-Curl and libcurl 7.36.0
+Curl and libcurl 7.50.2
- Public curl releases: 138
- Command line options: 161
- curl_easy_setopt() options: 206
- Public functions in libcurl: 58
- Known libcurl bindings: 42
- Contributors: 1123
-
-This release includes the following changes:
-
- o ntlm: Added support for NTLMv2 [2]
- o tool: Added support for URL specific options [3]
- o openssl: add ALPN support
- o gtls: add ALPN support
- o nss: add ALPN and NPN support
- o added CURLOPT_EXPECT_100_TIMEOUT_MS [7]
- o tool: add --no-alpn and --no-npn
- o added CURLOPT_SSL_ENABLE_NPN and CURLOPT_SSL_ENABLE_ALPN
- o winssl: enable TLSv1.1 and TLSv1.2 by default
- o winssl: TLSv1.2 disables certificate signatures using MD5 hash
- o winssl: enable hostname verification of IP address using SAN or CN [11]
- o darwinssl: Don't omit CN verification when an IP address is used [12]
- o http2: build with current nghttp2 version
- o polarssl: dropped support for PolarSSL < 1.3.0
- o openssl: info message with SSL version used
+ Public curl releases: 158
+ Command line options: 185
+ curl_easy_setopt() options: 224
+ Public functions in libcurl: 61
+ Contributors: 1441
This release includes the following bugfixes:
- o nss: allow to use ECC ciphers if NSS implements them [1]
- o netrc: Fixed a memory leak in an OOM condition
- o ftp: fixed a memory leak on wildcard error path
- o pipeline: Fixed a NULL pointer dereference on OOM
- o nss: prefer highest available TLS version
- o 100-continue: fix timeout condition [4]
- o ssh: Fixed a NULL pointer dereference on OOM condition
- o formpost: use semicolon in multipart/mixed [5]
- o --help: add missing --tlsv1.x options
- o formdata: Fixed memory leak on OOM condition
- o ConnectionExists: reusing possible HTTP+NTLM connections better [6]
- o mingw32: fix compilation
- o chunked decoder: track overflows correctly [8]
- o curl_easy_setopt.3: add CURL_HTTP_VERSION_2_0
- o dict: fix memory leak in OOM exit path
- o valgrind: added suppression on optimized code
- o curl: output protocol headers using binary mode
- o tool: Added URL index to password prompt for multiple operations
- o ConnectionExists: re-use non-NTLM connections better [9]
- o axtls: call ssl_read repeatedly
- o multi: make MAXCONNECTS default 4 x number of easy handles function
- o configure: Fix the --disable-crypto-auth option
- o multi: ignore SIGPIPE internally
- o curl.1: update the description of --tlsv1
- o SFTP: skip reading the dir when NOBODY=1 [10]
- o easy: Fixed a memory leak on OOM condition
- o tool: Fixed incorrect return code when setting HTTP request fails
- o configure: Tiny fix to honor POSIX
- o tool: Do not output libcurl source for the information only parameters
- o Rework Open Watcom make files to use standard Wmake features
- o x509asn: moved out Curl_verifyhost from NSS builds
- o configure: call it GSS-API
- o hostcheck: Curl_cert_hostcheck is not used by NSS builds
- o multi_runsingle: move timestamp into INIT [13]
- o remote_port: allow connect to port 0
- o parse_remote_port: error out on illegal port numbers better
- o ssh: Pass errors from libssh2_sftp_read up the stack
- o docs: remove documentation on setting up krb4 support
- o polarssl: build fixes to work with PolarSSL 1.3.x
