5 \___|\___/|_| \_\_____|
9 Version 7.73.0 (14 Oct 2020)
11 Daniel Stenberg (14 Oct 2020)
12 - RELEASE-NOTES: synced
16 - THANKS: from 7.73.0 and .mailmap fixes
18 - mailmap: fixups of some contributors
20 - projects/build-wolfssl.bat: fix the copyright year range
22 Marc Hoersken (14 Oct 2020)
23 - [Sergei Nikulov brought this change]
25 CI/tests: fix invocation of tests for CMake builds
27 Update appveyor.yml to set env variable TFLAGS and run tests
28 Remove curly braces due to CMake error (${TFLAGS} -> $TFLAGS)
29 Move testdeps build to build step (per review comments)
31 Reviewed-by: Marc Hörsken
36 - tests/server/util.c: fix support for Windows Unicode builds
41 Daniel Stenberg (13 Oct 2020)
42 - [Jay Satiro brought this change]
44 strerror: Revert to local codepage for Windows error string
46 - Change get_winapi_error() to return the error string in the local
47 codepage instead of UTF-8 encoding.
49 Two weeks ago bed5f84 fixed get_winapi_error() to work on xbox, but it
50 also changed the error string's encoding from local codepage to UTF-8.
52 We return the local codepage version of the error string because if it
53 is output to the user's terminal it will likely be with functions which
54 expect the local codepage (eg fprintf, failf, infof).
56 This is essentially a partial revert of bed5f84. The support for xbox
57 remains but the error string is reverted back to local codepage.
59 Ref: https://github.com/curl/curl/pull/6005
61 Reviewed-by: Marcel Raad
64 Marc Hoersken (13 Oct 2020)
65 - CI/tests: use verification curl for test reporting APIs
67 Avoid using our own, potentially installed, curl for
68 the test reporting APIs in case it is broken.
70 Reviewed-by: Daniel Stenberg
75 Viktor Szakats (12 Oct 2020)
76 - windows: fix comparison of mismatched types warning
80 vtls/openssl.c:2917:33: warning: comparison of integers of different signs: 'DWORD' (aka 'unsigned long') and 'HRESULT' (aka 'long')
82 if(GetLastError() != CRYPT_E_NOT_FOUND)
83 ~~~~~~~~~~~~~~ ^ ~~~~~~~~~~~~~~~~~
86 Approved-by: Daniel Stenberg
89 Daniel Stenberg (11 Oct 2020)
90 - [Viktor Szakats brought this change]
92 src/Makefile.m32: fix undefined curlx_dyn_* errors
94 by linking `lib/dynbuf.c` when building a static curl binary.
95 Previously this source file was only included when building
96 a dynamic curl binary. This was likely possibly because no
97 functions from the `src/Makefile.inc` / `CURLX_CFILES` sources
98 were actually required for a curl tool build. This has
99 recently changed with the introduction of `curlx_dyn_*()`
100 memory functions and their use by the tool sources.
104 - HISTORY: curl verifies SSL certs by default since version 7.10
106 Marc Hoersken (8 Oct 2020)
107 - runtests.pl: use $LIBDIR variable instead of hardcoded path
109 Reviewed-by: Daniel Stenberg
112 Daniel Stenberg (7 Oct 2020)
113 - checksrc: detect // comments on column 0
115 Spotted while working on #6045
119 - [Frederik Wedel-Heinen brought this change]
121 mbedtls: add missing header when defining MBEDTLS_DEBUG
125 - curl: make sure setopt CURLOPT_IPRESOLVE passes on a long
127 Previously, it would pass on a define (int) which could make libcurl
128 read junk as a value - which prevented the CURLOPT_IPRESOLVE option to
129 "take". This could then make test 2100 do two DoH requests instead of
135 - RELEASE-NOTES: synced
137 - scripts/release-notes.pl: don't "embed" $ in format string for printf()
139 ... since they might contain %-codes that mess up the output!
141 Jay Satiro (5 Oct 2020)
142 - [M.R.T brought this change]
144 build-wolfssl: fix build with Visual Studio 2019
146 Closes https://github.com/curl/curl/pull/6033
148 Daniel Stenberg (4 Oct 2020)
149 - runtests: add %repeat[]% for test files
151 ... and use this new keywords in all the test files larger than 50K to reduce
152 their sizes and make them a lot easier to read and understand.
156 - [Emil Engler brought this change]
158 --help: move two options from the misc category
160 The cmdline opts delegation and suppress-connect-headers
161 fit better into auth and proxy rather than misc.
163 Follow-up to aa8777f63febc
166 - [Samanta Navarro brought this change]
168 docs/opts: fix typos in two manual pages
172 - ldap: reduce the amount of #ifdefs needed
176 - runtests: provide curl's version string as %VERSION for tests
178 ... so that we can check HTTP requests for User-Agent: curl/%VERSION
180 Update 600+ test cases accordingly.
184 - checksrc: warn on space after exclamation mark
188 - test1465: verify --libcurl with binary POST data
190 - runtests: allow generating a binary sequence from hex
192 - tool_setopt: escape binary data to hex, not octal
194 - curl: make --libcurl show binary posts correctly
196 Reported-by: Stephan Mühlstrasser
200 Jay Satiro (1 Oct 2020)
201 - strerror: fix null deref on winapi out-of-memory
203 Follow-up to bed5f84 from several days ago.
205 Ref: https://github.com/curl/curl/pull/6005
207 Daniel Stenberg (1 Oct 2020)
208 - [Kamil Dudka brought this change]
210 vtls: deduplicate some DISABLE_PROXY ifdefs
212 ... in the code of gtls, nss, and openssl
216 - RELEASE-NOTES: synced
218 - [Emil Engler brought this change]
220 TODO: Add OpenBSD libtool notice
225 - tests/unit/README: convert to markdown
231 - tests/README: convert to markdown
235 - include/README: convert to markdown
239 - examples/README: convert to markdown
243 - configure: don't say HTTPS-proxy is enabled when disabled!
245 Reported-by: Kamil Dudka
246 Reviewed-by: Kamil Dudka
247 Bug: https://github.com/curl/curl/pull/5735#issuecomment-701376388
250 Daniel Gustafsson (30 Sep 2020)
251 - src: Consistently spell whitespace without whitespace
253 Whitespace is spelled without a space between white and space, so
254 make sure to consistently spell it that way across the codebase.
257 Reviewed-by: Daniel Stenberg <daniel@haxx.se>
258 Reviewed-by: Emil Engler <me@emilengler.com>
260 - MANUAL: update examples to resolve without redirects
262 www.netscape.com is redirecting to a cookie consent form on Aol, and
263 cool.haxx.se isn't responding to FTP anymore. Replace with examples
264 that resolves in case users try out the commands when reading the
268 Reviewed-by: Daniel Stenberg <daniel@haxx.se>
269 Reviewed-by: Emil Engler <me@emilengler.com>
271 Daniel Stenberg (30 Sep 2020)
272 - HISTORY: add some 2020 events
274 - sectransp: make it build with --disable-proxy
276 Follow-up from #5466 and f3d501dc678d80
277 Reported-by: Javier Navarro
281 - ECH: renamed from ESNI in docs and configure
283 Encrypted Client Hello (ECH) is the current name.
287 - configure: use "no" instead of "disabled" for the end summary
289 ... for consistency but also to make them more distinctly stand out next
290 to the "enabled" lines.
292 - TODO: SSH over HTTPS proxy with more backends
294 ... as right now only the libssh2 backend supports it.
296 - libssh2: handle the SSH protocols done over HTTPS proxy
298 Reported-by: Robin Douine
302 - [Emil Engler brought this change]
304 memdebug: remove 9 year old unused debug function
306 There used to be a way to have memdebug fill allocated memory. 9 years
307 later this has no value there (valgrind and ASAN etc are way better). If
308 people need to know about it they can have a look at VCS logs.
312 - sendf: move Curl_sendf to dict.c and make it static
314 ... as the only remaining user of that function. Also fix gopher.c to
315 instead use Curl_write()
319 - ROADMAP: updates and cleanups
323 Remove DoT, thread-safe init and hard-coded localhost. I feel very
324 little interest for these with users so I downgrade them to plain "TODO"
327 - schannel: return CURLE_PEER_FAILED_VERIFICATION for untrusted root
329 This matches what is returned in other TLS backends in the same
332 Reviewed-by: Jay Satiro
333 Reviewed-by: Emil Engler
335 Reported-by: iammrtau on github
339 - RELEASE-NOTES: synced
341 - ftp: make a 552 response return CURLE_REMOTE_DISK_FULL
343 Added test 348 to verify. Added a 'STOR' command to the test FTP
344 server to enable test 348. Documented the command in FILEFORMAT.md
346 Reported-by: Duncan Wilcox
350 - pause: only trigger a reread if the unpause sticks
352 As an unpause might itself get paused again and then triggering another
355 Follow-up from e040146f22608fd9 (shipped since 7.69.1)
357 Bug: https://curl.haxx.se/mail/lib-2020-09/0081.html
358 Patch-by: Kunal Chandarana
362 - test163[12]: require http to be built-in to run
364 ... as speaking over an HTTPS proxy implies http!
368 - ngtcp2: adapt to new NGTCP2_PROTO_VER_MAX define
372 - [Javier Blazquez brought this change]
374 strerror: honor Unicode API choice on Windows
378 - imap: make imap_send use dynbuf for the send buffer management
380 Reuses the buffer and thereby reduces number of mallocs over a transfer.
384 - Curl_send: return error when pre_receive_plain can't malloc
386 ... will probably trigger some false DEAD CODE positives on non-windows
387 code analyzers for the conditional code.
391 - ftp: separate FTPS from FTP over "HTTPS proxy"
393 When using HTTPS proxy, SSL is used but not in the view of the FTP
394 protocol handler itself so separate the connection's use of SSL from the
395 FTP control connection's sue.
397 Reported-by: Mingtao Yang
401 Dan Fandrich (23 Sep 2020)
402 - tests/data: Fix some mismatched XML tags in test cases
404 This allows these test files to pass xmllint.
406 Daniel Stenberg (23 Sep 2020)
407 - pingpong: use a dynbuf for the *_pp_sendf() function
409 ... reuses the same dynamic buffer instead of doing repeated malloc/free
412 Test case 100 (FTP dir list PASV) does 7 fewer memory allocation calls
413 after this change in my test setup (132 => 125), curl 7.72.0 needed 140
416 Test case 103 makes 9 less allocations now (130). Down from 149 in
421 - dynbuf: add Curl_dyn_vaddf
425 - dynbuf: make *addf() not require extra mallocs
427 ... by introducing a printf() function that appends directly into a
428 dynbuf: Curl_dyn_vprintf(). This avoids the mandatory extra malloc so if
429 the buffer is already big enough it can just printf directly into it.
431 Since this less-malloc version requires tthe use of a library internal
432 printf function, we only provide this version when building libcurl and
433 not for the dynbuf code that is used when building the curl tool.
437 - KNOWN_BUGS: Unable to use PKCS12 certificate with Secure Transport
441 - pingpong: remove a malloc per Curl_pp_vsendf call
443 This typically makes 7-9 fewer mallocs per FTP transfer.
447 - symbian: drop support
449 The OS is deprecated. I see no traces of anyone having actually built
450 curl for Symbian after 2012.
452 The public headers are unmodified.
456 - RELEASE-NOTES: synced
458 - curl_krb5.h: rename from krb5.h
460 Follow-up from f4873ebd0be32cf
462 Turns out some older openssl installations go bananas otherwise.
463 Reported-by: Tom van der Woerdt
467 - test1297: verify GOT_NOTHING with http proxy tunnel
469 - http_proxy: do not count proxy headers in the header bytecount
471 ... as that counter is subsequently used to detect if nothing was
472 returned from the peer. This made curl return CURLE_OK when it should
473 have returned CURLE_GOT_NOTHING.
476 Reported-by: Tom van der Woerdt
479 - setopt: return CURLE_BAD_FUNCTION_ARGUMENT on bad argument
481 Fixed two return code mixups. CURLE_UNKNOWN_OPTION is saved for when the
482 option is, yeah, not known. Clarified this in the setopt man page too.
486 - krb5: merged security.c and krb specific FTP functions in here
488 These two files were always tightly connected and it was hard to
489 understand what went into which. This also allows us to make the
490 ftpsend() function static (moved from ftp.c).
493 Renamed curl_sec.h to krb5.h
497 - Curl_handler: add 'family' to each protocol
499 Makes get_protocol_family() faster and it moves the knowledge about the
500 "families" to each protocol handler, where it belongs.
504 - parsedate: tune the date to epoch conversion
506 By avoiding an unnecessary error check and the temp use of the tm
507 struct, the time2epoch conversion function gets a little bit faster.
508 When repeating test 517, the updated version is perhaps 1% faster (on
509 one particular build on one particular architecture).
513 - cmake: remove scary warning
515 Remove the text saying
517 "the curl cmake build system is poorly maintained. Be aware"
519 ... not because anything changed just now, but to encourage users to use
520 it and subsequently improve it.
524 - docs/MQTT: remove outdated paaragraphs
526 - docs/MQTT: not experimental anymore
528 Follow-up to e37e4468688d8f
530 - docs/RESOURCES: remove
532 This document is not maintained and rather than trying to refresh it,
533 let's kill it. A more up-to-date document with relevant RFCs is this
534 page on the curl website: https://curl.haxx.se/rfc/
538 - docs/TheArtOfHttpScripting: convert to markdown
540 Makes it easier to browse on github etc. Offers (better) links.
542 It should be noted that this document is already mostly outdated and
543 "Everything curl" at https://ec.haxx.se/ is a better resource and
548 - BUGS: convert document to markdown
552 - --help: strdup the category
554 ... since it is converted and the original pointer is freed on Windows
557 Follow-up to aa8777f63febc
560 Reported-by: xwxbug on github
562 - CHECKSRC: document two missing warnings
564 - RELEASE-NOTES: synced
566 - ftp: avoid risk of reading uninitialized integers
568 If the received PASV response doesn't match the expected pattern, we
569 could end up reading uninitialized integers for IP address and port
572 Issue pointed out by muse.dev
575 - [Quentin Balland brought this change]
577 easy_reset: clear retry counter
582 - ftp: get rid of the PPSENDF macro
584 The use of such a macro hides some of what's actually going on to the
585 reader and is generally disapproved of in the project.
589 - man pages: switch to https://example.com URLs
591 Since HTTPS is "the new normal", this update changes a lot of man page
592 examples to use https://example.com instead of the previous "http://..."
596 - github: remove the duplicate "Security vulnerability" entry
598 ... since github adds an entry automatically by itself.
602 - [Emil Engler brought this change]
604 github: use new issue template feature
606 This helps us to avoid getting feature requests as well as security
607 bugs reported into the issue tracker.
611 - [Emil Engler brought this change]
613 urlapi: use more Curl_safefree
617 Marc Hoersken (17 Sep 2020)
618 - multi: align WinSock mask variables in Curl_multi_wait
620 Also skip pre-checking sockets to set timeout_ms to 0
621 after the first socket has been detected to be ready.
623 Reviewed-by: rcombs on github
624 Reviewed-by: Daniel Stenberg
628 - multi: reuse WinSock events variable in Curl_multi_wait
630 Since the struct is quite large (1 long and 10 ints) we
631 declare it once at the beginning of the function instead
632 of multiple times inside loops to avoid stack movements.
634 Reviewed-by: Viktor Szakats
635 Reviewed-by: Daniel Stenberg
639 Daniel Stenberg (16 Sep 2020)
640 - TODO: dynamically decide to use socketpair
642 Suggested-by: Anders Bakken
646 - TODO: add PR reference for native IDN support on macOS
648 As there was work started on this that never got completed.
652 - tool_help.h: update copyright year range
654 Follow-up from aa8777f63febca
656 - CI/azure: disable test 571 in the msys2 builds
658 It's just too flaky there
660 Reviewed-by: Marc Hoersken
663 - tool_writeout: protect fputs() from NULL
665 When the code was changed to do fputs() instead of fprintf() it got
666 sensitive for NULL pointers; add checks for that.
668 Follow-up from 0c1e767e83ec66
672 - test3015: verify stdout "as text"
674 Follow-up from 0c1e767e83e to please win32 tests
678 - travis: use libressl v3.1.4 instead of master
680 ... as their git master seems too fragile to use (and 3.2.1 which is the
681 latest has a build failure).
685 - tests/FILEFORMAT: document type=shell for <command>
687 - tests/FILEFORMAT: document nonewline support for <file>
689 The one in <client>, that creates files.
691 Follow-up from b83947c8df7
693 - [anio brought this change]
695 tool_writeout: add new writeout variable, %{num_headers}
697 This variable gives the number of headers.
701 - tool_urlglob: fix compiler warning "unreachable code"
705 Follow-up to 70a3b003d9
707 - [Gergely Nagy brought this change]
709 vtls: deduplicate client certificates in ssl_config_data
713 - ftp: a 550 response to SIZE returns CURLE_REMOTE_FILE_NOT_FOUND
715 This is primarily interesting for cases where CURLOPT_NOBODY is set as
716 previously curl would not return an error for this case.
718 MDTM getting 550 now also returns this error (it returned
719 CURLE_FTP_COULDNT_RETR_FILE before) in order to unify return codes for
720 missing files across protocols and specific FTP commands.
722 libcurl already returns error on a 550 as a MDTM response (when
723 CURLOPT_FILETIME is set). If CURLOPT_NOBODY is not set, an error would
724 happen subsequently anyway since the RETR command would fail.
726 Add test 1913 and 1914 to verify. Updated several tests accordingly due
727 to the updated SIZE behavior.
729 Reported-by: Tomas Berger
733 - curl: make checkpasswd use dynbuf
737 - curl: make glob_match_url use dynbuf
741 - curl: make file2memory use dynbuf
745 - curl: make file2string use dynbuf
749 - [Antarpreet Singh brought this change]
751 imap: set cselect_bits to CURL_CSELECT_IN initially
753 ... when continuing a transfer from a FETCH response.
755 When the size of the file was small enough that the entirety of the
756 transfer happens in a single go and schannel buffers holds the entire
757 data. However, it wasn't completely read in Curl_pp_readresp since a
758 line break was found before that could happen. So, by the time we are in
759 imap_state_fetch_resp - there's data in buffers that needs to be read
760 via Curl_read but nothing to read from the socket. After we setup a
761 transfer (Curl_setup_transfer), curl just waits on the socket state to
762 change - which doesn't happen since no new data ever comes.
766 - RELEASE-NOTES: synced
768 - test434: test -K use in a single line without newline
772 - runtests: allow creating files without newlines
776 - curl: use curlx_dynbuf for realloc when loading config files
778 ... fixes an integer overflow at the same time.
780 Reported-by: ihsinme on github
781 Assisted-by: Jay Satiro
785 - dynbuf: provide curlx_ names for reuse by the curl tool
789 - dynbuf: make sure Curl_dyn_tail() zero terminates
793 - tests: add test1912 to the dist
795 Follow-up to 70984ce1be4cab6c
797 - docs/LICENSE-MIXING: remove
799 This document is not maintained and I feel that it doesn't provide much
800 value to users anymore (if it ever did).
804 - [Laramie Leavitt brought this change]
806 http: consolidate nghttp2_session_mem_recv() call paths
808 Previously there were several locations that called
809 nghttp2_session_mem_recv and handled responses slightly differently.
810 Those have been converted to call the existing
811 h2_process_pending_input() function.
813 Moved the end-of-session check to h2_process_pending_input() since the
814 only place the end-of-session state can change is after nghttp2
815 processes additional input frames.
817 This will likely fix the fuzzing error. While I don't have a root cause
818 the out-of-bounds read seems like a use after free, so moving the
819 nghttp2_session_check_request_allowed() call to a location with a
820 guaranteed nghttp2 session seems reasonable.
822 Also updated a few nghttp2 callsites to include error messages and added
823 a few additional error checks.
827 - HISTORY: mention alt-svc added in 2019
829 ... and make 1996 the first year subtitle
831 - base64: also build for pop3 and imap
833 Follow-up to the fix in 20417a13fb8f83
835 Reported-by: Michael Olbrich
839 - base64: enable in build with SMTP
841 The oauth2 support is used with SMTP and it uses base64 functions.
843 Reported-by: Michael Olbrich
847 - curl_mime_headers.3: fix the example's use of curl_slist_append
849 Reported-by: sofaboss on github
853 - lib583: fix enum mixup
855 grrr the previous follow-up to 17fcdf6a31 was wrong
857 - libtest: fix build errors
859 Follow-up from 17fcdf6a310d4c8076
861 - lib: fix -Wassign-enum warnings
863 configure --enable-debug now enables -Wassign-enum with clang,
864 identifying several enum "abuses" also fixed.
866 Reported-by: Gisle Vanem
867 Bug: https://github.com/curl/curl/commit/879007f8118771f4896334731aaca5850a154675#commitcomment-42087553
871 - RELEASE-NOTES: synced
873 - [Diven Qi brought this change]
875 url: use blank credentials when using proxy w/o username and password
877 Fixes proxy regression brought in commit ad829b21ae (7.71.0)
882 - travis: add a build using libressl (from git master)
884 The v3.2.1 tag (latest release atm) results in a broken build.
888 - configure: let --enable-debug set -Wenum-conversion with gcc >= 10
890 Unfortunately, this option is not detecting the same issues as clang's
891 -Wassign-enum flag, but should still be useful to detect future
896 - openssl: consider ALERT_CERTIFICATE_EXPIRED a failed verification
898 If the error reason from the lib is
899 SSL_R_SSLV3_ALERT_CERTIFICATE_EXPIRED, libcurl will return
900 CURLE_PEER_FAILED_VERIFICATION and not CURLE_SSL_CONNECT_ERROR.
902 This unifies the libcurl return code and makes libressl run test 313
907 - FAQ: refreshed some very old language
909 - cmake: make HTTP_ONLY also disable MQTT
911 ... and alphasort the order of disabling protocols to make it easier to
916 - libtest: remove lib1541 leftovers
918 Caused automake errors.
920 Follow-up to 8ca54a03ea08a
922 - tests/libtests: remove test 1900 and 2033
924 We already remove the test files, now remove the libtest codes as well.
926 Follow-up to e50a877df74
928 Marc Hoersken (7 Sep 2020)
929 - CI/azure: add test number to title for display in analytics
931 To ease identification of tests the test number is added to
932 the test case title in order to have it on the Azure DevOps
933 Analytics pages and reports which currently do not show it.
935 Bump test case revision to make Azure DevOps update titles.
939 Daniel Stenberg (6 Sep 2020)
940 - altsvc: clone setting in curl_easy_duphandle
942 The cache content is not duplicated, like other caches, but the setting
943 and specified file name are.
945 Test 1908 is extended to verify this somewhat. Since the duplicated
946 handle gets the same file name, the test unfortunately overwrites the
947 same file twice (with different contents) which makes it hard to check
952 - test1541: remove since it is a known bug
954 A shared connection cache is not thread-safe is a known issue. Stop
955 testing this until we believe this issue is addressed. Reduces
956 occasional test failures we don't care about.
958 The test code in lib1541.c is left in git to allow us to restore it when
963 - tests: remove pipelining tests
965 Remove the tests 530, 584, 1900, 1901, 1902, 1903 and 2033. They were
968 The Pipelining code was removed from curl in commit 2f44e94efb3df8e,
973 - curl: retry delays in parallel mode no longer sleeps blocking
975 The previous sleep for retries would block all other concurrent
976 transfers. Starting now, the retry will instead be properly marked to
977 not get restarted until after the delay time but other transfers can
978 still continue in the mean time.
982 - curl:parallel_transfers: make sure retry readds the transfer
984 Reported-by: htasta on github
988 - build: drop support for building with Watcom
990 These files are not maintained, they seem to have no users, Watcom
991 compilers look like not having users nor releases anymore.
995 - winbuild/rundebug.cmd: remove
997 Seems to have been added by mistake? Not included in dists.
1001 - curl: in retry output don't call all problems "transient"
1003 ... because when --retry-all-errors is used, the error isn't necessarily
1008 - easygetopt: pass a valid enum to avoid compiler warning
1010 "integer constant not in range of enumerated type 'CURLoption'"
1012 Reported-by: Gisle Vanem
1013 Bug: https://github.com/curl/curl/commit/6ebe63fac23f38df911edc348e8ccc72280f9434#commitcomment-42042843
1017 - [Emil Engler brought this change]
1019 tests: Add tests for new --help
1021 This commit is a part of "--help me if you can"
1025 - [Emil Engler brought this change]
1027 tool: update --help with categories
1029 This commit is a part of "--help me if you can"
1033 - [Emil Engler brought this change]
1035 docs: add categories to all cmdline opts
1037 Adapted gen.pl with 'listcats'
1039 This commit is a part of "--help me if you can"
1043 - RELEASE-NOTES: synced
1045 - [ihsinme brought this change]
1047 connect.c: remove superfluous 'else' in Curl_getconnectinfo
1051 - [Samuel Marks brought this change]
1053 CMake: remove explicit `CMAKE_ANSI_CFLAGS`
1055 This variable was removed from cmake in commit
1056 https://gitlab.kitware.com/cmake/cmake/commit/5a834b0bb0bc288. A later
1057 CMake commit removes the variable from the tests, claiming that it was
1058 removed in CMake 2.6
1060 Reviewed-By: Peter Wu
1063 - [cbe brought this change]
1065 libssh2: pass on the error from ssh_force_knownhost_key_type
1069 - scripts/delta: add diffstat summary
1071 ... and make output more table-like
1073 - [Martin Bašti brought this change]
1075 http_proxy: do not crash with HTTPS_PROXY and NO_PROXY set
1077 ... in case NO_PROXY takes an effect
1079 Without this patch, the following command crashes:
1081 $ GIT_CURL_VERBOSE=1 NO_PROXY=github.com HTTPS_PROXY=https://example.com \
1082 git clone https://github.com/curl/curl.git
1084 Minimal libcurl-based reproducer:
1086 #include <curl/curl.h>
1089 CURL *curl = curl_easy_init();
1092 curl_easy_setopt(curl, CURLOPT_URL, "https://github.com/");
1093 curl_easy_setopt(curl, CURLOPT_PROXY, "example.com");
1094 /* set the proxy type */
1095 curl_easy_setopt(curl, CURLOPT_PROXYTYPE, CURLPROXY_HTTPS);
1096 curl_easy_setopt(curl, CURLOPT_NOPROXY, "github.com");
1097 curl_easy_setopt(curl, CURLOPT_VERBOSE, 1L);
1098 ret = curl_easy_perform(curl);
1099 curl_easy_cleanup(curl);
1105 Assisted-by: Kamil Dudka
1106 Bug: https://bugzilla.redhat.com/1873327
1109 - travis: add a CI job with openssl3 (from git master)
1113 - openssl: avoid error conditions when importing native CA
1115 The code section that is OpenSSL 3+ specific now uses the same logic as
1116 is used in the version < 3 section. It caused a compiler error without
1121 - setopt: avoid curl_ on local variable
1125 - mqtt.c: avoid curl_ prefix on local variable
1129 - wildcard: strip "curl_" prefix from private symbols
1133 - vtls: make it 'struct Curl_ssl_session'
1135 Use uppercase C for internal symbols.
1139 - curl_threads: make it 'struct Curl_actual_call'
1141 Internal names should not be prefixed "curl_"
1145 - schannel: make it 'struct Curl_schannel*'
1147 As internal global names should use captical C.
1151 - hash: make it 'struct Curl_hash'
1153 As internal global names should use captical C.
1157 - llist: make it "struct Curl_llist"
1159 As internal global names should use captical C.
1163 Marc Hoersken (2 Sep 2020)
1164 - telnet.c: depend on static requirement of WinSock version 2
1166 Drop dynamic loading of ws2_32.dll and instead rely on the
1167 imported version which is now required to be at least 2.2.
