123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384 |
- curl and libcurl 7.87.1
- Public curl releases: 213
- Command line options: 250
- curl_easy_setopt() options: 302
- Public functions in libcurl: 91
- Contributors: 2811
- This release includes the following changes:
- o curl.h: add CURL_HTTP_VERSION_3ONLY [82]
- o share: add sharing of HSTS cache among handles [7]
- o src: add --http3-only [81]
- o tool_operate: share HSTS between handles
- o urlapi: add CURLU_PUNYCODE [25]
- o writeout: add %{certs} and %{num_certs} [33]
- This release includes the following bugfixes:
- o cf-socket: fix build when not HAVE_GETPEERNAME [89]
- o cf-socket: keep sockaddr local in the socket filters [69]
- o cfilters:Curl_conn_get_select_socks: use the first non-connected filter [24]
- o CI: add a workflow to automatically label pull requests [102]
- o CI: add pytest GHA to CI test/tests-httpd on a HTTP/3 setup [109]
- o CI: Retry failed downloads to reduce spurious failures
- o cmake: bump requirement to 3.7 [23]
- o cmake: check for sendmsg [39]
- o cmake: delete redundant macro definition `SECURITY_WIN32` [91]
- o cmake: fix dev warning due to mismatched arg [160]
- o cmake: fix the snprintf detection [5]
- o cmake: remove deprecated symbols check [96]
- o cmake: set SOVERSION also for macOS [68]
- o cmake: use list APPEND syntax for CMAKE_REQUIRED_DEFINITIONS [94]
- o CODEOWNERS: remove the peeps mentioned as CI owners [128]
- o connect: fix access of pointer before NULL check [83]
- o connect: fix build when not ENABLE_IPV6 [88]
- o connect: fix strategy testing for attempts, timeouts and happy-eyeball [110]
- o connections: introduce http/3 happy eyeballs [127]
- o cookies: fp is always not NULL [104]
- o copyright.pl: cease doing year verifications [74]
- o copyright: update all copyright lines and remove year ranges [35]
- o curl.h: allow up to 10M buffer size [76]
- o curl.h: mark CURLSSLBACKEND_MESALINK as deprecated [52]
- o curl/websockets.h: extend the websocket frame struct
- o curl: output warning at --verbose output for debug-enabled version [80]
- o curl_free.3: fix return type of `curl_free` [113]
- o curl_global_sslset.3: clarify the openssl situation [53]
- o curl_log: for failf/infof and debug logging implementations [87]
- o curl_setup: Disable by default recv-before-send in Windows [154]
- o curl_version_info.3: fix typo [100]
- o curl_ws_send.3: clarify how to send multi-frame messages
- o CURLOPT_HEADERDATA.3: warn DLL users must set write function [45]
- o CURLOPT_READFUNCTION.3: the callback 'size' arg is always 1 [73]
- o CURLOPT_WRITEFUNCTION.3: fix memory leak in example [122]
- o dict: URL decode the entire path always [120]
- o docs/DEPRECATE.md: deprecate gskit [36]
- o docs: add link to GitHub Discussions [49]
- o docs: mention indirect effects of --insecure [19]
- o docs: POSTFIELDSIZE must be set to -1 with read function [97]
- o doh: ifdef IPv6 code [123]
- o easyoptions: fix header printing in generation script [84]
- o escape: hex decode with a lookup-table [107]
- o escape: use table lookup when adding %-codes to output [105]
- o examples: remove the curlgtk.c example [48]
- o fopen: remove unnecessary assignment [111]
- o ftpserver: lower the DATA connect timeout to speed up torture tests [27]
- o GHA/macos.yml: bump to gcc-12 [106]
- o GHA/macos: use Xcode_14.0.1 for cmake builds [132]
- o GHA: add job on Slackware 15.0 [58]
- o GHA: enable websockets in the torture job [148]
- o GHA: move the quiche job here from zuul [75]
- o GHA: use designated ngtcp2 and its dependencies versions [77]
