-Curl and libcurl 7.34.0
+Curl and libcurl 7.48.0
- Public curl releases: 136
- Command line options: 161
- curl_easy_setopt() options: 206
- Public functions in libcurl: 58
- Known libcurl bindings: 42
- Contributors: 1080
+ Public curl releases: 153
+ Command line options: 179
+ curl_easy_setopt() options: 221
+ Public functions in libcurl: 61
+ Contributors: 1364
This release includes the following changes:
- o SSL: protocol version can be specified more precisely [1]
- o imap/pop3/smtp: Added graceful cancellation of SASL authentication
- o Add "Happy Eyeballs" for IPv4/IPv6 dual connect attempts
- o base64: Added validation of base64 input strings when decoding [8]
- o curl_easy_setopt: Added the ability to set the login options separately
- o smtp: Added support for additional SMTP commands
- o curl_easy_getinfo: Added CURLINFO_TLS_SESSION for accessing TLS internals
- o nss: allow to use TLS > 1.0 if built against recent NSS [18]
- o SECURITY: added this document to describe our security processes [22]
- o parseconfig: warn if unquoted white spaces are detected
+ o configure: --with-ca-fallback: use built-in TLS CA fallback [2]
+ o TFTP: add --tftp-no-options to expose CURLOPT_TFTP_NO_OPTIONS [22]
+ o getinfo: CURLINFO_TLS_SSL_PTR supersedes CURLINFO_TLS_SESSION [25]
+ o added CODE_STYLE.md [47]
This release includes the following bugfixes:
- o darwinssl: un-break iOS build after PKCS#12 feature added
- o tool: use XFERFUNCTION to save some casts [2]
- o usercertinmem: fix memory leaks
- o ssh: Handle successful SSH_USERAUTH_NONE [3]
- o NSS: acknowledge the --no-sessionid/CURLOPT_SSL_SESSIONID_CACHE option [4]
- o test906: Fixed failing test on some platforms [5]
- o sasl: initialize NSS before using NTLM crypto
- o sasl: Fixed memory leak in OAUTH2 message creation
- o imap/pop3/smtp: Fixed QUIT / LOGOUT being sent when SSL connect fails
- o cmake: unbreak for non-Windows platforms [6]
- o ssh: initialize per-handle data in ssh_connect()
- o glob: fix broken URLs
- o configure: check for long long when building with cyassl
- o CURLOPT_RESOLVE: mention they don't time-out [7]
- o docs/examples/httpput.c: fix build for MSVC
- o FTP: make the data connection work when going through proxy
- o NSS: support for CERTINFO feature
- o curl_multi_wait: accept 0 from multi_timeout() as valid timeout
- o glob_range: pass the closing bracket for a-z ranges
- o tool_help: Updated --list-only description to include POP3
- o Curl_ssl_push_certinfo_len: don't %.*s non-zero-terminated string [9]
- o cmake: fix Windows build with IPv6 support [10]
- o ares: Fixed compilation under Visual Studio 2012 [11]
- o curl_easy_setopt.3: clarify CURLOPT_SSL_VERIFYHOST documentation [12]
- o curl.1: mention that -O does no URL decoding [13]
- o darwinssl: PKCS#12 import feature now requires Lion or later [14]
- o darwinssl: check for SSLSetSessionOption() presence when toggling BEAST
- o configure: Fix test with -Werror=implicit-function-declaration [15]
- o sigpipe: factor out sigpipe_reset from easy.c
- o curl_multi_cleanup: ignore SIGPIPE
- o globbing: curl glob counter mismatch with {} list use [16]
