove-on-error

    • header api: Add curl_easy_header and curl_easy_nextheader

    • msh3: Add support for QUIC and HTTP/3 using msh3

    • appveyor: Add Cygwin build
    • appveyor: Only add MSYS2 to PATH where required

    • BearSSL: Add CURLOPT_SSL_CIPHER_LIST support

    • BearSSL: Add CURLOPT_SSL_CTX_FUNCTION support

    • BINDINGS.md: Add Hollywood binding

    • CI: Do not use buildconf; instead, just use: autoreconf -fi

    • CI: Install Python package impacket to run SMB test 1451

    • configure.ac: Move -pthread CFLAGS setting back where it used to be

    • configure: Bump the copyright year range in the generated output

    • conncache: Include the zone id in the "bundle" hashkey (CVE-2022-27775)

    • connecache: Remove duplicate connc->closure_handle check

    • connect: Make Curl_getconnectinfo work with conn cache from share handle

    • connect: Use TCP_KEEPALIVE only if TCP_KEEPIDLE is not defined

    • cookie.d: Clarify when cookies are sent

    • cookies: Improve error handling for reading cookiefile

    • curl/system.h: Update ifdef condition for MCST-LCC compiler

    • curl: Error out if -T and -d are used for the same URL

    • curl: Error out when options need features not present in libcurl

    • curl: Escape '?' in generated --libcurl code

    • curl: Fix segmentation fault for empty output file names

    • curl_easy_header: Fix typos in documentation

    • CURLINFO_PRIMARY_PORT.3: Clarify which port this is

    • CURLOPT*TLSAUTH.3: They only work with OpenSSL or GnuTLS

    • CURLOPT_DISALLOW_USERNAME_IN_URL.3: Use uppercase URL

    • CURLOPT_PREQUOTE.3: Only works for FTP file transfers, not dirs

    • CURLOPT_PROGRESSFUNCTION.3: Fix typo in example

    • CURLOPT_UNRESTRICTED_AUTH.3: Extended explanation

    • CURLSHOPT_UNLOCKFUNC.3: Fix the callback prototype

    • docs/HYPER.md: Updated to reflect current hyper build needs

    • docs/opts: Mention Schannel client cert type is P12

    • docs: Fix missing semicolon in example code
    • docs: Lots of minor language polish
    • English: Use American spelling consistently

    • fail.d: Tweak the description

    • firefox-db2pem.sh: Make the shell script safer

    • ftp: Fix error message for partial file upload

    • gen.pl: Change wording for mutexed options

    • GHA: Add openssl3 jobs moved over from Zuul
    • GHA: Build hyper with nightly rustc
    • GHA: Move bearssl jobs over from Zuul
    • GHA: Move the event-based test over from Zuul
    • gtls: Fix build for disabled TLS-SRP

    • http2: Handle DONE called for the paused stream

    • http2: RST the stream if we stop it on our own will

    • http: Avoid auth/cookie on redirects same host diff port (CVE-2022-27776)

    • http: Close the stream (not connection) on time condition abort
    • http: Reject header contents with nul bytes
    • http: Return error on colon-less HTTP headers
    • http: streamclose "already downloaded"

    • hyper: Fix status_line() return code

    • hyper: Fix tests 580 and 581 for hyper
    • hyper: No h2c support
    • infof: Consistent capitalization of warning messages

    • ipv4/6.d: Clarify that they are about using IP addresses

    • json.d: Fix typo (overriden → overridden)

    • keepalive-time.d: It takes many probes to detect brokenness

    • lib/warnless.[ch]: Only check for WIN32 and ignore _WIN32

    • lib670: Avoid double check result

    • lib: #ifdef on USE_HTTP2 better

    • lib: Fix some misuse of curlx_convert_wchar_to_UTF8

    • lib: Remove exclamation marks
    • libssh2: Compare sha256 strings case sensitively
    • libssh2: Make the md5 comparison fail if wrong length
    • libssh: Fix build with old libssh versions
    • libssh: Fix double close

