| curl and libcurl 8.2.0 |
| |
| Public curl releases: 220 |
| Command line options: 255 |
| curl_easy_setopt() options: 303 |
| Public functions in libcurl: 91 |
| Contributors: 2922 |
| |
| This release includes the following changes: |
| |
| o curl: add --ca-native and --proxy-ca-native [24] |
| o curl: add --trace-ids [53] |
| o CURLOPT_MAIL_RCPT_ALLOWFAILS: replace CURLOPT_MAIL_RCPT_ALLLOWFAILS [5] |
| o haproxy: add --haproxy-clientip flag to set client IPs [23] |
| o lib: add CURLINFO_CONN_ID and CURLINFO_XFER_ID [54] |
| |
| This release includes the following bugfixes: |
| |
| o bufq: make write/pass methods more robust [21] |
| o build: drop unused/redundant `HAVE_WINLDAP_H` [25] |
| o cf-socket: don't bypass fclosesocket callback if cancelled before connect [114] |
| o cf-socket: move ctx declaration under HAVE_GETPEERNAME [91] |
| o cf-socket: skip getpeername()/getsockname for TFTP [65] |
| o checksrc: modernise perl file open [87] |
| o checksrc: quote the file name to work with "funny" letters [93] |
| o CI: brew fix for openssl in default path [116] |
| o CI: don't install impacket if tests are not run |
| o CI: enable parallel make in more builds |
| o circleci: install impacket & wolfssl 5.6.0 [1] |
| o cmake: add support for "unity" builds [13] |
| o cmake: make use of snprintf [102] |
| o cmake: stop CMake from quietly ignoring missing Brotli [81] |
| o configure: add check for ldap_init_fd [80] |
| o configure: fix run-compiler for old /bin/sh [4] |
| o configure: the --without forms of the options are also gone [79] |
| o connect-timeout.d: mention that the DNS lookup is included [85] |
| o curl.h: include <sys/select.h> for vxworks [78] |
| o curl: count uploaded data to stop at the originally given size [14] |
| o curl: return error when asked to use an unsupported HTTP version [113] |
| o curl_easy_nextheader.3: add missing open parenthesis examples [74] |
| o curl_log: evaluate log statement only when transfer is verbose [8] |
| o curl_mprintf.3: minor fix of the example |
| o curl_pushheader_byname/bynum.3: document in their own man pages [37] |
| o curl_url_set: enforce the max string length check for all parts [38] |
| o CURLOPT_AWS_SIGV4.3: remove unused variable from example [11] |
| o CURLOPT_INFILESIZE.3: mention -1 triggers chunked [55] |
| o CURLOPT_MIMEPOST.3: clarify what setting to NULL means [95] |
| o CURLOPT_SSH_PRIVATE_KEYFILE.3: expand on the file search [31] |
| o docs/libcurl/libcurl.3: cleanups and improvements [46] |
| o docs: add more .IP after .RE to fix indentation of generate paragraphs [82] |
| o docs: fix missing parameter names in examples [41] |
| o docs: update CURLOPT_UPLOAD.3 [63] |
| o docs: update HTTP3.md for newer ngtcp2 and nghttp3 [28] |
| o docs: use a space after RFC when spelling out RFC numbers [105] |
| o example/connect-to: show CURLOPT_CONNECT_TO [47] |
| o example/crawler: also set CURLOPT_AUTOREFERER [35] |
| o example/crawler: make it use a few more options |
| o example/default-scheme: set the default scheme for schemeless URLs [67] |
| o example/hsts-preload: show one way to HSTS preload [68] |
| o example/http2-download: set CURLOPT_BUFFERSIZE [34] |
| o example/ipv6: feature CURLOPT_ADDRESS_SCOPE in use [27] |
| o example/maxconnects: set maxconnect example [98] |
| o example/opensslthreadlock: remove [59] |
| o examples/ftpuploadresume.c: add use of CURLOPT_ACCEPTTIMEOUT_MS [39] |
| o examples/http-options: show how to send "OPTIONS *" [69] |