1169 Reviewed-by: Marcel Raad
1170 Reviewed-by: Jay Satiro
1171 Reviewed-by: Daniel Stenberg
1172 Reviewed-by: Viktor Szakats
1176 - win32: drop support for WinSock version 1, require version 2
1178 IPv6, telnet and now also the multi API require WinSock
1179 version 2 which is available starting with Windows 95.
1181 Therefore we think it is time to drop support for version 1.
1183 Reviewed-by: Marcel Raad
1184 Reviewed-by: Jay Satiro
1185 Reviewed-by: Daniel Stenberg
1186 Reviewed-by: Viktor Szakats
1191 - select: align poll emulation to return all relevant events
1193 The poll emulation via select already consumes POLLRDNORM,
1194 POLLWRNORM and POLLRDBAND as input events. Therefore it
1195 should also return them as output events if signaled.
1197 Also fix indentation in input event handling block.
1199 Assisted-by: Jay Satiro
1200 Reviewed-by: Daniel Stenberg
1205 - CI/azure: MQTT is now enabled by default
1207 Reviewed-by: Daniel Stenberg
1212 Daniel Stenberg (2 Sep 2020)
1213 - copyright.pl: ignore buildconf
1215 - test971: show test mismatches "inline"
1217 - lib/Makefile.am: bump VERSIONINFO due to new functions
1219 ... we're generally bad at this, but we are adding new functions for
1224 - optiontable: use DEBUGBUILD
1226 Follow-up to commit 6e18568ba38 (#5877)
1228 - cmdline-opts/gen.pl: generate nicer "See Also" in curl.1
1230 If there are more than two items in the list, use commas for all but the
1231 last separator which is set to 'and'. Reads better.
1235 - curl.1: add see also no-progress-meter on two spots
1241 - RELEASE-NOTES: synced
1243 - mqtt: enable by default
1245 No longer considered experimental.
1249 - [Michael Baentsch brought this change]
1251 tls: add CURLOPT_SSL_EC_CURVES and --curves
1255 - url: remove funny embedded comments in Curl_disonnect calls
1257 - [Chris Paulson-Ellis brought this change]
1259 conn: check for connection being dead before reuse
1261 Prevents incorrect reuse of an HTTP connection that has been prematurely
1262 shutdown() by the server.
1264 Partial revert of 755083d00deb16
1269 Marc Hoersken (29 Aug 2020)
1270 - buildconf: exec autoreconf to avoid additional process
1272 Also make buildconf exit with the return code of autoreconf.
1274 Reviewed-by: Daniel Stenberg
1279 - CI/azure: no longer ignore results of test 1013
1284 - docs: add description about CI platforms to CONTRIBUTE.md
1286 Reviewed-by: Daniel Stenberg
1287 Reviewed-by: Marcel Raad
1288 Reviewed-by: Jay Satiro
1292 Daniel Stenberg (29 Aug 2020)
1293 - tests/getpart: use MIME::Base64 instead of home-cooked
1295 Since we already use the base64 package since a while back, we can just
1296 as well switch to that here too.
1298 It also happens to use the exact same function name, which otherwise
1299 causes a run-time warning.
1301 Reported-by: Marc Hörsken
1305 Marcel Raad (29 Aug 2020)
1306 - ntlm: fix condition for curl_ntlm_core usage
1308 `USE_WINDOWS_SSPI` without `USE_WIN32_CRYPTO` but with any other DES
1309 backend is fine, but was excluded before.
1311 This also fixes test 1013 as the condition for SMB support in
1312 configure.ac didn't match the condition in the source code. Now it
1315 Fixes https://github.com/curl/curl/issues/1262
1316 Closes https://github.com/curl/curl/pull/5771
1318 - AppVeyor: switch 64-bit Schannel Debug CMake builds to Unicode
1320 The Schannel builds are the most useful to verify as they make the most
1321 use of the Windows API. Classic MinGW doesn't support Unicode at all,
1322 only MinGW-w64 and MSVC do.
1324 Closes https://github.com/curl/curl/pull/5843
1326 - CMake: add option to enable Unicode on Windows
1328 As already existing for winbuild.
1330 Closes https://github.com/curl/curl/pull/5843
1332 Marc Hoersken (29 Aug 2020)
1333 - select: simplify return code handling for poll and select
1335 poll and select already return -1 on error according to POSIX,
1336 so there is no need to perform a <0 to -1 conversion in code.
1338 Also we can just use one check with <= 0 on the return code.
1340 Assisted-by: Daniel Stenberg
1341 Reviewed-by: Jay Satiro
1346 Daniel Stenberg (28 Aug 2020)
1347 - RELEASE-NOTES: synced
1349 - [Jeroen Ooms brought this change]
1351 tests: add test1912 with typechecks
1353 Validates that gcc-typecheck macros match the new option type API.
1357 - easyoptions: provide debug function when DEBUGBUILD
1359 ... not CURLDEBUG as they're not always set in conjunction.
1361 Follow-up to 6ebe63fac23f38df
1366 Marc Hoersken (28 Aug 2020)
1367 - sockfilt: handle FD_CLOSE winsock event on write socket
1369 Learn from the way Cygwin handles and maps the WinSock events
1370 to simulate correct and complete poll and select behaviour
1371 according to Richard W. Stevens Network Programming book.
1376 - multi: handle connection state winsock events
1378 Learn from the way Cygwin handles and maps the WinSock events
1379 to simulate correct and complete poll and select behaviour
1380 according to Richard W. Stevens Network Programming book.
1382 Reviewed-by: Jay Satiro
1383 Reviewed-by: Marcel Raad
1388 Daniel Stenberg (28 Aug 2020)
1389 - Curl_pgrsTime - return new time to avoid timeout integer overflow
1391 Setting a timeout to INT_MAX could cause an immediate error to get
1392 returned as timeout because of an overflow when different values of
1395 This is primarily fixed by having Curl_pgrsTime() return the "now" when
1396 TIMER_STARTSINGLE is set so that the parent function will continue using
1399 Reported-by: Ionuț-Francisc Oancea
1403 - TLS: fix SRP detection by using the proper #ifdefs
1405 USE_TLS_SRP will be true if *any* selected TLS backend can use SRP
1407 HAVE_OPENSSL_SRP is defined when OpenSSL can use it
1409 HAVE_GNUTLS_SRP is defined when GnuTLS can use it
1411 Clarify in the curl_verison_info docs that CURL_VERSION_TLSAUTH_SRP is
1412 set if at least one of the supported backends offers SRP.
1414 Reported-by: Stefan Strogin
1418 - [Dan Kenigsberg brought this change]
1420 docs: SSLCERTS: fix English syntax
1422 Signed-off-by: Dan Kenigsberg <danken@redhat.com>
1426 - [Alessandro Ghedini brought this change]
1428 docs: non-existing macros in man pages
1430 As reported by man(1) when invoked as:
1432 man --warnings -E UTF-8 -l -Tutf8 -Z <file> >/dev/null
1436 - [Alessandro Ghedini brought this change]
1438 curl.1: fix typo invokved -> invoked
1442 - buildconf: invoke 'autoreconf -fi' instead
1444 The custom script isn't necessary anymore - but remains for simplicity
1445 and just invokes autoreconf.
1449 - [Emil Engler brought this change]
1451 lib: make Curl_gethostname accept a const pointer
1453 The address of that variable never gets changed, only the data in it so
1454 why not make it a "char * const"?
1458 - docs/libcurl: update "Added in" version for curl_easy_option*
1460 Follow-up to 6ebe63fac23f38
1462 - scripts: improve the "get latest curl release tag" logic
1464 ... by insiting on it matching "^curl-".
1466 - configure: added --disable-get-easy-options
1468 To allow disabling of the curl_easy_option APIs in a build.
1472 - options: API for meta-data about easy options
1474 const struct curl_easyoption *curl_easy_option_by_name(const char *name);
1476 const struct curl_easyoption *curl_easy_option_by_id (CURLoption id);
1478 const struct curl_easyoption *
1479 curl_easy_option_next(const struct curl_easyoption *prev);
1481 The purpose is to provide detailed enough information to allow for
1482 example libcurl bindings to get option information at run-time about
1483 what easy options that exist and what arguments they expect.
1485 Assisted-by: Jeroen Ooms
1488 - [Eric Curtin brought this change]
1490 HTTP/3: update to OpenSSL_1_1_1g-quic-draft-29
1494 - RELEASE-NOTES: synced
1496 Jay Satiro (26 Aug 2020)
1497 - openssl: Fix wincrypt symbols conflict with BoringSSL
1499 OpenSSL undefines the conflicting symbols but BoringSSL does not so we
1500 must do it ourselves.
1502 Reported-by: Samuel Tranchet
1503 Assisted-by: Javier Blazquez
1505 Ref: https://bugs.chromium.org/p/boringssl/issues/detail?id=371
1506 Ref: https://github.com/openssl/openssl/blob/OpenSSL_1_1_1g/include/openssl/ossl_typ.h#L66-L73
1508 Fixes https://github.com/curl/curl/issues/5669
1509 Closes https://github.com/curl/curl/pull/5857
1511 Daniel Stenberg (26 Aug 2020)
1512 - socketpair: allow CURL_DISABLE_SOCKETPAIR
1514 ... to completely disable the use of socketpair
1518 - curl_get_line: build only if cookies or alt-svc are enabled
1522 - [fullincome brought this change]
1524 schannel: fix memory leak when using get_cert_location
1526 The get_cert_location function allocates memory only on success.
1527 Previously get_cert_location was able to allocate memory and return
1528 error. It wasn't obvious and in this case the memory wasn't
1534 - [Emil Engler brought this change]
1536 git: ignore libtests in 3XXX area
1538 Currently the file tests/libtest/lib3010 is not getting
1539 ignored by git. This fixes it by adding the 3XXX area to
1540 the according .gitignore file.
1544 - [Emil Engler brought this change]
1546 doh: add error message for DOH_DNS_NAME_TOO_LONG
1548 When this error code was introduced in b6a53fff6c1d07e8a9, it was
1549 forgotten to be added in the errors array and doh_strerror function.
1553 - ngtcp2: adapt to the new pkt_info arguments
1555 Guidance-by: Tatsuhiro Tsujikawa
1559 - winbuild/README.md: make <options> visible
1561 Follow-up to be753add31c2d8c
1563 - winbuild: convert the instruction text to README.md
1567 - lib1560: verify "redirect" to double-slash leading URL
1571 Marc Hoersken (25 Aug 2020)
1572 - multi: expand pre-check for socket readiness
1574 Check readiness of all sockets before waiting on them
1575 to avoid locking in case the one-time event FD_WRITE
1576 was already consumed by a previous wait operation.
1578 More information about WinSock network events:
1579 https://docs.microsoft.com/en-us/windows/win32/api/
1580 winsock2/nf-winsock2-wsaeventselect#return-value
1584 - [rcombs brought this change]
1586 multi: implement wait using winsock events
1588 This avoids using a pair of TCP ports to provide wakeup functionality
1589 for every multi instance on Windows, where socketpair() is emulated
1590 using a TCP socket on loopback which could in turn lead to socket
1591 resource exhaustion.
1593 A previous version of this patch failed to account for how in WinSock,
1594 FD_WRITE is set only once when writing becomes possible and not again
1595 until after a send has failed due to the buffer filling. This contrasts
1596 to how FD_READ and FD_OOB continue to be set until the conditions they
1597 refer to no longer apply. This meant that if a user wrote some data to
1598 a socket, but not enough data to completely fill its send buffer, then
1599 waited on that socket to become writable, we'd erroneously stall until
1600 their configured timeout rather than returning immediately.
1602 This version of the patch addresses that issue by checking each socket
1603 we're waiting on to become writable with select() before the wait, and
1604 zeroing the timeout if it's already writable.
1606 Assisted-by: Marc Hörsken
1607 Reviewed-by: Marcel Raad
1608 Reviewed-by: Daniel Stenberg
1609 Tested-by: Gergely Nagy
1610 Tested-by: Rasmus Melchior Jacobsen
1611 Tested-by: Tomas Berger
1617 - select: reduce duplication of Curl_poll in Curl_socket_check
1619 Change Curl_socket_check to use select-fallback in Curl_poll
1620 instead of implementing it in Curl_socket_check and Curl_poll.
1622 Reviewed-by: Daniel Stenberg
1623 Reviewed-by: Jay Satiro
1625 Replaces #5262 and #5492
1628 - select: fix poll-based check not detecting connect failure
1630 This commit changes Curl_socket_check to use POLLPRI to
1631 check for connect failure on the write socket, because
1632 POLLPRI maps to fds_err. This is in line with select(2).
1634 The select-based socket check correctly checks for connect
1635 failures by adding the write socket also to fds_err.
1637 The poll-based implementation (which internally can itself
1638 fallback to select again) did not previously check for
1639 connect failure by using POLLPRI with the write socket.
1641 See the follow up commit to this for more information.
1643 This commit makes sure connect failures can be detected
1644 and handled if HAVE_POLL_FINE is defined, eg. on msys2-devel.
1646 Reviewed-by: Daniel Stenberg
1647 Reviewed-by: Jay Satiro
1652 - select.h: make socket validation macros test for INVALID_SOCKET
1654 With Winsock the valid range is [0..INVALID_SOCKET-1] according to
1655 https://docs.microsoft.com/en-us/windows/win32/winsock/socket-data-type-2
1657 Reviewed-by: Jay Satiro
1658 Reviewed-by: Marcel Raad
1659 Reviewed-by: Daniel Stenberg
1663 Daniel Stenberg (24 Aug 2020)
1664 - docs: --output-dir is added in 7.73.0, nothing else
1666 Follow-up to 5620d2cc78c0
1668 - curl: add --output-dir
1670 Works with --create-dirs and with -J
1672 Add test 3008, 3009, 3011, 3012 and 3013 to verify.
1676 - configure: fix pkg-config detecting wolfssl
1678 When amending the include path with "/wolfssl", this now properly strips
1679 off all whitespace from the path variable! Previously this would lead to
1680 pkg-config builds creating bad command lines.
1684 - [Michael Musset brought this change]
1686 sftp: add the option CURLKHSTAT_FINE_REPLACE
1688 Replace the old fingerprint of the host with a new.
1692 - RELEASE-NOTES: synced
1694 The next release is now to become 7.73.0
1696 - checksrc: verify do-while and spaces between the braces
1698 Updated mprintf.c to comply
1702 - curl: support XDG_CONFIG_HOME to find .curlrc
1704 Added test433 to verify. Updated documentation.
1706 Reviewed-by: Jay Satiro
1707 Suggested-by: Eli Schwartz
1711 - etag: save and use the full received contents
1713 ... which makes it support weak tags and non-standard etags too!
1715 Added test case 347 to verify blank incoming ETag:
1720 - setopt: if the buffer exists, refuse the new BUFFERSIZE
1722 The buffer only exists during transfer and then we shouldn't change the
1723 size (the setopt is not documented to work then).
1725 Reported-by: Harry Sintonen
1728 - [COFFEETALES brought this change]
1730 sftp: add new quote commands 'atime' and 'mtime'
1734 - CURLE_PROXY: new error code
1736 Failures clearly returned from a (SOCKS) proxy now causes this return
1737 code. Previously the situation was not very clear as what would be
1740 In addition: when this error code is returned, an application can use
1741 CURLINFO_PROXY_ERROR to query libcurl for the detailed error, which then
1742 returns a value from the new 'CURLproxycode' enum.
1746 - runtests: make cleardir() erase dot files too
1748 Because test cases might use dot files.
1752 - KNOWN_BUGS: 'no_proxy' string-matches IPv6 numerical addreses
1754 Also: the current behavior is now documented in the curl.1 and
1755 CURLOPT_NOPROXY.3 man pages.
1757 Reported-by: Andrew Barnes
1761 Viktor Szakats (22 Aug 2020)
1762 - Makefile.m32: add ability to override zstd libs [ci skip]
1764 Similarly to brotli, where this was already possible.
1765 E.g. it allows to link zstd statically to libcurl.dll.
1767 Ref: https://github.com/curl/curl-for-win/issues/12
1768 Ref: https://github.com/curl/curl-for-win/commit/d9b266afd2e5d3f5604483010ef62340b5918c89
1770 Closes https://github.com/curl/curl/pull/5840
1772 Daniel Stenberg (21 Aug 2020)
1773 - runtests: avoid 'fail to start' repeated messages in attempt loops
1777 - runtests: clear pid variables when failing to start a server
1779 ... as otherwise the parent doesn't detect the failure and believe it
1780 actually worked to start.
1782 Reported-by: Christian Weisgerber
1783 Bug: https://curl.haxx.se/mail/lib-2020-08/0018.html
1786 - TODO: Virtual external sockets
1790 - [Don J Olmstead brought this change]
1792 dist: add missing CMake Find modules to the distribution
1796 - RELEASE-NOTES: synced
1798 ... and version bumped to 7.72.1
1800 - tls: provide the CApath verbose log on its own line
1802 ... not newline separated from the previous line. This makes it output
1803 asterisk prefixed properly like other verbose putput!
1805 Reported-by: jmdavitt on github
1809 Version 7.72.0 (19 Aug 2020)
1811 Daniel Stenberg (19 Aug 2020)
1812 - RELEASE-NOTES: synced
1814 The curl 7.72.0 release
1816 - THANKS: add names from curl 7.72.0 release
1818 Jay Satiro (18 Aug 2020)
1819 - KNOWN_BUGS: Schannel TLS 1.2 handshake bug in old Windows versions
1821 Reported-by: plujon@users.noreply.github.com
1823 Closes https://github.com/curl/curl/issues/5488
1825 Daniel Stenberg (17 Aug 2020)
1826 - Curl_easy: remember last connection by id, not by pointer
1830 Bug: https://curl.haxx.se/docs/CVE-2020-8231.html
1832 Reported-by: Marc Aldorasi
1835 - examples/rtsp.c: correct the copyright year
1837 - RELEASE-PROCEDURE.md: add more future release dates
1839 - [H3RSKO brought this change]
1841 docs: change "web site" to "website"
1843 According to wikipedia:
1845 While "web site" was the original spelling, this variant has become
1846 rarely used, and "website" has become the standard spelling
1850 - [Bevan Weiss brought this change]
1852 CMake: don't complain about missing nroff
1854 The curl_nroff_check() was always being called, and complaining if
1855 *NROFF wasn't found, even when not making the manual.
1857 Only check for nroff (and complain) if actually making the manual
1861 - [Brian Inglis brought this change]
1863 libtest/Makefile.am: add -no-undefined for libstubgss for Cygwin
1865 copy the LDFLAGS approach for adding same option with `libhostname` in
1866 `libtest/Makefile.am`:
1868 - init `libstubgss_la_LDFLAGS_EXTRA` variable,
1869 - add option to variable inside conditional,
1870 - use variable in `libstubgss_la_LDFLAGS`
1875 - docs: clarify MAX_SEND/RECV_SPEED functionality
1877 ... in particular what happens if the maximum speed limit is set to a
1878 value that's smaller than the transfer buffer size in use.
1880 Reported-by: Tomas Berger
1884 - test1140: compare stdout
1886 To make problems more immediately obvious when tests fail.
1890 - asyn-ares: correct some bad comments
1894 - [Emil Engler brought this change]
1896 docs: Add video link to docs/CONTRIBUTE.md
1900 - curl-config: ignore REQUIRE_LIB_DEPS in --libs output
1902 Fixes a curl-config issue on cygwin by making sure REQUIRE_LIB_DEPS is
1903 not considered for the --libs output.
1905 Reported-by: ramsay-jones on github
1906 Assisted-by: Brian Inglis and Ken Brown
1910 - copyright: update/correct the year range on a few files
1912 - scripts/copyright.pl: ignore .muse files
1914 - [Emil Engler brought this change]
1916 multi: Remove 10-year old out-commented code
1918 The code hasn't been touched since 2010-08-18
1922 - KNOWN_BUGS: A shared connection cache is not thread-safe
1927 - CONTRIBUTE: extend git commit message description
1929 In particular how the first line works.
1933 - RELEASE-NOTES: synced
1935 - [Stefan Yohansson brought this change]
1937 transfer: move retrycount from connect struct to easy handle
1939 This flag was applied to the connection struct that is released on
1940 retry. These changes move the retry counter into Curl_easy struct that
1941 lives across retries and retains the new connection.
1943 Reported-by: Cherish98 on github
1947 - libssh2: s/ssherr/sftperr/
1949 The debug output used ssherr instead of sftperr which not only outputs
1950 the wrong error code but also casues a warning on Windows.
1952 Follow-up to 7370b4e39f1
1954 Reported-by: Gisle Vanem
1955 Bug: https://github.com/curl/curl/commit/7370b4e39f1390e701f5b68d910c619151daf72b#r41334700
1958 - ftp: don't do ssl_shutdown instead of ssl_close
1960 The shutdown function is for downgrading a connection from TLS to plain,
1961 and this is not requested here.
1963 Have ssl_close reset the TLS connection state.
1965 This partially reverts commit f002c850d98d
1967 Reported-by: Rasmus Melchior Jacobsen
1968 Reported-by: Denis Goleshchikhin
1971 Marc Hoersken (9 Aug 2020)
1972 - CI/azure: fix test outcome values and use latest API version
1974 This makes sure that tests ignored or skipped are not shown
1975 just in the category "Other", but with their correct state.
1979 - CI/azure: show runtime stats to investigate slowness
1981 Also avoid naming conflict of TFLAGS env and tflags variables.
1985 Daniel Stenberg (8 Aug 2020)
1986 - TLS naming: fix more Winssl and Darwinssl leftovers
1988 The CMake option is now called CMAKE_USE_SCHANNEL
1990 The winbuild flag is USE_SCHANNEL
1992 The CI jobs and build scripts only use the new names and the new name
1995 Tests now require 'Schannel' (when necessary)
1999 - smtp_parse_address: handle blank input string properly
2003 - runtests: run the DICT server on a random port number
2005 Removed support for -b (base port number)
2009 - RELEASE-NOTES: synced
2011 - runtests: move the TELNET server to a dynamic port
2013 Rename the port variable to TELNETPORT to better match the existing
2018 - ngtcp2: adapt to error code rename
2022 - runtests: move the smbserver to use a dynamic port number
2026 - runtests: run the http2 tests on a random port number
2030 - gtls: survive not being able to get name/issuer
2034 - runtests: move the gnutls-serv tests to a dynamic port
2036 Affects test 320, 321, 322 and 324.
2040 - runtests: support dynamicly base64 encoded sections in tests
2042 This allows us to make test cases to use base64 at run-time and still
2043 use and verify information determined at run-time, such as the IMAP test
2044 server's port number in test 842.
2046 This change makes 12 tests run again that basically never ran since we
2047 moved to dynamic port numbers.
2049 ftpserver.pl is adjusted to load test instructions and test number from
2050 the preprocessed test file.
2052 FILEFORMAT.md now documents the new base64 encoding syntax.
2054 Reported-by: Marcel Raad
2058 - curl.1: add a few missing valid exit codes
2060 93 - 96 can be returned as well.
2064 - TODO: Use multiple parallel transfers for a single download
2068 - TODO: Set the modification date on an uploaded file
2072 - [Thomas M. DuBuisson brought this change]
2074 CI: Add muse CI config
2078 - [Thomas M. DuBuisson brought this change]
2080 travis/script.sh: fix use of `-n' with unquoted envvar
2082 Shellcheck tells us "-n doesn't work with unquoted arguments. quote or
2088 docker run --rm -it ubuntu bash
2089 root@fe85ce156856:/# [ -n $DOES_NOT_EXIST ] && echo "I ran"
2091 root@fe85ce156856:/# [ -n "$DOES_NOT_EXIST" ] && echo "I ran"
2092 root@fe85ce156856:/#
2097 - h2: repair trailer handling
2099 The previous h2 trailer fix in 54a2b63 was wrong and caused a
2100 regression: it cannot deal with trailers immediately when read since
2101 they may be read off the connection by the wrong 'data' owner.
