Monday 27th June 2022
Local Packages
Updated curl to 7.84.0:
curl: Add --rate to set max request rate per time unit
curl: Deprecate --random-file and --egd-file
curl_version_info: Add CURL_VERSION_THREADSAFE
CURLINFO_CAPATH/CAINFO: Get the default CA paths from libcurl
lib: Make curl_global_init() thread-safe when possible
libssh2: Add CURLOPT_SSH_HOSTKEYFUNCTION
opts: Deprecate RANDOM_FILE and EGDSOCKET
- socks: Support unix sockets for socks proxy
aws-sigv4: Fix potential NULL pointer arithmetic
bindlocal: Don't use a random port if port number would wrap
c-hyper: Mark status line as status for Curl_client_write()
ci: Avoid 'cmake -Hpath'
- ci: Bump FreeBSD 13.0 to 13.1
ci: Update GitHub actions
cmake: Add libpsl support
cmake: Do not add libcurl.rc to the static libcurl library
cmake: Enable curl.rc for all Windows targets
cmake: Fix detecting libidn2
- cmake: Support adding a suffix to the OS value
configure: Skip libidn2 detection when winidn is used
configure: Use the SED value to invoke sed
configure: Warn about rustls being experimental
content_encoding: Return error on too many compression steps (CVE-2022-32206)
- cookie: Address secure domain overlay
cookie: Apply limits (CVE-2022-32205)
copyright.pl: Parse and use .reuse/dep5 for skips
copyright: Make repository REUSE compliant
curl.1: Add a few see also --tls-max
curl.1: Mention exit code zero too
curl: Re-enable --no-remote-name
curl_easy_pause.3: Remove explanation of progress function
curl_getdate.3: Document that some illegal dates pass through
Curl_parsenetrc: Don't access local pwbuf outside of scope
curl_url_set.3: Clarify by default using known schemes only
CURLOPT_ALTSVC.3: Document the file format
CURLOPT_FILETIME.3: Fix the protocols this works with
CURLOPT_HTTPHEADER.3: Improve comment in example
CURLOPT_NETRC.3: Document the .netrc file format
CURLOPT_PORT.3: We discourage using this option
CURLOPT_RANGE.3: Remove ranged upload advice
- digest: Added detection of more syntax errors in server headers
- digest: Tolerate missing "realm"
- digest: Unquote realm and nonce before processing
DISABLED: Disable 1021 for hyper again
docs/cmdline-opts: Add copyright and license identifier to each file
docs/CONTRIBUTE.md: Document the 'needs-votes' concept
- docs: Clarify data replacement policy for MIME API
doh: Remove UNITTEST macro definition
examples/crawler.c: Use the curl license
examples: Remove fopen.c and rtsp.c
- FAQ: Clarify Windows double quote usage
fopen: Add Curl_fopen() for better overwriting of files (CVE-2022-32207)
ftp: Restore protocol state after http proxy CONNECT
- ftp: When failing to do a secure GSSAPI login, fail hard
- GHA/hyper: Enable debug in the build
gssapi: Improve handling of errors from gss_display_status
gssapi: Initialize gss_buffer_desc strings
headers API: Remove EXPERIMENTAL tag
http2: Always debug print stream id in decimal with %u
- http2: Reject overly many push-promise headers
- http: Restore header folding behaviour
hyper: Use 'alt-used'
krb5: Return error properly on decode errors (CVE-2022-32208)
lib: Make more protocol specific struct fields #ifdefed
libcurl-security.3: Add "Secrets in memory"
libcurl-security.3: Document CRLF header injection
libssh: Skip the fake-close when libssh does the right thing
- links: Update dead links to the curl-wiki
log2changes: Do not indent empty lines
- macos9: Remove partial support
Makefile.am: Fix portability issues
Makefile.m32: Delete obsolete options, improve -On
Makefile.m32: Delete two obsolete OpenSSL options
Makefile.m32: Stop forcing XP target with ipv6 enabled
max-time.d: Clarify max-time sets max transfer time
mprintf: Ignore clang non-literal format string
netrc: Check %USERPROFILE% as well on Windows
netrc: Support quoted strings
ngtcp2: Allow curl to send larger UDP datagrams
ngtcp2: Correct use of ngtcp2 and nghttp3 signed integer types
ngtcp2: Enable Linux GSO
ngtcp2: Extend QUIC transport parameters buffer
ngtcp2: Fix alert_read_func return value
ngtcp2: Fix typo in preprocessor condition
ngtcp2: Handle error from ngtcp2_conn_submit_crypto_data
ngtcp2: Send appropriate connection close error code
ngtcp2: Support boringssl crypto backend
ngtcp2: Use helper funcs to simplify TLS handshake integration
- ntlm: Provide a fixed fake host name
- projects: Fix third-party SSL library build paths for Visual Studio
quic: Add Curl_quic_idle
- quiche: Support ca-fallback
rand: Stop detecting /dev/urandom in cross-builds
remote-name.d: Mention --output-dir
runtests.pl: Add the --repeat parameter to the --help output
runtests: Fix skipping tests not done event-based
runtests: Skip starting the ssh server if user name is lacking
scripts/copyright.pl: fix the exclusion to not ignore man pages
sectransp: Check for a function defined when __BLOCKS__ is undefined
- select: Return error from "lethal" poll/select errors
server/sws: Support spaces in the HTTP request path
speed-limit/time.d: Mention these affect transfers in either direction
strcase: Some optimizations
- test2081: Add a valid reply for the second request
- test675: Add missing CR so the test passes when run through Privoxy
test414: Add the '--resolve' keyword
test681: Verify --no-remote-name
- tests 266, 116 and 1540: Add a small write delay
tests/data/test1501: Kill ftp server after slow LIST response
tests/getpart: Fix getpartattr to work with "data" and "data2"
tests/server/sws.c: Change the HTTP writedelay unit to milliseconds
- test{440,441,493,977}: Add "HTTP proxy" keywords
tool_getparam: Fix --parallel-max maximum value constraint
tool_operate: Make sure --fail-with-body works with --retry
- transfer: Fix potential NULL pointer dereference
transfer: Maintain --path-as-is after redirects
- transfer: Upload performance; avoid tiny send
- url: Free old conn better on reuse
url: Remove redundant #ifdefs in allocate_conn()
- url: URL encode the path when extracted, if spaces were set
urlapi: Make curl_url_set(url, CURLUPART_URL, NULL, 0) clear all parts
urlapi: Support CURLU_URLENCODE for curl_url_get()
- urldata: Reduce size of a few struct fields
urldata: Remove three unused booleans from struct UserDefined
urldata: Store tcp_keepidle and tcp_keepintvl as ints
version: Allow stricmp() for sorting the feature list
vtls: Make curl_global_sslset thread-safe
wolfssh.h: Removed
wolfSSL: Correct the failf() message when a handle can't be made
- wolfSSL: Explicitly use compatibility layer
x509asn1: Mark msnprintf return as unchecked
- I had to disable flaky test 3026 for now
Updated libidn update to 1.41:
Bump LT_REVISION for new release; it was mistakenly left at the same value since 1.38
- Add version number related self-checks
Updated perl-Compress-Raw-Zlib to 2.202:
Z_NULL should be 'UV' rather than 'PV' (GH#17)