diff options
| author | dartraiden <wowemuh@gmail.com> | 2024-09-11 21:49:43 +0300 |
|---|---|---|
| committer | dartraiden <wowemuh@gmail.com> | 2024-09-11 21:52:35 +0300 |
| commit | c36db68a5f58ec6c9135eff778b6e77c30e58088 (patch) | |
| tree | 22eea126db82c50388c9f94cd683d6ec6f04e6cb /libs/libcurl/docs | |
| parent | 02bb82c1c0a4031e7b2f5578370fa5acd620f8e1 (diff) | |
libcurl: update to 8.10.0
Diffstat (limited to 'libs/libcurl/docs')
| -rw-r--r-- | libs/libcurl/docs/CHANGES | 11822 | ||||
| -rw-r--r-- | libs/libcurl/docs/RELEASE-NOTES | 563 | ||||
| -rw-r--r-- | libs/libcurl/docs/THANKS | 30 |
3 files changed, 592 insertions, 11823 deletions
diff --git a/libs/libcurl/docs/CHANGES b/libs/libcurl/docs/CHANGES deleted file mode 100644 index 59c4a26dc0..0000000000 --- a/libs/libcurl/docs/CHANGES +++ /dev/null @@ -1,11822 +0,0 @@ - _ _ ____ _
- ___| | | | _ \| |
- / __| | | | |_) | |
- | (__| |_| | _ <| |___
- \___|\___/|_| \_\_____|
-
- Changelog
-
-Version 8.9.1 (31 Jul 2024)
-
-Daniel Stenberg (31 Jul 2024)
-
-- RELEASE-NOTES: synced
-
-- THANKS: add names from the 8.9.1 release notes
-
- Also remove duplicates
-
-Stefan Eissing (30 Jul 2024)
-
-- x509asn1: unittests and fixes for gtime2str
-
- Fix issues in GTime2str() and add unit test cases to verify correct
- behaviour.
-
- Follow-up to 3c914bc6801
-
- Closes #14316
-
-Tal Regev (30 Jul 2024)
-
-- vtls: avoid forward declaration in MultiSSL builds
-
- The MSVC compiler cannot have forward declaration with const and static
- variable, causing this error:
- ```
- curl\lib\vtls\vtls.c(417,44): warning C4132: 'Curl_ssl_multi': const object s
- hould be initialized
- ```
-
- Ref: #14276
- Closes #14305
-
-Viktor Szakats (30 Jul 2024)
-
-- tidy-up: URL updates (one more)
-
- Follow-up to 767d5811b5c783b42cea999dd42ecf0453085d17 #14318
-
-- tidy-up: URL updates
-
- Closes #14318
-
-- cmake: drop `if(PKG_CONFIG_FOUND)` guard for `pkg_check_modules()`
-
- The oldest cmake supported by curl is v3.7.0, which already has such
- guard (using `PKG_CONFIG_EXECUTABLE`) inside `pkg_check_modules()`. The
- advantage of leaving that guard to CMake is that it will define/reset
- all output variables, while the manual guard doesn't do this and also
- leaves for example `NETTLE_FOUND` undefined.
-
- Delete the single use of this guard from the recently added `nettle`
- detection, where I included it by accident. Then possibly re-introduce
- it universally if we find it useful after more evaluation.
-
- Follow-up to 669ce42275635dc1f881dab3dfc9a55c9ab49b21 #14285
- Closes #14309
-
-Daniel Stenberg (30 Jul 2024)
-
-- mailmap: dedupe an author showing up twice in shortlog -s
-
-Ivan Kuchin (30 Jul 2024)
-
-- misc: cleanup after removing years from copyright
-
- - remove leftover copyright years from few test files
- - fix email in copyright lines
- - consistent format of copyright lines
-
- Closes #14312
-
-Alex Snast (30 Jul 2024)
-
-- wolfssl: avoid calling get_cached_x509_store if store is uncachable
-
- There's no need for get_cached_x509_store call if the return value won't
- be used for caching anyway.
-
- Closes #14306
-
-Daniel Stenberg (30 Jul 2024)
-
-- contrithanks.sh: use -F with -v to match lines as strings
-
- Makes names involving [brackets] work.
-
-Viktor Szakats (30 Jul 2024)
-
-- GHA/non-native: bump FreeBSD/arm64 python modules
-
- FreeBSD seems to upgrade their Python separately for arm64
- and Intel. Today, arm64 caught up with the Intel packages.
- Update our CI to reflect it.
-
- Closes #14310
-
-dependabot[bot] (30 Jul 2024)
-
-- GHA: bump github/codeql-action and msys2/setup-msys2
-
- - bump github/codeql-action from 3.25.13 to 3.25.15
-
- Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.
- 25.13 to 3.25.15.
- - [Release notes](https://github.com/github/codeql-action/releases)
- - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- - [Commits](https://github.com/github/codeql-action/compare/2d790406f505036ef
- 40ecba973cc774a50395aac...afb54ba388a7dca6ecae48f608c4ff05ff4cc77a)
-
- ---
- updated-dependencies:
- - dependency-name: github/codeql-action
- dependency-type: direct:production
- update-type: version-update:semver-patch
- ...
-
- Signed-off-by: dependabot[bot] <support@github.com>
- Closes #14300
-
- - bump msys2/setup-msys2 from 2.23.0 to 2.24.0
-
- Bumps [msys2/setup-msys2](https://github.com/msys2/setup-msys2) from 2.23.0 t
- o 2.24.0.
- - [Release notes](https://github.com/msys2/setup-msys2/releases)
- - [Changelog](https://github.com/msys2/setup-msys2/blob/main/CHANGELOG.md)
- - [Commits](https://github.com/msys2/setup-msys2/compare/d0e80f58dffbc64f6a3a
- 1f43527d469b4fc7b6c8...5df0ca6cbf14efcd08f8d5bd5e049a3cc8e07fd2)
-
- ---
- updated-dependencies:
- - dependency-name: msys2/setup-msys2
- dependency-type: direct:production
- update-type: version-update:semver-minor
- ...
-
- Signed-off-by: dependabot[bot] <support@github.com>
- Closes #14301
-
-Daniel Stenberg (30 Jul 2024)
-
-- x509asn1: clean up GTime2str
-
- Co-authored-by: Stefan Eissing
- Reported-by: Dov Murik
-
- Closes #14307
-
-- tool_operate: more defensive socket code
-
- - use 'struct sockaddr' to getsockname() and its sa_family member
-
- - use 'curl_socklen_t' instead of 'socklen_t'
-
- - check for AF_INET6 to exist instead assuming it does
-
- Should be generally more portable.
-
- Reported-by: Harry Sintonen
- Closes #14304
-
-Viktor Szakats (29 Jul 2024)
-
-- configure: limit `__builtin_available` test to Darwin
-
- This feature test always fails on non-Apple systems. (For Apple targets
- it's supported by llvm and Apple clang.)
-
- Syncs behaviour with CMake.
-
- Follow-up to cfd6f43d6ca7e57670b422bab7bbf10221a2cf3e #14127
- Cherry-picked from #14097
- Closes #14196
-
-Daniel Stenberg (29 Jul 2024)
-
-- RELEASE-NOTES: synced
-
-- CURLOPT_SSL_CTX_FUNCTION.md: mention CA caching
-
- and add a few more see-also
-
- Closes #14302
-
-Viktor Szakats (29 Jul 2024)
-
-- cmake: detect `libssh` via `pkg-config`
-
- Also:
- - fix broken libssh `pkg-config` behaviour on old Linux.
- (when found, `LIBSSH_LINK_LIBRARIES` remains undefined.)
-
- - delete manual libssh config from Old Linux CI job,
- it's no longer necessary.
-
- Closes #14199
-
-- GHA/non-native: improve, migrate x86_64 FreeBSD with tests from Cirrus CI
-
- - run tests via `make test-ci` instead of `make check` with autotools.
- - add `x86_64` job for FreeBSD, with tests.
- It matches the existing Cirrus CI job, with these differences:
- - finishes 3x faster (thanks to parallel tests enabled).
- - librtmp is not enabled because it's slated for removal by FreeBSD.
- (already past the removal deadline, thought the package still
- installs.)
- - DICT and TELNET servers fail to start. Couldn't figure out why.
- It means skipping test 1450 and 1452.
- - it runs more tests, e.g. websockets and ip6-localhost.
- - no `pkg update -f`.
- - it misses the `CRYPTOGRAPHY_DONT_BUILD_RUST=1`, `pkg delete curl`,
- `chmod 777`, `sudo -u nobody` and `sysctl net.inet.tcp.blackhole`
- tricks. The latter is the default in these runners, the others did
- not affect results.
- - set `-j0` for tests in the NetBSD job. Flaky otherwise.
-
- Closes #14244
-
-- cmake: detect `nettle` when building with GnuTLS
-
- `nettle` is a direct dependency of curl, when building with GnuTLS.
- Add a new `Find` module to detect it.
-
- Also:
- - GHA/macos: drop `nettle` hack no longer necessary.
- - add `nettle` to `libcurl.pc`.
- - also add `nettle` to `libcurl.pc` in autotools builds.
-
- Follow-up to 781242ffa44a9f9b95b6da5ac5a1bf6372ec6257 #11967
- Closes #14285
-
-- macos: fix Apple SDK bug workaround for non-macOS targets
-
- Turns out that MAC != OSX, despite what these names otherwise mean and
- what's suggested by source code comments. "MAC" in fact means Darwin
- (aka Apple), not macOS. "OSX" means macOS.
-
- GitHub bumped the macos-14 runner default to Xcode 15.4, hitting the
- llvm@15 incompatibility bug by default. Meaning the previous workaround
- for the SDK bug is necessary.
-
- This patch extend the workaround to not apply to mobile OS variants.
-
- Follow-up to ff784af461175584c73e7e2b65af00b1a5a6f67f #14159
- Reported-by: Sergey
- Confirmed-by: Marcel Raad
- Fixes #14269
- Closes #14275
-
-Stefan Eissing (29 Jul 2024)
-
-- wolfssl: CA store share fix
-
- When sharing the x509 store in wolfSSL, always use an explicitly
- constructed one, as the SSLCTX might have "only" an internal one which
- is not obeying reference count lifetimes.
-
- Fixes #14278
- Reported-by: Alex Snast
- Closes #14279
-
-Randall S. Becker (29 Jul 2024)
-
-- curl: support __ss_family use on NonStop platforms
-
- The definition of sockaddr_storage incorrectly specifies the ss_family
- field as __ss_family. This fix conditionally allows builds to succeed on
- all NonStop platforms.
-
- Signed-off-by: Randall S. Becker <randall.becker@nexbridge.ca>
-
- Closes #14273
-
-Daniel Stenberg (29 Jul 2024)
-
-- test993: list 1000 messages over POP3
-
- Attempt to verify issue #14201
-
- Closes #14297
-
-Stefan Eissing (29 Jul 2024)
-
-- connect: fix connection shutdown for event based processing
-
- connections being shutdown would register sockets for events, but then
- never remove these sockets again. Nor would the shutdown effectively
- been performed.
-
- - If a socket event involves a transfer, check if that is the
- connection cache internal handle and run its multi_perform()
- instead (the internal handle is used for all shutdowns).
- - When a timer triggers for a transfer, check also if it is
- about the connection cache internal handle.
- - During processing shutdowns in the connection cache, assess
- the shutdown timeouts. Register a Curl_expire() of the lowest
- value for the cache's internal handle.
-
- Reported-by: Gordon Parke
- Fixes #14280
- Closes #14296
-
-Daniel Stenberg (29 Jul 2024)
-
-- tests: provide FTP directory contents in the test file
-
- Instead of providing a fixed single synthetic response in the test
- server itself. To allow us to better use *different* directory listings
- in different test cases. In this change, most listings remain the same
- as before.
-
- The wildcard match tests still use synthetic responses but we should fix
- that as well.
-
- Updated numerous test cases to use this.
-
- Closes #14295
-
-- ftpserver.pl: make POP3 LIST serve content from the test file
-
- instead of a fixed list in the test server.
-
- Adjust test 853 accordingly.
-
- Closes #14293
-
-- TODO: thread-safe sharing
-
-- CURLSHOPT_SHARE.md: mention sessions/cookies as not thread-safe
-
- Sharing of these between threads are apparently also not done safely.
-
- Ref: #14290
- Reported-by: Aki Sakurai
- Closes #14292
-
-- RELEASE-NOTES: synced
-
-Patrick Monnerat (28 Jul 2024)
-
-- os400: build cli manual.
-
- Use PASE perl to run manual generation scripts.
-
- As PASE perl is not aware of all possible input file encoding, convert
- all files to UTF-8 upon build start (this might be lengthy).
-
- OS/400 terminal emulation may only offer 76 columns, thus a new -c
- parameter has been added to the managen program, defining the allowed
- width.
-
- If perl is not available, omit generation and disable online manual.
-
- Closes #14289
-
-Daniel Stenberg (27 Jul 2024)
-
-- example/multi-uv: remove the use of globals
-
- - shows how to pass on local variables (better)
-
- - start the transfers nicer (with curl_multi_socket_action)
-
- - consistent and helpful function naming - to better show what functions
- and callbacks that are used for what
-
- - build warning-free with gcc -W -Wall -pedantic
-
- Closes #14287
-
-Viktor Szakats (27 Jul 2024)
-
-- runtests: fold timing details with GHA, sync `-r` tflags
-
- - move timing details into a foldable group when run in GitHub Actions.
- Spec:
- https://docs.github.com/en/actions/using-workflows/workflow-commands-for-gi
- thub-actions#grouping-log-lines
-
- - enable `-r` (run time stats) option in autotools' `test-ci` target,
- syncing it with cmake.
-
- Closes #14284
-
-- GHA/windows: increase timeout for vcpkg build step [ci skip]
-
- Examples:
- https://github.com/curl/curl/actions/runs/10102112253/job/27937088909?pr=1427
- 4
- https://github.com/curl/curl/actions/runs/10102112253/job/27937082353?pr=1427
- 4
- https://github.com/curl/curl/actions/runs/10102112253/job/27937088478?pr=1427
- 4
-
-- GHA/macos: update comment about default Xcode on macos-14 runner [ci skip]
-
- New default since:
- https://github.com/actions/runner-images/blob/releases/macos-14-arm64/2024072
- 2/images/macos/macos-14-arm64-Readme.md
-
-Patrick Monnerat (27 Jul 2024)
-
-- os400: workaround an IBM ASCII run-time library bug
-
- IBM-provided ASCII function puts() does not output an expected trailing
- newline: emulate the correct behavior using other functions.
-
- Closes #14281
-
-Stefan Eissing (27 Jul 2024)
-
-- transfer: speed limiting fix for 32bit systems
-
- When checking if a speed limit on receives applies, compare the receive
- sizes using the large int type to prevent an overflow on systems where
- size_t is 32bit.
-
- Fixes #14272
- Reported-by: Mamoru Tasaka
- Closes #14277
-
-Anthony Hu (26 Jul 2024)
-
-- wolfSSL: allow wolfSSL's implementation of kyber to be used
-
- Closes #14268
-
-Daniel Stenberg (26 Jul 2024)
-
-- lib: survive some NULL input args
-
- The input string pointer to:
-
- curl_escape
- curl_easy_escape
- curl_unescape
- curl_easy_unescape
-
- The running_handles pointer to:
-
- curl_multi_perform
- curl_multi_socket_action
- curl_multi_socket_all
- curl_multi_socket
-
- Reported-by: icy17 on github
- Fixes #14247
- Closes #14262
-
-- RELEASE-PROCEDURE.md: restore next release date
-
- Pointed-out-by: extrimexxx on github
- Bug: https://github.com/curl/curl/pull/14267#issuecomment-2247062235
-
-- RELEASE-NOTES: synced
-
- bumped to 8.9.1
-
-- RELEASE-PROCEDURE.md: remove the initial build step
-
- Because it is no longer needed to be done by a person as the dmaketgz
- script does it by itself.
-
- Removed two past release dates, added two new future ones
-
- Closes #14267
-
-Version 8.9.0 (24 Jul 2024)
-
-Daniel Stenberg (24 Jul 2024)
-
-- RELEASE-NOTES: synced
-
-- THANKS: updates from the 8.9.0 release
-
-- curl_easy_escape.md: move historic details to HISTORY
-
- Closes #14261
-
-- docs/libcurl: add to cleanup docs that their inputs go invalid
-
- Reported-by: icy17 on github
- Fixes #14248
- Closes #14258
-
-dependabot[bot] (23 Jul 2024)
-
-- GHA: bump github/codeql-action from 3.25.11 to 3.25.13
-
- Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.
- 25.11 to 3.25.13.
- - [Release notes](https://github.com/github/codeql-action/releases)
- - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- - [Commits](https://github.com/github/codeql-action/compare/b611370bb5703a7ef
- b587f9d136a52ea24c5c38c...2d790406f505036ef40ecba973cc774a50395aac)
-
- ---
- updated-dependencies:
- - dependency-name: github/codeql-action
- dependency-type: direct:production
- update-type: version-update:semver-patch
- ...
-
- Signed-off-by: dependabot[bot] <support@github.com>
- Closes #14255
-
-Stefan Eissing (23 Jul 2024)
-
-- conncache: connection shutdown, multi_socket handling
-
- - implement the socket hash user/reader/writer processing also
- for connections that are being shut down by the connection cache.
- - split out handling of current vs. last pollset socket event handling
- into a function available in other code parts
- - add `shutdown_poll` pollset to `connectdata` struct so that changes
- in the pollset can be recorded during shutdown. (The internal handle
- cannot keep it since it might be used for many connections)
-
- Reported-by: calvin2021y on github
- Fixes #14252
- Closes #14257
-
-Daniel Stenberg (22 Jul 2024)
-
-- tool_cb_prg: output "flying saucers" with leading carriage return
-
- Because that is how the progress-bar is output, so when the progress-bar
- has been shown at least once and the information is reset, like for a
- redirect, there might be a moment where the size goes from known to
- unknown and then the flying saucerts are shown after a brief display of
- the progress-bar.
-
- It could previously cause accidental character leftovers on the right
- side of the bar when using a narrow display.
-
- Reported-by: Chris Webb
- Fixes #14213
- Closes #14246
-
-- lib: Curl_posttransfer => multi_posttransfer
-
- Moved from transfer.c to multi.c as it was only used within multi.c
-
- Made a void, as it returned a fixed return code nothing checked.
-
- Closes #14240
-
-- CURLOPT_SSL_VERIFYHOST.md: refresh
-
- Move mentions of old behavior to the HISTORY section to make it easier
- to read about modern behavior.
-
- Added a MATCHING section.
-
- Closes #14241
-
-- multi: do a final progress update on connect failure
-
- To fix timing metric etc
-
- Co-authored-by: Justin Maggard
- Fixes #14204
- Closes #14239
-
-Orgad Shaneh (19 Jul 2024)
-
-- md4: fix compilation with OpenSSL 1.x with md4 disabled
-
- If OpenSSL 1.x is used, and it is configured with md4 disabled,
- OPENSSL_NO_MD4 is defined in opensslconf.h, but this header was not
- included before checking for this define.
-
- Later in md4.c, openssl/md4.h is included, and it includes that header
- indirectly, leading to inconsistency within md4.c.
-
- Since the md4.h branch was taken, wincrypt.h (or others) is not
- included, and later below the USE_WIN32_CRYPTO branch is taken, but the
- types are not defined.
-
- Closes #14218
-
-martinevsky (19 Jul 2024)
-
-- ftp: remove redundant null pointer check in loop condition
-
- Closes #14234
-
-Justin Maggard (19 Jul 2024)
-
-- mbedtls: check version before getting tls version
-
- mbedtls_ssl_get_version_number() was added in mbedtls 3.2.0. Check for
- that version before using it.
-
- Closes #14228
-
-martinevsky (19 Jul 2024)
-
-- urlapi: remove unused definition of HOST_BAD
-
- Closes #14235
-
-Daniel Stenberg (19 Jul 2024)
-
-- curldown: fixups
-
- - make DEFAULT sections less repetitive
-
- - make historic mentions use HISTORY
-
- - generate the protocols section on `# %PROTOCOLS%` instead of guessing
- where to put it
-
- - generate the availability section on `# %AVAILABILITY%` instead of
- guessing where to put it
-
- - make the protocols section more verbose
-
- Closes #14227
-
-Tal Regev (19 Jul 2024)
-
-- GHA/windows: enable libssh in !ssl MSVC job
-
- Closes #14232
-
-- GHA/windows: enable libidn2 in !ssl MSVC job
-
- Closes #14200
-
-Viktor Szakats (19 Jul 2024)
-
-- GHA/macos: improve, fix gcc/llvm, add new test matrix
-
- This PR began as an attempt to drop GCC support, after repeated reports
- on fallouts when trying to use it on macOS.
-
- Then it transformed into a 3-week project turning up the issues causing
- the fallouts, ending up including llvm and all available Xcode / macOS
- SDK, macOS runner image, build tools and compiler vendors and versions.
- Accumulating 400 sub-commits.
-
- I developed and tested all fixes under this PR, then merged them as
- separate patches.
-
- This PR retained CI jobs updates, extensively reworking and extending
- them: [1]
-
- At first it seemed GCC and the Apple SDK is "naturally" growing more
- incompatible, as Apple added further non-standard features to their
- headers. This is partly true, but reality is more complicated.
-
- Besides some issues local to curl, there were bugs in Apple SDK
- headers, Homebrew GCC builds, feature missing in the old llvm version
- pre-installed on GitHub CI runner images, and subtle incompatibilities
- between GCC and llvm/clang when handling language extensions.
-
- Resulting compiler errors seldom pointed to a useful direction, and
- internet search was silent about these issues too. Thus, I had to peel
- them off layer by layer, using trial and error, and by recognizing
- patterns of failures accross 150-200 builds combinations. Exposing
- configure logs, and curl_config.h in the CI logs helped too.
-
- 1. GCC header compatibility layer ("hack" as GCC calls it)
-
- The toughest issue is GCC's built-in compatibility layer:
- https://github.com/gcc-mirror/gcc/tree/master/fixincludes
-
- This patch layer is further patched by a "Darwin compatibility" project
- applied on top by Homebrew GCC via:
- https://github.com/iains/gcc-12-branch
- https://github.com/iains/gcc-13-branch
- https://github.com/iains/gcc-14-branch
-
- The hack layer is designed in a way that breaks more builds than it
- fixes, esp. in context of GHA runners. The idea is to build GCC
- specifically for the SDK for the target macOS version. The problem with
- this approach is that the Xcode + SDK installed on the local/CI machine
- often does not match with the SDK used on while building GCC on
- Homebrew's build machines. In these cases the GCC compatibility layer
- turns into an "uncompatibility" layer and consistently breaks builds.
- curl cannot offer a fix for this, because the solution (I found) is to
- patch the toolchain on the local machine. I implemented this for our CI
- builds and curl-for-win. In other case the user must do this patching
- manually, or choose a compatible GCC + Xcode/SDK combination.
-
- An upstream fix doesn't seem trivial either, because the issue is
- ingrained in the compatibility layer's design. Offering an `-fapplesdk`
- (or recognizing `-target`) option and/or fixing them within the compiler
- would seem like a more robust option, and also how mainline llvm solves
- this.
-
- Here's a table summarizing the GCC + SDK combinations and curl build
- failures: [2]
-
- More info: https://github.com/curl/curl/issues/10356#issuecomment-2222734103
-
- db135f8d7207b20d531e7e2100a49f3e16bdcfab #14119 macos: add workaround for gcc
- , non-c-ares, IPv6, compile error
- Ref: https://github.com/curl/curl-for-win/commit/e2db3c475f5981352e6e6a79854a
- 255805b28deb
- Ref: https://github.com/curl/curl-for-win/commit/f5c58d7fef78e972be33ca2355dc
- b42ba56622a6
-
- 2. Homebrew GCC's `availability` extension
-
- A recent minor Homebrew GCC upgrade caused major breakage. The "Darwin
- compatibility" patch applied to GCC implemented the `availability`
- compiler attribute in GCC. Apple SDK detected this and enabled using
- them, but as it turns out GCC accepts compiler attributes with slightly
- different rules than llvm/clang, and how the Apple SDK uses them,
- breaking builds.
-
- Affected Homebrew GCC versions are: 12.4.0, 13.3.0 and 14.1.0.
-
- Possibly tracked here: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=108796
- More info: https://github.com/llvm/llvm-project/issues/81767
-
- Commit implementing the `availability` macro:
- gcc-12: https://github.com/iains/gcc-12-branch/commit/fd5530b7cb0012bf4faeddd
- 45e13054a1dfa6783
- gcc-13: https://github.com/iains/gcc-13-branch/commit/cb7e4eca68cfc4763474e2e
- b0935a844458842a8
- gcc-14: https://github.com/iains/gcc-14-branch/commit/ff62a108865a6403f501738
- 0d7018250c1d3306f
-
- That applied to Homebrew GCC (12.4.0):
- https://github.com/Homebrew/homebrew-core/commit/b904223d9893f62bec2a8f7483bf
- 5992747fc6c7#diff-89dd0b4176eca7fcc24b591943509bf8a8d6ea904d71e5dfcd6b78fed62
- fc574R44-R48
-
- Ref: #13700
- More info: https://github.com/curl/curl/pull/14091#issuecomment-2222703468
-
- e91fcbac7d86292858718a0bfebad57978761af4 #14155 macos: undo `availability` ma
- cro enabled by Homebrew gcc
-
- 3. Proprietary Apple SDK macros
-
- Apple SDK expects certain macros predefined by the compiler. Missing
- them may causes odd issues. Mainline llvm is keeping up with Apple
- clang, but it needs a fresh version, while the one installed on GitHub
- runners is old (v15). I patched these in `lib/curl_setup.h`.
-
- baa3270846b2a7307cbd0dd5c02c4e5f00e388dd #14134 build: fix llvm 16 or older +
- Xcode 15 or newer, and gcc
-
- 4. Apple SDK header bug
-
- Without certain predefined macros, SDK headers can take a codepath where
- it mis-defines its own `TARGET_OS_OSX` macro, which make it break its
- own headers later. I patched it in `lib/curl_setup.h`.
-
- ff784af461175584c73e7e2b65af00b1a5a6f67f #14159 build: fix llvm 17 and older
- + macOS SDK 14.4 and newer
-
- 5. `TargetConditionals.h` requires `sys/types.h`
-
- Fixed in curl. It caused feature-detection failurs with autotools, and
- could break builds in certain configurations.
-
- e1f6192939c9c5ab2310b60bedf4c07d635193f6 #14130 configure: fix `SystemConfigu
- ration` detection
-
- 6. Differences between autotools and CMake compiler options
-
- Fixed it by syncing compiler warning options.
-
- 59cadacfcc1d39472245979cdbd614c7a9af6f0d #14128 build: sync warning options b
- etween autotools, cmake & compilers
-
- 7. Differences between autotools and CMake dependency detection
-
- Fixed it by improving detection of libidn2, with some more fixes
- pending for the next feature window.
-
- f43adc2c4978f7f82a359e89186e58a31d17b0ad #14137 cmake: detect `libidn2` also
- via `pkg-config`
- Ref: #14136 cmake: detect `nghttp2` via `pkg-config`, enable by default
-
- 8. libidn2 detection bug with CMake
-
- Fixed the root cause and also the trigger in the CI config.
-
- 764fbabf6ed4c1d36c0ab2033ac8df52d9923cd7 #14175 cmake: fix builds with detect
- ed libidn2 lib but undetected header
-
- 9. Suppressed compiler warnings inside Apple-specific curl code
-
- Fixed these warnings, which allowed to stop silencing them.
-
- b05dc7eb3592305de9fa85640767f3dd2a8d4c93 #14122 sectransp: fix `HAVE_BUILTIN_
- AVAILABLE` checks to not emit warnings
- 5fa534b0dacdc120aaab0766047e0ecac37be4b3 #14162 sectransp: fix clang compiler
- warnings, stop silencing them
-
- 10. CMake mis-detecting a CA bundle path on macOS
-
- d2ef6255f4a040397d2f40ab7cbf65a203201cd9 #14182 cmake: sync CA bundle/path de
- tection with autotools
-
- 11. Failure to build tests with LibreSSL or wolfSSL with CMake
-
- Fixed by dropping unnecessary includes, makign test builds dependent
- on dependency headers.
-
- 3765d75ce47b66289f946382b649d0e99389dc77 #14172 cmake: fix building `unit1600
- ` due to missing `ssl/openssl.h`
-
- 12. curl tests with CMake
-
- curl's CMake was missing bits for running the C preprocessor accurately.
