| curl and libcurl 7.82.0 |
| |
| Public curl releases: 206 |
| Command line options: 245 |
| curl_easy_setopt() options: 295 |
| Public functions in libcurl: 86 |
| Contributors: 2597 |
| |
| This release includes the following changes: |
| |
| o curl: add --json [67] |
| o mesalink: remove support [23] |
| |
| This release includes the following bugfixes: |
| |
| o appveyor: update images from VS 2019 to 2022 |
| o appveyor: use VS 2017 image for the autotools builds |
| o azure-pipelines: add a build on Windows with libssh [154] |
| o bearssl: fix connect error on expired cert and no verify [132] |
| o bearssl: fix EXC_BAD_ACCESS on incomplete CA cert [131] |
| o bearssl: fix session resumption (session id) [133] |
| o build: enable -Warith-conversion |
| o build: fix -Wenum-conversion handling |
| o build: fix ngtcp2 crypto library detection [63] |
| o checkprefix: remove strlen calls [128] |
| o checksrc: fix typo in comment [34] |
| o CI: move 'distcheck' job from zuul to azure pipelines [60] |
| o CI: move scan-build job from Zuul to Azure Pipelines [59] |
| o CI: move the NSS job from zuul to GHA [84] |
| o ci: move the OpenSSL + c-ares job from Zuul to Circle CI [75] |
| o CI: move the rustls CI job to GHA from Zuul [8] |
| o CI: move two jobs from Zuul to Circle CI [73] |
| o CI: test building wolfssl with --enable-opensslextra [42] |
| o CI: workflows/wolfssl: install impacket [47] |
| o circleci: add a job using libssh [121] |
| o cirlceci: also run a c-ares job on arm with debug enabled [74] |
| o cmake: fix iOS CMake project generation error [13] |
| o cmdline-opts/gen.pl: fix option matching to improve references [50] |
| o config.d: Clarify _curlrc filename is still valid on Windows [95] |
| o configure.ac: use user-specified gssapi dir when using pkg-config [136] |
| o configure: change output for cross-compiled alt-svc support [140] |
| o configure: fix '--enable-code-coverage' typo [110] |
| o configure: remove support for "embedded ares" [82] |
| o configure: requires --with-nss-deprecated to build with NSS [114] |
| o configure: set CURL_LIBRARY_PATH for nghttp2 [58] |
| o configure: support specification of a nghttp2 library path [101] |
| o configure: use correct CFLAGS for threaded resolver with xlC on AIX [54] |
| o curl tool: erase some more sensitive command line arguments [22] |
| o curl-functions.m4: fix LIBRARY_PATH adjustment to avoid eval [5] |
| o curl-functions.m4: revert DYLD_LIBRARY_PATH tricks in CURL_RUN_IFELSE [9] |
| o curl-openssl: fix SRP check for OpenSSL 3.0 [86] |
| o curl-openssl: remove the OpenSSL headers and library versions check [35] |
| o curl.h: fix typo [129] |
| o curl: remove "separators" (when using globbed URLs) [32] |
| o curl_getdate.3: remove pointless .PP line [68] |
| o curl_multi_socket.3: remove callback and typical usage descriptions [7] |
| o curl_url_set.3: mention when CURLU_ALLOW_SPACE was added |
| o CURLMOPT_TIMERFUNCTION/DATA.3: fix the examples [27] |
| o CURLOPT_PROGRESSFUNCTION.3: fix example struct assignment [147] |
| o CURLOPT_RESOLVE.3: change example port to 443 |
| o CURLOPT_XFERINFOFUNCTION.3: fix example struct assignment [153] |
| o CURLOPT_XFERINFOFUNCTION.3: fix typo in example [81] |
| o CURLSHOPT_LOCKFUNC.3: fix typo "relased" -> "released" [71] |
| o des: fix compile break for OpenSSL without DES [141] |
| o docs/cmdline-opts: add "mutexed" options for more http versions [25] |
| o docs/DEPRECATE: remove NPN support in August 2022 [64] |
| o docs: capitalize the name 'Netscape' [77] |
| o docs: document HTTP/2 not insisting on TLS 1.2 [49] |
| o docs: fix mandoc -T lint formatting complaints [2] |
| o docs: update IETF links to use datatracker [41] |