- o haxproxy: send before TLS handhshake [34]
- o header.d: add a header file example [149]
- o hsts.d: explain hsts more [78]
- o hsts: handle adding the same host name again
- o HTTP/[23]: continue upload when state.drain is set [150]
- o http2: aggregate small SETTINGS/PRIO/WIN_UPDATE frames [155]
- o http2: fix compiler warning due to uninitialized variable
- o http2: minor buffer and error path fixes [151]
- o http2: when using printf %.*s, the length arg must be 'int' [41]
- o HTTP3: mention what needs to be in place to remove EXPERIMENTAL label [31]
- o http: add additional condition for including stdint.h [54]
- o http: decode transfer encoding first [51]
- o http: fix "part of conditional expression is always false" [125]
- o http: remove the trace message "Mark bundle... multiuse" [6]
- o http_aws_sigv4: remove typecasts from HMAC_SHA256 macro [121]
- o http_proxy: do not assign data->req.p.http use local copy [59]
- o INSTALL: document how to use multiple TLS backends [103]
- o lib670: make test.h the first include [56]
- o lib: connect/h2/h3 refactor [57]
- o lib: fix typos [99]
- o lib: fix typos in comments which repeat a word [67]
- o libssh2: try sha2 algos for hostkey methods [2]
- o libtest: add a sleep macro for Windows [115]
- o Linux CI: update some dependecies to latest tag [44]
- o Makefile.mk: fix wolfssl and mbedtls default paths [21]
- o man pages: call the custom user pointer 'clientp' consistently [135]
- o md4: fix build with GnuTLS + OpenSSL v1 [12]
- o misc: fix grammar and spelling [14]
- o misc: fix spelling [134]
- o misc: reduce struct and struct field sizes [65]
- o msh3: add support for request payload [28]
- o msh3: update to v0.5 Release [17]
- o msh3: update to v0.6 [60]
- o multi: stop sending empty HTTP/3 UDP datagrams on Windows [136]
- o multihandle: turn bool struct fields into bits [26]
- o ngtcp2: add CURLOPT_SSL_CTX_FUNCTION support for openssl+wolfssl [62]
- o ngtcp2: fix the build without 'sendmsg' [38]
- o ngtcp2: replace removed define and stop using removed function [164]
- o no-clobber.d: only use long form options in man page text [145]
- o noproxy: support for space-separated names is deprecated [66]
- o nss: implement data_pending method [43]
- o openldap: fix missing sasl symbols at build in specific configs [152]
- o openssl: adapt to boringssl's error code type [118]
- o openssl: don't ignore CA paths when using Windows CA store (redux) [101]
- o openssl: don't log raw record headers [93]
- o openssl: make the BIO_METHOD a local variable in the connection filter [79]
- o openssl: only use CA_BLOB if verifying peer [112]
- o openssl: remove attached easy handles from SSL instances [29]
- o openssl: store the CA after first send (ClientHello) [156]
- o os400: fixes to make-lib.sh and initscript.sh [71]
- o packages: remove Android, update README [108]
- o release-notes.pl: check fixes/closes lines better
- o Revert "x509asn1: avoid freeing unallocated pointers" [37]
- o runtest.pl: add expected fourth return value [40]
- o runtests: also tear down http2/http3 servers when https server is stopped [8]
- o runtests: consider warnings fatal and error on them [32]
- o runtests: fix detection of TLS backends [50]
- o runtests: make 'mbedtls' a testable feature
- o rustls: improve error messages [162]
- o scripts/delta: show percent of number of files changed since last tag
- o scripts: fix Appveyor job detection in cijobs.pl
- o scripts: set file mode +x on all perl and shell scripts [63]
- o sectransp: fix for incomplete read/writes [61]
