forked from curl/curl
-
Notifications
You must be signed in to change notification settings - Fork 0
/
RELEASE-NOTES
168 lines (157 loc) · 7.47 KB
/
RELEASE-NOTES
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
curl and libcurl 7.82.0
Public curl releases: 206
Command line options: 244
curl_easy_setopt() options: 295
Public functions in libcurl: 86
Contributors: 2575
This release includes the following changes:
o mesalink: remove support [23]
This release includes the following bugfixes:
o appveyor: update images from VS 2019 to 2022
o appveyor: use VS 2017 image for the autotools builds
o build: enable -Warith-conversion
o build: fix -Wenum-conversion handling
o checksrc: fix typo in comment [34]
o CI: move 'distcheck' job from zuul to azure pipelines [60]
o CI: move scan-build job from Zuul to Azure Pipelines [59]
o CI: move the rustls CI job to GHA from Zuul [8]
o CI: test building wolfssl with --enable-opensslextra [42]
o CI: workflows/wolfssl: install impacket [47]
o cmake: fix iOS CMake project generation error [13]
o cmdline-opts/gen.pl: fix option matching to improve references [50]
o configure: set CURL_LIBRARY_PATH for nghttp2 [58]
o curl tool: erase some more sensitive command line arguments [22]
o curl-functions.m4: fix LIBRARY_PATH adjustment to avoid eval [5]
o curl-functions.m4: revert DYLD_LIBRARY_PATH tricks in CURL_RUN_IFELSE [9]
o curl-openssl: remove the OpenSSL headers and library versions check [35]
o curl: remove "separators" (when using globbed URLs) [32]
o curl_multi_socket.3: remove callback and typical usage descriptions [7]
o curl_url_set.3: mention when CURLU_ALLOW_SPACE was added
o CURLMOPT_TIMERFUNCTION/DATA.3: fix the examples [27]
o CURLOPT_RESOLVE.3: change example port to 443
o docs/cmdline-opts: add "mutexed" options for more http versions [25]
o docs: document HTTP/2 not insisting on TLS 1.2 [49]
o docs: fix mandoc -T lint formatting complaints [2]
o docs: update IETF links to use datatracker [41]
o examples/multi-app.c: call curl_multi_remove_handle as well [19]
o formdata: avoid size_t => long typecast overflows [37]
o gen.pl: terminate "example" sections better [4]
o hostcheck: fixed to not touch used input strings [38]
o ldap: return CURLE_URL_MALFORMAT for bad URL [24]
o mbedtls: enable use of mbedtls without CRL support [57]
o mbedtls: fix CURLOPT_SSLCERT_BLOB (again)
o mbedtls: fix ssl_init error with mbedTLS 3.1.0+ [12]
o mbedtls: remove #include <mbedtls/certs.h> [56]
o mbedtls: return CURLcode result instead of a mbedtls error code [1]
o md5: check md5_init_func return value
o misc: allow curl to build with wolfssl --enable-opensslextra [43]
o misc: remove BeOS code and references [30]
o misc: remove the final watcom references [29]
o mqtt: free any send leftover data when done [36]
o multi: set in_callback for multi interface callbacks [28]
o next.d. remove .fi/.nf as they are handled by gen.pl [3]
o ngtcp2: adapt to changed end of headers callback proto [39]
o ngtcp2: fix declaration of ‘result’ shadows a previous local [14]
o nss: handshake callback during shutdown has no conn->bundle [55]
o openldap: implement SASL authentication [16]
o openssl.h: avoid including OpenSSL headers here [15]
o openssl: check SSL_get_ex_data to prevent potential NULL dereference [40]
o openssl: check the return value of BIO_new_mem_buf() [18]
o openssl: fix `ctx_option_t` for OpenSSL v3+
o openssl: return error if TLS 1.3 is requested when not supported [45]
o projects: fix Visual Studio wolfSSL configurations
o quiche: change qlog file extension to `.sqlog` [44]
o quiche: verify the server cert on connect [33]
o remote-header-name.d: clarify [10]
o runtests.pl: disable debuginfod [51]
o runtests.pl: properly print the test if it contains binary zeros
o runtests.pl: support the nonewline attribute for the data part [21]