| o examples/curlx: support building with OpenSSL 1.1.0+ [148] |
| o examples/multi-app.c: call curl_multi_remove_handle as well [19] |
| o formdata: avoid size_t => long typecast overflows [37] |
| o ftp: provide error message for control bytes in path [66] |
| o gen.pl: terminate "example" sections better [4] |
| o gha: add a macOS CI job with libssh [142] |
| o gskit: Convert to using Curl_poll [111] |
| o gskit: Fix errors from Curl_strerror refactor [113] |
| o gskit: Fix initialization of Curl_ssl_gskit struct [112] |
| o h2/h3: allow CURLOPT_HTTPHEADER change ":scheme" [88] |
| o hostcheck: fixed to not touch used input strings [38] |
| o hostcheck: reduce strlen calls on chained certificates [92] |
| o hostip: avoid unused parameter error in Curl_resolv_check [144] |
| o http2: move two infof calls to debug-h2-only [145] |
| o http: make Curl_compareheader() take string length arguments too [87] |
| o if2ip: make Curl_ipv6_scope a blank macro when IPv6-disabled [104] |
| o KNOWN_BUGS: fix typo "libpsl" |
| o ldap: return CURLE_URL_MALFORMAT for bad URL [24] |
| o lib: remove support for CURL_DOES_CONVERSIONS [96] |
| o libssh2: don't typecast socket to int for libssh2_session_handshake [151] |
| o libssh: fix include files and defines use for Windows builds [156] |
| o Makefile.am: Generate VS 2022 projects |
| o maketgz: return error if 'make dist' fails [79] |
| o mbedtls: enable use of mbedtls without CRL support [57] |
| o mbedtls: enable use of mbedtls without filesystem functions support [100] |
| o mbedtls: fix CURLOPT_SSLCERT_BLOB (again) |
| o mbedtls: fix ssl_init error with mbedTLS 3.1.0+ [12] |
| o mbedtls: remove #include <mbedtls/certs.h> [56] |
| o mbedtls: return CURLcode result instead of a mbedtls error code [1] |
| o md5: check md5_init_func return value |
| o mime: use a define instead of the magic number 24 [89] |
| o misc: allow curl to build with wolfssl --enable-opensslextra [43] |
| o misc: remove BeOS code and references [30] |
| o misc: remove the final watcom references [29] |
| o misc: remove unused data when IPv6 is not supported [80] |
| o mqtt: free 'sendleftovers' in disconnect [115] |
| o mqtt: free any send leftover data when done [36] |
| o multi: allow user callbacks to call curl_multi_assign [126] |
| o multi: grammar fix in comment [69] |
| o multi: remember connection_id before returning connection to pool [76] |
| o multi: set in_callback for multi interface callbacks [28] |
| o netware: remove support [72] |
| o next.d. remove .fi/.nf as they are handled by gen.pl [3] |
| o ngtcp2: adapt to changed end of headers callback proto [39] |
| o ngtcp2: fix declaration of ‘result’ shadows a previous local [14] |
| o ngtcp2: Reset dynbuf when it is fully drained [143] |
| o nss: handshake callback during shutdown has no conn->bundle [55] |
| o ntlm: remove unused feature defines [117] |
| o openldap: fix compiler warning when built without SSL support [70] |
| o openldap: implement SASL authentication [16] |
| o openldap: pass string length arguments to client_write() [116] |
| o openssl.h: avoid including OpenSSL headers here [15] |
| o openssl: check if sessionid flag is enabled before retrieving session [125] |
| o openssl: check SSL_get_ex_data to prevent potential NULL dereference [40] |
| o openssl: check the return value of BIO_new_mem_buf() [18] |
| o openssl: fix `ctx_option_t` for OpenSSL v3+ |
| o openssl: fix build for version < 1.1.0 [134] |
| o openssl: return error if TLS 1.3 is requested when not supported [45] |
| o os400: Add function wrapper for system command [138] |
| o os400: Add link to QADRT devkit to README.OS400 [137] |
| o os400: Default build to target current release [139] |
