diff options
| author | dartraiden <wowemuh@gmail.com> | 2020-05-02 22:10:12 +0300 |
|---|---|---|
| committer | dartraiden <wowemuh@gmail.com> | 2020-05-02 22:10:12 +0300 |
| commit | e963209266bbf3809cb8b44740de1b61e58f9ace (patch) | |
| tree | 2ade22dff252aecfbd298b40e86b81182bba8dbc /libs/libcurl/docs/CHANGES | |
| parent | e59cb2e8ac2d6c21016f773f0f26148343a5839c (diff) | |
libcurl: update to 7.70.0
Diffstat (limited to 'libs/libcurl/docs/CHANGES')
| -rw-r--r-- | libs/libcurl/docs/CHANGES | 3612 |
1 files changed, 1814 insertions, 1798 deletions
diff --git a/libs/libcurl/docs/CHANGES b/libs/libcurl/docs/CHANGES index 2862b0eeb9..de44c16641 100644 --- a/libs/libcurl/docs/CHANGES +++ b/libs/libcurl/docs/CHANGES @@ -6,6 +6,1819 @@ Changelog +Version 7.70.0 (29 Apr 2020) + +Daniel Stenberg (29 Apr 2020) +- RELEASE-NOTES: 7.70.0 + +- THANKS: synced with the 7.70.0 release + +- headers: copyright range fix + +- [Rikard Falkeborn brought this change] + + doh: Constify some input pointers + + Closes #5306 + +- nss: check for PK11_CreateDigestContext() returning NULL + + ... to avoid crashes! + + Reported-by: Hao Wu + Fixes #5302 + Closes #5303 + +- travis: bump the wolfssl CI build to use 4.4.0 + + Closes #5301 + +- copyright updates: adjust year ranges + +Marc Hoersken (26 Apr 2020) +- CI: do not include */ci branches in PR builds + + Align Azure Pipelines with GitHub Actions. + +Daniel Stenberg (25 Apr 2020) +- runtests: check for the disabled tests relative srcdir + + To make it work correctly for out-of-tree builds. + + Follow-up to 75e8feb6fb08b + + Bug: https://github.com/curl/curl/pull/5288#issuecomment-619346389 + Reported-by: Marcel Raad + Closes #5297 + +- runtests: revert commenting out a line I did for debugging + + Follow-up to 11091cd4d. It was not meant to be pushed! + +- smtp: set auth correctly + + Regression since 7.69.0 and 68fb25fa3fcff. + + The code wrongly assigned 'from' instead of 'auth' which probably was a + copy and paste mistake from other code, leading to that auth could + remain NULL and later cause an error to be returned. + + Assisted-by: Eric Sauvageau + Fixes #5294 + Closes #5295 + +Marcel Raad (25 Apr 2020) +- lib: clean up whitespace + + This fixes CodeFactor warnings. + +Daniel Stenberg (25 Apr 2020) +- [Anderson Toshiyuki Sasaki brought this change] + + libssh: avoid options override by configuration files + + Previously, options set explicitly through command line options could be + overridden by the configuration files parsed automatically when + ssh_connect() was called. + + By calling ssh_options_parse_config() explicitly, the configuration + files are parsed before setting the options, avoiding the options + override. Once the configuration files are parsed, the automatic + configuration parsing is not executed. + + Fixes #4972 + Closes #5283 + Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com> + +- runtests: when <killserver> mentions http, kill http/2 too + + Since the http2 test server is a mere proxy that needs to know about the + dynamic port the HTTP server is using, it too needs to get restarted + when the http server is killed. + + A regression caused by 80d6515. + + Fixes #5289 + Closes #5291 + +- [Yuri Slobodyanyuk brought this change] + + docs: fix two typos + + Closes #5292 + +- [Emil Engler brought this change] + + tests/git: ignore mqttd and port files + + Closes #5290 + +- tests: make runtests check that disabled tests exists + + ... and error out if so. Removed '536' from DISABLED as there is no such + test file. + + Closes #5288 + +- test1154: set a proper name + +- select: make Curl_socket_check take timediff_t timeout + + Coverity found CID 1461718: + + Integer handling issues (CONSTANT_EXPRESSION_RESULT) "timeout_ms > + 9223372036854775807L" is always false regardless of the values of its + operands. This occurs as the logical second operand of "||". + + Closes #5240 + +- [i-ky brought this change] + + libcurl-multi.3: added missing full stop + + Closes #5285 + +Jay Satiro (22 Apr 2020) +- transfer: Switch PUT to GET/HEAD on 303 redirect + + Prior to this change if there was a 303 reply to a PUT request then + the subsequent request to respond to that redirect would also be a PUT. + It was determined that was most likely incorrect based on the language + of the RFCs. Basically 303 means "see other" resource, which implies it + is most likely not the same resource, therefore we should not try to PUT + to that different resource. + + Refer to the discussions in #5237 and #5248 for more information. + + Fixes https://github.com/curl/curl/issues/5237 + Closes https://github.com/curl/curl/pull/5248 + +Daniel Stenberg (22 Apr 2020) +- lib/mk-ca-bundle: skip empty certs + + Reviewed-by: Emil Engler + Reported-by: Ashwin Metpalli + Fixes #5278 + Closes #5280 + +- version: skip idn2_check_version() check and add precaution + + A gcc-10's -fanalyze complaint made me spot and do these improvements. + + Closes #5281 + +- RELEASE-NOTES: synced + +- [Brian Bergeron brought this change] + + curl.h: update comment typo + + "routines with be invoked" -> "routines will be invoked" + + Closes #5279 + +- [Emil Engler brought this change] + + GnuTLS: Don't skip really long certificate fields + + Closes #5271 + +- gnutls: bump lowest supported version to 3.1.10 + + GnuTLS 3.1.10 added new functions we want to use. That version was + released on Mar 22, 2013. Removing support for older versions also + greatly simplifies the code. + + Ref: #5271 + Closes #5276 + +- mqtt: make NOSTATE get within the debug name array + +- tests: run the RTSP test server on a dynamic port number + + To avoid port collisions. + + Closes #5272 + +- tests: add %NOLISTENPORT and use it + + The purpose with this variable is to provide a port number that is + reasonably likely to not have a listener on the local host so that tests + can try connect failures against it. It uses port 47 - "reserved" + according to IANA. + + Updated six tests to use it instead of the previous different ports. + + Assisted-by: Emil Engler + Closes #5270 + +- mqtt: remove code with no purpose + + Detected by Coverity. CID 1462319. + + "The same code is executed when the condition result is true or false, + because the code in the if-then branch and after the if statement is + identical." + + Closes #5275 + +- mqtt: fix Curl_read() error handling while reading remaining length + + Detected by Coverity. CID 1462320. + + Closes #5274 + +- server/tftpd: fix compiler warning + + Follow-up from 369ce38ac1d + Reported-by: Marc Hörsken + +- http: free memory when Alt-Used header creation fails due to OOM + + Reported-by: James Fuller + Fixes #5268 + Closes #5269 + +Daniel Gustafsson (20 Apr 2020) +- lib: fix typos in comments and errormessages + + This fixes a few randomly spotted typos in recently merged code, most + notably one in a userfacing errormessage the schannel code. + +Daniel Stenberg (20 Apr 2020) +- tests: run the SOCKS test server on a dynamic port number + + Closes #5266 + +- [Johannes Schindelin brought this change] + + multi-ssl: reset the SSL backend on `Curl_global_cleanup()` + + When cURL is compiled with support for multiple SSL backends, it is + possible to configure an SSL backend via `curl_global_sslset()`, but + only *before* `curl_global_init()` was called. + + If another SSL backend should be used after that, a user might be + tempted to call `curl_global_cleanup()` to start over. However, we did + not foresee that use case and forgot to reset the SSL backend in that + cleanup. + + Let's allow that use case. + + Fixes #5255 + Closes #5257 + Reported-by: davidedec on github + Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de> + +- tests: run the TFTP test server on a dynamic port number + + Picking a dynamic unused port is better than a fixed to avoid the + collision risk. + + Closes #5265 + +- mqtt: improve the state machine + + To handle PUBLISH before SUBACK and more. + + Updated the existing tests and added three new ones. + + Reported-by: Christoph Krey + Bug: https://curl.haxx.se/mail/lib-2020-04/0021.html + Closes #5246 + +- runtests: always put test number in servercmd file + +- RELEASE-NOTES: synced + +- release-notes.pl: fix parsing typo + +James Fuller (20 Apr 2020) +- [xquery brought this change] + + ensure all references to ports are replaced by vars + +- [xquery brought this change] + + add more alt-svc test coverage + +Daniel Stenberg (20 Apr 2020) +- test1247: use http server to get the port number set + + Follow-up to 0f5db7b263f + +- runtests: use a unix domain socket path with the pid in the name + + To make it impossible for test cases to access the file name without + using the proper variable for the purpose. + + Closes #5264 + +Daniel Gustafsson (19 Apr 2020) +- [Tom brought this change] + + src: Remove C99 constructs to ensure C89 compliance + + This fixes the error: 'for' loop initial declaration used outside C99 + mode by declaring the loop increment variable in the beginning of the + block instead of inside the for loop. + + Fixes #5254 + Reviewed-by: Daniel Gustafsson <daniel@yesql.se> + +Daniel Stenberg (19 Apr 2020) +- runtests: dummy init the ports variables to avoid warnings + + ... and generate something that can help debug test cases. + +- [Patrick Monnerat brought this change] + + mime: properly check Content-Type even if it has parameters + + New test 669 checks this fix is effective. + + Fixes #5256 + Closes #5258 + Reported-by: thanhchungbtc on github + +- tests/FILEFORMAT: converted to markdown and extended + + Closes #5261 + +- test1245: make it work with dynamic FTP server port + +- test1055: make it work with dynamic FTP port + +- test1028: make it run on dynamic FTP server port + +- tests: move pingpong server to dynamic listening port + + FTP, IMAP, POP3, SMTP and their IPv6 versions are now all on dynamic + ports + + Test 842-845 are unfortunately a bit hard to move over to this concept + right now and require "default port" still... + +- test1056: work with dynamic HTTP ipv6 port + +- test1448: work with dynamic HTTP server port + +- tests: introduce preprocessed test cases + + The runtests script now always performs variable replacement on the + entire test source file before the test gets executed, and saves the + updated version in a temporary file (log/test[num]) so that all test + case readers/servers can use that version (if present) and thus enjoy + the powers of test case variable substitution. + + This is necessary to allow complete port number freedom. + + Test 309 is updated to work with a non-fixed port number thanks to this. + +- tests: make 2006-2010 handle different port number lengths + +- tests: run the sws server on "any port" + + Makes the test servers for HTTP and Gopher pop up on a currently unused + port and runtests adapts to that! + + Closes #5247 + +Marc Hoersken (18 Apr 2020) +- sockfilt: tidy variable naming and data structure in select_ws + + This commit does not introduce any logical changes to the code. + + Reviewed-by: Jay Satiro and Marcel Raad + Closes #5238 + +Daniel Stenberg (17 Apr 2020) +- [Anderson Toshiyuki Sasaki brought this change] + + libssh: Use new ECDSA key types to check known hosts + + From libssh 0.9.0, ssh_key_type() returns different key types for ECDSA + keys depending on the curve. + + Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com> + Fixes #5252 + Closes #5253 + +Marcel Raad (17 Apr 2020) +- appveyor: add Unicode winbuild jobs + + These are cheap as they don't build tests. + + Closes https://github.com/curl/curl/pull/5063 + +Daniel Stenberg (16 Apr 2020) +- mqttd: s/errno/SOCKERRNO + + To behave proper on Windows + Reported-by: Gisle Vanem + Bug: https://github.com/curl/curl/commit/5e855bbd18f84a02c951be7cac6188276818cdac#r38507132 + Closes #5241 + +- buildconf: use find -execdir instead, remove -print and the ares files + + Follow-up to 1e41bec96a6e + + Suggested-by: Marc Hörsken + +- [Alexander V. Tikhonov brought this change] + + buildconf: avoid using tempfile when removing files + + Closes #5213 + +- copyright: bump the copyright year range + +- scripts/release-notes.pl: accept colon after the Fixes/Closes keywords + +- [JP Mens brought this change] + + docs/MQTT: replace confusing 80 by 75 + + I was a bit surprised by the `80`: first thought: what's HTTP doing + here? ;) + + Closes #5236 + +- [Brad King brought this change] + + cmake: Avoid MSVC C4273 warnings in send/recv checks + + We use `check_c_source_compiles` to check possible send/recv signatures + by reproducing the forward declarations from system headers. On Windows + the `winsock2.h` header adds dll linkage settings to its forward + declaration. If ours does not