🠰 8.2.1 all changes 8.4.0 🠲
Changes in 8.3.0 - September 13 2023
Changes:
- curl: make %output{} in -w specify a file to write to
- gskit: remove
- lib: --disable-bindlocal builds curl without local binding support
- nss: remove support for this TLS library
- tool: add "variable" support
- trace: make tracing available in non-debug builds
- url: change default value for CURLOPT_MAXREDIRS to 30
- urlapi: CURLU_PUNY2IDN - convert from punycode to IDN name
- wolfssl: support loading system CA certificates
Bugfixes:
- altsvc: accept and parse IPv6 addresses in response headers
- asyn-ares: reduce timeout to 2000ms
- aws-sigv4: canonicalize the query
- aws-sigv4: fix having date header twice in some cases
- aws-sigv4: handle no-value user header entries
- bearssl: don't load CA certs when peer verification is disabled
- bearssl: handshake fix, provide proper get_select_socks() implementation
- build: fix portability of mancheck and checksrc targets
- build: streamline non-UWP wincrypt detections
- c-hyper: adjust the hyper to curlcode conversion
- c-hyper: fix memory leaks in `Curl_http`
- cf-haproxy: make CURLOPT_HAPROXY_CLIENT_IP set the *source* IP
- cf-socket: log successful interface bind
- CI/cirrus: disable python install on FreeBSD
- CI: add a 32-bit i686 Linux build
- CI: add caching to many jobs
- CI: move on to ngtcp2 v0.19.1
- CI: move the Alpine build from Cirrus to GHA
- CI: ngtcp2-linux: use separate caches for tls libraries
- CI: remove Windows builds from Cirrus, without replacement
- CI: switch macOS ARM build from Cirrus to Circle CI
- CI: use master again for wolfssl
- cirrus: install everthing with pkg, avoid pip
- cmake: add GnuTLS option
- cmake: add support for `CURL_DEFAULT_SSL_BACKEND`
- cmake: add support for single libcurl compilation pass
- cmake: allow `SHARE_LIB_OBJECT=ON` on all platforms
- cmake: assume `wldap32` availability on Windows
- cmake: cache more config and delete unused ones
- cmake: detect `SSL_set0_wbio` in OpenSSL
- cmake: drop `HAVE_LIBWINMM` and `HAVE_LIBWS2_32` feature checks
- cmake: fix to use variable for the curl namespace
- cmake: fixup H2 duplicate symbols for unity builds
- cmake: set SIZEOF_LONG_LONG in curl_config.h
- cmake: support building static and shared libcurl in one go
- cmdline-docs: make sure to phrase it as "added in ...."
- cmdline-docs: use present tense, not future
- cmdline-opts/docs: mention the negative option part
- cmdline-opts/page-header: clarify stronger that !opt == URL
- cmdline-opts/page-header: reorder, clean up
- configure, cmake, lib: more form api deprecation
- configure: fix `HAVE_TIME_T_UNSIGNED` check
- configure: trust pkg-config when it's used for zlib
- configure: use the pkg-config --libs-only-l flag for libssh2
- connect: stop halving the remaining timeout when less than 600 ms left
- cookie-jar.d: emphasize that this option is ONLY writing cookies
- crypto: ensure crypto initialization works
- curl_url_get/set.3: add missing semicolon in SYNOPSIS
- CURLINFO_CERTINFO.3: better explain curl_certinfo struct
- CURLINFO_TLS_SSL_PTR.3: clarify a recommendation
- CURLOPT_*TIMEOUT*: extend and clarify
- CURLOPT_SSL_VERIFYPEER.3: mention it does not load CA certs when disabled
- CURLOPT_URL.3: add two URL API calls in the see-also section
- CURLOPT_URL.3: explain curl_url_set() uses the same parser
- digest: Use hostname to generate spn instead of realm
- disable.d: explain --disable not implemented prior to 7.50.0
- docs/cmdline-opts/gen.pl: hide "added in" before 7.50.0
- docs/cmdline-opts: match the current output
- docs/cmdline-opts: spellfixes, typos and polish
- docs/cmdline: add small "warning" to verbose options
- docs/cmdline: remove repeated working for negotiate + ntlm
- docs/HYPER.md: document a workaround for a link error
- docs: add curl_global_trace to some SEE ALSO sections
- docs: link to the website versions instead of markdowns
- docs: mark --ssl-revoke-best-effort as Schannel specific
- docs: mention critical files in same directories as curl saves
- docs: removing "pausing transfers" from HYPER.md.