| o OS400: fix typos in rpg include file [149] |
| o projects: add support for Visual Studio 17 (2022) [124] |
| o projects: fix Visual Studio wolfSSL configurations |
| o projects: remove support for MSVC before VC10 (Visual Studio 2010) [123] |
| o quiche: after leaving h3_recving state, poll again [108] |
| o quiche: change qlog file extension to `.sqlog` [44] |
| o quiche: fix upload for bigger content-length [146] |
| o quiche: handle stream reset [83] |
| o quiche: remove two leftover debug infof() outputs |
| o quiche: verify the server cert on connect [33] |
| o quiche: when *recv_body() returns data, drain it before polling again [109] |
| o README.md: fix links [118] |
| o remote-header-name.d: clarify [10] |
| o runtests.pl: disable debuginfod [51] |
| o runtests.pl: properly print the test if it contains binary zeros |
| o runtests.pl: support the nonewline attribute for the data part [21] |
| o runtests.pl: tolerate test directories without Makefile.inc [98] |
| o runtests: allow client/file to specify multiple directories |
| o runtests: make 'rustls' a testable feature |
| o runtests: make 'wolfssl' a testable feature [6] |
| o runtests: set 'oldlibssh' for libssh versions before 0.9.5 [122] |
| o rustls: add CURLOPT_CAINFO_BLOB support [26] |
| o schannel: move the algIds array out of schannel.h [135] |
| o scripts/cijobs.pl: output data about all currect CI jobs [78] |
| o scripts/completion.pl: improve zsh completion [46] |
| o scripts/copyright.pl: support many provided file names on the cmdline |
| o scripts/delta: check the file delta for current branch |
| o sectransp: mark a 3DES cipher as weak [130] |
| o setopt: do bounds-check before strdup [99] |
| o setopt: fix the TLSAUTH #ifdefs for proxy-disabled builds [53] |
| o sha256: Fix minimum OpenSSL version [102] |
| o smb: pass socket for writing and reading data instead of FIRSTSOCKET [90] |
| o ssl: reduce allocated space for ssl backend when FTP is disabled [127] |
| o test3021: disable all msys2 path transformation |
| o test374: gif data without new line at the end [20] |
| o tests/disable-scan.pl: properly detect multiple symbols per line [94] |
| o tests/unit/Makefile.am: add NSS_LIBS to build with NSS fine [85] |
| o tool_findfile: check ~/.config/curlrc too [17] |
| o tool_getparam: DNS options that need c-ares now fail without it [31] |
| o TPF: drop support [97] |
| o unit1610: init SSL library before calling SHA256 functions [152] |
| o url: exclude zonefrom_url when no ipv6 is available [103] |
| o url: given a user in the URL, find pwd for that user in netrc [11] |
| o url: keep trailing dot in host name [62] |
| o url: make Curl_disconnect return void [48] |
| o urlapi: handle "redirects" smarter [119] |
| o urldata: CONN_IS_PROXIED replaces bits.proxy when proxy can be disabled [52] |
| o urldata: remove conn->bits.user_passwd [105] |
| o version_win32: fix warning for `CURL_WINDOWS_APP` [93] |
| o vtls: fix socket check conditions [150] |
| o vtls: pass on the right SNI name [61] |
| o vxworks: drop support [65] |
| o winbuild: add parameter WITH_SSH [120] |
| o wolfssl: return CURLE_AGAIN for the SSL_ERROR_NONE case [106] |
| o wolfssl: when SSL_read() returns zero, check the error [107] |
| o write-out.d: Fix num_headers formatting |
| o x509asn1: toggle off functions not needed for diff tls backends [91] |
| |
| This release includes the following known bugs: |
| |
| o see docs/KNOWN_BUGS (https://curl.se/docs/knownbugs.html) |
| |
| This release would not have looked like this without help, code, reports and |
| advice from friends like these: |
| |
| 1337vt on github, Alejandro R. Sedeño, Alessandro Ghedini, Antoine Pietri, |