match the compiler warns: + + warning C4273: 'recv': inconsistent dll linkage + + Add `WINSOCK_API_LINKAGE` to our test signatures when it is defined so + that our linkage is consistent with that from `winsock2.h`. + + Fixes #4764 + Closes #5232 + +Jay Satiro (14 Apr 2020) +- KNOWN_BUGS: Add entry 'Blocking socket operations' + + - Add threaded resolver cleanup and GSSAPI for FTP to the TODO list of + known blocking operations. + + - New known bugs entry 'Blocking socket operations in non-blocking API' + that directs to the TODO's list of known blocking operations. + + Ref: https://github.com/curl/curl/pull/5214#issuecomment-612488021 + + Reported-by: Marc Hoersken + + Closes https://github.com/curl/curl/pull/5216 + +Marc Hoersken (14 Apr 2020) +- test2043: use revoked.badssl.com instead of revoked.grc.com + + The certificate of revoked.grc.com has expired on 2020-04-13. + + Reviewed-by: Jay Satiro + + Closes #5233 + +- sockfilt: fix broken pipe on Windows to be ready in select_ws + + Closes #5228 + +Daniel Stenberg (14 Apr 2020) +- RELEASE-NOTES: synced + +- scripts/release-notes: fix duplicate output header + +- github/workflow: enable MQTT in the macOS debug build + +- azure: add mqtt support to one of the Windows builds + +- travis: add mqtt job on Linux + +- tests: add four MQTT tests 1190 - 1193 + +- tests: add the mqtt test server mqttd + +- tests: support hex encoded data and mqtt server + + The mqtt server is started using a "random" port. + +- [Björn Stenberg brought this change] + + mqtt: add new experimental protocol + + Closes #5173 + +- TODO: Consider convenience options for JSON and XML? + + Closes #5203 + +- tool: do not declare functions with Curl_ prefix + + To avoid collision risks with private libcurl symbols when linked with + static versions (or just versions not hiding internal symbols). + + Reported-by: hydra3333 on github + Fixes #5219 + Closes #5234 + +- [Nathaniel R. Lewis brought this change] + + cmake: add aliases so exported target names are available in tree + + Reviewed-by: Brad King + Closes #5206 + +- version: increase buffer space for ssl version output + + To avoid it getting truncated, especially when several SSL backends are + built-in. + + Reported-by: Gisle Vanem + Fixes #5222 + Closes #5226 + +Marc Hoersken (13 Apr 2020) +- cirrus: no longer ignore test 504 which is working again + + The test is working again, because TCP blackholing is disabled. + +- appveyor: completely disable tests that fail to timeout early + + The tests changed from ignored to disabled are tests that are + about connecting to non-listening socket. On AppVeyor these + tests are not reliable, because for some unknown reason the + connect is not timing out before the test time limit is reached. + +Daniel Stenberg (13 Apr 2020) +- test1908: avoid using fixed port number in test data + + Closes #5225 + +Jay Satiro (12 Apr 2020) +- [Andrew Kurushin brought this change] + + schannel: Fix blocking timeout logic + + - Fix schannel_send for the case when no timeout was set. + + Prior to this change schannel would error if the socket was not ready + to send data and no timeout was set. + + This commit is similar to parent commit 89dc6e0 which recently made the + same change for SOCKS, for the same reason. Basically it was not well + understood that when Curl_timeleft returns 0 it is not a timeout of 0 ms + but actually means no timeout. + + Fixes https://github.com/curl/curl/issues/5177 + Closes https://github.com/curl/curl/pull/5221 + +- socks: Fix blocking timeout logic + + - Document in Curl_timeleft's comment block that returning 0 signals no + timeout (ie there's infinite time left). + + - Fix SOCKS' Curl_blockread_all for the case when no timeout was set. + + Prior to this change if the timeout had a value of 0 and that was passed + to SOCKET_READABLE it would return right away instead of blocking. That + was likely because it was not well understood that when Curl_timeleft + returns 0 it is not a timeout of 0 ms but actually means no timeout. + + Ref: https://github.com/curl/curl/pull/5214#issuecomment-612512360 + + Closes https://github.com/curl/curl/pull/5220 + +- [Marc Hoersken brought this change] + + gopher: check remaining time left during write busy loop + + Prior to this change gopher's blocking code would block forever, + ignoring any set timeout value. + + Assisted-by: Jay Satiro + Reviewed-by: Daniel Stenberg + + Similar to #5220 and #5221 + Closes #5214 + +Daniel Stenberg (13 Apr 2020) +- [Dirkjan Bussink brought this change] + + gnutls: ensure TLS 1.3 when SRP isn't requested + + When SRP is requested in the priority string, GnuTLS will disable + support for TLS 1.3. Before this change, curl would always add +SRP to + the priority list, effectively always disabling TLS 1.3 support. + + With this change, +SRP is only added to the priority list when SRP + authentication is also requested. This also allows updating the error + handling here to not have to retry without SRP. This is because SRP is + only added when requested and in that case a retry is not needed. + + Closes #5223 + +Marc Hoersken (12 Apr 2020) +- tests/server: add hidden window to gracefully handle WM_CLOSE + + Forward Window events as signals to existing signal event handler. + +- tests/server: add CTRL event handler for Win32 consoles + + Forward CTRL events as signals to existing signal event handler. + +- tests/server: move all signal handling routines to util.[ch] + + Avoid code duplication to prepare for portability enhancements. + +Daniel Stenberg (12 Apr 2020) +- compressed.d: stress that the headers are not modified + + Suggested-by: Michael Osipov + Assisted-by: Jay Satiro + Bug: https://github.com/curl/curl/issues/5182#issuecomment-611638008 + Closes #5217 + +Marc Hoersken (11 Apr 2020) +- tests/server/util.c: use curl_off_t instead of long for pid + + Avoid potential overflow of huge PIDs on Windows. + + Related to #5188 + Assisted-by: Marcel Raad + +- tests: use Cygwin/msys PIDs for stunnel and sshd on Windows + + Since the Windows versions of both programs would write Windows + PIDs to their pidfiles which we cannot handle, we need to use + our known perl.exe Cygwin/msys PID together with exec() in order + to tie the spawned processes to the existance of our perl.exe + + The perl.exe that is executing secureserver.pl and sshserver.pl + has a Cygwin/msys PID, because it is started inside Cygwin/msys. + + Related to #5188 + +- tests: add Windows compatible pidwait like pidkill and pidterm + + Related to #5188 + +- tests: fix conflict between Cygwin/msys and Windows PIDs + + Add 65536 to Windows PIDs to allow Windows specific treatment + by having disjunct ranges for Cygwin/msys and Windows PIDs. + + See also: + - https://cygwin.com/git/?p=newlib-cygwin.git;a=commit; ↵ + h=b5e1003722cb14235c4f166be72c09acdffc62ea + - https://cygwin.com/git/?p=newlib-cygwin.git;a=commit; ↵ + h=448cf5aa4b429d5a9cebf92a0da4ab4b5b6d23fe + + Replaces #5178 + Closes #5188 + +Daniel Stenberg (11 Apr 2020) +- RELEASE-NOTES: synced + +- release-notes.pl: detect the start of the references in cleanup mode + +- Revert "file: on Windows, refuse paths that start with \\" + + This reverts commit 1b71bc532bde8621fd3260843f8197182a467ff2. + + Reminded-by: Chris Roberts + Bug: https://curl.haxx.se/mail/archive-2020-04/0013.html + + Closes #5215 + +Jay Satiro (11 Apr 2020) +- lib: fix conversion warnings for SOCKET_WRITABLE/READABLE + + - If loss of data may occur converting a timediff_t to time_t and + the time value is > TIME_T_MAX then treat it as TIME_T_MAX. + + This is a follow-up to 8843678 which removed the (time_t) typecast + from the macros so that conversion warnings could be identified. + + Closes https://github.com/curl/curl/pull/5199 + +- test1148: tolerate progress updates better (again) + + - Ignore intermediate progress updates. + + - Support locales that use a character other than period as decimal + separator (eg 100,0%). + + test1148 checks that the progress finishes at 100% and has the right + bar width. Prior to this change the test assumed that the only progress + reported for such a quick transfer was 100%, however in rare instances + (like in the CI where transfer time can slow considerably) there may be + intermediate updates. For example, below is stderrlog1148 from a failed + CI run with explicit \r and \n added (it is one line; broken up so that + it's easier to understand). + + \r + \r################################## 48.3% + \r######################################################################## 100.0% + \n + + Closes https://github.com/curl/curl/pull/5194 + +Marc Hoersken (10 Apr 2020) +- sshserver.pl: use cached Win32 environment check variable + +- appveyor: partially revert 3413a110 to keep build without proxy + + Ref: #5211 and #4526 + Reported-by: Marcel Raad + +- appveyor: ignore failing 'connect to non-listening proxy' tests + + Closes #5211 + +- CI/macos: convert CRLF to LF and align indentation + +Daniel Stenberg (9 Apr 2020) +- url: allow non-HTTPS altsvc-matching for debug builds + + This is already partly supported but this part was missing. + Reported-by: James Fuller + + Closes #5205 + +- server/resolve: remove AI_CANONNAME to make macos tell the truth + + With this bit set, my mac successfully resolves "ip6-localhost" when in + fact there is no such host known to my machine! That in turn made test + 241 wrongly execute and fail. + + Closes #5202 + +- runtests: fix warning about using an undefined variable + + Follow-up from 4d939ef6ceb2db1 + +- release-notes: fix the initial reference list output + +- github actions: run when pushed to master or */ci + PRs + + Avoid double-builds when using "local" branches for PRs. For both macos + and fuzz jobs. + + Closes #5201 + +- runtests: provide nicer errormsg when protocol "dump" file is empty + +- [Gilles Vollant brought this change] + + schannel: support .P12 or .PFX client certificates + + Used with curl command line option like this: --cert + <filename>:<password> --cert-type p12 + + Closes #5193 + +- tests: verify split initial HTTP requests with CURL_SMALLREQSEND + + test1294: "split request" being when the entire request isn't sent in + the first go, and the remainder is sent in the PERFORM state. A GET + request is otherwise not sending anything during PERFORM. + + test1295: same kind of split but with POST + + Closes #5197 + +- http: don't consider upload done if the request isn't completely sent off + + Fixes #4919 + Closes #5197 + +- http: allow Curl_add_buffer_send() to do a short first send by force + + In a debug build, settting the environment variable "CURL_SMALLREQSEND" + will make the first HTTP request send not send more bytes than the set + amount, thus ending up verifying that the logic for handling a split + HTTP request send works correctly. + +- connect: store connection info for QUIC connections + + Restores the --head functionality to the curl utility which extracts + 'protocol' that is stored that way. + + Reported-by: James Fuller + Fixes #5196 + Closes #5198 + +- tests/README: update the port numbers list + + Since the pipelining server is long gone. + Reported-by: James Fuller + +- select: remove typecast from SOCKET_WRITABLE/READABLE macros + + So that they don't hide conversions-by-mistake + + Reviewed-by: Jay Satiro + Closes #5190 + +- CURLOPT_WRITEFUNCTION.3: add inline example and new see-also + + Closes #5192 + +- release-notes: output trailing references sorted numerically + +- cleanup: correct copyright year range on a few files + +- configure: remove use of -vec-report0 from CFLAGS with icc + + ... as it apparently isn't (always) supported. + Reported-by: Alain Miniussi + Fixes #5096 + Closes #5191 + +- warnless: remove code block for icc that didn't work + + Reported-by: Alain Miniussi + Fixes #5096 + +Marc Hoersken (6 Apr 2020) +- dist: add missing setup-win32.h + + Follow up to d820224b8b + +Daniel Stenberg (6 Apr 2020) +- RELEASE-NOTES: synced + +- scripts/release-notes.pl: add helper script for RELEASE-NOTES maintenance + + This script helps putting entries in the RELEASE-NOTES using a coherent + style and sorting with a minimal human editing effort - as long as the + first line in the commit message is good enough! There's a short howto + at the top of the file. + +- [Dennis Felsing brought this change] + + configure: don't check for Security.framework when cross-compiling + + Since it checks for the local file, not the cross-compiled one. + + Closes #5189 + +- TODO: Option to make -Z merge lined based outputs on stdout + + Closes #5175 + +- lib: never define CURL_CA_BUNDLE with a getenv + + - it breaks the build (since 6de756c9b1de34b7a1) + - it's not