curl-library
Fwd: Re: [RELEASE] curl 7.56.0
Date: Thu, 12 Oct 2017 23:05:34 +0200
My bad - sent to wrong list.
Now to the correct list! :)
-------- Forwarded Message --------
Subject: Re: [RELEASE] curl 7.56.0
Date: Thu, 12 Oct 2017 19:10:53 +0200
From: Michael Felt <michael_at_felt.demon.nl>
To: Daniel Stenberg <daniel_at_haxx.se>, sudo-workers_at_sudo.ws
On 12/10/2017 18:04, Michael Felt wrote:
> On 04/10/2017 08:06, Daniel Stenberg wrote:
>> Hi friends!
>>
>> Another release is out. This time with some intersting news, 89
>> bugfixes and a special attention on the security vulnerability (see
>> separate mail).
>>
>> Download curl as always from https://curl.haxx.se/
>>
> FYI: I do not remember a dependency on gmake aka GNU make before.
>
> b) still looking, but get this error:
> "/usr/include/openssl/crypto.h", line 518.44: 1506-275 (S) Unexpected
> text free_func encountered.
> "/usr/include/openssl/crypto.h", line 523.47: 1506-275 (S) Unexpected
> text free_func encountered.
> "/usr/include/openssl/asn1.h", line 925.46: 1506-275 (S) Unexpected
> text free_func encountered.
> "/usr/include/openssl/asn1.h", line 1079.49: 1506-275 (S) Unexpected
> text free_func encountered.
> "/usr/include/openssl/objects.h", line 1009.31: 1506-275 (S)
> Unexpected text free_func encountered.
> "/usr/include/openssl/ec.h", line 858.41: 1506-275 (S) Unexpected text
> free_func encountered.
> "/usr/include/openssl/ec.h", line 870.44: 1506-275 (S) Unexpected text
> free_func encountered.
p.s. I just did a make clean; make of curl-7.54.1 - and no errors - so
something in the curl-code is making life interesting for/to me.
I cannot compare with 7.55 - as I was never able to get that to build
either.
The lowest level message I can get re: free_text shows up in:
"/usr/include/openssl/crypto.h", line 366.14: 1506-455 (I)
defined(CRYPTO_MDEBUG_ALL) evaluates to 0.
"/usr/include/openssl/crypto.h", line 366.43: 1506-455 (I)
defined(CRYPTO_MDEBUG_TIME) evaluates to 0.
"/usr/include/openssl/crypto.h", line 366.73: 1506-455 (I)
defined(CRYPTO_MDEBUG_THREAD) evaluates to 0.
"/usr/include/openssl/crypto.h", line 366.3: 1506-454 (I) if condition
evaluates to 0.
"/usr/include/openssl/crypto.h", line 366.3: 1506-464 (I) Begin skipping
tokens.
"/usr/include/openssl/crypto.h", line 367.4: 1506-460 (I) ifndef nesting
level is 11.
"/usr/include/openssl/crypto.h", line 369.4: 1506-460 (I) endif nesting
level is 11.
"/usr/include/openssl/crypto.h", line 370.3: 1506-460 (I) endif nesting
level is 10.
"/usr/include/openssl/crypto.h", line 370.3: 1506-456 (I) Stop skipping
tokens.
"/usr/include/openssl/crypto.h", line 428.44: 1506-492 (I) Redefinition
of free_func hides previous definition.
"/usr/include/openssl/crypto.h", line 477.3: 1506-460 (I) ifndef nesting
level is 10.
"/usr/include/openssl/crypto.h", line 477.3: 1506-454 (I) ifndef
condition evaluates to 1.
"/usr/include/openssl/crypto.h", line 481.3: 1506-460 (I) endif nesting
level is 10.
"/usr/include/openssl/crypto.h", line 518.44: 1506-275 (S) Unexpected
text free_func encountered.
"/usr/include/openssl/crypto.h", line 523.47: 1506-275 (S) Unexpected
text free_func encountered.
