RELEASE-NOTES: synced

curl 8.0.1

RELEASE-NOTES

@@ -1,147 +1,14 @@
-curl and libcurl 8.0.0
+curl and libcurl 8.0.1
 
- Public curl releases:         215
+ Public curl releases:         216
  Command line options:         250
  curl_easy_setopt() options:   302
  Public functions in libcurl:  91
  Contributors:                 2841
 
-This release includes the following changes:
-
- o build: remove support for curl_off_t < 8 bytes [19]
-
 This release includes the following bugfixes:
 
- o .cirrus.yml: Bump to FreeBSD 13.2 [9]
- o aws_sigv4: fall back to UNSIGNED-PAYLOAD for sign_as_s3 [112]
- o BINDINGS: add Fortran binding [33]
- o build: drop the use of XC_AMEND_DISTCLEAN [62]
- o build: fix stdint/inttypes detection with non-autotools [120]
- o cf-socket: fix handling of remote addr for accepted tcp sockets [17]
- o cf-socket: if socket is already connected, return CURLE_OK [69]
- o cf-socket: use port 80 when resolving name for local bind [109]
- o CI: don't run CI jobs if only another CI was changed [92]
- o CI: update ngtcp2 and nghttp2 for pytest [13]
- o cmake: delete unused HAVE__STRTOI64 [117]
- o cmake: fix enabling LDAPS on Windows [55]
- o cmake: skip CA-path/bundle auto-detection in cross-builds [57]
- o connect: fix time_connect and time_appconnect timer statistics [90]
- o cookie: don't load cookies again when flushing [91]
- o cookie: parse without sscanf()
- o curl.h: require gcc 12.1 for the deprecation magic [110]
- o curl: make -w's %{stderr} use the file set with --stderr [30]
- o curl_path: create the new path with dynbuf [99]
- o CURLOPT_PIPEWAIT: allow waited reuse also for subsequent connections [10]
- o CURLOPT_PROXY.3: curl+NSS does not handle HTTPS over unix domain socket [102]
- o CURLSHOPT_SHARE.3: HSTS sharing is not thread-safe [103]
- o DEPRECATE: the original legacy mingw version 1 [43]
- o doc: fix compiler warning in libcurl.m4 [82]
- o docs/cmdline-opts: mark all global options [6]
- o docs/SECURITY-PROCESS.md: updates [67]
- o docs: extend the URL API descriptions [85]
- o docs: note '--data-urlencode' option [7]
- o DYNBUF.md: note Curl_dyn_add* calls Curl_dyn_free on failure [70]
- o easy: remove infof() debug leftover from curl_easy_recv [44]
- o examples/http3.c: use CURL_HTTP_VERSION_3 [46]
- o ftp: active mode with SSL, add the filter [84]
- o ftp: add more conditions for connection reuse [74]
- o ftp: allocate the wildcard struct on demand [59]
- o ftp: make the EPSV response parser not use sscanf [25]
- o ftp: replace sscanf for MDTM 213 response parsing [23]
- o ftp: replace sscanf for PASV parsing [24]
- o gssapi: align `gss_OID_desc` to silence ld warnings on macOS ventura [58]
- o headers: make curl_easy_header and nextheader return different buffers [77]
- o hostip: avoid sscanf and extra buffer copies [42]
- o http2: fix error handling during parallel operations [96]
- o http2: fix for http2-prior-knowledge when reusing connections [14]
- o http2: fix handling of RST and GOAWAY to recognize partial transfers [88]
- o http2: fix upload busy loop [71]
- o http: don't send 100-continue for short PUT requests [93]
- o http: fix unix domain socket use in https connects [28]
- o http: rewrite the status line parser without sscanf [29]
- o http_proxy: parse the status line without sscanf [16]
- o idn: return error if the conversion ends up with a blank host [45]
- o krb5: avoid sscanf for parsing [18]
- o lib1560: test parsing URLs with ridiculously large fields [60]
- o lib2305: deal with CURLE_AGAIN [122]
- o lib517: verify time stamps without leading zeroes plus some more
- o lib: silence clang/gcc -Wvla warnings in brotli headers [98]
- o lib: skip Curl_llist_destroy calls [108]
- o libcurl-errors.3: add the CURLHcode errors from curl_easy_header.3 [39]
- o libssh2: only set the memory callbacks when debugging [65]
- o libssh2: remove unused variable from libssh2's struct [124]
- o libssh: use dynbuf instead of realloc [121]
- o Makefile.mk: delete redundant `HAVE_LDAP_SSL` macro [56]
- o Makefile.mk: fix -g option in debug mode [81]
