X-Git-Url: http://review.tizen.org/git/?a=blobdiff_plain;f=RELEASE-NOTES;h=123088f6c1ab5fbca6e51d92696d60060df5f44b;hb=f7bbc1c9b6a8e2c815d09612b53f453c90d962e0;hp=f1229788c8171ce27fe2b8cb297175e4a187388e;hpb=31368b6eac8092a307849518e912b4c475c0238a;p=platform%2Fupstream%2Fcurl.git diff --git a/RELEASE-NOTES b/RELEASE-NOTES index f122978..123088f 100644 --- a/RELEASE-NOTES +++ b/RELEASE-NOTES @@ -1,81 +1,146 @@ -Curl and libcurl 7.44.0 +Curl and libcurl 7.40.0 - Public curl releases: 148 - Command line options: 176 - curl_easy_setopt() options: 219 + Public curl releases: 143 + Command line options: 162 + curl_easy_setopt() options: 208 Public functions in libcurl: 58 - Contributors: 1291 + Contributors: 1219 This release includes the following changes: - o http2: added CURLMOPT_PUSHFUNCTION and CURLMOPT_PUSHDATA [6] - o examples: added http2-serverpush.c [7] - o http2: added curl_pushheader_byname() and curl_pushheader_bynum() - o docs: added CODE_OF_CONDUCT.md [8] - o curl: Add --ssl-no-revoke to disable certificate revocation checks [5] - o libcurl: New value CURLSSLOPT_NO_REVOKE for CURLOPT_SSL_OPTIONS [9] - o makefile: Added support for VC14 - o build: Added Visual Studio 2015 (VC14) project files - o build: Added wolfSSL configurations to VC10+ project files [18] + o http_digest: Added support for Windows SSPI based authentication + o version info: Added Kerberos V5 to the supported features + o Makefile: Added VC targets for WinIDN + o config-win32: Introduce build targets for VS2012+ + o SSL: Add PEM format support for public key pinning + o smtp: Added support for the conversion of Unix newlines during mail send [8] + o smb: Added initial support for the SMB/CIFS protocol + o Added support for HTTP over unix domain sockets, via + CURLOPT_UNIX_SOCKET_PATH and --unix-socket + o sasl: Added support for GSS-API based Kerberos V5 authentication This release includes the following bugfixes: - o FTP: fix HTTP CONNECT logic regression [1] - o openssl: Fix build with openssl < ~ 0.9.8f - o openssl: fix build with BoringSSL - o curl_easy_setopt.3: option order doesn't matter - o openssl: fix use of uninitialized buffer [2] - o RTSP: removed dead code - o Makefile.m32: add support for CURL_LDFLAG_EXTRAS - o curl: always provide negotiate/kerberos options - o cookie: Fix bug in export if any-domain cookie is present - o curl_easy_setopt.3: mention CURLOPT_PIPEWAIT - o INSTALL: Advise use of non-native SSL for Windows <= XP - o tool_help: fix --tlsv1 help text to use >= for TLSv1 - o HTTP: POSTFIELDSIZE set after added to multi handle [3] - o SSL-PROBLEMS: mention WinSSL problems in WinXP - o setup-vms.h: Symbol case fixups - o SSL: Pinned public key hash support - o libtest: call PR_Cleanup() on exit if NSPR is used - o ntlm_wb: Fix theoretical memory leak - o runtests: Allow for spaces in curl custom path - o http2: add stream != NULL checks for reliability - o schannel: Replace deprecated GetVersion with VerifyVersionInfo - o http2: verify success of strchr() in http2_send() - o configure: add --disable-rt option - o openssl: work around MSVC warning - o HTTP: ignore "Content-Encoding: compress" - o configure: check if OpenSSL linking wants -ldl - o build-openssl.bat: Show syntax if required args are missing - o test1902: attempt to make the test more reliable - o libcurl-thread.3: Consolidate thread safety info - o maketgz: Fixed some VC makefiles missing from the release tarball - o libcurl-multi.3: mention curl_multi_wait [10] - o ABI doc: use secure URL - o http: move HTTP/2 cleanup code off http_disconnect() [11] - o libcurl-thread.3: Warn memory functions must be thread safe [12] - o curl_global_init_mem.3: Warn threaded resolver needs thread safe funcs [13] - o docs: formpost needs the full size at start of upload [14] - o curl_gssapi: remove 'const' to fix compiler warnings - o SSH: three