| o examples/https.c: use CURLOPT_CA_CACHE_TIMEOUT [19] |
| o examples/multi-debugcallback.c: avoid the bool typedef [29] |
| o examples/smtp-mime: use CURLOPT_MAIL_RCPT_ALLOWFAILS [71] |
| o examples/unixsocket.c: example using CURLOPT_UNIX_SOCKET_PATH [40] |
| o examples/websocket.c: websocket example using CONNECT_ONLY [17] |
| o examples: make use of CURLOPT_(REDIR_|)PROTOCOLS_STR [70] |
| o fopen: fix conversion warning on 32-bit Android [49] |
| o fopen: optimize [101] |
| o hostip.c: Move macOS-specific calls into global init call [104] |
| o HTTP/2: upload handling fixes [56] |
| o http2: better support for --limit-rate [7] |
| o http2: error stream resets with code CURLE_HTTP2_STREAM [84] |
| o http2: fix crash in handling stream weights [76] |
| o http2: fix variable type [50] |
| o http2: h2 and h2-PROXY connection alive check fixes [83] |
| o http2: raise header limitations above and beyond [73] |
| o http2: send HEADER & DATA together if possible [99] |
| o http2: treat initial SETTINGS as a WINDOW_UPDATE [100] |
| o HTTP3.md: update openssl version [57] |
| o http3/ngtcp2: upload EAGAIN handling [108] |
| o http: rectify the outgoing Cookie: header field size check [72] |
| o hyper: fix EOF handling on input [66] |
| o hyper: unslow [51] |
| o imap-append.c: update to make it more likely to work [106] |
| o imap: Provide method to disable SASL if it is advertised [75] |
| o krb5: add typecast to please Coverity |
| o libcurl-url.3: also mention CURLUPART_ZONEID |
| o libcurl-ws.3. WebSocket API overview [48] |
| o libssh2: provide error message when setting host key type fails [9] |
| o libssh2: use custom memory functions [12] |
| o ngtcp2: assigning timeout, but value is overwritten before used [103] |
| o ngtcp2: build with 0.17.0 and nghttp3 0.13.0 [96] |
| o ngtcp2: use ever increasing timestamp in io [32] |
| o quiche: avoid NULL deref in debug logging [97] |
| o quiche: fix defects found in latest coverity report [94] |
| o quote.d: fix indentation of generated paragraphs [86] |
| o runtests: abort test run after failure without -a [3] |
| o runtests: better handle ^C during slow tests |
| o runtests: consistently write the test check summary block |
| o runtests: create multiple test runners when requested [20] |
| o runtests: include missing valgrind package [89] |
| o runtests: make test file directories in log/N [44] |
| o runtests: rename server command file |
| o runtests: use more consistent failure lines |
| o runtests: work around a perl without SIGUSR1 [88] |
| o runtests; give each server a unique log lock file [43] |
| o scripts: Fix GHA matrix job detection in cijobs.pl |
| o sectransp: fix EOF handling [92] |
| o system.h: remove __IBMC__/__IBMCPP__ guards and apply to all z/OS compiles [10] |
| o test2600: fix the description [90] |
| o test427: verify sending more cookies than fit in a 8190 bytes line [61] |
| o tests/http: Add mod_h2 directive `H2ProxyRequests` [77] |
| o tests/servers.pm: pick unused port number with a server socket [16] |
| o tests/servers: generate temp names in /tmp for unix domain sockets [6] |
| o tests: fix error messages & handling around sockets [30] |
| o tests: improve reliability of TFTP tests |
| o testutil: allow multiple %-operators on the same line [62] |
| o timeval: use CLOCK_MONOTONIC_RAW if available [52] |
| o tls13-ciphers.d: include Schannel [36] |
| o tool: remove exclamation marks from error/warning messages |
| o tool: remove newlines from all helpf/notef/warnf/errorf calls [15] |