"http_ntlm.lst" The cursor is at line 8118 of 16207 --50%-- .
rmichael_at_x071:[/data/prj/aixtools]ls -l curl*/lib/http*lst
-rw-r--r-- 1 root felt 1393402 Oct 12 16:50 curl-7.54.1/lib/http_ntlm.lst
-rw-r--r-- 1 root felt 1391345 Oct 12 16:54 curl-7.56.0/lib/http_ntlm.lst
I can send the entire diff of the two files - but what might be
interesting is:
-"/usr/include/sys/stat.h", line 63.14: 1506-455 (I)
defined(_LARGE_FILES) evaluates to 0.
-"/usr/include/sys/stat.h", line 63.40: 1506-455 (I) defined(_KERNEL)
evaluates to 0.
-"/usr/include/sys/stat.h", line 63.2: 1506-454 (I) if condition
evaluates to 1.
+"/usr/include/sys/stat.h", line 63.14: 1506-455 (I)
defined(_LARGE_FILES) evaluates to 1.
+"/usr/include/sys/stat.h", line 63.2: 1506-454 (I) if condition
evaluates to 0.
+"/usr/include/sys/stat.h", line 63.2: 1506-464 (I) Begin skipping tokens.
"/usr/include/sys/stat.h", line 73.2: 1506-460 (I) ifdef nesting level
is 8.
-"/usr/include/sys/stat.h", line 73.2: 1506-454 (I) ifdef condition
evaluates to 0.
-"/usr/include/sys/stat.h", line 73.2: 1506-464 (I) Begin skipping tokens.
"/usr/include/sys/stat.h", line 76.2: 1506-460 (I) else nesting level
is 8.
-"/usr/include/sys/stat.h", line 76.2: 1506-456 (I) Stop skipping tokens.
"/usr/include/sys/stat.h", line 78.2: 1506-460 (I) endif nesting level
is 8.
"/usr/include/sys/stat.h", line 81.2: 1506-460 (I) ifdef nesting level
is 8.
-"/usr/include/sys/stat.h", line 81.2: 1506-454 (I) ifdef condition
evaluates to 0.
-"/usr/include/sys/stat.h", line 81.2: 1506-464 (I) Begin skipping tokens.
"/usr/include/sys/stat.h", line 86.2: 1506-460 (I) else nesting level
is 8.
-"/usr/include/sys/stat.h", line 86.2: 1506-456 (I) Stop skipping tokens.
"/usr/include/sys/stat.h", line 89.2: 1506-460 (I) endif nesting level
is 8.
"/usr/include/sys/stat.h", line 94.2: 1506-460 (I) ifndef nesting
level is 8.
-"/usr/include/sys/stat.h", line 94.2: 1506-454 (I) ifndef condition
evaluates to 0.
-"/usr/include/sys/stat.h", line 94.2: 1506-464 (I) Begin skipping tokens.
"/usr/include/sys/stat.h", line 96.2: 1506-460 (I) else nesting level
is 8.
-"/usr/include/sys/stat.h", line 96.2: 1506-456 (I) Stop skipping tokens.
"/usr/include/sys/stat.h", line 98.2: 1506-460 (I) endif nesting level
is 8.
"/usr/include/sys/stat.h", line 116.2: 1506-460 (I) ifdef nesting
level is 8.
-"/usr/include/sys/stat.h", line 116.2: 1506-454 (I) ifdef condition
evaluates to 1.
"/usr/include/sys/stat.h", line 119.2: 1506-460 (I) endif nesting
level is 8.
"/usr/include/sys/stat.h", line 122.2: 1506-460 (I) endif nesting
level is 7.
+"/usr/include/sys/stat.h", line 122.2: 1506-456 (I) Stop skipping tokens.
"/usr/include/sys/stat.h", line 124.2: 1506-460 (I) ifdef nesting
level is 7.
"/usr/include/sys/stat.h", line 124.2: 1506-454 (I) ifdef condition
evaluates to 0.