- It made tests 1119 and 1167 fail. I implemented the missing bits.
-
- efc2c5184d008fe2e5910fd03263e1ab0331d4e6 #14124 tests: include current direct
- ory when running test Perl commands
- c09db8b51b88ee6ad55bd637dcb4b47678e30906 #14129 cmake: create `configurehelp.
- pm` like autotools does
- 67cc1e3400b77536a3ca529c986247e1ef985e6e #14125 test1119: adapt for `.md` inp
- ut
-
- 13. GCC missing `__builtin_available()` support
-
- curl source code assumes this is available to enable certain codepaths.
- It's also intermixed with monotonic timer support.
-
- 14. Monotonic timer support with GCC
-
- Detected by GCC, while it probably shouldn't be. llvm/clang detects it
- depending on target OS version. I've been playing with this, but so far
- without a conclusion or fix.
-
- 15. Runtime/test failures with GCC
-
- I couldn't find the reason for most of this. A bunch of RTSP tests fail
- with GCC. SecureTransport + HTTP/2 is failing a bunch of tests. With
- OpenSSL it fails two of those. SecureTransport builds also fail one DoH
- test.
-
- 16. Runtime/test failure in llvm/clang
-
- AppleIDN support received a fix with two more remaining.
-
- fd0250869f7837e4a48d7e6f54cc0801ad3820e8 #14179 #14176 IDN: fix ß with Apple
- IDN
-
- 17. Other issues found and fixed while working on this:
-
- 2c15aa5765900d4351e733671a1c8c3785beee1a GHA/macos: delete misplaced `
- CFLAGS`, drop redundant CMake option
- 80fb7c0bef209735ab352bf4afa31193a7bc65f1 #14126 configure: limit `SystemConfi
- guration` test to non-c-ares, IPv6 builds
- cfd6f43d6ca7e57670b422bab7bbf10221a2cf3e #14127 build: tidy up `__builtin_ava
- ilable` feature checks (Apple)
- bae555359979016999a9425a2d489f219a78abdd #14174 runtests: show name and keywo
- rds for failed tests in summary
- 09cdf7e5315711dea4ce7dcf5d99a4d41e7f658b #14178 cmake: delete unused `HAVE_LI
- BSSH2`, `HAVE_LIBSOCKET` macros
- d3595c74fab829f07ef44da1b7fc2f5668767020 #14186 configure: CA bundle/path det
- ection fixes
- 58772b0e082eda333e0a5fc8fb0bc7f17a3cd99c #14187 runtests: set `SOURCE_DATE_EP
- OCH` to fix failing around midnight
- 18f1cd7a77c4beecfd977d43f55634eb593ac99e #14183 tests: sync feature names wit
- h `curl -V`
- 4c22d97be786ed801e050da6872dd3143d6d0a59 #14181 build: use `#error` instead o
- f invalid syntax
-
- Pending merges:
-
- - #14185 runtests: fold test details for GitHub CI runs
- - #14197 cmake: grab-bag of tidy-ups
- - #14196 configure: limit `__builtin_available` test to Darwin
-
- Summary:
-
- In general GCC doesn't seem to be a good fit with curl and macOS for
- now. These "lucky" combinations (GitHub Actions runner) will build out
- of the box now: macos-14 + Xcode 15.0.1 + gcc-11, gcc-12, gcc-14. The
- rest builds with the ugly workaround in place, but all this still leaves
- some runtime issues.
-
- More info and links in the commit messages and source code.
-
- [1]: This PR:
- - add info about target OS version requirements per feature, with OS
- names and release years.
- - stop using `-Wno-deprecated-declarations` to suppress warnings.
- - use `LDFLAGS=-w` to suppress 'object file was built for newer macOS
- version than being linked' warnings.
- (there were tens of thousands of them in some jobs)
- - allow overriding Xcode version in all jobs.
- - improve job names.
- - abbreviate CMake as CM, autotools as AM for more compact job names.
- - shorten job names by using `!` instead of `no-` and `non-`.
- - bump parellel tests to 10 (from 5).
- - drop using `--enable-maintainer-mode` `./configure` option.
- - add gcc-12 no-ssl, autotools job with tests, ignore failing test
- results. (It's not yet clear why gcc-12 builds have different runtime
- results than clang/llvm ones.)
- - add comments with OS names and release years next to version numbers,
- e.g. 10.15 # Catalina (2019)
- - fix broken gcc-12 SecureTransport build.
- - show compiler, Xcode, SDK, gcc hack SDK versions, Homebrew
- preinstalled packages and C compiler predefined macros for each job.
- Useful for debugging all the strange problems these builds might have.
- - merge brew bundle and install steps.
- - move step names to the top.
- - dump configure log for both cmake and autotools also for successful
- builds. Useful for debugging.
- - dump curl_config.h in short (sorted #defines) and full form.
- - add support for the mainline llvm compiler.
- - set sysroot for gcc and llvm.
- - add timeout for cmake jobs.
- - add new job matrix: combinations
- It supports building all possible compiler, runner image, Xcode/SDK
- combinations, with cmake and autotools, target OS versions and with or
- without SecureTransport. It's quick. GHA limits the maximum number of
- matrix jobs at 256.
- I used this as a test-rig to fix the macOS build fallouts with gcc and
- llvm.
- I settled with 16 jobs, trying to maximize fallout coverage.
- - implement hack to make Homebrew gcc work with all available SDKs.
- - add handy mini-table about Xcode / SDK versions, OS names, years for
- each GHA images, with the defaults.
- - add tests for cmake jobs.
- - make cmake config hack to link GnuTLS less intrusive.
- - stop ignoring test 1452, seems fine now.
- - fix to enable libpsl in autotools builds.
- - enable libpsl in cmake builds.
- - add an llvm job with tests (both autotools and cmake).
- - delete similar macOS jobs from Circle CI. GHA is now arm64 too.
-
- [2]: Homebrew GCC vs GHA runner images vs curl builds:
- ```
- macOS Xcode gcc gcc SDK hacks Xcode SDK SDK major Build
- Compile
- (*def) (Homebrew) (CommandLineTools) versions
- error
- -------- -------- ---------- ------------------ ---------- --------- -----
- ---------------------
- macos-12 13.1 GCC 11.4.0 MacOSX12 MacOSX12.0
- macos-12 13.2.1 GCC 11.4.0 MacOSX12 MacOSX12.1
- macos-12 13.3.1 GCC 11.4.0 MacOSX12 MacOSX12.3
- macos-12 13.4.1 GCC 11.4.0 MacOSX12 MacOSX12.3
- macos-12 14.0.1 GCC 11.4.0 MacOSX12 MacOSX12.3
- macos-12 14.1 GCC 11.4.0 MacOSX12 MacOSX13.0 MISMATCH FAIL
- /Applications/Xcode_14.1.app/Contents/Developer/Platforms/MacOSX.platform/De
- veloper/SDKs/MacOSX.sdk/usr/include/os/object.h:275:1: error: expected ';' be
- fore 'extern'
- macos-12 *14.2 GCC 11.4.0 MacOSX12 MacOSX13.1 MISMATCH FAIL
- /Applications/Xcode_14.2.app/Contents/Developer/Platforms/MacOSX.platform/De
- veloper/SDKs/MacOSX.sdk/usr/include/os/object.h:275:1: error: expected ';' be
- fore 'extern'
- macos-13 14.1 GCC 11.4.0 MacOSX13 MacOSX13.0
- macos-13 14.2 GCC 11.4.0 MacOSX13 MacOSX13.1
- macos-13 14.3.1 GCC 11.4.0 MacOSX13 MacOSX13.3
- macos-13 *15.0.1 GCC 11.4.0 MacOSX13 MacOSX14.0 MISMATCH FAIL
- /Applications/Xcode_15.0.1.app/Contents/Developer/Platforms/MacOSX.platform/
- Developer/SDKs/MacOSX.sdk/usr/include/dispatch/queue.h:103:1: error: unknown
- type name 'dispatch_queue_t'
- macos-13 15.1 GCC 11.4.0 MacOSX13 MacOSX14.2 MISMATCH FAIL
- /Applications/Xcode_15.1.app/Contents/Developer/Platforms/MacOSX.platform/De
- veloper/SDKs/MacOSX.sdk/usr/include/dispatch/queue.h:103:1: error: unknown ty
- pe name 'dispatch_queue_t'
- macos-13 15.2 GCC 11.4.0 MacOSX13 MacOSX14.2 MISMATCH FAIL
- /Applications/Xcode_15.2.app/Contents/Developer/Platforms/MacOSX.platform/De
- veloper/SDKs/MacOSX.sdk/usr/include/dispatch/queue.h:103:1: error: unknown ty
- pe name 'dispatch_queue_t'
- macos-14 14.3.1 GCC 11.4.0 MacOSX14 MacOSX13.3 MISMATCH FAIL
- /Users/runner/work/curl/curl/bld/lib/curl_config.h:792:19: error: two or mor
- e data types in declaration specifiers
- macos-14 *15.0.1 GCC 11.4.0 MacOSX14 MacOSX14.0
- macos-14 15.1 GCC 11.4.0 MacOSX14 MacOSX14.2
- macos-14 15.2 GCC 11.4.0 MacOSX14 MacOSX14.2
- macos-14 15.3 GCC 11.4.0 MacOSX14 MacOSX14.4
- macos-14 15.4 GCC 11.4.0 MacOSX14 MacOSX14.5
- macos-14 16.0 GCC 11.4.0 MacOSX14 MacOSX15.0 MISMATCH FAIL
- /opt/homebrew/Cellar/gcc@11/11.4.0/lib/gcc/11/gcc/aarch64-apple-darwin23/11/
- include-fixed/stdio.h:83:8: error: unknown type name 'FILE'
- macos-12 13.1 GCC 12.4.0 MacOSX12 MacOSX12.0
- macos-12 13.2.1 GCC 12.4.0 MacOSX12 MacOSX12.1
- macos-12 13.3.1 GCC 12.4.0 MacOSX12 MacOSX12.3
- macos-12 13.4.1 GCC 12.4.0 MacOSX12 MacOSX12.3
- macos-12 14.0.1 GCC 12.4.0 MacOSX12 MacOSX12.3
- macos-12 14.1 GCC 12.4.0 MacOSX12 MacOSX13.0 MISMATCH FAIL
- /Applications/Xcode_14.1.app/Contents/Developer/Platforms/MacOSX.platform/De
- veloper/SDKs/MacOSX.sdk/usr/include/os/object.h:275:1: error: expected ';' be
- fore 'extern'
- macos-12 *14.2 GCC 12.4.0 MacOSX12 MacOSX13.1 MISMATCH FAIL
- /Applications/Xcode_14.2.app/Contents/Developer/Platforms/MacOSX.platform/De
- veloper/SDKs/MacOSX.sdk/usr/include/os/object.h:275:1: error: expected ';' be
- fore 'extern'
- macos-13 14.1 GCC 12.4.0 MacOSX13 MacOSX13.0
- macos-13 14.2 GCC 12.4.0 MacOSX13 MacOSX13.1
- macos-13 14.3.1 GCC 12.4.0 MacOSX13 MacOSX13.3
- macos-13 *15.0.1 GCC 12.4.0 MacOSX13 MacOSX14.0 MISMATCH FAIL
- /Applications/Xcode_15.0.1.app/Contents/Developer/Platforms/MacOSX.platform/
- Developer/SDKs/MacOSX.sdk/usr/include/dispatch/queue.h:103:1: error: unknown
- type name 'dispatch_queue_t'
- macos-13 15.1 GCC 12.4.0 MacOSX13 MacOSX14.2 MISMATCH FAIL
- /Applications/Xcode_15.1.app/Contents/Developer/Platforms/MacOSX.platform/De
- veloper/SDKs/MacOSX.sdk/usr/include/dispatch/queue.h:103:1: error: unknown ty
- pe name 'dispatch_queue_t'
- macos-13 15.2 GCC 12.4.0 MacOSX13 MacOSX14.2 MISMATCH FAIL
- /Applications/Xcode_15.2.app/Contents/Developer/Platforms/MacOSX.platform/De
- veloper/SDKs/MacOSX.sdk/usr/include/dispatch/queue.h:103:1: error: unknown ty
- pe name 'dispatch_queue_t'
- macos-14 14.3.1 GCC 12.4.0 MacOSX14 MacOSX13.3 MISMATCH
- macos-14 *15.0.1 GCC 12.4.0 MacOSX14 MacOSX14.0
- macos-14 15.1 GCC 12.4.0 MacOSX14 MacOSX14.2
- macos-14 15.2 GCC 12.4.0 MacOSX14 MacOSX14.2
- macos-14 15.3 GCC 12.4.0 MacOSX14 MacOSX14.4
- macos-14 15.4 GCC 12.4.0 MacOSX14 MacOSX14.5
- macos-14 16.0 GCC 12.4.0 MacOSX14 MacOSX15.0 MISMATCH FAIL
- /opt/homebrew/Cellar/gcc@12/12.4.0/lib/gcc/12/gcc/aarch64-apple-darwin23/12/
- include-fixed/stdio.h:83:8: error: unknown type name 'FILE'
- macos-12 13.1 GCC 13.3.0 MacOSX12 MacOSX12.0
- macos-12 13.2.1 GCC 13.3.0 MacOSX12 MacOSX12.1
- macos-12 13.3.1 GCC 13.3.0 MacOSX12 MacOSX12.3
- macos-12 13.4.1 GCC 13.3.0 MacOSX12 MacOSX12.3
- macos-12 14.0.1 GCC 13.3.0 MacOSX12 MacOSX12.3
- macos-12 14.1 GCC 13.3.0 MacOSX12 MacOSX13.0 MISMATCH FAIL
- /Users/runner/work/curl/curl/bld/lib/curl_config.h:792:19: error: two or mor
- e data types in declaration specifiers
- macos-12 *14.2 GCC 13.3.0 MacOSX12 MacOSX13.1 MISMATCH FAIL
- /Users/runner/work/curl/curl/bld/lib/curl_config.h:792:19: error: two or mor
- e data types in declaration specifiers
- macos-13 14.1 GCC 13.3.0 MacOSX13 MacOSX13.0
- macos-13 14.2 GCC 13.3.0 MacOSX13 MacOSX13.1
- macos-13 14.3.1 GCC 13.3.0 MacOSX13 MacOSX13.3
- macos-13 *15.0.1 GCC 13.3.0 MacOSX13 MacOSX14.0 MISMATCH FAIL
- /Users/runner/work/curl/curl/bld/lib/curl_config.h:792:19: error: two or mor
- e data types in declaration specifiers
- macos-13 15.1 GCC 13.3.0 MacOSX13 MacOSX14.2 MISMATCH FAIL
- /Users/runner/work/curl/curl/bld/lib/curl_config.h:792:19: error: two or mor
- e data types in declaration specifiers
- macos-13 15.2 GCC 13.3.0 MacOSX13 MacOSX14.2 MISMATCH FAIL
- /Users/runner/work/curl/curl/bld/lib/curl_config.h:792:19: error: two or mor
- e data types in declaration specifiers
- macos-14 14.3.1 GCC 13.3.0 MacOSX14 MacOSX13.3 MISMATCH FAIL
- /Users/runner/work/curl/curl/bld/lib/curl_config.h:792:19: error: two or mor
- e data types in declaration specifiers
- macos-14 *15.0.1 GCC 13.3.0 MacOSX14 MacOSX14.0 FAIL
- /Users/runner/work/curl/curl/bld/lib/curl_config.h:792:19: error: two or mor
- e data types in declaration specifiers
- macos-14 15.1 GCC 13.3.0 MacOSX14 MacOSX14.2 FAIL
- /Users/runner/work/curl/curl/bld/lib/curl_config.h:792:19: error: two or mor
- e data types in declaration specifiers
- macos-14 15.2 GCC 13.3.0 MacOSX14 MacOSX14.2 FAIL
- /Users/runner/work/curl/curl/bld/lib/curl_config.h:792:19: error: two or mor
- e data types in declaration specifiers
- macos-14 15.3 GCC 13.3.0 MacOSX14 MacOSX14.4
- macos-14 15.4 GCC 13.3.0 MacOSX14 MacOSX14.5
- macos-14 16.0 GCC 13.3.0 MacOSX14 MacOSX15.0 MISMATCH FAIL
- /opt/homebrew/Cellar/gcc@13/13.3.0/lib/gcc/13/gcc/aarch64-apple-darwin23/13/
- include-fixed/stdio.h:83:8: error: unknown type name 'FILE'
- macos-12 13.1 GCC 14.1.0 MacOSX12 MacOSX12.0
- macos-12 13.2.1 GCC 14.1.0 MacOSX12 MacOSX12.1
- macos-12 13.3.1 GCC 14.1.0 MacOSX12 MacOSX12.3
- macos-12 13.4.1 GCC 14.1.0 MacOSX12 MacOSX12.3
- macos-12 14.0.1 GCC 14.1.0 MacOSX12 MacOSX12.3
- macos-12 14.1 GCC 14.1.0 MacOSX12 MacOSX13.0 MISMATCH FAIL
- /Applications/Xcode_14.1.app/Contents/Developer/Platforms/MacOSX.platform/De
- veloper/SDKs/MacOSX.sdk/usr/include/os/object.h:275:1: error: expected ';' be
- fore 'extern'
- macos-12 *14.2 GCC 14.1.0 MacOSX12 MacOSX13.1 MISMATCH FAIL
- /Applications/Xcode_14.2.app/Contents/Developer/Platforms/MacOSX.platform/De
- veloper/SDKs/MacOSX.sdk/usr/include/os/object.h:275:1: error: expected ';' be
- fore 'extern'
- macos-13 14.1 GCC 14.1.0 MacOSX13 MacOSX13.0
- macos-13 14.2 GCC 14.1.0 MacOSX13 MacOSX13.1
- macos-13 14.3.1 GCC 14.1.0 MacOSX13 MacOSX13.3
- macos-13 *15.0.1 GCC 14.1.0 MacOSX13 MacOSX14.0 MISMATCH FAIL
- /Applications/Xcode_15.0.1.app/Contents/Developer/Platforms/MacOSX.platform/
- Developer/SDKs/MacOSX.sdk/usr/include/dispatch/queue.h:70:1: error: type defa
- ults to 'int' in declaration of 'DISPATCH_DECL_FACTORY_CLASS_SWIFT' [-Wimplic
- it-int]
- macos-13 15.1 GCC 14.1.0 MacOSX13 MacOSX14.2 MISMATCH FAIL
- /Applications/Xcode_15.1.app/Contents/Developer/Platforms/MacOSX.platform/De
- veloper/SDKs/MacOSX.sdk/usr/include/dispatch/queue.h:70:1: error: type defaul
- ts to 'int' in declaration of 'DISPATCH_DECL_FACTORY_CLASS_SWIFT' [-Wimplicit
- -int]
- macos-13 15.2 GCC 14.1.0 MacOSX13 MacOSX14.2 MISMATCH FAIL
- /Applications/Xcode_15.2.app/Contents/Developer/Platforms/MacOSX.platform/De
- veloper/SDKs/MacOSX.sdk/usr/include/dispatch/queue.h:70:1: error: type defaul
- ts to 'int' in declaration of 'DISPATCH_DECL_FACTORY_CLASS_SWIFT' [-Wimplicit
- -int]
- macos-14 14.3.1 GCC 14.1.0 MacOSX14 MacOSX13.3 MISMATCH
- macos-14 *15.0.1 GCC 14.1.0 MacOSX14 MacOSX14.0
- macos-14 15.1 GCC 14.1.0 MacOSX14 MacOSX14.2
- macos-14 15.2 GCC 14.1.0 MacOSX14 MacOSX14.2
- macos-14 15.3 GCC 14.1.0 MacOSX14 MacOSX14.4
- macos-14 15.4 GCC 14.1.0 MacOSX14 MacOSX14.5
- macos-14 16.0 GCC 14.1.0 MacOSX14 MacOSX15.0 MISMATCH FAIL
- /opt/homebrew/Cellar/gcc/14.1.0_1/lib/gcc/current/gcc/aarch64-apple-darwin23
- /14/include-fixed/stdio.h:83:8: error: unknown type name 'FILE'
- ```
- Source: https://github.com/curl/curl/actions/runs/9883956647/job/27299564218
-
- This commit fixes earlier commit
- 1e75edd372868048c9f805ac4ca6d2cb5a88ff5a, reverted in
- 41a7e0dcc9681afd91e066411bcee4f369c23366, where I cut the commit
- message in half by accident. The patch itself is identical.
-
- Closes #14097
-
-- Revert "GHA/macos: improve, fix gcc/llvm, add new test matrix"
-
- This reverts commit 1e75edd372868048c9f805ac4ca6d2cb5a88ff5a.
-
- Due to some parts of the commit message missing (my bad.)
-
-Daniel Stenberg (19 Jul 2024)
-
-- Revert "lib: send eos flag"
-
- This reverts commit be93299f10ef0b2bf7fe5c82140120073831867a.
-
-Viktor Szakats (19 Jul 2024)
-
-- GHA/windows: use default shell CI feature
-
- It makes repeating a line in each step unnecessary.
-
- Closes #14206
-
-- GHA/macos: improve, fix gcc/llvm, add new test matrix
-
- This PR began as an attempt to drop GCC support, after repeated reports
- on fallouts when trying to use it on macOS.
-
- Then it transformed into a 3-week project turning up the issues causing
- the fallouts, ending up including llvm and all available Xcode / macOS
- SDK, macOS runner image, build tools and compiler vendors and versions.
- Accumulating 400 sub-commits.
-
- I developed and tested all fixes under this PR, then merged them as
- separate patches.
-
- This PR retained CI jobs updates, extensively reworking and extending
- them: [1]
-
- At first it seemed GCC and the Apple SDK is "naturally" growing more
- incompatible, as Apple added further non-standard features to their
- headers. This is partly true, but reality is more complicated.
-
- Besides some issues local to curl, there were bugs in Apple SDK
- headers, Homebrew GCC builds, feature missing in the old llvm version
- pre-installed on GitHub CI runner images, and subtle incompatibilities
- between GCC and llvm/clang when handling language extensions.
-
- Resulting compiler errors seldom pointed to a useful direction, and
- internet search was silent about these issues too. Thus, I had to peel
- them off layer by layer, using trial and error, and by recognizing
- patterns of failures accross 150-200 builds combinations. Exposing
- configure logs, and curl_config.h in the CI logs helped too.
-
- 1. GCC header compatibility layer ("hack" as GCC calls it)
-
- The toughest issue is GCC's built-in compatibility layer:
- https://github.com/gcc-mirror/gcc/tree/master/fixincludes
-
- This patch layer is further patched by a "Darwin compatibility" project
- applied on top by Homebrew GCC via:
- https://github.com/iains/gcc-12-branch
- https://github.com/iains/gcc-13-branch
- https://github.com/iains/gcc-14-branch
-
- The hack layer is designed in a way that breaks more builds than it
- fixes, esp. in context of GHA runners. The idea is to build GCC
- specifically for the SDK for the target macOS version. The problem with
- this approach is that the Xcode + SDK installed on the local/CI machine
- often does not match with the SDK used on while building GCC on
- Homebrew's build machines. In these cases the GCC compatibility layer
- turns into an "uncompatibility" layer and consistently breaks builds.
- curl cannot offer a fix for this, because the solution (I found) is to
- patch the toolchain on the local machine. I implemented this for our CI
- builds and curl-for-win. In other case the user must do this patching
- manually, or choose a compatible GCC + Xcode/SDK combination.
-
- An upstream fix doesn't seem trivial either, because the issue is
- ingrained in the compatibility layer's design. Offering an `-fapplesdk`
- (or recognizing `-target`) option and/or fixing them within the compiler
- would seem like a more robust option, and also how mainline llvm solves
- this.
-
- Here's a table summarizing the GCC + SDK combinations and curl build
- failures: [2]
-
- More info: https://github.com/curl/curl/issues/10356#issuecomment-2222734103
-
- db135f8d7207b20d531e7e2100a49f3e16bdcfab #14119 macos: add workaround for gcc
- , non-c-ares, IPv6, compile error
- Ref: https://github.com/curl/curl-for-win/commit/e2db3c475f5981352e6e6a79854a
- 255805b28deb
- Ref: https://github.com/curl/curl-for-win/commit/f5c58d7fef78e972be33ca2355dc
- b42ba56622a6
-
- 2. Homebrew GCC's `availability` extension
-
- A recent minor Homebrew GCC upgrade caused major breakage. The "Darwin
- compatibility" patch applied to GCC implemented the `availability`
- compiler attribute in GCC. Apple SDK detected this and enabled using
- them, but as it turns out GCC accepts compiler attributes with slightly
- different rules than llvm/clang, and how the Apple SDK uses them,
- breaking builds.
-
- Affected Homebrew GCC versions are: 12.4.0, 13.3.0 and 14.1.0.
-
- Possibly tracked here: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=108796
- More info: https://github.com/llvm/llvm-project/issues/81767
-
- Commit implementing the `availability` macro:
- gcc-12: https://github.com/iains/gcc-12-branch/commit/fd5530b7cb0012bf4faeddd
- 45e13054a1dfa6783
- gcc-13: https://github.com/iains/gcc-13-branch/commit/cb7e4eca68cfc4763474e2e
- b0935a844458842a8
- gcc-14: https://github.com/iains/gcc-14-branch/commit/ff62a108865a6403f501738
- 0d7018250c1d3306f
-
- That applied to Homebrew GCC (12.4.0):
- https://github.com/Homebrew/homebrew-core/commit/b904223d9893f62bec2a8f7483bf
- 5992747fc6c7#diff-89dd0b4176eca7fcc24b591943509bf8a8d6ea904d71e5dfcd6b78fed62
- fc574R44-R48
-
- Ref: #13700
- More info: https://github.com/curl/curl/pull/14091#issuecomment-2222703468
-
- e91fcbac7d86292858718a0bfebad57978761af4 #14155 macos: undo `availability` ma
- cro enabled by Homebrew gcc
-
- 3. Proprietary Apple SDK macros
-
- Apple SDK expects certain macros predefined by the compiler. Missing
- them may causes odd issues. Mainline llvm is keeping up with Apple
- clang, but it needs a fresh version, while the one installed on GitHub
- runners is old (v15). I patched these in `lib/curl_setup.h`.
-
- baa3270846b2a7307cbd0dd5c02c4e5f00e388dd #14134 build: fix llvm 16 or older +
- Xcode 15 or newer, and gcc
-
- 4. Apple SDK header bug
-
- Without certain predefined macros, SDK headers can take a codepath where
- it mis-defines its own `TARGET_OS_OSX` macro, which make it break its
- own headers later. I patched it in `lib/curl_setup.h`.
-
- ff784af461175584c73e7e2b65af00b1a5a6f67f #14159 build: fix llvm 17 and older
- + macOS SDK 14.4 and newer
-
- 5. `TargetConditionals.h` requires `sys/types.h`
-
- Fixed in curl. It caused feature-detection failurs with autotools, and
- could break builds in certain configurations.
-
- e1f6192939c9c5ab2310b60bedf4c07d635193f6 #14130 configure: fix `SystemConfigu
- ration` detection
-
- 6. Differences between autotools and CMake compiler options
-
- Fixed it by syncing compiler warning options.
-
- 59cadacfcc1d39472245979cdbd614c7a9af6f0d #14128 build: sync warning options b
- etween autotools, cmake & compilers
-
- 7. Differences between autotools and CMake dependency detection
-
- Fixed it by improving detection of libidn2, with some more fixes
- pending for the next feature window.
-
- f43adc2c4978f7f82a359e89186e58a31d17b0ad #14137 cmake: detect `libidn2` also
- via `pkg-config`
- Ref: #14136 cmake: detect `nghttp2` via `pkg-config`, enable by default
-
- 8. libidn2 detection bug with CMake
-
- Fixed the root cause and also the trigger in the CI config.
-
- 764fbabf6ed4c1d36c0ab2033ac8df52d9923cd7 #14175 cmake: fix builds with detect
- ed libidn2 lib but undetected header
-
- 9. Suppressed compiler warnings inside Apple-specific curl code
-
- Fixed these warnings, which allowed to stop silencing them.