| o tool_easysrc.h: correct `easysrc_perform` for `CURL_DISABLE_LIBCURL_OPTION` [109] |
| o tool_getparam: fix comment [22] |
| o tool_operate: allow cookie lines up to 8200 bytes [60] |
| o tool_parsecfg: accept line lengths up to 10M [115] |
| o tool_urlglob: use curl_off_t instead of longs [2] |
| o tool_writeout_json: fix encoding of control characters [107] |
| o transfer: clear credentials when redirecting to absolute URL [64] |
| o urlapi: have *set(PATH) prepend a slash if one is missing [42] |
| o urlapi: scheme must start with alpha [26] |
| o vtls: avoid memory leak if sha256 call fails [58] |
| o websocket-cb: example doing WebSocket download using callback [18] |
| o wolfssl: detect when TLS 1.2 support is not built into wolfssl [111] |
| o wolfssl: support setting CA certificates as blob [110] |
| o ws: make the curl_ws_meta() return pointer a const [45] |
| |
| This release includes the following known bugs: |
| |
| o see docs/KNOWN_BUGS (https://curl.se/docs/knownbugs.html) |
| |
| Planned upcoming removals include: |
| |
| o gskit |
| o NSS |
| o support for space-separated NOPROXY patterns |
| o support for the original legacy mingw version 1 |
| |
| See https://curl.se/dev/deprecate.html for details |
| |
| This release would not have looked like this without help, code, reports and |
| advice from friends like these: |
| |
| ad0p on github, Alejandro R. Sedeño, Andy Fiddaman, Anssi Kolehmainen, |
| Antoine du Hamel, atjg on github, Boris Verkhovskiy, Brian Nixon, |
| Chris Paulson-Ellis, Chris Talbot, Cristian Rodríguez, Dan Fandrich, |
| Daniel Stenberg, Derzsi Dániel, Dion Williams, divinity76, Emanuele Torre, |
| Frank Gevaerts, Gisle Vanem, Graham Campbell, Harry Sintonen, humbleacolyte, |
| Igor Todorovski, James Fuller, James Lucas, jbgoog on github, |
| Juan Cruz Viotti, JustAnotherArchivist on github, Karthikdasari0423, |
| lizhuang0630 on github, MaeIsBad on github, Marcel Raad, Margu, |
| Mark Seuffert, Michał Petryka, Oleg Jukovec, Ondřej Koláček, Paul Wise, |
| Pedro Henrique, Philip Heiduck, Pontakorn Prasertsuk, Raito Bezarius, |
| Ray Satiro, SaltyMilk, Sean McArthur, selmelc on hackerone, Sergey Alirzaev, |
| Sheshadri.V, Stan Hu, Stefan Eissing, Tatsuhiro Tsujikawa, Viktor Szakats, |
| vlkl-sap on github, Wyatt OʼDay |
| (54 contributors) |
| |
| References to bug reports and discussions on issues: |
| |
| [1] = https://curl.se/bug/?i=11221 |
| [2] = https://curl.se/bug/?i=11224 |
| [3] = https://curl.se/bug/?i=11225 |
| [4] = https://curl.se/bug/?i=11228 |
| [5] = https://curl.se/bug/?i=11218 |
| [6] = https://curl.se/bug/?i=11152 |
| [7] = https://curl.se/bug/?i=11115 |
| [8] = https://curl.se/bug/?i=11238 |
| [9] = https://curl.se/bug/?i=11240 |
| [10] = https://curl.se/bug/?i=11241 |
| [11] = https://curl.se/bug/?i=11302 |
| [12] = https://curl.se/bug/?i=11235 |
| [13] = https://curl.se/bug/?i=11095 |
| [14] = https://curl.se/bug/?i=11222 |
| [15] = https://curl.se/bug/?i=11226 |
| [16] = https://curl.se/bug/?i=11220 |
| [17] = https://curl.se/bug/?i=11262 |
| [18] = https://curl.se/bug/?i=11260 |
| [19] = https://curl.se/bug/?i=11290 |
| [20] = https://curl.se/bug/?i=10818 |
| [21] = https://curl.se/bug/?i=11247 |
| [22] = https://curl.se/bug/?i=11253 |
| [23] = https://curl.se/bug/?i=10779 |
| [24] = https://curl.se/bug/?i=11049 |
| [25] = https://curl.se/bug/?i=11245 |
| [26] = https://curl.se/bug/?i=11249 |
| [27] = https://curl.se/bug/?i=11282 |
