curl / Development / Pending Release Notes
Pending RELEASE-NOTES for the upcoming release
This is work in progress and will change before the release goes public on 2024-11-05.
Changes:
- curl: --create-dirs works for --dump-header as well
- gtls: Add P12 format support
- ipfs: add options to disable
- TLS: TLSv1.3 earlydata support for curl
- WebSockets: make support official (non-experimental)
Bugfixes:
- alt-svc: honor data->state.httpwant
- altsvc: avoid using local buffer and memcpy
- asyn-ares: remove typecast, fix expire
- autotools: add support for 'unity' builds, enable in CI
- bearssl: avoid strpcy() when generating TLS version log message
- bufq: unwrite fix
- build: add `ldap` to `libcurl.pc` `Requires:`
- build: add pytest targets
- build: clarify CA embed is for curl tool, mark default, improve summary
- build: detect and use `_setmode()` with Cygwin/MSYS, also use on Windows
- build: fix cross-compile check for poll with bionic
- build: fix possible `-Wformat-overflow` in lib557
- build: limit arc4random detection to no-SSL configs
- build: show if CA bundle to embed was found
- build: tidy up and improve versioned-symbols options
- build: tidy up deprecation suppression, enable warnings for clang
- checksrc: Added checks for colon operator in ternary expressions
- checksrc: check for spaces around '?', '>' and '<'
- ci: dump `curl_config.h` to log in all jobs
- cmake, Makefile.mk: use -isystem for headers, silence BearSSL issues
- cmake/FindNGTCP2: use library path as hint for finding crypto module
- cmake: add missed variable to comment
- cmake: add native `pkg-config` detection for mbedTLS, MSH3, Quiche, Rustls, wolfSSL
- cmake: allow building tests in unity mode
- cmake: allow manual configuration for LDAP
- cmake: apply `WIN32_LEAN_AND_MEAN` to all feature checks
- cmake: delete unused NEED_LBER_H, HAVE_LDAP_H
- cmake: detect `HAVE_NETINET_IN6_H`, `HAVE_CLOSESOCKET_CAMEL`, `HAVE_PROTO_BSDSOCKET_H`
- cmake: detect GNU GSS
- cmake: disable default OpenSSL if BearSSL, GnuTLS or Rustls is enabled
- cmake: do not propagate unused `HAVE_GSSAPI_GSSAPI_KRB5_H` to C
- cmake: drop redundant assignments
- cmake: drop redundant zlib var, rename function (internals)
- cmake: expand CURL_USE_PKGCONFIG to non-cross MINGW
- cmake: fix broken dependency chain for cmdline-opts, tidy-ups
- cmake: make `test-ci` target skip building dependencies
- cmake: readd `generate-curl.1` dependency for `src` just in case
- cmake: replace `check_include_file_concat()` for LDAP and GSS detection
- cmake: require quictls (or fork) when using msh3 on non-Windows
- cmake: separate target for examples, optimize CI, fix fallouts
- cmake: set version for `project()` and add CPack support
- cmake: stop adding dependency headers to global `CMAKE_REQUIRED_INCLUDES`
- cmake: sync torture test parallelism with autotools
- cmake: tidy-ups and rebase fixups
- cmake: untangle feature detection interdependencies
- cmake: use OpenSSL for LDAP detection only if available
- configure: add GSS to `libcurl.pc` `Depends:`
- configure: catch Apple in more target triplets
- configure: drop duplicate feature checks for `poll()`, `if_nametoindex()`
- configure: drop unused bare `socket.h` detection
- configure: improve help string for some options
- conncache: find bundle again in case it is removed
- conncache: more efficient implementation of cpool_remove_bundle
- cookie: overhaul and cleanup
- curl-rustls.m4: set linker flags to allow rustls build on macos
- curl.h: remove the struct pointer for CURL/CURLSH/CURLM typedefs
- curl: add build options for safe/no CA bundle search (Windows)
- curl_trc: fix build with verbose messages disabled
- curl_url_set.md: document HOST handling when URL is parsed
