| Curl and libcurl 7.43.0 |
| |
| Public curl releases: 147 |
| Command line options: 176 |
| curl_easy_setopt() options: 219 |
| Public functions in libcurl: 58 |
| Contributors: 1291 |
| |
| This release includes the following changes: |
| |
| o Added CURLOPT_PROXY_SERVICE_NAME[11] |
| o Added CURLOPT_SERVICE_NAME[12] |
| o New curl option: --proxy-service-name[13] |
| o Mew curl option: --service-name [14] |
| o New curl option: --data-raw [5] |
| o Added CURLOPT_PIPEWAIT [15] |
| o Added support for multiplexing transfers using HTTP/2, enable this |
| with the new CURLPIPE_MULTIPLEX bit for CURLMOPT_PIPELINING [16] |
| o HTTP/2: requires nghttp2 1.0.0 or later |
| o scripts: add zsh.pl for generating zsh completion |
| o curl.h: add CURL_HTTP_VERSION_2 |
| |
| This release includes the following bugfixes: |
| |
| o CVE-2015-3236: lingering HTTP credentials in connection re-use [30] |
| o CVE-2015-3237: SMB send off unrelated memory contents [31] |
| o nss: fix compilation failure with old versions of NSS [1] |
| o curl_easy_getinfo.3: document 'internals' in CURLINFO_TLS_SESSION |
| o schannel.c: Fix possible SEC_E_BUFFER_TOO_SMALL error |
| o Curl_ossl_init: load builtin modules [2] |
| o configure: follow-up fix for krb5-config [3] |
| o sasl_sspi: Populate domain from the realm in the challenge [4] |
| o netrc: support 'default' token |
| o README: convert to UTF-8 |
| o cyassl: Implement public key pinning |
| o nss: implement public key pinning for NSS backend |
| o mingw build: add arch -m32/-m64 to LDFLAGS |
| o schannel: Fix out of bounds array [6] |
| o configure: remove autogenerated files by autoconf |
| o configure: remove --automake from libtoolize call |
| o acinclude.m4: fix shell test for default CA cert bundle/path |
| o schannel: fix regression in schannel_recv [7] |
| o openssl: skip trace outputs for ssl_ver == 0 [8] |
| o gnutls: properly retrieve certificate status |
| o netrc: Read in text mode when cygwin [9] |
| o winbuild: Document the option used to statically link the CRT [10] |
| o FTP: Make EPSV use the control IP address rather than the original host |
| o FTP: fix dangling conn->ip_addr dereference on verbose EPSV |
| o conncache: keep bundles on host+port bases, not only host names |
| o runtests.pl: use 'h2c' now, no -14 anymore |
| o curlver: introducing new version number (checking) macros |
| o openssl: boringssl build brekage, use SSL_CTX_set_msg_callback [17] |
| o CURLOPT_POSTFIELDS.3: correct variable names [18] |
| o curl_easy_unescape.3: update RFC reference [19] |
| o gnutls: don't fail on non-fatal alerts during handshake |
| o testcurl.pl: allow source to be in an arbitrary directory |
| o CURLOPT_HTTPPROXYTUNNEL.3: only works with a HTTP proxy |
| o SSPI-error: Change SEC_E_ILLEGAL_MESSAGE description [20] |
| o parse_proxy: switch off tunneling if non-HTTP proxy [21] |
| o share_init: fix OOM crash |
| o perl: remove subdir, not touched in 9 years |
| o CURLOPT_COOKIELIST.3: Add example |
| o CURLOPT_COOKIE.3: Explain that the cookies won't be modified [22] |
| o CURLOPT_COOKIELIST.3: Explain Set-Cookie without a domain [23] |
| o FAQ: How do I port libcurl to my OS? |
| o openssl: Use TLS_client_method for OpenSSL 1.1.0+ |
| o HTTP-NTLM: fail auth on connection close instead of looping [24] |
| o curl_setup: Add macros for FOPEN_READTEXT, FOPEN_WRITETEXT [25] |
| o curl_getdate.3: update RFC reference |
| o curl_multi_info_read.3: added example |
| o curl_multi_perform.3: added example |
| o curl_multi_timeout.3: added example |
| o cookie: Stop exporting any-domain cookies [26] |
| o openssl: remove dummy callback use from SSL_CTX_set_verify() |
| o openssl: remove SSL_get_session()-using code |