- o parseconfig: dash options can't specified with colon or equals [17]
- o digest: fix CURLAUTH_DIGEST_IE [19]
- o curl.h: <sys/select.h> for OpenBSD [20]
- o darwinssl: Fix #if 10.6.0 for SecKeychainSearch
- o TFTP: fix return codes for connect timeout [21]
- o login options: remove the ;[options] support from CURLOPT_USERPWD [23]
- o imap: Fixed incorrect fallback to clear text authentication
- o parsedate: avoid integer overflow
+ o Proxy-Connection: stop sending this header by default [1]
+ o os400: sync ILE/RPG definitions with latest public header files
+ o cookies: allow spaces in cookie names, cut of trailing spaces [3]
+ o tool_urlglob: Allow reserved dos device names (Windows) [4]
+ o openssl: remove most BoringSSL #ifdefs [5]
+ o tool_doswin: Support for literal path prefix \\?\
+ o mbedtls: fix ALPN usage segfault [6]
+ o mbedtls: fix memory leak when destroying SSL connection data [7]
+ o nss: do not count enabled cipher-suites
+ o examples/cookie_interface.c: add cleanup call
+ o examples: adhere to curl code style
+ o curlx_tvdiff: handle 32bit time_t overflows [8]
+ o dist: ship buildconf.bat too
+ o curl.1: --disable-{eprt,epsv} are ignored for IPv6 hosts [9]
+ o generate.bat: Fix comment bug by removing old comments [10]
+ o test1604: Add to Makefile.inc so it gets run
+ o gtls: fix for builds lacking encrypted key file support [11]
+ o SCP: use libssh2_scp_recv2 to support > 2GB files on windows [12]
+ o CURLOPT_CONNECTTIMEOUT_MS.3: Fix example to use milliseconds option [13]
+ o cookie: do not refuse cookies to localhost [14]
+ o openssl: avoid direct PKEY access with OpenSSL 1.1.0 [15]
+ o http: Don't break the header into chunks if HTTP/2 [16]
+ o http2: don't decompress gzip decoding automatically [17]
+ o curlx.c: i2s_ASN1_IA5STRING() clashes with an openssl function
+ o curl.1: add a missing dash
+ o curl.1: HTTP headers for --cookie must be Set-Cookie style [18]
+ o CURLOPT_COOKIEFILE.3: HTTP headers must be Set-Cookie style [18]
+ o curl_sasl: Fix memory leak in digest parser [19]
+ o src/Makefile.m32: add CURL_{LD,C}FLAGS_EXTRAS support [20]
+ o CURLOPT_DEBUGFUNCTION.3: Fix example
+ o runtests: Fixed usage of %PWD on MinGW64 [21]
+ o tests/sshserver.pl: use RSA instead of DSA for host auth [23]
+ o multi_remove_handle: keep the timeout list until after disconnect [24]
+ o Curl_read: check for activated HTTP/1 pipelining, not only requested
+ o configure: warn on invalid ca bundle or path [26]
+ o file: try reading from files with no size [27]
+ o getinfo: Add support for mbedTLS TLS session info
+ o formpost: fix memory leaks in AddFormData error branches [28]
+ o makefile.m32: allow to pass .dll/.exe-specific LDFLAGS [29]
+ o url: if Curl_done is premature then pipeline not in use [30]
+ o cookie: remove redundant check [31]
+ o cookie: Don't expire session cookies in remove_expired [32]
+ o makefile.m32: fix to allow -ssh2-winssl combination [33]
+ o checksrc.bat: Fixed cannot find perl if installed but not in path
+ o build-openssl.bat: Fixed cannot find perl if installed but not in path
+ o mbedtls: fix user-specified SSL protocol version
+ o makefile.m32: add missing libs for static -winssl-ssh2 builds [34]