documented and not consistent across platforms + - the curl tool does that getenv magic + + Bug: https://github.com/curl/curl/commit/6de756c#r38127030 + Reported-by: Gisle Vanem + + Closes #5187 + +Marc Hoersken (5 Apr 2020) +- lib670: use the same Win32 API check as all other lib tests + +- appveyor: use random test server ports based upon APPVEYOR_API_URL + + Avoid conflicts of test server ports with AppVeyor API on localhost. + + Closes #5034 + +- appveyor: sort builds by type and add two new variants + + Related to #5034 and #5063 + +- appveyor: show failed tests in log even if test is ignored + + And print API response with newline only if there is one + +- appveyor: turn disabled tests into ignored result tests + +Daniel Stenberg (5 Apr 2020) +- KNOWN_BUGS: fixed "USE_UNIX_SOCKETS on Windows" + + Fixed with #5170 (commit 23a870f2fd041278) + +- test1566: verify --etag-compare that gets a 304 back + + Verifies the fix in #5183 + + Closes #5186 + +- [Kwon-Young Choi brought this change] + + CURLINFO_CONDITION_UNMET: return true for 304 http status code + + In libcurl, CURLINFO_CONDITION_UNMET is used to avoid writing to the + output file if the server did not transfered a file based on time + condition. In the same manner, getting a 304 HTTP response back from the + server, for example after passing a custom If-Match-* header, also + fulfill this condition. + + Fixes #5181 + Closes #5183 + +- [Kwon-Young Choi brought this change] + + curl: allow both --etag-compare and --etag-save with same file name + + This change inverse the order of processing for the --etag-compare and + --etag-save option to process first --etag-compare. This in turn allows + to use the same file name to compare and save an etag. + + The original behavior of not failing if the etag file does not exists is + conserved. + + Fixes #5179 + Closes #5180 + +Viktor Szakats (4 Apr 2020) +- windows: enable UnixSockets with all build toolchains + + Extend existing unix socket support in Windows builds to be + enabled for all toolchain vendors or versions. (Previously + it was only supported with certain MSVC versions + more recent + Windows 10 SDKs) + + Ref: https://devblogs.microsoft.com/commandline/af_unix-comes-to-windows/ + Ref: https://github.com/curl/curl/issues/5162 + Closes: https://github.com/curl/curl/pull/5170 + +Daniel Stenberg (4 Apr 2020) +- KNOWN_BUGS: Store TLS context per transfer instead of per connection + + Closes #5102 + +Marc Hoersken (3 Apr 2020) +- sockfilt: remove redundancy in timeout handling + + And update other logmsg output in select_ws on Windows. + +- sockfilt: fix handling of ready closed sockets on Windows + + Replace the incomplete workaround regarding FD_CLOSE + only signalling once by instead doing a pre-check with + standard select and storing the result for later use. + + select keeps triggering on closed sockets on Windows while + WSAEventSelect fires only once with data still available. + By doing the pre-check we do not run in a deadlock + due to waiting forever for another FD_CLOSE event. + +- sockfilt: fix race-condition of waiting threads and event handling + + Fix race-condition of waiting threads finishing while events are + already being processed which lead to invalid or skipped events. + + Use mutex to check for one event at a time or do post-processing. + In addition to mutex-based locking use specific event as signal. + + Closes #5156 + +Daniel Stenberg (2 Apr 2020) +- [Leo Neat brought this change] + + CI-fuzz: increase fuzz time to 40 minutes + + Closes #5174 + +Marc Hoersken (2 Apr 2020) +- CI: increase Azure Pipelines timeouts due to performance issues + + The current demand on Azure negatively impacts the CI performance. + +- runtests.pl: log host OS as detected by Perl environment + +- ftpserver.pl: log before and after data connection is closed + +Daniel Stenberg (1 Apr 2020) +- RELEASE-NOTES: synced + +- RELEASE-PROCEDURE.md: run the copyright.pl script! + +- vquic/ngtcp2.h: update copyright year range + + Follow-up to 0736ee73d346a52 + +- [Daiki Ueno brought this change] + + CI: add build with ngtcp2 + gnutls on Travis CI + +- [Daiki Ueno brought this change] + + vquic: add support for GnuTLS backend of ngtcp2 + + Currently, the TLS backend used by vquic/ngtcp2.c is selected at compile + time. Therefore OpenSSL support needs to be explicitly disabled. + + Signed-off-by: Daiki Ueno <dueno@redhat.com> + Closes #5148 + +- [Gisle Vanem brought this change] + + examples/sessioninfo.c: add include to fix compiler warning + + Fixes #5171 + +- misc: copyright year updates + + Follow-up to 7a71965e9 + +- [Harry Sintonen brought this change] + + build: fixed build for systems with select() in unistd.h + + Closes #5169 + +- memdebug: don't log free(NULL) + + ... it serves no purpose and fills up the log. + +- cleanup: insert newline after if() conditions + + Our code style mandates we put the conditional block on a separate + line. These mistakes are now detected by the updated checksrc. + +- checksrc: warn on obvious conditional blocks on the same line as if() + + Closes #5164 + +- [Roger Orr brought this change] + + cmake: add CMAKE_MSVC_RUNTIME_LIBRARY + + Fixes #5165 + Closes #5167 + +- [Daiki Ueno brought this change] + + ngtcp2: update to git master for the key installation API change + + This updates the ngtcp2 OpenSSL backend to follow the API change in + commit 32e703164 of ngtcp2. + + Notable changes are: + - ngtcp2_crypto_derive_and_install_{rx,tx}_key have been added to replace + ngtcp2_crypto_derive_and_install_key + - the 'side' argument of ngtcp2_crypto_derive_and_install_initial_key + has been removed + + Fixes #5166 + Closes #5168 + +- [Cyrus brought this change] + + SECURITY.md: minor rephrase + + Closes #5158 + +- output.d: quote the URL when globbing + + Some shells do globbing of their own unless the URL is quoted, so maybe + encourage this. + + Co-authored-by: Jay Satiro + Closes #5160 + +- dist: add tests/version-scan.pl to tarball + + ... used in test 1177. + + Follow-up to a97d826f6de3 + +- test1177: verify that all the CURL_VERSION_ bits are documented + +- curl.h: remnove CURL_VERSION_ESNI. Never supported nor documented + + Considered experimental and therefore we can do this. + + Closes #5157 + +- KNOWN_BUGS: DoH doesn't inherit all transfer options + + Closes #4578 + Closes #4579 + +- KNOWN_BUGS: DoH leaks memory after followlocation + + Closes #4592 + +- KNOWN_BUGS: "FTPS needs session reuse" + + Closes #4654 + +- KNOWN_BUGS: "stick to same family over SOCKS pro" is presumed fixed + +- TODO: Set custom client ip when using haproxy protocol + + Closes #5125 + +Michael Kaufmann (27 Mar 2020) +- writeout_json: Fix data type issues + + Load long values correctly (e.g. for http_code). + + Use curl_off_t (not long) for: + - size_download (CURLINFO_SIZE_DOWNLOAD_T) + - size_upload (CURLINFO_SIZE_UPLOAD_T) + + The unit for these values is bytes/second, not microseconds: + - speed_download (CURLINFO_SPEED_DOWNLOAD_T) + - speed_upload (CURLINFO_SPEED_UPLOAD_T) + + Fixes #5131 + Closes #5152 + +Daniel Stenberg (27 Mar 2020) +- mailmap: fixup a few author names/fields + + Douglas Steinwand, Gökhan Şengün, Jessa Chandler, Julian Z and + Svyatoslav Mishyn + +- version: add 'cainfo' and 'capath' to version info struct + + Suggested-by: Timothe Litt + URL: https://curl.haxx.se/mail/lib-2020-03/0090.html + Reviewed-by: Jay Satiro + + Closes #5150 + +- RELEASE-NOTES: synced + +Jay Satiro (26 Mar 2020) +- SSLCERTS.md: Fix example code for setting CA cert file + + Prior to this change the documentation erroneously said use + CURLOPT_CAPATH to set a CA cert file. + + Bug: https://curl.haxx.se/mail/lib-2020-03/0121.html + Reported-by: Timothe Litt + + Closes https://github.com/curl/curl/pull/5151 + +Marc Hoersken (26 Mar 2020) +- sockfilt: add logmsg output to select_ws_wait_thread on Windows + + Assisted-by: Jay Satiro + Reviewed-by: Daniel Stenberg + + Closes #5086 + +Daniel Stenberg (26 Mar 2020) +- docs/make: generate curl.1 from listed files only + + Previously it rendered the page from files matching "*.d" in the correct + directory, which worked fine in git builds when the files were added but + made it easy to forget adding the files to the dist. + + Now, only man page sections listed in DPAGES in Makefile.inc will be + used, thus "forcing" us to update this to get the man page right and get + it included in the dist at the same time. + + Ref: #5146 + Closes #5149 + +- openssl: adapt to functions marked as deprecated since version 3 + + OpenSSL 3 deprecates SSL_CTX_load_verify_locations and the MD4, DES + functions we use. + + Fix the MD4 and SSL_CTX_load_verify_locations warnings. + + In configure, detect OpenSSL v3 and if so, inhibit the deprecation + warnings. OpenSSL v3 deprecates the DES functions we use for NTLM and + until we rewrite the code to use non-deprecated functions we better + ignore these warnings as they don't help us. + + Closes #5139 + +- dist: add mail-rcpt-allowfails.d to the tarball + + Reported-by: Maksim Stsepanenka + Reviewed-by: Jat Satiro + + Closes #5146 + +- travis: update the ngtcp2 build to use the latest OpenSSL patch + + ... which also makes it OpenSSL 1.1.1d based and not v3. + +Marc Hoersken (24 Mar 2020) +- CI: remove default Ubuntu build from GitHub Actions + + We are already running a very similar Ubuntu build on Travis CI. + The macOS variant of this default build is kept on Github Actions. + +- CI: bring GitHub Actions fuzzing job in line with macOS jobs + + Update YAML formatting, job naming and triggers. + +- CI: migrate macOS jobs from Azure and Travis CI to GitHub Actions + + Reduce workload on Azure Pipelines and Travis CI while + consolidating macOS jobs onto less utilized GitHub Actions. + + Reviewed-by: Daniel Stenberg + + Closes #5124 + +Daniel Stenberg (24 Mar 2020) +- config: remove all defines of HAVE_DES_H + + As there's no code using it. + + Closes #5144 + +- copyright: fix out-of-date copyright ranges and missing headers + + Reported by the new script 'scripts/copyright.pl'. The script has a + regex whitelist for the files that don't need copyright headers. + + Removed three (mostly usesless) README files from docs/ + + Closes #5141 + +- packages: add OS400/chkstrings.c to the dist + + Reported-by: Jon Rumsey + Fixes #5142 + Closes #5143 + +- [Clément Notin brought this change] + + nghttp2: 1.12.0 required + + since nghttp2_session_set_local_window_size is needed + + Closes #5140 + +- RELEASE-NOTES: synced + +- [Calvin Buckley brought this change] + + OS400: Update strings for ccsid-ifier + + Fixes build. + + Closes #5132 + +- cirrus: make freebsd ignore the tests instead of skipping + + To allow us to see in the CI logs how they actually behave + + Closes #5091 + +- cirrus: move the sanitizer build from freebsd 13 to freebsd 12 + +- Revert "cirrus-ci: disable the FreeBSD 13 builds" + + This reverts commit 691b71be930f0e285c8f7a76efd56bbe0576cda6. + +- getinfo: provide CURLINFO_HEADER_SIZE and CURLINFO_REQUEST_SIZE override + + To let debug-builds return fake values, like in test 970. + + Ref: #5131 + Closes #5136 + +- test970: improve the test + + - send more data to make problems more obvious + - don't start the data with minus, it makes diffs harder to read + - skip the headers in the stdout comparison + - save to a file name to also verify 'filename_effective' + + Ref: #5131 + +- CURLINFO_NUM_CONNECTS: improve accuracy + + The counter was not bumped in all cases correctly. + + Reported-by: Marcel Raad + Ref: #5131 + Closes #5135 + +- TODO: Use "random" ports for the test servers + +- lib/curl_setup: adjust the copyright year range + + Follow-up from d820224b8 + +Jay Satiro (21 Mar 2020) +- curl_setup: define _WIN32_WINNT_[OS] symbols + + .. because not all Windows build systems have those symbols, and even + those that do may be missing newer symbols (eg the Windows 7 SDK does + not define _WIN32_WINNT_WIN10). + + Those symbols are used in build-time logic to decide which API to use + and prior to this change if the symbols were missing it would have + resulted in deprecated API being used when more recent functions were + available (eg GetVersionEx used instead of VerifyVersionInfo). + + Reported-by: FuccDucc@users.noreply.github.com + + Probably fixes https://github.com/curl/curl/issues/4995 + Closes https://github.com/curl/curl/pull/5057 + +- [Ross Burton brought this change] + + curl-functions.m4: remove inappropriate AC_REQUIRE + + AC_REQUIRE means "if this macro hasn't been executed already, execute + it". So in a wrapper around AC_RUN_IFELSE, AC_REQUIRE(AC_RUN_IFELSE) + isn't correct at that will execute AC_RUN_IFELSE without any arguments. + + With autoconf 