o runtests: allow client/file to specify multiple directories
o runtests: make 'rustls' a testable feature
o runtests: make 'wolfssl' a testable feature [6]
o rustls: add CURLOPT_CAINFO_BLOB support [26]
o scripts/copyright.pl: support many provided file names on the cmdline
o setopt: fix the TLSAUTH #ifdefs for proxy-disabled builds [53]
o test3021: disable all msys2 path transformation
o test374: gif data without new line at the end [20]
o tool_findfile: check ~/.config/curlrc too [17]
o tool_getparam: DNS options that need c-ares now fail without it [31]
o url: given a user in the URL, find pwd for that user in netrc [11]
o url: keep trailing dot in host name [62]
o url: make Curl_disconnect return void [48]
o urldata: CONN_IS_PROXIED replaces bits.close when proxy can be disabled [52]
o vtls: pass on the right SNI name [61]
This release includes the following known bugs:
o see docs/KNOWN_BUGS (https://curl.se/docs/knownbugs.html)
This release would not have looked like this without help, code, reports and
advice from friends like these:
Alessandro Ghedini, Antoine Pietri, Bernhard Walle, Cameron Will,
Charles Cazabon, Daniel Stenberg, Eric Musser, Fabian Keil, Fabian Yamaguchi,
Filip Lundgren, Harry Sarson, Ikko Ashimine, Jan Ehrhardt, jhoyla on github,
jonny112 on github, Kushal Das, Lucas Pardue, Manfred Schwarb, Marcel Raad,
Melroy van den Berg, Michał Antoniak, neutric on github, Niels Martignène,
Patrick Monnerat, pheiduck on github, Ray Satiro, Ryan Schmidt,
Sandro Jaeckel, Satadru Pramanik, Stefan Eissing, Stephen Boost,
Stephen M. Coakley, updatede on github, Viktor Szakats, Xiaoke Wang,
(35 contributors)
References to bug reports and discussions on issues:
[1] = https://curl.se/bug/?i=8266
[2] = https://curl.se/bug/?i=8228
[3] = https://curl.se/bug/?i=8228
[4] = https://curl.se/bug/?i=8228
[5] = https://curl.se/bug/?i=8229
[6] = https://curl.se/bug/?i=8252
[7] = https://curl.se/bug/?i=8262
[8] = https://curl.se/bug/?i=8251
[9] = https://curl.se/bug/?i=8229
[10] = https://curl.se/bug/?i=8249
[11] = https://curl.se/bug/?i=8241
[12] = https://curl.se/bug/?i=8238
[13] = https://curl.se/bug/?i=8244
[14] = https://curl.se/bug/?i=8245
[15] = https://curl.se/bug/?i=8240
[16] = https://curl.se/bug/?i=8152
[17] = https://curl.se/bug/?i=8208
[18] = https://curl.se/bug/?i=8233
[19] = https://curl.se/bug/?i=8234
[20] = https://curl.se/bug/?i=8239
[21] = https://curl.se/bug/?i=8239
[22] = https://curl.se/bug/?i=7964
[23] = https://curl.se/bug/?i=8188
[24] = https://curl.se/bug/?i=8170
[25] = https://curl.se/bug/?i=8254
[26] = https://curl.se/bug/?i=8255
[27] = https://curl.se/bug/?i=8286
[28] = https://curl.se/bug/?i=8282
[29] = https://curl.se/bug/?i=8287
[30] = https://curl.se/bug/?i=8288
[31] = https://curl.se/bug/?i=8285
[32] = https://curl.se/bug/?i=8278
[33] = https://curl.se/bug/?i=8173
[34] = https://curl.se/bug/?i=8281
[35] = https://curl.se/bug/?i=8279
[36] = https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=43515
[37] = https://hackerone.com/reports/1444539
[38] = https://curl.se/bug/?i=8321
[39] = https://curl.se/bug/?i=8322
[40] = https://curl.se/bug/?i=8268
[41] = https://curl.se/bug/?i=8317
[42] = https://curl.se/bug/?i=8315
[43] = https://curl.se/bug/?i=8292
[44] = https://curl.se/bug/?i=8316
[45] = https://curl.se/bug/?i=8309
[47] = https://curl.se/bug/?i=8307
[48] = https://curl.se/bug/?i=8303
[49] = https://curl.se/bug/?i=8235
[50] = https://curl.se/bug/?i=8299
[51] = https://curl.se/bug/?i=8291
[52] = https://curl.se/bug/?i=8350
[53] = https://curl.se/bug/?i=8350
[55] = https://curl.se/bug/?i=8341
[56] = https://curl.se/bug/?i=8343
[57] = https://curl.se/bug/?i=8344
[58] = https://curl.se/bug/?i=8340
[59] = https://curl.se/bug/?i=8338
[60] = https://curl.se/bug/?i=8334
[61] = https://curl.se/bug/?i=8320
[62] = https://curl.se/bug/?i=8290