+ o test46: change cookie expiry date [35]
+ o pipeline: Sanity check pipeline pointer before accessing it [36]
+ o openssl: use the correct OpenSSL/BoringSSL/LibreSSL in messages
+ o ftp_done: clear tunnel_state when secondary socket closes [37]
+ o opt-docs: fix heading macros [38]
+ o imap/pop3/smtp: Fixed connections upgraded with TLS are not reused [39]
+ o curl_multi_wait: never return -1 in 'numfds' [40]
+ o url.c: fix clang warning: no newline at end of file
+ o krb5: improved type handling to avoid clang compiler warnings
+ o cookies: first n/v pair in Set-Cookie: is the cookie, then parameters [41]
+ o multi: avoid blocking during CURLM_STATE_WAITPROXYCONNECT [42]
+ o multi hash: ensure modulo performed on curl_socket_t [43]
+ o curl: glob_range: no need to check unsigned variable for negative
+ o easy: add check to malloc() when running event-based
+ o CURLOPT_SSLENGINE.3: Only for OpenSSL built with engine support [44]
+ o version: thread safety
+ o openssl: verbose: show matching SAN pattern
+ o openssl: adapt to OpenSSL 1.1.0 API breakage in ERR_remove_thread_state()
+ o formdata.c: Fixed compilation warning
+ o configure: use cpp -P when needed [45]
+ o imap.c: Fixed compilation warning with /Wall enabled
+ o config-w32.h: Fixed compilation warning when /Wall enabled
+ o ftp/imap/pop3/smtp: Fixed compilation warning when /Wall enabled
+ o build: Added missing Visual Studio filter files for VC10 onwards
+ o easy: Remove poll failure check in easy_transfer
+ o mbedtls: fix compiler warning
+ o build-wolfssl: Update VS properties for wolfSSL v3.9.0
+ o Fixed various compilation warnings when verbose strings disabled
This release includes the following known bugs:
- o see docs/KNOWN_BUGS (http://curl.haxx.se/docs/knownbugs.html)
+ o see docs/KNOWN_BUGS (https://curl.haxx.se/docs/knownbugs.html)
This release would not have looked like this without help, code, reports and
advice from friends like these:
- Alessandro Ghedini, Andreas Rieke, Björn Stenberg, Chris Conlon,
- Christian Grothoff, Christian Weisgerber, Dave Reisner, David Walser,
- Dima Tisnek, Fabian Keil, Felix Yan, Gergely Nagy, Gisle Vanem,
- Ishan SinghLevett, James Dury, Javier Barroso, Jeff King, Kamil Dudka,
- Kim Vandry, Marcin Gryszkalis, Melissa Mears, Michael Osipov, Nick Zitzmann,
- Oliver Kuckertz, Patrick Monnerat, Paul Donohue, Paul Marks, Romulo A. Ceccon,
- Romulo Ceccon, Rémy Léone, Sergey Tatarincev, Steve Holme, Tomas Hoger,
- Tyler Hall, Yaakov Selkowitz, Eric Lubin, Petr Bahula
+ Anders Bakken, Brad Fitzpatrick, Clint Clayton, Dan Fandrich,
+ Daniel Stenberg, David Benjamin, David Byron, Emil Lerner, Eric S. Raymond,
+ Gisle Vanem, Jaime Fullaondo, Jeffrey Walton, Jesse Tan, Justin Ehlert,
+ Kamil Dudka, Kazuho Oku, Ludwig Nussel, Maksim Kuzevanov, Michael König,
+ Oliver Graute, Patrick Monnerat, Rafael Antonio, Ray Satiro, Seth Mos,
+ Shine Fan, Steve Holme, Tatsuhiro Tsujikawa, Timotej Lazar, Tim Rühsen,
+ Viktor Szakáts,
+ (30 contributors)
Thanks! (and sorry if I forgot to mention someone)
References to bug reports and discussions on issues:
- [1] = https://github.com/bagder/curl/pull/79