state machine fixups [15] - o libcurl.3: fix a single typo [16] - o generate.bat: Only clean prerequisite files when in ALL mode - o curl_slist_append.3: add error checking to the example - o buildconf.bat: Added support for file clean-up via -clean - o generate.bat: Use buildconf.bat for prerequisite file clean-up - o NTLM: handle auth for only a single request [17] - o curl_multi_remove_handle.3: fix formatting [19] - o checksrc.bat: Fixed error when [directory] isn't a curl source directory - o checksrc.bat: Fixed error when missing *.c and *.h files - o CURLOPT_RESOLVE.3: Note removal support was added in 7.42 [20] - o test46: update cookie expire time - o SFTP: fix range request off-by-one in size check [21] - o CMake: fix GSSAPI builds [22] - o build: refer to fixed libidn versions [4] - o http2: discard frames with no SessionHandle [23] - o curl_easy_recv.3: fix formatting - o libcurl-tutorial.3: fix formatting [24] - o curl_formget.3: correct return code [25] + o darwinssl: fix session ID keys to only reuse identical sessions [18] + o url-parsing: reject CRLFs within URLs [19] + o OS400: Adjust specific support to last release + o THANKS: Remove duplicate names + o url.c: Fixed compilation warning + o ssh: Fixed build on platforms where R_OK is not defined [1] + o tool_strdup.c: include the tool strdup.h + o build: Fixed Visual Studio project file generation of strdup.[c|h] + o curl_easy_setopt.3: add CURLOPT_PINNEDPUBLICKEY [2] + o curl.1: show zone index use in a URL + o mk-ca-bundle.vbs: switch to new certdata.txt url + o Makefile.dist: Added some missing SSPI configurations + o build: Fixed no NTLM support for email when CURL_DISABLE_HTTP is defined + o SSH: use the port number as well for known_known checks [3] + o libssh2: detect features based on version, not configure checks + o http2: Deal with HTTP/2 data inside Upgrade response header buffer [4] + o multi: removed Curl_multi_set_easy_connection + o symbol-scan.pl: do not require autotools + o cmake: add ENABLE_THREADED_RESOLVER, rename ARES + o cmake: build libhostname for test suite + o cmake: fix HAVE_GETHOSTNAME definition + o tests: fix libhostname visibility + o tests: fix memleak in server/resolve.c + o vtls.h: Fixed compiler warning when compiled without SSL + o CMake: Restore order-dependent header checks + o CMake: Restore order-dependent library checks + o tool: Removed krb4 from the supported features + o http2: Don't send Upgrade headers when we already do HTTP/2 + o examples: Don't call select() to sleep on windows [6] + o win32: Updated some legacy APIs to use the newer extended versions [5] + o easy.c: Fixed compilation warning when no verbose string support + o connect.c: Fixed compilation warning when no verbose string support + o build: in Makefile.m32 pass -F flag to windres + o build: in Makefile.m32 add -m32 flag for 32bit + o multi: when leaving for timeout, close accordingly + o CMake: Simplify if() conditions on check result variables + o build: in Makefile.m32 try to detect 64bit target + o multi: inform about closed sockets before they are closed + o multi-uv.c: close the file handle after download + o examples: Wait recommended 100ms when no file descriptors are ready + o ntlm: Split the SSPI based messaging code from the native messaging code + o cmake: fix NTLM detection when CURL_DISABLE_HTTP defined + o cmake: add Kerberos to the supported feature + o CURLOPT_POSTFIELDS.3: mention the COPYPOSTFIELDS option + o http: Disable pipelining for HTTP/2 and upgraded connections + o ntlm: Fixed static'ness of local decode function + o sasl: Reduced the need for two sets of NTLM messaging functions + o multi.c: Fixed compilation warnings when no verbose string support + o select.c: fix compilation for VxWorks [7] + o multi-single.c: switch to use curl_multi_wait + o curl_multi_wait.3: clarify numfds being used