2.69 this is basically a no-op, but with autoconf 2.70, + AC_RUN_IFELSE without a default value when cross-compiling is fatal. + The result is that curl with autoconf 2.70 cannot cross-compile. + + Fixes https://github.com/curl/curl/issues/5126 + Closes https://github.com/curl/curl/pull/5130 + +Marc Hoersken (20 Mar 2020) +- ci/tests: fix Azure Pipelines not running Windows containers + + Workaround posted here: microsoft/azure-pipelines-agent#2864 + + Assisted-by: Simon Chalifoux + Assisted-by: Tommy Petty + + Fixes #5117 + Closes #5129 + +Daniel Stenberg (20 Mar 2020) +- tests: add test 430, 431 and 432 to verify the --config fix + + Verify the fixes in 4e0b4fee4 + +- [Rici Lake brought this change] + + cmdline: fix handling of OperationConfig linked list (--next) + + Ensures that -K/--config inserts new items at the end of the list + instead of overwriting the second item, and that after a -K/--config + option has been parsed, the option parser's view of the current config + is update. + + Fixes #5120 + Closes #5123 + +Marc Hoersken (20 Mar 2020) +- test2100: fix static port instead of dynamic value being used + +- test970: fix static ip:port instead of dynamic values being used + +Daniel Stenberg (19 Mar 2020) +- secure transport: remove the BACKEND define kludge + + Closes #5122 + +- mbedtls: remove the BACKEND define kludge + +- bearssl: remove the BACKEND define kludge + +- wolfssl: remove the BACKEND define kludge + +- nss: remove the BACKEND define kludge + +- gnutls: remove the BACKEND define kludge + +- openssl: remove the BACKEND define kludge + + Use a proper variable instead to make it easier to use a debugger and + read the code. + +Marc Hoersken (19 Mar 2020) +- tests: make Python-based servers compatible with Python 2 and 3 + + Update smbserver.py and negtelnetserver.py to be compatible with + Python 3 while staying backwards-compatible to support Python 2. + + Fix string encoding and handling of echoed and transferred data. + + Tested with both Python 2.7.17 and Python 3.7.7 + + Reported-by: Daniel Stenberg + Assisted-by: Kamil Dudka + Reviewed-by: Marcel Raad + + Fixes #5104 + Closes #5110 + +Daniel Stenberg (18 Mar 2020) +- writeout_json: use curl_off_t printf() option for the time output + + Follow-up to: 04c03416e68fd635a15 + + Closes #5115 + +- RELEASE-NOTES: synced + + Uh, I missed this in 1a46b218db + +- RELEASE-NOTES: synced + + ... and bumped curlver.h to 7.70.0 + +Jay Satiro (18 Mar 2020) +- http2: Fix erroneous debug message that h2 connection closed + + Prior to this change in libcurl debug builds http2 stream closure was + erroneously referred to as connection closure. + + Before: + * nread <= 0, server closed connection, bailing + + After: + * nread == 0, stream closed, bailing + + Closes https://github.com/curl/curl/pull/5118 + +Daniel Stenberg (18 Mar 2020) +- tool_setopt: correct the copyright year range + + Follow-up to 5450428491 + +Jay Satiro (18 Mar 2020) +- [Johannes Schindelin brought this change] + + schannel: add "best effort" revocation check option + + - Implement new option CURLSSLOPT_REVOKE_BEST_EFFORT and + --ssl-revoke-best-effort to allow a "best effort" revocation check. + + A best effort revocation check ignores errors that the revocation check + was unable to take place. The reasoning is described in detail below and + discussed further in the PR. + + --- + + When running e.g. with Fiddler, the schannel backend fails with an + unhelpful error message: + + Unknown error (0x80092012) - The revocation function was unable + to check revocation for the certificate. + + Sadly, many enterprise users who are stuck behind MITM proxies suffer + the very same problem. + + This has been discussed in plenty of issues: + https://github.com/curl/curl/issues/3727, + https://github.com/curl/curl/issues/264, for example. + + In the latter, a Microsoft Edge developer even made the case that the + common behavior is to ignore issues when a certificate has no recorded + distribution point for revocation lists, or when the server is offline. + This is also known as "best effort" strategy and addresses the Fiddler + issue. + + Unfortunately, this strategy was not chosen as the default for schannel + (and is therefore a backend-specific behavior: OpenSSL seems to happily + ignore the offline servers and missing distribution points). + + To maintain backward-compatibility, we therefore add a new flag + (`CURLSSLOPT_REVOKE_BEST_EFFORT`) and a new option + (`--ssl-revoke-best-effort`) to select the new behavior. + + Due to the many related issues Git for Windows and GitHub Desktop, the + plan is to make this behavior the default in these software packages. + + The test 2070 was added to verify this behavior, adapted from 310. + + Based-on-work-by: georgeok <giorgos.n.oikonomou@gmail.com> + Co-authored-by: Markus Olsson <j.markus.olsson@gmail.com> + Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de> + + Closes https://github.com/curl/curl/pull/4981 + +- multi: Improve parameter check for curl_multi_remove_handle + + - If an easy handle is owned by a multi different from the one specified + then return CURLM_BAD_EASY_HANDLE. + + Prior to this change I assume user error could cause corruption. + + Closes https://github.com/curl/curl/pull/5116 + +Viktor Szakats (17 Mar 2020) +- windows: suppress UI in all CryptAcquireContext() calls + + Ref: https://docs.microsoft.com/windows/win32/api/wincrypt/nf-wincrypt-cryptacquirecontexta#parameters + Reviewed-by: Marc Hörsken + Closes https://github.com/curl/curl/pull/5088 + +Daniel Stenberg (17 Mar 2020) +- writeout_json: add missing comma to fix the HTTP version + + Follow-up to 04c03416e68fd635a15 + +- test 970: verify --write-out '%{json}' + + Makes curl_easy_getinfo() of "variable" numerical content instead return + the number set in the env variable `CURL_TIME`. + + Makes curl_version() of "variable" textual content. This guarantees a + stable version string which can be tested against. Environment variable + `CURL_VERSION` defines the content. + + Assisted-by: Mathias Gumz + +- [Mathias Gumz brought this change] + + writeout: support to generate JSON output + + This commit adds support to generate JSON via the writeout feature: + + -w "%{json}" + + It leverages the existing infrastructure as much as possible. Thus, + generating the JSON on STDERR is possible by: + + -w "%{stderr}%{json}" + + This implements a variant of + https://github.com/curl/curl/wiki/JSON#--write-out-json. + + Closes #4870 + +- CI: stop ignoring 323, it is disabled + +- DISABLED: disable test 323 + + The test uses SRP to "a server not supporting it" but modern stunnel + versions will silently accept it and remain happy. The test is therefore + faulty. + + I haven't figured out how to make stunnel explicitly reject SRP-using + connects. + + Reported-by: Marc Hörsken + Fixes #5105 + Closes #5113 + +Marc Hoersken (17 Mar 2020) +- ci/tests: increase timeouts for torture builds on Azure Pipelines + + For some reason the torture builds have slowed down recently. + + Reported-by: Daniel Stenberg + +Daniel Stenberg (16 Mar 2020) +- cmake: add support for building with wolfSSL + + My working build cmdline: + + $ cmake -DCMAKE_PREFIX_PATH=$HOME/build-wolfssl -DCMAKE_USE_WOLFSSL=ON . + + Assisted-by: Brad King + Closes #5095 + +- tool_operate: fix add_parallel_transfers when more are in queue + + Trying to return early from the function if no new transfers were added + would break the "morep" argument and cause issues. This could lead to + zero content "transfers" (within quotes since they would never be + started) when parallel-max was reduced. + + Reported-by: Gavin Wong + Analyzed-by: Jay Satiro + Fixes #4937 + Closes #5112 + +- vtls: free ssl_config leftovers on out-of-memory + + Torture testing 2034 and 2037 found this. + + Reported-by: Marc Hörsken + Fixes #5108 + Closes #5109 + +Marc Hoersken (16 Mar 2020) +- ci/tests: fix Azure Pipelines not running for pull requests + + Closes #5111 + +Daniel Stenberg (15 Mar 2020) +- gskit: update the copyright year range + + Follow-up from 083603c63a3 + +Marc Hoersken (15 Mar 2020) +- gskit: use our internal select wrapper for portability + + Follow up to c52b342 + Closes #5106 + +- tests: fix verification of stdout in test 1452 due to newline + + Fixes test1452:41:1: error: missing </stdout> tag before </verify> + +- ci/tests: install impacket for SMB tests on FreeBSD using CirrusCI + + Also force the package index/cache to be updated before installing. + + Closes #5103 + +- tests/README: add note about manually installing python-impacket + + Follow up to 4be2560 + +Daniel Stenberg (15 Mar 2020) +- transfer: cap retries of "dead connections" to 5 + + When libcurl retries a connection due to it being "seemingly dead" or by + REFUSED_STREAM, it will now only do it up five times before giving up, + to avoid never-ending loops. + + Reported-by: Dima Tisnek + Bug: https://curl.haxx.se/mail/lib-2020-03/0044.html + Closes #5074 + +- TODO: TLS-PSK with OpenSSL + + Closes #5081 + +Marc Hoersken (15 Mar 2020) +- select: add 'timeout_ms' wrap-around precaution to Curl_select + +- select: fix 'pending_ms' is assigned a value that is never used + + Detected by Codacy + +- select: move duplicate select preparation code into Curl_select + + Reviewed by Daniel Stenberg + Reviewed by Marcel Raad + Closes #5078 + +Daniel Stenberg (15 Mar 2020) +- connect: happy eyeballs cleanup + + Make sure each separate index in connn->tempaddr[] is used for a fixed + family (and only that family) during the connection process. + + If family one takes a long time and family two fails immediately, the + previous logic could misbehave and retry the same family two address + repeatedly. + + Reported-by: Paul Vixie + Reported-by: Jay Satiro + Fixes #5083 + Fixes #4954 + Closes #5089 + +Marc Hoersken (15 Mar 2020) +- ci/tests: fix and align setting TFLAGS for make test-nonflaky + +- ci/tests: install test suite dependencies stunnel and impacket + +- tests: remove python_dependencies for smbserver from our tree + + Users of the SMB tests will have to install impacket manually. + + Reasoning: our in-tree version of impacket was quite outdated + and only compatible with Python 2 which is already end-of-life. + Upgrading to Python 3 and a compatible impacket version would + require to import additional Python-only and CPython-extension + dependencies. This would have hindered portability enormously. + + Closes #5094 + +Jay Satiro (14 Mar 2020) +- Makefile.m32: Improve windres parameter compatibility + + - s/COFF/coff/ + + Some versions of windres do not recognize uppercase COFF as a valid + way to specify the COFF output format. + + Reported-by: Steven Penny + + Fixes https://github.com/curl/curl/issues/5099 + Closes https://github.com/curl/curl/pull/5101 + +- easy: Fix curl_easy_duphandle for builds missing IPv6 that use c-ares + + - Ignore CURLE_NOT_BUILT_IN errors returned by c-ares functions in + curl_easy_duphandle. + + Prior to this change if c-ares was used as the resolver backend and + either it was too old or libcurl was built without IPv6 support then + some of our resolver functions could return CURLE_NOT_BUILT_IN to + curl_easy_duphandle causing it to fail. + + Caused by c8f086b which shipped in 7.69.1. + + Reported-by: Karl Chen + + Fixes https://github.com/curl/curl/issues/5097 + Closes https://github.com/curl/curl/pull/5100 + +Daniel Stenberg (13 Mar 2020) +- docs: add warnings about FILE: URLs on Windows + + - --url man page section + - libcurl-security.3 gets the full text + - CURLOPT_URL.3 + + Reported-by: Tim Sedlmeyer + +- server/getpart: make the "XML-parser" stricter + + When extracting a <section> <part> and there's no </part> before + </section>, this now outputs an error and returns a wrong string to + make users spot the mistake. + + Ref: #5070 + Closes #5071 + +Marc Hoersken (13 Mar 2020) +- impacket: some more Python 3 code compatibility updates + + This makes smbserver load on Python 3, but still not work completely. + +- smbserver: pin Python version to 2 since we are not yet 3 compatible + + Even though the existing code can be fixed to run on Python 3, the + tests will fail due to the Unicode transition the protocol is invalid. + + Follow up to ee63837 + Closes #5085 + +Daniel Stenberg (12 Mar 2020) +- [Viktor Szakats brought this change] + + cleanup: fix some text/comment typos + + Closes #5087 + +Marc Hoersken (12 Mar 2020) +- smbserver: fix Python version specific ConfigParser import + + Follow up to ee63837 and 8c7c4a6 + Fixes #5077 + +Daniel Stenberg (11 Mar 2020) +- RELEASE-NOTES: synced + + bumped to 7.69.2 + +Dan Fandrich (11 Mar 2020) +- tests/data: Fix some XML formatting