    • libssh: Improve fix for missing SSH_S_ stat macros

    • libssh: Unstick SFTP transfers when done event-based

    • macos: Set .plist version in autoconf

    • mbedtls: Remove 'protocols' array from backend when ALPN is not used

    • mbedtls: Remove server_fd from backend

    • mk-ca-bundle.pl: Use stricter logic to process the certificates

    • mk-ca-bundle.vbs: Delete this script in favor of mk-ca-bundle.pl

    • mlc_config.json: Add file to ignore known troublesome URLs

    • mqtt: Better handling of TCP disconnect mid-message
    • ngtcp2: Add client certificate authentication for OpenSSL

    • ngtcp2: Avoid busy loop in low CWND situation

    • ngtcp2: Deal with sub-millisecond timeout
    • ngtcp2: Disconnect the QUIC connection properly

    • ngtcp2: Enlarge H3_SEND_SIZE

    • ngtcp2: Fix HTTP/3 upload stall and avoid busy loop
    • ngtcp2: Fix memory leak

    • ngtcp2: Fix QUIC_IDLE_TIMEOUT

    • ngtcp2: Make curl 1ms faster

    • ngtcp2: Remove remote_addr, which is not used in a meaningful way

    • ngtcp2: Update to work after recent ngtcp2 updates

    • ngtcp2: Use token when detecting :status header field

    • nonblock: Restore setsockopt method to curlx_nonblock

    • openssl: Check SSL_get_peer_cert_chain return value

    • openssl: Enable CURLOPT_SSL_EC_CURVES with BoringSSL

    • openssl: Fix CN check error code
    • options: Remove mistaken space before paren in prototype
    • perl: Removed a double semicolon at end of line

    • pop3/smtp: return *WEIRD_SERVER_REPLY when not understood

    • projects/README: Converted to markdown

    • projects: Update VC version names for VS2017, VS2022

    • rtsp: Don't let CSeq error override earlier errors

    • runtests: Add 'bearssl' as testable feature
    • runtests: Make 'oldlibssh' be before 0.9.4
    • schannel: Remove dead code that will never run

    • scripts/copyright.pl: Ignore the new mlc_config.json file

    • scripts: Move three scripts from lib/ to scripts/

    • test1135: Sync with recent API updates

    • test1459: Disable for oldlibssh

    • test375: Fix line endings on Windows

    • test386: Fix an incorrect test markup tag

    • test718: Edited slightly to return better HTTP

    • tests/server/util.h: Align WIN32 condition with util.c

    • tests: Refactor server/socksd.c to support --unix-socket

    • timediff.[ch]: Add curlx helper functions for timeval conversions

    • tls: Make mbedtls and NSS check for h2, not nghttp2

    • tool and tests: Force flush of all buffers at end of program

    • tool_cb_hdr: Turn the Location: into a terminal hyperlink

    • tool_getparam: Error out on missing -K file

    • tool_listhelp.c: Uppercase URL

    • tool_operate: Fix a scan-build warning

    • tool_paramhlp: Use feof(3) to identify EOF correctly when using fread(3)

    • transfer: Redirects to other protocols or ports clear auth (CVE-2022-27774)

    • unit1620: Call global_init before calling Curl_open

    • url: Check sasl additional parameters for connection reuse (CVE-2022-22576)

    • vtls: Provide a unified ALPN-disagree string for all backends
    • vtls: Use a backend standard message for "ALPN: offers %s"
    • vtls: Use a generic "ALPN, server accepted" message

    • winbuild/README.md: Fix up dead link

    • winbuild: Add a Visual Studio example to the README

    • wolfssl: Fix compiler error without IPv6

  • Cleaned up and rebuilt demoroniser

  • Cleaned up and rebuilt plusnet-fttc

Recent