"/usr/include/sys/stat.h", line 124.2: 1506-464 (I) Begin skipping tokens.
@@ -3971,21 +3960,20 @@
"/usr/include/sys/stat.h", line 167.2: 1506-460 (I) endif nesting
level is 7.
"/usr/include/sys/stat.h", line 167.2: 1506-456 (I) Stop skipping tokens.
"/usr/include/sys/stat.h", line 170.2: 1506-460 (I) if nesting level is 7.
-"/usr/include/sys/stat.h", line 170.13: 1506-455 (I)
defined(_LARGE_FILES) evaluates to 0.
-"/usr/include/sys/stat.h", line 170.38: 1506-455 (I)
defined(_LARGE_FILE_API) evaluates to 1.
+"/usr/include/sys/stat.h", line 170.13: 1506-455 (I)
defined(_LARGE_FILES) evaluates to 1.
Question: is the processing of _LARGE_FILES during configure changed?
I do not notice anything 'exciting' when I compare the two Makefiles
using diff -u
Maybe you have something you would like to look at - I could add an
attachment later.
Michael
>
> I do not think it is the version of openssl (this is 1.0.2j)
>
> root_at_x064:[/data/prj/aixtools/curl-7.56.0]lslpp -w | grep openssl.h
> /usr/include/openssl/hmac.h openssl.base File
> root_at_x064:[/data/prj/aixtools/curl-7.56.0]lslpp -w
> "/usr/include/openssl/crypto.h"
> File Fileset Type
> ----------------------------------------------------------------------------
>
> /usr/include/openssl/crypto.h openssl.base File
> root_at_x064:[/data/prj/aixtools/curl-7.56.0]lslpp -L openssl.base
> Fileset Level State Type Description
> (Uninstaller)
> ----------------------------------------------------------------------------
>
> openssl.base 1.0.2.1000 C F Open Secure Socket
> Layer
>
>
> +511 /*
> +512 * CRYPTO_set_mem_functions includes
> CRYPTO_set_locked_mem_functions -- call
> +513 * the latter last if you need different functions
> +514 */
> +515 int CRYPTO_set_mem_functions(void *(*m) (size_t), void *(*r)
> (void *, size_t),
> +516 void (*f) (void *));
> +517 int CRYPTO_set_locked_mem_functions(void *(*m) (size_t),
> +518 void (*free_func) (void *));
> +519 int CRYPTO_set_mem_ex_functions(void *(*m) (size_t, const char
> *, int),
> +520 void *(*r) (void *, size_t,
> const char *,
> +521 int), void (*f)
> (void *));
> +522 int CRYPTO_set_locked_mem_ex_functions(void *(*m) (size_t,
> const char *, int),
> +523 void (*free_func) (void
> *));
> "/usr/include/openssl/crypto.h" The cursor is at line 523 of 677
> --77%-- .