- [2] = http://curl.haxx.se/mail/lib-2013-10/0089.html
- [3] = http://curl.haxx.se/mail/lib-2013-10/0096.html
- [4] = http://curl.haxx.se/mail/lib-2013-10/0113.html
- [5] = http://sourceforge.net/p/curl/bugs/1291
- [6] = http://sourceforge.net/p/curl/bugs/1292
- [7] = http://curl.haxx.se/mail/lib-2013-10/0062.html
- [8] = http://curl.haxx.se/mail/lib-2013-10/0242.html
- [9] = http://curl.haxx.se/bug/view.cgi?id=1295
- [10] = http://sourceforge.net/p/curl/bugs/1064
- [11] = http://curl.haxx.se/mail/lib-2013-11/0057.html
- [12] = https://github.com/bagder/curl/pull/83
- [13] = http://sourceforge.net/p/curl/bugs/1299
- [14] = http://curl.haxx.se/mail/lib-2013-11/0076.html
- [15] = http://curl.haxx.se/bug/view.cgi?id=1304
- [16] = http://curl.haxx.se/bug/view.cgi?id=1305
- [17] = http://curl.haxx.se/bug/view.cgi?id=1297
- [18] = http://curl.haxx.se/mail/lib-2013-11/0162.html
- [19] = http://curl.haxx.se/bug/view.cgi?id=1308
- [20] = http://curl.haxx.se/mail/lib-2013-12/0017.html
- [21] = http://curl.haxx.se/bug/view.cgi?id=1310
- [22] = http://curl.haxx.se/dev/security.html
- [23] = http://curl.haxx.se/bug/view.cgi?id=1311
+ [1] = https://curl.haxx.se/bug/?i=633
+ [2] = https://curl.haxx.se/bug/?i=569
+ [3] = https://curl.haxx.se/bug/?i=639
+ [4] = https://github.com/curl/curl/commit/4520534#commitcomment-15954863
+ [5] = https://curl.haxx.se/bug/?i=640
+ [6] = https://curl.haxx.se/bug/?i=642
+ [7] = https://curl.haxx.se/bug/?i=626
+ [8] = https://curl.haxx.se/bug/?i=646
+ [9] = https://bugzilla.redhat.com/1305970
+ [10] = https://curl.haxx.se/bug/?i=649
+ [11] = https://curl.haxx.se/bug/?i=651
+ [12] = https://curl.haxx.se/bug/?i=451
+ [13] = https://curl.haxx.se/bug/?i=653
+ [14] = https://curl.haxx.se/bug/?i=658
+ [15] = https://curl.haxx.se/bug/?i=650
+ [16] = https://curl.haxx.se/bug/?i=659
+ [17] = https://curl.haxx.se/bug/?i=661
+ [18] = https://curl.haxx.se/bug/?i=666
+ [19] = https://curl.haxx.se/bug/?i=667
+ [20] = https://curl.haxx.se/bug/?i=670
+ [21] = https://curl.haxx.se/bug/?i=672
+ [22] = https://curl.haxx.se/bug/?i=481
+ [23] = https://curl.haxx.se/bug/?i=676
+ [24] = https://curl.haxx.se/mail/lib-2016-02/0097.html
+ [25] = https://curl.haxx.se/libcurl/c/CURLINFO_TLS_SSL_PTR.html
+ [26] = https://curl.haxx.se/bug/?i=404
+ [27] = https://curl.haxx.se/bug/?i=681
+ [28] = https://curl.haxx.se/bug/?i=688
+ [29] = https://curl.haxx.se/bug/?i=689
+ [30] = https://curl.haxx.se/bug/?i=690
+ [31] = https://curl.haxx.se/bug/?i=695
+ [32] = https://curl.haxx.se/bug/?i=697
+ [33] = https://curl.haxx.se/bug/?i=692
+ [34] = https://curl.haxx.se/bug/?i=693
+ [35] = https://curl.haxx.se/bug/?i=697
+ [36] = https://curl.haxx.se/bug/?i=704
+ [37] = https://curl.haxx.se/bug/?i=701
+ [38] = https://curl.haxx.se/bug/?i=705
+ [39] = https://curl.haxx.se/bug/?i=422
+ [40] = https://curl.haxx.se/bug/?i=707
+ [41] = https://curl.haxx.se/bug/?i=709
+ [42] = https://curl.haxx.se/bug/?i=703
+ [43] = https://curl.haxx.se/bug/?i=712
+ [44] = https://curl.haxx.se/mail/lib-2016-03/0150.html
+ [45] = https://curl.haxx.se/bug/?i=719
+ [47] = https://curl.haxx.se/dev/code-style.html
projects / platform / upstream / curl.git / blobdiff