| Bernhard Walle, Bjarni Ingi Gislason, Cameron Will, Charles Cazabon, |
| coralw on github, Dan Fandrich, Daniel Stenberg, Davide Cassioli, |
| Eric Musser, Fabian Keil, Fabian Yamaguchi, Farzin on github, Filip Lundgren, |
| gaoxingwang on github, Harry Sarson, Henrik Holst, Ikko Ashimine, |
| illusory-dream on github, Jan Ehrhardt, Jan-Piet Mens, Jan Venekamp, |
| Jean-Philippe Menil, jhoyla on github, Jim Beveridge, Joel Depooter, |
| John H. Ayad, jonny112 on github, Kantanat Wannapaka, Kevin Adler, |
| Kushal Das, Leah Neukirchen, Lucas Pardue, luminixinc on github, |
| Manfred Schwarb, Marcel Raad, Melroy van den Berg, Michael Kaufmann, |
| Michael Wallner, Michał Antoniak, Neal McBurnett, neutric on github, |
| Niels Martignène, Patrick Monnerat, pheiduck on github, Ray Satiro, |
| Rob Boeckermann, Ryan Schmidt, Samuel Henrique, Sandro Jaeckel, |
| Satadru Pramanik, Sebastian Sterk, siddharthchhabrap on github, Stav Nir, |
| Stefan Eissing, Stephen Boost, Stephen M. Coakley, Stewart Gebbie, |
| Tatsuhiro Tsujikawa, updatede on github, Viktor Szakats, vl409 on github, |
| Xiaoke Wang, 梦终无痕 |
| (67 contributors) |
| |
| References to bug reports and discussions on issues: |
| |
| [1] = https://curl.se/bug/?i=8266 |
| [2] = https://curl.se/bug/?i=8228 |
| [3] = https://curl.se/bug/?i=8228 |
| [4] = https://curl.se/bug/?i=8228 |
| [5] = https://curl.se/bug/?i=8229 |
| [6] = https://curl.se/bug/?i=8252 |
| [7] = https://curl.se/bug/?i=8262 |
| [8] = https://curl.se/bug/?i=8251 |
| [9] = https://curl.se/bug/?i=8229 |
| [10] = https://curl.se/bug/?i=8249 |
| [11] = https://curl.se/bug/?i=8241 |
| [12] = https://curl.se/bug/?i=8238 |
| [13] = https://curl.se/bug/?i=8244 |
| [14] = https://curl.se/bug/?i=8245 |
| [15] = https://curl.se/bug/?i=8240 |
| [16] = https://curl.se/bug/?i=8152 |
| [17] = https://curl.se/bug/?i=8208 |
| [18] = https://curl.se/bug/?i=8233 |
| [19] = https://curl.se/bug/?i=8234 |
| [20] = https://curl.se/bug/?i=8239 |
| [21] = https://curl.se/bug/?i=8239 |
| [22] = https://curl.se/bug/?i=7964 |
| [23] = https://curl.se/bug/?i=8188 |
| [24] = https://curl.se/bug/?i=8170 |
| [25] = https://curl.se/bug/?i=8254 |
| [26] = https://curl.se/bug/?i=8255 |
| [27] = https://curl.se/bug/?i=8286 |
| [28] = https://curl.se/bug/?i=8282 |
| [29] = https://curl.se/bug/?i=8287 |
| [30] = https://curl.se/bug/?i=8288 |
| [31] = https://curl.se/bug/?i=8285 |
| [32] = https://curl.se/bug/?i=8278 |
| [33] = https://curl.se/bug/?i=8173 |
| [34] = https://curl.se/bug/?i=8281 |
| [35] = https://curl.se/bug/?i=8279 |
| [36] = https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=43515 |
| [37] = https://hackerone.com/reports/1444539 |
| [38] = https://curl.se/bug/?i=8321 |
| [39] = https://curl.se/bug/?i=8322 |
| [40] = https://curl.se/bug/?i=8268 |
| [41] = https://curl.se/bug/?i=8317 |
| [42] = https://curl.se/bug/?i=8315 |
| [43] = https://curl.se/bug/?i=8292 |
| [44] = https://curl.se/bug/?i=8316 |
| [45] = https://curl.se/bug/?i=8309 |
| [46] = https://curl.se/bug/?i=8363 |
| [47] = https://curl.se/bug/?i=8307 |
| [48] = https://curl.se/bug/?i=8303 |
| [49] = https://curl.se/bug/?i=8235 |
| [50] = https://curl.se/bug/?i=8299 |
| [51] = https://curl.se/bug/?i=8291 |
| [52] = https://curl.se/bug/?i=8350 |
| [53] = https://curl.se/bug/?i=8350 |
| [54] = https://curl.se/bug/?i=8276 |
| [55] = https://curl.se/bug/?i=8341 |
| [56] = https://curl.se/bug/?i=8343 |
| [57] = https://curl.se/bug/?i=8344 |
| [58] = https://curl.se/bug/?i=8340 |
| [59] = https://curl.se/bug/?i=8338 |
| [60] = https://curl.se/bug/?i=8334 |
| [61] = https://curl.se/bug/?i=8320 |
| [62] = https://curl.se/bug/?i=8290 |
| [63] = https://curl.se/bug/?i=8372 |