- o mqtt: on send error, return error [40]
- o multi: make multi_perform ignore/unignore signals less often [116]
- o multi: remove PENDING + MSGSENT handles from the main linked list [105]
- o ngtcp2-gnutls.yml: bump to gnutls 3.8.0 [11]
- o ngtcp2: fix unwanted close of file descriptor 0 [26]
- o page-footer: add explanation for three missing exit codes [37]
- o parsedate: parse strings without using sscanf() [2]
- o parsedate: replace sscanf( for time stamp parsing [1]
- o quic/schannel: fix compiler warnings [36]
- o rand: use arc4random as fallback when available [48]
- o rate.d: single URLs make no sense in --rate example [38]
- o RELEASE-PROCEDURE.md: update coming release dates
- o rtsp: avoid sscanf for parsing [15]
- o runtests: use a hash table for server port numbers [51]
- o sectransp: fix compiler warning c89 mixed code/declaration [32]
- o sectransp: make read_cert() use a dynbuf when loading [72]
- o secure-transport: fix recv return code handling [114]
- o select: stop treating POLLRDBAND as an error [27]
- o setopt: move the CURLOPT_CHUNK_DATA pointer to the set struct [35]
- o socket: detect "dead" connections better, e.g. not fit for reuse [66]
- o src: silence wmain() warning for all build methods [95]
- o telnet: only accept option arguments in ascii [104]
- o telnet: parse NEW_ENVIRON without sscanf [20]
- o telnet: parse telnet options without sscanf [22]
- o telnet: parse the WS= argument without sscanf [21]
- o test1470: test socks proxy using unix sockets and connect to https [63]
- o test1960: verify CURL_SOCKOPT_ALREADY_CONNECTED [64]
- o test2600: detect when ALARM_TIMEOUT is in use and adjust [34]
- o test422: verify --next used without a prior URL [115]
- o tests/http: add pytest to GHA and improve tests [118]
- o tests: add `cookies` features [68]
- o tests: add timeout, SLOWDOWN and DELAY keywords to tests
- o tests: fix gnutls-serv check [53]
- o tests: fix MSVC unreachable code warnings in unit tests
- o tests: hack to build most unit tests under cmake [94]
- o tests: HTTP server fixups [3]
- o tests: keep cmake unit tests names in sync
- o tests: make CPPFLAGS common to all unit tests
- o tests: make first.c the same for both lib tests and unit tests [75]
- o tests: support for imaps/pop3s/smtps protocols [50]
- o tests: sync option lists in runtests.pl & its man page
- o tests: test secure mail protocols with explicit SSL requests [49]
- o tests: use AM_CPPFILES to modify flags in unit tests
- o tests: use dynamic ports numbers in pytest suite [89]
- o tool: dump headers even if file is write-only [52]
- o tool: improve --stderr handling [83]
- o tool_getparam: don't add a new node for just --no-remote-name [5]
- o tool_getparam: error if --next is used without a prior URL [119]
- o tool_operate: avoid fclose(NULL) on bad header dump file [12]
- o tool_operate: propagate error codes for missing URL after --next [4]
- o tool_progress: shut off progress meter for --silent in parallel [8]
- o tool_writeout_json. fix the output for duplicate header names [76]
- o transfer: limit Windows SO_SNDBUF updates to once a second [73]
- o url: fix cookielist memleak when curl_easy_reset [106]
- o url: fix logic in connection reuse to deny reuse on "unclean" connections [86]
- o url: fix the SSH connection reuse check [101]
- o url: only reuse connections with same GSS delegation [97]
- o url: remove dummy protocol handler [100]
- o urlapi: '%' is illegal in host names [80]
- o urlapi: avoid mutating internals in getter routine [79]
- o urlapi: parse IPv6 literals without ENABLE_IPV6 [61]
- o urlapi: take const args in _dup and _get functions [78]
- o wildcard: remove files and move functions into ftplistparser.c
- o winbuild: fix makefile clean [31]
- o wolfssl: add quic/ngtcp2 detection in cmake, and fix builds [113]
- o wolfSSL: ressurect the BIO `io_result` [54]
- o ws: keep the socket non-blocking [41]
- o x509asn1.c: use correct format specifier for infof() call [47]
- o x509asn1: use plain %x, not %lx, when the arg is an int [87]
+ o Revert "multi: remove PENDING + MSGSENT handles" [1]
 
