cURL / Mailing Lists / curl-library / Single Mail


[RELEASE] curl and libcurl 7.37.0

From: Daniel Stenberg <>
Date: Wed, 21 May 2014 08:22:26 +0200 (CEST)

Hi friends,

As promised and with great joy I offer you our new release. You know where to
get it!

Thank you everyone for this round.

Curl and libcurl 7.37.0

  Public curl releases: 139
  Command line options: 161
  curl_easy_setopt() options: 206
  Public functions in libcurl: 58
  Contributors: 1137

This release includes the following changes:

  o URL parser: IPv6 zone identifiers are now supported
  o CURLOPT_PROXYHEADER: set headers for proxy-only
  o curl: add --proxy-header
  o sasl: Added support for DIGEST-MD5 via Windows SSPI
  o sasl: Added DIGEST-MD5 qop-option validation in native challange handling
  o imap: Expanded mailbox SEARCH support to use URL query strings [7]
  o imap: Extended FETCH support to include PARTIAL URL specifier [7]
  o nss: implement non-blocking SSL handshake
  o build: Reworked Visual Studio project files
  o poll: enable poll on darwin13
  o mk-ca-bundle: added -p
  o libtests: add a wait_ms() function

This release includes the following bugfixes:

  o mkhelp: generate code for --disable-manual as well [1]
  o hostcheck: added a system include to define struct in_addr
  o winbuild: added warnless.c to fix build
  o Makefile.vc6: added warnless.c to fix build
  o smtp: Fixed login denied when server doesn't support AUTH capability [2]
  o smtp: Fixed login denied with a RFC-821 based server [2]
  o curl: stop interpreting IPv6 literals as glob patterns
  o http2: remove _DRAFT09 from the NPN_HTTP2 enum
  o http2: let openssl mention the exact protocol negotiated
  o http2+openssl: fix compiler warnings in ALPN using code
  o ftp: in passive data connect wait for happy eyeballs sockets [3]
  o HTTP: don't send Content-Length: 0 _and_ Expect: 100-continue [4]
  o http2: Compile with current nghttp2, which supports h2-11 [5]
  o http_negotiate_sspi: Fixed compilation when USE_HTTP_NEGOTIATE not defined
  o strerror: fix comment about vxworks' strerror_r buffer size [6]
  o url: only use if_nametoindex() if IFNAMSIZ is available
  o imap: Fixed untagged response detection when no data after command
  o various: fix possible dereference of null pointer
  o various: fix use of uninitialized variable
  o various: fix use of non-null terminated strings
  o telnet.c: check sscanf results before passing them to snprintf
  o parsedate.c: check sscanf result before passing it to strlen
  o sockfilt.c: free memory in case of memory allocation errors
  o sockfilt.c: ignore non-key-events and continue waiting for input
  o sockfilt.c: properly handle disk files, pipes and character input
  o sockfilt.c: fixed getting stuck waiting for MinGW stdin pipe
  o sockfilt.c: clean up threaded approach and add documentation
  o configure: use the nghttp2 path correctly with pkg-config [8]
  o curl_global_init_mem: bump initialized even if already initialized [9]
  o gtls: fix NULL pointer dereference [10]
  o cyassl: Use error-ssl.h when available
  o handler: make 'protocol' always specified as a single bit [11]
  o INFILESIZE: fields in UserDefined must not be changed run-time
  o openssl: biomem->data is not zero terminated
  o config-win32.h: Fixed HAVE_LONGLONG for Visual Studio .NET 2003 and up
  o curl_ntlm_core: Fixed use of long long for VC6 and VC7
  o SNI: strip off a single trailing dot from host name [12]
  o curl: bail on cookie use when built with disabled cookies
  o curl_easy_setopt.3: added the proto for CURLOPT_SSH_KNOWNHOSTS
  o curl_multi_cleanup: ignore SIGPIPE better [13]
  o schannel: don't use the connect-timeout during send [14]
  o mprintf: allow %.s with data not being zero terminated
  o tool_help: Fixed missing --login-options option
  o configure: Don't set LD_LIBRARY_PATH when cross-compiling
  o http: auth failure on duplicated 'WWW-Authenticate: Negotiate' header [15]
  o cacertinmem: fix memory leak [16]
  o lib1506: make sure the transfers are not within the same ms [17]
  o Makefile.b32: Fixed for vtls changes [18]
  o sasl: Fixed missing qop in the client's challenge-response message
  o openssl: unbreak PKCS12 support [19]
  o darwinssl: fix potential crash with a P12 file [20]
  o timers: fix timer regression involving redirects / reconnects [21]
  o CURLINFO_SSL_VERIFYRESULT: made more reliable [22]
  o HTTP: fixed connection re-use [23]
  o configure: add SPNEGO to supported features [24]
  o configure: add GSS-API to supported features [25]
  o ALPN: fix typo in http/1.1 identifier
  o http2: make connection re-use work [26]

This release includes the following known bugs:

  o see docs/KNOWN_BUGS (

This release would not have looked like this without help, code, reports and
advice from friends like these:

   Aaro Koskinen, Cody Mack, Damian Dixon, Dan Fandrich, Daniel Johnson,
   Daniel Stenberg, David Woodhouse, Dilyan Palauzov, Fabian Frank,
   Ivo Bellin Salarin, Jeff King, Jeroen Koekkoek, Jon Torrey, Kamil Dudka,
   Larry Lin, Leon Winter, Maciej Puzio, Marc Hoersken, Michael Osipov,
   Nick Zitzmann, Patrick Watson, Paul Marks, Radu Simionescu, Remi Gacogne,
   Ryan Braud, Steve Holme, Tatsuhiro Tsujikawa, Till Maas, Tom Sparrow,
   Török Edwin, Vijay Panghal,

         Thanks! (and sorry if I forgot to mention someone)

References to bug reports and discussions on issues:

  [1] =
  [2] =
  [3] = (ruined)
  [4] =
  [5] =
  [6] =
  [7] =
  [8] =
  [9] =
  [10] =
  [11] =
  [12] =
  [13] =
  [14] =
  [15] =
  [16] =
  [17] =
  [18] =
  [19] =
  [20] =
  [21] =
  [22] =
  [23] =
  [24] =
  [25] =
  [26] =


List admin:
Received on 2014-05-21