issues in test cases + + This allows these test files to pass xmllint. + +Daniel Stenberg (11 Mar 2020) +- [Muhammad Herdiansyah brought this change] + + Makefile: run the cd commands in a subshell + + In bmake, if the directory is changed (with cd or anything else), bmake + won't return to the "root directory" on the next command (in the same + Makefile rule). This commit runs the cd command in a subshell so it + would work in bmake. + + Closes #5073 + +- configure: convert -I to -isystem as a last step + + As all the -I uses in CFLAGS at that point are for system headers and + third party libraries this helps us remove/ignore warnings on those! + + Closes #5060 + +- configure: fix -pedantic-errors for GCC 5 and later + + If --enable-werror is used. + + Follow-up to d5c0351055d5709da which added it too early in the configure + script before $compiler_num was set correctly and thus this option was + never used. + + Reported-by: Stepan Efremov + Fixes #5067 + Closes #5068 + +- configure: document 'compiler_num' for gcc + + The CURL_CHECK_COMPILER_GNU_C function sets the number to MAJOR*100 + + MINOR and ignores the patch version, and since gcc version 7 it only + sets it to MAJOR*100. + + Reported-by: Stepan Efremov + Ref: #5067 + Closes #5069 + Version 7.69.1 (11 Mar 2020) Daniel Stenberg (11 Mar 2020) @@ -4385,7 +6198,7 @@ Marcel Raad (27 Sep 2019) Closes https://github.com/curl/curl/pull/4415 Jay Satiro (27 Sep 2019) -- [julian brought this change] +- [Julian Z brought this change] vtls: Fix comment typo about macosx-version-min compiler flag @@ -5404,1800 +7217,3 @@ Daniel Stenberg (26 Aug 2019) SCP home directory case. Closes #4258 - -- http: the 'closed' struct field is used by both ngh2 and ngh3 - - and remove 'header_recvbuf', not used for anything - - Reported-by: Jeremy Lainé - - Closes #4257 - -- ngtcp2: accept upload via callback - - Closes #4256 - -- defines: avoid underscore-prefixed defines - - Double-underscored or underscore plus uppercase letter at least. - - ... as they're claimed to be reserved. - - Reported-by: patnyb on github - - Fixes #4254 - Closes #4255 - -- travis: add a build using ngtcp2 + nghttp3 (and a patched OpenSSL) - - Runs no tests - - Closes #4253 - -- travis: bump to using nghttp2 version 1.39.2 - - Closes #4252 - -- [Gisle Vanem brought this change] - - docs/examples/curlx: fix errors - - Initialise 'mimetype' and require the -p12 arg. - - Closes #4248 - -- cleanup: remove DOT_CHAR completely - - Follow-up to f9c7ba9096ec - - The use of DOT_CHAR for ".ssh" was probably a mistake and is removed - now. - - Pointed-out-by: Gisle Vanem - Bug: https://github.com/curl/curl/pull/4230#issuecomment-522960638 - - Closes #4247 - -- spnego_sspi: add typecast to fix build warning - - Reported in build "Win32 target on Debian Stretch (64-bit) - - i686-w64-mingw32 - gcc-20170516" - - Closes #4245 - -- openssl: build warning free with boringssl - - Closes #4244 - -- curl: make --libcurl use CURL_HTTP_VERSION_3 - - Closes #4243 - -- ngtcp2: make postfields-set posts work - - Closes #4242 - -- http: remove chunked-encoding and expect header use for HTTP/3 - -- [Alessandro Ghedini brought this change] - - configure: use pkg-config to detect quiche - - This removes the need to hard-code the quiche target path in - configure.ac. - - This depends on https://github.com/cloudflare/quiche/pull/128 - - Closes #4237 - -- CURLOPT_SSL_VERIFYHOST: treat the value 1 as 2 - - For a long time (since 7.28.1) we've returned error when setting the - value to 1 to make applications notice that we stopped supported the old - behavior for 1. Starting now, we treat 1 and 2 exactly the same. - - Closes #4241 - -- curl: use .curlrc (with a dot) on Windows as well - - Fall-back to _curlrc if the dot-version is missing. - - Co-Authored-By: Steve Holme - - Closes #4230 - -- netrc: make the code try ".netrc" on Windows as well - - ... but fall back and try "_netrc" too if the dot version didn't work. - - Co-Authored-By: Steve Holme - -- ngtcp2: use ngtcp2_version() to get the run-time version - - ... which of course doesn't have to be the same used at build-time. - - Function just recently merged in ngtcp2. - -- ngtcp2: move the h3 initing to immediately after the rx key - - To fix a segfault and to better deal with 0-RTT - - Assisted-by: Tatsuhiro Tsujikawa - -- [Alessandro Ghedini brought this change] - - quiche: register debug callback once and earlier - - The quiche debug callback is global and can only be initialized once, so - make sure we don't do it multiple times (e.g. if multiple requests are - executed). - - In addition this initializes the callback before the connection is - created, so we get logs for the handshake as well. - - Closes #4236 - -- ssh: add a generic Curl_ssh_version function for SSH backends - - Closes #4235 - -- base64: check for SSH, not specific SSH backends - -- vssh: move ssh init/cleanup functions into backend code - -- vssh: create directory for SSH backend code - -- TODO/ROADMAP: remove "refuse downgrade redirects" and HTTP/3 - - HTTP3 is now already in full progress - - Downgrade redirects can be achived almost exactly like that by setting - CURLOPT_REDIR_PROTOCOLS. - -- RELEASE-NOTES: synced - -- travis: add a quiche build - - Closes #4207 - -- http: fix use of credentials from URL when using HTTP proxy - - When a username and password are provided in the URL, they were wrongly - removed from the stored URL so that subsequent uses of the same URL - wouldn't find the crendentials. This made doing HTTP auth with multiple - connections (like Digest) mishave. - - Regression from 46e164069d1a5230 (7.62.0) - - Test case 335 added to verify. - - Reported-by: Mike Crowe - - Fixes #4228 - Closes #4229 - -- [Mike Crowe brought this change] - - tests: Replace outdated test case numbering documentation - - Tests are no longer grouped by numeric range[1]. Let's stop saying that - and provide some alternative advice for numbering tests. - - [1] https://curl.haxx.se/mail/lib-2019-08/0043.html - - Closes #4227 - -- travis: reduce number of torture tests in 'coverage' - - ... to make it complete in time. This cut seems not almost not affect - the coverage percentage and yet completes within 35 minutes on travis - where the previous runs recently always timed out after 50. - - Closes #4223 - -- [Igor Makarov brought this change] - - configure: use -lquiche to link to quiche - - Closes #4226 - -- ngtcp2: provide the callbacks as a static struct - - ... instead of having them in quicsocket - -- [Tatsuhiro Tsujikawa brought this change] - - ngtcp2: add missing nghttp3_conn_add_write_offset call - - Closes #4225 - -- [Tatsuhiro Tsujikawa brought this change] - - ngtcp2: deal with stream close - -- [Tatsuhiro Tsujikawa brought this change] - - ngtcp2: Consume QUIC STREAM data properly - -- [Tatsuhiro Tsujikawa brought this change] - - ngtcp2: don't reinitialize SSL on Retry - -- multi: getsock improvements for QUIC connecting - -- connect: connections are persistent by default for HTTP/3 - -- quiche: happy eyeballs - - Closes #4220 - -- ngtcp2: do QUIC connections happy-eyeballs friendly - -- curl_version: bump string buffer size to 250 - - With HTTP/3 libs and plenty TLS libs, I manged to hit the limit (which - causes a truncated output). - -- CURLOPT_ALTSVC.3: use a "" file name to not load from a file - -Jay Satiro (14 Aug 2019) -- vauth: Use CURLE_AUTH_ERROR for auth function errors - - - Add new error code CURLE_AUTH_ERROR. - - Prior to this change auth function errors were signaled by - CURLE_OUT_OF_MEMORY and CURLE_RECV_ERROR, and neither one was - technically correct. - - Ref: https://github.com/curl/curl/pull/3848 - - Co-authored-by: Dominik Hölzl - - Closes https://github.com/curl/curl/pull/3864 - -Daniel Stenberg (13 Aug 2019) -- curl_version_info: make the quic_version a const - - Follow-up from 1a2df1518ad8653f - - Closes #4222 - -- examples: add http3.c, altsvc.c and http3-present.c - - Closes #4221 - -Peter Wu (13 Aug 2019) -- nss: use TLSv1.3 as default if supported - - SSL_VersionRangeGetDefault returns (TLSv1.0, TLSv1.2) as supported - range in NSS 3.45. It looks like the intention is to raise the minimum - version rather than lowering the maximum, so adjust accordingly. Note - that the caller (nss_setup_connect) initializes the version range to - (TLSv1.0, TLSv1.3), so there is no need to check for >= TLSv1.0 again. - - Closes #4187 - Reviewed-by: Daniel Stenberg - Reviewed-by: Kamil Dudka - -Daniel Stenberg (13 Aug 2019) -- quic.h: remove unused proto - -- curl_version_info.3: mentioned ALTSVC and HTTP3 - - ... and sorted the list alphabetically - -- lib/quic.c: unused - removed - -- CURLOPT_ALTSVC_CTRL.3: remove CURLALTSVC_ALTUSED - - Follow-up to 98c3f148 that removed it from the header file - -- [Junho Choi brought this change] - - docs/HTTP3: simplify quiche build instruction - - Use --recursive to get boringssl in one line - - Closes #4219 - -- altsvc: make it use h3-22 with ngtcp2 as well - -- ngtcp2: initial h3 request work - - Closes #4217 - -- curl_version_info: offer quic (and h3) library info - - Closes #4216 - -- HTTP3: use ngtcp2's draft-22 branch - -- RELEASE-NOTES: synced - -- CURLOPT_READFUNCTION.3: provide inline example - - ... instead of mentioning one in another place - -- [Tatsuhiro Tsujikawa brought this change] - - ngtcp2: send HTTP/3 request with nghttp3 - - This commit makes sending HTTP/3 request with nghttp3 work. It - minimally receives HTTP response and calls nghttp3 callbacks, but no - processing is made at the moment. - - Closes #4215 - -- nghttp3: initial h3 template code added - -- nghttp3: required when ngtcp2 is used for QUIC - - - checked for by configure - - updated docs/HTTP3.md - - shown in the version string - - Closes #4210 - -- [Eric Wong brought this change] - - asyn-thread: issue CURL_POLL_REMOVE before closing socket - - This avoids EBADF errors from EPOLL_CTL_DEL operations in the - ephiperfifo.c example. EBADF is dangerous in multi-threaded - applications where I rely on epoll_ctl to operate on the same - epoll description from different threads. - - Follow-up to eb9a604f8d7db8 - - Bug: https://curl.haxx.se/mail/lib-2019-08/0026.html - Closes #4211 - -- [Carlo Marcelo Arenas Belón brought this change] - - configure: avoid undefined check_for_ca_bundle - - instead of using a "greater than 0" test, check for variable being - set, as it is always set to 1, and could be left unset if non of - OPENSSL MBEDTLS GNUTLS WOLFSSL is being configured for. - - Closes #4213 - -- [Tatsuhiro Tsujikawa brought this change] - - ngtcp2: Send ALPN h3-22 - - Closes #4212 - -- [Tatsuhiro Tsujikawa brought this change] - - ngtcp2: use ngtcp2_settings_default and specify initial_ts - -- curl_global_init_mem.3: mention it was added in 7.12.0 - -- [Tatsuhiro Tsujikawa brought this change] - - ngtcp2: make the QUIC handshake work - - Closes #4209 - -- [Alex Mayorga brought this change] - - HTTP3.md: Update quiche build instructions - - Added cloning for quiche and BoringSSL and modified the build - instructions so they work on a clean folder. - - Closes #4208 - -- CURLOPT_H3: removed - - There's no use for this anymore and it was never in a release. - - Closes #4206 - -- http3: make connection reuse work - - Closes #4204 - -- quiche: add SSLKEYLOGFILE support - -- cleanup: s/curl_debug/curl_dbg_debug in comments and docs - - Leftovers from the function rename back in 76b63489495 - - Reported-by: Gisle Vanem - Bug: https://github.com/curl/curl/commit/f3e0f071b14fcb46a453f69bdf4e062bcaacf362#com - mitcomment-34601751 - - Closes #4203 - -- RELEASE-NOTES: synced - -- alt-svc: add protocol version selection masking - - So that users can mask in/out specific HTTP versions when Alt-Svc is - used. - - - Removed "h2c" and updated test case accordingly - - Changed how the altsvc struct is laid out - - Added ifdefs to make the unittest run even in a quiche-tree - - Closes #4201 - -- http3: fix the HTTP/3 in the request, make alt-svc set right versions - - Closes #4200 - -- alt-svc: send Alt-Used: in redirected requests - - RFC 7838 section 5: - - When using an alternative service, clients SHOULD include an Alt-Used - header field in all requests. - - Removed CURLALTSVC_ALTUSED again (feature is still EXPERIMENTAL thus - this is deemed ok). - - You can disable sending this header just like you disable any other HTTP - header in libcurl. - - Closes #4199 - -- CURLOPT_HTTP_VERSION: seting this to 3 forces HTTP/3 use directly - - Even though it cannot fall-back to a lower HTTP version automatically. The - safer way to upgrade remains via CURLOPT_ALTSVC. - - CURLOPT_H3 no longer has any bits that do anything and might be