if not NULL + o http.c: Fixed compilation warnings from features being disabled + o NSS: enable the CAPATH option [9] + o docs: Fix FAILONERROR typos + o HTTP: don't abort connections with pending Negotiate authentication + o HTTP: Free (proxy)userpwd for NTLM/Negotiate after sending a request + o http_perhapsrewind: don't abort CONNECT requests + o build: updated dependencies in makefiles + o multi.c: Fixed compilation warning + o ftp.c: Fixed compilation warnings when proxy support disabled + o get_url_file_name: Fixed crash on OOM on debug build + o cookie.c: Refactored cleanup code to simplify + o OS400: enable NTLM authentication + o ntlm: Use Windows Crypt API + o http2: avoid logging neg "failure" if h2 was not requested + o schannel_recv: return the correct code [10] + o VC build: added sspi define for winssl-zlib builds + o Curl_client_write(): chop long data, convert data only once + o openldap: do not ignore Curl_client_write() return code + o ldap: check Curl_client_write() return codes + o parsedate.c: Fixed compilation warning + o url.c: Fixed compilation warning when USE_NTLM is not defined + o ntlm_wb_response: fix "statement not reached" [11] + o telnet: fix "cast increases required alignment of target type" + o smtp: Fixed dot stuffing when EOL characters at end of input buffers [12] + o ntlm: Allow NTLM2Session messages when USE_NTRESPONSES manually defined + o ntlm: Disable NTLM v2 when 64-bit integers are not supported + o ntlm: Use short integer when decoding 16-bit values + o ftp.c: Fixed compilation warning when no verbose string support + o synctime.c: fixed timeserver URLs + o mk-ca-bundle.pl: restored forced run again + o ntlm: Fixed return code for bad type-2 Target Info + o curl_schannel.c: Data may be available before connection shutdown + o curl_schannel: Improvements to memory re-allocation strategy [13] + o darwinssl: aprintf() to allocate the session key + o tool_util.c: Use GetTickCount64 if it is available + o lib: Fixed multiple code analysis warnings if SAL are available + o tool_binmode.c: Explicitly ignore the return code of setmode + o tool_urlglob.c: Silence warning C6293: Ill-defined for-loop + o opts: Warn CURLOPT_TIMEOUT overrides when set after CURLOPT_TIMEOUT_MS + o SFTP: work-around servers that return zero size on STAT [14] + o connect: singleipconnect(): properly try other address families after failure + o IPV6: address scope != scope id [15] + o parseurlandfillconn(): fix improper non-numeric scope_id stripping [16] + o secureserver.pl: make OpenSSL CApath and cert absolute path values + o secureserver.pl: update Windows detection and fix path conversion + o secureserver.pl: clean up formatting of config and fix verbose output + o tests: Added Windows support using Cygwin-based OpenSSH + o sockfilt.c: use non-Ex functions that are available before WinXP + o VMS: Updates for 0740-0D1220 + o openssl: warn for SRP set if SSLv3 is used, not for TLS version + o openssl: make it compile against openssl 1.1.0-DEV master branch + o openssl: fix SSL/TLS versions in verbose output + o curl: show size of inhibited data when using -v + o build: Removed WIN32 definition from the Visual Studio projects + o build: Removed WIN64 definition from the libcurl Visual Studio projects + o vtls: Use bool for Curl_ssl_getsessionid() return type + o sockfilt.c: Replace 100ms sleep with thread throttle + o sockfilt.c: Reduce the number of individual memory allocations + o vtls: Don't set cert info count until memory allocation is successful + o nss: Don't ignore Curl_ssl_init_certinfo() OOM failure + o nss: Don't ignore Curl_extract_certinfo() OOM failure + o vtls: Fixed compilation warning and an ignored return code + o sockfilt.c: Fixed compilation warnings + o darwinssl: Fixed compilation warning + o vtls: Use '(void) arg' for unused parameters + o sepheaders.c: Fixed