2103 This change reverts the logic back to gathering all trailers into a
2104 single buffer, like before 54a2b63.
2106 Reported-by: Tadej Vengust
2110 Viktor Szakats (3 Aug 2020)
2111 - windows: disable Unix Sockets for old mingw
2113 Classic mingw and 10y+ old versions of mingw-w64 don't ship with
2114 Windows headers having the typedef necessary for Unix Sockets
2115 support, so try detecting these environments to disable this
2118 Ref: https://sourceforge.net/p/mingw-w64/mingw-w64/ci/cf6afc57179a5910621215f8f4037d406892072c/
2120 Reviewed-by: Daniel Stenberg
2125 Marcel Raad (3 Aug 2020)
2126 - test1908: treat file as text
2128 Fixes the line endings on Windows.
2130 Closes https://github.com/curl/curl/pull/5767
2132 - TrackMemory tests: ignore realloc and free in getenv.c
2134 These are only called for WIN32.
2136 Closes https://github.com/curl/curl/pull/5767
2138 Daniel Stenberg (3 Aug 2020)
2139 - tests/FILEFORMAT.md: mention %HTTP2PORT
2141 - RELEASE-NOTES: synced
2143 - tlsv1.3.d. only for TLS-using connections
2145 ... and rephrase that "not all" TLS backends support it.
2149 - tls-max.d: this option is only for TLS-using connections
2154 Marcel Raad (2 Aug 2020)
2155 - [Cameron Cawley brought this change]
2157 tool_doswin: Simplify Windows version detection
2159 Closes https://github.com/curl/curl/pull/5754
2161 - [Cameron Cawley brought this change]
2163 win32: Add Curl_verify_windows_version() to curlx
2165 Closes https://github.com/curl/curl/pull/5754
2167 - runtests.pl: treat LibreSSL and BoringSSL as OpenSSL
2169 This makes the tests that require the OpenSSL feature also run for
2170 those two compatible libraries.
2172 Closes https://github.com/curl/curl/pull/5762
2174 Daniel Stenberg (1 Aug 2020)
2175 - multi: Condition 'extrawait' is always true
2179 Reviewed-by: Marcel Raad
2182 Marcel Raad (1 Aug 2020)
2183 - openssl: fix build with LibreSSL < 2.9.1
2185 `SSL_CTX_add0_chain_cert` and `SSL_CTX_clear_chain_certs` were
2186 introduced in LibreSSL 2.9.1 [0].
2188 [0] https://github.com/libressl-portable/openbsd/commit/0db809ee178457c8170abfae3931d7bd13abf3ef
2190 Closes https://github.com/curl/curl/pull/5757
2192 Daniel Stenberg (1 Aug 2020)
2193 - [Marc Aldorasi brought this change]
2195 multi_remove_handle: close unused connect-only connections
2197 Previously any connect-only connections in a multi handle would be kept
2198 alive until the multi handle was closed. Since these connections cannot
2199 be re-used, they can be marked for closure when the associated easy
2200 handle is removed from the multi handle.
2204 - checksrc: invoke script with -D to find .checksrc proper
2206 Without the -D command line option, checksrc.pl won't know which
2207 directory to load the ".checksrc" file from when building out of the
2210 Reported-by: Marcel Raad
2214 - [Carlo Marcelo Arenas Belón brought this change]
2216 buildconf: retire ares buildconf invocation
2218 no longer needed after 4259d2df7dd95637a4b1e3fb174fe5e5aef81069
2220 - [Carlo Marcelo Arenas Belón brought this change]
2222 buildconf: excempt defunct reference to ACLOCAL_FLAGS
2224 retired with 09f278121e815028adb24d228d8092fc6cb022aa but kept around as
2225 the name is generic enough that it might be in use and relied upon from
2228 - [Carlo Marcelo Arenas Belón brought this change]
2230 buildconf: avoid array concatenation in die()
2232 reported as error SC2145[1] by shellcheck, but not expected to cause
2233 any behavioural differences otherwise.
2235 [1] https://github.com/koalaman/shellcheck/wiki/SC2145
2239 - travis: add ppc64le and s390x builds
2243 Marc Hoersken (31 Jul 2020)
2244 - connect: remove redundant message about connect failure
2246 Reviewed-by: Daniel Stenberg
2250 - tests/sshserver.pl: fix compatibility with OpenSSH for Windows
2254 - CI/azure: install libssh2 for use with msys2-based builds
2256 This enables building and running the SFTP tests.
2257 Unfortunately OpenSSH for Windows does not support SCP (yet).
2259 Reviewed-by: Daniel Stenberg
2263 - CI/azure: increase Windows job timeout once again
2265 Avoid aborted jobs due to performance issues on Azure DevOps.
2267 Reviewed-by: Daniel Stenberg
2268 Reviewed-by: Jay Satiro
2272 Jay Satiro (30 Jul 2020)
2273 - TODO: Schannel: 'Add option to allow abrupt server closure'
2275 We should offer an option to allow abrupt server closures (server closes
2276 SSL transfer without sending a known termination point such as length of
2277 transfer or close_notify alert). Abrupt server closures are usually
2278 because of misconfigured or very old servers.
2280 Closes https://github.com/curl/curl/issues/4427
2282 - url: fix CURLU and location following
2284 Prior to this change if the user set a URL handle (CURLOPT_CURLU) it was
2285 incorrectly used for the location follow, resulting in infinite requests
2286 to the original location.
2288 Reported-by: sspiri@users.noreply.github.com
2290 Fixes https://github.com/curl/curl/issues/5709
2291 Closes https://github.com/curl/curl/pull/5713
2293 Daniel Stenberg (30 Jul 2020)
2294 - RELEASE-NOTES: synced
2296 - [divinity76 brought this change]
2298 docs: add date of 7.20 to CURLM_CALL_MULTI_PERFORM mentions
2300 it helps make it obvious that most developers don't have to care about
2301 the CURLM_CALL_MULTI_PERFORM value (last release using it is nearly 11
2302 years old, November 4 2009)
2306 Jay Satiro (29 Jul 2020)
2307 - tool_cb_wrt: fix outfile mode flags for Windows
2309 - Use S_IREAD and S_IWRITE mode permission flags to create the file
2310 on Windows instead of S_IRUSR, S_IWUSR, etc.
2312 Windows only accepts a combination of S_IREAD and S_IWRITE. It does not
2313 acknowledge other combinations, for which it may generate an assertion.
2315 This is a follow-up to 81b4e99 from yesterday, which improved the
2316 existing file check with -J.
2318 Ref: https://docs.microsoft.com/en-us/cpp/c-runtime-library/reference/open-wopen#remarks
2319 Ref: https://github.com/curl/curl/pull/5731
2321 Closes https://github.com/curl/curl/pull/5742
2323 Daniel Stenberg (28 Jul 2020)
2324 - checksrc: ban gmtime/localtime
2326 They're not thread-safe so they should not be used in libcurl code.
2328 Explictly enabled when deemed necessary and in examples and tests
2330 Reviewed-by: Nicolas Sterchele
2333 - transfer: fix data_pending for builds with both h2 and h3 enabled
2337 - curl_multi_setopt: fix compiler warning "result is always false"
2339 On systems with 32 bit long the expression is always false. Avoid
2342 Reported-by: Gisle Vanem
2343 Bug: https://github.com/curl/curl/commit/61a08508f6a458fe21bbb18cd2a9bac2f039452b#commitcomment-40941232
2346 - curl: improve the existing file check with -J
2348 Previously a file that isn't user-readable but is user-writable would
2349 not be properly avoided and would get overwritten.
2351 Reported-by: BrumBrum on hackerone
2352 Assisted-by: Jay Satiro
2353 Bug: https://hackerone.com/reports/926638
2356 - [Jonathan Nieder brought this change]
2358 multi: update comment to say easyp list is linear
2360 Since 09b9fc900 (multi: remove 'Curl_one_easy' struct, phase 1,
2361 2013-08-02), the easy handle list is not circular but ends with
2362 ->next pointing to NULL.
2364 Reported-by: Masaya Suzuki <masayasuzuki@google.com>
2367 - CURLOPT_NOBODY.3: fix the syntax for referring to options
2369 As test 1140 fails otherwise!
2371 Follow-up to e1bac81cc815
2373 - ngtcp2: store address in sockaddr_storage
2375 Reported-by: Tatsuhiro Tsujikawa
2378 - CURLOPT_NOBODY.3: clarify what setting to 0 means
2380 ... and mention that HTTP with other methods than HEAD might get a body and
2381 there's no option available to stop that.
2385 - setopt: unset NOBODY switches to GET if still HEAD
2387 Unsetting CURLOPT_NOBODY with 0L when doing HTTP has no documented
2388 action but before 7.71.0 that used to switch back to GET and with this
2389 change (assuming the method is still set to HEAD) this behavior is
2392 Reported-by: causal-agent on github
2396 - [Ehren Bendler brought this change]
2398 configure: cleanup wolfssl + pkg-config conflicts when cross compiling.
2400 Also choose a different wolfSSL function to test for NTLM support.
2405 - configure: show zstd "no" in summary when built without it
2407 Reported-by: Marc Hörsken
2411 - quiche: handle calling disconnect twice
2413 Reported-by: lilongyan-huawei on github
2417 - [Nicolas Sterchele brought this change]
2419 getinfo: reset retry-after value in initinfo
2421 - Avoid re-using retry_after value from preceding request
2422 - Add libtest 3010 to verify
2424 Reported-by: joey-l-us on github
2428 Marcel Raad (27 Jul 2020)
2429 - WIN32: stop forcing narrow-character API
2431 Except where the results are only used for character output.
2432 getenv is not touched because it's part of the public API, and having
2433 it return UTF-8 instead of ANSI would be a breaking change.
2435 Fixes https://github.com/curl/curl/issues/5658
2436 Fixes https://github.com/curl/curl/issues/5712
2437 Closes https://github.com/curl/curl/pull/5718
2439 Jay Satiro (27 Jul 2020)
2440 - [Tobias Stoeckmann brought this change]
2442 mprintf: Fix stack overflows
2444 Stack overflows can occur with precisions for integers and floats.
2447 - curl_mprintf("%d, %.*1$d", 500, 1);
2448 - curl_mprintf("%d, %+0500.*1$f", 500, 1);
2450 Ideally, compile with -fsanitize=address which makes this undefined
2451 behavior a bit more defined for debug purposes.
2453 The format strings are valid. The overflows occur due to invalid
2454 arguments. If these arguments are variables with contents controlled
2455 by an attacker, the function's stack can be corrupted.
2457 Also see CVE-2016-9586 which partially fixed the float aspect.
2459 Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>
2461 Closes https://github.com/curl/curl/pull/5722
2463 - [Tobias Stoeckmann brought this change]
2465 mprintf: Fix dollar string handling
2467 Verify that specified parameters are in range. If parameters are too
2468 large, fail early on and avoid out of boundary accesses.
2470 Also do not read behind boundaries of illegal format strings.
2472 These are defensive measures since it is expected that format strings
2473 are well-formed. Format strings should not be modifiable by user
2474 input due to possible generic format string attacks.
2476 Closes https://github.com/curl/curl/pull/5722
2478 Daniel Stenberg (26 Jul 2020)
2479 - ntlm: free target_info before (re-)malloc
2481 OSS-Fuzz found a way this could get called again with the pointer still
2482 pointing to a malloc'ed memory, leading to a leak.
2484 Bug: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=24379
2488 Marcel Raad (26 Jul 2020)
2489 - CI/macos: set minimum macOS version
2491 This enables some deprecation warnings.
2492 Previously, autotools defaulted to 10.8.
2494 Closes https://github.com/curl/curl/pull/5723
2496 Daniel Stenberg (26 Jul 2020)
2497 - RELEASE-NOTES: synced
2499 Marcel Raad (25 Jul 2020)
2500 - CI/macos: enable warnings as errors for CMake builds
2502 Closes https://github.com/curl/curl/pull/5716
2504 - CMake: fix test for warning suppressions
2506 GCC doesn't warn for unknown `-Wno-` options, except if there are other
2507 warnings or errors [0]. This was problematic with `CURL_WERROR` as that
2508 warning-as-error cannot be suppressed. Notably, this always happened
2509 with `-Wno-pedantic-ms-format` when not targeting Windows. So test for
2510 the positive form of the warning instead, which should always result in
2511 a diagnostic if unknown.
2513 [0] https://gcc.gnu.org/onlinedocs/gcc/Warning-Options.html
2515 Closes https://github.com/curl/curl/pull/5714
2517 Jay Satiro (23 Jul 2020)
2518 - curl.h: update CURLINFO_LASTONE
2520 CURLINFO_LASTONE should have been updated when
2521 CURLINFO_EFFECTIVE_METHOD was added.
2523 Reported-by: xwxbug@users.noreply.github.com
2525 Fixes https://github.com/curl/curl/issues/5711
2527 Marc Hoersken (22 Jul 2020)
2528 - CI/azure: unconditionally enable warnings-as-errors with autotools
2530 Reviewed-by: Marcel Raad
2535 Marcel Raad (21 Jul 2020)
2536 - doh: remove redundant cast
2538 Closes https://github.com/curl/curl/pull/5704
2540 - CI/macos: unconditionally enable warnings-as-errors with autotools
2542 Previously, warnings were only visible in the output for most jobs.
2544 Closes https://github.com/curl/curl/pull/5694
2546 - util: silence conversion warnings
2548 timeval::tv_usec might be a 32-bit integer and timespec::tv_nsec might
2549 be a 64-bit integer. This is the case when building for recent macOS
2550 versions, for example. Just treat tv_usec as an int, which should
2551 hopefully always be sufficient on systems with
2552 `HAVE_CLOCK_GETTIME_MONOTONIC`.
2554 Closes https://github.com/curl/curl/pull/5695
2556 - md(4|5): don't use deprecated macOS functions
2558 They are marked as deprecated for -mmacosx-version-min >= 10.15,
2559 which might result in warnings-as-errors.
2561 Closes https://github.com/curl/curl/pull/5695
2563 Daniel Stenberg (18 Jul 2020)
2564 - strdup: remove the odd strlen check
2566 It confuses code analyzers with its use of -1 for unsigned value. Also,
2567 a check that's not normally used in strdup() code - and not necessary.
2571 - [Alessandro Ghedini brought this change]
2573 travis: update quiche builds for new boringssl layout
2575 This is required after https://github.com/cloudflare/quiche/pull/593
2576 moved BoringSSL around slightly.
2578 This also means that Go is not needed to build BoringSSL anymore (the
2579 one provided by quiche anyway).
2583 Marcel Raad (17 Jul 2020)
2584 - configure: allow disabling warnings
2586 When using `--enable-warnings`, it was not possible to disable warnings
2587 via CFLAGS that got explicitly enabled. Now warnings are not enabled
2588 anymore if they are explicitly disabled (or enabled) in CFLAGS. This
2589 works for at least GCC, clang, and TCC as they have corresponding
2590 `-Wno-` options for every warning.
2592 Closes https://github.com/curl/curl/pull/5689
2594 Daniel Stenberg (16 Jul 2020)
2595 - ngtcp2: adjust to recent sockaddr updates
2599 - page-header: provide protocol details in the curl.1 man page
2601 Add protocol and version specific information about all protocols curl
2605 Reported-by: tbugfinder on github
2608 Daniel Gustafsson (16 Jul 2020)
2609 - docs: Update a few leftover mentions of DarwinSSL
2611 Commit 76a9c3c4be10b3d4d379d5b23ca76806bbae536a renamed DarwinSSL to the
2612 more correct/common name Secure Transport, but a few mentions in the docs
2616 Reviewed-by: Daniel Stenberg <daniel@haxx.se>
2618 Daniel Stenberg (16 Jul 2020)
2619 - file2memory: use a define instead of -1 unsigned value
2621 ... to use the maximum value for 'size_t' when detecting integer overflow.
2622 Changed the limit to max/4 as already that seems unreasonably large.
2624 Codacy didn't like the previous approach.
2628 - CURL_PUSH_ERROROUT: allow the push callback to fail the parent stream
2630 ... by adding support for a new dedicated return code.
2632 Suggested-by: Jonathan Cardoso
2633 Assisted-by: Erik Johansson
2634 URL: https://curl.haxx.se/mail/lib-2020-06/0099.html
2637 - [Baruch Siach brought this change]
2639 nss: fix build with disabled proxy support
2641 Avoid reference to fields that do not exist when CURL_DISABLE_PROXY is
2646 - test1139: make it display the difference on test failures
2648 - test1119: verify stdout in the test
2650 So that failures will be displayed in the terminal, as it makes test failures
2651 visually displayed easier and faster.
2655 - curl: add %{method} to the -w variables
2657 Gets the CURLINFO_EFFECTIVE_METHOD from libcurl.
2659 Added test 1197 to verify.
2661 - CURLINFO_EFFECTIVE_METHOD: added
2663 Provide the HTTP method that was used on the latest request, which might
2664 be relevant for users when there was one or more redirects involved.
2668 Viktor Szakats (14 Jul 2020)
2669 - windows: add unicode to feature list
2671 Reviewed-by: Marcel Raad
2672 Reviewed-by: Marc Hörsken
2676 Daniel Stenberg (14 Jul 2020)
2677 - multi: remove two checks always true
2682 Marc Hoersken (13 Jul 2020)
2683 - workflows: limit what branches to run CodeQL on
2685 Align CodeQL action with existing CI actions:
2686 - Update branch filter to avoid duplicate CI runs.
2687 - Shorten workflow name due to informative job name.
2689 Reviewed-by: Daniel Stenberg
2693 - appveyor: collect libcurl.dll variants with prefix or suffix
2695 On some platforms libcurl is build with a platform-specific
2696 prefix and/or a version number suffix.
2698 Assisted-by: Jay Satiro
2702 Daniel Stenberg (12 Jul 2020)
2703 - [ihsinme brought this change]
2705 socks: use size_t for size variable
2707 Use the unsigned type (size_t) in the arithmetic of pointers. In this
2708 context, the signed type (ssize_t) is used unnecessarily.
2710 Authored-by: ihsinme on github
2713 - RELEASE-NOTES: synced
2715 ... and bumped to 7.72.0 as the next release version number
2717 - [Gilles Vollant brought this change]
2719 content_encoding: add zstd decoding support
2721 include zstd curl patch for Makefile.m32 from vszakats
2722 and include Add CMake support for zstd from Peter Wu
2724 Helped-by: Viktor Szakats
2728 - asyn.h: remove the Curl_resolver_getsock define
2731 - used the wrong number of arguments
2732 - confused the Codeacy code analyzer
2736 - [Nicolas Sterchele brought this change]
2738 configure.ac: Sort features name in summary
2744 - [Matthias Naegler brought this change]
2746 cmake: fix windows xp build
2748 Reviewed-by: Marcel Raad
2751 - ngtcp2: update to modified qlog callback prototype
2755 - transfer: fix memory-leak with CURLOPT_CURLU in a duped handle
2757 Added test case 674 to reproduce and verify the bug report.
2760 Reported-by: NobodyXu on github
2763 - [Baruch Siach brought this change]
2765 bearssl: fix build with disabled proxy support
2767 Avoid reference to fields that do not exist when CURL_DISABLE_PROXY is
2770 Reviewed-by: Nicolas Sterchele
2773 - RELEASE-NOTES: synced
2775 Jay Satiro (11 Jul 2020)
2776 - [Carlo Marcelo Arenas Belón brought this change]
2778 cirrus-ci: upgrade 11-STABLE to 11.4
2780 Meant to be the last of the 11 series and so make sure that all
2781 other references reflect all 11 versions so they can be retired
2784 Closes https://github.com/curl/curl/pull/5668
2786 - [Filip Salomonsson brought this change]
2788 CURLINFO_CERTINFO.3: fix typo
2790 Closes https://github.com/curl/curl/pull/5655
2792 Daniel Stenberg (4 Jul 2020)
2793 - http2: only do the *done() cleanups for HTTP
2795 Follow-up to ef86daf4d3
2800 - [Alex Kiernan brought this change]
2802 gnutls: repair the build with `CURL_DISABLE_PROXY`
2804 `http_proxy`/`proxy_ssl`/`tunnel_proxy` will not be available in `conn`
2805 if `CURL_DISABLE_PROXY` is enabled. Repair the build with that
2808 Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com>
2811 Alex Kiernan (3 Jul 2020)
2812 - gnutls: Fetch backend when using proxy
2814 Fixes: 89865c149 ("gnutls: remove the BACKEND define kludge")
2815 Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com>
2817 Daniel Stenberg (3 Jul 2020)
2818 - [Laramie Leavitt brought this change]
2820 http2: close the http2 connection when no more requests may be sent
2822 Well-behaving HTTP2 servers send two GOAWAY messages. The first
2823 message is a warning that indicates that the server is going to
2824 stop accepting streams. The second one actually closes the stream.
2826 nghttp2 reports this state (and the other state of no more stream
2827 identifiers) via the call nghttp2_session_check_request_allowed().
2828 In this state the client should not create more streams on the
2829 session (tcp connection), and in curl this means that the server
2830 has requested that the connection is closed.
2832 It would be also be possible to put the connclose() call into the
2833 on_http2_frame_recv() function that triggers on the GOAWAY message.
2835 This fixes a bug seen when the client sees the following sequence of
2839 HTTP2 GOAWAY [stream-id = 0, promised-stream-id = -1]
2840 ... some additional frames
2843 HTTP2 GOAWAY [stream-id = 0, promised-stream-id = N ]
2845 Before this change, curl will attempt to reuse the connection even
2846 after the last stream, will encounter this error:
2848 * Found bundle for host localhost: 0x5595f0a694e0 [can multiplex]
2849 * Re-using existing connection! (#0) with host localhost
2850 * Connected to localhost (::1) port 10443 (#0)
2851 * Using Stream ID: 9 (easy handle 0x5595f0a72e30)
2852 > GET /index.html?5 HTTP/2
2853 > Host: localhost:10443
2854 > user-agent: curl/7.68.0
2857 * stopped the pause stream!
2858 * Connection #0 to host localhost left intact
2859 curl: (16) Error in the HTTP2 framing layer
2861 This error may posion the connection cache, causing future requests
2862 which resolve to the same curl connection to go through the same error
2867 - ftpserver: don't verify SMTP MAIL FROM names
2869 Rely on tests asking the names to get refused instead - test servers
2870 should be as dumb as possible. Edited test 914, 955 and 959 accordingly.
2874 - curl_version_info.3: CURL_VERSION_KERBEROS4 is deprecated
2876 This came up in #5640. It make sense to clarify this in the docs!
2878 Reminded-by: Kamil Dudka
2881 Kamil Dudka (3 Jul 2020)
2882 - tool_getparam: make --krb option work again
2884 It was disabled by mistake in commit curl-7_37_1-23-ge38ba4301.
2886 Bug: https://bugzilla.redhat.com/1833193
2889 Daniel Stenberg (2 Jul 2020)
2890 - [Jeremy Maitin-Shepard brought this change]
2892 http2: fix nghttp2_strerror -> nghttp2_http2_strerror in debug messages
2894 Confusingly, nghttp2 has two different error code enums:
2896 - nghttp2_error, to be used with nghttp2_strerror
2897 - nghttp2_error_code, to be used with nghttp2_http2_strerror
2901 Marcel Raad (2 Jul 2020)
2902 - url: silence MSVC warning
2904 Since commit f3d501dc678, if proxy support is disabled, MSVC warns:
2905 url.c : warning C4701: potentially uninitialized local variable
2907 url.c : error C4703: potentially uninitialized local pointer variable
2910 That could actually only happen if both `conn->bits.proxy` and
2911 `CURL_DISABLE_PROXY` were enabled.
2912 Initialize it to NULL to silence the warning.
2914 Closes https://github.com/curl/curl/pull/5638
2916 Daniel Stenberg (1 Jul 2020)
2917 - RELEASE-NOTES: synced
2919 Version 7.71.1 (30 Jun 2020)
2921 Daniel Stenberg (30 Jun 2020)
2922 - RELEASE-NOTES: curl 7.71.1
2924 - THANKS: add contributors to 7.71.1
2926 - scripts/copyright.pl: skip .dcignore
2928 - Revert "multi: implement wait using winsock events"
2930 This reverts commit 8bc25c590e530de87595d1bb3577f699eb1309b9.
2932 That commit (from #5397) introduced a regression in 7.71.0.
2934 Reported-by: tmkk on github
2938 - TODO: Add flag to specify download directory
2940 - TODO: return code to CURLMOPT_PUSHFUNCTION to fail connection
2942 - cirrus-ci: disable FreeBSD 13 (again)
2944 It has been failing for a good while again. This time we better leave it
2945 disabled until we have more reason to believe it behaves.
2949 - ngtcp2: sync with current master
2951 ngtcp2 added two new callbacks
2953 Reported-by: Lucien Zürcher
2957 - examples/multithread.c: call curl_global_cleanup()
2959 Reported-by: qiandu2006 on github
2963 - vtls: compare cert blob when finding a connection to reuse
2965 Reported-by: Gergely Nagy
2969 - RELEASE-NOTES: synced
2971 - terminology: call them null-terminated strings
2973 Updated terminology in docs, comments and phrases to refer to C strings
2974 as "null-terminated". Done to unify with how most other C oriented docs
2975 refer of them and what users in general seem to prefer (based on a
2976 single highly unscientific poll on twitter).
2978 Reported-by: coinhubs on github
2982 - http: fix proxy auth with blank password
2984 Regression in 7.71.0
2986 Added test case 346 to verify.
2988 Reported-by: Kristoffer Gleditsch
2992 - .dcignore: ignore tests and docs directories
2994 This is a config file for deepcode.ai, a static code analyzer.
2996 Jay Satiro (26 Jun 2020)
2997 - tool_cb_hdr: Fix etag warning output and return code
2999 - Return 'failure' on failure, to follow the existing style.