-
- b05dc7eb3592305de9fa85640767f3dd2a8d4c93 #14122 sectransp: fix `HAVE_BUILTIN_
- AVAILABLE` checks to not emit warnings
- 5fa534b0dacdc120aaab0766047e0ecac37be4b3 #14162 sectransp: fix clang compiler
- warnings, stop silencing them
-
- 10. CMake mis-detecting a CA bundle path on macOS
-
- d2ef6255f4a040397d2f40ab7cbf65a203201cd9 #14182 cmake: sync CA bundle/path de
- tection with autotools
-
- 11. Failure to build tests with LibreSSL or wolfSSL with CMake
-
- Fixed by dropping unnecessary includes, makign test builds dependent
- on dependency headers.
-
- 3765d75ce47b66289f946382b649d0e99389dc77 #14172 cmake: fix building `unit1600
- ` due to missing `ssl/openssl.h`
-
- 12. curl tests with CMake
-
- curl's CMake was missing bits for running the C preprocessor accurately.
- It made tests 1119 and 1167 fail. I implemented the missing bits.
-
- efc2c5184d008fe2e5910fd03263e1ab0331d4e6 #14124 tests: include current direct
- ory when running test Perl commands
- c09db8b51b88ee6ad55bd637dcb4b47678e30906 #14129 cmake: create `configurehelp.
- pm` like autotools does
- 67cc1e3400b77536a3ca529c986247e1ef985e6e #14125 test1119: adapt for `.md` inp
- ut
-
- 13. GCC missing `__builtin_available()` support
-
- curl source code assumes this is available to enable certain codepaths.
- It's also intermixed with monotonic timer support.
-
- 14. Monotonic timer support with GCC
-
- Detected by GCC, while it probably shouldn't be. llvm/clang detects it
- depending on target OS version. I've been playing with this, but so far
- without a conclusion or fix.
-
- 15. Runtime/test failures with GCC
-
- I couldn't find the reason for most of this. A bunch of RTSP tests fail
- with GCC. SecureTransport + HTTP/2 is failing a bunch of tests. With
- OpenSSL it fails two of those. SecureTransport builds also fail one DoH
- test.
-
- 16. Runtime/test failure in llvm/clang
-
- AppleIDN support received a fix with two more remaining.
-
- fd0250869f7837e4a48d7e6f54cc0801ad3820e8 #14179 #14176 IDN: fix ß with Apple
- IDN
-
- 17. Other issues found and fixed while working on this:
-
- 2c15aa5765900d4351e733671a1c8c3785beee1a GHA/macos: delete misplaced `
- CFLAGS`, drop redundant CMake option
- 80fb7c0bef209735ab352bf4afa31193a7bc65f1 #14126 configure: limit `SystemConfi
- guration` test to non-c-ares, IPv6 builds
- cfd6f43d6ca7e57670b422bab7bbf10221a2cf3e #14127 build: tidy up `__builtin_ava
- ilable` feature checks (Apple)
- bae555359979016999a9425a2d489f219a78abdd #14174 runtests: show name and keywo
- rds for failed tests in summary
- 09cdf7e5315711dea4ce7dcf5d99a4d41e7f658b #14178 cmake: delete unused `HAVE_LI
- BSSH2`, `HAVE_LIBSOCKET` macros
- d3595c74fab829f07ef44da1b7fc2f5668767020 #14186 configure: CA bundle/path det
- ection fixes
- 58772b0e082eda333e0a5fc8fb0bc7f17a3cd99c #14187 runtests: set `SOURCE_DATE_EP
- OCH` to fix failing around midnight
- 18f1cd7a77c4beecfd977d43f55634eb593ac99e #14183 tests: sync feature names wit
- h `curl -V`
- 4c22d97be786ed801e050da6872dd3143d6d0a59 #14181 build: use `#error` instead o
- f invalid syntax
-
- Pending merge:
-
-Daniel Stenberg (19 Jul 2024)
-
-- RELEASE-NOTES: synced
-
-Stefan Eissing (18 Jul 2024)
-
-- lib: send eos flag
-
- Adds a `bool eos` flag to send methods to indicate that the data is the
- last chunk the invovled transfer wants to send to the server.
-
- This will help protocol filters like HTTP/2 and 3 to forward the
- stream's EOF flag and also allow to EAGAIN such calls when buffers are
- not yet fully flushed.
-
- Closes #14220
-
-Bhanu Prakash (18 Jul 2024)
-
-- mbedtls: correct the error message for cert blob parsing failure
-
- Closes #14224
-
-Daniel Stenberg (18 Jul 2024)
-
-- curldown: make 'added-in:' a mandatory header field
-
- - generate AVAILABILITY manpage sections automatically - for consistent
- wording
-
- - allows us to double-check against other documumentation (symbols-in-version
- s
- etc)
-
- - enables proper automation/scripting based on this data
-
- - lots of them were wrong or missing in the manpages
-
- - several of them repeated (sometimes mismatching) backend support info
-
- Add test 1488 to verify "added-in" version numbers against
- symbols-in-versions.
-
- Closes #14217
-
-Stefan Eissing (18 Jul 2024)
-
-- doh: fix cleanup
-
- When removing an easy handle that had DoH sub-easy handles going, those
- were not removed from the multi handle. Their memory was reclaimed on
- curl_easy_cleanup() of the owning handle, but multi still had them in
- their list.
-
- Add `Curl_doh_close()` and `Curl_doh_cleanup()` as common point for
- handling the DoH resource management. Use the `multi` present in the doh
- handles (if so), for removal, as the `data->multi` might already have
- been NULLed at this time.
-
- Reported-by: 罗朝辉
- Fixes #14207
- Closes #14212
-
-Daniel Stenberg (18 Jul 2024)
-
-- tests/scripts: call it 'manpage' (single word)
-
- Mostly in comments
-
- Closes #14216
-
-Alex Snast (18 Jul 2024)
-
-- http/3: resume upload on ack if we have more data to send
-
- Currently we're waiting for sendbuf_len_in_flight to hit zero before
- resuming upload which means we're blocking and waiting for _all_ acks to
- arrive before sending more data. This causes significant delays especially
- when ack delay is used on the server side.
-
- The fix addresses several issues in h3 over ngtcp2:
- - On ack we now call nghttp3_conn_resume_stream() when we have more
- data to send.
- - upload_left was incorrectly computed on CF_CTRL_DATA_DONE_SEND as
- we need to subtract the ammount of data we have in flight.
- - Remove upload_blocked_len as we Curl_bufq_write call will do the
- right thing when called from cf_ngtcp2_send.
-
- Fixes #14198
- Closes #14209
-
-Daniel Stenberg (18 Jul 2024)
-
-- idn: make macidn fail before trying conversion if name too long
-
- - double the max name length to 512 bytes
-
- Closes #14215
-
-z2_ (18 Jul 2024)
-
-- idn: tweak buffer use when converting with macidn
-
- Closes #14215
-
-Orgad Shaneh (18 Jul 2024)
-
-- lib: add failure reason on bind errors
-
- Closes #14221
-
-Stefan Eissing (18 Jul 2024)
-
-- pytests: scorecard upload tests
-
- - add upload tests to scorecard, invoke with
- > python3 tests/http/scorecard.py -u h1|h2|h3
- - add a reverse proxy setup from Caddy to httpd for
- upload tests since Caddy does not have other PUT/POST handling
- - add caddy tests in test_08 for POST/PUT
- - increase read buffer in mod_curltest for larger reads
-
- Closes #14208
-
-Viktor Szakats (18 Jul 2024)
-
-- runtests: fix newline glitch in FAIL details
-
- Follow-up to bae555359979016999a9425a2d489f219a78abdd #14174
-
-- runtests: show name and keywords for failed tests in summary
-
- Useful to see what the numbers listed in the `TESTFAIL:` and `IGNORED:`
- lines mean. Also list test keywords to help catching failure patterns.
-
- Example:
- ```
- FAIL 1034: 'HTTP over proxy with malformatted IDN host name' HTTP, HTTP GET,
- HTTP proxy, IDN, FAILURE, config file
- FAIL 1035: 'HTTP over proxy with too long IDN host name' HTTP, HTTP GET, HTTP
- proxy, IDN, FAILURE
-
- TESTFAIL: These test cases failed: 1034 1035
- ```
-
- Closes #14174
-
-Tal Regev (16 Jul 2024)
-
-- GHA/windows: add MSVC wolfSSL job with test
-
- Fix the file of wolfssl.c because of this warning/error:
- ```
- curl\lib\vtls\wolfssl.c(1017,42): error C2220: the following warning is treat
- ed as an error [curl\bld\lib\libcurl_object.vcxproj]
- curl\lib\vtls\wolfssl.c(1017,42): warning C4267: 'function': conversion from
- 'size_t' to 'unsigned long', possible loss of data [curl\bld\lib\libcurl_obje
- ct.vcxproj]
- ```
-
- `size_t` in MSVC is different. Change it to `unsigned long` because
- `wolfSSL_ERR_error_string_n` last argument is defined as
- `unsigned long`.
-
- Closes #14193
-
-Viktor Szakats (16 Jul 2024)
-
-- cmake: delete unused `HAVE_LIBSSH2`, `HAVE_LIBSOCKET` macros
-
- - `HAVE_LIBSSH2`: unused in source. Not defined in CMake.
-
- - `HAVE_LIBSOCKET`: unused in source. Used internally in CMake.
-
- autotools sets them implicitly, so add them to the flag comparison
- ignore-list.
-
- Closes #14178
-
-- cmake: create `configurehelp.pm` like autotools does
-
- Required by tests 1119 and 1167 to run a C preprocessor.
-
- Tested OK: https://github.com/curl/curl/actions/runs/9915343826
-
- Besides Apple, it also supports any gcc and clang builds, and MSVC.
- For other platforms, it defaults to `cpp` (like autotools).
-
- Follow-up to efc2c5184d008fe2e5910fd03263e1ab0331d4e6 #14124
- Cherry-picked from #14097
- Closes #14129
-
-- cmake: sync CA bundle/path detection with autotools
-
- - skip the entire CA logic if no selected TLS backend support CA
- certs/bundles.
- Follow-up to 082bb41311a832ae1b83bb8fe1dfdefcf4e68ea5 #2545
-
- - sync bundle path detection logic with `./configure`.
-
- - fix to not auto-detect CA bundle/path on Windows.
-
- - fix to reflect that BearSSL has CA bundle support.
-
- - show the detected bundle path (as with the cert bundle).
-
- - tidy up CMake syntax, fix typos in comments.
-
- Closes #14182
-
-- configure: CA bundle/path detection fixes
-
- - fix to not auto-detect CA bundle/path on Windows.
-
- - two checks missed BearSSL, but they were only run for supported
- TLS backends anyway. Delete these redundant checks.
-
- - fix typos in a comment nearby.
-
- Follow-up to 082bb41311a832ae1b83bb8fe1dfdefcf4e68ea5 #2545
- Closes #14186
-
-- runtests: set `SOURCE_DATE_EPOCH` to fix failing around midnight
-
- To make sure that `managen` called by test 1706 uses the same date as
- the test expects in the `%DATE` macro.
-
- Before this patch when tests started running before UTC midnight and
- reached test 1706 after, these dates were different and the test failed.
-
- Follow-up to 0e73b69b3dd6d174226c60406d3c4266754d70f8
- Fixes #14173
- Closes #14187
-
-- GHA/windows: verify 1448 2046 2047 in IDN Unicode jobs
-
- These IDN tests pass with Unicode and fail without.
-
- Follow-up to cb22cfca69bded45bf7f9c72c8e6764990490f11 #14077
- Closes #14188
-
-- tests: sync feature names with `curl -V`
-
- Some feature names used in tests had minor differences compared to
- the well-known ones from `curl -V`. This patch syncs them to make test
- results easier to grok.
-
- Closes #14183
-
-Stefan Eissing (15 Jul 2024)
-
-- sendf: fix CRLF conversion of input
-
- When CRLF line end conversion was enabled (--crlf), input after the last
- newline in the upload buffer was not sent, if the buffer contained a
- newline.
-
- Reported-by: vuonganh1993 on github
- Fixes #14165
- Closes #14169
-
-- test2600: disable on win32
-
- - disbable this test on WIN32 platforms. It uses the file describtor '1'
- as valid socket without events. Not portable.
- - reduce trace output somewhat on other runs
-
- Fixes #14177
- Reported-by: Viktor Szakats
- Closes #14191
-
-- smtp: for starttls, do full upgrade
-
- - make sure the TLS handshake after a successful STARTTLS command is
- fully done before further sending/receiving on the connection.
-
- Reported-by: tomy2105 on github
- Fixes #14166
- Closes #14190
-
-Daniel Stenberg (14 Jul 2024)
-
-- RELEASE-NOTES: synced
-
-Viktor Szakats (14 Jul 2024)
-
-- build: use `#error` instead of invalid syntax
-
- It reduces configure log noise.
-
- Follow-up to 20c1b2d75ee38189ffa75d21ed04108e1e0630ae #13287
- Closes #14181
-
-Daniel Stenberg (14 Jul 2024)
-
-- libcurl-docs: make option lists alpha-sorted
-
- The man pages for curl_easy_getinfo, curl_easy_setopt and
- curl_multi_setopt now feature the lists of options alphabetically
- sorted. Test 1139 verify that they are.
-
- The curl_multi_setopt page also got brief explanations of the listed
- options.
-
- Closes #14156
-
-Christian Schmitz (14 Jul 2024)
-
-- IDN: fix ß with AppleIDN
-
- Add flags UIDNA_NONTRANSITIONAL_TO_ASCII and
- UIDNA_NONTRANSITIONAL_TO_UNICODE to encode ß correctly.
-
- It fixes test 165.
-
- Reported-by: Viktor Szakats
- Bug: #14176
- Closes #14179
-
-Viktor Szakats (14 Jul 2024)
-
-- cmake: fix builds with detected libidn2 lib but undetected header
-
- It caused IDN to appear in `curl-config`, `libidn2` referenced from
- `libcurl.pc`, fail to fallback to `pkg-config` detection. But libidn2
- not actually used.
-
- It came up in macOS CI builds after enabling cmake build tests. It
- remained hidden for a while due to setting `-DUSE_APPLE_IDN=ON`.
-
- (The half-detection of Homebrew libidn2 was the result of configuring
- with `-DCMAKE_EXE_LINKER_FLAGS=-L$(brew --prefix)/lib`, to fix
- linking GnuTLS that needs the `nettle` lib from the brew prefix.)
-
- ```
- FAIL 1014: [Compare curl --version with curl-config --features] curl-config
- ```
- Ref: https://github.com/curl/curl/actions/runs/9919357748/job/27405080722
-
- Cherry-picked from #14097
- Closes #14175
-
-- cmake: fix building `unit1600` due to missing `ssl/openssl.h`
-
- In specific builds configs, cmake failed to build test `unit1600`,
- due missing an OpenSSL (or wolfSSL) header.
-
- The test code relies on `lib/curl_ntlm_core.h`, which in turn included
- TLS library headers. But, dependency header directories are not setup
- in cmake for tests, because they should not normally be needed.
-
- The issue was hidden in most builds because TLS headers are usually
- found under the system prefix. One counterexample is macOS + Homebrew
- LibreSSL builds, where OpenSSL is purposefully unlinked from there to
- avoid a mixup with LibreSSL that resides under its own prefix. It was
- also hidden in autotools, possibly because it sets up header directories
- globally, tests included.
-
- The actual bug however is that `lib/curl_ntlm_core.h` should not include
- TLS headers. None of its internal users need it, and `curl_ntlm_core.c`
- included them already directly.
-
- Fix it by deleting the TLS header includes from this internal header.
-
- Fixes:
- ```
- In file included from curl/tests/unit/unit1600.c:27:
- curl/lib/curl_ntlm_core.h:32:12: fatal error: 'openssl/ssl.h' file not found
- # include <openssl/ssl.h>
- ^~~~~~~~~~~~~~~
- ```
- Ref: https://github.com/curl/curl/actions/runs/9912684737/job/27388041520#ste
- p:12:1694
-
- Follow-up to 48eb71ade41d4b37f416b643063cab846ac027a2 #10322
- Cherry-picked from #14097
- Closes #14172
-
-- sectransp: fix clang compiler warnings, stop silencing them
-
- Fix `-Wpointer-bool-conversion` warnings with the method suggested by
- both Apple clang and mainline llvm. This was already tried and dropped
- in #1705 (in year 2017), but the issue reported there no longer
- replicates.
-
- Verified with Apple clang 14, llvm 15, llvm 18 and gcc 11, 14 that the
- generated objects are bit by bit identical before and after this patch.
-
- Also:
- - stop silencing `-Wtautological-pointer-compare`. This warning don't
- seem to be appearing anymore (with or without this patch), at least
- with the tested compilers and SDKs (clang 13.1.6-16.0.0beta, llvm 15,
- 18, gcc 11, 14) and minimum macOS target of 10.8. Older targets fail
- to build curl with SecureTransport.
-
- - silence `-Wunreachable-code` for clang only. Previously I applied it
- also to GCC, by mistake.
- Ref: https://github.com/curl/curl/pull/12331/commits/8d7172d20a48ebc6c1b1d9
- 4a76e2c5fb19dd9bfa
-
- Apple clang `-Wpointer-bool-conversion`:
- ```
- curl/lib/vtls/sectransp.c:1103:6: error: address of function 'SSLCreateContex
- t' will always evaluate to 'true' [-Werror,-Wpointer-bool-conversion]
- if(SSLCreateContext) { /* use the newer API if available */
- ~~ ^~~~~~~~~~~~~~~~
- curl/lib/vtls/sectransp.c:1103:6: note: prefix with the address-of operator t
- o silence this warning
- if(SSLCreateContext) { /* use the newer API if available */
- ^
- &
- ```
- Ref: https://github.com/curl/curl/actions/runs/9819538439/job/27113201384#ste
- p:8:382
-
- llvm `-Wpointer-bool-conversion`:
- ```
- curl/lib/vtls/sectransp.c:2663:8: error: address of function 'SSLCreateContex
- t' will always evaluate to 'true' [-Werror,-Wpointer-bool-conversion]
- if(SSLCreateContext)
- ~~ ^~~~~~~~~~~~~~~~
- curl/lib/vtls/sectransp.c:2663:8: note: prefix with the address-of operator t
- o silence this warning
- if(SSLCreateContext)
- ^
- &
- ```
- Ref: https://github.com/curl/curl/actions/runs/9819538439/job/27113200291#ste
- p:8:417
-
- gcc still needs `-Waddress` suppressed to avoid these:
- ```
- curl/lib/vtls/n/sectransp.c: In function 'getsubject':
- curl/lib/vtls/n/sectransp.c:379:6: warning: the address of 'SecCertificateCop
- yLongDescription' will always evaluate as 'true' [-Waddress]
- 379 | if(&SecCertificateCopyLongDescription)
- | ^
- [...]
- ```
-
- Follow-up to 59cadacfcc1d39472245979cdbd614c7a9af6f0d #14128
- Follow-up to af271ce9b9717ba289417e9cbb7f278c2a12f959 #1722
- Follow-up to 2b7ce3f56dfede107113c6de7d0ca457109d3eda #1706
- Cherry-picked from #14097
- Closes #14162
-
-- CI/circleci: config tidy-ups, bump up test parallelism
-
- - bump parallel test for Linux jobs.
- Credit-to: Dan Fandrich
- Cherry-picked from #11510
- - bump parallel test for macOS jobs.
- - drop no longer necessary `-Wno-vla` option.
- - fold long lines.
- - drop `--enable-maintainer-mode` `./configure` option.
- - replace a hard-coded prefix with `brew --prefix`.
- - update documentation link.
- - move `--enable-debug` in front.
- - tidy up quotes.
-
- Closes #14171
-
-- GHA/windows: re-add gsasl to MSVC jobs
-
- Now that the package reached the CI runner image.
-
- Follow-up to f99c08dba40307c07341013ff5f71fa8e3464ffc #14090
- Follow-up to e26cbe20cbedbea0ca743dd33880517309315cb2 #13979
-
- Closes #14170
-
-- tidy-up: adjust casing of project names
-
- Mostly TLS/SSH project name.
-
- Closes #14160
-
-Daniel Stenberg (12 Jul 2024)
-
-- ISSUE_TEMPLATE/docs: correct the field identifiers
-
-Stephen Farrell (12 Jul 2024)
-
-- doh: fix leak and zero-length HTTPS RR crash
-
- This PR fixes a leak and a crash that can happen when curl encounters
- bad HTTPS RR values in DNS. We're starting to do better testing of that
- kind of thing and e.g. have published bad HTTPS RR values at
- dodgy.test.defo.ie.
-
- Closes #14151
-
-Daniel Stenberg (12 Jul 2024)
-
-- curl_global_init.md: polish the thread-safe wording
-
- Since this has been thread-safe for two years now, few users actually
- are hurt by the previous unsafe ways.
-
- Closes #14158
-
-Viktor Szakats (12 Jul 2024)
-
-- GHA: FreeBSD 14.1, actions bump
-
- - bump FreeBSD to 14.1
-
- - update cross-platform-actions/action action to v0.25.0
-
- Closes #14157
- Closes #14164
-
-- build: fix llvm 17 and older + macOS SDK 14.4 and newer
-
- Fixup faulty target macro initialization in macOS SDK since v14.4 (as of
- 15.0 beta). The SDK target detection in `TargetConditionals.h` correctly
- detects macOS, but fails to set the macro's old name `TARGET_OS_OSX`,
- then continues to set it to a default value of 0. Other parts of the SDK
- still rely on the old name, and with this inconsistency our builds fail
- due to missing declarations. It happens when using mainline llvm older
- than v18. Later versions fixed it by predefining these target macros,
- avoiding the faulty dynamic detection. gcc is not affected (for now)
- because it lacks the necessary dynamic detection features, so the SDK
- falls back to a codepath that sets both the old and new macro to 1.
-
- Also move the `TargetConditionals.h` include to the top of to make sure
- including it also for c-ares builds, combined with SecureTransport or
- other curl features that may call use an Apple SDK.
-
- Before this patch, affected build combinations (e.g. in GHA runners,
- llvm@15 + Xcode 15.3, 15.4, 16.0 with their default SDKs +
- SecureTransport) fail with:
- ```
- error: use of undeclared identifier 'noErr'
- or 'SecCertificateCopyLongDescription'
- or 'SecItemImportExportKeyParameters'
- or 'SecExternalFormat'
- or 'SecExternalItemType'
- or 'SEC_KEY_IMPORT_EXPORT_PARAMS_VERSION'
- ```
-
- Example:
- ```
- curl/lib/vtls/sectransp.c:311:18: error: use of undeclared identifier 'noErr'
- OSStatus rtn = noErr;
- ^
- curl/lib/vtls/sectransp.c:379:7: error: use of undeclared identifier 'SecCert
- ificateCopyLongDescription'
- if(&SecCertificateCopyLongDescription)
- ^
- curl/lib/vtls/sectransp.c:381:7: error: call to undeclared function 'SecCerti
- ficateCopyLongDescription'; ISO C99 and later do not support implicit functio
- n declarations [-Werror,-Wimplicit-function-declaration]
- SecCertificateCopyLongDescription(NULL, cert, NULL);
- ^
- curl/lib/vtls/sectransp.c:380:25: error: incompatible integer to pointer conv
- ersion assigning to 'CFStringRef' (aka 'const struct __CFString *') from 'int
- ' [-Wint-conversion]
- server_cert_summary =
- ^
- [...]
- ```
- Ref: https://github.com/curl/curl/actions/runs/9893867519/job/27330135969#ste
- p:10:22
-
- llvm v18 patches implementing the predefined macros:
- https://github.com/llvm/llvm-project/pull/74676
- https://github.com/llvm/llvm-project/commit/6e1f19168bca7e3bd4eefda50ba03eac8
- 441dbbf
- https://github.com/llvm/llvm-project/pull/82833
- https://github.com/llvm/llvm-project/commit/e5ed7b6e2fd368b722b6359556cd01258
- 81e7638
-
- Cherry-picked from #14097
- Closes #14159
-
-- macos: undo `availability` macro enabled by Homebrew gcc
-
- Homebrew gcc builds starting with 12.4.0, 13.3.0 and 14.1.0 enabled
- the `availability` attribute.
-
- This broke builds because the way the Apple SDK uses attributes (when
- available) are incompatible with how gcc accepts them. Causing these
- errors:
- ```
- error: attributes should be specified before the declarator in a function d
- efinition
- error: expected ',' or '}' before
- ```
-
- Upstream commits implementing the `availability` macro:
- gcc-12: https://github.com/iains/gcc-12-branch/commit/fd5530b7cb0012bf4faeddd
- 45e13054a1dfa6783
- gcc-13: https://github.com/iains/gcc-13-branch/commit/cb7e4eca68cfc4763474e2e
- b0935a844458842a8
- gcc-14: https://github.com/iains/gcc-14-branch/commit/ff62a108865a6403f501738
- 0d7018250c1d3306f
-
- The project above is a Darwin gcc compatibility pack, that is applied
- to Homebrew gcc builds.
-
- This patch works by redefining the `availability` macro to an invalid
- value, making `__has_attribute(availability)` checks fail, stopping
- Apple SDK from inserting the incompatible attributes.
-
- It also replaces the previous, local workaround for `lib/macos.c`.
-
- Example with gcc 12.4.0 with macOS SDK 14.0 (Xcode 15.0.1):
- ```
- In file included from <path-to-sdk>/MacOSX14.0.sdk/System/Library/Frameworks/
- CoreFoundation.framework/Headers/CoreFoundation.h:54,
- from <path-to-sdk>/MacOSX14.0.sdk/System/Library/Frameworks/
- SystemConfiguration.framework/Headers/SCDynamicStoreCopySpecific.h:30,
- from /Users/runner/work/curl/curl/lib/macos.c:33,
- from /Users/runner/work/curl/curl/build/lib/CMakeFiles/libcu
- rl_shared.dir/Unity/unity_0_c.c:244:
- <path-to-sdk>/MacOSX14.0.sdk/System/Library/Frameworks/CoreFoundation.framewo
- rk/Headers/CFUserNotification.h:126:1: error: attributes should be specified
- before the declarator in a function definition
- 126 | CF_INLINE CFOptionFlags CFUserNotificationCheckBoxChecked(CFIndex i)
- API_AVAILABLE(macos(10.0)) API_UNAVAILABLE(ios, watchos, tvos) {return ((CFOp
- tionFlags)(1UL << (8 + i)));}
- | ^~~~~~~~~
- ```
- Ref: https://github.com/curl/curl/actions/runs/9787982387/job/27025351601?pr=
- 14096#step:7:18
-
- The gcc vs. llvm/clang incompatibility possibly tracked here upstream:
- https://gcc.gnu.org/bugzilla/show_bug.cgi?id=108796
- More info:
- https://github.com/llvm/llvm-project/issues/81767
- https://github.com/gcc-mirror/gcc/commit/8433baadec88e5f31fa141b6d78094e912
- 56079d
- https://discourse.llvm.org/t/changing-attribute-ast-printing-location-for-g
- cc-compatibility/73215
- https://reviews.llvm.org/D159362
-
- Follow-up to db135f8d7207b20d531e7e2100a49f3e16bdcfab #14119
- Ref: https://github.com/curl/curl/pull/14091#issuecomment-2222703468
- Fixes #13700
- Cherry-picked from #14097
- Closes #14155
-
-Daniel Stenberg (11 Jul 2024)
-
-- ISSUE_TEMPLATE/docs: add a separate GitHub issue template for documentation
-
- As such problems don't really fit the code related template
-
- Closes #14161
-
-Dan Fandrich (11 Jul 2024)
-
-- DISTROS: add AlmaLinux package source link
-
-Viktor Szakats (11 Jul 2024)
-
-- GHA/windows: ignore FTP test results for old-mingw-w64 [ci skip]
-
- Missed from previous commit. They are flaky here as well.
-
- Follow-up to 0b81eccd22fb915aa6b679c0fd23a8a89332dc9e
-
-Daniel Stenberg (11 Jul 2024)
-
-- libcurl-easy.md: now *more* than 300 options
-
- it previously said "almost 300".
-
- Also cleaned up the language somewhat.
-
- Closes #14153
-
-Martin Peck (10 Jul 2024)
-
-- MANUAL.md: wrap two example urls that overrun styling
-
- Closes #14149
-
-renovate[bot] (10 Jul 2024)
-
-- GHA: update wolfSSL and mod_h2
-
- - wolfSSL/wolfssl to v5.7.2
- - icing/mod_h2 to v2.0.29
-
- Closes #14131
- Closes #14148
-
-Dominik Piątkowski (10 Jul 2024)
-
-- docs: start markdown headers with capital letter where applicable
-
- Closes #14115
-
-CMD (10 Jul 2024)
-
-- hostip: skip error check for infallible function call
-
- Closes #14147
-
-Daniel Stenberg (10 Jul 2024)
-
-- cf-socket: remove two "useless" assignments
-
- 'nread' is already -1, no need to assign it again
-
- Pointed out by CodeSonar
-
- Closes #14145
-
-Viktor Szakats (10 Jul 2024)
-
-- cmake: detect `libidn2` also via `pkg-config`
-
- Also:
- - GHA/non-native: install `pkg-config` to detect libidn2 with cmake
- on NetBSD and FreeBSD.
