curl and libcurl 8.22.0

 Public curl releases:         276
 Command line options:         274
 curl_easy_setopt() options:   308
 Public functions in libcurl:  100
 Authors:                      1494
 Contributors:                 3745

This release includes the following changes:

 o gssapi: add support for Apple GSS Framework [72]
 o TLS: drop support for TLS-SRP [71]

This release includes the following bugfixes:

 o autotools: minor fixes and improvements [33]
 o build: always use local `inet_pton()`/`inet_ntop()` implementations [56]
 o build: drop superfluous `STDC_HEADERS` macro [51]
 o build: enable thread-safe `getaddrinfo()` for OpenBSD [35]
 o cd2nroff: stricter checks for asterisks for italics [73]
 o cf-ngtcp2-cmn: initialize new callback ptr for ngtcp2 1.24.0+ [52]
 o cmake: dedupe expressions into local vars in `cmake_uninstall.in.cmake` [9]
 o cmake: fix not to build `tunits` when `BUILD_CURL_EXE=OFF` [7]
 o cmake: flatten build tree, tidy up base dir variables [12]
 o cmake: minor improvements to `cmake_uninstall.in.cmake` [54]
 o cmake: replace `remove` command with `rm` and pass arg safely [11]
 o cmake: robustify base path in local file reference [15]
 o cmake: stop probing unused `float.h` for `STDC_HEADERS` [10]
 o configure: fix misleading error messages [42]
 o configure: link `-lcrypt32` instead of `-lm` for wolfSSL on Windows [79]
 o configure: remove double check for GnuTLS [21]
 o configure: set ldap lib to no by default for non-finds [18]
 o conncache: apply multi limits to transfers using a shared pool [41]
 o conncache: connection alive checks intervals [20]
 o content_encoding: give a clear error on multi-member gzip [46]
 o CREDENTIALS.md: remove comment about empty user/pass [50]
 o curl_ws_meta.md: polish and better vocabulary [19]
 o CURLOPT_HEADERFUNCTION.md: document folded header unfolding [53]
 o CURLOPT_SSH_*_KEYFILE: used for setting up, then no more [48]
 o CURLOPT_UNRESTRICTED_AUTH.md: 'Authorization' instead of 'Authentication' [74]
 o CURLSHOPT_(UN)SHARE.md: do not modify shares while in use [44]
 o FTP: fix TLS session reuse on the data connection [80]
 o ftp: reject control bytes in ACCT and alternative-to-user [26]
 o gopher: reject CR and LF in the selector [1]
 o hostip: only cache negative resolves for authoritative answers [16]
 o http: trim custom header name before the Authorization drop [17]
 o INSTALL.md: add building-from-source overview section [29]
 o ldap: support insecure mode for Windows native LDAP [3]
 o lib1587: fix gcc `-Wconversion` with LibreSSL on Windows, test in CI [6]
 o lib: add "Curl_" prefix to two global functions [84]
 o lib: fix 'ns' -> 'us' in trace messages [57]
 o lib: ratelimit timestamps [14]
 o mbedtls: replace `memset()` with `psa_hash_operation_init()` [28]
 o mime: reject CR and LF in mail part name and filename [30]
 o mod_curltest: fix compiler warnings [49]
 o mqtt: reject control bytes in the topic [43]
 o multi: forbid curl_easy_pause from within multi socket callback [22]
 o openldap: handle Curl_sasl_continue() returns better [45]
 o openssl+sectrust: fix session reuse [4]
 o openssl+sectrust: move session verified set into result check [82]
 o openssl: drop unused pre-OpenSSL3 `ctx_option_t` typedef [8]
 o openssl: prefer modern API flavors for `EVP_MD_CTX` new/free [47]
 o openssl: replace stray legacy API variant with `EVP_DigestInit_ex()` [27]
 o runtests: restore `-k` option and actively process as no-op [32]
 o sasl: fix zero-length response encoding [36]
 o schannel: shut off experimental TLS 1.3 support for Win 10 [25]
 o scripts: use end-of-options marker in `cd`, `mkdir`, `mv`, `sha256sum` commands [34]
 o setopt: error for CURLOPT_SHARE when easy handle is used [68]
 o setopt: return OK earlier for the deprecated h2 dep options [77]
 o smtp: reject CR and LF in the envelope address [37]
 o sws: allow connection-monitor to log all disconnects [2]
 o test 1560: test RFC4291 style IPv6 IPv4-mapped addresses [40]
 o tests: remove test1701 [58]
 o tests: skip test 311 for wolfSSL 5.9.2 [63]
 o tidy-up: typos, comment nits [60]
 o tool: do not flush on out-null [38]
 o tool: fix memory use in parallel mode [59]
 o tool: init progress bar on demand [39]
 o tool_cb_hdr: de-duplicate filename setter [24]
 o tool_operate: remove call to abort() [23]
 o url: reject control codes in credentials set via CURLOPT [70]
 o urlapi: do not keep an internal port string [31]
 o vquic: add Curl_ prefix to some global functions [76]
 o vssh: keyfile use cleanups [83]
 o VULN-DISCLOSURE-POLICY.md: issues that should be found by tests are LOW [5]
 o wolfssl: fix build for wolfssl without bio chain support [75]
 o ws: pause/unpause write handling [55]

