PaulHowarth/Blog/2022-06-27

Monday 27th June 2022

Local Packages

  • Updated curl to 7.84.0:

    • curl: Add --rate to set max request rate per time unit

    • curl: Deprecate --random-file and --egd-file

    • curl_version_info: Add CURL_VERSION_THREADSAFE

    • CURLINFO_CAPATH/CAINFO: Get the default CA paths from libcurl

    • lib: Make curl_global_init() thread-safe when possible

    • libssh2: Add CURLOPT_SSH_HOSTKEYFUNCTION

    • opts: Deprecate RANDOM_FILE and EGDSOCKET

    • socks: Support unix sockets for socks proxy

    • aws-sigv4: Fix potential NULL pointer arithmetic

    • bindlocal: Don't use a random port if port number would wrap

    • c-hyper: Mark status line as status for Curl_client_write()

    • ci: Avoid 'cmake -Hpath'

    • ci: Bump FreeBSD 13.0 to 13.1

    • ci: Update GitHub actions

    • cmake: Add libpsl support

    • cmake: Do not add libcurl.rc to the static libcurl library

    • cmake: Enable curl.rc for all Windows targets

    • cmake: Fix detecting libidn2

    • cmake: Support adding a suffix to the OS value

    • configure: Skip libidn2 detection when winidn is used

    • configure: Use the SED value to invoke sed

    • configure: Warn about rustls being experimental

    • content_encoding: Return error on too many compression steps (CVE-2022-32206)

    • cookie: Address secure domain overlay

    • cookie: Apply limits (CVE-2022-32205)

    • copyright.pl: Parse and use .reuse/dep5 for skips

    • copyright: Make repository REUSE compliant

    • curl.1: Add a few see also --tls-max

    • curl.1: Mention exit code zero too

    • curl: Re-enable --no-remote-name

    • curl_easy_pause.3: Remove explanation of progress function

    • curl_getdate.3: Document that some illegal dates pass through

    • Curl_parsenetrc: Don't access local pwbuf outside of scope

    • curl_url_set.3: Clarify by default using known schemes only

    • CURLOPT_ALTSVC.3: Document the file format

    • CURLOPT_FILETIME.3: Fix the protocols this works with

    • CURLOPT_HTTPHEADER.3: Improve comment in example

    • CURLOPT_NETRC.3: Document the .netrc file format

    • CURLOPT_PORT.3: We discourage using this option

    • CURLOPT_RANGE.3: Remove ranged upload advice

    • digest: Added detection of more syntax errors in server headers
    • digest: Tolerate missing "realm"
    • digest: Unquote realm and nonce before processing

    • DISABLED: Disable 1021 for hyper again

    • docs/cmdline-opts: Add copyright and license identifier to each file

    • docs/CONTRIBUTE.md: Document the 'needs-votes' concept

    • docs: Clarify data replacement policy for MIME API

    • doh: Remove UNITTEST macro definition

    • examples/crawler.c: Use the curl license

    • examples: Remove fopen.c and rtsp.c

    • FAQ: Clarify Windows double quote usage

    • fopen: Add Curl_fopen() for better overwriting of files (CVE-2022-32207)

    • ftp: Restore protocol state after http proxy CONNECT

    • ftp: When failing to do a secure GSSAPI login, fail hard
    • GHA/hyper: Enable debug in the build

    • gssapi: Improve handling of errors from gss_display_status

    • gssapi: Initialize gss_buffer_desc strings

    • headers API: Remove EXPERIMENTAL tag

    • http2: Always debug print stream id in decimal with %u

    • http2: Reject overly many push-promise headers
    • http: Restore header folding behaviour

    • hyper: Use 'alt-used'

    • krb5: Return error properly on decode errors (CVE-2022-32208)

    • lib: Make more protocol specific struct fields #ifdefed

    • libcurl-security.3: Add "Secrets in memory"