- - GHA/non-native: tidy-up `curl --version` command if here.
-
- Cherry-picked from #14097
- Closes #14137
-
-- build: fix llvm 16 or older + Xcode 15 or newer, and gcc
-
- Xcode v15 (2023) or newer requires the built-in macro
- `__ENVIRONMENT_OS_VERSION_MIN_REQUIRED__`. This macro is missing from
- mainline llvm versions released earlier. llvm v17 introduced it here:
- https://github.com/llvm/llvm-project/commit/c8e2dd8c6f490b68e41fe663b44535a8a
- 21dfeab
-
- This patch defines the missing macro when the necessary conditions
- align, by using the value via the macro's old name.
-
- The issue affected SecureTransport builds: The SecureTransport code,
- `lib/md4.c` and `lib/md5.c`.
-
- Existing gcc versions (as of v14) also don't define this macro, so apply
- the patch to it as well. Even though gcc is incompatible in other ways,
- so this isn't fixing an actual curl build case that I could find yet.
-
- GHA macOS runner images have llvm v15 pre-installed, which broke builds
- when building with an affected Xcode:
- ```
- curl/lib/md4.c:80:14: error: '__ENVIRONMENT_OS_VERSION_MIN_REQUIRED__' is not
- defined, evaluates to 0 [-Werror,-Wundef]
- (__MAC_OS_X_VERSION_MIN_REQUIRED < 101500)) || \
- ^
- /Applications/Xcode_15.1.app/Contents/Developer/Platforms/MacOSX.platform/Dev
- eloper/SDKs/MacOSX14.2.sdk/usr/include/AvailabilityInternal.h:40:53: note: ex
- panded from macro '__MAC_OS_X_VERSION_MIN_REQUIRED'
- #define __MAC_OS_X_VERSION_MIN_REQUIRED __ENVIRONMENT_OS_VERSION_
- MIN_REQUIRED__
- ^
- In file included from curl/build/lib/CMakeFiles/libcurl_shared.dir/Unity/unit
- y_0_c.c:250:
- curl/lib/md5.c:75:14: error: '__ENVIRONMENT_OS_VERSION_MIN_REQUIRED__' is not
- defined, evaluates to 0 [-Werror,-Wundef]
- (__MAC_OS_X_VERSION_MIN_REQUIRED < 101500)) || \
- ^
- /Applications/Xcode_15.1.app/Contents/Developer/Platforms/MacOSX.platform/Dev
- eloper/SDKs/MacOSX14.2.sdk/usr/include/AvailabilityInternal.h:40:53: note: ex
- panded from macro '__MAC_OS_X_VERSION_MIN_REQUIRED'
- #define __MAC_OS_X_VERSION_MIN_REQUIRED __ENVIRONMENT_OS_VERSION_
- MIN_REQUIRED__
- ^
- 2 errors generated.
- ```
- Ref: https://github.com/curl/curl/actions/runs/9811974634/job/27095218578#ste
- p:4:20
-
- Cherry-picked from #14097
- Closes #14134
-
-- build: tidy up `__builtin_available` feature checks (Apple)
-
- - sync detection snippet between autotools and cmake
- It wasn't causing issues, but it's useful to avoid unnecessary
- differences while debugging.
-
- - cmake: limit check to `APPLE`.
-
- Ref: b05dc7eb3592305de9fa85640767f3dd2a8d4c93 #14122
- Cherry-picked from #14097
- Closes #14127
-
-- configure: limit `SystemConfiguration` test to non-c-ares, IPv6 builds
-
- The framework this check detects is necessary for the function
- `SCDynamicStoreCopyProxies()` used in `lib/macos.c`. Non-c-ares,
- IPv6-enabled builds touch this codepath.
-
- Limit the feature check for builds that actually need it.
-
- It brings this in sync with CMake which already worked this way.
-
- Cherry-picked from #14097
- Closes #14126
-
-- configure: fix `SystemConfiguration` detection
-
- Before this patch, `SystemConfiguration` detection failed due to this
- error when compiling the detection snippet:
- ```
- /Applications/Xcode_15.3.app/Contents/Developer/Platforms/MacOSX.platform/Dev
- eloper/SDKs/MacOSX.sdk/usr/include/TargetConditionals.h:140:50: error: missin
- g binary operator before token "("
- 140 | #if !defined(__has_extension) || !__has_extension(define_target_os_ma
- cros)
- | ^
- ```
- Ref: https://github.com/curl/curl/actions/runs/9821817534/job/27117929218#ste
- p:6:1079
-
- It occured with gcc-11 when combined with macOS SDK 14.4 and 14.5
- (default SDKs in Xcode 15.3 and 15.4 respectively). It did not happen
- with earlier releases.
-
- Despite the failure in `./configure`, `lib/macos.c` compiled with
- Apple's `TargetConditionals.h` just fine.
-
- Turns out that including the `sys/types.h` header before the SDK
- header fixes the error and makes the detection snippet compile.
-
- Cherry-picked from #14097
- Closes #14130
-
-- build: sync warning options between autotools, cmake & compilers
-
- - cmake: enable Apple-specific `-Werror=partial-availability` to match
- autotools.
-
- - autotools: enable `-pedantic-errors` with llvm/clang to match gcc and
- CMake.
-
- - autotools: enable `-Werror-implicit-function-declaration` for
- llvm/clang to match gcc.
-
- - cmake: enable `-Werror-implicit-function-declaration` to match
- autotools.
-
- - move `-Wpointer-bool-conversion` from autotools to the local file
- (`sectransp.c`) it was meant to apply. This way it applies to all
- build methods.
-
- - autotoos: show `CURL_CFLAG_EXTRAS` in the `./configure` summary.
- (it may contain `-Werror` and/or `-pedentic-errors`.)
-
- Cherry-picked from #14097
- Closes #14128
-
-- CI: simplify running curl with DLLs
-
- - update `PATH` instead of copying DLLs around.
- - drop redundant `export` from `export PATH`.
- - delete ending pathseps.
-
- Closes #14143
-
-Alex Snast (9 Jul 2024)
-
-- wolfssl: use larger error buffer when formatting errors
-
- Currently we're using WOLFSSL_MAX_ERROR_SZ to define the error buffer
- size, this value is user defined which means it can be overwritten with
- -DWOLFSSL_MAX_ERROR_SZ=512 when building wolfssl and this overwrite is
- not exported to the users of wolfssl.
-
- Instead of relying on WOLFSSL_MAX_ERROR_SZ we'll just use a 256 bytes
- error buffer and use wolfSSL_ERR_error_string_n to fill it thus dropping
- the dependency on WOLFSSL_MAX_ERROR_SZ altogether.
-
- Closes #14114
-
-Viktor Szakats (9 Jul 2024)
-
-- CI: bump FreeBSD Python packages
-
- Closes #14141
-
-- GHA/curl-for-win: don't run if only another CI was changed
-
- Closes #14142
-
-Daniel Stenberg (9 Jul 2024)
-
-- RELEASE-NOTES: synced
-
-Stefan Eissing (9 Jul 2024)
-
-- vtls: replace addsessionid with set_sessionid
-
- - deduplicate the code in many tls backends that check
- for an existing id and delete it before adding the new one
- - rename ssl_primary_config's `sessionid` bool to `cache_session`
-
- Closes #14121
-
-Daniel Stenberg (9 Jul 2024)
-
-- test1175: scan libcurl-errors.md, not the generated .3 version
-
- Closes #14133
-
-- test1139: scan .md files instead of .3 ones
-
- As they are the canonical sources.
-
- It still uses the curl.1 for command line option info.
-
- Closes #14132
-
-Stefan Eissing (9 Jul 2024)
-
-- cf-socket: remove obsolete recvbuf
-
- - recvbuf was never enabled, remove all its code
- - remove `fdsave`ing the socket as that is not longer needed
-
- Closes #14138
-
-Viktor Szakats (9 Jul 2024)
-
-- test1119: adapt for `.md` input
-
- Replace logic dealing with `.3` files to handle the Markdown syntax.
-
- Follow-up to eefcc1bda4bccd800f5a56a0fe17a2f44a96e88b #12730
- Cherry-picked from #14097
- Closes #14125
-
-- tests: include current directory when running test Perl commands
-
- Necessary to find generated files in the out-of-tree build directory.
- E.g. `tests/configurehelp.pm`, for tests 1119 and 1167.
-
- Before this patch macOS autotools builds were failing these two tests
- due to falling back to the default preprocessor (`cpp`) instead of
- the actual one configured. Then `cpp` failing to compile Apple SDK
- headers referenced by curl headers.
-
- Cherry-picked from #14097
- Closes #14124
-
-- configure: sort feature list, lowercase protocols, use backticks
-
- - sort features case-insensitively to match `curl -V` and cmake.
- `sort -f` is POSIX, but check if it's available anyway.
-
- - make protocols lowercase to match `curl -V` and cmake.
-
- - replace two outlier `$()` with backticks.
-
- Closes #14117
-
-Yedaya Katsman (8 Jul 2024)
-
-- variable.md: make example use expand
-
- I used double quotes since it seemed required for powershell, so this
- example works in both (ba)sh and powershell as well as cmd.exe.
-
- Closes #14118
-
-Andy Reitz (8 Jul 2024)
-
-- GIT-INFO.md: remove version requirements
-
- Keep them in docs/INTERNALS.md
-
- Bump lowest perl to 5.8
-
- Closes #14112
-
-Viktor Szakats (8 Jul 2024)
-
-- sectransp: fix `HAVE_BUILTIN_AVAILABLE` checks to not emit warnings
-
- `HAVE_BUILTIN_AVAILABLE` is a curl macro set via autotools and cmake.
- Like other `HAVE_`s it signals availability if defined.
-
- SecureTransport code was specifically looking for the value 1, which
- triggered compiler warnings when the feature was not present.
-
- Replace the existing workaround of locally suppressing the compiler
- warning with using `defined()`.
-
- autotools:
- ```
- 767 | #if (CURL_BUILD_MAC_10_13 || CURL_BUILD_IOS_11) && HAVE_BUILTIN_AVAILAB
- LE == 1
- | ^~~~~~~~~~~~~~~~~~
- ~~~~
- ../../lib/vtls/sectransp.c: In function 'sectransp_connect_step1':
- ../../lib/vtls/sectransp.c:1140:52: error: "HAVE_BUILTIN_AVAILABLE" is not de
- fined, evaluates to 0 [-Werror=undef]
- 1140 | #if (CURL_BUILD_MAC_10_13 || CURL_BUILD_IOS_11) && HAVE_BUILTIN_AVAIL
- ABLE == 1
- | ^~~~~~~~~~~~~~~~~~
- ~~~~
- ../../lib/vtls/sectransp.c:1240:52: error: "HAVE_BUILTIN_AVAILABLE" is not de
- fined, evaluates to 0 [-Werror=undef]
- 1240 | #if (CURL_BUILD_MAC_10_13 || CURL_BUILD_IOS_11) && HAVE_BUILTIN_AVAIL
- ABLE == 1
- | ^~~~~~~~~~~~~~~~~~
- ~~~~
- ../../lib/vtls/sectransp.c: In function 'sectransp_connect_step2':
- ```
- Ref: https://github.com/curl/curl/actions/runs/9815428701/job/27104448045#ste
- p:6:499
-
- cmake gcc:
- ```
- 1140 | #if (CURL_BUILD_MAC_10_13 || CURL_BUILD_IOS_11) && HAVE_BUILTIN_AVAIL
- ABLE == 1
- | ^~~~~~~~~~~~~~~~~~
- ~~~~
- /Users/runner/work/curl/curl/lib/vtls/sectransp.c:1240:52: error: "HAVE_BUILT
- IN_AVAILABLE" is not defined, evaluates to 0 [-Werror=undef]
- 1240 | #if (CURL_BUILD_MAC_10_13 || CURL_BUILD_IOS_11) && HAVE_BUILTIN_AVAIL
- ABLE == 1
- | ^~~~~~~~~~~~~~~~~~
- ~~~~
- /Users/runner/work/curl/curl/lib/vtls/sectransp.c: In function 'sectransp_con
- nect_step2':
- /Users/runner/work/curl/curl/lib/vtls/sectransp.c:2231:51: error: "HAVE_BUILT
- IN_AVAILABLE" is not defined, evaluates to 0 [-Werror=undef]
- 2231 | #if(CURL_BUILD_MAC_10_13 || CURL_BUILD_IOS_11) && HAVE_BUILTIN_AVAILA
- BLE == 1
- | ^~~~~~~~~~~~~~~~~~~
- ~~~
- ```
- Ref: https://github.com/curl/curl/actions/runs/9815428701/job/27104445425#ste
- p:8:355
-
- Cherry-picked from #14097
- Closes #14122
-
-- examples: suppress deprecation warnings locally
-
- Simplify making clean builds by silencing deprecation warnings inside
- the example code where these may occur.
-
- Drop related build tweaks/comments from GHA jobs.
-
- Example warning:
- ```
- curl/docs/examples/postit2-formadd.c:65:16: error: 'CURLFORM_COPYNAME' is dep
- recated: since 7.56.0. Use curl_mime_name() [-Werror=deprecated-declarations]
- 65 | CURLFORM_COPYNAME, "sendfile",
- | ^~~~~~~~~~~~~~~~~
- ```
- Ref: https://github.com/curl/curl/actions/runs/9841099503/job/27166970904#ste
- p:10:829
-
- Closes #14123
-
-- GHA/macos: bump parallel tests to -j5
-
- Credit-to: Dan Fandrich
- Cherry-picked from #11510 #14097
-
-- GHA/windows: usability improvements
-
- - move `curl --version` into separate step.
-
- - move configure log to separate step. Run on success, too.
-
- - add step with `curl_config.h` dump (full and brief/sorted).
-
- - make `autoreconf` a separate step.
-
- - add each job configuration a short name.
-
- - shorten job names.
- Dedupe/drop redundant info, introduce abbreviations:
- AM = autotools, CM = CMake, U = Unicode, R = Release, not -> `!`, etc.
- Instead of mentioning `debug`, mentioned when it's not.
-
- - simplify `PATH` forming for MSVC jobs.
- It's sufficient to add the release binary directory of vcpkg, the debug one
- is redundant.
- Follow-up to e26cbe20cbedbea0ca743dd33880517309315cb2 #13979
-
- - other minor tidy-ups.
-
- Closes #14116
-
-- GHA/macos: delete misplaced `CFLAGS`, drop redundant CMake option
-
- With macOS there is a long-term struggle with deprecation warnings.
- In curl they occur with LDAP, SecureTransport and in docs/examples.
-
- There are three ways to fix them:
- - by CFLAGS `-Wno-deprecated-declarations` as a workaround.
- - by CFLAGS `-mmacosx-version-min` set to a version where the the
- feature was not deprecated.
- - by CMake option `-DCMAKE_OSX_DEPLOYMENT_TARGET=`.
-
- In GHA CMake jobs, all three were used, and `-mmacosx-version-min` was
- set in a bogus way. Delete that bogus option, and delete the lone,
- redundant CMake option too.
-
- In a future commit I might replace the suppression option to properly
- setting the target OS.
-
- Follow-up to dfdd978f7c60224dffe2aac25b436dc0a5cd0186 #13491
- Cherry-picked from #14097
-
-- macos: add workaround for gcc, non-c-ares, IPv6, compile error
-
- Apple macOS SDK 13.0 and later are increasingly incompatible with gcc,
- which started causing CI errors with the 20240701.9 revision of the
- `macos-latest` (= `macos-14-arm64`) runner image.
-
- This error is happening inside an Apple SDK header. We use the header
- for calling a function in a resolver-related hack, in non-c-ares, IPv6
- builds. You can avoid the problem by using c-ares or disabling IPv6
- (or using clang, llvm, or a compatible gcc + SDK combination).
-
- This patch fixes affected builds by declaring the ncessary framework
- function manually, and not including the problematic header.
-
- This workaround is ugly, doesn't cover all combinations, and fragile.
-
- Other options are to disable this resolver-related hack for GCC, or to
- replace it with a solution that doesn't rely on Apple SDK.
-
- If you are aware of a stable fix or workaround, let us know.
-
- gcc 12.4.0 + macOS SDK 14.0 (Xcode 15.0.1) error example:
- ```
- In file included from /Applications/Xcode.app/Contents/Developer/Platforms/Ma
- cOSX.platform/Developer/SDKs/MacOSX14.0.sdk/System/Library/Frameworks/CoreFou
- ndation.framework/Headers/CoreFoundation.h:54,
- from /Applications/Xcode.app/Contents/Developer/Platforms/Ma
- cOSX.platform/Developer/SDKs/MacOSX14.0.sdk/System/Library/Frameworks/SystemC
- onfiguration.framework/Headers/SCDynamicStoreCopySpecific.h:30,
- from /Users/runner/work/curl/curl/lib/macos.c:33,
- from /Users/runner/work/curl/curl/build/lib/CMakeFiles/libcu
- rl_shared.dir/Unity/unity_0_c.c:244:
- /Applications/Xcode.app/Contents/Developer/Platforms/MacOSX.platform/Develope
- r/SDKs/MacOSX14.0.sdk/System/Library/Frameworks/CoreFoundation.framework/Head
- ers/CFUserNotification.h:126:1: error: attributes should be specified before
- the declarator in a function definition
- 126 | CF_INLINE CFOptionFlags CFUserNotificationCheckBoxChecked(CFIndex i)
- API_AVAILABLE(macos(10.0)) API_UNAVAILABLE(ios, watchos, tvos) {return ((CFOp
- tionFlags)(1UL << (8 + i)));}
- | ^~~~~~~~~
- /Applications/Xcode.app/Contents/Developer/Platforms/MacOSX.platform/Develope
- r/SDKs/MacOSX14.0.sdk/System/Library/Frameworks/CoreFoundation.framework/Head
- ers/CFUserNotification.h:127:1: error: attributes should be specified before
- the declarator in a function definition
- 127 | CF_INLINE CFOptionFlags CFUserNotificationSecureTextField(CFIndex i)
- API_AVAILABLE(macos(10.0)) API_UNAVAILABLE(ios, watchos, tvos) {return ((CFOp
- tionFlags)(1UL << (16 + i)));}
- | ^~~~~~~~~
- /Applications/Xcode.app/Contents/Developer/Platforms/MacOSX.platform/Develope
- r/SDKs/MacOSX14.0.sdk/System/Library/Frameworks/CoreFoundation.framework/Head
- ers/CFUserNotification.h:128:1: error: attributes should be specified before
- the declarator in a function definition
- 128 | CF_INLINE CFOptionFlags CFUserNotificationPopUpSelection(CFIndex n) A
- PI_AVAILABLE(macos(10.0)) API_UNAVAILABLE(ios, watchos, tvos) {return ((CFOpt
- ionFlags)(n << 24));}
- | ^~~~~~~~~
- ```
- Ref: https://github.com/curl/curl/actions/runs/9787982387/job/27025351601?pr=
- 14096#step:7:18
-
- The exact conditions are fuzzy. Oddly enough gcc 12.3.0 and the SDK
- same as above are _compatible_:
- https://github.com/curl/curl/actions/runs/9791701214/job/27036037162
-
- Also notice that similar errors can also happen in SecureTransport
- builds, due to the SDK headers required.
-
- Ref: https://github.com/curl/curl/pull/14097#issuecomment-2208639046
- Ref: https://github.com/curl/curl/pull/14091#issuecomment-2205870854
- Cherry-picked from #14097
- Closes #14119
-
-- cmake: feature casing fix and tidy-ups
-
- - fix casing of a feature (`Unicode`) in the feature list.
- - sort TLS backends case-insensitively.
- - sync feature/protocol list heading with `curl -V` and autotools.
-
- Closes #14120
-
-- GHA: ignore FTP test result in Windows jobs
-
- They are flaky.
-
- E.g.:
- - old-mingw-w64 7.3.0: 2001, 2039, 2083
- - msvc: 1501, 593 (multiple)
-
- Ref: https://github.com/curl/curl/pull/13599#issuecomment-2119372376
- Cherry-picked from #14116
-
-- GHA: improve vcpkg cache, add BoringSSL ECH and LibreSSL MSVC jobs
-
- - cache on a per-package basis.
- Replace manual caching with a built-in solution. It shares cached
- package builds between jobs, e.g. libssh2 only builds once
- per platform (instead of once per job). Individual packages are built
- as needed (not the whole per-job tree). It also fixes the duplicate
- cache entry issues.
- Ref: https://learn.microsoft.com/en-us/vcpkg/consume/binary-caching-github-
- actions-cache
- Follow-up to e26cbe20cbedbea0ca743dd33880517309315cb2 #13979
- Follow-up to cb22cfca69bded45bf7f9c72c8e6764990490f11 #14077
-
- - add BoringSSL job with ECH enabled. The first such job in the curl CI.
-
- - add LibreSSL job.
-
- - use vcpkg pre-installed on the runner image, instead of rolling our
- own. This is quicker, simpler and more robust.
- Follow-up to e26cbe20cbedbea0ca743dd33880517309315cb2 #13979
-
- - show pre-installed vcpkg and ports version.
-
- - drop `gsasl` dependency till it reaches the pre-installed vcpkg ports.
-
- - re-add `find .` to see the binaries generated.
-
- - simplify setting up `PATH`.
-
- - exclude failing tests for any job enabling WinIDN.
-
- - drop collecting and uploading log archives. We already dump CMake
- logs, and our build doesn't use Ninja. Rest of files weren't generated
- by the curl build. We don't aim to debug vcpkg package builds.
-
- Closes #14090
-
-Tal Regev (7 Jul 2024)
-
-- GHA: add MSVC UWP job, expand jobs with more options
-
- - add new dependencies: brotli, libpsl (requires libicu2) and gsasl.
-
- - enable WinIDN in a job. Exclude failing tests.
-
- - add UWP job and fix the build logic to support it.
-
- - increase timeouts to build the new dependencies.
-
- Assisted-by: Viktor Szakats
- Closes #14077
-
-Dan Fandrich (6 Jul 2024)
-
-- tests: fix sshd UserKnownHostsFile path for MinGW/Cygwin
-
- This is the same thing as the previous commit fd194f46 but on the next
- line.
-
- Follow-up to 70d2fca2
-
- Ref: #10818
-
-- tests: fix sshd IdentityFile path for MinGW/Cygwin
-
- This was missed during some refactoring more than a year ago and is
- causing a warning "Use of uninitialized value $path in pattern match".
-
- Follow-up to 70d2fca2
-
- Ref: #10818
- Closes #14113
-
-Viktor Szakats (7 Jul 2024)
-
-- build: add Debug, TrackMemory, ECH to feature list
-
- Also:
-
- - remove stray `ECH` and `HTTPSRR` from cmake protocol list.
-
- - stop excluding `Debug` and `TrackMemory` in `test1013.pl`.
-
- - configure: delete `CURL_CHECK_CURLDEBUG` check.
- Ref: 065047dc62cba3efde597fa5420d112fc2f4c500
- This check was effectively doing nothing, except disabling
- `--enable-curldebug` in `curl-config` for
- Cygwin/MSYS/cegcc/OS2/AIX targets with c-ares enabled.
-
- Closes #14096
-
-Dan Fandrich (5 Jul 2024)
-
-- CI: bump the libc6 on the linux-old build
-
- This contains some security fixes for nscd.
-
-Viktor Szakats (6 Jul 2024)
-
-- reuse: fix typo in comment
-
- Follow-up to 9104bad82004d908e1fe66a425f8ca78f975045d #14107
-
-Dan Fandrich (5 Jul 2024)
-
-- CI: Fix typo in comment
-
-- curl: follow-up to fix categories in --help
-
- The commit 6483813b was missing changes necessitated by 2abfc75 that
- causes a crash. Also, use ARRAYSIZE() for cleaner code.
-
- Follow-up to 6483813b
-
- Ref #14055
-
-- curl: list categories in --help
-
- This eliminates the need to run an extra help subcommand to get the
- possible categories, reducing the friction in getting relevant help. The
- help wording was also slightly tweaked for grammatical accuracy.
-
- Closes #14055
-
-Daniel Stenberg (5 Jul 2024)
-
-- RELEASE-NOTES: synced
-
-renovate[bot] (5 Jul 2024)
-
-- GHA: update actions/upload-artifact and actions/download-artifact
-
- update actions/upload-artifact digest to 0b2256b
- update actions/download-artifact digest to fa0a91b
-
- Closes #14111
- Closes #14110
-
-Max Mehl (5 Jul 2024)
-
-- reuse: switch to REUSE 3.2 and REUSE.toml
-
- - remove scripts/copyright.pl
-
- Closes #14107
-
-Yedaya Katsman (5 Jul 2024)
-
-- curl: move more options to deprecated category
-
- --no-npn, --sslv2, --sslv3
-
- Closes #14109
-
-Stefan Eissing (5 Jul 2024)
-
-- multi: pollset assertion only when IP connected
-
- Give warning for an empty pollset only when the connection has at least
- IP connectivity. There are cases where the connect in QUIC makes another
- attempt on a timeout and no socket will be available during that.
-
- Closes #14108
-
-Daniel Stenberg (5 Jul 2024)
-
-- cmdline-opts: category cleanup
-
- Option cleanups:
-
- --get is not upload
- --form* are post
- - added several options into ldap, smtp, imap and pop3
- - shortened the category descriptions in the list
-
- category curl fixes:
-
- --create-dirs removed from 'curl'
- --ftp-create-dirs removed from 'curl'
- --netrc moved to 'auth' from 'curl'
- --netrc-file moved to 'auth' from 'curl'
- --netrc-optional moved to 'auth' from 'curl'
- --no-buffer moved to 'output' from 'curl'
- --no-clobber removed from 'curl'
- --output removed from 'curl'
- --output-dir removed from 'curl'
- --remove-on-error removed from 'curl'
-
- Add a "global" category:
-
- - Made all "global" options set this category
-
- Add a "deprecated" category:
-
- - Moved the deprecated options to it (maybe they should not be in any
- category long term)
-
- Add a 'timeout' category
-
- - Put a number of appropriate options in it
-
- Add an 'ldap' category
-
- - Put the LDAP related option in there
-
- Remove categories "ECH" and "ipfs"
-
- - They should not be categories. Had only one single option each.
-
- Remove category "misc"
-
- - It should not be a category as it is impossible to know when to browse
- it.
-
- --use-ascii moved to ftp and output
- --xattr moved to output
- --service-name moved to auth
-
- Managen fixes:
-
- - errors if an option is given a category name that is not already setup
- for in code
-
- - verifies that options set `scope: global` also is put in category
- `global´
-
- Closes #14101
-
-Stefan Eissing (5 Jul 2024)
-
-- GHA: configure OpenSSL's libdir as 'lib' only
-
- Also mention in HTTP3.md
-
- OpenSSL has a bug that messes the config `--libdir=path` to become the
- wrong path in its pkgconfig files. If we just pass `--libdir=lib` it
- should avoid this.
-
- Ref: #14099
- See also: https://github.com/openssl/openssl/issues/23569
-
- Closes #14102
-
-Daniel Stenberg (5 Jul 2024)
-
-- tool_operate: simplify return code handling from url_proto()
-
- The additional checks were superfluous as it would only ever return
- error if one of those protocols were set. Also: a returned error
- *should* mean get out of there, without having to check more conditions.
-
- Closes #14104
-
-- tool_operate: check for --disable case *sensitively*
-
- curl command line options are specified with the correct casing or they
- don't match
-
- Closes #14103
-
-Stefan Eissing (4 Jul 2024)
-
-- transfer: avoid polling socket every transfer loop
-
- Improve download performance, minimal effort.
-
- Do not poll the socket for pending data every transfer loop iteration.
- This gives 10-20% performance gains on large HTTP/1.1 downloads (on my
- machine).
-
- Closes #14098
-
-Viktor Szakats (4 Jul 2024)
-
-- tests: delete `CharConv` remains
-
- Closes #14100
-
-- GHA: bump macOS CMake job parallelism to 4 (nproc+1) [ci skip]
-
- To match autotools ones and the rest of workflows.