 This release includes the following known bugs:
 
@@ -159,139 +26,8 @@ Planned upcoming removals include:
 This release would not have looked like this without help, code, reports and
 advice from friends like these:
 
-  Andy Alt, Balakrishnan Balasubramanian, Boris Okunskiy, Brad Spencer,
-  Casey Bodley, Cristian Morales Vega, Dan Fandrich, Daniel Stenberg,
-  Evgeny Grin (Karlson2k), finkjsc on github, Grisha Levit, Harry Sintonen,
-  Hiroki Kurosawa, Ilmari Lauhakangas, JackBoosY on github, Jan Engelhardt,
-  Jelle van der Waa, Jérémy Rabasco, Jerome St-Louis, kchow-FTNT on github,
-  Maciej Domanski, Marcel Raad, marski on github, Master Inspire, Matt Jolly,
-  opensslonzos-github on github, Patrick Monnerat, Philip Heiduck,
-  Philipp Engel, Ray Satiro, rcombs on github, rwmjones on github,
-  SandakovMM on github, SendSonS on github, Sergey Fionov, Sergey Ryabinin,
-  Sergio Mijatovic, Shankar Jadhavar, Stefan Eissing, u20221022 on github,
-  Viktor Szakats, 積丹尼 Dan Jacobson
-  (42 contributors)
+ Daniel Stenberg, Kamil Dudka
 
 References to bug reports and discussions on issues:
 