- o SECURITY-PROCESS.md: document severity levels [20]
- o setopt: Address undefined behaviour by checking for null [161]
- o setopt: move the SHA256 opt within #ifdef libssh2 [42]
- o setopt: use >, not >=, when checking if uarg is larger than uint-max [140]
- o smb: return error on upload without size [142]
- o socketpair: allow localhost MITM sniffers [30]
- o strdup: name it Curl_strdup [16]
- o system.h: assume OS400 is always built with ILEC compiler [95]
- o test1560: use a UTF8-using locale when run [46]
- o test2304: remove stdout verification
- o tests-httpd: basic infra to run curl against an apache httpd [72]
- o tests: add 3 new HTTP/2 test cases, plus https: support for nghttpx [9]
- o tests: avoid use of sha1 in certificates [4]
- o tls: fixes for wolfssl + openssl combo builds [133]
- o tool_getparam: fix hiding of command line secrets [85]
- o tool_operate: fix `CURLOPT_SOCKS5_GSSAPI_NEC` type [1]
- o tool_operate: fix error codes during DOS filename sanitize [138]
- o tool_operate: fix error codes on bad URL & OOM [139]
- o tool_operate: fix headerfile writing [64]
- o tool_operate: repair --rate [119]
- o transfer: break the read loop when RECV is cleared [22]
- o typecheck: accept expressions for option/info parameters [3]
- o url: fix part of conditional expression is always true [147]
- o urlapi: avoid Curl_dyn_addf() for hex outputs [130]
- o urlapi: fix part of conditional expression is always true: qlen [146]
- o urlapi: skip path checks if path is just "/" [131]
- o urlapi: skip the extra dedotdot alloc if no dot in path [126]
- o urldata: cease storing TLS auth type [55]
- o urldata: make 'ftp_create_missing_dirs' depend on FTP || SFTP [13]
- o urldata: make set.http200aliases conditional on HTTP being present [11]
- o urldata: move the cookefilelist to the 'set' struct [15]
- o urldata: remove unused struct fields, made more conditional [10]
- o vquic: stabilization and improvements [141]
- o vtls: fix hostname handling in filters [98]
- o vtls: manage current easy handle in nested cfilter calls [90]
- o vtls: use ALPN HTTP/1.0 when HTTP/1.0 is used
- o winbuild: document that arm64 is supported [92]
- o windows: always use curl's basename() implementation [157]
- o wolfssl: remove deprecated post-quantum algorithms [124]
- o workflows/linux.yml: merge 3 common packages [18]
- o write-out.d: add 'since version' to %{header_json} documentation [129]
- o write-out.d: clarify Windows % symbol escaping [86]
- o ws: fix autoping handling [70]
- o ws: fix multiframe send handling [143]
- o ws: fix recv of larger frames [144]
- o ws: remove bad assert [117]
- o ws: unstick connect-only shutdown [116]
- o ws: use %Ou for outputting curl_off_t with info() [153]
- o x509asn1: fix compile errors and warnings [47]
- o zuul: stop using this CI service [114]
- This release includes the following known bugs:
- o see docs/KNOWN_BUGS (https://curl.se/docs/knownbugs.html)
- Planned upcoming removals include:
- o gskit
- o NSS
- o Support for systems without 64 bit data types
- See https://curl.se/dev/deprecate.html for details
- This release would not have looked like this without help, code, reports and
- advice from friends like these:
- Alexey Savchuk, Andrei Rybak, Andy Alt, Anthony Hu, Brian Green,
- Cameron Blomquist, Cherish98 on Github, Dan Fandrich, Daniel Gustafsson,
- Daniel Stenberg, dekerser on github, Divy Le Ray, Dmitry Atamanov,
- Esdras de Morais da Silva, Federico Pellegrin, Fujii Hironori, Gerrit Renker,
- Gisle Vanem, Gregory Panakkal, Hannah Schierling, Harry Sintonen,