-
- Follow-up to 464282ddfb214917be3d143c035f178f3b77f209 #13807
-
-Yedaya Katsman (4 Jul 2024)
-
-- help: add flags to output and ssh categories
-
- - Add --output, --remove-on-error, --output-dir and --created-dirs to
- the output help category
-
- - Add --hostpubmd5, --hostpubsha256, --insecure (-k), and --pubkey to
- the ssh help category
-
- Closes #14076
-
-Stefan Eissing (4 Jul 2024)
-
-- TODO: remove item about 'SSL_peak'
-
- GnuTLS todo item about using an equivalent of `SSL_peak()`, which
- nicely escaped the word checks, is no longer relevant.
-
- We do not use `SSL_peek()` anymore since connection filters were
- introduced.
-
- Closes #14091
-
-renovate[bot] (4 Jul 2024)
-
-- GHA: update dependency gnutls/gnutls to v3.8.6
-
- Closes #14094
-
-- GHA: update fsfe/reuse-action action to v4
-
- Closes #14095
-
-Viktor Szakats (3 Jul 2024)
-
-- GHA: Windows job exclusions tweaks
-
- - disable SMTP tests in MSYS2/mingw-w64 and MSVC jobs.
- On the suspicion of sometimes hanging:
- https://github.com/curl/curl/actions/runs/9346162475/job/25720437944?pr=138
- 55#step:14:2838
- https://github.com/curl/curl/actions/runs/9758011305/job/26931678639?pr=140
- 84#step:14:2834
- https://github.com/curl/curl/actions/runs/9774468536/job/26982805294#step:1
- 1:4731
-
- - run TFTP, MQTT, WebSockets tests in MSYS2/msys jobs again.
-
- - switch hanging old-mingw-w64 7.3.0 job to Release (from Debug).
- Guessing here, 9.5.0 is more solid, and one difference is
- Debug/Release mode. Let's match 7.3.0 with that and see how it changes
- hangs and flakiness.
- The other difference is Unicode ON in 7.3.0. Flaky 6.3.0 was also
- Debug, with Unicode OFF:
- 217878bade884202ee5fb2e80186c5fd130392e8 #13566.
- (Unicode unlikely to play a role here IMO.)
- If 7.3.0 keeps hanging / remains flaky I'll consider disabling its
- test runs.
-
- - opt-out from vcpkg telemetry.
-
- Ref: https://github.com/curl/curl/pull/13599#issuecomment-2119372376
- Closes #14085
-
-renovate[bot] (3 Jul 2024)
-
-- Dockerfile: update debian:bookworm-slim to 39868a6
-
- Closes #14083
-
-Daniel Stenberg (3 Jul 2024)
-
-- FEATURES.md: refresh
-
- - added lots of missing stuff
- - rearranged a little
- - remove all footnotes
-
- Closes #14086
-
-- RELEASE-NOTES: synced
-
-- curl_easy_perform.md: call it network transfer, not file transfer
-
-Viktor Szakats (2 Jul 2024)
-
-- winbuild: MS-DOS batch tidy-ups
-
- - prefer `.bat` extension over `.cmd` for MS-DOS batch, which also
- avoids confusion with OS/400 `.cmd` files.
- - cleanup `echo` quotes, drop them consistently.
- - delete empty output line from one of the error branches.
- - prefer lowercase commands like the rest of MS-DOS batches.
- - delete a contraction.
- - drop backticks from error message.
- - use `nmake.exe` consistently.
- - use equal/not-equal operator style consistently.
- - inline a single-line `if` branch.
- - delete exceptions and rules dealing with Windows `.cmd` extension.
-
- Closes #14084
-
-Stefan Eissing (2 Jul 2024)
-
-- multi: fix pollset during RESOLVING phase
-
- - add a DEBUGASSERT for when a transfer's pollset should not be empty.
- - move write unpausing from transfer loop into curl_easy_pause. This
- make sure that the url_updatesocket() finds the correct state when
- updating socket events.
- - fix HTTP/2 proxy during connect phase to set sockets correctly
- - fix test2600 to simulate a socket set
- - move write unpausing from transfer loop into curl_easy_pause. This
- make sure that the url_updatesocket() finds the correct state when
- updating socket events.
- - waiting for the resolver to deliver might not involve any sockets to
- wait for. Do not generate a warning.
-
- Fixes #14047
- Closes #14074
-
-Daniel Stenberg (2 Jul 2024)
-
-- cmdline-opts: shorten six help texts
-
- o --location-trusted
- o --next
- o --parallel-immmediate
- o --pinnedpubkey
- o --proxy-pass
- o --proxy-ssl-allow-beast
-
- Closes #14075
-
-- managen: fix removing backticks from subtitles
-
- It erroneously removed them from the wrong variable.
-
- Closes #14081
-
-Viktor Szakats (2 Jul 2024)
-
-- cmake: show protocols, then features
-
- To match the order used by `curl -V` and `./configure`.
-
- Closes #14082
-
-- cmdline-docs: fix `--proxy-ca-native` example + tidy-ups
-
- Also:
- - fix an indentation.
- - fix capitalized option in comment.
-
- Closes #14078
-
-- cmake: sync protocol/feature list with `curl -V` output
-
- - sort features case-insensitively.
- Requires CMake v3.13.0.
- Follow-up to 0f26abeef1dd1d1a02f8e12dbc3d51e73e9d2e9c #14063
-
- - convert protocol list to lowercase.
- But leave it uppercase in `curl-config`.
-
- Closes #14066
-
-- GHA/badwords.yml: fixup indent for yamllint [ci skip]
-
-renovate[bot] (1 Jul 2024)
-
-- GHA: update dependency awslabs/aws-lc to v1.31.0
-
- Closes #14080
-
-Daniel Stenberg (1 Jul 2024)
-
-- GHA/badwords.yml: check source code wording
-
- Closes #14073
-
-- code: language cleanup in comments
-
- Based on the standards and guidelines we use for our documentation.
-
- - expand contractions (they're => they are etc)
- - host name = > hostname
- - file name => filename
- - user name = username
- - man page => manpage
- - run-time => runtime
- - set-up => setup
- - back-end => backend
- - a HTTP => an HTTP
- - Two spaces after a period => one space after period
-
- Closes #14073
-
-Yedaya Katsman (1 Jul 2024)
-
-- docs: add RELEASE-TOOLS.md.dist to .gitignore
-
- Closes #14079
-
-Viktor Szakats (1 Jul 2024)
-
-- libcurl.pc: add more `Requires.private`/`Requires` dependencies
-
- - add `libmsh3` reference from cmake and autotools.
-
- - add `mit-krb5-gssapi` reference from cmake.
-
- It leaves GSS not set from autotools. The handling of heimdal in cmake
- is fuzzy, that's probably missing too.
-
- Follow-up to f057de5a1a950a90d1920021db152a4b695f1a8a #13911
- Closes #14072
-
-- cmake: improve wolfSSL detection
-
- - support detecting wolfSSL via pkg-config (like autotools.)
-
- - detect wolfSSL version.
-
- - detect `HAVE_WOLFSSL_DES_ECB_ENCRYPT`.
- (needs e.g. `--enable-curl` when building wolfSSL)
-
- - detect `HAVE_WOLFSSL_FULL_BIO` and enable HTTPS-proxy feature.
- (needs e.g. `--enable-opensslall` when building wolfSSL)
-
- - fix to show `HTTPS-proxy` in cmake feature list.
- Ref: 55807e6c056f27846d70cec70ee6ac3f0e5b3bbe #9962
-
- - fix to show `NTLM` in cmake feature list.
-
- - fix to show `smb` and `smbs` in cmake protocol list.
-
- - add wolfSSL CMake job to GHA (for macOS).
-
- - fix mqtt and wolfSSL symbol clash.
- ```
- ./curl/lib/mqtt.c: In function 'mqtt_doing':
- ./curl/lib/mqtt.c:746:17: error: declaration of 'byte' shadows a global dec
- laration [-Werror=shadow]
- 746 | unsigned char byte;
- | ^~~~
- /opt/homebrew/Cellar/wolfssl/5.7.0_1/include/wolfssl/wolfcrypt/types.h:85:3
- 6: note: shadowed declaration is here
- 85 | typedef unsigned char byte;
- | ^~~~
- ```
-
- - format `FindWolfSSL.cmake` closer to neighbours.
-
- Closes #14064
-
-Daniel Stenberg (1 Jul 2024)
-
-- curl_url_set: elaborate on scheme guessing
-
- Explain a little more and refer to the CURLU_NO_GUESS_SCHEME flag
- for getting scheme or URL.
-
- Closes #14071
-
-- docs: misc language polish
-
- - CURLINFO_FILETIME*: improve language
- - add '32bit' and '64bit' as bad words, use 32-bit and 64-bit
- - mksymbolsmanpage.pl: avoid "will"
-
- Closes #14070
-
-- curl_easy_escape: elaborate a little on encoding a URL
-
- Closes #14069
-
-Viktor Szakats (1 Jul 2024)
-
-- cmake: fix feature and protocol lists for SecureTransport
-
- NTLM was missing from the features list, and SMB/SMBS from
- the protocols list in SecureTransport builds.
-
- Follow-up to 76a9c3c4be10b3d4d379d5b23ca76806bbae536a #3619
-
- Reported-by: Tal Regev
- Bug: https://github.com/curl/curl/pull/13963#issuecomment-2178791390
- Closes #14065
-
-Daniel Stenberg (1 Jul 2024)
-
-- curl_str[n]equal.md: tidy up text to make them stand-alone
-
- Previously this was one single manpage for two functions but as they are
- two separate ones since a while back, they should each clearly document
- their single specific functions.
-
- Follow-up to eefcc1bda4bc
-
- Closes #14068
-
-- RELEASE-NOTES: synced
-
-Tal Regev (30 Jun 2024)
-
-- GHA: use vcpkg to install packages for MSVC jobs
-
- - enable new dependencies for existing jobs.
-
- - add cache for vcpkg packages.
-
- - tidy-up CMake options and environment for vcpkg.
-
- Closes #13979
-
-Daniel Stenberg (30 Jun 2024)
-
-- curl_mprintf.md: add missing comma
-
-- CURLOPT_TLSAUTH_PASSWORD/USERNAME.md: language fixups
-
- - relies *on* TLS SRP
- - *for* the specific TLS backends
-
- Closes #14061
-
-- docs/libcurl: polish the single-line descriptions
-
- - use imperative form
- - use lowercase
- - no period
- - unify some phrases
- - fix curl_multi_socket and curl_multi_socket_all to keep their own
- descriptions
-
- Closes #14062
-
-Viktor Szakats (30 Jun 2024)
-
-- cmake: alpha-sort feature list
-
- Like autotools does.
-
- Closes #14063
-
-renovate[bot] (29 Jun 2024)
-
-- GHA: update github/codeql-action digest to b611370
-
- Closes #14058
-
-Tatsuhiro Tsujikawa (29 Jun 2024)
-
-- vquic: fix UDP_GRO struct cmsghdr data type
-
- The data type for UDP_GRO in struct cmsghdr is int. Limit the usage of
- UDP_GRO to linux only because it is not portable.
-
- Closes #14056
-
-Sertonix (29 Jun 2024)
-
-- mk-ca-bundle.pl: delay 'curl -V' execution until it is needed
-
- Avoid an `Can't exec "curl"` message when curl is not actually needed.
-
- Closes #14060
-
-Daniel Stenberg (29 Jun 2024)
-
-- src/Makefile.am: remove SUBDIRS assignment
-
- It was once used to continue into ../docs but is just leftovers now.
-
- Closes #14054
-
-z2_ (28 Jun 2024)
-
-- x509asn1: remove superfluous free()
-
-Stefan Eissing (28 Jun 2024)
-
-- ngtcp2+quictls: fix cert-status use
-
- - add test for --cert-status on all http versions
-
- Reported-by: Dexter Gerig
- Fixes #14049
- Closes #14050
-
-Daniel Stenberg (28 Jun 2024)
-
-- RELEASE-PROCEDURE.md: update release date
-
-- managen: insert final .fi for files ending with a quote
-
- When an individual file ended with a quote (typically an example), the
- render function would return without ending the quote correctly with a
- ".fi" (fill in) in the manpage output.
-
- This made the additional text provided below to render wrongly.
-
- Closes #14048
-
-Junho Choi (28 Jun 2024)
-
-- quic: update to quiche 0.22.0
-
- quiche 0.22.0 will set SONAME in libquiche.so (libquiche.so.0) for
- linux/BSDs. Install a symlink with SONAME.
-
- Closes #14030
- Closes #14046
-
-Daniel Stenberg (28 Jun 2024)
-
-- managen: introduce "Multi: per-URL"
-
- For -O, -o and -T that are used once per specified URL.
-
- Closes #14045
-
-- quiche: fix operand of ‘?:’ changes signedness
-
- ... from ‘int’ to ‘curl_uint64_t’
-
- Closes #14041
-
-- GHA: add --enable-werror to the quiche job
-
- Closes #14041
-
-- KNOWN_BUGS: three new bugs
-
- These have lingered in the issue tracker for a long time without action.
- We don't expect any fixes in the near term either. Move them to the
- KNOWN_BUGS document.
-
- Closes #12177
- Closes #12171
- Closes #13350
-
- Closes #14042
-
-Viktor Szakats (27 Jun 2024)
-
-- CI: add whitespace checker
-
- Fix issues detected.
-
- Also:
-
- - One of the `.vc` files used LF EOLs, while the other didn't.
- Make that one also use LF EOLs, as this is apparently supported by
- `nmake`.
-
- - Drop `.dsw` and `.btn` types from `.gitattributes`.
- The repository doesn't use them.
-
- - Sync section order with the rest of files in
- `tests/certs/EdelCurlRoot-ca.prm`.
-
- - Indent/align `.prm` and `.pem` files.
-
- - Delete dummy `[something]` section from `.prm` and `.pem` files.
-
- Mental note:
- MSVC `.sln` files seem to accept spaces for indentation and also support
- LF line-endings. I cannot test this and I don't know what's more
- convenient when updating them, so left them as-is, with specific
- exclusions.
-
- Closes #14031
-
-- CI: fix typo in job name
-
- Closes #14040
-
-Stefan Eissing (27 Jun 2024)
-
-- tests/httpd: adjust ReadBufferSize for better performance
-
- - list httpd and caddy versions in scorecard run
-
- Closes #14039
-
-Daniel Stenberg (27 Jun 2024)
-
-- runtests: fix %VERNUM
-
- It needs to be set to the leading digits and dots only, so that the
- `-[date]` suffix strings are not included, as those used in the daily
- snapshots.
-
- Fixes #14035
- Reported-by: Marcel Raad
- Closes #14036
-
-Philip Heiduck (27 Jun 2024)
-
-- CI/synopsis.yml: run on `.md` files
-
- Reported-by: Viktor Szakats
- Fixes #14032
- Closes #14037
-
-Daniel Stenberg (27 Jun 2024)
-
-- verify-synopsis.pl: work with .md files
-
- Ref: #14037
- Closes #14038
-
-- conncache: done always evaluates to false
-
- Follow-up to c9b95c0bb30f88bf00e1ac
-
- Spotted by CodeSonar
-
- Reviewed-by: Stefan Eissing
- Closes #14034
-
-- lib: add a few DEBUGASSERT(data) to aid code analyzers
-
- ... where 'data' is assumed to always work.
-
- Closes #14033
-
-- RELEASE-NOTES: synced
-
-Viktor Szakats (26 Jun 2024)
-
-- tidy-up: use `/usr/bin/env perl` shebang
-
- Most Perl scripts already used it. Sync up the few outliers.
-
- Closes #14029
-
-Stefan Eissing (26 Jun 2024)
-
-- quic: openssl quic, cmake and doc version update to 3.3.0
-
- Closes #14028
-
-- http/3: add shutdown support
-
- - openssl-quic shutdown handling
- - ngtcp2 shutdown handling
- - quiche shutdown handling
- - add test_19_06 for verfication
-
- Reported-by: Dexter Gerig
- Closes #14027
- Fixes #14022
-
-Daniel Stenberg (26 Jun 2024)
-
-- tests: verify managen
-
- 1705: verifies the manpage output
-
- 1706: verifies the ascii output
-
- Closes #14025
-
-- runtests: support %DATE for YYYY-MM-DD of right now
-
-- runtests: support %VERNUM
-
- For the plain version number of the built curl without -DEV etc. Only
- digits and dots.
-
-- managen: only output .RE for manpage output
-
- For ascii they are just rubbish.
-
- Closes #14025
-
-Tatsuhiro Tsujikawa (26 Jun 2024)
-
-- quic: enable UDP GRO
-
- Closes #14012
-
-Stefan Eissing (26 Jun 2024)
-
-- quic: require at least OpenSSL 3.3 for QUIC
-
- - when checking for QUIC support in OpenSSL, also check
- for it being at least 3.3.0
- - remove workarounds for features buggy or missing in 3.2
-
- Closes #14026
-
-Daniel Stenberg (26 Jun 2024)
-
-- FILEFORMAT.md: mentioned <file[num]> for "client"
-
- They can be used to create more files.
-
- Closes #14024
-
-Marcel Raad (26 Jun 2024)
-
-- system_win32: add missing curl.h include
-
- It's required for `CURLcode`.
-
- Closes https://github.com/curl/curl/pull/14019
-
-Daniel Stenberg (26 Jun 2024)
-
-- TODO: specify which response codes that make -f/--fail return error
-
- Suggestion from the user survey 2024
-
- Closes #14020
-
-Stefan Eissing (26 Jun 2024)
-
-- lib: graceful connection shutdown
-
- When libcurl discards a connection there are two phases this may go
- through: "shutdown" and "closing". If a connection is aborted, the
- shutdown phase is skipped and it is closed right away.
-
- The connection filters attached to the connection implement the phases
- in their `do_shutdown()` and `do_close()` callbacks. Filters carry now a
- `shutdown` flags next to `connected` to keep track of the shutdown
- operation.
-
- Filters are shut down from top to bottom. If a filter is not connected,
- its shutdown is skipped. Notable filters that *do* something during
- shutdown are HTTP/2 and TLS. HTTP/2 sends the GOAWAY frame. TLS sends
- its close notify and expects to receive a close notify from the server.
-
- As sends and receives may EAGAIN on the network, a shutdown is often not
- successful right away and needs to poll the connection's socket(s). To
- facilitate this, such connections are placed on a new shutdown list
- inside the connection cache.
-
- Since managing this list requires the cooperation of a multi handle,
- only the connection cache belonging to a multi handle is used. If a
- connection was in another cache when being discarded, it is removed
- there and added to the multi's cache. If no multi handle is available at
- that time, the connection is shutdown and closed in a one-time,
- best-effort attempt.
-
- When a multi handle is destroyed, all connection still on the shutdown
- list are discarded with a final shutdown attempt and close. In curl
- debug builds, the environment variable `CURL_GRACEFUL_SHUTDOWN` can be
- set to make this graceful with a timeout in milliseconds given by the
- variable.
-
- The shutdown list is limited to the max number of connections configured
- for a multi cache. Set via CURLMOPT_MAX_TOTAL_CONNECTIONS. When the
- limit is reached, the oldest connection on the shutdown list is
- discarded.
-
- - In multi_wait() and multi_waitfds(), collect all connection caches
- involved (each transfer might carry its own) into a temporary list.
- Let each connection cache on the list contribute sockets and
- POLLIN/OUT events it's connections are waiting for.
-
- - in multi_perform() collect the connection caches the same way and let
- them peform their maintenance. This will make another non-blocking
- attempt to shutdown all connections on its shutdown list.
-
- - for event based multis (multi->socket_cb set), add the sockets and
- their poll events via the callback. When `multi_socket()` is invoked
- for a socket not known by an active transfer, forward this to the
- multi's cache for processing. On closing a connection, remove its
- socket(s) via the callback.
-
- TLS connection filters MUST NOT send close nofity messages in their
- `do_close()` implementation. The reason is that a TLS close notify
- signals a success. When a connection is aborted and skips its shutdown
- phase, the server needs to see a missing close notify to detect
- something has gone wrong.
-
- A graceful shutdown of FTP's data connection is performed implicitly
- before regarding the upload/download as complete and continuing on the
- control connection. For FTP without TLS, there is just the socket close
- happening. But with TLS, the sent/received close notify signals that the
- transfer is complete and healthy. Servers like `vsftpd` verify that and
- reject uploads without a TLS close notify.
-
- - added test_19_* for shutdown related tests
- - test_19_01 and test_19_02 test for TCP RST packets
- which happen without a graceful shutdown and should
- no longer appear otherwise.
- - add test_19_03 for handling shutdowns by the server
- - add test_19_04 for handling shutdowns by curl
- - add test_19_05 for event based shutdowny by server
- - add test_30_06/07 and test_31_06/07 for shutdown checks
- on FTP up- and downloads.
-
- Closes #13976
-
-Daniel Stenberg (25 Jun 2024)
-
-- managen: fix blank line detection
-
- Follow-up to d14a53eea7b87 which ruined the output somewhat.
-
- Closes #14017
-
-- managen: output tabs for each 8 leading spaces
-
- This replacing of eight leading spaces into tabs was already done for
- the embedded uncompressed version in tool_hugehelp.c so it does not save
- anything there. But the gzip compressed version ends up almost 2K
- smaller.
-
- The output in a terminal should be identical.
-
- Before using TABs:
-
- curl.txt 282492 bytes
- curl.txt.gz 73261 bytes
-
- With this change applied:
-
- curl.txt 249382 bytes
- curl.txt.gz 71470 bytes
-
- Closes #14016
-
-- managen: error on trailing blank lines in input files
-
- Ref: #14014
- Closes #14015
-
-Viktor Szakats (25 Jun 2024)
-
-- tidy-up: more whitespace
-
- Closes #14014
-
-Stefan Eissing (25 Jun 2024)
-
-- multi: multi_getsock(), check correct socket
-
- - in phase CONNECTING/TUNNELING/PROTOCONNECT, retrieve
- the socket from the connection filters and do not rely
- on `conn->sockfd` being already set by the transfer.
- - this applies to the default behaviour, a protocol handler
- may override this via its callbacks.
- - add a warning message in multi_getsock() when the transfer
- is expected to have something in its pollset, but instead
- it is empty.
-
- Reported-by: saurabhsingh-dev on github
- Fixes #13998
- Closes #14011
-
-Daniel Stenberg (25 Jun 2024)
-
-- managen: fix each options footer to end with newline
-
- A previous change sometimes made a command line option's description not
- end with a newline immediately before the next command line.
-
- Also widened the lines to wrap on column 79 instead of 78.
-
- Closes #14010
-
-Alex Snast (25 Jun 2024)
-
-- wolfssl: assume key_file equal to clientcert in the absence of key_file
-
- When user sets CURLOPT_SSLCERT but leaves CURLOPT_SSLKEY unset assume
- the path passed in CURLOPT_SSLCERT holds the ssl key which is what we do
- in openssl implementation.
-
- Fixes #14007
- Closes #14008
-
-Viktor Szakats (24 Jun 2024)
-
-- autotools: fix pkg-config names (zstd, ngtcp2*)
-
- Also verified that all names now match up with CMake.
-
- Follow-up to f057de5a1a950a90d1920021db152a4b695f1a8a #13911
- Follow-up to eeab0ea7aa19af61af881e8a0bf9ff1f2e28ef79 #13994
- Reported-by: 李四
- Fixes #14005
- Closes #14006
-
-- tidy-up: whitespace [ci skip]
-
-Daniel Stenberg (24 Jun 2024)
-
-- cmdline-docs: "added in" cleanups
-
- - markup fixes
- - remove some mentions of < 7.60.0 changes
-
- Closes #14003
-
-- RELEASE-NOTES: synced
-
-- managen: "added in" fixes
-
- - up the limit: remove all mentions of 7.60 or earlier from manpage
- 7.60 is 6 years old now.
- - warn on "broken" added in lines, as they avoid detection
- - fixup added in markup in a few curldown files
-
- Closes #14002
-
-Matt Jolly (24 Jun 2024)
-
-- configure: fix pkg-config library name 'libnghttp3'
-
- Closes #13994
-
-Daniel Stenberg (24 Jun 2024)
-
-- managen: cleanups to generate nicer-looking output
-
- - output "see also" last
- - when there are multiple mutex items, use commas between all of them
- except the last.
- - call them mututally exclusive WITH not TO other options.
- - remove trailing space from added in, add newline prefix
- - smoother language for requires
-
- Closes #14001
-
-- configure: require a QUIC library if nghttp3 is used
-
- Instead of just silently disabling HTTP/3.
-
- Reported-by: Matt Jolly
- Fixes #13995
- Closes #13999
-
-- docs/cmdline-opts: remove two superfluous "Added in" mentions
-
- The key "added in" phrase for the option itself is added automatically.
-
- Closes #14000
-
-- cookie-jar.md: see also --junk-session-cookies
-
- Closes #13996
-
-- runtests: support crlf="yes" for the <stderr> section
-
-- TODO: -h option
-
- Support "curl -h --insecure" etc to output the manpage section for the
- --insecure command line option in the terminal. Should be possible to
- work with either long or short versions of command line options.
-
- Closes #13990
-
-- trace-ascii.md: mention "%" for stderr
-
- Closes #13991
-
-- connect-to.md: expand with examples
-
- - add referer from the resolve section to connect-to if user wants
- wildcard for the port number
-
- Closes #13989
-
-- TODO: connect to multiple IPs in parallel
-
- Closes #13986
-
-- dump-header.md: mention minus for stdout
-
- Closes #13985
-
-- CURLOPT_RESOLVE.md: mention hostname can be wildcard ('*')
-
- Closes #13983
-
-Andy Pan (22 Jun 2024)
-
-- cf-socket: optimize curlx_nonblock() and check its return error
-
- Reviewed-by: Stefan Eissing
- Closes #13942
-
-z2_ (22 Jun 2024)
-
-- x509asn1: prevent NULL dereference
-
- Closes #13978
-
-Daniel Stenberg (19 Jun 2024)
-
-- unit2604: use 'unitfail' instead of 'error' variable
-
- Since the framework is already returning that variable by default.
- Avoids a warning for unreachable code.
-
- Reported-by: Tal Regev
- Fixes #13967
- Closes #13973
-
-- KNOWN_BUGS: TFTP tests fail on OpenBSD
-
- Closes #13623
- Closes #13975
-
-- VULN-DISCLOSURE-POLICY: NULL dereferences and crashes
-
- If a malicious server can trigger a NULL dereference in curl or
- otherwise cause curl to crash (and nothing worse), chances are big that
- we do not consider that a security problem.
-
- Closes #13974
-
-- RELEASE-NOTES: synced
-
-Sergey Markelov (19 Jun 2024)
-
-- mbedtls: support CURLOPT_CERTINFO
-
- Closes #13113
-
-Daniel Stenberg (19 Jun 2024)
-
-- x509asn1: ASN1tostr() should fail when 'constructed' is set
-
- This is a regression from my refactor in 623c3a8fa0bdb (#12808)
-
- Follow-up to 623c3a8fa0bdb2751f14b37417
-
- Closes #13972
-
-- x509asn1: remove two static variables
-
- cnOID and sanOID were not used outside of the OID table anyway
-
- Closes #13971
-
-brian m. carlson (18 Jun 2024)
-
-- TODO: TLS channel binding
-
- Closes #13483
-
-Tal Regev (17 Jun 2024)
-
-- cmake: add CURL_USE_GSASL option with detection + CI test
-
- Reviewed-by: Viktor Szakats
- Closes #13948
-
-Daniel Stenberg (16 Jun 2024)
-
-- x509asn1: make Curl_extract_certinfo store error message
-
- To help us all better understand where the error actually comes from.
-
- Ref: #13958
- Closes #13959
-
-Viktor Szakats (15 Jun 2024)
-
-- appveyor: dump build logs on failure in VS2008 jobs
-
- This seems to be the only way to see what actual toolchain commands were
- run, and with what arguments.
-
- Without `dos2unix`, `cat` output comes out empty.
