| curl and libcurl 7.82.0 |
| |
| Public curl releases: 206 |
| Command line options: 245 |
| curl_easy_setopt() options: 295 |
| Public functions in libcurl: 86 |
| Contributors: 2582 |
| |
| This release includes the following changes: |
| |
| o curl: add --json [67] |
| o mesalink: remove support [23] |
| |
| This release includes the following bugfixes: |
| |
| o appveyor: update images from VS 2019 to 2022 |
| o appveyor: use VS 2017 image for the autotools builds |
| o base64: remove an unnecessary call to strlen [66] |
| o build: enable -Warith-conversion |
| o build: fix -Wenum-conversion handling |
| o build: fix ngtcp2 crypto library detection [63] |
| o checksrc: fix typo in comment [34] |
| o CI: move 'distcheck' job from zuul to azure pipelines [60] |
| o CI: move scan-build job from Zuul to Azure Pipelines [59] |
| o CI: move the NSS job from zuul to GHA [84] |
| o ci: move the OpenSSL + c-ares job from Zuul to Circle CI [75] |
| o CI: move the rustls CI job to GHA from Zuul [8] |
| o CI: move two jobs from Zuul to Circle CI [73] |
| o CI: test building wolfssl with --enable-opensslextra [42] |
| o CI: workflows/wolfssl: install impacket [47] |
| o cirlceci: also run a c-ares job on arm with debug enabled [74] |
| o cmake: fix iOS CMake project generation error [13] |
| o cmdline-opts/gen.pl: fix option matching to improve references [50] |
| o config.d: Clarify _curlrc filename is still valid on Windows [95] |
| o configure: remove support for "embedded ares" [82] |
| o configure: set CURL_LIBRARY_PATH for nghttp2 [58] |
| o configure: support specification of a nghttp2 library path [101] |
| o configure: use correct CFLAGS for threaded resolver with xlC on AIX [54] |
| o curl tool: erase some more sensitive command line arguments [22] |
| o curl-functions.m4: fix LIBRARY_PATH adjustment to avoid eval [5] |
| o curl-functions.m4: revert DYLD_LIBRARY_PATH tricks in CURL_RUN_IFELSE [9] |
| o curl-openssl: fix SRP check for OpenSSL 3.0 [86] |
| o curl-openssl: remove the OpenSSL headers and library versions check [35] |
| o curl: remove "separators" (when using globbed URLs) [32] |
| o curl_getdate.3: remove pointless .PP line [68] |
| o curl_multi_socket.3: remove callback and typical usage descriptions [7] |
| o curl_url_set.3: mention when CURLU_ALLOW_SPACE was added |
| o CURLMOPT_TIMERFUNCTION/DATA.3: fix the examples [27] |
| o CURLOPT_RESOLVE.3: change example port to 443 |
| o CURLSHOPT_LOCKFUNC.3: fix typo "relased" -> "released" [71] |
| o docs/cmdline-opts: add "mutexed" options for more http versions [25] |
| o docs: capitalize the name 'Netscape' [77] |
| o docs: document HTTP/2 not insisting on TLS 1.2 [49] |
| o docs: fix mandoc -T lint formatting complaints [2] |
| o docs: update IETF links to use datatracker [41] |
| o examples/multi-app.c: call curl_multi_remove_handle as well [19] |
| o formdata: avoid size_t => long typecast overflows [37] |
| o gen.pl: terminate "example" sections better [4] |
| o h2/h3: allow CURLOPT_HTTPHEADER change ":scheme" [88] |
| o hostcheck: fixed to not touch used input strings [38] |
| o http: make Curl_compareheader() take string length arguments too [87] |
| o ldap: return CURLE_URL_MALFORMAT for bad URL [24] |
| o lib: remove support for CURL_DOES_CONVERSIONS [96] |
| o maketgz: return error if 'make dist' fails [79] |
| o mbedtls: enable use of mbedtls without CRL support [57] |
| o mbedtls: enable use of mbedtls without filesystem functions support [100] |
| o mbedtls: fix CURLOPT_SSLCERT_BLOB (again) |
| o mbedtls: fix ssl_init error with mbedTLS 3.1.0+ [12] |
| o mbedtls: remove #include <mbedtls/certs.h> [56] |
| o mbedtls: return CURLcode result instead of a mbedtls error code [1] |
| o md5: check md5_init_func return value |
| o misc: allow curl to build with wolfssl --enable-opensslextra [43] |
| o misc: remove BeOS code and references [30] |
| o misc: remove the final watcom references [29] |
| o mqtt: free any send leftover data when done [36] |