| [64] = https://curl.se/bug/?i=8458 |
| [65] = https://curl.se/bug/?i=8362 |
| [66] = https://curl.se/bug/?i=8460 |
| [67] = https://curl.se/bug/?i=8314 |
| [68] = https://curl.se/bug/?i=8365 |
| [69] = https://curl.se/bug/?i=8368 |
| [70] = https://curl.se/bug/?i=8367 |
| [71] = https://curl.se/bug/?i=8364 |
| [72] = https://curl.se/bug/?i=8358 |
| [73] = https://curl.se/bug/?i=8359 |
| [74] = https://curl.se/bug/?i=8357 |
| [75] = https://curl.se/bug/?i=8357 |
| [76] = https://hackerone.com/reports/1463013 |
| [77] = https://curl.se/bug/?i=8354 |
| [78] = https://curl.se/bug/?i=8408 |
| [79] = https://curl.se/mail/lib-2022-02/0070.html |
| [80] = https://curl.se/bug/?i=8430 |
| [81] = https://curl.se/bug/?i=8487 |
| [82] = https://curl.se/bug/?i=8397 |
| [83] = https://curl.se/bug/?i=8437 |
| [84] = https://curl.se/bug/?i=8396 |
| [85] = https://curl.se/bug/?i=8396 |
| [86] = https://curl.se/bug/?i=8394 |
| [87] = https://curl.se/bug/?i=8391 |
| [88] = https://curl.se/bug/?i=8381 |
| [89] = https://curl.se/bug/?i=8441 |
| [90] = https://curl.se/bug/?i=8383 |
| [91] = https://curl.se/bug/?i=8386 |
| [92] = https://curl.se/bug/?i=8428 |
| [93] = https://curl.se/bug/?i=8385 |
| [94] = https://curl.se/bug/?i=8384 |
| [95] = https://curl.se/bug/?i=8382 |
| [96] = https://curl.se/bug/?i=8378 |
| [97] = https://curl.se/bug/?i=8378 |
| [98] = https://curl.se/bug/?i=8379 |
| [99] = https://curl.se/bug/?i=8377 |
| [100] = https://curl.se/bug/?i=8376 |
| [101] = https://curl.se/bug/?i=8375 |
| [102] = https://curl.se/bug/?i=8464 |
| [103] = https://curl.se/bug/?i=8439 |
| [104] = https://curl.se/bug/?i=8439 |
| [105] = https://curl.se/bug/?i=8449 |
| [106] = https://curl.se/bug/?i=8431 |
| [107] = https://curl.se/bug/?i=8431 |
| [108] = https://curl.se/bug/?i=8436 |
| [109] = https://curl.se/bug/?i=8429 |
| [110] = https://curl.se/bug/?i=8425 |
| [111] = https://curl.se/bug/?i=8454 |
| [112] = https://curl.se/bug/?i=8454 |
| [113] = https://curl.se/bug/?i=8454 |
| [114] = https://curl.se/bug/?i=8395 |
| [115] = https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=43646 |
| [116] = https://curl.se/bug/?i=8404 |
| [117] = https://curl.se/bug/?i=8453 |
| [118] = https://curl.se/bug/?i=8448 |
| [119] = https://curl.se/bug/?i=8450 |
| [120] = https://curl.se/bug/?i=8514 |
| [121] = https://curl.se/bug/?i=8444 |
| [122] = https://curl.se/bug/?i=8444 |
| [123] = https://curl.se/bug/?i=8442 |
| [124] = https://curl.se/bug/?i=8438 |
| [125] = https://curl.se/bug/?i=8472 |
| [126] = https://curl.se/bug/?i=8480 |
| [127] = https://curl.se/bug/?i=8471 |
| [128] = https://curl.se/bug/?i=8481 |
| [129] = https://curl.se/bug/?i=8482 |
| [130] = https://curl.se/bug/?i=8479 |
| [131] = https://curl.se/bug/?i=8476 |
| [132] = https://curl.se/bug/?i=8475 |
| [133] = https://curl.se/bug/?i=8474 |
| [134] = https://curl.se/bug/?i=8470 |
| [135] = https://curl.se/bug/?i=8469 |
| [136] = https://curl.se/bug/?i=8289 |
| [137] = https://curl.se/bug/?i=8455 |
| [138] = https://curl.se/bug/?i=8455 |
| [139] = https://curl.se/bug/?i=8455 |
| [140] = https://curl.se/bug/?i=8512 |
| [141] = https://curl.se/bug/?i=8459 |
| [142] = https://curl.se/bug/?i=8513 |
| [143] = https://curl.se/bug/?i=7351 |
| [144] = https://curl.se/bug/?i=8505 |
| [145] = https://curl.se/bug/?i=8502 |
| [146] = https://curl.se/bug/?i=8421 |
| [147] = https://curl.se/bug/?i=8500 |
| [148] = https://curl.se/bug/?i=8529 |
| [149] = https://curl.se/bug/?i=8494 |
| [150] = https://curl.se/bug/?i=8493 |
| [151] = https://curl.se/bug/?i=8492 |
| [152] = https://curl.se/bug/?i=8538 |
| [153] = https://curl.se/bug/?i=8519 |
| [154] = https://curl.se/bug/?i=8511 |
| [156] = https://curl.se/mail/lib-2022-02/0131.html |