-
- Closes #13957
-
-- cmake: fix quotes when appending multiple options (SecureTransport)
-
- Copied from a vcpkg distro patch:
- https://github.com/microsoft/vcpkg/blob/02745e0f4749d1f51d2025824209408f5a6c3
- 614/ports/curl/dependencies.patch#L43C38-L44
-
- Ref: https://github.com/microsoft/vcpkg/pull/38847
- Ref: https://github.com/microsoft/vcpkg/commit/795f2f137e6cf6d985fcc927bffcaf
- 9c0a96e4ac
- Ref: https://github.com/microsoft/vcpkg/pull/38847/commits/36f0c917de5319e953
- 61451fc0aef0698b264874#diff-ab5c23e5dc5df412539cc93e24b37abbc588e1918236f8abc
- 019d676b270c85fR39 (sub-commit)
-
- Authored-by: Kai Pastor
- Closes #13953
-
-Daniel Stenberg (15 Jun 2024)
-
-- CURLOPT_NETRC.md: clarify what it does on Windows
-
- Closes #13956
-
-- KNOWN_BUGS: "HTTP/2 + TLS spends a lot of time in recv"
-
- Closes #13416
- Closes #13955
-
-- RELEASE-NOTES: synced
-
-Yedaya Katsman (14 Jun 2024)
-
-- examples: add missing binaries to .gitignore
-
- They were showing as changed when built. Add them sorted alphabetically,
- while also moving a few more entries to sorted order.
-
- Closes #13952
-
-- docs: reference non deprecated libcurl options
-
- There are a places where man pages reference deprecated CURLOPT options,
- where it doesn't make sense, replace them with the reccomended
- replacement option.
-
- also remove reference to the removed mesalink TLS backend
-
- Closes #13951
-
-Daniel Stenberg (14 Jun 2024)
-
-- gnutls: pass in SNI name, not hostname when checking cert
-
- The function we use is called 'gnutls_x509_crt_check_hostname()' but if
- we pass in the hostname with a trailing dot, the check fails. If we pass
- in the SNI name, which cannot have a trailing dot, it succeeds for
- https://pyropus.ca./
-
- I consider this as a flaw in GnuTLS and have submitted this issue
- upstream:
-
- https://gitlab.com/gnutls/gnutls/-/issues/1548
-
- In order to work with old and existing GnuTLS versions, we still need
- this change no matter how they view the issue or might change it in the
- future.
-
- Fixes #13428
- Reported-by: Ryan Carsten Schmidt
- Closes #13949
-
-- BINDINGS: update java link to one that exists
-
- The previous java binding seems to have vanished. Link to one that still
- exists.
-
- Bug: https://github.com/curl/everything-curl/issues/456
- Reported-by: Jiang Wenjian
- Closes #13950
-
-renovate[bot] (14 Jun 2024)
-
-- GHA: update pinned actions
-
- - github/codeql-action digest to 23acc5c
- - actions/checkout digest to 692973e
- - rojopolis/spellcheck-github-actions digest to d354a4d
-
- Closes #13935
- Closes #13945
- Closes #13946
-
-Jay Satiro (14 Jun 2024)
-
-- tool_cb_hdr: allow etag and content-disposition for 3xx reply
-
- - Parse etag and content-disposition headers for 3xx replies.
-
- For example, a server may send a content-disposition filename header
- with a redirect reply (3xx) but not with the final response (2xx).
- Without this change curl would ignore the server's specified filename
- and continue to use the filename extracted from the user-specified URL.
-
- Prior to this change, 75d79a4 had limited etag and content-disposition
- to 2xx replies only.
-
- Tests-by: Daniel Stenberg
-
- Reported-by: Morgan Willcock
- Fixes https://github.com/curl/curl/issues/13302
- Closes #13484
-
-Daniel Stenberg (13 Jun 2024)
-
-- transfer: set CSELECT_IN if there is data pending
-
- When aborting the transfer loop early, like when there is rate limiting
- in effect, there might be buffered data already read off the socket so
- the socket might not signal reability. Therefore we must set the
- CSELECT_IN manually if data_pending_() suggests there might be more data
- to get. This is particularly noticeable with SSH when the underlying
- library has drained the socket and holds pending data in its buffer.
-
- Reported-by: alervd on github
- Fixes #13695
- Closes #13943
-
-Viktor Szakats (13 Jun 2024)
-
-- cmake: enable SOVERSION for Cygwin and `CMAKE_DLL_NAME_WITH_SOVERSION`
-
- - enable SOVERSION when `CMAKE_DLL_NAME_WITH_SOVERSION=ON` is set.
- Ref: https://cmake.org/cmake/help/v3.27/variable/CMAKE_DLL_NAME_WITH_SOVERS
- ION.html
- Use: https://github.com/search?q=-DCMAKE_DLL_NAME_WITH_SOVERSION&type=code
-
- - enable SOVERSION for Cygwin builds by default.
-
- Ref: #13936
- Ref: #13944
- Closes #13898
-
-- cmake: allow SOVERSION override with `CURL_LIBCURL_SOVERSION`
-
- Allow overriding SOVERSION with the new CMake option:
- `CURL_LIBCURL_SOVERSION=ON/OFF`
-
- For certain target platforms the shared libcurl library filename
- contains the SOVERSION. This new option allows to enable/disable
- this behavior manually. If set, it takes precedence over the default
- setting.
-
- Ref: #13898
- Closes #13944
-
-renovate[bot] (13 Jun 2024)
-
-- Dockerfile: update debian:bookworm-slim to 84d83b2
-
- Closes #13934
-
-Daniel Stenberg (13 Jun 2024)
-
-- configure: use AC_MSG_WARN for TLS/experimental warning texts
-
- - no longer warns for mbedtls
- - warns for each item on individual lines
- - no longer shows irrelevant TLS libraries when multiple are selected
- - removes ech repetition
-
- Closes #13941
-
-- GHA: detect and warn for more English contractions
-
- As we try to avoid them in curl documentation
-
- Closes #13940
-
-Stefan Eissing (13 Jun 2024)
-
-- transfer: do not use EXPIRE_NOW while blocked
-
- - When a transfer sets `data->state.select_bits`, it is
- scheduled for rerun with EXPIRE_NOW. If such a transfer
- is blocked (due to PAUSE, for example), this will lead to
- a busy loop.
- - multi.c: check for transfer block
- - sendf.*: add Curl_xfer_is_blocked()
- - sendf.*: add client reader `is_paused()` callback
- - implement is_paused()` callback where needed
-
- Closes #13908
-
-renovate[bot] (13 Jun 2024)
-
-- ci: update dependency ngtcp2/ngtcp2 to v1.6.0
-
- Closes #13939
-
-- ci: update ngtcp2/nghttp3 to v1.4.0
-
- Closes #13938
-
-Viktor Szakats (13 Jun 2024)
-
-- cmake: stop setting SOVERSION for the static lib target
-
- Also move the logic closer to its use and related tidy-ups.
-
- Cherry-picked from #13898
- Closes #13936
-
-Patrick Monnerat (13 Jun 2024)
-
-- os400: make it compilable again
-
- A newly introduced use of getsockname() in the cli tool makes it require
- the ascii wrapper module, which is not available outside of the library:
- as the tool only uses the address family field (binary), disable
- wrappers outside of libcurl.
-
- Fix setsockopt() parameter type mismatch using a (void *) cast.
-
- Sync ILE/RPG binding.
-
- Closes #13930
-
-Viktor Szakats (13 Jun 2024)
-
-- libcurl.pc: add `Requires.private`, `Requires` for static linking
-
- - cmake: populate for dependencies.
- - autotools: populate for dependencies.
- (including mbedtls, though the script does not detect
- mbedtls through pkgconfig. mbedtls 3.6.0 now supports it.)
-
- Skip dealing with gssapi in this patch.
-
- Fixes #864
- Closes #13911
-
-- cmake: bring `curl-config.cmake` closer to `FindCURL`
-
- Set `CURL_LIBRARIES` and `CURL_INCLUDE_DIRS` variables
- for compatibility with CMake's `FindCURL.cmake`:
- https://github.com/Kitware/CMake/blob/b411d0146c2e06acfb0c823bb039e99f0191b61
- 1/Modules/FindCURL.cmake#L209
-
- For dependent projects, CMake's suggestion is to replace
- `CURL_LIBRARIES` with `CURL::libcurl`, and drop `CURL_INCLUDE_DIRS`.
-
- Reported-by: Aurélien Pierre
- Ref: https://curl.se/mail/lib-2024-06/0014.html
- Ref: https://gitlab.kitware.com/cmake/cmake/-/issues/24580
- Closes #13897
-
-Daniel Stenberg (13 Jun 2024)
-
-- tool_getparam: fix the bsearch call for ip-tos names
-
- Follow-up to 3c20ae08b9591
- Reported-by: Samuel Chiang
- Fixes #13932
- Closes #13933
-
-- request: change the struct field bodywrites to a bool, only for hyper
-
- Only hyper needs to know this, and it can use it as a boolean.
-
- Closes #13928
-
-Andy Pan (12 Jun 2024)
-
-- test: fix CURLOPT_TCP_KEEPCNT typo
-
- Follow up to b77d627d242
-
- Closes #13931
-
-Daniel Stenberg (12 Jun 2024)
-
-- http: remove "struct HTTP"
-
- It is not actually used anymore and only contained a dummy struct field.
- Remove all traces and uses of it.
-
- Closes #13927
-
-- cd2nroff: convert two warnings to errors
-
- Since the warnings tend to get missed too easily and these are problems
- we rather want addressed than letting slide.
-
- Closes #13929
-
-- urlapi: use a correct value for CURLU_NO_GUESS_SCHEME
-
- It was mistakenly set to the same value as CURLU_GET_EMPTY uses.
-
- Reported-by: Patrick Monnerat
- Bug: https://github.com/curl/curl/commit/655d44d139489625e77cf6790d36
- Closes #13926
-
-- file: separate fake headers and body with a stand-alone CRLF
-
- Instead of bolting on the extra CRLF to the final header - as that makes
- the behavior inconsistent and not as documented. The final CRLF is now
- also made unconditional, just like it is for HTTP.
-
- Reported-by: dogma
- Bug: https://curl.se/mail/lib-2024-06/0033.html
- Closes #13925
-
-- RELEASE-NOTES: synced
-
-Andy Pan (12 Jun 2024)
-
-- tcpkeepalive: add CURLOPT_TCP_KEEPCNT and --keepalive-cnt
-
- Closes #13885
-
-Daniel Stenberg (12 Jun 2024)
-
-- TODO: make it "Add missing features to TLS backends"
-
- ... instead of just mentioning CA caching.
-
- Closes #13924
-
-Orgad Shaneh (11 Jun 2024)
-
-- curl: support VLAN Priority: --vlan-priority
-
- Add --vlan-priority option to the command line tool for setting VLAN
- priority.
-
- Closes #13907
-
-RainRat (11 Jun 2024)
-
-- misc: fix typos
-
- Closes #13923
-
-Daniel Stenberg (11 Jun 2024)
-
-- CURLOPT_ECH.md: remove repeated 'if'
-
- Closes #13922
-
-- vms: fixed language in comment
-
- It started with me fixing a repeated "are are" but the wording was
- incomprehensible so I tried to untangle it.
-
- Closes #13921
-
-Stefan Eissing (11 Jun 2024)
-
-- lib: xfer_setup and non-blocking shutdown
-
- - clarify Curl_xfer_setup() with RECV/SEND flags and different calls for
- which socket they operate on. Add a shutdown flag for secondary
- sockets
- - change Curl_xfer_setup() calls to new functions
- - implement non-blocking connection shutdown at the end of receiving or
- sending a transfer
-
- Closes #13913
-
-Daniel Stenberg (11 Jun 2024)
-
-- test1486: verify that write-out.md and tool_writeout.c are in sync
-
- - also verify alphabetialal order in the source
- - add two missing variables to write-out.md
-
- Closes #13920
-
-Viktor Szakats (11 Jun 2024)
-
-- GHA: add cmake MSYS2 native job
-
- curl, libcurl, examples, build-only.
-
- To compare build behaviour with autotools.
-
- Closes #13917
-
-Daniel Stenberg (11 Jun 2024)
-
-- openssl: shortcut store_expired for negative timeouts
-
- Avoid some unnecessary computation if the timeout is negative.
-
- Spotted by CodeSonar
- Closes #13919
-
-- RELEASE-NOTES: synced
-
-- curl: support -w '%{num_retries}
-
- Suggested-by: Jay Guerette
- Ref: https://github.com/curl/curl/discussions/13901
- Closes #13910
-
-Guilherme Puida (11 Jun 2024)
-
-- pytest: include testenv/vsftpd.py in dist tarball
-
- Closes #13918
-
-Viktor Szakats (11 Jun 2024)
-
-- DISTROS: add MSYS2 (native) links
-
- Also rename existing 'MSYS2' to 'MSYS2 (mingw-w64)'.
-
- Closes #13915
-
-Daniel Stenberg (10 Jun 2024)
-
-- tool_writeout: get certinfo only when needing it
-
- Removes a fairly expensive libcurl call when not necessary
-
- Closes #13914
-
-- tool_writeout: bsearch the variable name
-
- As the list of variable names grows, doing a simple loop to find the
- name get increasingly worse. This switches to a bsearch.
-
- Also: do a case sensitive check for the variable name. The names have
- not been documented to be case insensitive and there is no point in
- having them so.
-
- Closes #13914
-
-Stefan Eissing (10 Jun 2024)
-
-- multi: prepare multi_wait() for future shutdown usage
-
- - new struct curl_pollfds and struct curl_waitfds
- - add structs and methods to init/add/cleanup an array of pollfd and
- struct curl_waitfd. Use in multi_wait() and multi_waitfds() to
- populate the sets for polling.
- - place USE_WINSOCK WSAEventSelect() setting into a separate loop over
- all collected pfds
-
- Closes #13900
-
-- connection: shutdown TLS (for FTP) better
-
- This adds connection shutdown infrastructure and first use for FTP. FTP
- data connections, when not encountering an error, are now shut down in a
- blocking way with a 2sec timeout.
-
- - add cfilter `Curl_cft_shutdown` callback
- - keep a shutdown start timestamp and timeout at connectdata
- - provide shutdown timeout default and member in
- `data->set.shutdowntimeout`.
- - provide methods for starting, interrogating and clearing
- shutdown timers
- - provide `Curl_conn_shutdown_blocking()` to shutdown the
- `sockindex` filter chain in a blocking way. Use that in FTP.
- - add `Curl_conn_cf_poll()` to wait for socket events during
- shutdown of a connection filter chain.
- This gets the monitoring sockets and events via the filters
- "adjust_pollset()" methods. This gives correct behaviour when
- shutting down a TLS connection through a HTTP/2 proxy.
- - Implement shutdown for all socket filters
- - for HTTP/2 and h2 proxying to send GOAWAY
- - for TLS backends to the best of their capabilities
- - for tcp socket filter to make a final, nonblocking
- receive to avoid unwanted RST states
- - add shutdown forwarding to happy eyeballers and
- https connect ballers when applicable.
-
- Closes #13904
-
-Daniel Stenberg (7 Jun 2024)
-
-- CURLOPT_CONNECTTIMEOUT*: clarify, document the milliseond version
-
- Provide an explanation in the CURLOPT_CONNECTTIMEOUT_MS page instead of
- just referring to the non-MS version.
-
- Closes #13905
-
-- cmdline-opts: tidy up --ip-tos and --mptcp
-
- To make them render nicer in the manpage and minor polish.
-
- Closes #13906
-
-- RELEASE-NOTES: synced
-
-Dorian Craps (7 Jun 2024)
-
-- curl: (on linux) add MPTCP support
-
- Multipath TCP (MPTCP), standardized in RFC8684 [1], is a TCP extension
- that enables a TCP connection to use different paths.
-
- Multipath TCP has been used for several use cases. On smartphones, MPTCP
- enables seamless handovers between cellular and Wi-Fi networks while
- preserving established connections. This use-case is what pushed Apple
- to use MPTCP since 2013 in multiple applications [2]. On dual-stack
- hosts, Multipath TCP enables the TCP connection to automatically use the
- best performing path, either IPv4 or IPv6. If one path fails, MPTCP
- automatically uses the other path.
-
- To benefit from MPTCP, both the client and the server have to support
- it. Multipath TCP is a backward-compatible TCP extension that is enabled
- by default on recent Linux distributions (Debian, Ubuntu, Redhat, ...).
- Multipath TCP is included in the Linux kernel since version 5.6 [3]. To
- use it on Linux, an application must explicitly enable it when creating
- the socket. No need to change anything else in the application.
-
- This attached patch adds an --mptcp option which allows the creation of
- an MPTCP socket instead of TCP on Linux. If Multipath TCP is not
- supported on the system, an error will be reported. It is important to
- note that if the end server doesn't support MPTCP, the connection will
- continue after a seamless fallback to TCP.
-
- Link: https://www.rfc-editor.org/rfc/rfc8684.html [1]
- Link: https://www.tessares.net/apples-mptcp-story-so-far/ [2]
- Link: https://www.mptcp.dev [3]
- Co-developed-by: Dorian Craps (@CrapsDorian) <doriancraps@gmail.com>
- Co-developed-by: Olivier Bonaventure (@obonaventure) <Olivier.Bonaventure@ucl
- ouvain.be>
- Co-developed-by: Matthieu Baerts (@matttbe) <matttbe@kernel.org>
- Signed-off-by: Dorian Craps <dorian.craps@student.vinci.be>
-
- Closes #13278
-
-Orgad Shaneh (7 Jun 2024)
-
-- curl: support IP Type of Service / Traffic Class: --ip-tos
-
- Add --ip-tos option to the command line tool for setting TOS for IPv4 or
- Traffic Class for IPv6.
-
- Closes #13606
-
-Andy Pan (7 Jun 2024)
-
-- socketpair: provide `Curl_socketpair` only when `!CURL_DISABLE_SOCKETPAIR`
-
- Ref: https://curl.se/dev/log.cgi?id=20240605035856-3529577
-
- Reported-by: Marcel Raad
- Closes #13888
-
-Daniel Stenberg (7 Jun 2024)
-
-- noproxy: test bad ipv6 net size first
-
- No need to parse anything if the size is out of range.
-
- Added some tests to this effect to test 1614.
-
- Closes #13902
-
-- managen: warn on excessively long help texts
-
- Help texts at 49 characters or longer get a warning displayed because
- they make --help output uglier and we should make an effort to keep the
- help texts short and succinct.
-
- The warning is only for display, it does not break the build. That is
- left for the future if necessary.
-
- I picked 49 because the longest current text is 48.
-
- Closes #13895
-
-Viktor Szakats (5 Jun 2024)
-
-- lib: tidy up types and casts
-
- Cherry-picked from #13489
- Closes #13862
-
-Daniel Stenberg (5 Jun 2024)
-
-- cmdline-opts/ech.md: shorten the help text
-
- To make --help look sensible again
-
- Closes #13894
-
-- cmdline-opts/_PROTOCOLS.md: mention WS(S)
-
- Closes #13891
-
-Viktor Szakats (5 Jun 2024)
-
-- GHA: disable TFTP and WebSockets tests in old-mingw-w64
-
- Follow-up to 03bd16e5339b069aa9409b75fcab2b21fd3a4b16 #13860
- Follow-up to def7d05382743ea7aa1d356d1e41dcb22ecdd4d7
-
-Daniel Stenberg (5 Jun 2024)
-
-- cmdline-opts/fail.md: expand and clarify
-
- Closes #13890
-
-- doh-insecure.md: expand
-
- Closes #13889
-
-- cmdline: expand proxy option explanations
-
- - do less references to other options
- - provide more specific text about proxies
- - added more see-also references
-
- Closes #13887
-
-- cmdline-opts: expand the parallel explanations
-
- Closes #13886
-
-- RELEASE-NOTES: synced
-
-Stefan Eissing (5 Jun 2024)
-
-- vtls: new io_need flags for poll handling
-
- - decouple need to recv/send from negotiation state, we need
- this later in shutdown handling as well
- - move ssl enums from urldata.h to vtls_int.h
- - implement use of `connssl->io_need` in vtls.c. and all backends
-
- Closes #13879
-
-Daniel Stenberg (5 Jun 2024)
-
-- cfilters: make Curl_conn_connect always assign 'done'
-
- It could return error without assigning it, and we have a caller in
- multi.c that assumes it gets set.
-
- Spotted by CodeSonar
- Closes #13884
-
-- CURLOPT_INTERFACE.md: quote the less-than and larger-than
-
- Fixes the warnings shown on stderr.
-
- Follow-up from 3060557af702dd5
-
- Closes #13883
-
-- cmdline-opts/interface.md: expand the documentation
-
- Explain the syntax it supports.
-
- Closes #13882
-
-- url: allow DoH transfers to override max connection limit
-
- When reaching the set maximum limit of allowed connections, allow a new
- connection anyway if the transfer is created for the (internal) purpose
- of doing a DoH name resolve. Otherwise, unrelated "normal" transfers can
- starve out new DoH requests making it impossible to name resolve for new
- transfers.
-
- Bug: https://curl.se/mail/lib-2024-06/0001.html
- Reported-by: kartatz
- Closes #13880
-
-Viktor Szakats (5 Jun 2024)
-
-- windows: fix UWP builds, add GHA job
-
- Add new job to test building for UWP (aka `CURL_WINDOWS_APP`).
-
- Fix fallouts when building for UWP:
- - rand: do not use `BCryptGenRandom()`.
- - cmake: disable using win32 LDAP.
- - cmake: disable telnet.
- - version_win32: fix code before declaration.
- - schannel: disable `HAS_MANUAL_VERIFY_API`.
- - schannel: disable `SSLSUPP_PINNEDPUBKEY`
- and make `schannel_checksum()` a stub.
- Ref: e178fbd40a896f2098278ae61e1166c88e7b31d0 #1429
- - schannel: make `cert_get_name_string()` a failing stub.
- - system_win32: make `Curl_win32_impersonating()` a failing stub.
- - system_win32: try to fix `Curl_win32_init()` (untested).
- - threads: fix to use `CreateThread()`.
- - src: disable searching `PATH` for the CA bundle.
- - src: disable bold text support and capability detection.
- - src: disable `getfiletime()`/`setfiletime()`.
- - tests: make `win32_load_system_library()` a failing stub.
- - tests/server/util: make it compile.
- - tests/server/sockfilt: make it compile.
- - tests/lib3026: fix to use `CreateThread()`.
-
- See individual commits for build error details.
-
- Some of these fixes may have better solutions, and some may not work
- as expected. The goal of this patch is to make curl build for UWP.
-
- Closes #13870
-
-Orgad Shaneh (4 Jun 2024)
-
-- socket: support binding to interface *AND* IP
-
- Introduce new notation for CURLOPT_INTERFACE / --interface:
- ifhost!<interface>!<host>
-
- Binding to an interface doesn't set the address, and an interface can
- have multiple addresses.
-
- When binding to an address (without interface), the kernel is free to
- choose the route, and it can route through any device that can access
- the target address, not necessarily the one with the chosen address.
-
- Moreover, it is possible for different interfaces to have the same IP
- address, on which case we need to provide a way to be more specific.
-
- Factor out the parsing part of interface option, and add unit tests:
- 1663.
-
- Closes #13719
-
-Andy Pan (4 Jun 2024)
-
-- socketpair: add `eventfd` and use `SOCK_NONBLOCK` for `socketpair()`
-
- Currently, we use `pipe` for `wakeup_create`, which requires ***two***
- file descriptors. Furthermore, given its complexity inside, `pipe` is a
- bit heavyweight for just a simple event wait/notify mechanism.
-
- `eventfd` would be a more suitable solution for this kind of scenario,
- kernel also advocates for developers to use `eventfd` instead of `pipe`
- in some simple use cases:
-
- Applications can use an eventfd file descriptor instead of a pipe
- (see pipe(2) in all cases where a pipe is used simply to signal
- events. The kernel overhead of an eventfd file descriptor is much
- lower than that of a pipe, and only one file descriptor is required
- (versus the two required for a pipe).
-
- This change adds the new backend of `eventfd` for `wakeup_create` and
- uses it where available, eliminating the overhead of `pipe`. Also, it
- optimizes the `wakeup_create` to eliminate the system calls that make
- file descriptors non-blocking by moving the logic of setting
- non-blocking flags on file descriptors to `socketpair.c` and using
- `SOCK_NONBLOCK` for `socketpair(2)`, `EFD_NONBLOCK` for `eventfd(2)`.
-
- Ref:
- https://man7.org/linux/man-pages/man7/pipe.7.html
- https://man7.org/linux/man-pages/man2/eventfd.2.html
- https://man7.org/linux/man-pages/man2/socketpair.2.html
- https://www.gnu.org/software/gnulib/manual/html_node/eventfd.html
-
- Closes #13874
-
-renovate[bot] (4 Jun 2024)
-
-- ci: update github/codeql-action digest to 2e230e8
-
- Closes #13881
-
-Jay Satiro (4 Jun 2024)
-
-- examples/threaded-ssl: remove locking callback code
-
- - Remove the locking callback code that demonstrates how to meet
- requirements of threading libraries (mainly OpenSSL).
-
- Locking callback code has not been needed for many years. According to
- the documentation for OpenSSL and GnuTLS they are thread-safe by design,
- assuming support for the underlying OS threading API is built-in.
-
- Ref: https://github.com/curl/curl/pull/13850#issuecomment-2143538458
-
- Closes https://github.com/curl/curl/pull/13851
-
-Viktor Szakats (4 Jun 2024)
-
-- tests: delete redundant `!MSDOS` guard
-
- This fix was supposed to be committed earlier, but ended up missing from
- the final commit.
-
- Follow-up to e9a7d4a1c8377dbcf9a2d94365f60e3e5dff48f8 #12376
- Closes #13878
-
-- lib: fix thread entry point to return `DWORD` on WinCE
-
- We already do this in `tests/server/util.c`:
- https://github.com/curl/curl/blob/97e5e37cc8269660bc5d4a1936f10f2390b97c5a/te
- sts/server/util.c#L604-L606
- and in `sockfilt.c`, `lib3026.c`.
-
- Before this patch it returned `unsigned int`.
-
- Closes #13877
-
-Andy Pan (4 Jun 2024)
-
-- socket: use SOCK_NONBLOCK to eliminate extra system call
-
- Every time function `cf_socket_open()` is called to create a socket,
- `curlx_nonblock()` is called to make that socket non-blocking. And
- `curlx_nonblock()` will cost us 1 or 2 system calls (2 for `fcntl()`, 1
- for `ioctl()`, etc.), meanwhile, tucking `SOCK_NONBLOCK` and
- `SOCK_CLOEXEC` into the `type` argument for `socket()` is widely
- supported across UNIX-like OS: Linux, *BSD, Solaris, etc. With that
- ability, we can save 1 or 2 system calls on each socket.
-
- Another change in this PR is to eliminate the redundant
- `curlx_nonblock()` call on the socket in `cf_udp_setup_quic()` as that
- socket created by `cf_socket_open()` is already non-blocking.
-
- Ref:
- https://man7.org/linux/man-pages/man2/socket.2.html
- https://man.freebsd.org/cgi/man.cgi?socket(2)
- https://man.dragonflybsd.org/?command=socket§ion=2
- https://man.netbsd.org/socket.2
- https://man.openbsd.org/socket
- https://docs.oracle.com/cd/E88353_01/html/E37843/socket-3c.html
- https://illumos.org/man/3SOCKET/socket
- ...
-
- Closes #13855
-
-Viktor Szakats (4 Jun 2024)
-
-- GHA: show cmake error log in Windows and non-native workflows
-
- CMake configure doesn't fail often, but when it does, it helps to see
- its `CMakeFiles/CMakeConfigureLog.yaml` output. This file is present
- since CMake v3.26:
- https://cmake.org/cmake/help/v3.26/manual/cmake-configure-log.7.html
-
- (Older CMake versions save similar contend to
- `CMakeFiles\CMakeOutput.log` and
- `CMakeFiles\CMakeError.log`. This patch doesn't deal with that because
- the workflows touched are all running a newer CMake.)
-
- After this patch, we dump the content if cmake fails. Syncing this with
- autotools, where we already did that.
-
- Closes #13872
-
-- GHA: switch a Windows job to UCRT (gcc)
-
- Cherry-picked from #13870
-
-- curl-config: revert to backticks to support old target envs
-
- Make an exception for `curl-config` because this script that may be
- running on any target system, including old ones, e.g. SunOS 5.10.
-
- Reported-by: Alejandro R. Sedeño
- Ref: https://github.com/curl/curl/pull/13307#issuecomment-2146427358
- Follow-up to fa69b41c7790fab86fd363242c81d8ef2e89e183 #13307
- Closes #13871
-
-Stefan Eissing (4 Jun 2024)
-
-- mbedtls: v3.6.0 workarounds
-
- - add special sauce to disable unwanted peer verification by mbedtls
- when negotiating TLS v1.3
- - add special sauce for MBEDTLS_ERR_SSL_RECEIVED_NEW_SESSION_TICKET
- return code on *writing* TLS data. We assume the data had not been
- written and EAGAIN.