| o multi: grammar fix in comment [69] |
| o multi: remember connection_id before returning connection to pool [76] |
| o multi: set in_callback for multi interface callbacks [28] |
| o netware: remove support [72] |
| o next.d. remove .fi/.nf as they are handled by gen.pl [3] |
| o ngtcp2: adapt to changed end of headers callback proto [39] |
| o ngtcp2: fix declaration of ‘result’ shadows a previous local [14] |
| o nss: handshake callback during shutdown has no conn->bundle [55] |
| o openldap: fix compiler warning when built without SSL support [70] |
| o openldap: implement SASL authentication [16] |
| o openssl.h: avoid including OpenSSL headers here [15] |
| o openssl: check SSL_get_ex_data to prevent potential NULL dereference [40] |
| o openssl: check the return value of BIO_new_mem_buf() [18] |
| o openssl: fix `ctx_option_t` for OpenSSL v3+ |
| o openssl: return error if TLS 1.3 is requested when not supported [45] |
| o projects: fix Visual Studio wolfSSL configurations |
| o quiche: change qlog file extension to `.sqlog` [44] |
| o quiche: verify the server cert on connect [33] |
| o remote-header-name.d: clarify [10] |
| o runtests.pl: disable debuginfod [51] |
| o runtests.pl: properly print the test if it contains binary zeros |
| o runtests.pl: support the nonewline attribute for the data part [21] |
| o runtests.pl: tolerate test directories without Makefile.inc [98] |
| o runtests: allow client/file to specify multiple directories |
| o runtests: make 'rustls' a testable feature |
| o runtests: make 'wolfssl' a testable feature [6] |
| o rustls: add CURLOPT_CAINFO_BLOB support [26] |
| o scripts/cijobs.pl: output data about all currect CI jobs [78] |
| o scripts/completion.pl: improve zsh completion [46] |
| o scripts/copyright.pl: support many provided file names on the cmdline |
| o scripts/delta: check the file delta for current branch |
| o setopt: do bounds-check before strdup [99] |
| o setopt: fix the TLSAUTH #ifdefs for proxy-disabled builds [53] |
| o smb: passing a socket for writing and reading data instead of FIRSTSOCKET [90] |
| o test3021: disable all msys2 path transformation |
| o test374: gif data without new line at the end [20] |
| o tests/disable-scan.pl: properly detect multiple symbols per line [94] |
| o tests/unit/Makefile.am: add NSS_LIBS to build with NSS fine [85] |
| o tool_findfile: check ~/.config/curlrc too [17] |
| o tool_getparam: DNS options that need c-ares now fail without it [31] |
| o TPF: drop support [97] |
| o url: given a user in the URL, find pwd for that user in netrc [11] |
| o url: keep trailing dot in host name [62] |
| o url: make Curl_disconnect return void [48] |
| o urlapi: remove an unnecessary call to strlen [64] |
| o urldata: CONN_IS_PROXIED replaces bits.close when proxy can be disabled [52] |
| o version_win32: fix warning for `CURL_WINDOWS_APP` [93] |
| o vtls: pass on the right SNI name [61] |
| o vxworks: drop support [65] |
| o write-out.d: Fix num_headers formatting |
| o x509asn1: toggle off functions not needed for diff tls backends [91] |
| |
| This release includes the following known bugs: |
| |
| o see docs/KNOWN_BUGS (https://curl.se/docs/knownbugs.html) |
| |
| This release would not have looked like this without help, code, reports and |
| advice from friends like these: |
| |
| Alessandro Ghedini, Antoine Pietri, Bernhard Walle, Bjarni Ingi Gislason, |
| Cameron Will, Charles Cazabon, Daniel Stenberg, Davide Cassioli, Eric Musser, |
| Fabian Keil, Fabian Yamaguchi, Filip Lundgren, Harry Sarson, Henrik Holst, |
| Ikko Ashimine, Jan Ehrhardt, Jan-Piet Mens, jhoyla on github, |
| jonny112 on github, Kushal Das, Leah Neukirchen, Lucas Pardue, |
| luminixinc on github, Manfred Schwarb, Marcel Raad, Melroy van den Berg, |
| Michał Antoniak, neutric on github, Niels Martignène, Patrick Monnerat, |
| pheiduck on github, Ray Satiro, Ryan Schmidt, Samuel Henrique, |
| Sandro Jaeckel, Satadru Pramanik, Sebastian Sterk, |
| siddharthchhabrap on github, Stefan Eissing, Stephen Boost, |