>
>> Curl and libcurl 7.56.0
>>
>> Public curl releases: 169
>> Command line options: 211
>> curl_easy_setopt() options: 249
>> Public functions in libcurl: 74
>> Contributors: 1618
>>
>> This release includes the following changes:
>>
>> o curl: enable compression for SCP/SFTP with --compressed-ssh [11]
>> o libcurl: enable compression for SCP/SFTP with
>> CURLOPT_SSH_COMPRESSION [11]
>> o vtls: added dynamic changing SSL backend with curl_global_sslset()
>> [28]
>> o new MIME API, curl_mime_init() and friends [32]
>> o openssl: initial SSLKEYLOGFILE implementation [36]
>>
>> This release includes the following bugfixes:
>>
>> o FTP: zero terminate the entry path even on bad input [67]
>> o examples/ftpuploadresume.c: use portable code
>> o runtests: match keywords case insensitively
>> o travis: build the examples too [1]
>> o strtoofft: reduce integer overflow risks globally [2]
>> o zsh.pl: produce a working completion script again [3]
>> o cmake: remove dead code for CURL_DISABLE_RTMP [4]
>> o progress: Track total times following redirects [5]
>> o configure: fix --disable-threaded-resolver [6]
>> o cmake: remove dead code for DISABLED_THREADSAFE [7]
>> o configure: fix clang version detection
>> o darwinssi: fix error: variable length array used
>> o travis: add metalink to some osx builds [8]
>> o configure: check for __builtin_available() availability [9]
>> o http_proxy: fix build error for CURL_DOES_CONVERSIONS [10]
>> o examples/ftpuploadresume: checksrc compliance
>> o ftp: fix CWD when doing multicwd then nocwd on same connection [12]
>> o system.h: remove all CURL_SIZEOF_* defines [13]
>> o http: Don't wait on CONNECT when there is no proxy [14]
>> o system.h: check for __ppc__ as well [15]
>> o http2_recv: return error better on fatal h2 errors [16]
>> o scripts/contri*sh: use "git log --use-mailmap"
>> o tftp: fix memory leak on too long filename [17]
>> o system.h: fix build for hppa [18]
>> o cmake: enable picky compiler options with clang and gcc [19]
>> o makefile.m32: add support for libidn2 [20]
>> o curl: turn off MinGW CRT's globbing [21]
>> o request-target.d: mention added in 7.55.0
>> o curl: shorten and clean up CA cert verification error message [22]
>> o imap: support PREAUTH [23]
>> o CURLOPT_USERPWD.3: see also CURLOPT_PROXYUSERPWD
>> o examples/threaded-ssl: mention that this is for openssl before 1.1
>> o winbuild: fix embedded manifest option [24]
>> o tests: Make sure libtests & unittests call curl_global_cleanup()
>> o system.h: include sys/poll.h for AIX [25]
>> o darwinssl: handle long strings in TLS certs [26]
>> o strtooff: fix build for systems with long long but no strtoll [27]
>> o asyn-thread: Improved cleanup after OOM situations
>> o HELP-US.md: "How to get started helping out in the curl project" [29]
>> o curl.h: CURLSSLBACKEND_WOLFSSL used wrong value [30]
>> o unit1301: fix error message on first test
>> o ossfuzz: moving towards the ideal integration [31]
>> o http: fix a memory leakage in checkrtspprefix()
>> o examples/post-callback: stop returning one byte at a time
>> o schannel: return CURLE_SSL_CACERT on failed verification [33]
>> o MAIL-ETIQUETTE: added "1.9 Your emails are public"
>> o http-proxy: treat all 2xx as CONNECT success [34]
>> o openssl: use OpenSSL's default ciphers by default [35]
>> o runtests.pl: support attribute "nonewline" in part verify/upload
>> o configure: remove --enable-soname-bump and SONAME_BUMP [37]