- - return correct Curl error code when peer verification failed.
- - disable test_08_05 with 50 HTTP/1.1 connections, as mbedtls reports a
- memory allocation failed during handshake.
- - bump CI mbedtls version to 3.6.0
-
- Fixes #13653
- Closes #13838
-
-- gnutls: support CA caching
-
- - similar to openssl, use a shared 'credentials' instance
- among TLS connections with a plain configuration.
- - different to openssl, a connection with a client certificate
- is not eligible to sharing.
- - document CURLOPT_CA_CACHE_TIMEOUT in man page
-
- Closes #13795
-
-Dan Fandrich (3 Jun 2024)
-
-- tests: don't log buffer length in throwing away message
-
- It's not available at that point, and it will be written in the
- non-error case right afterward.
-
-- tests: log "Throwing away" messages before throwing away
-
- In case the read that follows hangs we'll get a clue as to what it was
- doing.
-
-- CI: reduce memory request for FreeBSD builds
-
- Also, add a comment with link to the Cirrus credit page since it's not
- easy to find otherwise.
-
-Andy Pan (3 Jun 2024)
-
-- tcpkeepalive: support setting TCP keep-alive parameters on Solaris <11.4
-
- Solaris didn't support TCP_KEEPIDLE and TCP_KEEPINTVL until 11.4,
- before that it use TCP_KEEPALIVE_THRESHOLD and TCP_KEEPALIVE_ABORT_THRESHOLD
- as the substitute. Therefore, for Solaris <11.4 we need to use this substitut
- e
- for setting TCP keep-alive parameters.
-
- Ref:
- https://docs.oracle.com/cd/E86824_01/html/E54777/tcp-7p.html
- https://docs.oracle.com/cd/E88353_01/html/E37851/tcp-4p.html
-
- Closes #13864
-
-Daniel Stenberg (3 Jun 2024)
-
-- KNOWN_BUGS: quiche: QUIC connection is draining
-
- Closes #12037
- Closes #13867
-
-- KNOWN_BUGS: aws-sigv4 has problems with particular URLs
-
- Closes #13058
- Closes #13866
-
-- KNOWN_BUGS: aws-sigv4 does not handle multipart/form-data correctly
-
- Closes #13351
- Closes #13866
-
-- RELEASE-NOTES: synced
-
-Viktor Szakats (3 Jun 2024)
-
-- GHA: fix old mingw-w64 32-bit job
-
- This toolchain resides in the `mingw32` directory. Make sure to
- configure `PATH` accordingly.
-
- Before this patch, it pointed to a non-existing `mingw64` directory,
- making the job use the wrong compiler (gcc 12, 64-bit).
-
- Follow-up to e838b341a08b44d4a8486fb0d3f15d12fc794c62 #12927
- Closes #13863
-
-Daniel Stenberg (2 Jun 2024)
-
-- tool_cb_hdr: return error for failed header writes
-
- By checking that fflush() works.
-
- Reported-by: Sebastian Andersson
- Fixes #13836
- Closes #13859
-
-Viktor Szakats (2 Jun 2024)
-
-- GHA: bump all build jobs to nproc+1
-
- - bump rest of the workflows (windows, macos, distrocheck).
-
- - non-native virtualized envs have 2 CPUs, bump down accordingly.
- (for `vmactions/omnios-vm` it's just a guess.)
-
- - bump all to nproc + 1.
-
- Follow-up to e838b341a08b44d4a8486fb0d3f15d12fc794c62 #12927
- Closes #13807
-
-- GHA: disable MQTT and WebSocket tests in Windows jobs
-
- Trying to figure out which category is causing the remaining hangs.
-
- Follow-up to def7d05382743ea7aa1d356d1e41dcb22ecdd4d7
- Closes #13860
-
-- lib/v*: tidy up types and casts
-
- Also add a couple of negative checks.
-
- Cherry-picked from #13489
- Closes #13622
-
-- GHA: fix caching old mingw-w64 toolchains in the Windows workflow
-
- - stop altering the `PATH` via `GITHUB_ENV`. This confused the
- `actions/cache` post-job, which needs to run in the exact same
- environment as its pre-job, to have a consistent cache entry "version"
- hash. Altering the `PATH` via `GITHUB_ENV` spills into the the
- post-job and breaks this hash. GHA doesn't reset the env automatically
- and I have not found a way to do it manually.
-
- - add double-quotes where missing.
-
- - move cache directory under `USERPROFILE` to not rely on absolute
- paths.
-
- - make cache directory flatter and versionless.
-
- Follow-up to 0914d8aadddac0d1459673d5b7f77e8f3378b22b #13759
- Closes #13856
-
-renovate[bot] (2 Jun 2024)
-
-- ci: pin actions/github-script action to 60a0d83
-
- Closes #13846
-
-Bo Anderson (2 Jun 2024)
-
-- x509asn1: add some common ECDSA OIDs
-
- Closes #13857
-
-renovate[bot] (2 Jun 2024)
-
-- ci: update rojopolis/spellcheck-github-actions digest to e36f662
-
- Closes #13852
-
-Bo Anderson (2 Jun 2024)
-
-- x509asn1: fallback to dotted OID representation
-
- Reported-by: Luke Hamburg
- Fixes #13845
- Closes #13858
-
-Lee Li (2 Jun 2024)
-
-- request.md: language fix
-
- improved for better readability and correctness
-
- Closes #13854
-
-Christian Schmitz (2 Jun 2024)
-
-- vtls: deprioritize Secure Transport
-
- Moved Secure Transport behind OpenSSL, so we can build CURL with both
- and prefer using OpenSSL over Secure Transport by default.
-
- Closes #13547
-
-Daniel Stenberg (1 Jun 2024)
-
-- urlapi: add CURLU_NO_GUESS_SCHEME
-
- Used for extracting:
-
- - when used asking for a scheme, it will return CURLUE_NO_SCHEME if the
- stored information was a guess
-
- - when used asking for a URL, the URL is returned without a scheme, like
- when previously given to the URL parser when it was asked to guess
-
- - as soon as the scheme is set explicitly, it is no longer internally
- marked as guessed
-
- The idea being:
-
- 1. allow a user to figure out if a URL's scheme was set as a result of
- guessing
-
- 2. extract the URL without a guessed scheme
-
- 3. this makes it work similar to how we already deal with port numbers
-
- Extend test 1560 to verify.
-
- Closes #13616
-
-- wolfssl: support CA caching
-
- As a bonus, add SSLSUPP_CA_CACHE to let TLS backends signal its support
- for this so that *setopt() return error if there is no support.
-
- Closes #13786
-
-Andy Pan (1 Jun 2024)
-
-- socket: change TCP keepalive from ms to seconds on DragonFly BSD
-
- DragonFly BSD changed the time unit for TCP keep-alive from milliseconds
- to seconds since v5.8, thus setting the keepalive options with
- milliseconds with curl/libcurl will result in unexpected behaviors on
- DragonFlyBSD 5.8+
-
- Distinguish the DragonFly BSD versions and use the proper time units
- accordingly.
-
- Ref:
- https://lists.dragonflybsd.org/pipermail/commits/2019-July/719125.html
- https://github.com/DragonFlyBSD/DragonFlyBSD/blob/965b380e960908836b97aa034
- fa2753091e0172e/sys/sys/param.h#L207
-
- Fixes #13847
- Closes #13848
-
-Daniel Stenberg (1 Jun 2024)
-
-- curlver.h: aiming for 8.9.0
-
-- noproxy: patterns need to be comma separated
-
- or they will not parse correctly.
-
- Mentioned in DEPRECATED since Janurary 2023 (in 7ad8a7ba9ebdedc).
-
- Closes #13789
-
-Jan Venekamp (1 Jun 2024)
-
-- sectransp: remove large cipher table
-
- Previously a large table of ciphers was used to determine the default
- ciphers and to lookup manually selected ciphers names.
-
- With the lookup of the manually selected cipher names moved to
- Curl_cipher_suite_walk_str() the large table is no longer needed for
- that purpose.
-
- The list of manually selected cipher can now be intersected with the
- ciphers supported by Secure Transport (SSLGetSupportedCiphers()),
- instead of using the fixed table for that.
-
- The other use of the table was to filter the list of all supported
- ciphers offered by Secure Transport to create a list of ciphers to
- use by default, excluding ciphers in the table marked as weak.
-
- Instead of using a complement based approach (exclude weak), switch
- to using an intersection with a smaller list of ciphers deemed
- appropriate.
-
- Closes #13823
-
-Tatsuhiro Tsujikawa (1 Jun 2024)
-
-- GHA: unify http3 workflows into one
-
- This commit unifies the following http3 workflows into http3-linux.yml:
-
- - ngtcp2-linux.yml
- - osslq-linux.yml
- - quiche-linux.yml
-
- The idea is better use of the build cache. Previously, they
- independently create caches with the same key. Some of the caches
- include source code and intermediate object files, which makes cache
- quite large. In this commit, only built artifacts are cached, which
- drastically reduces the cache size. OpenSSL v3, mod_h2 and quiche caches
- still include all stuff, but they are left for the later improvement.
- Because the contents of the cache have been changed, the cache keys are
- also changed to include the word "http3".
-
- Closes #13841
-
-Stephen Farrell (1 Jun 2024)
-
-- openSSL: fix hostname handling when using ECH
-
- Reported-by: vvb2060
- Fixes #13818
- Closes #13822
-
-renovate[bot] (1 Jun 2024)
-
-- ci: update github/codeql-action digest to f079b84
-
- Closes #13837
-
-Daniel Stenberg (1 Jun 2024)
-
-- RELEASE-NOTES: synced
-
-- curl_multi_poll.md: expand the example with an custom file descriptor
-
- Closes #13842
-
-Christian Heusel (1 Jun 2024)
-
-- DISTROS: add a link to the list archive
-
- Related to https://github.com/curl/curl/discussions/13833
-
- Signed-off-by: Christian Heusel <christian@heusel.eu>
- Closes #13843
-
-Matt Jolly (31 May 2024)
-
-- autoconf: remove 'deeper' checks for `AC_CHECK_FUNCS`
-
- The net effect of the deeper checks is to raise implicit function decls
- on modern compilers.
-
- These checks appear to have been added ~20 years ago, relating to an
- unverifiable claim about HP-UX. Autoconf support for the platform has
- grown in leaps and bounds since.
-
- It didn't cause a real problem here, but when investigating a FP this
- came up. No evidence has been identified that this was actually broken
- in the past, and there is no evidence that this is necessary now.
-
- `-Werror=implicit-function-declarations` is enabled for both checks;
- without a working prototype they will both fail regardless. In the
- second case there will in fact never be a working prototype and
- therefore it will always fail unconditionally.
-
- `AC_CHECK_FUNCS` does effectively the same thing as the removed checks,
- except it actually defines a dummy prototype to see if it links.
-
- If `AC_CHECK_FUNCS` is broken on a given platform we have bigger
- problems than trying to build cURL. This should also be faster.
-
- Bug: https://bugs.gentoo.org/932827
- Reviewed-By: Eli Schwartz <eschwartz93@gmail.com>
- Closes #13830
-
-Jay Satiro (30 May 2024)
-
-- cf-socket: improve SO_SNDBUF update for Winsock
-
- - Rename: Curl_sndbufset => Curl_sndbuf_init
-
- - Rename: win_update_buffer_size => win_update_sndbuf_size
-
- - Save the last set SO_SNDBUF size to compare against so that we can
- avoid setsockopt calls every second.
-
- This is a follow-up to 0b520e12 which moved the SO_SNDBUF update check
- into cf-socket. This change improves it further by making the function
- names easier to understand and reducing the amount of setsockopt calls.
-
- Closes https://github.com/curl/curl/pull/13827
-
-Viktor Szakats (30 May 2024)
-
-- tidy-up: use consistent casing for Windows directories
-
- C:\Windows\System32
-
- Closes #13832
-
-- GHA: use ubuntu-latest with OmniOS job
-
- It's the same as ubuntu-22.04.
-
- Also update OmniOS package search link.
-
- Closes #13831
-
-Ayesh Karunaratne (30 May 2024)
-
-- GHA: adjust parallel job counts
-
- Adjusts the `make -j` flag to match the latest GitHub-hosted runner
- hardware specs[^1]:
-
- - `ubuntu-latest` on 4 CPU cores
- - `macos-latest` on 3 CPU cores
-
- The processor count is ideally obtained from `nproc`, but setting env
- vars from the current CI yaml files is not possible because they expect
- literal strings.
-
- [^1]: https://docs.github.com/en/actions/using-github-hosted-runners/about-gi
- thub-hosted-runners/about-github-hosted-runners#standard-github-hosted-runner
- s-for-public-repositories
-
- Closes #12927
-
-pszlazak (30 May 2024)
-
-- get.d: clarify the explanation
-
- Closes #13706
-
-Daniel Stenberg (30 May 2024)
-
-- curl_url_set.md: libcurl only parses :// URLs
-
- Make it clearer in the documentation.
-
- Closes #13821
-
-Stefan Eissing (30 May 2024)
-
-- multi: fix multi_wait() timeout handling
-
- - determine the actual poll timeout *after* all sockets
- have been collected. Protocols and connection filters may
- install new timeouts during collection.
- - add debug logging to test1533 where the mistake was noticed
-
- Reported-by: Matt Jolly
- Fixes #13782
- Closes #13825
-
-Viktor Szakats (29 May 2024)
-
-- lib: prefer `var = time(NULL)` over `time(&var)`
-
- Following up on previous occurrences showing up as gcc warnings, replace
- the remaining `time(&var)` calls with `var = time(NULL)`, though these
- aren't specifically causing compiler warnings. These are in the TFTP
- client code (`lib/tftp.c`), except one which is in a debug branch in
- `lib/http_aws_sigv4.c`.
-
- What's unexplainable is that this patch seems to mitigate TFTP tests
- often hanging or going into an infinite loop on GHA windows workflows
- with MSYS2, mingw-w64 and MSVC (Cygwin is unaffected):
- https://github.com/curl/curl/pull/13599#issuecomment-2119372376
- TFTP hangs did not entirely disappear though, so could be unrelated.
-
- `time()` docs:
- https://learn.microsoft.com/en-us/cpp/c-runtime-library/reference/time-time32
- -time64
- https://manpages.debian.org/bookworm/manpages-dev/time.2.en.html
-
- Follow-up to 58ca0a2f0743a586716ca357c382b29e3f08db69 #13800
- Follow-up to d0728c9109629ee82b855b350a4c3f1f52ee61df #13643
- Closes #13815
-
-Stefan Eissing (29 May 2024)
-
-- winsock: move SO_SNDBUF update into cf-socket
-
- - Move the code that updates the SO_SNDBUF size for Windows to
- cf_socket_send.
-
- Prior to this change the code was in readwrite_upload but the socket
- filter is the more appropriate place because it applies to all sends.
-
- Background:
-
- For Windows users SO_SNDBUF (the total per-socket buffer size reserved
- by Winsock for sends) is updated dynamically by libcurl during the
- transfer. This is because Windows does not do it automatically for
- non-blocking sockets and without it the performance of large transfers
- may suffer.
-
- Closes https://github.com/curl/curl/pull/13763
-
-Jan Venekamp (29 May 2024)
-
-- sectransp: use common code for cipher suite lookup
-
- Take advantage of the Curl_cipher_suite_walk_str() and
- Curl_cipher_suite_get_str() functions introduced in commit fba9afe.
-
- Closes #13521
-
-Matthias Gatto (29 May 2024)
-
-- aws-sigv4: url encode the canonical path
-
- Refactors canon_query, so it could use the encoding part of the function
- to use it in the path.
-
- As the path doesn't encode '/', but encode '=', I had to add some
- conditions to know If I was doing the query or path encoding.
-
- Also, instead of adding a `bool in_path` variable, I use `bool
- *found_equals` to know if the function was called for the query or path,
- as found_equals is used only in query_encoding.
-
- Test 472 verifies.
-
- Reported-by: Alexander Shtuchkin
- Fixes #13754
- Closes #13814
-
- Signed-off-by: Matthias Gatto <matthias.gatto@outscale.com>
-
-Daniel Stenberg (29 May 2024)
-
-- cd2nroff: use an empty "##" to signal end of .IP sequence
-
- Like when we list a series of options and then want to add "normal" text
- again afterwards.
-
- Without this, the indentation level wrongly continues even after the
- final "##" header, making following text wrongly appear to belong to the
- header above.
-
- Adjusted several curldown files to use this.
-
- Fixes #13803
- Reported-by: Jay Satiro
- Closes #13806
-
-vvb2060 (28 May 2024)
-
-- openssl: fix %-specifier in infof() call
-
- Closes #13816
-
-Daniel Stenberg (28 May 2024)
-
-- curl: make warnings and other messages aware of terminal width
-
- This removes unnecessary line wraps when the terminal is wider than 79
- columns and it also makes messages look better in narrower terminals.
-
- The get_terminal_columns() function is not split out into its own source
- file.
-
- Suggested-by: Elliott Balsley
- Fixes #13804
- Closes #13808
-
-Viktor Szakats (28 May 2024)
-
-- GHA: enable tests 1139, 1177, 1477 on Windows
-
- These exclusions came from the AppVeyor CI config, but they do pass now
- and they are static tests with no flakiness risk.
-
- Follow-up to 0914d8aadddac0d1459673d5b7f77e8f3378b22b #13759
- Closes #13817
-
-Dan Fandrich (28 May 2024)
-
-- CI: Improve labeler tag detection
-
- Also, simplify patterns with a single glob.
-
-Viktor Szakats (28 May 2024)
-
-- GHA: disable TFTP tests in Windows jobs
-
- Shot in the dark trying to find out which tests are
- hanging / going to an infinite loop.
-
- The ones failing after 45 minutes (mingw-w64) or 30 minutes (MSVC).
-
- Ref: https://github.com/curl/curl/pull/13599#issuecomment-2119372376
-
-renovate[bot] (28 May 2024)
-
-- ci: update vmactions/omnios-vm digest to a61ca1e
-
- Closes #13801
-
-Daniel Stenberg (28 May 2024)
-
-- openssl/gnutls: rectify the TLS version checks for QUIC
-
- The versions check wrongly complained and return error if the *minimum*
- version was set to something less than 1.3. QUIC is always TLS 1.3, but
- that means minimum 1.2 is still fine to ask for.
-
- This also renames the local variable to make the mistake harder to make
- in the future.
-
- Regression shipped in 8.8.0
-
- Follow-up to 3210101088dfa3d6a125
-
- Reported-by: fds242 on github
- Fixes #13799
- Closes #13802
-
-Stefan Eissing (28 May 2024)
-
-- gnutls: improve TLS shutdown
-
- local ftp upload tests sometimes failed with an invalid TLS record being
- reported by gnutls. vsftp did log that the shutdown was not regarded as
- clean, failing the control connection thereafter.
-
- These changes make test_31_05 work reliable locally.
-
- - on closing the SSL filter, shutdown READ *and* WRITE
- - on closing, try a receive after shutdown is sent
- - convert to DEBUGF to CURL_TRC_CF
-
- Closes #13790
-
-Daniel Stenberg (28 May 2024)
-
-- RELEASE-NOTES: synced
-
-- tests: run with "--trace-config all" to provide even more info
-
- in case of problems.
-
- Closes #13791
-
-Viktor Szakats (28 May 2024)
-
-- build: untangle `CURLDEBUG` and `DEBUGBUILD` macros
-
- `CURLDEBUG` is meant to enable memory tracking, but in a bunch of cases,
- it was protecting debug features that were supposed to be guarded with
- `DEBUGBUILD`.
-
- Replace these uses with `DEBUGBUILD`.
-
- This leaves `CURLDEBUG` uses solely for its intended purpose: to enable
- the memory tracking debug feature.
-
- Also:
- - autotools: rely on `DEBUGBUILD` to enable `checksrc`.
- Instead of `CURLDEBUG`, which worked in most cases because debug
- builds enable `CURLDEBUG` by default, but it's not accurate.
- - include `lib/easyif.h` instead of keeping a copy of a declaration.
- - add CI test jobs for the build issues discovered.
-
- Ref: https://github.com/curl/curl/pull/13694#issuecomment-2120311894
- Closes #13718
-
-- examples: delete unused includes
-
- Delete a bunch of unnecessary-looking headers from some examples. This
- is known to be tricky on AIX (perhaps also in other less-tested envs).
-
- Let me know if any of this looks incorrect or outright fails on some
- systems.
-
- Follow-up to d4b85890555388bec212b75f47a5c1a48705b156 #13771
- Closes #13785
-
-- appveyor: fixup job name [ci skip]
-
- Follow-up to fc8e0dee3045658f293452121f5290d81ba3aa1e #13694
-
-- cmake: fix `-Wredundant-decls` in unity/mingw-w64/gcc/curldebug/DLL builds
-
- It affected cmake-unity shared-curltool curldebug mingw-w64 gcc builds
- when building the `testdeps` target.
-
- Apply the solution already used in `lib/base64.c` and `lib/dynbuf.c`
- to fix it.
-
- Also update an existing GHA CI job to test the issue fixed.
-
- ```
- In file included from curl/lib/version_win32.c:35,
- from curl/_bld/src/CMakeFiles/curl.dir/Unity/unity_0_c.c:145
- :
- curl/lib/memdebug.h:52:14: error: redundant redeclaration of 'curl_dbg_logfil
- e' [-Werror=redundant-decls]
- 52 | extern FILE *curl_dbg_logfile;
- | ^~~~~~~~~~~~~~~~
- In file included from curl/src/slist_wc.c:32,
- from curl/_bld/src/CMakeFiles/curl.dir/Unity/unity_0_c.c:4:
- curl/lib/memdebug.h:52:14: note: previous declaration of 'curl_dbg_logfile' w
- ith type 'FILE *' {aka 'struct _iobuf *'}
- 52 | extern FILE *curl_dbg_logfile;
- | ^~~~~~~~~~~~~~~~
- curl/lib/memdebug.h:55:44: error: redundant redeclaration of 'curl_dbg_malloc
- ' [-Werror=redundant-decls]
- 55 | CURL_EXTERN ALLOC_FUNC ALLOC_SIZE(1) void *curl_dbg_malloc(size_t siz
- e,
- | ^~~~~~~~~~~~~~~
- curl/lib/memdebug.h:55:44: note: previous declaration of 'curl_dbg_malloc' wi
- th type 'void *(size_t, int, const char *)' {aka 'void *(long long unsigned
- int, int, const char *)'}
- 55 | CURL_EXTERN ALLOC_FUNC ALLOC_SIZE(1) void *curl_dbg_malloc(size_t siz
- e,
- | ^~~~~~~~~~~~~~~
- [...]
- curl/lib/memdebug.h:110:17: error: redundant redeclaration of 'curl_dbg_fclos
- e' [-Werror=redundant-decls]
- 110 | CURL_EXTERN int curl_dbg_fclose(FILE *file, int line, const char *sou
- rce);
- | ^~~~~~~~~~~~~~~
- curl/lib/memdebug.h:110:17: note: previous declaration of 'curl_dbg_fclose' w
- ith type 'int(FILE *, int, const char *)' {aka 'int(struct _iobuf *, int, c
- onst char *)'}
- 110 | CURL_EXTERN int curl_dbg_fclose(FILE *file, int line, const char *sou
- rce);
- | ^~~~~~~~~~~~~~~
- ```
- Ref: https://ci.appveyor.com/project/curlorg/curl/builds/49840554/job/a4aoet1
- 7e9qnqx1a#L362
-
- After: https://ci.appveyor.com/project/curlorg/curl/builds/49843735/job/hbo2u
- ah2vj0ns523
-
- Ref: #13689 (CI testing this PR with `DEBUGBUILD`/`CURLDEBUG`/shared-static c
- ombinations)
- Depends-on: #13694
- Depends-on: #13800
- Closes #13705
-
-- lib: fix gcc warning in certain debug builds
-
- ```
- curl/lib/http_aws_sigv4.c:536:10: error: 'clock' may be used uninitialized [-
- Werror=maybe-uninitialized]
- 536 | time_t clock;
- | ^~~~~
- ```
- Ref: https://github.com/curl/curl/actions/runs/9158755123/job/25177765000#ste
- p:13:79
-
- Cherry-picked from #13718
- Closes #13800
-
-- cmake: always build unit tests with the `testdeps` target
-
- Before this patch, the `testdeps` build target required `-DCURLDEBUG`
- be set either via `ENABLE_DEBUG=ON` or `ENABLE_CURLDEBUG=ON` to build
- the curl unit tests.
-
- After fixing build issues in #13694, we can drop this requirement and
- build unit tests unconditionally.
-
- Depends-on: #13694
- Depends-on: #13697 (fix unit test issue revealed by Old Linux CI job)
- Follow-up to 39e7c22bb459c2e818f079984989a26a09741860 #11446
- Closes #13698
-
-- CI: disable dependency tracking in most autotools builds
-
- For better build performance. Dependency tracking causes a build
- overhead while compiling to help a subsequent build, but in CI there is
- never one and the extra work is discarded.
-
- Closes #13794
-
-- build: untangle `UNITTESTS` and `DEBUGBUILD` macros
-
- - fix `DEBUGBUILD` guards that should be `UNITTESTS`, in libcurl code
- used by unit tests.
- - fix guards for libcurl functions used in unit tests only.
- - sync `UNITTEST` attribute between declarations and definitions.
- - drop `DEBUGBUILD` guard from test `unit2600`.
- - fix guards for libcurl HSTS code used by both a unit test (`unit1660`)
- and `test0446`.
- - update an existing AppVeyor CI job to test the issues fixed.
-
- This fixes building tests with `CURLDEBUG` enabled but `DEBUGBUILD`
- disabled. This can happen when building tests with CMake with
- `ENABLE_DEBUG=ON` in Release config, or with `ENABLE_CURLDEBUG=ON`
- and _without_ `ENABLE_DEBUG=ON`. Possibly also with autotools
- when using `--enable-curldebug` without `--enable-debug`.
-
- Test results:
- - before:
- https://ci.appveyor.com/project/curlorg/curl/builds/49835609
- https://ci.appveyor.com/project/curlorg/curl/builds/49898529/job/k8qpbs8idb
- y70smw
- https://github.com/curl/curl/actions/runs/9259078835/job/25470318167?pr=137
- 98#step:13:821
- - after: https://ci.appveyor.com/project/curlorg/curl/builds/49839255
- (the two failures are unrelated, subject to PR #13705)
-
- Ref: #13592 (issue discovery)
- Ref: #13689 (CI testing this PR with `DEBUGBUILD`/`CURLDEBUG` combinations)
- Closes #13694
-
-- GHA: ignore flaky MQTT and FTP test results [ci skip]
-
- MQTT / OmniOS:
- ```
- TESTFAIL: These test cases failed: 1190 1198 3017
- ```
- Ref: https://github.com/curl/curl/actions/runs/9258522297/job/25468730731?pr=
- 13694#step:3:10251
-
- MQTT / OmniOS:
- ```
- TESTFAIL: These test cases failed: 1194 2200 2203 2205
- ```
- Ref: https://github.com/curl/curl/actions/runs/9150523540/job/25155409832#ste
- p:3:10233
-
- FTP / OmniOS:
- ```
- TESTFAIL: These test cases failed: 1096
- ```
- Ref: https://github.com/curl/curl/actions/runs/9150702711/job/25155793948#ste
- p:3:10247
-
- FTP / OmniOS:
- ```
- TESTFAIL: These test cases failed: 381
- ```
- Ref: https://github.com/curl/curl/actions/runs/9163863822/job/25193897640#ste
- p:3:10230
-
- FTP / OmniOS:
- ```
- TESTFAIL: These test cases failed: 340
- ```
- Ref: https://github.com/curl/curl/actions/runs/9233804752/job/25406671742?pr=
- 13771#step:3:10245
-
- Ref: https://github.com/curl/curl/pull/13583#issuecomment-2119376898
-
-- CI: tidy up skipping tests build/run in Windows jobs
-
- Simplify controlling whether to build and/run tests in a CI job.
-
- Apply the TFLAGS='skipall' (do not build nor run tests) or
- 'skiprun' (build, but do not run) method already used with old-mingw-w64
- and msvc jobs to existing Windows jobs in GHA and AppVeyor.
-
- Also:
- - add Cygwin/cmake test build and run steps while here.
- - replace `DISABLED_TESTS` with `TFLAGS` in AppVeyor.