3001 - Put Warning: and the warning message on the same line.
3003 Ref: https://github.com/curl/curl/issues/5610
3005 Closes https://github.com/curl/curl/pull/5612
3007 Daniel Stenberg (26 Jun 2020)
3008 - CURLOPT_READFUNCTION.3: provide the upload data size up front
3010 Assisted-by: Jay Satiro
3013 - test1539: do a HTTP 1.0 POST without a set size (fails)
3015 Attempt to reproduce #5593. Test case 1514 is very similar but uses
3016 HTTP/1.1 and thus switches to chunked.
3020 - [Baruch Siach brought this change]
3022 mbedtls: fix build with disabled proxy support
3024 Don't reference fields that do not exist. Fixes build failure:
3026 vtls/mbedtls.c: In function 'mbed_connect_step1':
3027 vtls/mbedtls.c:249:54: error: 'struct connectdata' has no member named 'http_proxy'
3031 - codeql-analysis.yml: fix the 'languages' setting
3033 It needs a 'with:' in front of it.
3035 GitHub (26 Jun 2020)
3036 - [Daniel Stenberg brought this change]
3038 gtihub: codeql-analysis.yml
3040 enables code security scanning with github actions
3042 Daniel Stenberg (25 Jun 2020)
3043 - tests: verify newline in username and password for HTTP
3045 test 1296 is a simply command line test
3047 test 1910 is a libcurl test including a redirect
3049 - url: allow user + password to contain "control codes" for HTTP(S)
3051 Reported-by: Jon Johnson Jr
3055 - escape: make the URL decode able to reject only %00 bytes
3057 ... or all "control codes" or nothing.
3059 Assisted-by: Nicolas Sterchele
3061 - http2: set the correct URL in pushed transfers
3063 ...previously CURLINFO_EFFECTIVE_URL would report the URL of the
3064 original "mother transfer", not the actually pushed resource.
3066 Reported-by: Jonathan Cardoso Machado
3070 Jay Satiro (25 Jun 2020)
3071 - [Javier Blazquez brought this change]
3073 openssl: Fix compilation on Windows when ngtcp2 is enabled
3075 - Include wincrypt before OpenSSL includes so that the latter can
3076 properly handle any conflicts between the two.
3078 Closes https://github.com/curl/curl/pull/5606
3080 Daniel Stenberg (25 Jun 2020)
3081 - test543: extended to verify zero length input
3083 As was reported in #5601
3085 - escape: zero length input should return a zero length output
3087 Regression added in 7.71.0.
3090 Reported-by: Kristoffer Gleditsch
3093 - Curl_inet_ntop: always check the return code
3095 Reported-by: Siva Sivaraman
3099 - sendf: improve the message on client write errors
3101 Replace "Failed writing body (X != Y)" with
3102 "Failure writing output to destination". Possibly slightly less cryptic.
3104 Reported-by: coinhubs on github
3108 - RELEASE-NOTES: synced
3110 - curlver: start working on 7.71.1
3112 - [Denis Baručić brought this change]
3114 DYNBUF.md: fix a typo: trail => tail
3118 Version 7.71.0 (23 Jun 2020)
3120 Daniel Stenberg (23 Jun 2020)
3121 - RELEASE-NOTES: curl 7.71.0 release
3123 - THANKS: curl 7.71.0 additions
3125 - url: make sure pushed streams get an allocated download buffer
3127 Follow-up to c4e6968127e876b0
3129 When a new transfer is created, as a resuly of an acknowledged push,
3130 that transfer needs a download buffer allocated.
3134 Jay Satiro (22 Jun 2020)
3135 - openssl: Don't ignore CA paths when using Windows CA store
3137 This commit changes the behavior of CURLSSLOPT_NATIVE_CA so that it does
3138 not override CURLOPT_CAINFO / CURLOPT_CAPATH, or the hardcoded default
3139 locations. Instead the CA store can now be used at the same time.
3141 The change is due to the impending release. The issue is still being
3142 discussed. The behavior of CURLSSLOPT_NATIVE_CA is subject to change and
3143 is now documented as experimental.
3145 Ref: bc052cc (parent commit)
3146 Ref: https://github.com/curl/curl/issues/5585
3148 - tool_operate: Don't use Windows CA store as a fallback
3152 148534d added CURLSSLOPT_NATIVE_CA to use the Windows OS certificate
3153 store in libcurl w/ OpenSSL on Windows. CURLSSLOPT_NATIVE_CA overrides
3154 CURLOPT_CAINFO if both are set. The curl tool will fall back to
3155 CURLSSLOPT_NATIVE_CA if it could not find a certificate bundle to set
3160 libcurl may be built with hardcoded paths to a certificate bundle or
3161 directory, and if CURLSSLOPT_NATIVE_CA is used then those paths are
3166 A solution is still being discussed but since there's an impending
3167 release this commit removes using CURLSSLOPT_NATIVE_CA in the curl tool.
3169 Ref: https://github.com/curl/curl/issues/5585
3171 - openssl: Fix CA fallback logic for OpenSSL 3.0 build
3173 Prior to this change I assume a build error would occur when
3174 CURL_CA_FALLBACK was used.
3176 Closes https://github.com/curl/curl/pull/5587
3178 Daniel Stenberg (22 Jun 2020)
3179 - copyright: update mismatched copyright years
3181 - test1460: verify that -Ji is not ok
3183 - tool_getparam: -i is not OK if -J is used
3185 Reported-by: sn on hackerone
3186 Bug: https://curl.haxx.se/docs/CVE-2020-8177.html
3188 - [Peter Wu brought this change]
3190 CMake: ignore INTERFACE_LIBRARY targets for pkg-config file
3192 Reviewed-by: Marcel Raad
3196 - [Valentyn Korniienko brought this change]
3198 multibyte: Fixed access-> waccess to file for Windows Plarform
3200 Reviewed-by: Marcel Raad
3203 - altsvc: bump to h3-29
3207 - urlglob: treat literal IPv6 addresses with zone IDs as a host name
3209 ... and not as a "glob". Now done by passing the supposed host to the
3210 URL parser which supposedly will do a better job at identifying "real"
3211 numerical IPv6 addresses.
3213 Reported-by: puckipedia on github
3217 - test1179: verify error message for non-existing cmdline option
3219 - tool_getparam: repair the error message for unknown flag
3221 Follow-up to 9e5669f3880674
3222 Detected by Coverity CID 1464582 ("Logically dead code")
3226 - FILEFORMAT: describe verify/stderr
3228 - connect: improve happy eyeballs handling
3230 For QUIC but also for regular TCP when the second family runs out of IPs
3231 with a failure while the first family is still trying to connect.
3233 Separated the timeout handling for IPv4 and IPv6 connections when they
3234 both have a number of addresses to iterate over.
3236 - ngtcp2: never call fprintf() in lib code in release version
3238 - ngtcp2: fix happy eyeballs quic connect crash
3240 Reported-by: Peter Wu
3244 - select: remove the unused ELAPSED_MS() macro
3248 Marc Hoersken (17 Jun 2020)
3249 - [rcombs brought this change]
3251 multi: implement wait using winsock events
3253 This avoids using a pair of TCP ports to provide wakeup functionality
3254 for every multi instance on Windows, where socketpair() is emulated
3255 using a TCP socket on loopback which could in turn lead to socket
3256 resource exhaustion.
3258 Reviewed-by: Gergely Nagy
3259 Reviewed-by: Marc Hörsken
3263 Daniel Stenberg (17 Jun 2020)
3264 - manpage: add three missing environment variables
3266 CURL_SSL_BACKEND, QLOGDIR and SSLKEYLOGFILE
3270 - RELEASE-NOTES: synced
3272 - configure: for wolfSSL, check for the DES func needed for NTLM
3274 Also adds pkg-config support for the wolfSSL detection.
3276 - [Ruurd Beerstra brought this change]
3278 ntlm: enable NTLM support with wolfSSL
3280 When wolfSSL is built with its OpenSSL API layer, it fetures the same DES*
3281 functions that OpenSSL has. This change take advantage of that.
3283 Co-authored-by: Daniel Stenberg
3287 - http: move header storage to Curl_easy from connectdata
3289 Since the connection can be used by many independent requests (using
3290 HTTP/2 or HTTP/3), things like user-agent and other transfer-specific
3291 data MUST NOT be kept connection oriented as it could lead to requests
3292 getting the wrong string for their requests. This struct data was
3293 lingering like this due to old HTTP1 legacy thinking where it didn't
3299 - CODE_REVIEW.md: how to do code reviews in curl
3301 Assisted-by: Daniel Gustafsson
3302 Assisted-by: Rich Salz
3303 Assisted-by: Hugo van Kemenade
3304 Assisted-by: James Fuller
3305 Assisted-by: Marc Hörsken
3306 Assisted-by: Jay Satiro
3310 - altsvc: remove the num field from the altsvc struct
3312 It was superfluous since we have the list.size alredy
3314 Reported-by: Jay Satiro
3318 - version.d: expanded and alpha-sorted
3320 Added a few missing features not previously mentioned. Ordered them
3325 - ABI.md: rename to .md and polish the markdown
3329 - HELP-US: add a section for "smaller tasks"
3331 The point of this section is to meet the CII Best Practices gold level
3334 "The project MUST clearly identify small tasks that can be performed by
3335 new or casual contributors"
3339 - TODO: retry on the redirected-to URL
3343 - mailmap: Nicolas Sterchele
3345 - [Nicolas Sterchele brought this change]
3347 TODO: remove 19.3 section title
3349 Follow-up to ad6416986755e417c66e2c6, which caused wrong formatting on
3350 curl documentation website
3354 - [Martin V brought this change]
3356 test1560: avoid possibly negative association in wording
3360 - share: don't set the share flag it something fails
3362 When asking for a specific feature to be shared in the share object,
3363 that bit was previously set unconditionally even if the shared feature
3364 failed or otherwise wouldn't work.
3368 - buildconf: remove -print from the find command that removes files
3370 It's just too annoying and unnecessary to get a long list of files shown
3372 - RELEASE-NOTES: synced
3374 - wording: avoid blacklist/whitelist stereotypes
3376 Instead of discussing if there's value or meaning (implied or not) in
3377 the colors, let's use words without the same possibly negative
3382 Jay Satiro (9 Jun 2020)
3383 - tool_getparam: fix memory leak in parse_args
3385 Prior to this change in Windows Unicode builds most parsed options would
3388 Found using _CrtDumpMemoryLeaks().
3390 Ref: https://github.com/curl/curl/issues/5545
3392 Daniel Stenberg (8 Jun 2020)
3393 - socks: detect connection close during handshake
3395 The SOCKS4/5 state machines weren't properly terminated when the proxy
3396 connection got closed, leading to a busy-loop.
3398 Reported-By: zloi-user on github
3402 - [James Fuller brought this change]
3404 multi: add defensive check on data->multi->num_alive
3408 - Curl_addrinfo: use one malloc instead of three
3410 To reduce the amount of allocations needed for creating a Curl_addrinfo
3411 struct, make a single larger malloc instead of three separate smaller
3416 - [Alessandro Ghedini brought this change]
3418 quiche: update SSLKEYLOGFILE support
3420 quiche now requires the application to explicitly set the keylog path
3421 for each connection, rather than reading the environment variable
3426 - tests: add two simple tests for --login-options
3428 Test 895 and 896 - as a follow-up to a3e972313b
3432 - ngtcp2: update with recent API changes
3434 Syncs with ngtcp2 commit 7e9a917d386d98 merged June 7 2020.
3436 Assisted-by: Tatsuhiro Tsujikawa
3439 - [James Fuller brought this change]
3441 socks: remove unreachable breaks in socks.c and mime.c
3445 - tool_cfgable: free login_options at exit
3448 Reported-by: Geeknik Labs
3452 - libssh2: keep sftp errors as 'unsigned long'
3454 Remove weird work-around for storing the SFTP errors as int instead of
3455 the "unsigned long" that libssh2 actually returns for SFTP errors.
3459 Marc Hoersken (6 Jun 2020)
3460 - timeouts: move ms timeouts to timediff_t from int and long
3462 Now that all functions in select.[ch] take timediff_t instead
3463 of the limited int or long, we can remove type conversions
3464 and related preprocessor checks to silence compiler warnings.
3466 Avoiding conversions from time_t was already done in 842f73de.
3469 Supersedes #5214, #5220 and #5221
3470 Follow up to #5343 and #5479
3473 Daniel Stenberg (6 Jun 2020)
3474 - [François Rigault brought this change]
3476 openssl: set FLAG_TRUSTED_FIRST unconditionally
3478 On some systems, openssl 1.0.x is still the default, but it has been
3479 patched to contain all the recent security fixes. As a result of this
3480 patching, it is possible for macro X509_V_FLAG_NO_ALT_CHAINS to be
3481 defined, while the previous behavior of openssl to not look at trusted
3482 chains first, remains.
3484 Fix it: ensure X509_V_FLAG_TRUSTED_FIRST is always set, do not try to
3485 probe for the behavior of openssl based on the existence ofmacros.
3489 - server/util: fix logmsg format using curl_off_t argument
3491 ... this caused segfaults on armv7.
3493 Regression added in dd0365d560aea5a (7.70.0)
3495 Reviewed-by: Jay Satiro
3498 - RELEASE-NOTES: synced
3500 - [Cherish98 brought this change]
3502 socks: fix expected length of SOCKS5 reply
3504 Commit 4a4b63d forgot to set the expected SOCKS5 reply length when the
3505 reply ATYP is X'01'. This resulted in erroneously expecting more bytes
3506 when the request length is greater than the reply length (e.g., when
3507 remotely resolving the hostname).
3511 Marc Hoersken (5 Jun 2020)
3512 - .gitignore: add directory containing the stats repo
3514 Since the new curl/stats repository is designed to be
3515 checked out into the curl repository working tree as stats/
3516 it should be on the ignore list to aid in commit staging.
3518 Daniel Stenberg (5 Jun 2020)
3519 - [Adnan Khan brought this change]
3521 HTTP3.md: clarify cargo build directory
3523 Cargo needs to be called from within the 'quiche' directory.
3527 - user-agent.d: spell out what happens given a blank argument
3531 - trailers: switch h1-trailer logic to use dynbuf
3533 In the continued effort to remove "manual" realloc schemes.
3537 - CURLINFO_ACTIVESOCKET.3: clarify the description
3539 Reported-by: Jay Satiro
3543 - mailmap: Don J Olmstead
3545 - configure: only strip first -L from LDFLAGS
3547 In the logic that works out if a given OpenSSL path works, it stripped
3548 off a possibly leading -L flag using an incorrect sed pattern which
3549 would remove all instances of -L in the string, including if the path
3550 itself contained that two-letter sequence!
3552 The same pattern was used and is now updated in multiple places. Now it
3553 only removes -L if it starts the strings.
3555 Reported-by: Mohamed Osama
3559 Peter Wu (4 Jun 2020)
3560 - quiche: advertise draft 28 support
3562 Fix the verbose message while at it, quiche currently supports draft
3563 27 and draft 28 simultaneously.
3567 Daniel Stenberg (4 Jun 2020)
3568 - KNOWN_BUGS: RTSP authentication breaks without redirect support
3572 Jay Satiro (4 Jun 2020)
3573 - projects: Add crypt32.lib to dependencies for all OpenSSL configs
3575 Windows project configurations that use OpenSSL with USE_WIN32_CRYPTO
3578 Follow-up to 148534d which added CURLSSLOPT_NATIVE_CA for 7.71.0.
3580 The changes that are in this commit were made by script.
3582 Ref: https://gist.github.com/jay/a1861b50ecce2b32931237180f856e28
3584 Closes https://github.com/curl/curl/pull/5516
3586 Marc Hoersken (3 Jun 2020)
3587 - CI/macos: fix 'is already installed' errors by using bundle
3589 Avoid failing CI builds due to nghttp2 being already installed.
3593 Daniel Stenberg (3 Jun 2020)
3594 - altsvc: fix 'dsthost' may be used uninitialized in this function
3596 - RELEASE-NOTES: synced
3598 - urldata: let the HTTP method be in the set.* struct
3600 When the method is updated inside libcurl we must still not change the
3601 method as set by the user as then repeated transfers with that same
3602 handle might not execute the same operation anymore!
3604 This fixes the libcurl part of #5462
3606 Test 1633 added to verify.
3610 - hostip: fix the memory-leak introduced in 67d2802
3615 - test970: make it require proxy support
3617 This test verifies the -w %json output and the test case includes a full
3618 generated "blob". If there's no proxy support built into libcurl, it
3619 will return an error for proxy related info variables and they will not
3620 be included in the json, thus causing a mismatch and this test fails.
3622 Reported-by: Marc Hörsken
3626 - [Radoslav Georgiev brought this change]
3628 examples/http2-down/upload: add error checks
3630 If `index.html` does not exist in the directory from which the example
3631 is invoked, the fopen(upload, "rb") invocation in `setup` would fail,
3632 returning NULL. This value is subsequently passed as the FILE* argument
3633 of the `fread` invocation in the `read_callback` function, which is the
3634 actual cause of the crash (apparently `fread` assumes that argument to
3637 In addition, mitigate some possible crashes of similar origin.
3641 - [kotoriのねこ brought this change]
3643 examples/ephiperfifo: turn off interval when setting timerfd
3645 Reported-by: therealhirudo on github
3649 - [Saleem Abdulrasool brought this change]
3651 vtls: repair the build with `CURL_DISABLE_PROXY`
3653 `http_proxy` will not be available in `conndata` if `CURL_DISABLE_PROXY`
3654 is enabled. Repair the build with that configuration.
3656 Follow-up to f3d501dc67
3660 - transfer: remove k->str NULL check
3662 "Null-checking k->str suggests that it may be null, but it has already
3663 been dereferenced on all paths leading to the check" - and it can't
3664 legally be NULL at this point. Remove check.
3666 Detected by Coverity CID 1463884
3670 Marc Hoersken (1 Jun 2020)
3671 - select: always use Sleep in Curl_wait_ms on Win32
3673 Since Win32 almost always will also have USE_WINSOCK,
3674 we can reduce complexity and always use Sleep there.
3676 Assisted-by: Jay Satiro
3677 Reviewed-by: Daniel Stenberg
3682 Daniel Stenberg (31 May 2020)
3683 - conncache: download buffer needs +1 size for trailing zero
3685 Follow-up to c4e6968127e
3686 Detected by OSS-Fuzz: https://oss-fuzz.com/testcase-detail/5727799779524608
3688 Marc Hoersken (31 May 2020)
3689 - azure: use matrix strategy to avoid configuration redundancy
3691 This also includes the following changes:
3693 - Use the same timeout for all jobs on Linux (60 minutes)
3694 and Windows (90 minutes)
3695 - Use CLI stable apt-get install -y instead of apt install
3696 which warns about that and run apt-get update first
3697 - Enable MQTT for Windows msys2 builds instead of
3699 - Add ./configure --prefix parameter to the msys2 builds
3700 - The MSYSTEM environment variable is now preset inside
3701 the container images for the msys2 builds
3703 Note: on Azure Pipelines the matrix strategy is basically
3704 just a simple list of job copies and not really a matrix.
3708 Daniel Stenberg (30 May 2020)
3709 - build: disable more code/data when built without proxy support
3711 Added build to travis to verify
3715 - url: alloc the download buffer at transfer start
3717 ... and free it as soon as the transfer is done. It removes the extra
3718 alloc when a new size is set with setopt() and reduces memory for unused
3721 In addition: the closure_handle now doesn't use an allocated buffer at
3722 all but the smallest supported size as a stack based one.
3726 - timeouts: change millisecond timeouts to timediff_t from time_t
3728 For millisecond timers we like timediff_t better. Also, time_t can be
3729 unsigned so returning a negative value doesn't work then.
3733 Marc Hoersken (30 May 2020)
3734 - select: add overflow checks for timeval conversions
3736 Using time_t and suseconds_t if suseconds_t is available,
3737 long on Windows (maybe others in the future) and int elsewhere.
3739 Also handle case of ULONG_MAX being greater or equal to INFINITE.
3741 Assisted-by: Jay Satiro
3742 Reviewed-by: Daniel Stenberg
3746 - select: use timediff_t instead of time_t and int for timeout_ms
3748 Make all functions in select.[ch] take timeout_ms as timediff_t
3749 which should always be large enough and signed on all platforms
3750 to take all possible timeout values and avoid type conversions.
3752 Reviewed-by: Jay Satiro
3753 Reviewed-by: Daniel Stenberg
3755 Replaces #5107 and partially #5262
3756 Related to #5240 and #5286
3759 - unit1604.c: fix implicit conv from 'SANITIZEcode' to 'CURLcode'
3761 GCC 10 warns about this with warning: implicit conversion
3762 from 'SANITIZEcode' to 'CURLcode' [-Wenum-conversion]
3764 Since 'expected_result' is not really of type 'CURLcode' and
3765 it is not exposed in any way, we can just use 'SANITIZEcode'.
3767 Reviewed-by: Daniel Stenberg
3768 Reviewed-by: Marcel Raad
3772 - tests/libtest: fix undefined reference to 'curlx_win32_fopen'
3774 Since curl_setup.h now makes use of curlx_win32_fopen for Win32
3775 builds with USE_WIN32_LARGE_FILES or USE_WIN32_SMALL_FILES defined,
3776 we need to include the relevant files for tests using fopen,
3777 because the libtest sources are also including curl_setup.h
3779 Reviewed-by: Marcel Raad
3780 Reviewed-by: Daniel Stenberg
3782 Follow up to #3784 (ffdddb45d9)
3785 - appveyor: add non-debug plain autotools-based build
3787 This should enable us to catch linking issues with the
3788 testsuite early, like the one described/fixed in #5475.
3790 Reviewed-by: Daniel Stenberg
3791 Reviewed-by: Marcel Raad
3795 Daniel Stenberg (29 May 2020)
3796 - RELEASE-NOTES: synced
3798 - Revert "buildconf: use find -execdir"
3800 This partially reverts commit c712009838f44211958854de431315586995bc61.
3802 Keep the ares_ files removed but bring back the older way to run find,
3803 to make it work with busybox's find, as apparently that's being used.
3805 Reported-by: Max Peal
3809 - server/sws: fix asan warning on use of uninitialized variable
3811 - libssh2: improved error output for wrong quote syntax
3813 Reported-by: Werner Stolz
3817 - mk-lib1521: generate code for testing BLOB options as well
3819 Follow-up to cac5374298b3
3823 - configure: repair the check if argv can be written to
3825 Due to bad escaping of the test code, the test wouldn't build and thus
3826 result in a negative test result, which would lead to the unconditional
3827 assumption that overwriting the arguments doesn't work and thus curl
3828 would never hide credentials given in the command line, even when it
3829 would otherwise be possible.
3831 Regression from commit 2d4c2152c (7.60.0)
3833 Reported-by: huzunhao on github
3837 Peter Wu (28 May 2020)
3838 - CMake: rebuild Makefile.inc.cmake when Makefile.inc changes
3840 Otherwise the build might fail due to missing source files, as
3841 demonstrated by the recent keylog.c addition on an existing build dir.
3845 Daniel Stenberg (28 May 2020)
3846 - urldata: fix comments: Curl_done() is called multi_done() now
3850 Peter Wu (27 May 2020)
3851 - ngtcp2: use common key log routine for better thread-safety
3853 Tested with ngtcp2 built against the OpenSSL library. Additionally
3854 tested with MultiSSL (NSS for TLS and ngtcp2+OpenSSL for QUIC).
3856 The TLS backend (independent of QUIC) may or may not already have opened
3857 the keylog file before. Therefore Curl_tls_keylog_open is always called
3858 to ensure the file is open.
3860 - wolfssl: add SSLKEYLOGFILE support
3862 Tested following the same curl and tshark commands as in commit
3863 "vtls: Extract and simplify key log file handling from OpenSSL" using
3864 WolfSSL v4.4.0-stable-128-g5179503e8 from git master built with
3865 `./configure --enable-all --enable-debug CFLAGS=-DHAVE_SECRET_CALLBACK`.
3867 Full support for this feature requires certain wolfSSL build options,
3868 see "Availability note" in lib/vtls/wolfssl.c for details.
3872 - vtls: Extract and simplify key log file handling from OpenSSL
3874 Create a set of routines for TLS key log file handling to enable reuse
3875 with other TLS backends. Simplify the OpenSSL backend as follows:
3877 - Drop the ENABLE_SSLKEYLOGFILE macro as it is unconditionally enabled.
3878 - Do not perform dynamic memory allocation when preparing a log entry.
3879 Unless the TLS specifications change we can suffice with a reasonable
3881 - Simplify state tracking when SSL_CTX_set_keylog_callback is
3882 unavailable. My original sslkeylog.c code included this tracking in
3883 order to handle multiple calls to SSL_connect and detect new keys
3884 after renegotiation (via SSL_read/SSL_write). For curl however we can
3885 be sure that a single master secret eventually becomes available
3886 after SSL_connect, so a simple flag is sufficient. An alternative to
3887 the flag is examining SSL_state(), but this seems more complex and is
3888 not pursued. Capturing keys after server renegotiation was already
3889 unsupported in curl and remains unsupported.
3891 Tested with curl built against OpenSSL 0.9.8zh, 1.0.2u, and 1.1.1f
3892 (`SSLKEYLOGFILE=keys.txt curl -vkso /dev/null https://localhost:4433`)
3893 against an OpenSSL 1.1.1f server configured with:
3895 # Force non-TLSv1.3, use TLSv1.0 since 0.9.8 fails with 1.1 or 1.2
3896 openssl s_server -www -tls1
3897 # Likewise, but fail the server handshake.
3898 openssl s_server -www -tls1 -Verify 2
3899 # TLS 1.3 test. No need to test the failing server handshake.