>> o travis: add c-ares enabled builds linux + osx [38]
>> o vtls: fix WolfSSL 3.12 build problems [39]
>> o http-proxy: when not doing CONNECT, that phase is done immediately
>> [40]
>> o configure: fix curl_off_t check's include order [41]
>> o configure: use -Wno-varargs on clang 3.9[.X] debug builds
>> o rtsp: do not call fwrite() with NULL pointer FILE * [42]
>> o mbedtls: enable CA path processing [43]
>> o travis: add build without HTTP/SMTP/IMAP
>> o checksrc: verify more code style rules [44]
>> o HTTP proxy: on connection re-use, still use the new remote port [45]
>> o tests: add initial gssapi test using stub implementation [46]
>> o rtsp: Segfault when using WRITEDATA [47]
>> o docs: clarify the CURLOPT_INTERLEAVE* options behavior
>> o non-ascii: use iconv() with 'char **' argument [48]
>> o server/getpart: provide dummy function to build conversion enabled
>> o conversions: fix several compiler warnings
>> o openssl: add missing includes [49]
>> o schannel: Support partial send for when data is too large [50]
>> o socks: fix incorrect port number in SOCKS4 error message [51]
>> o curl: fix integer overflow in timeout options [52]
>> o travis: on mac, don't install openssl or libidn [53]
>> o cookies: reject oversized cookies instead of truncating [54]
>> o cookies: use lock when using CURLINFO_COOKIELIST [55]
>> o curl: check fseek() return code and bail on error
>> o examples/post-callback: use long for CURLOPT_POSTFIELDSIZE
>> o openssl: only verify RSA private key if supported [56]
>> o tests: make the imap server not verify user+password [57]
>> o imap: quote atoms properly when escaping characters [58]
>> o tests: fix a compiler warning in test 643
>> o file_range: avoid integer overflow when figuring out byte range [59]
>> o curl.h: include <sys/select.h> on cygwin too [60]
>> o reuse_conn: don't copy flags that are known to be equal [61]
>> o http: fix adding custom empty headers to repeated requests [62]
>> o docs: clarify the use of environment variables for proxy [63]
>> o docs: link CURLOPT_CONNECTTIMEOUT and CURLOPT_CONNECTTIMEOUT_MS [64]
>> o connect: fix race condition with happy eyeballs timeout [65]
>> o cookie: fix memory leak if path was set twice in header [66]
>> o vtls: compare and clone ssl configs properly [68]
>> o proxy: read the "no_proxy" variable only if necessary [69]
>>
>> This release includes the following known bugs:
>>
>> o see docs/KNOWN_BUGS (https://curl.haxx.se/docs/knownbugs.html)
>>
>> This release would not have looked like this without help, code,
>> reports and
>> advice from friends like these:
>>
>> Anders Bakken, Andrei Karas, Benbuck Nason, Ben Greear, Benjamin
>> Sergeant,
>> Bill Pyne, Brian Carpenter, Dan Fandrich, Daniel Stenberg, David
>> Benjamin,
>> Dirk Feytons, Even Rouault, Frank Denis, Gergely Nagy, Gisle Vanem,
>> Ian Fette, imilli on github, Isaac Boukris, Jackarain on github,
>> Jakub Zakrzewski, Jan Alexander Steffens, Johannes Schindelin,
>> John David Anglin, joshhe on github, Kamil Dudka, Kevin Smith,
>> Lawrence Wagerfield, Maksim Stsepanenka, Marc Aldorasi, Marcel Raad,
>> Max Dymond, Michael Kaufmann, Michael Smith, Nick Zitzmann,
>> Nicolas Morey-Chaisemartin, Oli Kingshott, Patrick Monnerat, Pavel P,
>> Peter Lamare, Peter Wu, Ray Satiro, Rich Gray, Ryan Schmidt, Ryan
>> Winograd,
>> SBKarr on github, Tatsuhiro Tsujikawa, Viktor Szakáts,
>> (47 contributors)
>>
>> Thanks! (and sorry if I forgot to mention someone)
>>
>> References to bug reports and discussions on issues:
