#acl PaulHowarth:read,write,admin,revert,delete All:read

=== Wednesday 27th April 2022 ===

==== Local Packages ====

 * Updated `curl` to 7.83.0:
  * curl: Add `%header{name}` experimental support in `-w` handling
  * curl: Add `%{header_json}` experimental support in `-w` handling
  * curl: Add `--no-clobber`
  * curl: Add `--remove-on-error`
  * header api: Add `curl_easy_header` and `curl_easy_nextheader`
  * msh3: Add support for QUIC and HTTP/3 using `msh3`
  * appveyor: Add Cygwin build
  * appveyor: Only add MSYS2 to PATH where required
  * BearSSL: Add `CURLOPT_SSL_CIPHER_LIST` support
  * BearSSL: Add `CURLOPT_SSL_CTX_FUNCTION` support
  * BINDINGS.md: Add Hollywood binding
  * CI: Do not use `buildconf`; instead, just use: `autoreconf -fi`
  * CI: Install Python package `impacket` to run SMB test 1451
  * `configure.ac`: Move `-pthread` CFLAGS setting back where it used to be
  * `configure`: Bump the copyright year range in the generated output
  * conncache: Include the zone id in the "bundle" hashkey ([[CVE:2022-27775|CVE-2022-27775]])
  * connecache: Remove duplicate `connc->closure_handle` check
  * connect: Make `Curl_getconnectinfo` work with conn cache from share handle
  * connect: Use `TCP_KEEPALIVE` only if `TCP_KEEPIDLE` is not defined
  * `cookie.d`: Clarify when cookies are sent
  * cookies: Improve error handling for reading cookiefile
  * `curl/system.h`: Update `ifdef` condition for MCST-LCC compiler
  * curl: Error out if `-T` and `-d` are used for the same URL
  * curl: Error out when options need features not present in `libcurl`
  * curl: Escape '`?`' in generated `--libcurl` code
  * curl: Fix segmentation fault for empty output file names
  * `curl_easy_header`: Fix typos in documentation
  * `CURLINFO_PRIMARY_PORT.3`: Clarify which port this is
  * `CURLOPT*TLSAUTH.3`: They only work with OpenSSL or GnuTLS
  * `CURLOPT_DISALLOW_USERNAME_IN_URL.3`: Use uppercase URL
  * `CURLOPT_PREQUOTE.3`: Only works for FTP file transfers, not dirs
  * `CURLOPT_PROGRESSFUNCTION.3`: Fix typo in example
  * `CURLOPT_UNRESTRICTED_AUTH.3`: Extended explanation
  * `CURLSHOPT_UNLOCKFUNC.3`: Fix the callback prototype
  * `docs/HYPER.md`: Updated to reflect current hyper build needs
  * `docs/opts`: Mention Schannel client cert type is P12
  * docs: Fix missing semicolon in example code
  * docs: Lots of minor language polish
  * English: Use American spelling consistently
  * `fail.d`: Tweak the description
  * `firefox-db2pem.sh`: Make the shell script safer
  * ftp: Fix error message for partial file upload
  * `gen.pl`: Change wording for mutexed options
  * GHA: Add openssl3 jobs moved over from Zuul
  * GHA: Build hyper with nightly rustc
  * GHA: Move bearssl jobs over from Zuul
  * GHA: Move the event-based test over from Zuul
  * gtls: Fix build for disabled TLS-SRP
  * http2: Handle `DONE` called for the paused stream
  * http2: `RST` the stream if we stop it on our own will
  * http: Avoid auth/cookie on redirects same host diff port ([[CVE:2022-27776|CVE-2022-27776]])
  * http: Close the stream (not connection) on time condition abort
  * http: Reject header contents with nul bytes
  * http: Return error on colon-less HTTP headers
  * http: streamclose "already downloaded"
  * hyper: Fix `status_line()` return code
  * hyper: Fix tests 580 and 581 for hyper
  * hyper: No h2c support
  * infof: Consistent capitalization of warning messages
  * `ipv4/6.d`: Clarify that they are about using IP addresses
  * `json.d`: Fix typo (overriden → overridden)
  * `keepalive-time.d`: It takes many probes to detect brokenness
  * `lib/warnless.[ch]`: Only check for `WIN32` and ignore `_WIN32`
  * `lib670`: Avoid double check result
  * lib: `#ifdef` on `USE_HTTP2` better