3900 openssl s_server -www -tls1_3
3902 Verify that all secrets (1 for TLS 1.0, 4 for TLS 1.3) are correctly
3903 written using Wireshark. For the first and third case, expect four
3904 matches per connection (decrypted Server Finished, Client Finished, HTTP
3905 Request, HTTP Response). For the second case where the handshake fails,
3906 expect a decrypted Server Finished only.
3908 tshark -i lo -pf tcp -otls.keylog_file:keys.txt -Tfields \
3909 -eframe.number -eframe.time -etcp.stream -e_ws.col.Info \
3910 -dtls.port==4433,http -ohttp.desegment_body:FALSE \
3911 -Y 'tls.handshake.verify_data or http'
3913 A single connection can easily be identified via the `tcp.stream` field.
3915 Daniel Stenberg (27 May 2020)
3916 - FILEFORMAT: add more features that tests can depend on
3918 - [Michael Kaufmann brought this change]
3920 transfer: close connection after excess data has been read
3922 For HTTP 1.x, it's a protocol error when the server sends more bytes
3923 than announced. If this happens, don't reuse the connection, because the
3924 start position of the next response is undefined.
3928 - [Estanislau Augé-Pujadas brought this change]
3930 Revert "ssh: ignore timeouts during disconnect"
3932 This reverts commit f31760e63b4e9ef1eb25f8f211390f8239388515. Shipped in
3935 Bug: https://curl.haxx.se/mail/lib-2020-05/0068.html
3938 - urldata: connect related booleans live in struct ConnectBits
3940 And remove a few unused booleans!
3944 - hostip: on macOS avoid DoH when given a numerical IP address
3946 When USE_RESOLVE_ON_IPS is set (defined on macOS), it means that
3947 numerical IP addresses still need to get "resolved" - but not with DoH.
3949 Reported-by: Viktor Szakats
3953 - ngtcp2: cleanup memory when failing to connect
3955 Reported-by: Peter Wu
3956 Fixes #5447 (the ngtcp2 side of it)
3959 - quiche: clean up memory properly when failing to connect
3961 Addresses the quiche side of #5447
3962 Reported-by: Peter Wu
3965 - cleanup: use a single space after equals sign in assignments
3967 - url: accept "any length" credentials for proxy auth
3969 They're only limited to the maximum string input restrictions, not to
3972 Added test 1178 to verify
3974 Reported-by: Will Roberts
3978 - [Maksim Stsepanenka brought this change]
3980 test1167: fixes in badsymbols.pl
3984 - altsvc: fix parser for lines ending with CRLF
3986 Fixed the alt-svc parser to treat a newline as end of line.
3988 The unit tests in test 1654 were done without CRLF and thus didn't quite
3989 match the real world. Now they use CRLF as well.
3991 Reported-by: Peter Wu
3992 Assisted-by: Peter Wu
3993 Assisted-by: Jay Satiro
3997 Viktor Szakats (25 May 2020)
3998 - all: fix codespell errors
4000 Reviewed-by: Jay Satiro
4001 Reviewed-by: Daniel Stenberg
4002 Closes https://github.com/curl/curl/pull/5452
4004 Peter Wu (25 May 2020)
4005 - ngtcp2: fix build with current ngtcp2 master implementing draft 28
4007 Based on client.cc changes from ngtcp2. Tested with current git master,
4008 ngtcp2 commit c77d5731ce92, nghttp3 commit 65ff479d4380.
4013 Daniel Stenberg (25 May 2020)
4014 - RELEASE-NOTES: synced
4016 moved the new setopts up to a "change"
4018 - RELEASE-NOTES: synced
4020 - copyright: updated year ranges out of sync
4022 ... and whitelisted a few more files in the the copyright.pl script.
4024 - [Gilles Vollant brought this change]
4026 setopt: add CURLOPT_PROXY_ISSUERCERT(_BLOB) for coherency
4030 - curl: remove -J "informational" written on stdout
4032 curl would previously show "curl: Saved to filename 'name from header'"
4033 if -J was used and a name was picked from the Content-Disposition
4034 header. That output could interfer with other stdout output, such as -w.
4036 This commit removes that output line.
4037 Bug: https://curl.haxx.se/mail/archive-2020-05/0044.html
4038 Reported-by: Коваленко Анатолий Викторович
4041 Peter Wu (22 May 2020)
4042 - travis: simplify quiche build instructions wrt boringssl
4044 quiche builds boringssl as static library, reuse that instead of
4045 building another shared library.
4049 - configure: fix pthread check with static boringssl
4051 A shared boringssl/OpenSSL library requires -lcrypto only for linking.
4052 A static build additionally requires `-ldl -lpthread`. In the latter
4053 case `-lpthread` is added to LIBS which prevented `-pthread` from being
4054 added to CFLAGS. Clear LIBS to fix linking failures for libtest tests.
4056 Daniel Stenberg (22 May 2020)
4057 - Revert "sendf: make failf() use the mvsnprintf() return code"
4059 This reverts commit 74623551f306990e70c7c5515b88972005604a74.
4061 Instead mark the function call with (void). Getting the return code and
4062 using it instead triggered Coverity warning CID 1463596 because
4063 snprintf() can return a negative value...
4067 - typecheck-gcc.h: CURLINFO_PRIVATE does not need a 'char *'
4069 Reported-by: Billyzou0741326 on github
4073 - tests/server/util.h: add extern to silence compiler warning
4075 Follow-up from a3b0699d5c1
4077 - typecheck-gcc.h: fix the OFF_T check
4079 The option number also needs to be less than CURLOPTTYPE_BLOB.
4081 Follow-up to cac5374298
4082 Reported-by: Jeroen Ooms
4083 Bug: https://github.com/curl/curl/pull/5365#issuecomment-631084114
4089 - TODO: Ratelimit or wait between serial requests
4093 - tool_paramhlp: fixup C89 mistake
4095 Follow-up to c5f0a9db22.
4097 - [Siva Sivaraman brought this change]
4099 tool_paramhlp: fixed potentially uninitialized strtol() variable
4101 Seems highly unlikely to actually be possible, but better safe than
4106 - [Siva Sivaraman brought this change]
4108 tool_operate: fixed potentially uninitialized variables
4110 ... in curl_easy_getinfo() calls. They're harmless but clearing the
4111 variables makes the code safer and comforts the reader.
4115 - sha256: move assign to the declaration line
4117 Follow-up to fae30656. Should've been squashed with that commit...
4119 - [Siva Sivaraman brought this change]
4121 sha256: fixed potentially uninitialized variable
4125 - sendf: make failf() use the mvsnprintf() return code
4127 ... and avoid a strlen() call. Fixes a MonocleAI warning.
4129 Reported-by: MonocleAI
4133 - hostip: make Curl_printable_address not return anything
4135 It was not used much anyway and instead we let it store a blank buffer
4138 Reported-by: MonocleAI
4142 - ftp: mark return-ignoring calls to Curl_GetFTPResponse with (void)
4144 They're done on purpose, make that visible in the code.
4145 Reported-by: MonocleAI
4149 - TODO: forbid TLS post-handshake auth and do TLS record padding
4154 - RELEASE-NOTES: synced
4156 - dynbuf: return NULL when there's no buffer length
4158 ... as returning a "" is not a good idea as the string is supposed to be
4159 allocated and returning a const string will cause issues.
4161 Reported-by: Brian Carpenter
4162 Follow-up to ed35d6590e72c
4165 Peter Wu (16 May 2020)
4166 - travis: upgrade to bionic, clang-9, improve readability
4168 Changes, partially to reduce build failures from external dependencies:
4169 - Upgrade Ubuntu and drop unnecessary third-party repos.
4170 - Properly clone apt config to ensure retries.
4171 - Upgrade to clang-9 from the standard repos.
4172 - Use Ubuntu 20.04 focal for the libssh build, use of ssh_get_publickey
4173 fails on -Werror=deprecated-declarations in Ubuntu 18.04. Do not use
4174 focal everywhere yet since Travis CI has not documented this option.
4175 In focal, python-impacket (Py2.7) has been removed, leaving only
4176 python3-impacket. Since it is only needed for SMB tests and not SSH,
4177 skip it for the libssh job since it might need more work.
4178 - apt: Remove gcc-8 and libstdc++-8-dev, already installed via g++-8.
4180 Non-functional cleanups:
4181 - Simplify test matrix, drop redundant os and compiler keys.
4182 - Deprecation fixes: remove sudo, rename matrix -> jobs.
4183 - Every job has an 'env' key, put this key first in a list item.
4187 - travis: whitespace-only changes for consistency
4189 Automatically apply a consistent indentation with:
4191 python3 -c 'from ruamel.yaml import YAML;y=YAML();d=y.load(open(".travis.yml"));y.width=500;y.dump(d,open(".travis.yml.new","w"))'
4193 followed by manually re-indenting three comments.
4197 - CMake: add libssh build support
4201 Daniel Stenberg (15 May 2020)
4202 - KNOWN_BUGS: wolfssh: publickey auth doesn't work
4206 - KNOWN_BUGS: OS400 port requires deprecated IBM library
4210 - [Vyron Tsingaras brought this change]
4212 http2: keep trying to send pending frames after req.upload_done
4217 - [Gilles Vollant brought this change]
4219 setopt: support certificate options in memory with struct curl_blob
4221 This change introduces a generic way to provide binary data in setopt
4222 options, called BLOBs.
4224 This change introduces these new setopts:
4226 CURLOPT_ISSUERCERT_BLOB, CURLOPT_PROXY_SSLCERT_BLOB,
4227 CURLOPT_PROXY_SSLKEY_BLOB, CURLOPT_SSLCERT_BLOB and CURLOPT_SSLKEY_BLOB.
4229 Reviewed-by: Daniel Stenberg
4232 - source cleanup: remove all custom typedef structs
4234 - Stick to a single unified way to use structs
4235 - Make checksrc complain on 'typedef struct {'
4236 - Allow them in tests, public headers and examples
4238 - Let MD4_CTX, MD5_CTX, and SHA256_CTX typedefs remain as they actually
4239 typedef different types/structs depending on build conditions.
4243 - travis: remove the .checksrc fiddling
4245 - ftp: make domore_getsock() return the secondary socket properly
4247 Previously, after PASV and immediately after the data connection has
4248 connected, the function would only return the control socket to wait for
4249 which then made the data connection simply timeout and not get polled
4250 correctly. This become obvious when running test 1631 and 1632 event-
4253 - test1632: verify FTP through HTTPS-proxy with connection re-use
4255 - test1631: verify FTP download through HTTPS-proxy
4257 - sws: as last resort, get test number from server cmd file
4259 If it can't be found in the request. Also support --cmdfile to set it to
4262 runtests.pl always writes this file with the test number in it since a
4265 - ftp: shut down the secondary connection properly when SSL is used
4267 Reported-by: Neal Poole
4271 Marcel Raad (14 May 2020)
4272 - KNOWN_BUGS: adapt 5.5 to recent changes
4274 It only applies to non-Unicode builds now.
4275 Also merge 5.10 into it as it's effectively a duplicate.
4277 Closes https://github.com/curl/curl/pull/3784
4279 - curl_setup: support Unicode functions to open files on Windows
4281 Use them only if `_UNICODE` is defined, in which case command-line
4282 arguments have been converted to UTF-8.
4284 Closes https://github.com/curl/curl/pull/3784
4286 - tool: support UTF-16 command line on Windows
4288 - use `wmain` instead of `main` when `_UNICODE` is defined [0]
4289 - define `argv_item_t` as `wchar_t *` in this case
4290 - use the curl_multibyte gear to convert the command-line arguments to
4293 This makes it possible to pass parameters with characters outside of
4294 the current locale on Windows, which is required for some tests, e.g.
4295 the IDN tests. Out of the box, this currently only works with the
4296 Visual Studio project files, which default to Unicode, and winbuild
4297 with the `ENABLE_UNICODE` option.
4299 [0] https://devblogs.microsoft.com/oldnewthing/?p=40643
4301 Ref: https://github.com/curl/curl/issues/3747
4302 Closes https://github.com/curl/curl/pull/3784
4304 - curl_multibyte: add to curlx
4306 This will also be needed in the tool and tests.
4308 Ref: https://github.com/curl/curl/pull/3758#issuecomment-482197512
4309 Closes https://github.com/curl/curl/pull/3784
4311 Daniel Stenberg (14 May 2020)
4312 - url: make the updated credentials URL-encoded in the URL
4314 Found-by: Gregory Jefferis
4315 Reported-by: Jeroen Ooms
4316 Added test 1168 to verify. Bug spotted when doing a redirect.
4317 Bug: https://github.com/jeroen/curl/issues/224
4320 - tests: add https-proxy support to the test suite
4322 Initial test 1630 added with basic HTTPS-proxy use. HTTPS-proxy is like
4323 HTTP proxy but with a full TLS connection to the proxy.
4327 - mailmap: James Fuller
4329 - [Major_Tom brought this change]
4331 vauth/cleartext: fix theoretical integer overflow
4333 Fix theoretical integer overflow in Curl_auth_create_plain_message.
4335 The security impact of the overflow was discussed on hackerone. We
4336 agreed this is more of a theoretical vulnerability, as the integer
4337 overflow would only be triggerable on systems using 32-bits size_t with
4338 over 4GB of available memory space for the process.
4342 Jay Satiro (13 May 2020)
4343 - curl.1: Quote globbed URLs
4345 - Quote the globbing example URLs that contain characters [] {} since
4346 otherwise they may be interpreted as shell metacharacters.
4348 Bug: https://github.com/curl/curl/issues/5388
4349 Reported-by: John Simpson
4351 Closes https://github.com/curl/curl/pull/5394
4353 Daniel Stenberg (14 May 2020)
4354 - checksrc: enhance the ASTERISKSPACE and update code accordingly
4356 Fine: "struct hello *world"
4358 Not fine: "struct hello* world" (and variations)
4362 - docs/options-in-versions: which version added each cmdline option
4364 Added test 971 to verify that the list is in sync with the files in
4365 cmdline-opts. The check also verifies that .d-files that uses Added:
4366 specify the same version number as the options-in-versions file does.
4370 - docs: unify protocol lists
4372 We boast support for 25 transfer protocols. Make sure the lists are
4377 - OpenSSL: have CURLOPT_CRLFILE imply CURLSSLOPT_NO_PARTIALCHAIN
4379 ... to avoid an OpenSSL bug that otherwise makes the CRL check to fail.
4381 Reported-by: Michael Kaufmann
4385 - tls13-ciphers.d: shorten the Arg
4387 - sasl-authzid.d: add Arg: and shorten the desc
4389 - cert-type.d: mention the available types in the desc
4391 - tool: shorten 3 --help descriptions
4393 --happy-eyeballs-timeout-ms, --resolve and --ssl-revoke-best-effort
4395 gen.pl already warned about these lines but we didn't listen
4399 - configure: the wolfssh backend does not provide SCP
4403 - RELEASE-NOTES: synced
4405 - url: reject too long input when parsing credentials
4407 Since input passed to libcurl with CURLOPT_USERPWD and
4408 CURLOPT_PROXYUSERPWD circumvents the regular string length check we have
4409 in Curl_setstropt(), the input length limit is enforced in
4410 Curl_parse_login_details too, separately.
4412 Reported-by: Thomas Bouzerar
4415 - list-only.d: this option existed already in 4.0
4417 Jay Satiro (12 May 2020)
4418 - retry-all-errors.d: Shorten the summary line
4420 Follow-up to b995bb5 from a few moments ago.
4422 Reported-by: Daniel Stenberg
4424 Ref: https://github.com/curl/curl/commit/b995bb5#r39108929
4426 - [denzor brought this change]
4428 easy: fix dangling pointer on easy_perform fail
4430 Closes https://github.com/curl/curl/pull/5363
4432 - tool: Add option --retry-all-errors to retry on any error
4434 The "sledgehammer" of retrying.
4436 Closes https://github.com/curl/curl/pull/5185
4438 Daniel Stenberg (12 May 2020)
4439 - [James Le Cuirot brought this change]
4441 libcurl.pc: Merge Libs.private into Libs for static-only builds
4443 A project being built entirely statically will call pkg-config with
4444 --static, which utilises the Libs.private field. Conversely it will
4445 not use --static when not being built entirely statically, even if
4446 there is only a static build of libcurl available. This will most
4447 likely cause the build to fail due to underlinking unless we merge the
4450 Consider that this is what the Meson build system does when it
4451 generates pkg-config files.
4453 I have also reflected this in the --libs argument of curl-config even
4454 though REQUIRE_LIB_DEPS always seems to be "yes" anyway.
4458 - [Peter Wu brought this change]
4460 CMake: fix runtests.pl with CMake, add new test targets
4463 - Fix out-of-tree build under CMake when srcdir is not set. Default
4464 srcdir to the location of runtests.pl.
4465 - Add a hack to allow CMake to use the TFLAGS option as documented
4466 in tests/README and used in scripts/travis/script.sh.
4467 * Bump CMake version to 3.2 for USES_TERMINAL, dropping Debian Jessie
4468 support (no one should care, it is already EOL.).
4469 * Remove CTest since it defines its own 'test' target with no tests
4470 since all unittests are already broken and not built by default.
4471 * Add new test targets based on the options from Makefile.am. Since
4472 new test targets are rarely added, I opted for duplicating the
4473 runtests.pl options as opposed to creating a new Makefile.inc file.
4474 Use top-level target names (test-x) instead of x-test since that is
4475 used by CI and others.
4479 - [Peter Wu brought this change]
4481 CMake: do not build test programs by default
4483 The default target should only build libcurl and curl. Add a dedicated
4484 'testdeps' target which will be used later when running tests. Note that
4485 unittests are currently broken in CMake and already excluded.
4489 - FILEFORMAT: moved up the variables section and further polished
4491 - runtests: remove ftp2 support, not used
4493 We once supported two separate ftp instances in the test suite. Has not
4494 been used the last decade.
4498 - url: sort the protocol schemes in rough popularity order
4500 When looking for a protocol match among supported schemes, check the
4501 most "popular" schemes first. It has zero functionality difference and
4502 for all practical purposes a speed difference will not be measureable
4503 but it still think it makes sense to put the least likely matches last.
4505 "Popularity" based on the 2019 user survey.
4509 Marc Hoersken (11 May 2020)
4510 - test1238: avoid tftpd being busy for tests shortly following
4512 The tftpd server may still be busy if the total timeout of
4513 25 seconds has not been reached or no sread error was received
4514 during or after the execution of the timeout test 1238.
4516 Once the next TFTP test comes around (eg. 1242 or 1243),
4517 those will fail because the tftpd server is still waiting
4518 on data from curl due to the UDP protocol being stateless
4519 and having no connection close. On Linux this error may not
4520 happen, because ICMP errors generated due to a swrite error
4521 can also be returned async on the next sread call instead.
4523 Therefore we will now just kill the tftpd server after test
4524 1238 to make sure that the following tests are not affected.
4526 This enables us to no longer ignore tests 1242, 1243, 2002
4527 and 2003 on the CI platforms CirrusCI and AppVeyor.
4529 Assisted-by: Peter Wu
4532 Daniel Stenberg (11 May 2020)
4533 - write-out.d: added "response_code"
4535 - KNOWN_BUGS: Build with staticly built dependency
4537 I rewrote the item 5.4 to be more generic about static dependencies.
4539 - ROADMAP: remove old entries
4541 MQTT - the start has already landed
4543 tiny-curl - also mostly landed and is a continuous work
4545 make menuconfig - basically no interest from users, not pushing there
4547 - [Peter Wu brought this change]
4549 travis: Add ngtcp2 and quiche tests for CMake
4551 To avoid an explosion of jobs, extend the existing CMake tests with
4552 ngtcp2 and quiche support. macOS was previously moved to GitHub actions,
4553 so the non-Linux case can be dropped.
4555 - [Peter Wu brought this change]
4557 CMake: add ENABLE_ALT_SVC option
4559 Tested alt-svc with quiche. While at it, add missing MultiSSL reporting
4562 - [Peter Wu brought this change]
4564 CMake: add HTTP/3 support (ngtcp2+nghttp3, quiche)
4566 Add three new CMake Find modules (using the curl license, but I grant
4567 others the right to apply the CMake BSD license instead).
4569 This CMake config is simpler than the autotools one because it assumes
4570 ngtcp2 and nghttp3 to be used together. Another difference is that this
4571 CMake config checks whether QUIC is actually supported by the TLS
4572 library (patched OpenSSL or boringssl) since this can be a common
4573 configuration mistake that could result in build errors later.
4575 Unlike autotools, CMake does not warn you that the features are
4576 experimental. The user is supposed to already know that and read the
4577 documentation. It requires a very special build environment anyway.
4579 Tested with ngtcp2+OpenSSL+nghttp3 and quiche+boringssl, both built from
4580 current git master. Use `LD_DEBUG=files src/curl |& grep need` to figure
4581 out which features (libldap-2.4, libssh2) to disable due to conflicts
4586 Marc Hoersken (10 May 2020)
4587 - tests/server/tftpd.c: fix include and enhance debug logging
4589 setjmp.h should only be included if HAVE_SETJMP_H is defined.
4591 Add additional log statements to see wether reads and writes
4592 are blocking or finishing before an alarm signal is received.
4594 Assisted-by: Peter Wu
4597 Daniel Stenberg (10 May 2020)
4598 - tool_operate: only set CURLOPT_SSL_OPTIONS if SSL support is present
4600 Reported-by: Marcel Raad
4601 Follow-up to 148534db5
4605 Marc Hoersken (9 May 2020)
4606 - appveyor: update comments to be clear about toolchain
4608 - CMake-based MSYS builds use mingw-w64 to cross-compile.
4609 - autotools-based builds are compiled using msys2-devel.
4611 The difference is that the later ones are not cross-compiled
4612 to Windows and instead require the msys2 runtime to be present.
4614 At the moment only the Azure Pipelines CI builds actually
4615 run autotools-based cross-compilation builds for Windows.
4617 - TODO: update regarding missing Schannel features
4619 Some aspects have already been implemented over the years.
4621 15.1 Client certificates are now supported:
4623 - System stores via e35b0256eb34f1fe562e3e2a2615beb50a391c52
4624 - PKCS#12 files via 0fdf96512613574591f501d63fe49495ba40e1d5
4626 15.2 Ciphers can now be specified through:
4628 - Algorithms via 9aefbff30d280c60fc9d8cc3e0b2f19fc70a2f28
4630 Reviewed-by: Daniel Stenberg and Marcel Raad
4633 Daniel Stenberg (8 May 2020)
4634 - checksrc: close the .checksrc file handle when done reading
4636 - RELEASE-NOTES: synced
4638 And bumped next version to 7.71.0
4640 - [Gilles Vollant brought this change]
4642 CURLOPT_SSL_OPTIONS: add *_NATIVE_CA to use Windows CA store (with openssl)
4646 - TODO: native IDN support on macOS
4648 - urlapi: accept :: as a valid IPv6 address
4650 Text 1560 is extended to verify.
4652 Reported-by: Pavel Volgarev
4656 - THANKS-filter: Peter Wang
4658 - [Peter Wang brought this change]
4660 *_sspi: fix bad uses of CURLE_NOT_BUILT_IN
4662 Return CURLE_AUTH_ERROR instead of CURLE_NOT_BUILT_IN for other
4663 instances of QuerySecurityPackageInfo failing, as in
4664 commit 2a81439553286f12cd04a4bdcdf66d8e026d8201.
4668 - docs/HTTP3: add qlog to the quiche build instruction
4670 - ngtcp2: introduce qlog support
4672 If the QLOGDIR environment variable is set, enable qlogging.
4674 ... and create Curl_qlogdir() in the new generic vquic/vquic.c file for
4675 QUIC functions that are backend independent.
4679 - ntlm_sspi: fix bad use of CURLE_NOT_BUILT_IN
4681 That return code is reserved for build-time conditional code not being
4682 present while this was a regular run-time error from a Windows API.
4684 Reported-by: wangp on github
4688 - runtests: show elapsed test time with higher precision (ms)
4690 - RELEASE-NOTES: synced
4692 - http2: simplify and clean up trailer handling
4694 Triggered by a crash detected by OSS-Fuzz after the dynbuf introduction in
4695 ed35d6590e72. This should make the trailer handling more straight forward and
4696 hopefully less error-prone.
4698 Deliver the trailer header to the callback already at receive-time. No
4699 longer caches the trailers to get delivered at end of stream.
4701 Bug: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=22030
4704 Marc Hoersken (7 May 2020)
4705 - appveyor: disable test 1139 instead of ignoring it
4707 Spending time on manpage checking makes no sense
4708 for these builds due to lacking manpage support.
4710 - appveyor: disable flaky test 1501 and ignore broken 1056
4712 Test 1501 is flaky on Windows CI due to being time sensitive
4713 and the testsuite relying on taskkill.exe to check for the
4714 existance of processes which can take to much time itself.
4716 Test 1056 is broken in autotools-based Windows builds due
4717 to scope ID support missing in these builds at the moment.
4719 - test613.pl: make tests 613 and 614 work with OpenSSH for Windows
4721 OpenSSH for Windows shows group and other/world permissions as *,
4722 because those concepts do not exist on Windows. It also does not
4723 show the current or parent directory, so we just ignore those.
4725 Reviewed-by: Daniel Stenberg
4728 Daniel Stenberg (6 May 2020)
4729 - runtests: set +x mode again
4731 - libssh2: convert over to use dynbuf
4733 In my very basic test that lists sftp://127.0.0.1/tmp/, this patched
4734 code makes 161 allocations compared to 194 in git master. A 17%
4739 - travis: add "qlog" as feature in the quiche build
4741 - quiche: enable qlog output
4743 quiche has the potential to log qlog files. To enable this, you must
4744 build quiche with the qlog feature enabled `cargo build --features
4745 qlog`. curl then passes a file descriptor to quiche, which takes
4746 ownership of the file. The FD transfer only works on UNIX.