removed - before we remove the experimental label. - - Updated the curl tool accordingly to use "--http3". - - Closes #4197 - -- docs/ALTSVC: remove what works and the experimental explanation - - Also, put the TODO items at the bottom. - - Closes #4198 - -- docs/EXPERIMENTAL: explain what it means and what's experimental now - -- curl: make use of CURLINFO_RETRY_AFTER when retrying - - If a Retry-After: header was used in the response, that value overrides - other retry timing options. - - Fixes #3794 - Closes #4195 - -- curl: use CURLINFO_PROTOCOL to check for HTTP(s) - - ... instead of CURLINFO_EFFECTIVE_URL to avoid string operations. - -- CURLINFO_RETRY_AFTER: parse the Retry-After header value - - This is only the libcurl part that provides the information. There's no - user of the parsed value. This change includes three new tests for the - parser. - - Ref: #3794 - -- docs/ALTSVC.md: first basic file format description - -- curl: have -w's 'http_version' show '3' for HTTP/3 - - Closes #4196 - -- curl.h: add CURL_HTTP_VERSION_3 to the version enum - - It can't be set for CURLOPT_HTTP_VERSION, but it can be extracted with - CURLINFO_HTTP_VERSION. - -- quiche: make use of the connection timeout API properly - -- quiche: make POSTFIELDS posts work - -- quiche: improved error handling and memory cleanups - -- quiche: flush egress in h3_stream_recv() too - -- RELEASE-NOTES: synced - -Jay Satiro (6 Aug 2019) -- [Patrick Monnerat brought this change] - - os400: take care of CURLOPT_SASL_AUTHZID in curl_easy_setopt_ccsid(). - - Ref: https://github.com/curl/curl/issues/3653 - Ref: https://github.com/curl/curl/pull/3790 - - NOTE: This commit was cherry-picked and is part of a series of commits - that added the authzid feature for upcoming 7.66.0. The series was - temporarily reverted in db8ec1f so that it would not ship in a 7.65.x - patch release. - - Closes https://github.com/curl/curl/pull/4186 - -- tests: Fix the line endings for the SASL alt-auth tests - - - Change data and protocol sections to CRLF line endings. - - Prior to this change the tests would fail or hang, which is because - certain sections such as protocol require CRLF line endings. - - Follow-up to grandparent commit which added the tests. - - Ref: https://github.com/curl/curl/issues/3653 - Ref: https://github.com/curl/curl/pull/3790 - - NOTE: This commit was cherry-picked and is part of a series of commits - that added the authzid feature for upcoming 7.66.0. The series was - temporarily reverted in db8ec1f so that it would not ship in a 7.65.x - patch release. - - Closes https://github.com/curl/curl/pull/4186 - -- [Steve Holme brought this change] - - examples: Added SASL PLAIN authorisation identity (authzid) examples - - Ref: https://github.com/curl/curl/issues/3653 - Ref: https://github.com/curl/curl/pull/3790 - - NOTE: This commit was cherry-picked and is part of a series of commits - that added the authzid feature for upcoming 7.66.0. The series was - temporarily reverted in db8ec1f so that it would not ship in a 7.65.x - patch release. - - Closes https://github.com/curl/curl/pull/4186 - -- [Steve Holme brought this change] - - curl: --sasl-authzid added to support CURLOPT_SASL_AUTHZID from the tool - - Ref: https://github.com/curl/curl/issues/3653 - Ref: https://github.com/curl/curl/pull/3790 - - NOTE: This commit was cherry-picked and is part of a series of commits - that added the authzid feature for upcoming 7.66.0. The series was - temporarily reverted in db8ec1f so that it would not ship in a 7.65.x - patch release. - - Closes https://github.com/curl/curl/pull/4186 - -- [Steve Holme brought this change] - - sasl: Implement SASL authorisation identity via CURLOPT_SASL_AUTHZID - - Added the ability for the calling program to specify the authorisation - identity (authzid), the identity to act as, in addition to the - authentication identity (authcid) and password when using SASL PLAIN - authentication. - - Fixes #3653 - Closes #3790 - - NOTE: This commit was cherry-picked and is part of a series of commits - that added the authzid feature for upcoming 7.66.0. The series was - temporarily reverted in db8ec1f so that it would not ship in a 7.65.x - patch release. - - Closes https://github.com/curl/curl/pull/4186 - -Daniel Stenberg (6 Aug 2019) -- docs/HTTP3: refreshed as it is now in master and HTTP/3 can be tested - -- [Yiming Jing brought this change] - - mesalink: implement client authentication - - Closes #4184 - -- curl_multi_poll: a sister to curl_multi_wait() that waits more - - Repeatedly we see problems where using curl_multi_wait() is difficult or - just awkward because if it has no file descriptor to wait for - internally, it returns immediately and leaves it to the caller to wait - for a small amount of time in order to avoid occasional busy-looping. - - This is often missed or misunderstood, leading to underperforming - applications. - - This change introduces curl_multi_poll() as a replacement drop-in - function that accepts the exact same set of arguments. This function - works identically to curl_multi_wait() - EXCEPT - for the case when - there's nothing to wait for internally, as then this function will by - itself wait for a "suitable" short time before it returns. This - effectiely avoids all risks of busy-looping and should also make it less - likely that apps "over-wait". - - This also changes the curl tool to use this funtion internally when - doing parallel transfers and changes curl_easy_perform() to use it - internally. - - Closes #4163 - -- quiche:h3_stream_recv return 0 at end of stream - - ... and remove some verbose messages we don't need. Made transfers from - facebook.com work better. - -- altsvc: make quiche use h3-22 now - -- quiche: show the actual version number - -- quiche: first working HTTP/3 request - - - enable debug log - - fix use of quiche API - - use download buffer - - separate header/body - - Closes #4193 - -- http09: disable HTTP/0.9 by default in both tool and library - - As the plan has been laid out in DEPRECATED. Update docs accordingly and - verify in test 1174. Now requires the option to be set to allow HTTP/0.9 - responses. - - Closes #4191 - -- quiche: initial h3 request send/receive - -- lib/Makefile.am: make checksrc run in vquic too - -- altsvc: fix removal of expired cache entry - - Closes #4192 - -- RELEASE-NOTES: synced - -Steve Holme (4 Aug 2019) -- md4: Use our own MD4 implementation when no crypto libraries are available - - Closes #3780 - -- md4: No need to include Curl_md4.h for each TLS library - -- md4: No need for the NTLM code to call Curl_md4it() for each TLS library - - As the NTLM code no longer calls any of TLS libraries' specific MD4 - functions, there is no need to call this function for each #ifdef. - -- md4: Move the mbed TLS MD4 implementation out of the NTLM code - -- md4: Move the WinCrypt implementation out of the NTLM code - -- md4: Move the SecureTransport implementation out of the NTLM code - -- md4: Use the Curl_md4it() function for OpenSSL based NTLM - -- md4: Move the GNU TLS gcrypt MD4 implementation out of the NTLM code - -- md4: Move the GNU TLS Nettle MD4 implementation out of the NTLM code - -Jay Satiro (4 Aug 2019) -- OS400: Add CURLOPT_H3 symbols - - Follow-up to 3af0e76 which added experimental H3 support. - - Closes https://github.com/curl/curl/pull/4185 - -Daniel Stenberg (3 Aug 2019) -- url: make use of new HTTP version if alt-svc has one - -- url: set conn->transport to default TCP at init time - -- altsvc: with quiche, use the quiche h3 alpn string - - Closes #4183 - -- alt-svc: more liberal ALPN name parsing - - Allow pretty much anything to be part of the ALPN identifier. In - particular minus, which is used for "h3-20" (in-progress HTTP/3 - versions) etc. - - Updated test 356. - Closes #4182 - -- quiche: use the proper HTTP/3 ALPN - -- quiche: add failf() calls for two error cases - - To aid debugging - - Closes #4181 - -- mailmap: added Kyohei Kadota - -Kamil Dudka (1 Aug 2019) -- http_negotiate: improve handling of gss_init_sec_context() failures - - If HTTPAUTH_GSSNEGOTIATE was used for a POST request and - gss_init_sec_context() failed, the POST request was sent - with empty body. This commit also restores the original - behavior of `curl --fail --negotiate`, which was changed - by commit 6c6035532383e300c712e4c1cd9fdd749ed5cf59. - - Add regression tests 2077 and 2078 to cover this. - - Fixes #3992 - Closes #4171 - -Daniel Stenberg (1 Aug 2019) -- mailmap: added 4 more names - - Evgeny Grin, Peter Pih, Anton Malov and Marquis de Muesli - -- mailmap: add Giorgos Oikonomou - -- src/makefile: fix uncompressed hugehelp.c generation - - Regression from 5cf5d57ab9 (7.64.1) - - Fixed-by: Lance Ware - Fixes #4176 - Closes #4177 - -- appveyor: pass on -k to make - -- timediff: make it 64 bit (if possible) even with 32 bit time_t - - ... to make it hold microseconds too. - - Fixes #4165 - Closes #4168 - -- ROADMAP: parallel transfers are merged now - -- getenv: support up to 4K environment variable contents on windows - - Reported-by: Michal Čaplygin - Fixes #4174 - Closes #4175 - -- [Kyohei Kadota brought this change] - - plan9: add support for running on Plan 9 - - Closes #3701 - -- [Kyohei Kadota brought this change] - - ntlm: explicit type casting - -- [Justin brought this change] - - curl.h: fix outdated comment - - Closes #4167 - -- curl: remove outdated comment - - Turned bad with commit b8894085000 - - Reported-by: niallor on github - Fixes #4172 - Closes #4173 - -- cleanup: remove the 'numsocks' argument used in many places - - It was used (intended) to pass in the size of the 'socks' array that is - also passed to these functions, but was rarely actually checked/used and - the array is defined to a fixed size of MAX_SOCKSPEREASYHANDLE entries - that should be used instead. - - Closes #4169 - -- readwrite_data: repair setting the TIMER_STARTTRANSFER stamp - - Regression, broken in commit 65eb65fde64bd5f (curl 7.64.1) - - Reported-by: Jonathan Cardoso Machado - Assisted-by: Jay Satiro - - Fixes #4136 - Closes #4162 - -- mailmap: Amit Katyal - -- asyn-thread: removed unused variable - - Follow-up to eb9a604f. Mistake caused by me when I edited the commit - before push... - -- RELEASE-NOTES: synced - -- [Amit Katyal brought this change] - - asyn-thread: create a socketpair to wait on - - Closes #4157 - -- curl: cap the maximum allowed values for retry time arguments - - ... to avoid integer overflows later when multiplying with 1000 to - convert seconds to milliseconds. - - Added test 1269 to verify. - - Reported-by: Jason Lee - Closes #4166 - -- progress: reset download/uploaded counter - - ... to make CURLOPT_MAX_RECV_SPEED_LARGE and - CURLOPT_MAX_SEND_SPEED_LARGE work correctly on subsequent transfers that - reuse the same handle. - - Fixed-by: Ironbars13 on github - Fixes #4084 - Closes #4161 - -- http2_recv: trigger another read when the last data is returned - - ... so that end-of-stream is detected properly. - - Reported-by: Tom van der Woerdt - Fixes #4043 - Closes #4160 - -- curl: avoid uncessary libcurl timeouts (in parallel mode) - - When curl_multi_wait() returns OK without file descriptors to wait for, - it might already have done a long timeout. - - Closes #4159 - -- [Balazs Kovacsics brought this change] - - HTTP: use chunked Transfer-Encoding for HTTP_POST if size unknown - - If using the read callback for HTTP_POST, and POSTFIELDSIZE is not set, - automatically add a Transfer-Encoding: chunked header, same as it is - already done for HTTP_PUT, HTTP_POST_FORM and HTTP_POST_MIME. Update - test 1514 according to the new behaviour. - - Closes #4138 - -Jay Satiro (29 Jul 2019) -- [Daniel Stenberg brought this change] - - winbuild: add vquic to list of build directories - - This fixes the winbuild build method which broke several days ago - when experimental quic support was added in 3af0e76. - - Reported-by: Michael Lee - - Fixes https://github.com/curl/curl/issues/4158 - -- easy: resize receive buffer on easy handle reset - - - In curl_easy_reset attempt to resize the receive buffer to its default - size. If realloc fails then continue using the previous size. - - Prior to this change curl_easy_reset did not properly handle resetting - the receive buffer (data->state.buffer). It reset the variable holding - its size (data->set.buffer_size) to the default size (READBUFFER_SIZE) - but then did not actually resize the buffer. If a user resized the - buffer by using CURLOPT_BUFFERSIZE to set the size smaller than the - default, later called curl_easy_reset and attempted to reuse the handle - then a heap overflow would very likely occur during that handle's next - transfer. - - Reported-by: Felix Hädicke - - Fixes https://github.com/curl/curl/issues/4143 - Closes https://github.com/curl/curl/pull/4145 - -- [Brad Spencer brought this change] - - examples: Avoid reserved names in hiperfifo examples - - - Trade in __attribute__((unused)) for the classic (void)x to silence - unused symbols. - - Because the classic way is not gcc specific. Also because the prior - method mapped to symbol _Unused, which starts with _ and a capital - letter which is reserved. - - Assisted-by: The Infinnovation team - - Bug: https://github.com/curl/curl/issues/4120#issuecomment-512542108 - - Closes https://github.com/curl/curl/pull/4153 - -Daniel Stenberg (25 Jul 2019) -- RELEASE-NOTES: synced - -- [Felix Hädicke brought this change] - - ssh-libssh: do not specify O_APPEND when not in append mode - - Specifying O_APPEND in conjunction with O_TRUNC and O_CREAT does not - make much sense. And this combination of flags is not accepted by all - SFTP servers (at least not Apache SSHD). - - Fixes #4147 - Closes #4148 - -- [Gergely Nagy brought this change] - - multi: call detach_connection before Curl_disconnect - - Curl_disconnect bails out if conn->easyq is not empty, detach_connection - needs to be called first to remove the current easy from the queue. - - Fixes #4144 - Closes #4151 - -Jay Satiro (23 Jul 2019) -- tool_operate: fix implicit call to easysrc_cleanup - - easysrc_cleanup is only defined when CURL_DISABLE_LIBCURL_OPTION is not - defined, and prior to this change would be called regardless. - - Bug: https://github.com/curl/curl/pull/3804#issuecomment-513922637 - Reported-by: Marcel Raad - - Closes https://github.com/curl/curl/pull/4142 - -Daniel Stenberg (22 Jul 2019) -- curl:create_transfers check return code from curl_easy_setopt - - From commit b8894085 - - Pointed out by Coverity CID 1451703 - - Closes #4134 - -- HTTP3: initial (experimental) support - - USe configure --with-ngtcp2 or --with-quiche - - Using either option will enable a HTTP3 build. - Co-authored-by: Alessandro Ghedini <alessandro@ghedini.me> - - Closes #3500 - -- curl: remove dead code - - The loop never loops (since b889408500), pointed out by Coverity (CID - 1451702) - - Closes #4133 - -- docs/PARALLEL-TRANSFERS: correct the version number - -- docs/PARALLEL-TRANSFERS: added - -- curl: support parallel transfers - - This is done by making sure each individual transfer is first added to a - linked list as then they can be performed serially, or at will, in - parallel. - - Closes #3804 - -- docs/MANUAL.md: converted to markdown from plain text - - ... will make it render as a nicer web page. - - Closes #4131 - -- curl_version_info: provide nghttp2 details - - Introducing CURLVERSION_SIXTH with nghttp2 info. - - Closes #4121 - -- bump: start working on 7.66.0 - -- source: remove names from source comments - - Several reasons: - - - we can't add everyone who's helping out so its unfair to just a few - selected ones. - - we already list all helpers in THANKS and in RELEASE-NOTES for each - release - - we don't want to give the impression that some parts of the code is - "owned" or "controlled" by specific persons - - Assisted-by: Daniel Gustafsson - Closes #4129 - -Version 7.65.3 (19 Jul 2019) - -Daniel Stenberg (19 Jul 2019) -- RELEASE-NOTES: 7.65.3 - -- THANKS: 7.65.3 status - -- progress: make the progress meter appear again - - Fix regression caused by 21080e1 - - Reported-by: Chih-Hsuan Yen - Fixes #4122 - Closes #4124 - -- version: bump to 7.65.3 - -- RELEASE-NOTES: Contributors or now 1990 - -Version 7.65.2 (17 Jul 2019) - -Daniel Stenberg (17 Jul 2019) -- RELEASE-NOTES: 7.65.2 - -- THANKS: add contributors from 7.65.2 - -Jay Satiro (17 Jul 2019) -- [aasivov brought this change] - - cmake: Fix finding Brotli on case-sensitive file systems - - - Find package "Brotli" instead of "BROTLI" since the former is the - casing used for CMake/FindBrotli.cmake, and otherwise find_package - may fail on a case-sensitive file system. - - Fixes https://github.com/curl/curl/issues/4117 - -- CURLOPT_RANGE.3: Caution against using it for HTTP PUT - - AFAICT CURLOPT_RANGE does not support ranged HTTP PUT uploads so I've - cautioned against using it for that purpose and included a workaround. - - Bug: https://curl.haxx.se/mail/lib-2019-04/0075.html - Reported-by: Christopher Head - - Closes https://github.com/curl/curl/issues/3814 - -- [Stefano Simonelli brought this change] - - CURLOPT_SEEKDATA.3: fix variable name - - Closes https://github.com/curl/curl/pull/4118 - -- [Giorgos Oikonomou brought this change] - - CIPHERS.md: Explain Schannel error SEC_E_ALGORITHM_MISMATCH - - If the SSL backend is Schannel and the user specifies an Schannel CALG_ - that is not supported by the protocol or the server then curl returns - CURLE_SSL_CONNECT_ERROR (35) SEC_E_ALGORITHM_MISMATCH. - - Fixes https://github.com/curl/curl/issues/3389 - Closes https://github.com/curl/curl/pull/4106 - -- [Daniel Gustafsson brought this change] - - nss: inspect returnvalue of token check - - PK11_IsPresent() checks for the token for the given slot is available, - and sets needlogin flags for the PK11_Authenticate() call. Should it - return false, we should however treat it as an error and bail out. - - Closes https://github.com/curl/curl/pull/4110 - -- docs: Explain behavior change in --tlsv1. options since 7.54 - - Since 7.54 --tlsv1. options use the specified version or later, however - older versions of curl documented it as using just the specified version - which may or may not have happened depending on the TLS library. - Document this discrepancy to allay confusion for users familiar with the - old documentation that expect just the specified version. - - Fixes https://github.com/curl/curl/issues/4097 - Closes https://github.com/curl/curl/pull/4119 - -- libcurl: Restrict redirect schemes (follow-up) - - - Allow FTPS on redirect. - - - Update default allowed redirect protocols in documentation. - - Follow-up to 6080ea0. - - Ref: https://github.com/curl/curl/pull/4094 - - Closes https://github.com/curl/curl/pull/4115 - -Daniel Stenberg (16 Jul 2019) -- test1173: make it also check all libcurl option man pages - - ... and adjust those that cause errors - - Closes #4116 - -- curl: only accept COLUMNS less than 10000 - - ... as larger values would rather indicate something silly (and could - potentially cause buffer problems). - - Reported-by: pendrek at hackerone - Closes #4114 - -- dist: add manpage-syntax.pl - - follow-up to 7fb66c403 - -- test1173: detect some basic man page format mistakes - - Triggered by PR #4111 - - Closes #4113 - -Jay Satiro (15 Jul 2019) -- [Bjarni Ingi Gislason brought this change] - - docs: Fix missing lines caused by undefined macros - - - Escape apostrophes at line start. - - Some lines begin with a "'" (apostrophe, single quote), which is then - interpreted as a control character in *roff. - - Such lines are interpreted as being a call to a macro, and if - undefined, the lines are removed from the output. - - Bug: https://bugs.debian.org/926352 - Signed-off-by: Bjarni Ingi Gislason <bjarniig@rhi.hi.is> - - Submitted-by: Alessandro Ghedini - - Closes https://github.com/curl/curl/pull/4111 - -Daniel Stenberg (14 Jul 2019) -- libcurl-security.3: update to new CURLOPT_REDIR_PROTOCOLS defaults - - follow-up to 6080ea098 - -- [Linos Giannopoulos brought this change] - - libcurl: Add testcase for gopher redirects - - The testcase ensures that redirects to CURLPROTO_GOPHER won't be - allowed, by default, in the future. Also, curl is being used - for convenience while keeping the testcases DRY. - - The expected error code is CURLE_UNSUPPORTED_PROTOCOL when the client is - redirected to CURLPROTO_GOPHER - - Signed-off-by: Linos Giannopoulos <lgian@skroutz.gr> - -- [Linos Giannopoulos brought this change] - - libcurl: Restrict redirect schemes - - All protocols except for CURLPROTO_FILE/CURLPROTO_SMB and their TLS - counterpart were allowed for redirect. This vastly broadens the - exploitation surface in case of a vulnerability such as SSRF [1], where - libcurl-based clients are forced to make requests to arbitrary hosts. - - For instance, CURLPROTO_GOPHER can be used to smuggle any TCP-based - protocol by URL-encoding a payload in the URI. Gopher will open a TCP - connection and send the payload. - - Only HTTP/HTTPS and FTP are allowed. All other protocols have to be - explicitly enabled for redirects through CURLOPT_REDIR_PROTOCOLS. - - [1]: https://www.acunetix.com/blog/articles/server-side-request-forgery-vulnerability/ - - Signed-off-by: Linos Giannopoulos <lgian@skroutz.gr> - - Closes #4094 - -- [Zenju brought this change] - - openssl: define HAVE_SSL_GET_SHUTDOWN based on version number - - Closes #4100 - -- [Peter Simonyi brought this change] - - http: allow overriding timecond with custom header - - With CURLOPT_TIMECONDITION set, a header is automatically added (e.g. - If-Modified-Since). Allow this to be replaced or suppressed with - CURLOPT_HTTPHEADER. - - Fixes #4103 - Closes #4109 - -Jay Satiro (11 Jul 2019) -- [Juergen Hoetzel brought this change] - - smb: Use the correct error code for access denied on file open - - - Return CURLE_REMOTE_ACCESS_DENIED for SMB access denied on file open. - - Prior to this change CURLE_REMOTE_FILE_NOT_FOUND was returned instead. - - Closes https://github.com/curl/curl/pull/4095 - -- [Daniel Gustafsson brought this change] - - DEPRECATE: fixup versions and spelling - - Correctly set the July 17 version to 7.65.2, and update spelling to - be consistent. Also fix a typo. - - Closes https://github.com/curl/curl/pull/4107 - -- [Gisle Vanem brought this change] - - system_win32: fix clang warning - - - Declare variable in header as extern. - - Bug: https://github.com/curl/curl/commit/48b9ea4#commitcomment-34084597 - -Daniel Gustafsson (10 Jul 2019) -- headers: Remove no longer exported functions - - There were a leftover few prototypes of Curl_ functions that we used to - export but no longer do, this removes those prototypes and cleans up any - comments still referring to them. - - Curl_write32_le(), Curl_strcpy_url(), Curl_strlen_url(), Curl_up_free() - Curl_concat_url(), Curl_detach_connnection(), Curl_http_setup_conn() - were made static in 05b100aee247bb9bec8e9a1b0166496aa4248d1c. - Curl_http_perhapsrewind() made static in 574aecee208f79d391f10d57520b3. - - For the remainder, I didn't trawl the Git logs hard enough to capture - their exact time of deletion, but they were all gone: Curl_splayprint(), - Curl_http2_send_request(), Curl_global_host_cache_dtor(), - Curl_scan_cache_used(), Curl_hostcache_destroy(), Curl_second_connect(), - Curl_http_auth_stage() and Curl_close_connections(). - - Closes #4096 - Reviewed-by: Daniel Stenberg <daniel@haxx.se> - -- CMake: fix typos and spelling - -- [Kyle Edwards brought this change] - - CMake: Convert errant elseif() to else() - - CMake interprets an elseif() with no arguments as elseif(FALSE), - resulting in the elseif() block not being executed. That is not what - was intended here. Change the empty elseif() to an else() as it was - intended. - - Closes #4101 - Reported-by: Artalus <artalus-mail@yandex.ru> - Reviewed-by: Daniel Gustafsson <daniel@yesql.se> - -- buildconf: fix header filename - - The header file inclusion had a typo, it should be .h and not .hd. - Fix by renaming. - - Fixes #4102 - Reported-by: AceCrow on Github - -- [Jan Chren brought this change] - - configure: fix --disable-code-coverage - - This fixes the case when --disable-code-coverage supplied to ./configure - would result in coverage="yes" being set. - - Closes #4099 - Reviewed-by: Daniel Gustafsson <daniel@yesql.se> - -- cleanup: fix typo in comment - -- RELEASE-NOTES: synced - -Jay Satiro (6 Jul 2019) -- [Daniel Gustafsson brought this change] - - nss: support using libnss on macOS - - The file suffix for dynamically loadable objects on macOS is .dylib, - which need to be added for the module definitions in order to get the - NSS TLS backend to work properly on macOS. - - Closes https://github.com/curl/curl/pull/4046 - -- [Daniel Gustafsson brought this change] - - nss: don't set unused parameter - - The value of the maxPTDs parameter to PR_Init() has since at least - NSPR 2.1, which was released sometime in 1998, been marked ignored - as is accordingly not used in the initialization code. Setting it - to a value when calling PR_Init() is thus benign, but indicates an - intent which may be misleading. Reset the value to zero to improve - clarity. - - Closes https://github.com/curl/curl/pull/4054 - -- [Daniel Gustafsson brought this change] - - nss: only cache valid CRL entries - - Change the logic around such that we only