This release includes the following known bugs:

 See https://curl.se/docs/knownbugs.html

For all changes ever done in curl:

 See https://curl.se/changes.html

Planned upcoming removals include:

 o local crypto implementations
 o NTLM
 o SMB

 See https://curl.se/dev/deprecate.html

This release would not have looked like this without help, code, reports and
advice from friends like these:

  Alhuda Khan, Bigtang on hackerone, Bryan Henderson, Christian Ullrich,
  Christoph Reiter, Dan Fandrich, Daniel Stenberg, dependabot[bot],
  ed0d2b2ce19451f2 on github, Emmanuel Ugwu, Eunsoo Kim, firexinghe on github,
  Graham Campbell, Hendrik Hübner, HwangRock, itzTanos29, Joel Depooter,
  Laurent Sabourin, Memduh Çelik, Patrick Monnerat, Ray Satiro, renovate[bot],
  Roger Leigh, Sam James, Samuel Dainard, smaeljaish on hackerone,
  Stefan Eissing, stze on hackerone, Viktor Szakats
  (29 contributors)

References to bug reports and discussions on issues:

 [1] = https://curl.se/bug/?i=22116
 [2] = https://curl.se/bug/?i=22158
 [3] = https://curl.se/bug/?i=22152
 [4] = https://curl.se/bug/?i=22235
 [5] = https://curl.se/bug/?i=22190
 [6] = https://curl.se/bug/?i=22195
 [7] = https://curl.se/bug/?i=22198
 [8] = https://curl.se/bug/?i=22197
 [9] = https://curl.se/bug/?i=22194
 [10] = https://curl.se/bug/?i=22191
 [11] = https://curl.se/bug/?i=22193
 [12] = https://curl.se/bug/?i=22192
 [14] = https://curl.se/bug/?i=22292
 [15] = https://curl.se/bug/?i=22187
 [16] = https://curl.se/bug/?i=22302
 [17] = https://curl.se/bug/?i=22178
 [18] = https://curl.se/bug/?i=22308
 [19] = https://curl.se/bug/?i=22233
 [20] = https://curl.se/bug/?i=22169
 [21] = https://curl.se/bug/?i=22307
 [22] = https://curl.se/bug/?i=22179
 [23] = https://curl.se/bug/?i=22182
 [24] = https://curl.se/bug/?i=22232
 [25] = https://curl.se/bug/?i=22231
 [26] = https://curl.se/bug/?i=22301
 [27] = https://curl.se/bug/?i=22222
 [28] = https://curl.se/bug/?i=22220
 [29] = https://curl.se/bug/?i=22113
 [30] = https://curl.se/bug/?i=22247
 [31] = https://curl.se/bug/?i=22167
 [32] = https://curl.se/bug/?i=22100
 [33] = https://curl.se/bug/?i=22154
 [34] = https://curl.se/bug/?i=22150
 [35] = https://curl.se/bug/?i=22148
 [36] = https://curl.se/bug/?i=22218
 [37] = https://curl.se/bug/?i=22119
 [38] = https://curl.se/bug/?i=22165
 [39] = https://curl.se/bug/?i=22164
 [40] = https://curl.se/bug/?i=22136
 [41] = https://curl.se/bug/?i=22265
 [42] = https://curl.se/bug/?i=22300
 [43] = https://curl.se/bug/?i=22112
 [44] = https://curl.se/bug/?i=22217
 [45] = https://curl.se/bug/?i=22213
 [46] = https://curl.se/bug/?i=22156
 [47] = https://curl.se/bug/?i=22219
 [48] = https://curl.se/bug/?i=22211
 [49] = https://curl.se/bug/?i=22214
 [50] = https://curl.se/bug/?i=22212
 [51] = https://curl.se/bug/?i=22206
 [52] = https://curl.se/bug/?i=22205
 [53] = https://curl.se/bug/?i=22296
 [54] = https://curl.se/bug/?i=22201
 [55] = https://curl.se/bug/?i=22273
 [56] = https://curl.se/bug/?i=22170
 [57] = https://curl.se/bug/?i=22200
 [58] = https://curl.se/bug/?i=22280
 [59] = https://curl.se/bug/?i=22277
 [60] = https://curl.se/bug/?i=22294
 [63] = https://curl.se/bug/?i=22286
 [68] = https://curl.se/bug/?i=22253
 [70] = https://curl.se/bug/?i=22236
 [71] = https://curl.se/bug/?i=21965
 [72] = https://curl.se/bug/?i=22052
 [73] = https://curl.se/bug/?i=22257
 [74] = https://curl.se/bug/?i=22256
 [75] = https://curl.se/bug/?i=22255
 [76] = https://curl.se/bug/?i=22254
 [77] = https://curl.se/bug/?i=22250
 [79] = https://curl.se/bug/?i=22251
 [80] = https://curl.se/bug/?i=22225
 [82] = https://curl.se/bug/?i=22248
 [83] = https://curl.se/bug/?i=22243
 [84] = https://curl.se/bug/?i=22245