4748 The convention is to enable logging when the QLOGDIR environment is
4749 set. This should be a path to a folder where files are written with the
4750 naming template <SCID>.qlog.
4752 Co-authored-by: Lucas Pardue
4756 - urldata.h: remove #define HEADERSIZE, not used anymore
4758 Follow-up to ed35d6590e72c
4760 - ngtcp2: convert to dynbuf
4764 - connect: make happy eyeballs work for QUIC (again)
4766 Follow-up from dbd16c3e256c6c (regression in 7.70.0)
4770 - connect: add two asserts to clue code analyzers in a little
4772 - http_proxy: ported to use dynbuf instead of a static size buffer
4774 Removes a 16K static buffer from the easy handle. Simplifies the code.
4776 - dynbuf: introduce internal generic dynamic buffer functions
4778 A common set of functions instead of many separate implementations for
4779 creating buffers that can grow when appending data to them. Existing
4780 functionality has been ported over.
4782 In my early basic testing, the total number of allocations seem at
4783 roughly the same amount as before, possibly a few less.
4785 See docs/DYNBUF.md for a description of the API.
4789 - runtests: remove sleep calls
4791 Remove many one second sleeps that were done *after* each newly started
4792 test server already has been verified. They should not have any purpose
4797 - asyn-*: remove support for never-used NULL entry pointers
4799 ... and instead convert those to asserts to make sure they are truly
4804 - [Emil Engler brought this change]
4806 doc: Rename VERSIONS to VERSIONS.md as it already has Markdown syntax
4810 Jay Satiro (2 May 2020)
4811 - asyn-thread: fix cppcheck warning
4813 - Check for NULL entry parameter before attempting to deref entry in
4814 Curl_resolver_is_resolved, like is already done in asyn-ares.
4816 This is to silence cppcheck which does not seem to understand that
4817 asyn-ares and asyn-thread have separate Curl_resolver_is_resolved
4818 and those units are mutually exclusive. Prior to this change it warned
4819 of a scenario where asyn-thread's Curl_resolver_is_resolved is called
4820 with a NULL entry from asyn-ares, but that couldn't happen.
4822 Reported-by: rl1987@users.noreply.github.com
4824 Fixes https://github.com/curl/curl/issues/5326
4826 - select: fix overflow protection in Curl_socket_check
4828 Follow-up to a96c752 which changed the timeout_ms type from time_t to
4831 Ref: https://github.com/curl/curl/pull/5240
4833 Closes https://github.com/curl/curl/pull/5286
4835 Marc Hoersken (2 May 2020)
4836 - sockfilt: make select_ws stop waiting on exit signal event
4838 This makes sure that select_ws behaves similar to real select
4839 which stops waiting on a signal handler being triggered.
4841 This makes it possible to gracefully stop sockfilt.exe on
4842 Windows with taskkill /IM sockfilt.exe (without /F force flag).
4844 Reviewed-by: Jay Satiro
4847 - tests/server/util.[ch]: add exit event to stop waiting on Windows
4849 This commit adds a global exit event to the test servers that
4850 Windows-specific wait routines can use to get triggered if the
4851 program was signaled to be terminated, eg. select_ws in sockfilt.c
4853 The exit event will be managed by the signal handling code and is
4854 set to not reset automatically to support multiple wait routines.
4856 Reviewed-by: Jay Satiro
4859 - tests/server/util.c: fix thread handle not being closed
4861 Reviewed-by: Jay Satiro
4864 - tests/server/util.c: use raise instead of calling signal handler
4866 Use raise to trigger signal handler instead of calling it
4867 directly and causing potential unexpected control flow.
4869 Reviewed-by: Jay Satiro
4872 - tests: add support for SSH server variant specific transfer paths
4874 OpenSSH for Windows requires paths in the format of /C:/
4875 instead of the pseudo-POSIX paths /cygdrive/c/ or just /c/
4877 Reviewed-by: Daniel Stenberg
4880 Daniel Stenberg (2 May 2020)
4881 - RELEASE-NOTES: synced
4883 - libssh2: set the expected total size in SCP upload init
4885 ... as otherwise the progress callback gets called without that
4886 information, making the progress meter have less info.
4888 Reported-by: Murugan Balraj
4889 Bug: https://curl.haxx.se/mail/archive-2020-05/0000.html
4892 - runtests: make the logmsg from the ssh server only show in verbose
4894 - tests: make test 1248 + 1249 use %NOLISTENPORT
4896 ... instead of a port of a non-running server so that it works
4901 - examples: remove asiohiper.cpp
4903 This example has repeatedly been reported to contain bugs, and as users
4904 copy and paste code from this into production, I now deem it better to
4905 not provide the example at all.
4910 - [Emil Engler brought this change]
4912 doc: add missing closing parenthesis in CURLINFO_SSL_VERIFYRESULT.3
4916 - [Emil Engler brought this change]
4918 KNOWN_BUGS: Remove "curl --upload-file . hang if delay in STDIN"
4920 It was fixed in 9a2cbf3
4924 - cirrus: disable SFTP and SCP tests
4926 ... as we can't seem to start the sshd server on it. Those problems
4927 existed before d1239b50bececd (running the SSH server on a random port),
4928 but they're more noticable now since there are more failed attempts in
4933 - [Emil Engler brought this change]
4935 runtests: fix typo in the existence of disabled tests checker
4939 Dan Fandrich (30 Apr 2020)
4940 - test75: Remove precheck test
4942 This has not been needed since commit 9fa42bed and often prevents it
4943 from running at all with dynamic test ports.
4945 - tests: Stop referring to server ports when they're not used
4947 Several tests referred to specific server ports even when the test
4948 didn't actually use that server or specify that it's needed. In such
4949 cases, the test harness substitutes the text "[not running]" as the port
4950 number which causes many such tests to fail due to the inability to
4951 parse the URL. These tests are changed to use %NOLISTENPORT which will
4952 always be substituted correctly.
4954 Daniel Stenberg (30 Apr 2020)
4955 - [Emil Engler brought this change]
4957 GnuTLS: Backend support for CURLINFO_SSL_VERIFYRESULT
4961 - conncache: various concept cleanups
4963 More connection cache accesses are protected by locks.
4965 CONNCACHE_* is a beter prefix for the connection cache lock macros.
4967 Curl_attach_connnection: now called as soon as there's a connection
4968 struct available and before the connection is added to the connection
4971 Curl_disconnect: now assumes that the connection is already removed from
4972 the connection cache.
4977 - tests: tests: run stunnel for HTTPS and FTPS on dynamic ports
4979 As stunnel is an external tool and it has no specific option to export
4980 the actually used port number when asked to listen to 0, runtests
4981 instead iterates over ten randomly picked high number ports and sticks
4982 to the first one stunnel can listen to.
4986 - tests: pick a random port number for SSH
4988 Since sshd doesn't have such an option by itself, we iterate over a
4989 series of random ports until one works.
4993 - [Rikard Falkeborn brought this change]
4995 libtest/cmake: Remove commented code
4997 These were commented out in e9dd0998706a when Makefile.inc was included
4998 instead. 11 years have passed since then and the commented code is of
4999 course very outdated. Remove it to avoid confusion.
5003 - schannel: source code reindent
5005 White space edits only. Conform better to standard curl source code
5010 Kamil Dudka (29 Apr 2020)
5011 - test1177: look for curl.h in source directory
5013 If we use a separate build directory, there is no copy of the header.
5017 - tests: look for preprocessed tests in build directory
5019 ... which is not always the same directory as source directory
5023 Daniel Stenberg (29 Apr 2020)
5024 - RELEASE-NOTES: synced
5026 ... and bumped curlver.h to 7.70.1
5028 Version 7.70.0 (29 Apr 2020)
5030 Daniel Stenberg (29 Apr 2020)
5031 - RELEASE-NOTES: 7.70.0
5033 - THANKS: synced with the 7.70.0 release
5035 - headers: copyright range fix
5037 - [Rikard Falkeborn brought this change]
5039 doh: Constify some input pointers
5043 - nss: check for PK11_CreateDigestContext() returning NULL
5045 ... to avoid crashes!
5051 - travis: bump the wolfssl CI build to use 4.4.0
5055 - copyright updates: adjust year ranges
5057 Marc Hoersken (26 Apr 2020)
5058 - CI: do not include */ci branches in PR builds
5060 Align Azure Pipelines with GitHub Actions.
5062 Daniel Stenberg (25 Apr 2020)
5063 - runtests: check for the disabled tests relative srcdir
5065 To make it work correctly for out-of-tree builds.
5067 Follow-up to 75e8feb6fb08b
5069 Bug: https://github.com/curl/curl/pull/5288#issuecomment-619346389
5070 Reported-by: Marcel Raad
5073 - runtests: revert commenting out a line I did for debugging
5075 Follow-up to 11091cd4d. It was not meant to be pushed!
5077 - smtp: set auth correctly
5079 Regression since 7.69.0 and 68fb25fa3fcff.
5081 The code wrongly assigned 'from' instead of 'auth' which probably was a
5082 copy and paste mistake from other code, leading to that auth could
5083 remain NULL and later cause an error to be returned.
5085 Assisted-by: Eric Sauvageau
5089 Marcel Raad (25 Apr 2020)
5090 - lib: clean up whitespace
5092 This fixes CodeFactor warnings.
5094 Daniel Stenberg (25 Apr 2020)
5095 - [Anderson Toshiyuki Sasaki brought this change]
5097 libssh: avoid options override by configuration files
5099 Previously, options set explicitly through command line options could be
5100 overridden by the configuration files parsed automatically when
5101 ssh_connect() was called.
5103 By calling ssh_options_parse_config() explicitly, the configuration
5104 files are parsed before setting the options, avoiding the options
5105 override. Once the configuration files are parsed, the automatic
5106 configuration parsing is not executed.
5110 Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
5112 - runtests: when <killserver> mentions http, kill http/2 too
5114 Since the http2 test server is a mere proxy that needs to know about the
5115 dynamic port the HTTP server is using, it too needs to get restarted
5116 when the http server is killed.
5118 A regression caused by 80d6515.
5123 - [Yuri Slobodyanyuk brought this change]
5129 - [Emil Engler brought this change]
5131 tests/git: ignore mqttd and port files
5135 - tests: make runtests check that disabled tests exists
5137 ... and error out if so. Removed '536' from DISABLED as there is no such
5142 - test1154: set a proper name
5144 - select: make Curl_socket_check take timediff_t timeout
5146 Coverity found CID 1461718:
5148 Integer handling issues (CONSTANT_EXPRESSION_RESULT) "timeout_ms >
5149 9223372036854775807L" is always false regardless of the values of its
5150 operands. This occurs as the logical second operand of "||".
5154 - [i-ky brought this change]
5156 libcurl-multi.3: added missing full stop
5160 Jay Satiro (22 Apr 2020)
5161 - transfer: Switch PUT to GET/HEAD on 303 redirect
5163 Prior to this change if there was a 303 reply to a PUT request then
5164 the subsequent request to respond to that redirect would also be a PUT.
5165 It was determined that was most likely incorrect based on the language
5166 of the RFCs. Basically 303 means "see other" resource, which implies it
5167 is most likely not the same resource, therefore we should not try to PUT
5168 to that different resource.
5170 Refer to the discussions in #5237 and #5248 for more information.
5172 Fixes https://github.com/curl/curl/issues/5237
5173 Closes https://github.com/curl/curl/pull/5248
5175 Daniel Stenberg (22 Apr 2020)
5176 - lib/mk-ca-bundle: skip empty certs
5178 Reviewed-by: Emil Engler
5179 Reported-by: Ashwin Metpalli
5183 - version: skip idn2_check_version() check and add precaution
5185 A gcc-10's -fanalyze complaint made me spot and do these improvements.
5189 - RELEASE-NOTES: synced
5191 - [Brian Bergeron brought this change]
5193 curl.h: update comment typo
5195 "routines with be invoked" -> "routines will be invoked"
5199 - [Emil Engler brought this change]
5201 GnuTLS: Don't skip really long certificate fields
5205 - gnutls: bump lowest supported version to 3.1.10
5207 GnuTLS 3.1.10 added new functions we want to use. That version was
5208 released on Mar 22, 2013. Removing support for older versions also
5209 greatly simplifies the code.
5214 - mqtt: make NOSTATE get within the debug name array
5216 - tests: run the RTSP test server on a dynamic port number
5218 To avoid port collisions.
5222 - tests: add %NOLISTENPORT and use it
5224 The purpose with this variable is to provide a port number that is
5225 reasonably likely to not have a listener on the local host so that tests
5226 can try connect failures against it. It uses port 47 - "reserved"
5229 Updated six tests to use it instead of the previous different ports.
5231 Assisted-by: Emil Engler
5234 - mqtt: remove code with no purpose
5236 Detected by Coverity. CID 1462319.
5238 "The same code is executed when the condition result is true or false,
5239 because the code in the if-then branch and after the if statement is
5244 - mqtt: fix Curl_read() error handling while reading remaining length
5246 Detected by Coverity. CID 1462320.
5250 - server/tftpd: fix compiler warning
5252 Follow-up from 369ce38ac1d
5253 Reported-by: Marc Hörsken
5255 - http: free memory when Alt-Used header creation fails due to OOM
5257 Reported-by: James Fuller
5261 Daniel Gustafsson (20 Apr 2020)
5262 - lib: fix typos in comments and errormessages
5264 This fixes a few randomly spotted typos in recently merged code, most
5265 notably one in a userfacing errormessage the schannel code.
5267 Daniel Stenberg (20 Apr 2020)
5268 - tests: run the SOCKS test server on a dynamic port number
5272 - [Johannes Schindelin brought this change]
5274 multi-ssl: reset the SSL backend on `Curl_global_cleanup()`
5276 When cURL is compiled with support for multiple SSL backends, it is
5277 possible to configure an SSL backend via `curl_global_sslset()`, but
5278 only *before* `curl_global_init()` was called.
5280 If another SSL backend should be used after that, a user might be
5281 tempted to call `curl_global_cleanup()` to start over. However, we did
5282 not foresee that use case and forgot to reset the SSL backend in that
5285 Let's allow that use case.
5289 Reported-by: davidedec on github
5290 Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
5292 - tests: run the TFTP test server on a dynamic port number
5294 Picking a dynamic unused port is better than a fixed to avoid the
5299 - mqtt: improve the state machine
5301 To handle PUBLISH before SUBACK and more.
5303 Updated the existing tests and added three new ones.
5305 Reported-by: Christoph Krey
5306 Bug: https://curl.haxx.se/mail/lib-2020-04/0021.html
5309 - runtests: always put test number in servercmd file
5311 - RELEASE-NOTES: synced
5313 - release-notes.pl: fix parsing typo
5315 James Fuller (20 Apr 2020)
5316 - ensure all references to ports are replaced by vars
5318 - add more alt-svc test coverage
5320 Daniel Stenberg (20 Apr 2020)
5321 - test1247: use http server to get the port number set
5323 Follow-up to 0f5db7b263f
5325 - runtests: use a unix domain socket path with the pid in the name
5327 To make it impossible for test cases to access the file name without
5328 using the proper variable for the purpose.
5332 Daniel Gustafsson (19 Apr 2020)
5333 - [Mipsters on github brought this change]
5335 src: Remove C99 constructs to ensure C89 compliance
5337 This fixes the error: 'for' loop initial declaration used outside C99
5338 mode by declaring the loop increment variable in the beginning of the
5339 block instead of inside the for loop.
5342 Reviewed-by: Daniel Gustafsson <daniel@yesql.se>
5344 Daniel Stenberg (19 Apr 2020)
5345 - runtests: dummy init the ports variables to avoid warnings
5347 ... and generate something that can help debug test cases.
5349 - [Patrick Monnerat brought this change]
5351 mime: properly check Content-Type even if it has parameters
5353 New test 669 checks this fix is effective.
5357 Reported-by: thanhchungbtc on github
5359 - tests/FILEFORMAT: converted to markdown and extended
5363 - test1245: make it work with dynamic FTP server port
5365 - test1055: make it work with dynamic FTP port
5367 - test1028: make it run on dynamic FTP server port
5369 - tests: move pingpong server to dynamic listening port
5371 FTP, IMAP, POP3, SMTP and their IPv6 versions are now all on dynamic
5374 Test 842-845 are unfortunately a bit hard to move over to this concept
5375 right now and require "default port" still...
5377 - test1056: work with dynamic HTTP ipv6 port
5379 - test1448: work with dynamic HTTP server port
5381 - tests: introduce preprocessed test cases
5383 The runtests script now always performs variable replacement on the
5384 entire test source file before the test gets executed, and saves the
5385 updated version in a temporary file (log/test[num]) so that all test
5386 case readers/servers can use that version (if present) and thus enjoy
5387 the powers of test case variable substitution.
5389 This is necessary to allow complete port number freedom.
5391 Test 309 is updated to work with a non-fixed port number thanks to this.
5393 - tests: make 2006-2010 handle different port number lengths
5395 - tests: run the sws server on "any port"
5397 Makes the test servers for HTTP and Gopher pop up on a currently unused
5398 port and runtests adapts to that!
5402 Marc Hoersken (18 Apr 2020)
5403 - sockfilt: tidy variable naming and data structure in select_ws
5405 This commit does not introduce any logical changes to the code.
5407 Reviewed-by: Jay Satiro and Marcel Raad
5410 Daniel Stenberg (17 Apr 2020)
5411 - [Anderson Toshiyuki Sasaki brought this change]
5413 libssh: Use new ECDSA key types to check known hosts
5415 From libssh 0.9.0, ssh_key_type() returns different key types for ECDSA
5416 keys depending on the curve.
5418 Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
5422 Marcel Raad (17 Apr 2020)
5423 - appveyor: add Unicode winbuild jobs
5425 These are cheap as they don't build tests.
5427 Closes https://github.com/curl/curl/pull/5063
5429 Daniel Stenberg (16 Apr 2020)
5430 - mqttd: s/errno/SOCKERRNO
5432 To behave proper on Windows
5433 Reported-by: Gisle Vanem
5434 Bug: https://github.com/curl/curl/commit/5e855bbd18f84a02c951be7cac6188276818cdac#r38507132
5437 - buildconf: use find -execdir instead, remove -print and the ares files
5439 Follow-up to 1e41bec96a6e
5441 Suggested-by: Marc Hörsken
5443 - [Alexander V. Tikhonov brought this change]
5445 buildconf: avoid using tempfile when removing files
5449 - copyright: bump the copyright year range
5451 - scripts/release-notes.pl: accept colon after the Fixes/Closes keywords
5453 - [JP Mens brought this change]
5455 docs/MQTT: replace confusing 80 by 75
5457 I was a bit surprised by the `80`: first thought: what's HTTP doing
5462 - [Brad King brought this change]
5464 cmake: Avoid MSVC C4273 warnings in send/recv checks
5466 We use `check_c_source_compiles` to check possible send/recv signatures
5467 by reproducing the forward declarations from system headers. On Windows
5468 the `winsock2.h` header adds dll linkage settings to its forward
5469 declaration. If ours does not match the compiler warns:
5471 warning C4273: 'recv': inconsistent dll linkage
5473 Add `WINSOCK_API_LINKAGE` to our test signatures when it is defined so
5474 that our linkage is consistent with that from `winsock2.h`.
5479 Jay Satiro (14 Apr 2020)
5480 - KNOWN_BUGS: Add entry 'Blocking socket operations'
5482 - Add threaded resolver cleanup and GSSAPI for FTP to the TODO list of
5483 known blocking operations.
5485 - New known bugs entry 'Blocking socket operations in non-blocking API'
5486 that directs to the TODO's list of known blocking operations.
5488 Ref: https://github.com/curl/curl/pull/5214#issuecomment-612488021
5490 Reported-by: Marc Hoersken
5492 Closes https://github.com/curl/curl/pull/5216
5494 Marc Hoersken (14 Apr 2020)
5495 - test2043: use revoked.badssl.com instead of revoked.grc.com
5497 The certificate of revoked.grc.com has expired on 2020-04-13.
5499 Reviewed-by: Jay Satiro
5503 - sockfilt: fix broken pipe on Windows to be ready in select_ws
5507 Daniel Stenberg (14 Apr 2020)
5508 - RELEASE-NOTES: synced
5510 - scripts/release-notes: fix duplicate output header
5512 - github/workflow: enable MQTT in the macOS debug build
5514 - azure: add mqtt support to one of the Windows builds
5516 - travis: add mqtt job on Linux
5518 - tests: add four MQTT tests 1190 - 1193
5520 - tests: add the mqtt test server mqttd
5522 - tests: support hex encoded data and mqtt server
5524 The mqtt server is started using a "random" port.
5526 - [Björn Stenberg brought this change]
5528 mqtt: add new experimental protocol
5532 - TODO: Consider convenience options for JSON and XML?
5536 - tool: do not declare functions with Curl_ prefix
5538 To avoid collision risks with private libcurl symbols when linked with
5539 static versions (or just versions not hiding internal symbols).
5541 Reported-by: hydra3333 on github
5545 - [Nathaniel R. Lewis brought this change]
5547 cmake: add aliases so exported target names are available in tree
5549 Reviewed-by: Brad King
5552 - version: increase buffer space for ssl version output
5554 To avoid it getting truncated, especially when several SSL backends are
5557 Reported-by: Gisle Vanem
5561 Marc Hoersken (13 Apr 2020)
5562 - cirrus: no longer ignore test 504 which is working again
5564 The test is working again, because TCP blackholing is disabled.
5566 - appveyor: completely disable tests that fail to timeout early
5568 The tests changed from ignored to disabled are tests that are
5569 about connecting to non-listening socket. On AppVeyor these
5570 tests are not reliable, because for some unknown reason the
5571 connect is not timing out before the test time limit is reached.
5573 Daniel Stenberg (13 Apr 2020)
5574 - test1908: avoid using fixed port number in test data
5578 Jay Satiro (12 Apr 2020)
5579 - [Andrew Kurushin brought this change]
5581 schannel: Fix blocking timeout logic
5583 - Fix schannel_send for the case when no timeout was set.
5585 Prior to this change schannel would error if the socket was not ready
5586 to send data and no timeout was set.
5588 This commit is similar to parent commit 89dc6e0 which recently made the
5589 same change for SOCKS, for the same reason. Basically it was not well
5590 understood that when Curl_timeleft returns 0 it is not a timeout of 0 ms
5591 but actually means no timeout.
5593 Fixes https://github.com/curl/curl/issues/5177
5594 Closes https://github.com/curl/curl/pull/5221
5596 - socks: Fix blocking timeout logic
5598 - Document in Curl_timeleft's comment block that returning 0 signals no
5599 timeout (ie there's infinite time left).
5601 - Fix SOCKS' Curl_blockread_all for the case when no timeout was set.
5603 Prior to this change if the timeout had a value of 0 and that was passed
5604 to SOCKET_READABLE it would return right away instead of blocking. That
5605 was likely because it was not well understood that when Curl_timeleft
5606 returns 0 it is not a timeout of 0 ms but actually means no timeout.
5608 Ref: https://github.com/curl/curl/pull/5214#issuecomment-612512360
5610 Closes https://github.com/curl/curl/pull/5220
5612 - [Marc Hoersken brought this change]
5614 gopher: check remaining time left during write busy loop
5616 Prior to this change gopher's blocking code would block forever,
5617 ignoring any set timeout value.
5619 Assisted-by: Jay Satiro
5620 Reviewed-by: Daniel Stenberg
5622 Similar to #5220 and #5221
5625 Daniel Stenberg (13 Apr 2020)
5626 - [Dirkjan Bussink brought this change]
5628 gnutls: ensure TLS 1.3 when SRP isn't requested
5630 When SRP is requested in the priority string, GnuTLS will disable
5631 support for TLS 1.3. Before this change, curl would always add +SRP to
5632 the priority list, effectively always disabling TLS 1.3 support.
5634 With this change, +SRP is only added to the priority list when SRP
5635 authentication is also requested. This also allows updating the error
5636 handling here to not have to retry without SRP. This is because SRP is
5637 only added when requested and in that case a retry is not needed.
5641 Marc Hoersken (12 Apr 2020)
5642 - tests/server: add hidden window to gracefully handle WM_CLOSE
5644 Forward Window events as signals to existing signal event handler.
5646 - tests/server: add CTRL event handler for Win32 consoles
5648 Forward CTRL events as signals to existing signal event handler.
5650 - tests/server: move all signal handling routines to util.[ch]
5652 Avoid code duplication to prepare for portability enhancements.
5654 Daniel Stenberg (12 Apr 2020)
5655 - compressed.d: stress that the headers are not modified
5657 Suggested-by: Michael Osipov
5658 Assisted-by: Jay Satiro
5659 Bug: https://github.com/curl/curl/issues/5182#issuecomment-611638008
5662 Marc Hoersken (11 Apr 2020)
5663 - tests/server/util.c: use curl_off_t instead of long for pid
5665 Avoid potential overflow of huge PIDs on Windows.
5668 Assisted-by: Marcel Raad
5670 - tests: use Cygwin/msys PIDs for stunnel and sshd on Windows
5672 Since the Windows versions of both programs would write Windows
5673 PIDs to their pidfiles which we cannot handle, we need to use
5674 our known perl.exe Cygwin/msys PID together with exec() in order
5675 to tie the spawned processes to the existance of our perl.exe
5677 The perl.exe that is executing secureserver.pl and sshserver.pl
5678 has a Cygwin/msys PID, because it is started inside Cygwin/msys.
5682 - tests: add Windows compatible pidwait like pidkill and pidterm
5686 - tests: fix conflict between Cygwin/msys and Windows PIDs
5688 Add 65536 to Windows PIDs to allow Windows specific treatment
5689 by having disjunct ranges for Cygwin/msys and Windows PIDs.
