| curl and libcurl 8.0.0 |
| |
| Public curl releases: 215 |
| Command line options: 250 |
| curl_easy_setopt() options: 302 |
| Public functions in libcurl: 91 |
| Contributors: 2841 |
| |
| This release includes the following changes: |
| |
| o build: remove support for curl_off_t < 8 bytes [19] |
| |
| This release includes the following bugfixes: |
| |
| o .cirrus.yml: Bump to FreeBSD 13.2 [9] |
| o aws_sigv4: fall back to UNSIGNED-PAYLOAD for sign_as_s3 [112] |
| o BINDINGS: add Fortran binding [33] |
| o build: drop the use of XC_AMEND_DISTCLEAN [62] |
| o build: fix stdint/inttypes detection with non-autotools [120] |
| o cf-socket: fix handling of remote addr for accepted tcp sockets [17] |
| o cf-socket: if socket is already connected, return CURLE_OK [69] |
| o cf-socket: use port 80 when resolving name for local bind [109] |
| o CI: don't run CI jobs if only another CI was changed [92] |
| o CI: update ngtcp2 and nghttp2 for pytest [13] |
| o cmake: delete unused HAVE__STRTOI64 [117] |
| o cmake: fix enabling LDAPS on Windows [55] |
| o cmake: skip CA-path/bundle auto-detection in cross-builds [57] |
| o connect: fix time_connect and time_appconnect timer statistics [90] |
| o cookie: don't load cookies again when flushing [91] |
| o cookie: parse without sscanf() |
| o curl.h: require gcc 12.1 for the deprecation magic [110] |
| o curl: make -w's %{stderr} use the file set with --stderr [30] |
| o curl_path: create the new path with dynbuf [99] |
| o CURLOPT_PIPEWAIT: allow waited reuse also for subsequent connections [10] |
| o CURLOPT_PROXY.3: curl+NSS does not handle HTTPS over unix domain socket [102] |
| o CURLSHOPT_SHARE.3: HSTS sharing is not thread-safe [103] |
| o DEPRECATE: the original legacy mingw version 1 [43] |
| o doc: fix compiler warning in libcurl.m4 [82] |
| o docs/cmdline-opts: mark all global options [6] |
| o docs/SECURITY-PROCESS.md: updates [67] |
| o docs: extend the URL API descriptions [85] |
| o docs: note '--data-urlencode' option [7] |
| o DYNBUF.md: note Curl_dyn_add* calls Curl_dyn_free on failure [70] |
| o easy: remove infof() debug leftover from curl_easy_recv [44] |
| o examples/http3.c: use CURL_HTTP_VERSION_3 [46] |
| o ftp: active mode with SSL, add the filter [84] |
| o ftp: add more conditions for connection reuse [74] |
| o ftp: allocate the wildcard struct on demand [59] |
| o ftp: make the EPSV response parser not use sscanf [25] |
| o ftp: replace sscanf for MDTM 213 response parsing [23] |
| o ftp: replace sscanf for PASV parsing [24] |
| o gssapi: align `gss_OID_desc` to silence ld warnings on macOS ventura [58] |
| o headers: make curl_easy_header and nextheader return different buffers [77] |
| o hostip: avoid sscanf and extra buffer copies [42] |
| o http2: fix error handling during parallel operations [96] |
| o http2: fix for http2-prior-knowledge when reusing connections [14] |
| o http2: fix handling of RST and GOAWAY to recognize partial transfers [88] |
| o http2: fix upload busy loop [71] |
| o http: don't send 100-continue for short PUT requests [93] |
| o http: fix unix domain socket use in https connects [28] |
| o http: rewrite the status line parser without sscanf [29] |
| o http_proxy: parse the status line without sscanf [16] |
| o idn: return error if the conversion ends up with a blank host [45] |
| o krb5: avoid sscanf for parsing [18] |
| o lib1560: test parsing URLs with ridiculously large fields [60] |
| o lib2305: deal with CURLE_AGAIN [122] |
| o lib517: verify time stamps without leading zeroes plus some more |
| o lib: silence clang/gcc -Wvla warnings in brotli headers [98] |