    • libcurl-security.3: Document CRLF header injection

    • libssh: Skip the fake-close when libssh does the right thing

    • links: Update dead links to the curl-wiki

    • log2changes: Do not indent empty lines

    • macos9: Remove partial support

    • Makefile.am: Fix portability issues

    • Makefile.m32: Delete obsolete options, improve -On

    • Makefile.m32: Delete two obsolete OpenSSL options

    • Makefile.m32: Stop forcing XP target with ipv6 enabled

    • max-time.d: Clarify max-time sets max transfer time

    • mprintf: Ignore clang non-literal format string

    • netrc: Check %USERPROFILE% as well on Windows

    • netrc: Support quoted strings

    • ngtcp2: Allow curl to send larger UDP datagrams

    • ngtcp2: Correct use of ngtcp2 and nghttp3 signed integer types

    • ngtcp2: Enable Linux GSO

    • ngtcp2: Extend QUIC transport parameters buffer

    • ngtcp2: Fix alert_read_func return value

    • ngtcp2: Fix typo in preprocessor condition

    • ngtcp2: Handle error from ngtcp2_conn_submit_crypto_data

    • ngtcp2: Send appropriate connection close error code

    • ngtcp2: Support boringssl crypto backend

    • ngtcp2: Use helper funcs to simplify TLS handshake integration

    • ntlm: Provide a fixed fake host name
    • projects: Fix third-party SSL library build paths for Visual Studio

    • quic: Add Curl_quic_idle

    • quiche: Support ca-fallback

    • rand: Stop detecting /dev/urandom in cross-builds

    • remote-name.d: Mention --output-dir

    • runtests.pl: Add the --repeat parameter to the --help output

    • runtests: Fix skipping tests not done event-based

    • runtests: Skip starting the ssh server if user name is lacking

    • scripts/copyright.pl: fix the exclusion to not ignore man pages

    • sectransp: Check for a function defined when __BLOCKS__ is undefined

    • select: Return error from "lethal" poll/select errors

    • server/sws: Support spaces in the HTTP request path

    • speed-limit/time.d: Mention these affect transfers in either direction

    • strcase: Some optimizations

    • test2081: Add a valid reply for the second request
    • test675: Add missing CR so the test passes when run through Privoxy

    • test414: Add the '--resolve' keyword

    • test681: Verify --no-remote-name

    • tests 266, 116 and 1540: Add a small write delay

    • tests/data/test1501: Kill ftp server after slow LIST response

    • tests/getpart: Fix getpartattr to work with "data" and "data2"

    • tests/server/sws.c: Change the HTTP writedelay unit to milliseconds

    • test{440,441,493,977}: Add "HTTP proxy" keywords

    • tool_getparam: Fix --parallel-max maximum value constraint

    • tool_operate: Make sure --fail-with-body works with --retry

    • transfer: Fix potential NULL pointer dereference

    • transfer: Maintain --path-as-is after redirects

    • transfer: Upload performance; avoid tiny send
    • url: Free old conn better on reuse

    • url: Remove redundant #ifdefs in allocate_conn()

    • url: URL encode the path when extracted, if spaces were set

    • urlapi: Make curl_url_set(url, CURLUPART_URL, NULL, 0) clear all parts

    • urlapi: Support CURLU_URLENCODE for curl_url_get()

    • urldata: Reduce size of a few struct fields

    • urldata: Remove three unused booleans from struct UserDefined

    • urldata: Store tcp_keepidle and tcp_keepintvl as ints

    • version: Allow stricmp() for sorting the feature list

    • vtls: Make curl_global_sslset thread-safe

    • wolfssh.h: Removed

    • wolfSSL: Correct the failf() message when a handle can't be made

    • wolfSSL: Explicitly use compatibility layer

    • x509asn1: Mark msnprintf return as unchecked

  • I had to disable flaky test 3026 for now

  • Updated libidn update to 1.41:

    • Bump LT_REVISION for new release; it was mistakenly left at the same value since 1.38

    • Add version number related self-checks

  • Updated perl-Compress-Raw-Zlib to 2.202:

    • Z_NULL should be 'UV' rather than 'PV' (GH#17)

Recent