resource leak on failure + o lib1900.c: Fixed cppcheck error [17] + o ldap: Fixed Unicode connection details in Win32 initialsation / bind calls + o ldap: Fixed Unicode DN, attributes and filter in Win32 search calls This release includes the following known bugs: @@ -84,41 +149,35 @@ This release includes the following known bugs: This release would not have looked like this without help, code, reports and advice from friends like these: - Anders Bakken, Cédric Connes, Dan Fandrich, Daniel Stenberg, David Woodhouse, - Eric Ridge, Feist Josselin, Gustavo Grieco, Inca R, Isaac Boukris, - Jakub Zakrzewski, John E. Malmberg, Kamil Dudka, Lior Kaplan, Marcel Raad, - Michael Kaufmann, Michał Fita, Patrick Monnerat, Paul Howarth, Ray Satiro, - Roger Leigh, Stefan Bühler, Štefan Kremeň, Steve Holme, Svyatoslav Mishyn, - Tatsuhiro Tsujikawa, Terri Oda, Tim Stack, TJ Saunders, Tomas Tomecek, - Viktor Szakáts, - (31 contributors) + Andrey Labunets, Anthon Pang, Bill Nagel, Brad Harder, Brad King, Carlo Wood, + Christian Hägele, Dan Fandrich, Daniel Stenberg, Dave Reisner, Frank Gevaerts, + Gisle Vanem, Guenter Knauf, Jan Ehrhardt, Johan Lantz, John E. Malmberg, + Jon Spencer, Julien Nabet, Kamil Dudka, Kyle J. McKay, Lucas Pardue, + Marc Hesse, Marc Hoersken, Marc Renault, Michael Osipov, Nick Zitzmann, + Nobuhiro Ban, Patrick Monnerat, Peter Wu, Ray Satiro, Sam Hurst, + Stefan Bühler, Stefan Neis, Steve Holme, Tae Hyoung Ahn, Tatsuhiro Tsujikawa, + Tomasz Kojm, Tor Arntsen, Waldek Kozba, Warren Menzer Thanks! (and sorry if I forgot to mention someone) References to bug reports and discussions on issues: - [1] = https://github.com/bagder/curl/issues/278 - [2] = https://github.com/bagder/curl/issues/318 - [3] = http://curl.haxx.se/mail/lib-2015-06/0122.html - [4] = http://curl.haxx.se/bug/?i=371 - [5] = https://github.com/bagder/curl/issues/264 - [6] = http://curl.haxx.se/libcurl/c/CURLMOPT_PUSHFUNCTION.html - [7] = http://curl.haxx.se/libcurl/c/http2-serverpush.html - [8] = https://github.com/bagder/curl/blob/master/docs/CODE_OF_CONDUCT.md - [9] = http://curl.haxx.se/libcurl/c/CURLOPT_SSL_OPTIONS.html - [10] = https://github.com/bagder/curl/issues/356 - [11] = https://bugzilla.redhat.com/1248389 - [12] = http://curl.haxx.se/mail/lib-2015-07/0149.html - [13] = http://curl.haxx.se/mail/lib-2015-07/0149.html - [14] = http://curl.haxx.se/bug/?i=360 - [15] = http://curl.haxx.se/bug/?i=357 - [16] = https://github.com/bagder/curl/issues/361 - [17] = https://github.com/bagder/curl/issues/363 - [18] = https://github.com/bagder/curl/pull/174 - [19] = https://github.com/bagder/curl/issues/366 - [20] = http://curl.haxx.se/mail/lib-2015-08/0019.html - [21] = http://curl.haxx.se/bug/?i=359 - [22] = http://curl.haxx.se/bug/?i=370 - [23] = http://curl.haxx.se/bug/?i=372 - [24] = http://curl.haxx.se/bug/?i=374 - [25] = http://curl.haxx.se/bug/?i=375 + [1] = http://curl.haxx.se/mail/lib-2014-11/0035.html + [2] = http://curl.haxx.se/mail/lib-2014-11/0078.html + [3] = http://curl.haxx.se/bug/view.cgi?id=1448 + [4] = https://github.com/tatsuhiro-t/nghttp2/issues/103 + [5] = http://sourceforge.net/p/curl/feature-requests/82/ + [6] = http://curl.haxx.se/mail/lib-2014-11/0221.html + [7] = http://curl.haxx.se/bug/view.cgi?id=1455 + [8] = http://curl.haxx.se/bug/view.cgi?id=1456 + [9] = http://curl.haxx.se/bug/view.cgi?id=1457 + [10] = http://curl.haxx.se/bug/view.cgi?id=1462 + [11] = http://curl.haxx.se/mail/lib-2014-12/0089.html + [12] = http://curl.haxx.se/bug/view.cgi?id=1456 + [13] = http://curl.haxx.se/bug/view.cgi?id=1450 + [14] = http://curl.haxx.se/mail/lib-2014-12/0103.html + [15] = http://curl.haxx.se/bug/view.cgi?id=1451 + [16] = http://curl.haxx.se/bug/view.cgi?id=1449 + [17] = https://github.com/bagder/curl/pull/133 + [18] = http://curl.haxx.se/docs/adv_20150108A.html + [19] = http://curl.haxx.se/docs/adv_20150108B.html