| Stephen M. Coakley, updatede on github, Viktor Szakats, Xiaoke Wang, |
| (44 contributors) |
| |
| References to bug reports and discussions on issues: |
| |
| [1] = https://curl.se/bug/?i=8266 |
| [2] = https://curl.se/bug/?i=8228 |
| [3] = https://curl.se/bug/?i=8228 |
| [4] = https://curl.se/bug/?i=8228 |
| [5] = https://curl.se/bug/?i=8229 |
| [6] = https://curl.se/bug/?i=8252 |
| [7] = https://curl.se/bug/?i=8262 |
| [8] = https://curl.se/bug/?i=8251 |
| [9] = https://curl.se/bug/?i=8229 |
| [10] = https://curl.se/bug/?i=8249 |
| [11] = https://curl.se/bug/?i=8241 |
| [12] = https://curl.se/bug/?i=8238 |
| [13] = https://curl.se/bug/?i=8244 |
| [14] = https://curl.se/bug/?i=8245 |
| [15] = https://curl.se/bug/?i=8240 |
| [16] = https://curl.se/bug/?i=8152 |
| [17] = https://curl.se/bug/?i=8208 |
| [18] = https://curl.se/bug/?i=8233 |
| [19] = https://curl.se/bug/?i=8234 |
| [20] = https://curl.se/bug/?i=8239 |
| [21] = https://curl.se/bug/?i=8239 |
| [22] = https://curl.se/bug/?i=7964 |
| [23] = https://curl.se/bug/?i=8188 |
| [24] = https://curl.se/bug/?i=8170 |
| [25] = https://curl.se/bug/?i=8254 |
| [26] = https://curl.se/bug/?i=8255 |
| [27] = https://curl.se/bug/?i=8286 |
| [28] = https://curl.se/bug/?i=8282 |
| [29] = https://curl.se/bug/?i=8287 |
| [30] = https://curl.se/bug/?i=8288 |
| [31] = https://curl.se/bug/?i=8285 |
| [32] = https://curl.se/bug/?i=8278 |
| [33] = https://curl.se/bug/?i=8173 |
| [34] = https://curl.se/bug/?i=8281 |
| [35] = https://curl.se/bug/?i=8279 |
| [36] = https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=43515 |
| [37] = https://hackerone.com/reports/1444539 |
| [38] = https://curl.se/bug/?i=8321 |
| [39] = https://curl.se/bug/?i=8322 |
| [40] = https://curl.se/bug/?i=8268 |
| [41] = https://curl.se/bug/?i=8317 |
| [42] = https://curl.se/bug/?i=8315 |
| [43] = https://curl.se/bug/?i=8292 |
| [44] = https://curl.se/bug/?i=8316 |
| [45] = https://curl.se/bug/?i=8309 |
| [46] = https://curl.se/bug/?i=8363 |
| [47] = https://curl.se/bug/?i=8307 |
| [48] = https://curl.se/bug/?i=8303 |
| [49] = https://curl.se/bug/?i=8235 |
| [50] = https://curl.se/bug/?i=8299 |
| [51] = https://curl.se/bug/?i=8291 |
| [52] = https://curl.se/bug/?i=8350 |
| [53] = https://curl.se/bug/?i=8350 |
| [54] = https://curl.se/bug/?i=8276 |
| [55] = https://curl.se/bug/?i=8341 |
| [56] = https://curl.se/bug/?i=8343 |
| [57] = https://curl.se/bug/?i=8344 |
| [58] = https://curl.se/bug/?i=8340 |
| [59] = https://curl.se/bug/?i=8338 |
| [60] = https://curl.se/bug/?i=8334 |
| [61] = https://curl.se/bug/?i=8320 |
| [62] = https://curl.se/bug/?i=8290 |
| [63] = https://curl.se/bug/?i=8372 |
| [64] = https://curl.se/bug/?i=8370 |
| [65] = https://curl.se/bug/?i=8362 |
| [66] = https://curl.se/bug/?i=8369 |
| [67] = https://curl.se/bug/?i=8314 |
| [68] = https://curl.se/bug/?i=8365 |
| [69] = https://curl.se/bug/?i=8368 |
| [70] = https://curl.se/bug/?i=8367 |
| [71] = https://curl.se/bug/?i=8364 |
| [72] = https://curl.se/bug/?i=8358 |
| [73] = https://curl.se/bug/?i=8359 |
| [74] = https://curl.se/bug/?i=8357 |
| [75] = https://curl.se/bug/?i=8357 |
| [76] = https://hackerone.com/reports/1463013 |
| [77] = https://curl.se/bug/?i=8354 |
| [78] = https://curl.se/bug/?i=8408 |
| [79] = https://curl.se/mail/lib-2022-02/0070.html |
| [82] = https://curl.se/bug/?i=8397 |
| [84] = https://curl.se/bug/?i=8396 |
| [85] = https://curl.se/bug/?i=8396 |
| [86] = https://curl.se/bug/?i=8394 |
| [87] = https://curl.se/bug/?i=8391 |
| [88] = https://curl.se/bug/?i=8381 |
| [90] = https://curl.se/bug/?i=8383 |
| [91] = https://curl.se/bug/?i=8386 |
| [93] = https://curl.se/bug/?i=8385 |
| [94] = https://curl.se/bug/?i=8384 |
| [95] = https://curl.se/bug/?i=8382 |
| [96] = https://curl.se/bug/?i=8378 |
| [97] = https://curl.se/bug/?i=8378 |
| [98] = https://curl.se/bug/?i=8379 |
| [99] = https://curl.se/bug/?i=8377 |
| [100] = https://curl.se/bug/?i=8376 |
| [101] = https://curl.se/bug/?i=8375 |