- CURLMOPT_PIPELINING.md: clarify that CURLPIPE_NOTHING is not default
- CURLOPT_APPEND.md: goes for SFTP as well
- CURLOPT_HEADERFUNCTION.md: do not modify the passed in buffer
- DISABLED: disable test 1060 with hyper
- DISTROS: avoid use of "very"
- docs/cmdline-opts: GnuTLS supports PKCS#11 URI in --cert option
- ech: spelling, whitespace, say `--ech` default config
- ftp: fix 0-length last write on upload from stdin
- ftp: move listen handling to socket filter
- GHA: optimize test prereq steps
- gnutls: use session cache for QUIC
- hsts: avoid the local buffer and memcpy on lookup
- hsts: improve subdomain handling
- http2: auto reset stream on server eos
- http_aws_sigv4: avoid local buffer and strcpy
- INSTALL-CMAKE.md: mention focus on shared libraries
- INSTALL.md: fix a typo that slipped in to RISC OS
- json.md: cli-option `--json` is an alias of `--data-binary`
- lib, src, tests: added space around ternary expressions
- lib/cw-out: initialize 'flush_all' directly
- lib/src: white space edits to comply better with code style
- lib: avoid assigning 'result' temporarily
- lib: fix disabled-verbose-strings + enable-debug build warnings
- lib: fix unity builds with BearSSL, MSH3, Quiche, OmniOS
- lib: move curl_path.[ch] into vssh/
- lib: remove function pointer typecasts for hmac/sha256/md5
- lib: use bool/TRUE/FALSE properly
- libcurl/opts: improve phrasing for connection cap related options
- libssh.c: handle EGAINS during proto-connect correctly
- libssh2: put the readdir buffers into struct
- libssh2: use the Curl_* memory functions to avoid memdebug
- libssh2: use the filename buffer when getting the homedir
- libtests: generate the lib1521 atomically
- mbedTLS: fix handling of TLSv1.3 sessions
- multi.c: make stronger check for paused transfer before asserting
- multi.c: warn/assert on stall only without timer
- multi: avoid reading whole struct pointer from pointer
- multi: convert Curl_follow to static multi_follow
- multi: make curl_multi_cleanup invalidate magic latter
- multi: make multi_handle_timeout use the connect timeout
- negotiate: conditional check around GSS & SSL specific code
- netrc: cache the netrc file in memory
- openssl quic: populate x509 store before handshake
- openssl: convert a memcpy to dynbuf use
- openssl: improve retries on shutdown
- openssl: remove two strcpy() calls
- packages/OS400/curlmain: remove the strncpy calls
- processhelp.pm: improve taskkill calls (Windows)
- pytest: improve pytest_07_42a reliability
- pytest: include `buildinfo.txt` in the output
- quic: use send/recvmmsg when available
- request: on shutdown send, proceed normally on timeout
- runtests.md: suggest a value for -j for torture tests
- runtests: drop unused code for old/classic-mingw support
- select: use poll() if existing, avoid poll() with no sockets
- sendf: add condition to max-filesize check
- server/mqttd: fix two memory leaks
- setopt: avoid superfluous length checks before strcmp()
- singleuse: make `git grep` faster, add Apple `nm` support
- smb: do not redefine `getpid` on Windows
- smb: replace use of strcpy() with snprintf()
- socks_gssapi: switch to dynbuf from buffer with strcpy
- source: avoid use of 'very' in comments
- src: guard for double declaration of `curl_ca_embed` in unity builds
- sws: fix unused static function with `TCP_NODELAY` undefined
- telnet: avoid two strcpy() by pointing to the strings instead
- test1035: convert host name back to utf8 as should be
- test1515: add tracing and more debug info
- test1540: add debug logging
- test190: replace %FTPTIME2 with a fixed value
- test1915: add tracing and connect timeout
- test1915: remove wrong comment