5692 - https://cygwin.com/git/?p=newlib-cygwin.git;a=commit; ↵
5693 h=b5e1003722cb14235c4f166be72c09acdffc62ea
5694 - https://cygwin.com/git/?p=newlib-cygwin.git;a=commit; ↵
5695 h=448cf5aa4b429d5a9cebf92a0da4ab4b5b6d23fe
5700 Daniel Stenberg (11 Apr 2020)
5701 - RELEASE-NOTES: synced
5703 - release-notes.pl: detect the start of the references in cleanup mode
5705 - Revert "file: on Windows, refuse paths that start with \\"
5707 This reverts commit 1b71bc532bde8621fd3260843f8197182a467ff2.
5709 Reminded-by: Chris Roberts
5710 Bug: https://curl.haxx.se/mail/archive-2020-04/0013.html
5714 Jay Satiro (11 Apr 2020)
5715 - lib: fix conversion warnings for SOCKET_WRITABLE/READABLE
5717 - If loss of data may occur converting a timediff_t to time_t and
5718 the time value is > TIME_T_MAX then treat it as TIME_T_MAX.
5720 This is a follow-up to 8843678 which removed the (time_t) typecast
5721 from the macros so that conversion warnings could be identified.
5723 Closes https://github.com/curl/curl/pull/5199
5725 - test1148: tolerate progress updates better (again)
5727 - Ignore intermediate progress updates.
5729 - Support locales that use a character other than period as decimal
5730 separator (eg 100,0%).
5732 test1148 checks that the progress finishes at 100% and has the right
5733 bar width. Prior to this change the test assumed that the only progress
5734 reported for such a quick transfer was 100%, however in rare instances
5735 (like in the CI where transfer time can slow considerably) there may be
5736 intermediate updates. For example, below is stderrlog1148 from a failed
5737 CI run with explicit \r and \n added (it is one line; broken up so that
5738 it's easier to understand).
5741 \r################################## 48.3%
5742 \r######################################################################## 100.0%
5745 Closes https://github.com/curl/curl/pull/5194
5747 Marc Hoersken (10 Apr 2020)
5748 - sshserver.pl: use cached Win32 environment check variable
5750 - appveyor: partially revert 3413a110 to keep build without proxy
5752 Ref: #5211 and #4526
5753 Reported-by: Marcel Raad
5755 - appveyor: ignore failing 'connect to non-listening proxy' tests
5759 - CI/macos: convert CRLF to LF and align indentation
5761 Daniel Stenberg (9 Apr 2020)
5762 - url: allow non-HTTPS altsvc-matching for debug builds
5764 This is already partly supported but this part was missing.
5765 Reported-by: James Fuller
5769 - server/resolve: remove AI_CANONNAME to make macos tell the truth
5771 With this bit set, my mac successfully resolves "ip6-localhost" when in
5772 fact there is no such host known to my machine! That in turn made test
5773 241 wrongly execute and fail.
5777 - runtests: fix warning about using an undefined variable
5779 Follow-up from 4d939ef6ceb2db1
5781 - release-notes: fix the initial reference list output
5783 - github actions: run when pushed to master or */ci + PRs
5785 Avoid double-builds when using "local" branches for PRs. For both macos
5790 - runtests: provide nicer errormsg when protocol "dump" file is empty
5792 - [Gilles Vollant brought this change]
5794 schannel: support .P12 or .PFX client certificates
5796 Used with curl command line option like this: --cert
5797 <filename>:<password> --cert-type p12
5801 - tests: verify split initial HTTP requests with CURL_SMALLREQSEND
5803 test1294: "split request" being when the entire request isn't sent in
5804 the first go, and the remainder is sent in the PERFORM state. A GET
5805 request is otherwise not sending anything during PERFORM.
5807 test1295: same kind of split but with POST
5811 - http: don't consider upload done if the request isn't completely sent off
5816 - http: allow Curl_add_buffer_send() to do a short first send by force
5818 In a debug build, settting the environment variable "CURL_SMALLREQSEND"
5819 will make the first HTTP request send not send more bytes than the set
5820 amount, thus ending up verifying that the logic for handling a split
5821 HTTP request send works correctly.
5823 - connect: store connection info for QUIC connections
5825 Restores the --head functionality to the curl utility which extracts
5826 'protocol' that is stored that way.
5828 Reported-by: James Fuller
5832 - tests/README: update the port numbers list
5834 Since the pipelining server is long gone.
5835 Reported-by: James Fuller
5837 - select: remove typecast from SOCKET_WRITABLE/READABLE macros
5839 So that they don't hide conversions-by-mistake
5841 Reviewed-by: Jay Satiro
5844 - CURLOPT_WRITEFUNCTION.3: add inline example and new see-also
5848 - release-notes: output trailing references sorted numerically
5850 - cleanup: correct copyright year range on a few files
5852 - configure: remove use of -vec-report0 from CFLAGS with icc
5854 ... as it apparently isn't (always) supported.
5855 Reported-by: Alain Miniussi
5859 - warnless: remove code block for icc that didn't work
5861 Reported-by: Alain Miniussi
5864 Marc Hoersken (6 Apr 2020)
5865 - dist: add missing setup-win32.h
5867 Follow up to d820224b8b
5869 Daniel Stenberg (6 Apr 2020)
5870 - RELEASE-NOTES: synced
5872 - scripts/release-notes.pl: add helper script for RELEASE-NOTES maintenance
5874 This script helps putting entries in the RELEASE-NOTES using a coherent
5875 style and sorting with a minimal human editing effort - as long as the
5876 first line in the commit message is good enough! There's a short howto
5877 at the top of the file.
5879 - [Dennis Felsing brought this change]
5881 configure: don't check for Security.framework when cross-compiling
5883 Since it checks for the local file, not the cross-compiled one.
5887 - TODO: Option to make -Z merge lined based outputs on stdout
5891 - lib: never define CURL_CA_BUNDLE with a getenv
5893 - it breaks the build (since 6de756c9b1de34b7a1)
5894 - it's not documented and not consistent across platforms
5895 - the curl tool does that getenv magic
5897 Bug: https://github.com/curl/curl/commit/6de756c#r38127030
5898 Reported-by: Gisle Vanem
5902 Marc Hoersken (5 Apr 2020)
5903 - lib670: use the same Win32 API check as all other lib tests
5905 - appveyor: use random test server ports based upon APPVEYOR_API_URL
5907 Avoid conflicts of test server ports with AppVeyor API on localhost.
5911 - appveyor: sort builds by type and add two new variants
5913 Related to #5034 and #5063
5915 - appveyor: show failed tests in log even if test is ignored
5917 And print API response with newline only if there is one
5919 - appveyor: turn disabled tests into ignored result tests
5921 Daniel Stenberg (5 Apr 2020)
5922 - KNOWN_BUGS: fixed "USE_UNIX_SOCKETS on Windows"
5924 Fixed with #5170 (commit 23a870f2fd041278)
5926 - test1566: verify --etag-compare that gets a 304 back
5928 Verifies the fix in #5183
5932 - [Kwon-Young Choi brought this change]
5934 CURLINFO_CONDITION_UNMET: return true for 304 http status code
5936 In libcurl, CURLINFO_CONDITION_UNMET is used to avoid writing to the
5937 output file if the server did not transfered a file based on time
5938 condition. In the same manner, getting a 304 HTTP response back from the
5939 server, for example after passing a custom If-Match-* header, also
5940 fulfill this condition.
5945 - [Kwon-Young Choi brought this change]
5947 curl: allow both --etag-compare and --etag-save with same file name
5949 This change inverse the order of processing for the --etag-compare and
5950 --etag-save option to process first --etag-compare. This in turn allows
5951 to use the same file name to compare and save an etag.
5953 The original behavior of not failing if the etag file does not exists is
5959 Viktor Szakats (4 Apr 2020)
5960 - windows: enable UnixSockets with all build toolchains
5962 Extend existing unix socket support in Windows builds to be
5963 enabled for all toolchain vendors or versions. (Previously
5964 it was only supported with certain MSVC versions + more recent
5967 Ref: https://devblogs.microsoft.com/commandline/af_unix-comes-to-windows/
5968 Ref: https://github.com/curl/curl/issues/5162
5969 Closes: https://github.com/curl/curl/pull/5170
5971 Daniel Stenberg (4 Apr 2020)
5972 - KNOWN_BUGS: Store TLS context per transfer instead of per connection
5976 Marc Hoersken (3 Apr 2020)
5977 - sockfilt: remove redundancy in timeout handling
5979 And update other logmsg output in select_ws on Windows.
5981 - sockfilt: fix handling of ready closed sockets on Windows
5983 Replace the incomplete workaround regarding FD_CLOSE
5984 only signalling once by instead doing a pre-check with
5985 standard select and storing the result for later use.
5987 select keeps triggering on closed sockets on Windows while
5988 WSAEventSelect fires only once with data still available.
5989 By doing the pre-check we do not run in a deadlock
5990 due to waiting forever for another FD_CLOSE event.
5992 - sockfilt: fix race-condition of waiting threads and event handling
5994 Fix race-condition of waiting threads finishing while events are
5995 already being processed which lead to invalid or skipped events.
5997 Use mutex to check for one event at a time or do post-processing.
5998 In addition to mutex-based locking use specific event as signal.
6002 Daniel Stenberg (2 Apr 2020)
6003 - [Leo Neat brought this change]
6005 CI-fuzz: increase fuzz time to 40 minutes
6009 Marc Hoersken (2 Apr 2020)
6010 - CI: increase Azure Pipelines timeouts due to performance issues
6012 The current demand on Azure negatively impacts the CI performance.
6014 - runtests.pl: log host OS as detected by Perl environment
6016 - ftpserver.pl: log before and after data connection is closed
6018 Daniel Stenberg (1 Apr 2020)
6019 - RELEASE-NOTES: synced
6021 - RELEASE-PROCEDURE.md: run the copyright.pl script!
6023 - vquic/ngtcp2.h: update copyright year range
6025 Follow-up to 0736ee73d346a52
6027 - [Daiki Ueno brought this change]
6029 CI: add build with ngtcp2 + gnutls on Travis CI
6031 - [Daiki Ueno brought this change]
6033 vquic: add support for GnuTLS backend of ngtcp2
6035 Currently, the TLS backend used by vquic/ngtcp2.c is selected at compile
6036 time. Therefore OpenSSL support needs to be explicitly disabled.
6038 Signed-off-by: Daiki Ueno <dueno@redhat.com>
6041 - [Gisle Vanem brought this change]
6043 examples/sessioninfo.c: add include to fix compiler warning
6047 - misc: copyright year updates
6049 Follow-up to 7a71965e9
6051 - [Harry Sintonen brought this change]
6053 build: fixed build for systems with select() in unistd.h
6057 - memdebug: don't log free(NULL)
6059 ... it serves no purpose and fills up the log.
6061 - cleanup: insert newline after if() conditions
6063 Our code style mandates we put the conditional block on a separate
6064 line. These mistakes are now detected by the updated checksrc.
6066 - checksrc: warn on obvious conditional blocks on the same line as if()
6070 - [Roger Orr brought this change]
6072 cmake: add CMAKE_MSVC_RUNTIME_LIBRARY
6077 - [Daiki Ueno brought this change]
6079 ngtcp2: update to git master for the key installation API change
6081 This updates the ngtcp2 OpenSSL backend to follow the API change in
6082 commit 32e703164 of ngtcp2.
6084 Notable changes are:
6085 - ngtcp2_crypto_derive_and_install_{rx,tx}_key have been added to replace
6086 ngtcp2_crypto_derive_and_install_key
6087 - the 'side' argument of ngtcp2_crypto_derive_and_install_initial_key
6093 - [Cyrus brought this change]
6095 SECURITY.md: minor rephrase
6099 - output.d: quote the URL when globbing
6101 Some shells do globbing of their own unless the URL is quoted, so maybe
6104 Co-authored-by: Jay Satiro
6107 - dist: add tests/version-scan.pl to tarball
6109 ... used in test 1177.
6111 Follow-up to a97d826f6de3
6113 - test1177: verify that all the CURL_VERSION_ bits are documented
6115 - curl.h: remnove CURL_VERSION_ESNI. Never supported nor documented
6117 Considered experimental and therefore we can do this.
6121 - KNOWN_BUGS: DoH doesn't inherit all transfer options
6126 - KNOWN_BUGS: DoH leaks memory after followlocation
6130 - KNOWN_BUGS: "FTPS needs session reuse"
6134 - KNOWN_BUGS: "stick to same family over SOCKS pro" is presumed fixed
6136 - TODO: Set custom client ip when using haproxy protocol
6140 Michael Kaufmann (27 Mar 2020)
6141 - writeout_json: Fix data type issues
6143 Load long values correctly (e.g. for http_code).
6145 Use curl_off_t (not long) for:
6146 - size_download (CURLINFO_SIZE_DOWNLOAD_T)
6147 - size_upload (CURLINFO_SIZE_UPLOAD_T)
6149 The unit for these values is bytes/second, not microseconds:
6150 - speed_download (CURLINFO_SPEED_DOWNLOAD_T)
6151 - speed_upload (CURLINFO_SPEED_UPLOAD_T)
6156 Daniel Stenberg (27 Mar 2020)
6157 - mailmap: fixup a few author names/fields
6159 Douglas Steinwand, Gökhan Şengün, Jessa Chandler, Julian Z and
6162 - version: add 'cainfo' and 'capath' to version info struct
6164 Suggested-by: Timothe Litt
6165 URL: https://curl.haxx.se/mail/lib-2020-03/0090.html
6166 Reviewed-by: Jay Satiro
6170 - RELEASE-NOTES: synced
6172 Jay Satiro (26 Mar 2020)
6173 - SSLCERTS.md: Fix example code for setting CA cert file
6175 Prior to this change the documentation erroneously said use
6176 CURLOPT_CAPATH to set a CA cert file.
6178 Bug: https://curl.haxx.se/mail/lib-2020-03/0121.html
6179 Reported-by: Timothe Litt
6181 Closes https://github.com/curl/curl/pull/5151
6183 Marc Hoersken (26 Mar 2020)
6184 - sockfilt: add logmsg output to select_ws_wait_thread on Windows
6186 Assisted-by: Jay Satiro
6187 Reviewed-by: Daniel Stenberg
6191 Daniel Stenberg (26 Mar 2020)
6192 - docs/make: generate curl.1 from listed files only
6194 Previously it rendered the page from files matching "*.d" in the correct
6195 directory, which worked fine in git builds when the files were added but
6196 made it easy to forget adding the files to the dist.
6198 Now, only man page sections listed in DPAGES in Makefile.inc will be
6199 used, thus "forcing" us to update this to get the man page right and get
6200 it included in the dist at the same time.
6205 - openssl: adapt to functions marked as deprecated since version 3
6207 OpenSSL 3 deprecates SSL_CTX_load_verify_locations and the MD4, DES
6210 Fix the MD4 and SSL_CTX_load_verify_locations warnings.
6212 In configure, detect OpenSSL v3 and if so, inhibit the deprecation
6213 warnings. OpenSSL v3 deprecates the DES functions we use for NTLM and
6214 until we rewrite the code to use non-deprecated functions we better
6215 ignore these warnings as they don't help us.
6219 - dist: add mail-rcpt-allowfails.d to the tarball
6221 Reported-by: Maksim Stsepanenka
6222 Reviewed-by: Jat Satiro
6226 - travis: update the ngtcp2 build to use the latest OpenSSL patch
6228 ... which also makes it OpenSSL 1.1.1d based and not v3.
6230 Marc Hoersken (24 Mar 2020)
6231 - CI: remove default Ubuntu build from GitHub Actions
6233 We are already running a very similar Ubuntu build on Travis CI.
6234 The macOS variant of this default build is kept on Github Actions.
6236 - CI: bring GitHub Actions fuzzing job in line with macOS jobs
6238 Update YAML formatting, job naming and triggers.
6240 - CI: migrate macOS jobs from Azure and Travis CI to GitHub Actions
6242 Reduce workload on Azure Pipelines and Travis CI while
6243 consolidating macOS jobs onto less utilized GitHub Actions.
6245 Reviewed-by: Daniel Stenberg
6249 Daniel Stenberg (24 Mar 2020)
6250 - config: remove all defines of HAVE_DES_H
6252 As there's no code using it.
6256 - copyright: fix out-of-date copyright ranges and missing headers
6258 Reported by the new script 'scripts/copyright.pl'. The script has a
6259 regex whitelist for the files that don't need copyright headers.
6261 Removed three (mostly usesless) README files from docs/
6265 - packages: add OS400/chkstrings.c to the dist
6267 Reported-by: Jon Rumsey
6271 - [Clément Notin brought this change]
6273 nghttp2: 1.12.0 required
6275 since nghttp2_session_set_local_window_size is needed
6279 - RELEASE-NOTES: synced
6281 - [Calvin Buckley brought this change]
6283 OS400: Update strings for ccsid-ifier
6289 - cirrus: make freebsd ignore the tests instead of skipping
6291 To allow us to see in the CI logs how they actually behave
6295 - cirrus: move the sanitizer build from freebsd 13 to freebsd 12
6297 - Revert "cirrus-ci: disable the FreeBSD 13 builds"
6299 This reverts commit 691b71be930f0e285c8f7a76efd56bbe0576cda6.
6301 - getinfo: provide CURLINFO_HEADER_SIZE and CURLINFO_REQUEST_SIZE override
6303 To let debug-builds return fake values, like in test 970.
6308 - test970: improve the test
6310 - send more data to make problems more obvious
6311 - don't start the data with minus, it makes diffs harder to read
6312 - skip the headers in the stdout comparison
6313 - save to a file name to also verify 'filename_effective'
6317 - CURLINFO_NUM_CONNECTS: improve accuracy
6319 The counter was not bumped in all cases correctly.
6321 Reported-by: Marcel Raad
6325 - TODO: Use "random" ports for the test servers
6327 - lib/curl_setup: adjust the copyright year range
6329 Follow-up from d820224b8
6331 Jay Satiro (21 Mar 2020)
6332 - curl_setup: define _WIN32_WINNT_[OS] symbols
6334 .. because not all Windows build systems have those symbols, and even
6335 those that do may be missing newer symbols (eg the Windows 7 SDK does
6336 not define _WIN32_WINNT_WIN10).
6338 Those symbols are used in build-time logic to decide which API to use
6339 and prior to this change if the symbols were missing it would have
6340 resulted in deprecated API being used when more recent functions were
6341 available (eg GetVersionEx used instead of VerifyVersionInfo).
6343 Reported-by: FuccDucc@users.noreply.github.com
6345 Probably fixes https://github.com/curl/curl/issues/4995
6346 Closes https://github.com/curl/curl/pull/5057
6348 - [Ross Burton brought this change]
6350 curl-functions.m4: remove inappropriate AC_REQUIRE
6352 AC_REQUIRE means "if this macro hasn't been executed already, execute
6353 it". So in a wrapper around AC_RUN_IFELSE, AC_REQUIRE(AC_RUN_IFELSE)
6354 isn't correct at that will execute AC_RUN_IFELSE without any arguments.
6356 With autoconf 2.69 this is basically a no-op, but with autoconf 2.70,
6357 AC_RUN_IFELSE without a default value when cross-compiling is fatal.
6358 The result is that curl with autoconf 2.70 cannot cross-compile.
6360 Fixes https://github.com/curl/curl/issues/5126
6361 Closes https://github.com/curl/curl/pull/5130
6363 Marc Hoersken (20 Mar 2020)
6364 - ci/tests: fix Azure Pipelines not running Windows containers
6366 Workaround posted here: microsoft/azure-pipelines-agent#2864
6368 Assisted-by: Simon Chalifoux
6369 Assisted-by: Tommy Petty
6374 Daniel Stenberg (20 Mar 2020)
6375 - tests: add test 430, 431 and 432 to verify the --config fix
6377 Verify the fixes in 4e0b4fee4
6379 - [Rici Lake brought this change]
6381 cmdline: fix handling of OperationConfig linked list (--next)
6383 Ensures that -K/--config inserts new items at the end of the list
6384 instead of overwriting the second item, and that after a -K/--config
6385 option has been parsed, the option parser's view of the current config
6391 Marc Hoersken (20 Mar 2020)
6392 - test2100: fix static port instead of dynamic value being used
6394 - test970: fix static ip:port instead of dynamic values being used
6396 Daniel Stenberg (19 Mar 2020)
6397 - secure transport: remove the BACKEND define kludge
6401 - mbedtls: remove the BACKEND define kludge
6403 - bearssl: remove the BACKEND define kludge
6405 - wolfssl: remove the BACKEND define kludge
6407 - nss: remove the BACKEND define kludge
6409 - gnutls: remove the BACKEND define kludge
6411 - openssl: remove the BACKEND define kludge
6413 Use a proper variable instead to make it easier to use a debugger and
6416 Marc Hoersken (19 Mar 2020)
6417 - tests: make Python-based servers compatible with Python 2 and 3
6419 Update smbserver.py and negtelnetserver.py to be compatible with
6420 Python 3 while staying backwards-compatible to support Python 2.
6422 Fix string encoding and handling of echoed and transferred data.
6424 Tested with both Python 2.7.17 and Python 3.7.7
6426 Reported-by: Daniel Stenberg
6427 Assisted-by: Kamil Dudka
6428 Reviewed-by: Marcel Raad
6433 Daniel Stenberg (18 Mar 2020)
6434 - writeout_json: use curl_off_t printf() option for the time output
6436 Follow-up to: 04c03416e68fd635a15
6440 - RELEASE-NOTES: synced
6442 Uh, I missed this in 1a46b218db
6444 - RELEASE-NOTES: synced
6446 ... and bumped curlver.h to 7.70.0
6448 Jay Satiro (18 Mar 2020)
6449 - http2: Fix erroneous debug message that h2 connection closed
6451 Prior to this change in libcurl debug builds http2 stream closure was
6452 erroneously referred to as connection closure.
6455 * nread <= 0, server closed connection, bailing
6458 * nread == 0, stream closed, bailing
6460 Closes https://github.com/curl/curl/pull/5118
6462 Daniel Stenberg (18 Mar 2020)
6463 - tool_setopt: correct the copyright year range
6465 Follow-up to 5450428491
6467 Jay Satiro (18 Mar 2020)
6468 - [Johannes Schindelin brought this change]
6470 schannel: add "best effort" revocation check option
6472 - Implement new option CURLSSLOPT_REVOKE_BEST_EFFORT and
6473 --ssl-revoke-best-effort to allow a "best effort" revocation check.
6475 A best effort revocation check ignores errors that the revocation check
6476 was unable to take place. The reasoning is described in detail below and
6477 discussed further in the PR.
6481 When running e.g. with Fiddler, the schannel backend fails with an
6482 unhelpful error message:
6484 Unknown error (0x80092012) - The revocation function was unable
6485 to check revocation for the certificate.
6487 Sadly, many enterprise users who are stuck behind MITM proxies suffer
6488 the very same problem.
6490 This has been discussed in plenty of issues:
6491 https://github.com/curl/curl/issues/3727,
6492 https://github.com/curl/curl/issues/264, for example.
6494 In the latter, a Microsoft Edge developer even made the case that the
6495 common behavior is to ignore issues when a certificate has no recorded
6496 distribution point for revocation lists, or when the server is offline.
6497 This is also known as "best effort" strategy and addresses the Fiddler
6500 Unfortunately, this strategy was not chosen as the default for schannel
6501 (and is therefore a backend-specific behavior: OpenSSL seems to happily
6502 ignore the offline servers and missing distribution points).
6504 To maintain backward-compatibility, we therefore add a new flag
6505 (`CURLSSLOPT_REVOKE_BEST_EFFORT`) and a new option
6506 (`--ssl-revoke-best-effort`) to select the new behavior.
6508 Due to the many related issues Git for Windows and GitHub Desktop, the
6509 plan is to make this behavior the default in these software packages.
6511 The test 2070 was added to verify this behavior, adapted from 310.
6513 Based-on-work-by: georgeok <giorgos.n.oikonomou@gmail.com>
6514 Co-authored-by: Markus Olsson <j.markus.olsson@gmail.com>
6515 Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
6517 Closes https://github.com/curl/curl/pull/4981
6519 - multi: Improve parameter check for curl_multi_remove_handle
6521 - If an easy handle is owned by a multi different from the one specified
6522 then return CURLM_BAD_EASY_HANDLE.
6524 Prior to this change I assume user error could cause corruption.
6526 Closes https://github.com/curl/curl/pull/5116
6528 Viktor Szakats (17 Mar 2020)
6529 - windows: suppress UI in all CryptAcquireContext() calls
6531 Ref: https://docs.microsoft.com/windows/win32/api/wincrypt/nf-wincrypt-cryptacquirecontexta#parameters
6532 Reviewed-by: Marc Hörsken
6533 Closes https://github.com/curl/curl/pull/5088
6535 Daniel Stenberg (17 Mar 2020)
6536 - writeout_json: add missing comma to fix the HTTP version
6538 Follow-up to 04c03416e68fd635a15
6540 - test 970: verify --write-out '%{json}'
6542 Makes curl_easy_getinfo() of "variable" numerical content instead return
6543 the number set in the env variable `CURL_TIME`.
6545 Makes curl_version() of "variable" textual content. This guarantees a
6546 stable version string which can be tested against. Environment variable
6547 `CURL_VERSION` defines the content.
6549 Assisted-by: Mathias Gumz
6551 - [Mathias Gumz brought this change]
6553 writeout: support to generate JSON output
6555 This commit adds support to generate JSON via the writeout feature:
6559 It leverages the existing infrastructure as much as possible. Thus,
6560 generating the JSON on STDERR is possible by:
6562 -w "%{stderr}%{json}"
6564 This implements a variant of
6565 https://github.com/curl/curl/wiki/JSON#--write-out-json.