- [1] = https://curl.se/bug/?i=10547
- [2] = https://curl.se/bug/?i=10547
- [3] = https://curl.se/bug/?i=10568
- [4] = https://curl.se/bug/?i=10558
- [5] = https://curl.se/bug/?i=10564
- [6] = https://curl.se/bug/?i=10566
- [7] = https://curl.se/bug/?i=10687
- [8] = https://curl.se/bug/?i=10573
- [9] = https://curl.se/bug/?i=10270
- [10] = https://curl.se/bug/?i=10456
- [11] = https://curl.se/bug/?i=10507
- [12] = https://curl.se/bug/?i=10570
- [13] = https://curl.se/bug/?i=10508
- [14] = https://curl.se/bug/?i=10634
- [15] = https://curl.se/bug/?i=10605
- [16] = https://curl.se/bug/?i=10602
- [17] = https://curl.se/bug/?i=10622
- [18] = https://curl.se/bug/?i=10599
- [19] = https://curl.se/bug/?i=10597
- [20] = https://curl.se/bug/?i=10596
- [21] = https://curl.se/bug/?i=10596
- [22] = https://curl.se/bug/?i=10596
- [23] = https://curl.se/bug/?i=10590
- [24] = https://curl.se/bug/?i=10590
- [25] = https://curl.se/bug/?i=10590
- [26] = https://curl.se/bug/?i=10593
- [27] = https://curl.se/bug/?i=10501
- [28] = https://curl.se/bug/?i=10633
- [29] = https://curl.se/bug/?i=10585
- [30] = https://curl.se/bug/?i=10491
- [31] = https://curl.se/bug/?i=10576
- [32] = https://curl.se/bug/?i=10574
- [33] = https://curl.se/bug/?i=10589
- [34] = https://curl.se/bug/?i=10513
- [35] = https://curl.se/bug/?i=10635
- [36] = https://curl.se/bug/?i=10603
- [37] = https://curl.se/bug/?i=10630
- [38] = https://curl.se/bug/?i=10638
- [39] = https://curl.se/bug/?i=10629
- [40] = https://curl.se/bug/?i=10623
- [41] = https://curl.se/bug/?i=10615
- [42] = https://curl.se/bug/?i=10601
- [43] = https://curl.se/bug/?i=10667
- [44] = https://curl.se/bug/?i=10628
- [45] = https://curl.se/bug/?i=10617
- [46] = https://curl.se/bug/?i=10619
- [47] = https://curl.se/bug/?i=10614
- [48] = https://curl.se/bug/?i=10672
- [49] = https://curl.se/bug/?i=10077
- [50] = https://curl.se/bug/?i=10077
- [51] = https://curl.se/bug/?i=10077
- [52] = https://curl.se/bug/?i=10675
- [53] = https://curl.se/bug/?i=10688
- [54] = https://curl.se/bug/?i=10716
- [55] = https://curl.se/bug/?i=6284
- [56] = https://curl.se/bug/?i=10681
- [57] = https://curl.se/bug/?i=6178
- [58] = https://curl.se/bug/?i=10718
- [59] = https://curl.se/bug/?i=10639
- [60] = https://curl.se/bug/?i=10665
- [61] = https://curl.se/bug/?i=10660
- [62] = https://curl.se/bug/?i=9843
- [63] = https://curl.se/bug/?i=10662
- [64] = https://curl.se/bug/?i=10651
- [65] = https://curl.se/bug/?i=10721
- [66] = https://curl.se/bug/?i=10646
- [67] = https://curl.se/bug/?i=10719
- [68] = https://curl.se/bug/?i=10713
- [69] = https://curl.se/bug/?i=10626
- [70] = https://curl.se/bug/?i=10645
- [71] = https://curl.se/bug/?i=10449
- [72] = https://curl.se/bug/?i=10632
- [73] = https://curl.se/bug/?i=10611
- [74] = https://curl.se/bug/?i=10730
- [75] = https://curl.se/bug/?i=10749
- [76] = https://curl.se/bug/?i=10704
- [77] = https://curl.se/bug/?i=10704
- [78] = https://curl.se/bug/?i=10708
- [79] = https://curl.se/bug/?i=10708
- [80] = https://curl.se/bug/?i=10711
- [81] = https://curl.se/bug/?i=10747
- [82] = https://curl.se/bug/?i=10710
- [83] = https://curl.se/bug/?i=10673
- [84] = https://curl.se/bug/?i=10666
- [85] = https://curl.se/bug/?i=10701
- [86] = https://curl.se/bug/?i=10690
- [87] = https://curl.se/bug/?i=10689
- [88] = https://curl.se/bug/?i=10693
- [89] = https://curl.se/bug/?i=10692
- [90] = https://curl.se/bug/?i=10670
- [91] = https://curl.se/bug/?i=10677
- [92] = https://curl.se/bug/?i=10742
- [93] = https://curl.se/bug/?i=10740
- [94] = https://curl.se/bug/?i=10722
- [95] = https://curl.se/bug/?i=7229
- [96] = https://curl.se/bug/?i=10715
- [97] = https://curl.se/bug/?i=10731
- [98] = https://curl.se/bug/?i=10738
- [99] = https://curl.se/bug/?i=10729
- [100] = https://curl.se/bug/?i=10727
- [101] = https://curl.se/bug/?i=10735
- [102] = https://curl.se/bug/?i=10723
- [103] = https://curl.se/bug/?i=10732
- [104] = https://curl.se/bug/?i=10728
- [105] = https://curl.se/bug/?i=10762
- [106] = https://curl.se/bug/?i=10694
- [108] = https://curl.se/bug/?i=10764
- [109] = https://curl.se/bug/?i=10759
- [110] = https://curl.se/bug/?i=10726
- [112] = https://curl.se/bug/?i=9995
- [113] = https://curl.se/bug/?i=10739
- [114] = https://curl.se/bug/?i=10717
- [115] = https://curl.se/bug/?i=10782
- [116] = https://curl.se/bug/?i=10750
- [117] = https://curl.se/bug/?i=10756
- [118] = https://curl.se/bug/?i=10699
- [119] = https://curl.se/bug/?i=10782
- [120] = https://curl.se/bug/?i=10745
- [121] = https://curl.se/bug/?i=10778
- [122] = https://curl.se/bug/?i=10760
- [124] = https://curl.se/bug/?i=10777
+ [1] = https://curl.se/bug/?i=10795