- docs: rewrite to present tense
- easy: remove #ifdefs to make code easier on the eye
- egd: delete feature detection and related source code
- ftp: fix temp write of ipv6 address
- gen.pl: escape all dashes (ascii minus) to avoid unicode hyphens
- gen.pl: replace all single quotes with aq
- GHA: adding quiche workflow
- headers: accept leading whitespaces on first response header
- http2: avoid too early connection re-use/multiplexing
- http2: cleanup trace messages
- http2: disable asssertion blocking OSSFuzz testing
- http2: fix in h2 proxy tunnel: progress in ingress on sending
- http2: polish things around POST
- http2: upgrade tests and add fix for non-existing stream
- http3/ngtcp2: shorten handshake, trace cleanup
- http3: quiche, handshake optimization, trace cleanup
- http: close the connection after a late 417 is received
- http: do not require a username when using CURLAUTH_NEGOTIATE
- http: fix sending of large requests
- http: remove the p_pragma struct field
- http: return error when receiving too large header set
- hyper: fix a progress upload counter bug
- hyper: fix ownership problems
- hyper: remove `hyptransfer->endtask`
- imap: add a check for failing strdup()
- imap: remove the only sscanf() call in the IMAP code
- include.d: explain headers not printed with --fail before 7.75.0
- include/curl/mprintf.h: add __attribute__ for the prototypes
- krb5: fix "implicit conversion loses integer precision" warnings
- lib: add ability to disable auths individually
- lib: build fixups when built with most things disabled
- lib: fix a few *printf() flag mistakes
- lib: fix null ptr derefs and uninitialized vars (h2/h3)
- lib: move mimepost data from ->req.p.http to ->state
- libtest: use curl_free() to free libcurl allocated data
- list-only.d: mention SFTP as supported protocol
- macOS: fix target detection more
- misc: fix various typos
- multi.h: the 'revents' field of curl_waitfd is supported
- multi: more efficient pollfd count for poll
- multi: remove 'processing: <url>' debug message
- ngtcp2: fix handling of large requests
- openssl: auto-detect `SSL_R_TLSV13_ALERT_CERTIFICATE_REQUIRED`
- openssl: clear error queue after SSL_shutdown
- openssl: make aws-lc version support OCSP
- openssl: Support async cert verify callback
- openssl: switch to modern init for LibreSSL 2.7.0+
- openssl: use `SSL_CTX_set_ciphersuites` with LibreSSL 3.4.1
- openssl: use `SSL_CTX_set_keylog_callback` with LibreSSL 3.5.0
- openssl: when CURLOPT_SSL_CTX_FUNCTION is registered, init x509 store before
- os400: build test servers
- os400: do not check translatable options at build time
- os400: implement CLI tool
- page-footer: QLOGDIR works with ngtcp2 and quiche
- page-header: move up a URL paragraph from GLOBBING to URL
- pytest: fix check for slow_network skips to only apply when intended
- quic: don't set SNI if hostname is an IP address
- quiche: adjust quiche `QUIC_IDLE_TIMEOUT` to 60s
- quiche: enable quiche to handle timeout events
- resolve: use PF_INET6 family lookups when CURL_IPRESOLVE_V6 is set
- revert "schannel: reverse the order of certinfo insertions"
- schannel: fix ordering of cert chain info
- schannel: fix user-set legacy algorithms in Windows 10 & 11
- schannel: verify hostname independent of verify cert
- sectransp: fix compiler warnings
- sectransp: prevent CFRelease() of NULL
- secureserver.pl: fix stunnel path quoting
- secureserver.pl: fix stunnel version parsing
- SECURITY-PROCESS.md: not a sec issue: Tricking user to run a cmdline
- system.h: add CURL_OFF_T definitions on HP-UX with HP aCC
- test1304: build and skip without netrc support
- test1554: check translatable string options in OS400 wrapper
- test1608: make it build and get skipped without shuffle DNS support
- test687/688: two more basic --xattr tests
- tests/tftpd+mqttd: make variables static to silence picky warnings
- tests: add 'large-time' as a testable feature
- tests: add support for nested %if conditions
- tests: don't call HTTP errors OK in test cases
- tests: ensure `libcurl.def` contains all exports
- tests: fix h3 server check and parallel instances
- tests: TLS session sharing test
- tests: update cookie expiry dates to far in the future
- time-cond.d: mention what happens on a missing file
- tool: avoid including leading spaces in the Location hyperlink
- tool: change some fopen failures from warnings to errors
- tool: make the length argument an int for printf()-.* flags
- tool_cb_wrt: fix invalid unicode for windows console
- tool_filetime: make -z work with file dates before 1970
- tool_operate: allow both SSL_CERT_FILE and SSL_CERT_DIR
- tool_operate: make aws-sigv4 not require TLS to be used
- tool_paramhlp: improve str2num(): avoid unnecessary call to strlen()
- tool_urlglob: use the correct format specifier for curl_off_t in msnprintf
- transfer: also stop the sending on closed connection
- transfer: don't set TIMER_STARTTRANSFER on first send
- unit2600: fix build warning if built without verbose messages
- url: remove infof() output for "still name resolving"
- urlapi: fix heap buffer overflow
- urlapi: make sure zoneid is also duplicated in curl_url_dup
- urlapi: return CURLUE_BAD_HOSTNAME if puny2idn encoding fails
- urlapi: setting a blank URL ("") is not an ok URL
- vquic: show stringified messages for errno
- vtls: clarify "ALPN: offers" message
- winbuild: improve check for static zlib
- wolfSSL: avoid the OpenSSL compat API when not needed
- workflows/macos.yml: disable zstd and alt-svc in the http-only build
- write-out.d: clarify %{time_starttransfer}
- ws: fix spelling mistakes in examples and tests