| o lib: skip Curl_llist_destroy calls [108] |
| o libcurl-errors.3: add the CURLHcode errors from curl_easy_header.3 [39] |
| o libssh2: only set the memory callbacks when debugging [65] |
| o libssh2: remove unused variable from libssh2's struct [124] |
| o libssh: use dynbuf instead of realloc [121] |
| o Makefile.mk: delete redundant `HAVE_LDAP_SSL` macro [56] |
| o Makefile.mk: fix -g option in debug mode [81] |
| o mqtt: on send error, return error [40] |
| o multi: make multi_perform ignore/unignore signals less often [116] |
| o multi: remove PENDING + MSGSENT handles from the main linked list [105] |
| o ngtcp2-gnutls.yml: bump to gnutls 3.8.0 [11] |
| o ngtcp2: fix unwanted close of file descriptor 0 [26] |
| o page-footer: add explanation for three missing exit codes [37] |
| o parsedate: parse strings without using sscanf() [2] |
| o parsedate: replace sscanf( for time stamp parsing [1] |
| o quic/schannel: fix compiler warnings [36] |
| o rand: use arc4random as fallback when available [48] |
| o rate.d: single URLs make no sense in --rate example [38] |
| o RELEASE-PROCEDURE.md: update coming release dates |
| o rtsp: avoid sscanf for parsing [15] |
| o runtests: use a hash table for server port numbers [51] |
| o sectransp: fix compiler warning c89 mixed code/declaration [32] |
| o sectransp: make read_cert() use a dynbuf when loading [72] |
| o secure-transport: fix recv return code handling [114] |
| o select: stop treating POLLRDBAND as an error [27] |
| o setopt: move the CURLOPT_CHUNK_DATA pointer to the set struct [35] |
| o socket: detect "dead" connections better, e.g. not fit for reuse [66] |
| o src: silence wmain() warning for all build methods [95] |
| o telnet: only accept option arguments in ascii [104] |
| o telnet: parse NEW_ENVIRON without sscanf [20] |
| o telnet: parse telnet options without sscanf [22] |
| o telnet: parse the WS= argument without sscanf [21] |
| o test1470: test socks proxy using unix sockets and connect to https [63] |
| o test1960: verify CURL_SOCKOPT_ALREADY_CONNECTED [64] |
| o test2600: detect when ALARM_TIMEOUT is in use and adjust [34] |
| o test422: verify --next used without a prior URL [115] |
| o tests/http: add pytest to GHA and improve tests [118] |
| o tests: add `cookies` features [68] |
| o tests: add timeout, SLOWDOWN and DELAY keywords to tests |
| o tests: fix gnutls-serv check [53] |
| o tests: fix MSVC unreachable code warnings in unit tests |
| o tests: hack to build most unit tests under cmake [94] |
| o tests: HTTP server fixups [3] |
| o tests: keep cmake unit tests names in sync |
| o tests: make CPPFLAGS common to all unit tests |
| o tests: make first.c the same for both lib tests and unit tests [75] |
| o tests: support for imaps/pop3s/smtps protocols [50] |
| o tests: sync option lists in runtests.pl & its man page |
| o tests: test secure mail protocols with explicit SSL requests [49] |
| o tests: use AM_CPPFILES to modify flags in unit tests |
| o tests: use dynamic ports numbers in pytest suite [89] |
| o tool: dump headers even if file is write-only [52] |
| o tool: improve --stderr handling [83] |
| o tool_getparam: don't add a new node for just --no-remote-name [5] |
| o tool_getparam: error if --next is used without a prior URL [119] |
| o tool_operate: avoid fclose(NULL) on bad header dump file [12] |
| o tool_operate: propagate error codes for missing URL after --next [4] |
| o tool_progress: shut off progress meter for --silent in parallel [8] |
| o tool_writeout_json. fix the output for duplicate header names [76] |
