Changes in 8.2.0 - July 19 2023

Changes:

• curl: add --ca-native and --proxy-ca-native
• curl: add --trace-ids
• CURLOPT_MAIL_RCPT_ALLOWFAILS: replace CURLOPT_MAIL_RCPT_ALLLOWFAILS
• haproxy: add --haproxy-clientip flag to set client IPs
• lib: add CURLINFO_CONN_ID and CURLINFO_XFER_ID

Bugfixes:

• bufq: make write/pass methods more robust
• build: drop unused/redundant `HAVE_WINLDAP_H`
• cf-socket: don't bypass fclosesocket callback if cancelled before connect
• cf-socket: move ctx declaration under HAVE_GETPEERNAME
• cf-socket: skip getpeername()/getsockname for TFTP
• checksrc: modernise perl file open
• checksrc: quote the filename to work with "funny" letters
• CI: brew fix for openssl in default path
• CI: don't install impacket if tests are not run
• CI: enable parallel make in more builds
• circleci: install impacket & wolfssl 5.6.0
• cmake: add support for "unity" builds
• cmake: make use of snprintf
• cmake: stop CMake from quietly ignoring missing Brotli
• configure: add check for ldap_init_fd
• configure: fix run-compiler for old /bin/sh
• configure: the --without forms of the options are also gone
• connect-timeout.d: mention that the DNS lookup is included
• curl.h: include <sys/select.h> for vxworks
• curl: count uploaded data to stop at the originally given size
• curl: return error when asked to use an unsupported HTTP version
• curl_easy_nextheader.3: add missing open parenthesis examples
• curl_log: evaluate log statement only when transfer is verbose
• curl_mprintf.3: minor fix of the example
• curl_pushheader_byname/bynum.3: document in their own manpages
• curl_url_set: enforce the max string length check for all parts
• CURLOPT_AWS_SIGV4.3: remove unused variable from example
• CURLOPT_INFILESIZE.3: mention -1 triggers chunked
• CURLOPT_MIMEPOST.3: clarify what setting to NULL means
• CURLOPT_SSH_PRIVATE_KEYFILE.3: expand on the file search
• docs/libcurl/libcurl.3: cleanups and improvements
• docs: add more .IP after .RE to fix indentation of generate paragraphs
• docs: fix missing parameter names in examples
• docs: update CURLOPT_UPLOAD.3
• docs: update HTTP3.md for newer ngtcp2 and nghttp3
• docs: use a space after RFC when spelling out RFC numbers
• example/connect-to: show CURLOPT_CONNECT_TO
• example/crawler: also set CURLOPT_AUTOREFERER
• example/crawler: make it use a few more options
• example/default-scheme: set the default scheme for schemeless URLs
• example/hsts-preload: show one way to HSTS preload
• example/http2-download: set CURLOPT_BUFFERSIZE
• example/ipv6: feature CURLOPT_ADDRESS_SCOPE in use
• example/maxconnects: set maxconnect example
• example/opensslthreadlock: remove
• examples/ftpuploadresume.c: add use of CURLOPT_ACCEPTTIMEOUT_MS
• examples/http-options: show how to send "OPTIONS *"
• examples/https.c: use CURLOPT_CA_CACHE_TIMEOUT
• examples/multi-debugcallback.c: avoid the bool typedef
• examples/smtp-mime: use CURLOPT_MAIL_RCPT_ALLOWFAILS
• examples/unixsocket.c: example using CURLOPT_UNIX_SOCKET_PATH
• examples/websocket.c: websocket example using CONNECT_ONLY
• examples: make use of CURLOPT_(REDIR_|)PROTOCOLS_STR
• fopen: fix conversion warning on 32-bit Android
• fopen: optimize
• hostip.c: Move macOS-specific calls into global init call
• HTTP/2: upload handling fixes
• http2: better support for --limit-rate
• http2: error stream resets with code CURLE_HTTP2_STREAM
• http2: fix crash in handling stream weights
• http2: fix variable type
• http2: h2 and h2-PROXY connection alive check fixes
• http2: raise header limitations above and beyond
• http2: send HEADER & DATA together if possible
• http2: treat initial SETTINGS as a WINDOW_UPDATE
• HTTP3.md: update openssl version
• http3/ngtcp2: upload EAGAIN handling
• http: rectify the outgoing Cookie: header field size check
• hyper: fix EOF handling on input
• hyper: unslow
• imap-append.c: update to make it more likely to work
• imap: Provide method to disable SASL if it is advertised
• krb5: add typecast to please Coverity
• libcurl-url.3: also mention CURLUPART_ZONEID
• libcurl-ws.3. WebSocket API overview
• libssh2: provide error message when setting host key type fails
• libssh2: use custom memory functions
• ngtcp2: assigning timeout, but value is overwritten before used
• ngtcp2: build with 0.17.0 and nghttp3 0.13.0
• ngtcp2: use ever increasing timestamp in io
• quiche: avoid NULL deref in debug logging
• quiche: fix defects found in latest coverity report
• quote.d: fix indentation of generated paragraphs
• runtests: abort test run after failure without -a
• runtests: better handle ^C during slow tests
• runtests: consistently write the test check summary block
• runtests: create multiple test runners when requested
• runtests: include missing valgrind package
• runtests: make test file directories in log/N
• runtests: rename server command file
• runtests: use more consistent failure lines
• runtests: work around a perl without SIGUSR1
• runtests; give each server a unique log lock file
• scripts: Fix GHA matrix job detection in cijobs.pl
• sectransp: fix EOF handling
• system.h: remove __IBMC__/__IBMCPP__ guards and apply to all z/OS compiles
• test2600: fix the description
• test427: verify sending more cookies than fit in a 8190 bytes line
• tests/http: Add mod_h2 directive `H2ProxyRequests`
• tests/servers.pm: pick unused port number with a server socket
• tests/servers: generate temp names in /tmp for unix domain sockets
• tests: fix error messages & handling around sockets
• tests: improve reliability of TFTP tests
• testutil: allow multiple %-operators on the same line
• timeval: use CLOCK_MONOTONIC_RAW if available
• tls13-ciphers.d: include Schannel
• tool: remove exclamation marks from error/warning messages
• tool: remove newlines from all helpf/notef/warnf/errorf calls
• tool_easysrc.h: correct `easysrc_perform` for `CURL_DISABLE_LIBCURL_OPTION`
• tool_getparam: fix comment
• tool_operate: allow cookie lines up to 8200 bytes
• tool_parsecfg: accept line lengths up to 10M
• tool_urlglob: use curl_off_t instead of longs
• tool_writeout_json: fix encoding of control characters
• transfer: clear credentials when redirecting to absolute URL
• urlapi: have *set(PATH) prepend a slash if one is missing
• urlapi: scheme must start with alpha
• vtls: avoid memory leak if sha256 call fails
• websocket-cb: example doing WebSocket download using callback
• wolfssl: detect when TLS 1.2 support is not built into wolfssl
• wolfssl: support setting CA certificates as blob
• ws: make the curl_ws_meta() return pointer a const

Further