6569 - CI: stop ignoring 323, it is disabled
6571 - DISABLED: disable test 323
6573 The test uses SRP to "a server not supporting it" but modern stunnel
6574 versions will silently accept it and remain happy. The test is therefore
6577 I haven't figured out how to make stunnel explicitly reject SRP-using
6580 Reported-by: Marc Hörsken
6584 Marc Hoersken (17 Mar 2020)
6585 - ci/tests: increase timeouts for torture builds on Azure Pipelines
6587 For some reason the torture builds have slowed down recently.
6589 Reported-by: Daniel Stenberg
6591 Daniel Stenberg (16 Mar 2020)
6592 - cmake: add support for building with wolfSSL
6594 My working build cmdline:
6596 $ cmake -DCMAKE_PREFIX_PATH=$HOME/build-wolfssl -DCMAKE_USE_WOLFSSL=ON .
6598 Assisted-by: Brad King
6601 - tool_operate: fix add_parallel_transfers when more are in queue
6603 Trying to return early from the function if no new transfers were added
6604 would break the "morep" argument and cause issues. This could lead to
6605 zero content "transfers" (within quotes since they would never be
6606 started) when parallel-max was reduced.
6608 Reported-by: Gavin Wong
6609 Analyzed-by: Jay Satiro
6613 - vtls: free ssl_config leftovers on out-of-memory
6615 Torture testing 2034 and 2037 found this.
6617 Reported-by: Marc Hörsken
6621 Marc Hoersken (16 Mar 2020)
6622 - ci/tests: fix Azure Pipelines not running for pull requests
6626 Daniel Stenberg (15 Mar 2020)
6627 - gskit: update the copyright year range
6629 Follow-up from 083603c63a3
6631 Marc Hoersken (15 Mar 2020)
6632 - gskit: use our internal select wrapper for portability
6634 Follow up to c52b342
6637 - tests: fix verification of stdout in test 1452 due to newline
6639 Fixes test1452:41:1: error: missing </stdout> tag before </verify>
6641 - ci/tests: install impacket for SMB tests on FreeBSD using CirrusCI
6643 Also force the package index/cache to be updated before installing.
6647 - tests/README: add note about manually installing python-impacket
6649 Follow up to 4be2560
6651 Daniel Stenberg (15 Mar 2020)
6652 - transfer: cap retries of "dead connections" to 5
6654 When libcurl retries a connection due to it being "seemingly dead" or by
6655 REFUSED_STREAM, it will now only do it up five times before giving up,
6656 to avoid never-ending loops.
6658 Reported-by: Dima Tisnek
6659 Bug: https://curl.haxx.se/mail/lib-2020-03/0044.html
6662 - TODO: TLS-PSK with OpenSSL
6666 Marc Hoersken (15 Mar 2020)
6667 - select: add 'timeout_ms' wrap-around precaution to Curl_select
6669 - select: fix 'pending_ms' is assigned a value that is never used
6673 - select: move duplicate select preparation code into Curl_select
6675 Reviewed by Daniel Stenberg
6676 Reviewed by Marcel Raad
6679 Daniel Stenberg (15 Mar 2020)
6680 - connect: happy eyeballs cleanup
6682 Make sure each separate index in connn->tempaddr[] is used for a fixed
6683 family (and only that family) during the connection process.
6685 If family one takes a long time and family two fails immediately, the
6686 previous logic could misbehave and retry the same family two address
6689 Reported-by: Paul Vixie
6690 Reported-by: Jay Satiro
6695 Marc Hoersken (15 Mar 2020)
6696 - ci/tests: fix and align setting TFLAGS for make test-nonflaky
6698 - ci/tests: install test suite dependencies stunnel and impacket
6700 - tests: remove python_dependencies for smbserver from our tree
6702 Users of the SMB tests will have to install impacket manually.
6704 Reasoning: our in-tree version of impacket was quite outdated
6705 and only compatible with Python 2 which is already end-of-life.
6706 Upgrading to Python 3 and a compatible impacket version would
6707 require to import additional Python-only and CPython-extension
6708 dependencies. This would have hindered portability enormously.
6712 Jay Satiro (14 Mar 2020)
6713 - Makefile.m32: Improve windres parameter compatibility
6717 Some versions of windres do not recognize uppercase COFF as a valid
6718 way to specify the COFF output format.
6720 Reported-by: Steven Penny
6722 Fixes https://github.com/curl/curl/issues/5099
6723 Closes https://github.com/curl/curl/pull/5101
6725 - easy: Fix curl_easy_duphandle for builds missing IPv6 that use c-ares
6727 - Ignore CURLE_NOT_BUILT_IN errors returned by c-ares functions in
6728 curl_easy_duphandle.
6730 Prior to this change if c-ares was used as the resolver backend and
6731 either it was too old or libcurl was built without IPv6 support then
6732 some of our resolver functions could return CURLE_NOT_BUILT_IN to
6733 curl_easy_duphandle causing it to fail.
6735 Caused by c8f086b which shipped in 7.69.1.
6737 Reported-by: Karl Chen
6739 Fixes https://github.com/curl/curl/issues/5097
6740 Closes https://github.com/curl/curl/pull/5100
6742 Daniel Stenberg (13 Mar 2020)
6743 - docs: add warnings about FILE: URLs on Windows
6745 - --url man page section
6746 - libcurl-security.3 gets the full text
6749 Reported-by: Tim Sedlmeyer
6751 - server/getpart: make the "XML-parser" stricter
6753 When extracting a <section> <part> and there's no </part> before
6754 </section>, this now outputs an error and returns a wrong string to
6755 make users spot the mistake.
6760 Marc Hoersken (13 Mar 2020)
6761 - impacket: some more Python 3 code compatibility updates
6763 This makes smbserver load on Python 3, but still not work completely.
6765 - smbserver: pin Python version to 2 since we are not yet 3 compatible
6767 Even though the existing code can be fixed to run on Python 3, the
6768 tests will fail due to the Unicode transition the protocol is invalid.
6770 Follow up to ee63837
6773 Daniel Stenberg (12 Mar 2020)
6774 - [Viktor Szakats brought this change]
6776 cleanup: fix some text/comment typos
6780 Marc Hoersken (12 Mar 2020)
6781 - smbserver: fix Python version specific ConfigParser import
6783 Follow up to ee63837 and 8c7c4a6
6786 Daniel Stenberg (11 Mar 2020)
6787 - RELEASE-NOTES: synced
6791 Dan Fandrich (11 Mar 2020)
6792 - tests/data: Fix some XML formatting issues in test cases
6794 This allows these test files to pass xmllint.
6796 Daniel Stenberg (11 Mar 2020)
6797 - [Muhammad Herdiansyah brought this change]
6799 Makefile: run the cd commands in a subshell
6801 In bmake, if the directory is changed (with cd or anything else), bmake
6802 won't return to the "root directory" on the next command (in the same
6803 Makefile rule). This commit runs the cd command in a subshell so it
6804 would work in bmake.
6808 - configure: convert -I to -isystem as a last step
6810 As all the -I uses in CFLAGS at that point are for system headers and
6811 third party libraries this helps us remove/ignore warnings on those!
6815 - configure: fix -pedantic-errors for GCC 5 and later
6817 If --enable-werror is used.
6819 Follow-up to d5c0351055d5709da which added it too early in the configure
6820 script before $compiler_num was set correctly and thus this option was
6823 Reported-by: Stepan Efremov
6827 - configure: document 'compiler_num' for gcc
6829 The CURL_CHECK_COMPILER_GNU_C function sets the number to MAJOR*100 +
6830 MINOR and ignores the patch version, and since gcc version 7 it only
6831 sets it to MAJOR*100.
6833 Reported-by: Stepan Efremov
6837 Version 7.69.1 (11 Mar 2020)
6839 Daniel Stenberg (11 Mar 2020)
6840 - RELEASE-NOTES: 7.69.1
6842 - THANKS: from the 7.69.1 release
6844 - [Marc Hoersken brought this change]
6846 test1129: fix invalid case of closing XML-tag and Content-Length
6851 Marc Hoersken (10 Mar 2020)
6852 - tests/data: fix static ip instead of dynamic value being used
6854 Follow up to 94ced8e
6856 - tests/data: fix static ip:port instead of dynamic values being used
6860 - tests/server: fix missing use of exe_ext helper function
6862 Follow up to 9819984 and 3dce984
6863 Reviewed-By: Daniel Stenberg
6866 - runtests: log minimal and maximal used port numbers
6868 Daniel Stenberg (9 Mar 2020)
6869 - [James Fuller brought this change]
6871 sftp: fix segfault regression introduced by #4747
6873 This fix adds a defensive check for the case where the char *name in
6874 struct libssh2_knownhost is NULL
6879 - RELEASE-NOTES: synced
6881 - socks4: fix host resolve regression
6883 1. The socks4 state machine was broken in the host resolving phase
6885 2. The code now insists on IPv4-only when using SOCKS4 as the protocol
6888 Regression from #4907 and 4a4b63d, shipped in 7.69.0
6890 Reported-by: amishmm on github
6891 Bug: https://github.com/curl/curl/issues/5053#issuecomment-596191594
6894 - [Patrick Monnerat brought this change]
6896 silly web server: silent a compilation warning
6898 Recent gcc warns when byte count of strncpy() equals the destination
6899 buffer size. Since the destination buffer is previously cleared and
6900 the source string is always shorter, reducing the byte count by one
6901 silents the warning without affecting the result.
6905 - [Patrick Monnerat brought this change]
6907 cookie: get_top_domain() sets zero length for null domains
6909 This silents a compilation warning with gcc -O3.
6911 - [Patrick Monnerat brought this change]
6913 test 1560: avoid valgrind false positives
6915 When using maximum code optimization level (-O3), valgrind wrongly
6916 detects uses of uninitialized values in strcmp().
6918 Preset buffers with all zeroes to avoid that.
6920 Steve Holme (8 Mar 2020)
6921 - sha256: Added WinCrypt implementation
6925 - sha256: Added SecureTransport implementation
6927 Daniel Stenberg (7 Mar 2020)
6928 - lib1564: reduce number of mid-wait wakeup calls
6930 This test does A LOT of *wakeup() calls and then calls curl_multi_poll()
6931 twice. The first *poll() is then expected to return early and the second
6932 not - as the first is supposed to drain the socketpair pipe.
6934 It turns out however that when given "excessive" amounts of writes to
6935 the pipe, some operating systems (the Solaris based are known) will
6936 return EAGAIN before the pipe is drained, which in our test case causes
6937 the second *poll() call to also abort early.
6939 This change attempts to avoid the OS-specific behaviors in the test by
6940 reducing the amount of wakeup calls from 1234567 to 10.
6942 Reported-by: Andy Fiddaman
6946 - [Patrick Monnerat brought this change]
6948 mime: fix the binary encoder to handle large data properly
6950 New test 666 checks this is effective.
6951 As upload buffer size is significant in this kind of tests, shorten it
6952 in similar test 652.
6956 Reported-by: RuurdBeerstra on github
6958 - [Patrick Monnerat brought this change]
6960 mime: do not perform more than one read in a row
6962 Input buffer filling may delay the data sending if data reads are slow.
6963 To overcome this problem, file and callback data reads do not accumulate
6964 in buffer anymore. All other data (memory data and mime framing) are
6965 considered as fast and still concatenated in buffer.
6966 As this may highly impact performance in terms of data overhead, an early
6967 end of part data check is added to spare a read call.
6968 When encoding a part's data, an encoder may require more bytes than made
6969 available by a single read. In this case, the above rule does not apply
6970 and reads are performed until the encoder is able to deliver some data.
6972 Tests 643, 644, 645, 650 and 654 have been adapted to the output data
6973 changes, with test data size reduced to avoid the boredom of long lists of
6974 1-byte chunks in verification data.
6975 New test 667 checks mimepost using single-byte read callback with encoder.
6976 New test 668 checks the end of part data early detection.
6979 Reported-by: MrdUkk on github
6981 - [Patrick Monnerat brought this change]
6983 mime: latch last read callback status.
6985 In case a read callback returns a status (pause, abort, eof,
6986 error) instead of a byte count, drain the bytes read so far but
6987 remember this status for further processing.
6988 Takes care of not losing data when pausing, and properly resume a
6989 paused mime structure when requested.
6990 New tests 670-673 check unpausing cases, with easy or multi
6991 interface and mime or form api.
6994 Reported-by: MrdUkk on github
6996 Marc Hoersken (7 Mar 2020)
6997 - runtests: fix missing use of exe_ext helper function
6999 Daniel Stenberg (7 Mar 2020)
7000 - [Ernst Sjöstrand brought this change]
7002 ares: store dns parameters for duphandle
7004 With c-ares the dns parameters lives in ares_channel. Store them in the
7005 curl handle and set them again in easy_duphandle.
7007 Regression introduced in #3228 (6765e6d), shipped in curl 7.63.0.
7011 Signed-off-by: Ernst Sjöstrand <ernst.sjostrand@verisure.com>
7013 - version: make curl_version* thread-safe without using global context
7017 - RELEASE-NOTES: synced
7019 Marc Hoersken (7 Mar 2020)
7020 - tests: use native Sleep function as fallback on Windows
7022 Reviewed-By: Daniel Stenberg
7025 - perl: align order and completeness of Windows OS checks
7027 Daniel Stenberg (7 Mar 2020)
7028 - tool_cb_see: set correct copyright year range
7030 Follow-up to a39e5bfb9
7032 Marc Hoersken (7 Mar 2020)
7033 - seek: fix fallback for missing ftruncate on Windows
7035 This fixes test 198 on versions of MinGW-w64 without ftruncate
7037 Reviewed-By: Daniel Stenberg
7038 Reviewed-By: Marcel Raad
7041 - config-win32: Windows does not have ftruncate
7043 Daniel Stenberg (7 Mar 2020)
7044 - pause: force a connection (re-)check after unpausing
7046 There might be data available that was already read off the socket, for
7047 example in the TLS layer.
7049 Reported-by: Anders Berg
7053 - socks5: switch state properly when the resolve is done
7055 Regression from 4a4b63d (and #4907)
7056 Reported-by: vitaha85 on github
7060 Jay Satiro (7 Mar 2020)
7061 - libssh: Fix matching user-specified MD5 hex key
7063 Prior to this change a match would never be successful because it
7064 was mistakenly coded to compare binary data from libssh to a
7065 user-specified hex string (ie CURLOPT_SSH_HOST_PUBLIC_KEY_MD5).
7067 Reported-by: fds242@users.noreply.github.com
7069 Fixes https://github.com/curl/curl/issues/4971
7070 Closes https://github.com/curl/curl/pull/4974
7072 Daniel Stenberg (6 Mar 2020)
7073 - pause: bail out on bad input
7075 A NULL easy handle or an easy handle without an associated connection
7076 cannot be paused or unpaused.
7080 Steve Holme (6 Mar 2020)
7081 - unit1612: fixed the inclusion and compilation of the HMAC unit test
7083 Follow up to 3f74e5e6 to fix:
7085 - A typo in Makefile.inc where unit1611 was used instead
7086 - Some compilation issues in unit1612.c
7090 Daniel Stenberg (6 Mar 2020)
7091 - pause: return early for calls that don't change pause state
7093 Reviewed-by: Patrick Monnerat
7097 Jay Satiro (6 Mar 2020)
7098 - curl_share_setopt.3: Note sharing cookies doesn't enable the engine
7100 Follow-up to d0a7ee3 which fixed a bug in 7.66.0 that caused
7101 CURL_LOCK_DATA_COOKIE to enable the easy handle's cookie engine.
7103 Bug: https://curl.haxx.se/mail/lib-2020-03/0019.html
7104 Reported-by: Felipe Gasper
7106 Closes https://github.com/curl/curl/pull/5048
7108 - multi: skip EINTR check on wakeup socket if it was closed
7110 - Don't check errno on wakeup socket if sread returned 0 since sread
7111 doesn't set errno in that case.
7113 This is a follow-up to cf7760a from several days ago which fixed
7114 Curl_multi_wait to stop busy looping sread on the non-blocking wakeup
7115 socket if it was closed (ie sread returns 0). Due to a logic error it
7116 was still possible to busy loop in that case if errno == EINTR.
7118 Closes https://github.com/curl/curl/pull/5047
7120 Daniel Stenberg (6 Mar 2020)
7121 - transfer: set correct copyright year range
7123 - urldata: remove the 'stream_was_rewound' connectdata struct member
7125 ... as it is never set anywhere.
7127 Follow-up to 2f44e94ef
7130 - Revert "pause: force-drain the transfer on unpause"
7132 This reverts commit fa0216b294af4c7113a9040ca65eefc7fc18ac1c (from #5000)
7134 Clearly that didn't solve the problem correctly.
7136 Reported-by: Christopher Reid
7140 - RELEASE-NOTES: synced
7142 and bumped curlver.h
7144 - MANUAL: update a dict-using command line
7146 The 'web1913' database is now invalid, use 'gcide' instead.
7148 - KNOWN_BUGS: configure --with-gssapi with Heimdal is ignored on macOS
7152 - polarssl: remove more references and mentions
7154 Assisted-by: Jay Satiro
7155 Follow-up to 6357a19ff29dac04
7158 Marc Hoersken (4 Mar 2020)
7159 - tests: wrap ignored test failures in braces
7161 - tests: align some Windows sleep defines with each other
7163 - tests: try to make sleeping portable by avoiding select
7165 select does not support just waiting on Windows:
7166 https://perldoc.perl.org/perlport.html#select
7168 Reviewed-By: Daniel Stenberg
7171 Daniel Stenberg (4 Mar 2020)
7172 - runtests.1: rephrase how to specify what tests to run
7174 Also mention the new tilde-prefixed way to ignore test results.
7176 Reviewed-By: Marc Hoersken
7179 - cirrus-ci: disable the FreeBSD 13 builds
7181 FreeBSD 13.0 is apparently close to a year away from a stable release
7182 and has proven to cause intermittent builds failures recently.
7184 Assisted-by: Dan Fandrich
7185 Assisted-by: Fedor Korotkov
7189 Version 7.69.0 (4 Mar 2020)
7191 Daniel Stenberg (4 Mar 2020)
7192 - RELEASE-NOTES: 7.69.0
7194 - THANKS: from 7.69.0
7196 Now sorted case insensitive
7198 Marc Hoersken (3 Mar 2020)
7199 - ci/tests: fix escaping of testnames and disable proxy for CI APIs
7201 Follow up to ada581f and c0d8b96
7204 Jay Satiro (3 Mar 2020)
7205 - cmake: Show HTTPS-proxy in the features output
7207 - Show HTTPS-proxy in the features output for those backends that
7208 support it: OpenSSL, GnuTLS and NSS.
7210 Prior to this change HTTPS-proxy was missing from the cmake features
7211 output even if curl was built with it. Only cmake output was affected.
7212 Both the library and tool correctly reported the feature.
7214 Bug: https://curl.haxx.se/mail/lib-2020-03/0008.html
7215 Reported-by: David Lopes
7217 Closes https://github.com/curl/curl/pull/5025
7219 Marc Hoersken (3 Mar 2020)
7220 - ci/tests: Make it possible to still run but ignore failing tests
7222 This enables the development of a solution for the failing tests by
7223 running them on CI while ignoring their result for the overall status.
7227 - README.md: add Azure DevOps Pipelines build status badge
7229 - ci/tests: Move CI test result creation above environment setup
7231 This avoids using our test servers as proxy to the AppVeyor API.
7235 - ci/tests: Send test results to AppVeyor for status overview
7239 Daniel Stenberg (3 Mar 2020)
7240 - Revert "sha256: Added SecureTransport implementation"
7242 This reverts commit 4feb38deed33fed14ff7c370a6a9153c661dbb9c (from #4956)
7244 That commit broke test 1610 on macos builds without TLS.
7248 - dist: include tests/azure.pm in the tarball
7250 Bug: https://github.com/curl/curl/commit/ada581f2cc32f48c1629b729707ac19208435b27#commitcomment-37601589
7251 Reported-by: Marcel Raad
7253 Steve Holme (3 Mar 2020)
7254 - configure.ac: Disable metalink if mbedTLS is specified
7256 Follow up to cdcc9df1 and #5006. Even though I mentioned mbedTLS as
7257 being one of the backends that metalink needs to be disabled for, I
7258 seem to have included it in the list of allowed SSL/TLS backends in
7263 - sha256: Tidy up following recent changes
7265 Reviewed-by: Daniel Stenberg
7268 - sha256: Added WinCrypt implementation
7270 - sha256: Added SecureTransport implementation
7272 - sha256: Added mbedtls implementation
7274 - sha256: Added GNU TLS gcrypt implementation
7276 - sha256: Added GNU TLS Nettle implementation
7278 Jay Satiro (2 Mar 2020)
7279 - curl_escape.3: Add a link to curl_free
7281 Ref: https://github.com/curl/curl/pull/5016#issuecomment-593628582
7283 - curl_getenv.3: Fix the memory handling description
7285 - Tell the user to call curl_free() to free the pointer returned by
7288 Prior to this change the user was directed to call free(), but that
7289 would not work in cases where the library and application use separate C
7290 runtimes and therefore have separate heap memory management.
7292 Closes https://github.com/curl/curl/pull/5016
7294 Daniel Stenberg (2 Mar 2020)
7295 - [Nick Zitzmann brought this change]
7297 md4: use init/update/final functions in Secure Transport
7299 We can use CC_MD4_Init/Update/Final without having to allocate memory
7304 Marc Hoersken (2 Mar 2020)
7305 - ci/tests: some MacOS builds randomly take longer than 20min
7307 Daniel Stenberg (2 Mar 2020)
7308 - multi_wait: stop loop when sread() returns zero
7310 It's unclear why it would ever return zero here, but this change fixes
7311 Robert's problem and it shouldn't loop forever...
7313 Reported-by: Robert Dunaj
7314 Bug: https://curl.haxx.se/mail/archive-2020-02/0011.html
7317 - http: mark POSTs with no body as "upload done" from the start
7319 As we have logic that checks if we get a >= 400 reponse code back before
7320 the upload is done, which then got confused since it wasn't "done" but
7321 yet there was no data to send!
7323 Reported-by: IvanoG on github
7327 - tests: disable 962, 963 and 964 on Windows
7329 These tests are also doing UTF-8 SMTP.
7331 Follow-up to df207d2dd93b9e73
7333 Marc Hoersken (2 Mar 2020)
7334 - ci/tests: fine-tune Azure Pipeline timeouts with a small puffer
7336 Daniel Stenberg (2 Mar 2020)
7337 - configure: bump the AC_COPYRIGHT year range
7339 - [Steve Holme brought this change]
7341 tests: disable SMTP UTF-8 tests on Windows
7346 - formdata/mime: copyright year range update
7348 Due to the merge/revert cycle
7350 - Revert "mime: latch last read callback status."
7352 This reverts commit 87869e38d7afdec3ef1bb4965711458b088e254f.
7358 - Revert "mime: do not perform more than one read in a row"
7360 This reverts commit ed0f357f7d25566110d4302f33759f4ffb5a6f83.
7362 - Revert "mime: fix the binary encoder to handle large data properly"
7364 This reverts commit b2caaa0681f329eed317ffb6ae6927f4a539f0c1.
7366 - altsvc: both h3 backends now speak h3-27
7368 ... also updated the HTTP3 build description for ngtcp2 accordingly.
7370 - [Patrick Monnerat brought this change]
7372 mime: fix the binary encoder to handle large data properly
7374 New test 666 checks this is effective.
7375 As upload buffer size is significant in this kind of tests, shorten it
7376 in similar test 652.
7379 Reported-by: RuurdBeerstra on github
7381 - [Patrick Monnerat brought this change]
7383 mime: do not perform more than one read in a row
7385 Input buffer filling may delay the data sending if data reads are slow.
7386 To overcome this problem, file and callback data reads do not accumulate
7387 in buffer anymore. All other data (memory data and mime framing) are
7388 considered as fast and still concatenated in buffer.
7389 As this may highly impact performance in terms of data overhead, an early
7390 end of part data check is added to spare a read call.
7391 When encoding a part's data, an encoder may require more bytes than made
7392 available by a single read. In this case, the above rule does not apply
7393 and reads are performed until the encoder is able to deliver some data.
7395 Tests 643, 644, 645, 650 and 654 have been adapted to the output data
7396 changes, with test data size reduced to avoid the boredom of long lists of
7397 1-byte chunks in verification data.
7398 New test 664 checks mimepost using single-byte read callback with encoder.
7399 New test 665 checks the end of part data early detection.
7402 Reported-by: MrdUkk on github
7404 - [Patrick Monnerat brought this change]
7406 mime: latch last read callback status.
7408 In case a read callback returns a status (pause, abort, eof,
7409 error) instead of a byte count, drain the bytes read so far but
7410 remember this status for further processing.
7411 Takes care of not losing data when pausing, and properly resume a
7412 paused mime structure when requested.
7413 New tests 670-673 check unpausing cases, with easy or multi
7414 interface and mime or form api.
7417 Reported-by: MrdUkk on github
7420 Steve Holme (1 Mar 2020)
7421 - unit1651: Fixed conversion compilation warning
7423 371:17: warning: conversion to 'unsigned char' from 'int' may alter its
7424 value [-Wconversion]
7428 - configure.ac: Disable metalink support if an incompatible SSL/TLS specified
7430 tool_metalink only supports cryptography from OpenSSL, GnuTLS, NSS,
7431 The Win32 Crypto library and Apple's Common Crypto library.
7433 If an TLS backend such as mbedTLS or WolfSSL is specified then the
7434 following error is given during compilation along, with a load of
7435 unresolved extern errors:
7437 Can't compile METALINK support without a crypto library.
7439 Reviewed-by: Daniel Stenberg
7442 Marc Hoersken (1 Mar 2020)
7443 - ci/tests: Update Azure DevOps pipeline job display names
7445 Make the configure step more descriptive and align others.
7447 - ci/tests: Fix typo in previous commit 597cf2
7449 - ci/tests: Make sure that the AZURE_ACCESS_TOKEN is available
7451 For security reasons the access token is not available to PR builds.
7452 Therefore we should not try to use the DevOps API with an empty token.