- o polarssl: fix possible handshake timeout issue in multi
- o nss: allow to enable/disable cipher-suites better
- o ssh: prevent a logic error that could result in an infinite loop
- o http2: free resources on disconnect
+ o mbedtls: Added support for NTLM
+ o SSH: fixed SFTP/SCP transfer problems [1]
+ o multi: make Curl_expire() work with 0 ms timeouts
+ o mk-ca-bundle.pl: -m keeps ca cert meta data in output [2]
+ o TFTP: Fix upload problem with piped input [3]
+ o CURLOPT_TCP_NODELAY: now enabled by default [4]
+ o mbedtls: set verbose TLS debug when MBEDTLS_DEBUG is defined [5]
+ o http2: always wait for readable socket
+ o cmake: Enable win32 large file support by default
+ o cmake: Enable win32 threaded resolver by default
+ o winbuild: Avoid setting redundant CFLAGS to compile commands [6]
+ o curl.h: make CURL_NO_OLDIES define CURL_STRICTER
+ o docs: make more markdown files use .md extension
+ o docs: CONTRIBUTE and LICENSE-MIXING were converted to markdown
+ o winbuild: Allow changing C compiler via environment variable CC [7]
+ o rtsp: accept any RTSP session id [8]
+ o HTTP: retry failed HEAD requests on reused connections too
+ o configure: add zlib search with pkg-config [9]
+ o openssl: accept subjectAltName iPAddress if no dNSName match [10]
+ o MANUAL: Remove invalid link to LDAP documentation [11]
+ o socks: improved connection procedure [12]
+ o proxy: reject attempts to use unsupported proxy schemes
+ o proxy: bring back use of "Proxy-Connection:" [13]
+ o curl: allow "pkcs11:" prefix for client certificates [14]
+ o spnego_sspi: fix memory leak in case *outlen is zero [15]
+ o SOCKS: improve verbose output of SOCKS5 connection sequence
+ o SOCKS: display the hostname returned by the SOCKS5 proxy server
+ o http/sasl: Query authentication mechanism supported by SSPI before using
+ o sasl: Don't use GSSAPI authentication when domain name not specified [16]
+ o win: Basic support for Universal Windows Platform apps [17]
+ o nss: fix incorrect use of a previously loaded certificate from file
+ o nss: work around race condition in PK11_FindSlotByName() [18]
+ o ftp: fix wrong poll on the secondary socket [19]
+ o openssl: build warning-free with 1.1.0 (again)
+ o HTTP: stop parsing headers when switching to unknown protocols [20]
+ o test219: Add http as a required feature
+ o TLS: random file/egd doesn't have to match for conn reuse
+ o schannel: Disable ALPN for Wine since it is causing problems [21]
+ o http2: make sure stream errors don't needlessly close the connection [22]
+ o http2: return CURLE_HTTP2_STREAM for unexpected stream close [23]
+ o darwinssl: --cainfo is intended for backward compatibility only
+ o speed caps: not based on average speeds anymore [24]
+ o configure: make the cpp -P detection not clobber CPPFLAGS [25]
+ o http2: use named define instead of magic constant in read callback
+ o http2: skip the content-length parsing, detect unknown size
+ o http2: return EOF when done uploading without known size [26]
+ o darwinssl: test for errSecSuccess in PKCS12 import rather than noErr [27]
+ o openssl: fix CURLINFO_SSL_VERIFYRESULT [28]
This release includes the following known bugs:
- o see docs/KNOWN_BUGS (http://curl.haxx.se/docs/knownbugs.html)
+ o see docs/KNOWN_BUGS (https://curl.haxx.se/docs/knownbugs.html)