>>
>> [1] = https://curl.haxx.se/bug/?i=1777
>> [2] = https://curl.haxx.se/bug/?i=1758
>> [3] = https://curl.haxx.se/bug/?i=1779
>> [4] = https://curl.haxx.se/bug/?i=1785
>> [5] = https://curl.haxx.se/bug/?i=1602
>> [6] = https://curl.haxx.se/bug/?i=1784
>> [7] = https://curl.haxx.se/bug/?i=1786
>> [8] = https://curl.haxx.se/bug/?i=1790
>> [9] = https://curl.haxx.se/bug/?i=1788
>> [10] = https://curl.haxx.se/bug/?i=1793
>> [11] = https://curl.haxx.se/bug/?i=1735
>> [12] = https://curl.haxx.se/bug/?i=1782
>> [13] = https://curl.haxx.se/bug/?i=1767
>> [14] = https://curl.haxx.se/bug/?i=1803
>> [15] = https://curl.haxx.se/bug/?i=1797
>> [16] = https://curl.haxx.se/bug/?i=1021
>> [17] = https://curl.haxx.se/bug/?i=1808
>> [18] = https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=872502#10
>> [19] = https://curl.haxx.se/bug/?i=1799
>> [20] = https://curl.haxx.se/bug/?i=1815
>> [21] = https://curl.haxx.se/bug/?i=1751
>> [22] = https://curl.haxx.se/bug/?i=1810
>> [23] = https://curl.haxx.se/bug/?i=1818
>> [24] = https://curl.haxx.se/bug/?i=1832
>> [25] = https://curl.haxx.se/bug/?i=1828
>> [26] = https://curl.haxx.se/bug/?i=1823
>> [27] = https://curl.haxx.se/bug/?i=1829
>> [28] = https://curl.haxx.se/libcurl/c/curl_global_sslset.html
>> [29] = https://curl.haxx.se/bug/?i=1837
>> [30] = https://curl.haxx.se/mail/lib-2017-08/0120.html
>> [31] = https://curl.haxx.se/bug/?i=1842
>> [32] = https://curl.haxx.se/bug/?i=1839
>> [33] = https://curl.haxx.se/bug/?i=1858
>> [34] = https://curl.haxx.se/bug/?i=1859
>> [35] = https://curl.haxx.se/bug/?i=1846
>> [36] = https://curl.haxx.se/bug/?i=1866
>> [37] = https://curl.haxx.se/bug/?i=1861
>> [38] = https://curl.haxx.se/bug/?i=1868
>> [39] = https://curl.haxx.se/bug/?i=1865
>> [40] = https://curl.haxx.se/bug/?i=1853
>> [41] = https://curl.haxx.se/bug/?i=1870
>> [42] = https://curl.haxx.se/bug/?i=1874
>> [43] = https://curl.haxx.se/bug/?i=1877
>> [44] = https://curl.haxx.se/bug/?i=1878
>> [45] = https://curl.haxx.se/bug/?i=1887
>> [46] = https://curl.haxx.se/bug/?i=1687
>> [47] = https://curl.haxx.se/bug/?i=1880
>> [48] = https://curl.haxx.se/mail/lib-2017-09/0031.html
>> [49] = https://curl.haxx.se/bug/?i=1891
>> [50] = https://curl.haxx.se/bug/?i=1890
>> [51] = https://curl.haxx.se/bug/?i=1892
>> [52] = https://curl.haxx.se/bug/?i=1893
>> [53] = https://curl.haxx.se/bug/?i=1895
>> [54] = https://curl.haxx.se/bug/?i=1894
>> [55] = https://curl.haxx.se/bug/?i=1896
>> [56] = https://curl.haxx.se/bug/?i=1904
>> [57] = https://curl.haxx.se/bug/?i=1902
>> [58] = https://curl.haxx.se/bug/?i=1902
>> [59] = https://curl.haxx.se/bug/?i=1908
>> [60] = https://curl.haxx.se/bug/?i=1925
>> [61] = https://curl.haxx.se/bug/?i=1918
>> [62] = https://curl.haxx.se/bug/?i=1920
>> [63] = https://curl.haxx.se/bug/?i=1921
>> [64] = https://curl.haxx.se/bug/?i=1922
>> [65] = https://curl.haxx.se/bug/?i=1928
>> [66] = https://curl.haxx.se/bug/?i=1932
>> [67] = https://curl.haxx.se/docs/adv_20171004.html
>> [68] = https://curl.haxx.se/bug/?i=1917
>> [69] = https://curl.haxx.se/bug/?i=1919
>>
>>
>> -------------------------------------------------------------------
>> Unsubscribe: https://cool.haxx.se/list/listinfo/curl-library
>> Etiquette: https://curl.haxx.se/mail/etiquette.html
>
>
-------------------------------------------------------------------
Unsubscribe: https://cool.haxx.se/list/listinfo/curl-library
Etiquette: https://curl.haxx.se/mail/etiquette.html
Received on 2017-10-12