| o transfer: limit Windows SO_SNDBUF updates to once a second [73] |
| o url: fix cookielist memleak when curl_easy_reset [106] |
| o url: fix logic in connection reuse to deny reuse on "unclean" connections [86] |
| o url: fix the SSH connection reuse check [101] |
| o url: only reuse connections with same GSS delegation [97] |
| o url: remove dummy protocol handler [100] |
| o urlapi: '%' is illegal in host names [80] |
| o urlapi: avoid mutating internals in getter routine [79] |
| o urlapi: parse IPv6 literals without ENABLE_IPV6 [61] |
| o urlapi: take const args in _dup and _get functions [78] |
| o wildcard: remove files and move functions into ftplistparser.c |
| o winbuild: fix makefile clean [31] |
| o wolfssl: add quic/ngtcp2 detection in cmake, and fix builds [113] |
| o wolfSSL: ressurect the BIO `io_result` [54] |
| o ws: keep the socket non-blocking [41] |
| o x509asn1.c: use correct format specifier for infof() call [47] |
| o x509asn1: use plain %x, not %lx, when the arg is an int [87] |
| |
| This release includes the following known bugs: |
| |
| o see docs/KNOWN_BUGS (https://curl.se/docs/knownbugs.html) |
| |
| Planned upcoming removals include: |
| |
| o gskit |
| o NSS |
| o support for space-separated NOPROXY patterns |
| o support for the original legacy mingw version 1 |
| |
| See https://curl.se/dev/deprecate.html for details |
| |
| This release would not have looked like this without help, code, reports and |
| advice from friends like these: |
| |
| Andy Alt, Balakrishnan Balasubramanian, Boris Okunskiy, Brad Spencer, |
| Casey Bodley, Cristian Morales Vega, Dan Fandrich, Daniel Stenberg, |
| Evgeny Grin (Karlson2k), finkjsc on github, Grisha Levit, Harry Sintonen, |
| Hiroki Kurosawa, Ilmari Lauhakangas, JackBoosY on github, Jan Engelhardt, |
| Jelle van der Waa, Jérémy Rabasco, Jerome St-Louis, kchow-FTNT on github, |
| Maciej Domanski, Marcel Raad, marski on github, Master Inspire, Matt Jolly, |
| opensslonzos-github on github, Patrick Monnerat, Philip Heiduck, |
| Philipp Engel, Ray Satiro, rcombs on github, rwmjones on github, |
| SandakovMM on github, SendSonS on github, Sergey Fionov, Sergey Ryabinin, |
| Sergio Mijatovic, Shankar Jadhavar, Stefan Eissing, u20221022 on github, |
| Viktor Szakats, 積丹尼 Dan Jacobson |
| (42 contributors) |
| |
| References to bug reports and discussions on issues: |
| |
| [1] = https://curl.se/bug/?i=10547 |
| [2] = https://curl.se/bug/?i=10547 |
| [3] = https://curl.se/bug/?i=10568 |
| [4] = https://curl.se/bug/?i=10558 |
| [5] = https://curl.se/bug/?i=10564 |
| [6] = https://curl.se/bug/?i=10566 |
| [7] = https://curl.se/bug/?i=10687 |
| [8] = https://curl.se/bug/?i=10573 |
| [9] = https://curl.se/bug/?i=10270 |
| [10] = https://curl.se/bug/?i=10456 |
| [11] = https://curl.se/bug/?i=10507 |
| [12] = https://curl.se/bug/?i=10570 |
| [13] = https://curl.se/bug/?i=10508 |
| [14] = https://curl.se/bug/?i=10634 |
| [15] = https://curl.se/bug/?i=10605 |
| [16] = https://curl.se/bug/?i=10602 |
| [17] = https://curl.se/bug/?i=10622 |
| [18] = https://curl.se/bug/?i=10599 |
| [19] = https://curl.se/bug/?i=10597 |
| [20] = https://curl.se/bug/?i=10596 |
| [21] = https://curl.se/bug/?i=10596 |
| [22] = https://curl.se/bug/?i=10596 |
| [23] = https://curl.se/bug/?i=10590 |
| [24] = https://curl.se/bug/?i=10590 |
| [25] = https://curl.se/bug/?i=10590 |
| [26] = https://curl.se/bug/?i=10593 |
| [27] = https://curl.se/bug/?i=10501 |
| [28] = https://curl.se/bug/?i=10633 |
| [29] = https://curl.se/bug/?i=10585 |
| [30] = https://curl.se/bug/?i=10491 |
| [31] = https://curl.se/bug/?i=10576 |