- Hide Ishikawa, highmtworks on github, Jacob Hoffman-Andrews, Jakob Hirsch,
- James Keast, John Bampton, John Porter, John Sherrill, Jon Rumsey,
- Josh Brobst, Karthikdasari0423 on github, Kvarec Lezki, Lucas Pardue,
- Marc Aldorasi, Marcel Raad, Marc Hörsken, Mark Roszko, Martin D'Aloia,
- Martin Waleczek, Michael Osipov, Mike Duglas, Muhammad Hussein Ammari,
- Nick Banks, nick-telia on github, norbertmm on github, odek86 on github,
- Patrick Monnerat, Paul Groke, Paul Howarth, Peter Wu, Philip Heiduck,
- Pronyushkin Petr, Radek Brich, Radu Hociung, RanBarLavie on github,
- Ray Satiro, Ryan Schmidt, Sébastien Helleu, Sergey Bronnikov,
- Sergio-IME on github, sergio-nsk on github, SerusDev on github, Stanley Wucw,
- Stefan Eissing, Stefan Talpalaru, Stephan Guilloux, Tatsuhiro Tsujikawa,
- Thomas1664 on github, Thomas Klausner, Timmy Schierling,
- UnicornZhang on Github, Viktor Szakats, violetlige on github, William Tang,
- Yurii Rashkovskii
- (76 contributors)
- References to bug reports and discussions on issues:
- [1] = https://curl.se/bug/?i=10124
- [2] = https://curl.se/bug/?i=10143
- [3] = https://curl.se/bug/?i=10148
- [4] = https://curl.se/bug/?i=10135
- [5] = https://curl.se/bug/?i=10155
- [6] = https://curl.se/bug/?i=10159
- [7] = https://curl.se/bug/?i=10138
- [8] = https://curl.se/bug/?i=10114
- [9] = https://curl.se/bug/?i=10114
- [10] = https://curl.se/bug/?i=10147
- [11] = https://curl.se/bug/?i=10140
- [12] = https://curl.se/bug/?i=10110
- [13] = https://curl.se/bug/?i=10139
- [14] = https://curl.se/bug/?i=10137
- [15] = https://curl.se/bug/?i=10133
- [16] = https://curl.se/bug/?i=10132
- [17] = https://curl.se/bug/?i=10125
- [18] = https://curl.se/bug/?i=10071
- [19] = https://curl.se/bug/?i=10126
- [20] = https://curl.se/bug/?i=10118
- [21] = https://curl.se/bug/?i=10164
- [22] = https://curl.se/bug/?i=10172
- [23] = https://curl.se/bug/?i=10128
- [24] = https://curl.se/bug/?i=10157
- [25] = https://curl.se/bug/?i=10109
- [26] = https://curl.se/bug/?i=10179
- [27] = https://curl.se/bug/?i=10178
- [28] = https://curl.se/bug/?i=10136
- [29] = https://curl.se/bug/?i=10151
- [30] = https://curl.se/bug/?i=10144
- [31] = https://curl.se/bug/?i=10168
- [32] = https://curl.se/bug/?i=10208
- [33] = https://curl.se/bug/?i=10019
- [34] = https://curl.se/bug/?i=10165
- [35] = https://curl.se/bug/?i=10205
- [36] = https://curl.se/bug/?i=10201
- [37] = https://curl.se/bug/?i=10163
- [38] = https://curl.se/bug/?i=10210
- [39] = https://curl.se/bug/?i=10211
- [40] = https://curl.se/bug/?i=10206
- [41] = https://curl.se/bug/?i=10203
- [42] = https://curl.se/bug/?i=10255
- [43] = https://curl.se/bug/?i=10225
- [44] = https://curl.se/bug/?i=10195
- [45] = https://curl.se/bug/?i=10233
- [46] = https://curl.se/bug/?i=10193
- [47] = https://curl.se/bug/?i=10238
- [48] = https://curl.se/bug/?i=10197
- [49] = https://curl.se/bug/?i=10171
- [50] = https://curl.se/bug/?i=10236
- [51] = https://curl.se/bug/?i=10187
- [52] = https://curl.se/bug/?i=10189
- [53] = https://curl.se/bug/?i=10188
- [54] = https://curl.se/bug/?i=10185
- [55] = https://curl.se/bug/?i=10181
- [56] = https://curl.se/bug/?i=10182
- [57] = https://curl.se/bug/?i=10141
- [58] = https://curl.se/bug/?i=10230
- [59] = https://curl.se/bug/?i=10194
- [60] = https://curl.se/bug/?i=10192
- [61] = https://curl.se/bug/?i=10227
- [62] = https://curl.se/bug/?i=10222
- [63] = https://curl.se/bug/?i=10219
- [64] = https://curl.se/bug/?i=10224
- [65] = https://curl.se/bug/?i=10186
- [66] = https://curl.se/bug/?i=10209
- [67] = https://curl.se/bug/?i=10220
- [68] = https://curl.se/bug/?i=10214