keep CRLs that NSS actually - ended up caching around for later deletion. If CERT_CacheCRL() fails - then there is little point in delaying the freeing of the CRL as it - is not used. - - Closes https://github.com/curl/curl/pull/4053 - -- [Gergely Nagy brought this change] - - lib: Use UTF-8 encoding in comments - - Some editors and IDEs assume that source files use UTF-8 file encodings. - It also fixes the build with MSVC when /utf-8 command line option is - used (this option is mandatory for some other open-source projects, this - is useful when using the same options is desired for building all - libraries of a project). - - Closes https://github.com/curl/curl/pull/4087 - -- [Caleb Raitto brought this change] - - CURLOPT_HEADEROPT.3: Fix example - - Fix an issue where example builds a curl_slist, but fails to actually - use it, or free it. - - Closes https://github.com/curl/curl/pull/4090 - -- [Shankar Jadhavar brought this change] - - winbuild: Change Makefile to honor ENABLE_OPENSSL_AUTO_LOAD_CONFIG - - - Made changes so that ENABLE_OPENSSL_AUTO_LOAD_CONFIG will be honored. - - - Also removed some ^M chars from file. - - Prior to this change while building on Windows platform even if we pass - the ENABLE_OPENSSL_AUTO_LOAD_CONFIG option with value as "no" it does - not set the CURL_DISABLE_OPENSSL_AUTO_LOAD_CONFIG flag. - - Closes https://github.com/curl/curl/pull/4086 - -Daniel Stenberg (4 Jul 2019) -- doh-url.d: added in 7.62.0 - -Jay Satiro (30 Jun 2019) -- docs: Fix links to OpenSSL docs - - OpenSSL changed their manual locations and does not redirect to the new - locations. - - Bug: https://curl.haxx.se/mail/lib-2019-06/0056.html - Reported-by: Daniel Stenberg - -Daniel Stenberg (26 Jun 2019) -- [Gaël PORTAY brought this change] - - curl_multi_wait.3: escape backslash in example - - The backslash in the character Line Feed must be escaped. - - The current man-page outputs the code as following: - - fprintf(stderr, "curl_multi failed, code %d.0, mc); - - The commit fixes it as follow: - - fprintf(stderr, "curl_multi failed, code %d\n", mc); - - Closes #4079 - -- openssl: disable engine if OPENSSL_NO_UI_CONSOLE is defined - - ... since that needs UI_OpenSSL() which isn't provided when OpenSSL is - built with OPENSSL_NO_UI_CONSOLE which happens when OpenSSL is built for - UWP (with "VC-WIN32-UWP"). - - Reported-by: Vasily Lobaskin - Fixes #4073 - Closes #4077 - -- test1521: adapt to SLISTPOINT - - The header now has the slist-using options marked as SLISTPOINT so this - makes sure test 1521 understands that. - - Follow-up to ae99b4de1c443ae989 - - Closes #4074 - -- win32: make DLL loading a no-op for UWP - - Reported-by: Michael Brehm - Fixes #4060 - Closes #4072 - -- [1ocalhost brought this change] - - configure: fix typo '--disable-http-uath' - - Closes #4076 - -- [Niklas Hambüchen brought this change] - - docs: fix string suggesting HTTP/2 is not the default - - Commit 25fd1057c9c86e3 made HTTP2 the default, and further down in the - man page that new default is mentioned, but the section at the top - contradicted it until now. - - Also remove claim that setting the HTTP version is not sensible. - - Closes #4075 - -- RELEASE-NOTES: synced - -- [Stephan Szabo brought this change] - - tests: update fixed IP for hostip/clientip split - - These tests give differences for me on linux when using a hostip - pointing to the external ip address for the local machine. - - Closes #4070 - -Daniel Gustafsson (24 Jun 2019) -- http: clarify header buffer size calculation - - The header buffer size calculation can from static analysis seem to - overlow as it performs an addition between two size_t variables and - stores the result in a size_t variable. Overflow is however guarded - against elsewhere since the input to the addition is regulated by - the maximum read buffer size. Clarify this with a comment since the - question was asked. - - Reviewed-by: Daniel Stenberg <daniel@haxx.se> - -Daniel Stenberg (24 Jun 2019) -- KNOWN_BUGS: Don't clear digest for single realm - - Closes #3267 - -- KNOWN_BUGS: Schannel disable CURLOPT_SSL_VERIFYPEER and verify hostname - - Closes #3284 - -- http2: call done_sending on end of upload - - To make sure a HTTP/2 stream registers the end of stream. - - Bug #4043 made me find this problem but this fix doesn't correct the - reported issue. - - Closes #4068 - -- [James Brown brought this change] - - c-ares: honor port numbers in CURLOPT_DNS_SERVERS - - By using ares_set_servers_ports_csv on new enough c-ares. - - Fixes #4066 - Closes #4067 - -Daniel Gustafsson (24 Jun 2019) -- CURLMOPT_SOCKETFUNCTION.3: fix typo - -Daniel Stenberg (24 Jun 2019) -- [Koen Dergent brought this change] - - curl: skip CURLOPT_PROXY_CAPATH for disabled-proxy builds - - Closes #4061 - -- test153: fix content-length to avoid occasional hang - - Closes #4065 - -- RELEASE-NOTES: synced - -- multi: enable multiplexing by default (again) - - It was originally made default in d7c4213bd0c (7.62.0) but mistakenly - reverted in commit 2f44e94efb3d (7.65.0). Now enabled again. - - Closes #4051 - -- typecheck: add 3 missing strings and a callback data pointer - - Closes #4050 - -- tests: add disable-scan.pl to dist - - follow-up from 29177f422a5 - - Closes #4059 - -- http2: don't call stream-close on already closed streams - - Closes #4055 - -Marcel Raad (20 Jun 2019) -- travis: enable alt-svc for coverage build - - Closes - -- travis: enable libssh2 for coverage build - - It was enabled by default before commit c92d2e14cfb. - - Disable torture tests 600 and 601 because of - https://github.com/curl/curl/issues/1678. - - Closes - -- travis: disable threaded resolver for coverage build - - This enables more tests. - - Closes - -- travis: enable brotli for all xenial jobs - - There's no need for a separate job, and no need to build it from source - with Xenial. - - Closes - -- travis: enable warnings-as-errors for coverage build - - Closes - -GitHub (20 Jun 2019) -- [Gisle Vanem brought this change] - - system_win32: fix typo - -Daniel Stenberg (20 Jun 2019) -- typecheck: CURLOPT_CONNECT_TO takes an slist too - - Additionally, add an alias in curl.h for slist-using options so that - we can grep/parse those out at will. - - Closes #4042 - -- [Stephan Szabo brought this change] - - tests: support non-localhost HOSTIP for dict/smb servers - - smbserver.py/dictserver.py were explicitly using localhost/127.0.0.1 for - binding the server which when we were running the tests with a separate - HOSTIP and CLIENTIP had failures verifying the server from the device we - were testing. - - This changes them to take the address from runtests.py and default to - localhost/127.0.0.1 if none is given. - - Closes #4048 - -- test1523: basic test of CURLOPT_LOW_SPEED_LIMIT - -- configure: --disable-progress-meter - - Builds libcurl without support for the built-in progress meter. - - Closes #4023 - -- curl: improved skip-setopt-options when built with disabled features - - Reduces #ifdefs in src/tool_operate.c - - Follow-up from 4e86f2fc4e6 - Closes #3936 - -Steve Holme (18 Jun 2019) -- netrc: Return the correct error code when out of memory - - Introduced in 763c5178. - - Closes #4036 - -Daniel Stenberg (18 Jun 2019) -- config-os400: add getpeername and getsockname defines - - Reported-by: jonrumsey on github - Fixes #4037 - Closes #4039 - -- runtests: keep logfiles around by default - - Make '-k' a no-op. The singletest function now clears the log directory - BEFORE each individual test and not after, which makes it possible to - always keep the logfiles around after a test has been run. No need to - specify -k anymore. Keeping the option parsing around to work with users - of old habits. - - Some tests also didn't work properly when -k was used (since the old - logs would be kep when a new test starts) which this change also fixes. - - Closes #4035 - -- [Gergely Nagy brought this change] - - openssl: fix pubkey/signature algorithm detection in certinfo - - Certinfo gives the same result for all OpenSSL versions. - Also made printing RSA pubkeys consistent with older versions. - - Reported-by: Michael Wallner - Fixes #3706 - Closes #4030 - -- conn_maxage: move the check to prune_dead_connections() - - ... and avoid the locking issue. - - Reported-by: Kunal Ekawde - Fixes #4029 - Closes #4032 - -- tests: have runtests figure out disabled features - - ... so that runtests can skip individual test cases that test features - that are explicitly disabled in this build. This new logic is intended - for disabled features that aren't otherwise easily visible through the - curl_version_info() or other API calls. - - tests/server/disabled is a newly built executable that will output a - list of disabled features. Outputs nothing for a default build. - - Closes #3950 - -- test188/189: fix Content-Length - - This cures the flaky test results - - Closes #4034 - -- [Thomas Gamper brought this change] - - winbuild: use WITH_PREFIX if given - - Closes #4031 - -Daniel Gustafsson (17 Jun 2019) -- openssl: remove outdated comment - - OpenSSL used to call exit(1) on syntax errors in OPENSSL_config(), - which is why we switched to CONF_modules_load_file() and introduced - a comment stating why. This behavior was however changed in OpenSSL - commit abdd677125f3a9e3082f8c5692203590fdb9b860, so remove the now - outdated and incorrect comment. The mentioned commit also declares - OPENSSL_config() deprecated so keep the current coding. - - Closes #4033 - Reviewed-by: Daniel Stenberg <daniel@haxx.se> - -Daniel Stenberg (16 Jun 2019) -- RELEASE-NOTES: synced - -Patrick Monnerat (16 Jun 2019) -- os400: make vsetopt() non-static as Curl_vsetopt() for os400 support. - - Use it in curl_easy_setopt_ccsid(). - - Reported-by: jonrumsey on github - Fixes #3833 - Closes #4028 - -Daniel Stenberg (15 Jun 2019) -- runtests: report single test time + total duration - - ... after each successful test. - - Closes #4027 - -- multi: fix the transfer hash function - - Follow-up from 8b987cc7eb - - Reported-by: Tom van der Woerdt - Fixes #4018 - Closes #4024 - -- unit1654: cleanup on memory failure - - ... to make it handle torture tests properly. - - Reported-by: Marcel Raad - Fixes #4021 - Closes #4022 - -Marcel Raad (13 Jun 2019) -- krb5: fix compiler warning - - Even though the variable was used in a DEBUGASSERT, GCC 8 warned in - debug mode: - krb5.c:324:17: error: unused variable 'maj' [-Werror=unused-variable] - - Just suppress the warning and declare the variable unconditionally - instead of only for DEBUGBUILD (which also missed the check for - HAVE_ASSERT_H). - - Closes https://github.com/curl/curl/pull/4020 - -Daniel Stenberg (13 Jun 2019) -- quote.d: asterisk prefix works for SFTP as well - - Reported-by: Ben Voris - Fixes #4017 - Closes #4019 - -- multi: fix the transfer hashes in the socket hash entries - - - The transfer hashes weren't using the correct keys so removing entries - failed. - - - Simplified the iteration logic over transfers sharing the same socket and - they now simply are set to expire and thus get handled in the "regular" - timer loop instead. - - Reported-by: Tom van der Woerdt - Fixes #4012 - Closes #4014 - -Jay Satiro (12 Jun 2019) -- [Cliff Crosland brought this change] - - url: Fix CURLOPT_MAXAGE_CONN time comparison - - Old connections are meant to expire from the connection cache after - CURLOPT_MAXAGE_CONN seconds. However, they actually expire after 1000x - that value. This occurs because a time value measured in milliseconds is - accidentally divided by 1M instead of by 1,000. - - Closes https://github.com/curl/curl/pull/4013 - -Daniel Stenberg (11 Jun 2019) -- test1165: verify that CURL_DISABLE_ symbols are in sync - - between configure.ac and source code. They should be possible to switch - on/off in configure AND be used in source code. - -- configure: remove CURL_DISABLE_TLS_SRP - - It isn't used by code so stop providing the define. - - Closes #4010 - -- Revert "cmake: add SMB to list of disabled protocols if HTTP_ONLY is specified" - - This reverts commit 36738caeb78603ce24e3ea089a167b8c216fb938. - - Apparently several of the appveyor windows builds broke. - -- [sergey-raevskiy brought this change] - - cmake: add SMB to list of disabled protocols if HTTP_ONLY is specified - - Reviewed-by: Jakub Zakrzewski - Closes #3770 - -- RELEASE-NOTES: synced - -- http2: remove CURL_DISABLE_TYPECHECK define - - ... in http2-less builds as it served no use. - -- configure: more --disable switches to toggle off individual features - - ... actual support in the code for disabling these has already landed. - - Closes #4009 - -- wolfssl: fix key pinning build error - - follow-up from deb9462ff2de8 |