| [28] = https://curl.se/bug/?i=11295 |
| [29] = https://curl.se/bug/?i=11299 |
| [30] = https://curl.se/bug/?i=11265 |
| [31] = https://curl.se/bug/?i=11289 |
| [32] = https://curl.se/bug/?i=11288 |
| [34] = https://curl.se/bug/?i=11284 |
| [35] = https://curl.se/bug/?i=11283 |
| [36] = https://curl.se/bug/?i=11271 |
| [37] = https://curl.se/bug/?i=11286 |
| [38] = https://curl.se/bug/?i=11273 |
| [39] = https://curl.se/bug/?i=11277 |
| [40] = https://curl.se/bug/?i=11276 |
| [41] = https://curl.se/bug/?i=11278 |
| [42] = https://curl.se/mail/lib-2023-06/0015.html |
| [43] = https://curl.se/bug/?i=11231 |
| [44] = https://curl.se/bug/?i=11267 |
| [45] = https://curl.se/bug/?i=11261 |
| [46] = https://curl.se/bug/?i=11317 |
| [47] = https://curl.se/bug/?i=11340 |
| [48] = https://curl.se/bug/?i=11314 |
| [49] = https://curl.se/bug/?i=11313 |
| [50] = https://curl.se/bug/?i=11312 |
| [51] = https://curl.se/bug/?i=11203 |
| [52] = https://curl.se/bug/?i=11291 |
| [53] = https://curl.se/bug/?i=11185 |
| [54] = https://curl.se/bug/?i=11185 |
| [55] = https://curl.se/bug/?i=11304 |
| [56] = https://curl.se/bug/?i=11342 |
| [57] = https://curl.se/bug/?i=11297 |
| [58] = https://curl.se/bug/?i=11306 |
| [59] = https://curl.se/bug/?i=11341 |
| [60] = https://curl.se/bug/?i=11303 |
| [61] = https://curl.se/bug/?i=11303 |
| [62] = https://curl.se/bug/?i=11303 |
| [63] = https://curl.se/bug/?i=11300 |
| [64] = https://curl.se/bug/?i=11410 |
| [65] = https://curl.se/bug/?i=11332 |
| [66] = https://curl.se/bug/?i=11377 |
| [67] = https://curl.se/bug/?i=11338 |
| [68] = https://curl.se/bug/?i=11337 |
| [69] = https://curl.se/bug/?i=11333 |
| [70] = https://curl.se/bug/?i=11334 |
| [71] = https://curl.se/bug/?i=11335 |
| [72] = https://curl.se/bug/?i=11331 |
| [73] = https://curl.se/bug/?i=11405 |
| [74] = https://curl.se/bug/?i=11409 |
| [75] = https://curl.se/bug/?i=10041 |
| [76] = https://curl.se/bug/?i=11379 |
| [77] = https://curl.se/bug/?i=11392 |
| [78] = https://curl.se/bug/?i=11356 |
| [79] = https://curl.se/bug/?i=11378 |
| [80] = https://curl.se/bug/?i=11372 |
| [81] = https://curl.se/bug/?i=11376 |
| [82] = https://curl.se/bug/?i=11375 |
| [83] = https://curl.se/bug/?i=11368 |
| [84] = https://curl.se/bug/?i=11357 |
| [85] = https://curl.se/bug/?i=11370 |
| [86] = https://curl.se/bug/?i=11371 |
| [87] = https://curl.se/bug/?i=11358 |
| [88] = https://curl.se/bug/?i=11350 |
| [89] = https://curl.se/bug/?i=11364 |
| [90] = https://curl.se/bug/?i=11354 |
| [91] = https://curl.se/bug/?i=11352 |
| [92] = https://curl.se/bug/?i=11427 |
| [93] = https://curl.se/bug/?i=11437 |
| [94] = https://curl.se/bug/?i=11455 |
| [95] = https://curl.se/bug/?i=11430 |
| [96] = https://curl.se/bug/?i=11428 |
| [97] = https://curl.se/bug/?i=11454 |
| [98] = https://curl.se/bug/?i=11343 |
| [99] = https://curl.se/bug/?i=11420 |
| [100] = https://curl.se/bug/?i=11450 |
| [101] = https://curl.se/bug/?i=11419 |
| [102] = https://curl.se/bug/?i=11423 |
| [103] = https://curl.se/bug/?i=11453 |
| [104] = https://curl.se/bug/?i=11252 |
| [105] = https://curl.se/bug/?i=11382 |
| [106] = https://curl.se/bug/?i=10300 |
| [107] = https://curl.se/bug/?i=11414 |
| [108] = https://curl.se/bug/?i=11389 |
| [109] = https://curl.se/bug/?i=11398 |
| [110] = https://curl.se/bug/?i=11445 |
| [111] = https://curl.se/bug/?i=11444 |
| [113] = https://curl.se/bug/?i=11440 |
| [114] = https://curl.se/bug/?i=11439 |
| [115] = https://curl.se/bug/?i=11431 |
| [116] = https://curl.se/bug/?i=11413 |