This release would not have looked like this without help, code, reports and
advice from friends like these:
- Adam Sampson, Arvid Norberg, Brad Spencer, Colin Hogben, Dan Fandrich,
- Daniel Stenberg, David Ryskalczyk, Fabian Frank, Gaël PORTAY, Gisle Vanem,
- Hubert Kario, Jeff King, Jiri Malak, Kamil Dudka, Maks Naumov, Marc Hoersken,
- Michael Osipov, Nick Zitzmann, Patrick Monnerat, Prash Dush, Remi Gacogne,
- Rob Davies, Romulo A. Ceccon, Shao Shuchao, Steve Holme, Tatsuhiro Tsujikawa,
- Thomas Braun, Tiit Pikma, Yehezkel Horowitz,
+ Ales Novak, Bill Nagel, Christian Fillion, Craig Davison, Dambaev Alexander,
+ Dan Donahue, Dan Fandrich, Daniel Gustafsson, Daniel Stenberg,
+ David Kalnischkies, David Woodhouse, Erik Janssen, Gaurav Malhotra,
+ János Fekete, Kamil Dudka, Marcel Raad, Marc Hörsken, Marco Deckel,
+ Mark Hamilton, Mark Nottingham, Michael Kaufmann, Miroslav Franc,
+ Nick Zitzmann, Olivier Brunel, Peter Wang, Ray Satiro, Ronnie Mose,
+ Sergei Nikulov, Serj Kalichev, Simon Warta, Steve Holme, Tatsuhiro Tsujikawa,
+ Thomas Glanzmann, Tim Rühsen, wmsch on github,
+ (35 contributors)
Thanks! (and sorry if I forgot to mention someone)
References to bug reports and discussions on issues:
- [1] = https://bugzilla.redhat.com/1058776
- [2] = http://curl.haxx.se/mail/lib-2014-01/0183.html
- [3] = http://curl.haxx.se/mail/archive-2013-11/0006.html
- [4] = http://curl.haxx.se/bug/view.cgi?id=1334
- [5] = http://curl.haxx.se/bug/view.cgi?id=1333
- [6] = http://curl.haxx.se/mail/lib-2014-02/0100.html
- [7] = http://curl.haxx.se/libcurl/c/curl_easy_setopt.html#CURLOPTEXPECT100TIMEOUTMS
- [8] = http://curl.haxx.se/mail/lib-2014-02/0097.html
- [9] = http://thread.gmane.org/gmane.comp.version-control.git/242213
- [10] = http://curl.haxx.se/mail/lib-2014-02/0155.html
- [11] = http://curl.haxx.se/mail/lib-2014-02/0243.html
- [12] = https://github.com/bagder/curl/pull/93
- [13] = http://curl.haxx.se/mail/lib-2014-02/0036.html
+ [1] = https://curl.haxx.se/mail/lib-2016-07/0057.html
+ [2] = https://curl.haxx.se/bug/?i=937
+ [3] = https://curl.haxx.se/bug/?i=857
+ [4] = https://curl.haxx.se/mail/lib-2016-06/0143.html
+ [5] = https://curl.haxx.se/mail/lib-2016-08/0017.html
+ [6] = https://curl.haxx.se/bug/?i=949
+ [7] = https://curl.haxx.se/bug/?i=952
+ [8] = https://curl.haxx.se/mail/lib-2016-08/0076.html
+ [9] = https://curl.haxx.se/bug/?i=956
+ [10] = https://curl.haxx.se/bug/?i=959
+ [11] = https://curl.haxx.se/bug/?i=962
+ [12] = https://curl.haxx.se/bug/?i=944
+ [13] = https://curl.haxx.se/bug/?i=954
+ [14] = https://curl.haxx.se/mail/lib-2016-08/0122.html
+ [15] = https://curl.haxx.se/bug/?i=970
+ [16] = https://curl.haxx.se/bug/?i=718
+ [17] = https://curl.haxx.se/bug/?i=820
+ [18] = https://bugzilla.mozilla.org/1297397
+ [19] = https://curl.haxx.se/bug/?i=978
+ [20] = https://curl.haxx.se/bug/?i=899
+ [21] = https://curl.haxx.se/bug/?i=983
+ [22] = https://curl.haxx.se/bug/?i=941
+ [23] = https://curl.haxx.se/bug/?i=986
+ [24] = https://curl.haxx.se/bug/?i=971
+ [25] = https://curl.haxx.se/bug/?i=958
+ [26] = https://curl.haxx.se/bug/?i=982
+ [27] = https://curl.haxx.se/bug/?i=993
+ [28] = https://curl.haxx.se/bug/?i=995
projects / platform / upstream / curl.git / blobdiff