| [32] = https://curl.se/bug/?i=10574 |
| [33] = https://curl.se/bug/?i=10589 |
| [34] = https://curl.se/bug/?i=10513 |
| [35] = https://curl.se/bug/?i=10635 |
| [36] = https://curl.se/bug/?i=10603 |
| [37] = https://curl.se/bug/?i=10630 |
| [38] = https://curl.se/bug/?i=10638 |
| [39] = https://curl.se/bug/?i=10629 |
| [40] = https://curl.se/bug/?i=10623 |
| [41] = https://curl.se/bug/?i=10615 |
| [42] = https://curl.se/bug/?i=10601 |
| [43] = https://curl.se/bug/?i=10667 |
| [44] = https://curl.se/bug/?i=10628 |
| [45] = https://curl.se/bug/?i=10617 |
| [46] = https://curl.se/bug/?i=10619 |
| [47] = https://curl.se/bug/?i=10614 |
| [48] = https://curl.se/bug/?i=10672 |
| [49] = https://curl.se/bug/?i=10077 |
| [50] = https://curl.se/bug/?i=10077 |
| [51] = https://curl.se/bug/?i=10077 |
| [52] = https://curl.se/bug/?i=10675 |
| [53] = https://curl.se/bug/?i=10688 |
| [54] = https://curl.se/bug/?i=10716 |
| [55] = https://curl.se/bug/?i=6284 |
| [56] = https://curl.se/bug/?i=10681 |
| [57] = https://curl.se/bug/?i=6178 |
| [58] = https://curl.se/bug/?i=10718 |
| [59] = https://curl.se/bug/?i=10639 |
| [60] = https://curl.se/bug/?i=10665 |
| [61] = https://curl.se/bug/?i=10660 |
| [62] = https://curl.se/bug/?i=9843 |
| [63] = https://curl.se/bug/?i=10662 |
| [64] = https://curl.se/bug/?i=10651 |
| [65] = https://curl.se/bug/?i=10721 |
| [66] = https://curl.se/bug/?i=10646 |
| [67] = https://curl.se/bug/?i=10719 |
| [68] = https://curl.se/bug/?i=10713 |
| [69] = https://curl.se/bug/?i=10626 |
| [70] = https://curl.se/bug/?i=10645 |
| [71] = https://curl.se/bug/?i=10449 |
| [72] = https://curl.se/bug/?i=10632 |
| [73] = https://curl.se/bug/?i=10611 |
| [74] = https://curl.se/bug/?i=10730 |
| [75] = https://curl.se/bug/?i=10749 |
| [76] = https://curl.se/bug/?i=10704 |
| [77] = https://curl.se/bug/?i=10704 |
| [78] = https://curl.se/bug/?i=10708 |
| [79] = https://curl.se/bug/?i=10708 |
| [80] = https://curl.se/bug/?i=10711 |
| [81] = https://curl.se/bug/?i=10747 |
| [82] = https://curl.se/bug/?i=10710 |
| [83] = https://curl.se/bug/?i=10673 |
| [84] = https://curl.se/bug/?i=10666 |
| [85] = https://curl.se/bug/?i=10701 |
| [86] = https://curl.se/bug/?i=10690 |
| [87] = https://curl.se/bug/?i=10689 |
| [88] = https://curl.se/bug/?i=10693 |
| [89] = https://curl.se/bug/?i=10692 |
| [90] = https://curl.se/bug/?i=10670 |
| [91] = https://curl.se/bug/?i=10677 |
| [92] = https://curl.se/bug/?i=10742 |
| [93] = https://curl.se/bug/?i=10740 |
| [94] = https://curl.se/bug/?i=10722 |
| [95] = https://curl.se/bug/?i=7229 |
| [96] = https://curl.se/bug/?i=10715 |
| [97] = https://curl.se/bug/?i=10731 |
| [98] = https://curl.se/bug/?i=10738 |
| [99] = https://curl.se/bug/?i=10729 |
| [100] = https://curl.se/bug/?i=10727 |
| [101] = https://curl.se/bug/?i=10735 |
| [102] = https://curl.se/bug/?i=10723 |
| [103] = https://curl.se/bug/?i=10732 |
| [104] = https://curl.se/bug/?i=10728 |
| [105] = https://curl.se/bug/?i=10762 |
| [106] = https://curl.se/bug/?i=10694 |
| [108] = https://curl.se/bug/?i=10764 |
| [109] = https://curl.se/bug/?i=10759 |
| [110] = https://curl.se/bug/?i=10726 |
| [112] = https://curl.se/bug/?i=9995 |
| [113] = https://curl.se/bug/?i=10739 |
| [114] = https://curl.se/bug/?i=10717 |
| [115] = https://curl.se/bug/?i=10782 |
| [116] = https://curl.se/bug/?i=10750 |
| [117] = https://curl.se/bug/?i=10756 |
| [118] = https://curl.se/bug/?i=10699 |
| [119] = https://curl.se/bug/?i=10782 |
| [120] = https://curl.se/bug/?i=10745 |
| [121] = https://curl.se/bug/?i=10778 |
| [122] = https://curl.se/bug/?i=10760 |
| [124] = https://curl.se/bug/?i=10777 |