- [69] = https://curl.se/bug/?i=10213
- [70] = https://curl.se/bug/?i=10289
- [71] = https://curl.se/bug/?i=10266
- [72] = https://curl.se/bug/?i=10175
- [73] = https://curl.se/bug/?i=10328
- [74] = https://curl.se/bug/?i=10345
- [75] = https://curl.se/bug/?i=10241
- [76] = https://curl.se/bug/?i=10256
- [77] = https://curl.se/bug/?i=10257
- [78] = https://curl.se/bug/?i=10258
- [79] = https://curl.se/bug/?i=10285
- [80] = https://curl.se/bug/?i=10278
- [81] = https://curl.se/bug/?i=10264
- [82] = https://curl.se/bug/?i=10264
- [83] = https://curl.se/bug/?i=10284
- [84] = https://curl.se/bug/?i=10275
- [85] = https://curl.se/bug/?i=10276
- [86] = https://curl.se/bug/?i=10323
- [87] = https://curl.se/bug/?i=10271
- [88] = https://curl.se/bug/?i=10344
- [89] = https://curl.se/bug/?i=10343
- [90] = https://curl.se/bug/?i=10336
- [91] = https://curl.se/bug/?i=10341
- [92] = https://curl.se/bug/?i=10332
- [93] = https://curl.se/bug/?i=10299
- [94] = https://curl.se/bug/?i=10272
- [95] = https://curl.se/bug/?i=10305
- [96] = https://curl.se/bug/?i=10314
- [97] = https://curl.se/bug/?i=10313
- [98] = https://curl.se/bug/?i=10273
- [99] = https://curl.se/bug/?i=10307
- [100] = https://curl.se/bug/?i=10306
- [101] = https://curl.se/bug/?i=10244
- [102] = https://curl.se/bug/?i=10326
- [103] = https://curl.se/bug/?i=10321
- [104] = https://curl.se/bug/?i=10383
- [105] = https://curl.se/bug/?i=10377
- [106] = https://curl.se/bug/?i=10415
- [107] = https://curl.se/bug/?i=10376
- [108] = https://curl.se/bug/?i=10416
- [109] = https://curl.se/bug/?i=10317
- [110] = https://curl.se/bug/?i=10312
- [111] = https://curl.se/bug/?i=10398
- [112] = https://curl.se/mail/lib-2023-01/0070.html
- [113] = https://curl.se/bug/?i=10373
- [114] = https://curl.se/bug/?i=10368
- [115] = https://curl.se/bug/?i=10295
- [116] = https://curl.se/bug/?i=10366
- [117] = https://curl.se/bug/?i=10347
- [118] = https://curl.se/bug/?i=10360
- [119] = https://curl.se/bug/?i=10357
- [120] = https://curl.se/bug/?i=10298
- [121] = https://curl.se/bug/?i=10400
- [122] = https://curl.se/bug/?i=10390
- [123] = https://curl.se/bug/?i=10397
- [124] = https://curl.se/bug/?i=10440
- [125] = https://curl.se/bug/?i=10399
- [126] = https://curl.se/bug/?i=10403
- [127] = https://curl.se/bug/?i=10349
- [128] = https://curl.se/bug/?i=10386
- [129] = https://curl.se/bug/?i=10395
- [130] = https://curl.se/bug/?i=10384
- [131] = https://curl.se/bug/?i=10385
- [132] = https://curl.se/bug/?i=10356
- [133] = https://curl.se/bug/?i=10322
- [134] = https://curl.se/bug/?i=10437
- [135] = https://curl.se/bug/?i=10434
- [136] = https://curl.se/bug/?i=9086
- [138] = https://curl.se/bug/?i=10414
- [139] = https://curl.se/bug/?i=10130
- [140] = https://curl.se/bug/?i=10421
- [141] = https://curl.se/bug/?i=10451
- [142] = https://curl.se/bug/?i=10484
- [143] = https://curl.se/bug/?i=10413
- [144] = https://curl.se/bug/?i=10438
- [145] = https://curl.se/bug/?i=10461
- [146] = https://curl.se/bug/?i=10408
- [147] = https://curl.se/bug/?i=10407
- [148] = https://curl.se/bug/?i=10448
- [149] = https://curl.se/bug/?i=10455
- [150] = https://curl.se/bug/?i=10433
- [151] = https://curl.se/bug/?i=10444
- [152] = https://curl.se/bug/?i=10445
- [153] = https://curl.se/bug/?i=10439
- [154] = https://curl.se/bug/?i=10409
- [155] = https://curl.se/bug/?i=10432
- [156] = https://curl.se/bug/?i=10432
- [157] = https://curl.se/bug/?i=10261
- [160] = https://curl.se/bug/?i=10471
- [161] = https://curl.se/bug/?i=10472
- [162] = https://curl.se/bug/?i=10463
- [164] = https://curl.se/bug/?i=10469
|