- test2502: add libtest debug tracing
- test504: fix handling on pending connect
- testrun: explicitly set proper IP address for stunnel listen/connect
- tests/http: fix ubuntu GnuTLS CI failures
- tests/server/util.c: remove use of strncpy
- tests/valgrind.pm: fix warnings with no valgrind report to show
- tests/valgrind.supp: remove a travis suppression, add a Debian
- tests: add and use `%PERL` variable to refer to the Perl binary
- tests: add codeset-utf8 as a feature
- tests: add file: tests with existing files
- tests: allow pytests to run in out-of-tree builds
- tests: capture stdin to get the vsftpd version number
- tests: change Python code style to pass ruff checks
- tests: check http/2 and http/3 server responsiveness
- tests: delete duplicate macro check
- tests: enable additional ruff Python lint options
- tests: fix `%POSIX_PWD` on native Windows Perl
- tests: fix callback signatures to please UndefinedBehaviorSanitizer
- tests: fix keyword for test1411
- tests: fix shell quoting on native Windows Perl
- tests: fix some Python typing issues
- tests: fixup `checkcmd` `PATH` on non-unixy platforms
- tests: improve mqtt server handling
- tests: introduce %CLIENT6IP-NB
- tests: let openssl generate random cert serials
- tests: libtests and unit tests need explicit #include memdebug
- tests: make precheck for HTTP on 127.0.0.1 into a feature
- tests: Only log warnings or worse by default in smbserver
- tests: postcheck is now in verify
- tests: remove all valgrind disable instructions
- tests: remove debug requirement on 38 tests
- tests: remove the %FTPTIME3 variable
- tests: replace `%PWD` with `%FILE_PWD` for `file://`
- tests: replace `%PWD` with `%SSH_PWD` in SCP/SFTP tests
- tests: replace hard-coded `/dev/null` with variable
- tests: simplify `pathhelp.pm`, avoid using external tools
- tests: speed up builds with single-binary test bundles
- tests: testrunner fairness
- tests: testrunner reliability improvements
- tests: use '-4' where needed
- tftp: avoid two memcpy/strcpy
- tidy-up: rename CURL_WINDOWS_APP to CURL_WINDOWS_UWP
- tool: support --show-headers AND --remote-header-name
- tool_doswin: simplify; remove unused options and strncpy calls
- tool_getparam: replace two uses of strncpy(), ban strncpy
- tool_operate: make --skip-existing work for --parallel
- tool_operate: reuse the schannel backend check
- tool_xattr: create the user.creator xattr attribute
- unit1660: fix unreachable code warning in no-SSL builds
- url: connection reuse on h3 connections
- url: use same credentials on redirect
- urlapi: drop unused header
- urlapi: normalize the IPv6 address
- vquic: fix compiler warning with gcc + MUSL
- vtls: convert Curl_pin_peer_pubkey to use dynbuf
- vtls: convert pubkey_pem_to_der to use dynbuf
- warnless: remove curlx_sktosi and curlx_sitosk
- winbuild/README: document how to clean a build
- wolfssl: convert malloc + memcpys to dynbuf for cipher string
- wolfSSL: fix handling of TLSv1.3 sessions
- wolfssl: use old version API without openssl extra
Contributors:
ad-chaos on github, Aki Sakurai, Baruch Siach, Chris Stubbs, Colton Willey, Dan Fandrich, Daniel Stenberg, Denis Goleshchikhin, Deniz Sökmen, dependabot[bot], Emanuel Komínek, Gabriel Marin, Ian Spence, jkamp-aws on github, Jon Rumsey, Kai Pastor, lomberd2 on github, MacKenzie, Michael Kaufmann, Montg0mery on github, Moritz Knüsel, Nemos2024 on github, newfunction, Nicolas George, Pavel Kropachev, Pierre-Etienne Meunier, ralfjunker on github, Rasmus Melchior Jacobsen, Ray Satiro, renovate[bot], Sebastian Walz, Stefan Eissing, Tal Regev, Tatsuhiro Tsujikawa, Tobias Bora, Tobias Wendorff, Venkat Krishna R, Viktor Szakats, Vollstrecker on github, vvb2060 on github, zjyhjqs