| o openssl: removed USERDATA_IN_PWD_CALLBACK kludge |
| o openssl: removed error string #ifdef |
| o openssl: Fix verification of server-sent legacy intermediates [27] |
| o docs: man page indentation and syntax fixes |
| o docs: Spelling fixes |
| o fopen.c: fix a few compiler warnings |
| o CURLOPT_OPENSOCKETFUNCTION: return error at once [28] |
| o schannel: Add support for optional client certificates |
| o build: Properly detect OpenSSL 1.0.2 when using configure |
| o urldata: store POST size in state.infilesize too [29] |
| o security:choose_mech remove dead code |
| o rtsp_do: remove dead code |
| o docs: many HTTP URIs changed to HTTPS |
| o schannel: schannel_recv overhaul [32] |
| |
| This release includes the following known bugs: |
| |
| o see docs/KNOWN_BUGS (http://curl.haxx.se/docs/knownbugs.html) |
| |
| This release would not have looked like this without help, code, reports and |
| advice from friends like these: |
| |
| Alessandro Ghedini, Alexander Dyagilev, Anders Bakken, Anthony Avina, |
| Ashish Shukla, Bert Huijben, Brian Chrisman, Brian Prodoehl, Chris Araman, |
| Dagobert Michelsen, Dan Fandrich, Daniel Melani, Daniel Stenberg, |
| Dmitry Eremin-Solenikov, Drake Arconis, Egon Eckert, Frank Meier, Fred Stluka, |
| Gisle Vanem, Grant Pannell, Isaac Boukris, Jens Rantil, Joel Depooter, |
| Kamil Dudka, Linus Nielsen Feltzing, Linus Nielsen Feltzing Feltzing, |
| Liviu Chircu, Marc Hoersken, Michael Osipov, Oren Souroujon, Orgad Shaneh, |
| Patrick Monnerat, Patrick Rapin, Paul Howarth, Paul Oliver, Rafayel Mkrtchyan, |
| Ray Satiro, Sean Boudreau, Tatsuhiro Tsujikawa, Tomas Tomecek, Viktor Szakáts, |
| Ville Skyttä, Yehezkel Horowitz, |
| (43 contributors) |
| |
| Thanks! (and sorry if I forgot to mention someone) |
| |
| References to bug reports and discussions on issues: |
| |
| [1] = http://curl.haxx.se/mail/lib-2015-04/0095.html |
| [2] = https://github.com/bagder/curl/pull/206 |
| [3] = https://github.com/bagder/curl/commit/5b668606527613179d0349f21b4ab0df2971e3d2#commitcomment-10473445 |
| [4] = https://github.com/bagder/curl/pull/141 |
| [5] = https://github.com/bagder/curl/issues/198 |
| [6] = http://curl.haxx.se/mail/lib-2015-04/0199.html |
| [7] = https://github.com/bagder/curl/issues/244 |
| [8] = https://github.com/bagder/curl/issues/219 |
| [9] = https://github.com/bagder/curl/pull/258 |
| [10] = https://github.com/bagder/curl/issues/254 |
| [11] = http://curl.haxx.se/libcurl/c/CURLOPT_PROXY_SERVICE_NAME.html |
| [12] = http://curl.haxx.se/libcurl/c/CURLOPT_SERVICE_NAME.html |
| [13] = http://curl.haxx.se/docs/manpage.html#--proxy-service-name |
| [14] = http://curl.haxx.se/docs/manpage.html#--service-name |
| [15] = http://curl.haxx.se/libcurl/c/CURLOPT_PIPEWAIT.html |
| [16] = http://curl.haxx.se/libcurl/c/CURLMOPT_PIPELINING.html |
| [17] = https://github.com/bagder/curl/issues/275 |
| [18] = https://github.com/bagder/curl/issues/281 |
| [19] = https://github.com/bagder/curl/issues/282 |
| [20] = https://github.com/bagder/curl/issues/267 |
| [21] = http://curl.haxx.se/mail/lib-2015-05/0056.html |
| [22] = http://curl.haxx.se/mail/lib-2015-05/0115.html |
| [23] = http://curl.haxx.se/mail/lib-2015-05/0137.html |
| [24] = https://github.com/bagder/curl/issues/256 |
| [25] = https://github.com/bagder/curl/pull/258#issuecomment-107093055 |
| [26] = https://github.com/bagder/curl/issues/292 |
| [27] = https://rt.openssl.org/Ticket/Display.html?id=3621&user=guest&pass=guest |
| [28] = http://curl.haxx.se/mail/lib-2015-06/0047.html |
| [29] = http://curl.haxx.se/mail/lib-2015-06/0019.html |
| [30] = http://curl.haxx.se/docs/adv_20150617A.html |
| [31] = http://curl.haxx.se/docs/adv_20150617B.html |
| [32] = https://github.com/bagder/curl/issues/244 |