  * lib: Fix some misuse of `curlx_convert_wchar_to_UTF8`
  * lib: Remove exclamation marks
  * libssh2: Compare sha256 strings case sensitively
  * libssh2: Make the md5 comparison fail if wrong length
  * libssh: Fix build with old libssh versions
  * libssh: Fix double close
  * libssh: Improve fix for missing `SSH_S_` stat macros
  * libssh: Unstick SFTP transfers when done event-based
  * macos: Set `.plist` version in autoconf
  * mbedtls: Remove 'protocols' array from backend when ALPN is not used
  * mbedtls: Remove `server_fd` from backend
  * `mk-ca-bundle.pl`: Use stricter logic to process the certificates
  * `mk-ca-bundle.vbs`: Delete this script in favor of `mk-ca-bundle.pl`
  * `mlc_config.json`: Add file to ignore known troublesome URLs
  * mqtt: Better handling of TCP disconnect mid-message
  * ngtcp2: Add client certificate authentication for OpenSSL
  * ngtcp2: Avoid busy loop in low `CWND` situation
  * ngtcp2: Deal with sub-millisecond timeout
  * ngtcp2: Disconnect the QUIC connection properly
  * ngtcp2: Enlarge `H3_SEND_SIZE`
  * ngtcp2: Fix HTTP/3 upload stall and avoid busy loop
  * ngtcp2: Fix memory leak
  * ngtcp2: Fix `QUIC_IDLE_TIMEOUT`
  * ngtcp2: Make curl 1ms faster
  * ngtcp2: Remove `remote_addr`, which is not used in a meaningful way
  * ngtcp2: Update to work after recent ngtcp2 updates
  * ngtcp2: Use token when detecting `:status` header field
  * nonblock: Restore `setsockopt` method to `curlx_nonblock`
  * openssl: Check `SSL_get_peer_cert_chain` return value
  * openssl: Enable `CURLOPT_SSL_EC_CURVES` with BoringSSL
  * openssl: Fix CN check error code
  * options: Remove mistaken space before paren in prototype
  * perl: Removed a double semicolon at end of line
  * pop3/smtp: return `*WEIRD_SERVER_REPLY` when not understood
  * `projects/README`: Converted to markdown
  * projects: Update VC version names for VS2017, VS2022
  * rtsp: Don't let `CSeq` error override earlier errors
  * runtests: Add 'bearssl' as testable feature
  * runtests: Make 'oldlibssh' be before 0.9.4
  * schannel: Remove dead code that will never run
  * `scripts/copyright.pl`: Ignore the new `mlc_config.json` file
  * scripts: Move three scripts from `lib/` to `scripts/`
  * `test1135`: Sync with recent API updates
  * `test1459`: Disable for `oldlibssh`
  * `test375`: Fix line endings on Windows
  * `test386`: Fix an incorrect test markup tag
  * `test718`: Edited slightly to return better HTTP
  * `tests/server/util.h`: Align `WIN32` condition with `util.c`
  * tests: Refactor `server/socksd.c` to support `--unix-socket`
  * `timediff.[ch]`: Add `curlx` helper functions for `timeval` conversions
  * tls: Make mbedtls and NSS check for `h2`, not `nghttp2`
  * tool and tests: Force flush of all buffers at end of program
  * `tool_cb_hdr`: Turn the `Location:` into a terminal hyperlink
  * `tool_getparam`: Error out on missing `-K` file
  * `tool_listhelp.c`: Uppercase URL
  * `tool_operate`: Fix a scan-build warning
  * `tool_paramhlp`: Use `feof(3)` to identify EOF correctly when using `fread(3)`
  * transfer: Redirects to other protocols or ports clear auth ([[CVE:2022-27774|CVE-2022-27774]])
  * `unit1620`: Call `global_init` before calling `Curl_open`
  * url: Check sasl additional parameters for connection reuse ([[CVE:2022-22576|CVE-2022-22576]])
  * vtls: Provide a unified ALPN-disagree string for all backends
  * vtls: Use a backend standard message for "ALPN: offers %s"
  * vtls: Use a generic "ALPN, server accepted" message
  * `winbuild/README.md`: Fix up dead link
  * winbuild: Add a Visual Studio example to the `README`
  * wolfssl: Fix compiler error without IPv6
 * Cleaned up and rebuilt `demoroniser`
 * Cleaned up and rebuilt `plusnet-fttc`

----