-
- Closes #13796
-
-- cmake: use `APPLE` instead of `CMAKE_SYSTEM_NAME` string
-
- Follow-up to a86254b39307af1a53735b065a382567805cd9b8 #12515
- Closes #13713
-
-- cmake: whitespace, formatting/tidy-up in comments
-
- Also correct casing in a few option descriptions.
-
- Closes #13711
-
-- cmake: allow `ENABLE_CURLDEBUG=OFF` with `ENABLE_DEBUG=ON`
-
- Before this patch, `ENABLE_CURLDEBUG` (memory tracking) was
- unconditionally enabled when `ENABLE_DEBUGBUILD` was set. This made
- testing some build configurations complicated. To fix it, this patch
- makes `ENABLE_CURLDEBUG` to receive the value of `ENABLE_DEBUG` by
- default, while allowing free override by the user.
-
- This allows to use the config:
- `ENABLE_DEBUGBUILD=ON ENABLE_CURLDEBUG=OFF`
- to enable debug features, without also enabling memory tracking.
-
- This is important because some other build methods allow to set one of
- these features but not the other. This patch allows to test any
- combination with CMake.
-
- This makes it unnecessary to use the workaround of passing
- `-DDEBUGBUILD` via `CMAKE_C_FLAGS`. Which has the disadvantage that our
- CMake logic cannot easily detect it, e.g. for disabling symbol hiding on
- Windows for `ENABLE_DEBUG`/`DEBUGBUILD` builds.
-
- Cherry-picked from #13718
- Closes #13792
-
-- cmake: `ENABLE_DEBUG=ON` to always set `-DDEBUGBUILD`
-
- Before this patch `ENABLE_DEBUG=ON` always enabled the TrackMemory
- (aka `ENABLE_CURLDEBUG=ON`) feature, but required the `Debug` CMake
- configration to actually enable curl debug features
- (aka `-DDEBUGBUILD`).
-
- Curl debug features do not require compiling with C debug options. This
- also made enabling debug features unintuitive and complicated to use.
- Due to other issues (subject to PR #13694) it also caused an error in
- default (and `Release`/`MinSizeRel`/`RelWithDebInfo`) configs, when
- building the `testdeps` target:
- ```
- ld: CMakeFiles/unit1395.dir/unit1395.c.o: in function `test':
- unit1395.c:(.text+0x1a0): undefined reference to `dedotdotify'
- ```
- Ref: https://github.com/curl/curl/actions/runs/9037287098/job/24835990826#ste
- p:3:2483
-
- Fix it by always defining `DEBUGBUILD` when setting `ENABLE_DEBUG=ON`.
- Decoupling this option from the selected CMake configuration.
-
- Note that after this patch `ENABLE_DEBUG=ON` unconditionally enables
- curl debug features. These features are insecure and unsuited for
- production. Make sure to omit this option when building for production
- in default, `Release` (and other not-`Debug`) modes.
-
- Also delete a workaround no longer necessary in GHA CI jobs.
-
- Ref: 1a62b6e68c08c7e471ff22dd92932aba7e026817 (2015-03-03)
- Ref: #13583
- Closes #13592
-
-- GHA: add autotools mingw-64, build-only job
-
- Cherry-picked from #13718
- Closes #13793
-
-- GHA: add three MSVC jobs
-
- Continuing the theme, add 3 MSVC jobs with tests, matching
- configurations used on AppVeyor. MSVC versions are identical:
- 19.39.33523.0 + Windows SDK 10.0.22621.0.
-
- Also enable websockets, and build examples. Tests are run in parallel
- (`-j14`), with improved performance.
-
- Job performance:
- ```
- AppVeyor GHA
- w/examples
- -------- ----------
- CMake, VS2022, Debug, x64, Schannel, Static, Unicode 38m 4s 11m57s
- CMake, VS2022, Debug, x64, no SSL, Static 35m15s 12m 6s
- CMake, VS2022, Debug, x64, no SSL, Static, HTTP only 25m25s 10m36s
- ```
- Based on these runs:
- https://ci.appveyor.com/project/curlorg/curl/builds/49884748
- https://github.com/curl/curl/actions/runs/9229448468
-
- This is the first time examples are built in CI with MSVC: Fix all
- warnings and errors that came up via
- d4b85890555388bec212b75f47a5c1a48705b156 #13771.
-
- Closes #13766
-
-- GHA: add three old (gcc 6, 7, 9) mingw-w64 jobs
-
- Re-implement old mingw-w64 jobs in GHA. This allows to use the latest
- Windows runners, replacing Windows Server 2012 R2 (gcc 6) and Windows
- Server 2016 (gcc 7, 9) with Windows Server 2022.
-
- GHA runners are also significantly faster, and allow running tests in
- parallel (`-j14`). It also offloads 3 more long-running jobs from
- AppVeyor CI.
-
- These jobs download (then cache) the mingw-w64 packages from their
- original location, which allows flexibility in choosing which versions
- and flavours (win32/POSIX, SEH/DWARF, 64/32-bit) we want to test in CI.
- The new jobs use these distros:
- - https://sourceforge.net/projects/mingw-w64/files/Toolchains%20targetting%20
- Win64/Personal%20Builds/mingw-builds/ (for gcc 7, same as on AppVeyor)
- - https://sourceforge.net/projects/mingw-w64/files/Toolchains%20targetting%20
- Win32/Personal%20Builds/mingw-builds/ (for gcc 6, same as on AppVeyor)
- - https://winlibs.com/ (for gcc 9)
-
- I matched existing AppVeyor job configs, with these differences:
- - gcc 6.4.0 instead of 6.3.0.
- (same distro as on AppVeyor, but the latest bugfix release)
- - gcc 9.5.0 instead of 9.1.0 and a different (but compatible) binary distro.
- (in AppVeyor this relies on an old MSYS2 pre-installed on the runner)
- - using win32 builds instead of posix for gcc 6.4.0 and 7.3.0.
- - websockets enabled.
- - always build examples.
- - always build tests (this wasn't done for 6.4.0 with AppVeyor CI).
-
- I did not replicate existing test exclusions, and oddly enough the few
- failures (so far) were different from MSYS2 jobs and also from their
- AppVeyor CI counterparts.
-
- Also:
- - delete redundant (default) `-u` option from `cygpath` calls.
- - allow matrix options to override default ones in CMake.
- - detect and use Windows-supplied curl for `TFLAGS` `-ac` option.
- (it's available in modern runners.)
- - delete the 3 AppVeyor CI jobs now replicated in GHA.
- - appveyor: prefer `SYSTEMROOT` over `WINDIR`.
- - tidy-up quotes.
-
- Job performance:
- ```
- AppVeyor GH
- A
- w/
- examples
- w/
- tests
- -------- --
- --------
- CMake, mingw-w64, gcc 6, Debug, x86, Schannel, Static, no-unity 1m25s 8
- m50s
- CMake, mingw-w64, gcc 7, Debug, x64, Schannel, Static, Unicode 31m45s 9
- m39s
- CMake, mingw-w64, gcc 9, Debug, x64, Schannel, Static 28m25s 13
- m38s
- ```
- Based on these runs:
- https://ci.appveyor.com/project/curlorg/curl/builds/49880799
- https://github.com/curl/curl/actions/runs/9218292508
-
- Notice that building examples and tests is time consuming.
-
- We can tweak any build parameter as necessary to make them more useful
- and/or without clogging the job queue or introducing flakiness.
-
- Closes #13759
-
-Daniel Stenberg (27 May 2024)
-
-- TODO: remove some old, clarify, add something
-
- Closes #13788
-
-- TODO: Add "Share CA cache" + "CA caching to more TLS backends"
-
- Closes #13787
-
-Viktor Szakats (26 May 2024)
-
-- runtests: sort test IDs in summary lines
-
- Changing this output:
- ```
- TESTFAIL: These test cases failed: 2301 2303 2302 2307
- ```
- Ref: https://github.com/curl/curl/actions/runs/9228638364/job/25393106631#ste
- p:6:21181
-
- To:
- ```
- TESTFAIL: These test cases failed: 2301 2302 2303 2307
- ```
-
- Cherry-picked from #13766
- Closes #13774
-
-- examples: fix compiling with MSVC
-
- - `websocket.c`: use `Sleep()` on Windows.
- `sleep()` and `unistd.h` are not available in MSVC.
-
- - `http2-upload.c`: use local `gettimeofday()` implementation when
- compiled with MSVC.
- (Alternate solution is to disable the trace function for MSVC.)
- Public domain code copied and adapted from libssh2:
- https://github.com/libssh2/libssh2/blob/e973493f992313b3be73f51d3f7ca6d52e2
- 88558/src/misc.c#L719-L743
-
- - silence compiler warning for deprecated `inet_addr()`.
- Also drop duplicate winsock2 include.
- ```
- curl\docs\examples\externalsocket.c(125,32): error C2220: the following war
- ning is treated as an error [curl\bld\docs\examples\curl-example-externalsock
- et.vcxproj]
- curl\docs\examples\externalsocket.c(125,32): warning C4996: 'inet_addr': Us
- e inet_pton() or InetPton() instead or define _WINSOCK_DEPRECATED_NO_WARNINGS
- to disable deprecated API warnings [curl\bld\docs\examples\curl-example-e
- ```
- Ref: https://github.com/curl/curl/actions/runs/9227337318/job/25389073450#s
- tep:4:95
-
- - silence an MSVC compiler warning. This is in conflict with `checksrc`
- rules, so silence the rule in favour of the warning-free C syntax.
- ```
- curl\docs\examples\multi-legacy.c(152,1): error C2220: the following warnin
- g is treated as an error [curl\bld\docs\examples\curl-example-multi-legacy.vc
- xproj]
- curl\docs\examples\multi-legacy.c(152,1): warning C4706: assignment within
- conditional expression [curl\bld\docs\examples\curl-example-multi-legacy.vcxp
- roj]
- ```
- Ref: https://github.com/curl/curl/actions/runs/9227337318/job/25389073450#s
- tep:4:226
-
- - do not use `sys/time.h` and `unistd.h` in Windows builds.
- Some of these includes look unnecessary. Subject to another PR.
-
- Cherry-picked from #13766
- Closes #13771
-
-Jonathan Matthews (26 May 2024)
-
-- docs/cmdline-opts: fix mail-auth example TLD typo
-
- Closes: #13784
- Reviewed-by: Daniel Gustafsson <daniel@yesql.se>
-
-Daniel Stenberg (26 May 2024)
-
-- libssh: remove CURLOPT_SSL_VERIFYHOST check
-
- It was never meant for SSH: it should rely on the knownhosts file (if
- set) in the same way libssh2 already does.
-
- Reported-by: James Abbatiello
- Fixes #13767
- Closes #13781
-
-Stefan Eissing (26 May 2024)
-
-- multi: add multi->proto_hash, a key-value store for protocol data
-
- - add `Curl_hash_add2()` that passes a destructor function for
- the element added. Call element destructor instead of hash
- destructor if present.
- - multi: add `proto_hash` for protocol related information,
- remove `struct multi_ssl_backend_data`.
- - openssl: use multi->proto_hash to keep x509 shared store
- - schannel: use multi->proto_hash to keep x509 shared store
- - vtls: remove Curl_free_multi_ssl_backend_data() and its
- equivalents in the TLS backends
-
- Closes #13345
-
-Jan Venekamp (25 May 2024)
-
-- tests: add pytest for --ciphers and --tls13-ciphers options
-
- Closes #13530
-
-Orgad Shaneh (25 May 2024)
-
-- tool_operate: avoid explicitly setting verifypeer to 1
-
- Also for the proxy verison. It is the default, just like verifyhost,
- since a long time.
-
- Closes #13704
-
-- tests: extend user/password parsing test1620
-
- Closes #13756
-
-Alejandro R. Sedeño (25 May 2024)
-
-- configure: use `$EGREP` in place of `grep -E`
-
- `$EGREP` is set based on an earlier test in configure so that we can
- work with systems that have `egrep` and a `grep` that does not support
- `-E`.
-
- Closes #13780
-
-renovate[bot] (25 May 2024)
-
-- ci: update dependency awslabs/aws-lc to v1.28.0
-
- Closes #13770
-
-Jan Venekamp (25 May 2024)
-
-- tests: test_17_ssl_use.py clarify mbedtls TLSv1.3 support
-
- Closes #13779
-
-Stefan Eissing (25 May 2024)
-
-- http: write last header line late
-
- - HEADERFUNCTIONS might inspect response properties like
- CURLINFO_CONTENT_LENGTH_DOWNLOAD_T on seeing the last header line. If
- the line is being written before this is initialized, values are not
- available.
-
- - write the last header line late when analyzing a HTTP response so that
- all information is available at the time of the writing.
-
- - add test1485 to verify that CURLINFO_CONTENT_LENGTH_DOWNLOAD_T works
- on seeing the last header.
-
- Fixes #13752
- Reported-by: Harry Sintonen
- Closes #13757
-
-Dan Fandrich (24 May 2024)
-
-- tests: use exec when spawning nghttpx
-
- This stops keeping perl and shell processes around that are no longer
- needed, plus it eliminates an unneeded shell message when the server is
- later terminated.
-
- Closes #13772
-
-Viktor Szakats (24 May 2024)
-
-- GHA: ignore flaky test 3017 (MQTT) on OpenBSD
-
- ```
- TESTFAIL: These test cases failed: 3017
- ```
- Ref: https://github.com/curl/curl/actions/runs/9223543272/job/25376999226?pr=
- 13759#step:3:16326
- Ref: https://github.com/curl/curl/actions/runs/9230183764/job/25397883193?pr=
- 13766#step:3:16345
-
- Ref: https://github.com/curl/curl/pull/13583#issuecomment-2119376898
-
-Joseph Chen (24 May 2024)
-
-- build: add more supported attributes to the IAR compiler
-
- Closes #13744
-
-Viktor Szakats (24 May 2024)
-
-- cmake: fix test 1013 with websockets enabled and no TLS
-
- test 1013 is 'Compare curl --version with curl-config --protocols'.
-
- Ref: https://github.com/curl/curl/actions/runs/9228363859/job/25392251955
-
- Closes #13769
-
-- GHA: stop deleting curl in non-native workflows
-
- We do it in Cirrus CI, but for some platforms it's not possible to
- delete it and tests work anyway.
-
- The test runner also runs `../src/curl` by default, which is always the
- one freshly built. The runner may also need the system curl to talk to
- APIs when needed.
-
- Also:
- - stop setting `CURL` env. This isn't picked up by the runners,
- and works out of the box anyway.
- - quote an option just in case.
-
- Follow-up to 90e644f944969bb11c6448bf50c6d441b5c0b1e6 #13583
- Closes #13765
-
-Jay Satiro (24 May 2024)
-
-- openssl: stop duplicate ssl key logging for legacy OpenSSL
-
- - Don't call the keylog function if it has already logged the key.
-
- For old OpenSSL versions and its forks that do not have support for
- OpenSSL's keylog callback, libcurl has its own legacy key logging
- function that logs the TLS 1.2 (and earlier) key (client random + master
- key) on a single line.
-
- Prior to this change, since e7de80e8 (precedes 8.8.0), the legacy key
- logging function could write the same key line more than once (usually
- twice) due to some incorrect logic.
-
- Closes https://github.com/curl/curl/pull/13683
-
-Stefan Eissing (24 May 2024)
-
-- transfer: remove curl_upload_refill_watermark, no longer used
-
- the define applied to upload buffers which we removed
-
- Closes #13764
-
-Daniel Stenberg (24 May 2024)
-
-- RELEASE-NOTES: synced
-
-Viktor Szakats (24 May 2024)
-
-- cmake: fix brotli lib order
-
- Fix root cause that caused missing symbols when linking brotli
- statically with e.g. binutils `ld` (and any other "picky" linker,
- or "traditional" linker as CMake now calls them).
-
- Also drop existing workaround that added brotli libs twice to the lib
- list.
-
- ```
- x86_64-w64-mingw32-ld: .../curl/brotli/_bld/usr/lib/libbrotlidec.a(decode.c.o
- bj):decode.c:(.text$ProcessCommands[ProcessCommands]+0xbb5): undefined refere
- nce to `BrotliTransformDictionaryWord'
- x86_64-w64-mingw32-ld: .../curl/brotli/_bld/usr/lib/libbrotlidec.a(decode.c.o
- bj):decode.c:(.text$SafeProcessCommands[SafeProcessCommands]+0xe8a): undefine
- d reference to `BrotliTransformDictionaryWord'
- x86_64-w64-mingw32-ld: .../curl/brotli/_bld/usr/lib/libbrotlidec.a(decode.c.o
- bj):decode.c:(.rdata$.refptr._kBrotliContextLookupTable[.refptr._kBrotliConte
- xtLookupTable]+0x0): undefined reference to `_kBrotliContextLookupTable'
- x86_64-w64-mingw32-ld: .../curl/brotli/_bld/usr/lib/libbrotlidec.a(decode.c.o
- bj):decode.c:(.rdata$.refptr._kBrotliPrefixCodeRanges[.refptr._kBrotliPrefixC
- odeRanges]+0x0): undefined reference to `_kBrotliPrefixCodeRanges'
- x86_64-w64-mingw32-ld: .../curl/brotli/_bld/usr/lib/libbrotlidec.a(state.c.ob
- j):state.c:(.text$BrotliDecoderStateInit[BrotliDecoderStateInit]+0x21): undef
- ined reference to `BrotliDefaultAllocFunc'
- x86_64-w64-mingw32-ld: .../curl/brotli/_bld/usr/lib/libbrotlidec.a(state.c.ob
- j):state.c:(.text$BrotliDecoderStateInit[BrotliDecoderStateInit]+0x2f): undef
- ined reference to `BrotliDefaultFreeFunc'
- x86_64-w64-mingw32-ld: .../curl/brotli/_bld/usr/lib/libbrotlidec.a(state.c.ob
- j):state.c:(.text$BrotliDecoderStateInit[BrotliDecoderStateInit]+0x10e): unde
- fined reference to `BrotliSharedDictionaryCreateInstance'
- x86_64-w64-mingw32-ld: .../curl/brotli/_bld/usr/lib/libbrotlidec.a(state.c.ob
- j):state.c:(.text$BrotliDecoderStateCleanup[BrotliDecoderStateCleanup]+0xf4):
- undefined reference to `BrotliSharedDictionaryDestroyInstance'
- collect2: error: ld returned 1 exit status
- ```
-
- Breakage reproducible with curl-for-win config "`win-gcc`" and deleting
- the `LDFLAGS+=' -Wl,--start-group'` line from its `curl.sh` script.
- (Above line still required for some non-brotli cases, e.g. libssh2 and
- zlib.)
-
- Assisted-by: Kai Pastor
- Ref: https://github.com/curl/curl/pull/10857#discussion_r1611714989
- Follow-up to 1e3319a167d2f32d295603167486e9e88af9bb4e #10857
- Closes #13761
-
-Pavel Pavlov (24 May 2024)
-
-- cmake: fix building in unity mode
-
- - Fix sha256 and sha512 duplicate macro names (eg function-like macro Ch
- is now Sha256_Ch and Sha512_Ch).
-
- - Avoid defining short defines like R, S. (eg S is now Sha256_S).
-
- Closes https://github.com/curl/curl/pull/13751
-
-Jay Satiro (24 May 2024)
-
-- winbuild: remove outdated WIN32 defines
-
- - Remove all instances in the makefile of compiler option /DWIN32.
-
- This is a follow-up to e9a7d4a1 which replaced all defined(WIN32) checks
- with defined(_WIN32) in the codebase, since only the latter is
- automatically defined by all compilers for Windows builds.
-
- Bug: https://github.com/curl/curl/pull/13739#issuecomment-2123937859
- Reported-by: Viktor Szakats
-
- Closes https://github.com/curl/curl/pull/13742
-
-renovate[bot] (24 May 2024)
-
-- ci: update github/codeql-action digest to 9fdb3e4
-
- Closes #13726
-
-Pavel Pavlov (23 May 2024)
-
-- asyn-thread: avoid using GetAddrInfoExW with impersonation
-
- Multiple reports suggest that GetAddrInfoExW fails when impersonation is
- used. This PR checks if thread is impersonating and avoids using
- GetAddrInfoExW api.
-
- Reported-by: Keerthi Timmaraju
- Assisted-by: edmcln on github
- Fixes #13612
- Closes #13738
-
-Stefan Eissing (23 May 2024)
-
-- transfer: conn close on paused upload
-
- - add 2 variations on test_07_42 which PAUSEs uploads
- and response connections terminating either right away
- or after the 100-continue response
- - when detecting the connection being closed in transfer.c
- readwrite_data(), clear ALL send bits in data->req.keepon.
- It no longer makes send to wait for a KEEP_SEND_PAUSE or HOLD.
- - in the protocol client writer add the check for incomplete
- response bodies. When an EOS is seen and the length is known,
- check that and fail if bytes are missing.
-
- Reported-by: Sergey Bronnikov
- Fixes #13740
- Closes #13750
-
-- CI GHA: add vsftpd to ngtcp2-linux runs
-
- - not using HTTP/3, but gnutls does not seem to run
- somewhere else right now
-
- Closes #13760
-
-Orgad Shaneh (23 May 2024)
-
-- GHA: increase timeout for Cygwin autotools build tests step
-
- Apparently 10 minutes are not (always) enough:
- https://github.com/curl/curl/actions/runs/9197003907/job/25296439556#step:8:1
- 936
-
- Closes #13753
-
-Stefan Eissing (22 May 2024)
-
-- mbedtls: send close-notify on close
-
- - send the TLS close notify message when cloding down
- the mbedtls connection filter
- - this is a "least" effort version and, as other TLS filters,
- is lacking a graceful send/receive/timeout for a really
- clean shutdown.
-
- Closes #13745
-
-- mbedtls: check version for cipher id
-
- mbedtls_ssl_get_ciphersuite_id_from_ssl() seems to have been added in
- mbedtls 3.2.0. Check for that version.
-
- Closes #13749
-
-Viktor Szakats (22 May 2024)
-
-- cmake: fix building with both md4 and md5 in unity mode
-
- Macro and static function names were colliding between
- `lib/md4.c` and
- `lib/md5.c`.
-
- Fix it by namespacing these symbols.
-
- Seen with a basic macOS build using these options:
- `-DCMAKE_UNITY_BUILD=ON -DCURL_USE_SECTRANSP=ON`
-
- Closes #13737
-
-Daniel Stenberg (22 May 2024)
-
-- docs/Makefile.am: make curl-config.1 install
-
- on "make install" like it should
-
- Follow-up to 60971d665b9b1df87082
-
- Closes #13741
-
-dependabot[bot] (22 May 2024)
-
-- GHA: bump actions/checkout from 4.1.4 to 4.1.6
-
- Bumps [actions/checkout](https://github.com/actions/checkout) from 4.1.4 to 4
- .1.6.
- - [Release notes](https://github.com/actions/checkout/releases)
- - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- - [Commits](https://github.com/actions/checkout/compare/0ad4b8fadaa221de15dce
- c353f45205ec38ea70b...a5ac7e51b41094c92402da3b24376905380afc29)
-
- ---
- updated-dependencies:
- - dependency-name: actions/checkout
- dependency-type: direct:production
- update-type: version-update:semver-patch
- ...
-
- Signed-off-by: dependabot[bot] <support@github.com>
-
- Closes #13720
-
-Stefan Eissing (22 May 2024)
-
-- pytest: add ftp upload tests
-
- - refs #13556
- - allow anon uploads on vsftpd test server
- - add test_30_05 for plain upload of 1k, 100k, 1m
- - add test_31_05 for SSL upload of 1k, 100k, 1m
- - verify file size and contents
-
- Closes #13734
-
-- test: add test1546, chunked not last transfer encoding
-
- with more than one transfer-encoding, 'chunked' must be the last added
- to the writer stack (and therefore the first to decode). RFC 9112, ch.
- 6.1.
-
- Closes #13736
-
-- test: add test1484, for HEAD with content
-
- - test HEAD request with 'Transfer-Encoding:chunked' and
- non-encoded response content
- - verifies #13725
-
- Closes #13735
-
-Daniel Stenberg (22 May 2024)
-
-- RELEASE-NOTES: synced
-
- bump to 8.8.1 for now
-
-Viktor Szakats (22 May 2024)
-
-- (lib)curl.rc: set debug flag also for `CURLDEBUG` and `UNITTESTS`
-
- These macros also enable debug features in both libcurl and curl.
- Enable `VS_FF_DEBUG` version resource flag when they are set.
-
- Closes #13730
-
-Jay Satiro (22 May 2024)
-
-- winbuild: fix PE version info debug flag
-
- - Only set PE file flag VS_FF_DEBUG if curl.exe and libcurl.dll were
- built with winbuild option DEBUG=yes which builds with debug info.
-
- VS_FF_DEBUG is a PE flag (Portable Executable file flag - dll, exe, etc)
- that indicates the file contains or was built with debug info.
-
- Prior to this change when winbuild was used to build curl, curl.exe
- and libcurl.dll always had VS_FF_DEBUG set, regardless of build option
- DEBUG=yes/no, due to some bad logic.
-
- Closes https://github.com/curl/curl/pull/13739
-
-Version 8.8.0 (22 May 2024)
-
-Daniel Stenberg (22 May 2024)
-
-- RELEASE-NOTES: synced
-
-- THANKS: add contributors from 8.8.0
-
-Nathan Moinvaziri (21 May 2024)
-
-- url: remove duplicate call to Curl_conncache_remove_conn when pruning
-
- - remove unnecessary prunedead struct from prune_dead_connections
- - rename extract_if_dead to prune_if_dead for clarity
-
- Closes #13710
-
-Joseph Chen (21 May 2024)
-
-- curl_setup.h: add support for IAR compiler
-
- Closes #13728
-
-Stephen Farrell (21 May 2024)
-
-- docs/ECH: typo/clarification
-
- Closes #13727
-
-Viktor Szakats (21 May 2024)
-
-- hash: delete unused debug function
-
- It had no use in the curl codebase and was also protected by the macro
- `AGGRESSIVE_TEST` (renamed in 2020), also with no local reference.
-
- Added in ca6e77083768858aa34207f8c5dce38b3c05336d (2002-11-11)
-
- Closes #13729
-
-Stefan Eissing (21 May 2024)
-
-- content_encoding: reject transfer-encoding after chunked
-
- reject a response that applies a transfer-encoding after a 'chunked'
- encoding. RFC 9112 ch. 6.1 required chunked to be the final encoding.
-
- Closes #13733
-
-- http: HEAD response body tolerance
-
- - as reported in #13725, some servers wrongly send body bytes in
- responses to a HEAD request. This used to be tolerated in curl
- 8.4 and before and leads to failed transfers in newer versions.
- - restore previous behaviour for HTTP/1.1 and HTTP/2:
- * 1.1: do not add 'Transfer-Encoding' writers from HEAD
- responses. RFC 9112 says they do not apply.
- * 2: when the transfer expects 'no_body', to not report stream
- resets as error when all response headers have been received.
-
- Reported-by: Jeroen Ooms
- Fixes #13725
- Closes #13732
-
-Viktor Szakats (20 May 2024)
-
-- tests: fix TFTP test 2305 on Windows
-
- Ref: #13692
- Closes #13724
-
-Jay Satiro (20 May 2024)
-
-- openssl: revert keylog_callback support for LibreSSL
-
- - Revert to the legacy TLS 1.2 key logging code for LibreSSL.
-
- - Document SSLKEYLOGFILE for LibreSSL is TLS 1.2 max.
-
- Prior to this change if the user specified a filename in the
- SSLKEYLOGFILE environment variable and was using LibreSSL 3.5.0+ then
- an empty file would be created and no keys would be logged.
-
- This is effectively a revert of e43474b4 which changed openssl.c to use
- SSL_CTX_set_keylog_callback for LibreSSL 3.5.0+. Unfortunately LibreSSL
- added that function only as a stub that doesn't actually do anything.
-
- Reported-by: Gonçalo Carvalho
-
- Fixes https://github.com/curl/curl/issues/13672
- Closes https://github.com/curl/curl/pull/13682
-
-renovate[bot] (19 May 2024)
-
-- GHA: pin dependencies
-
- Closes #13712
-
-Viktor Szakats (19 May 2024)
-
-- appveyor: drop unnecessary `--clean-first` cmake option
-
- In CI all machines are fresh on startup, making the `clean` operation
- unnecessary. This can save some time/energy for each job run.
-
- Closes #13707
-
-- cmake: merge two `if(BUILD_TESTING)` branches
-
- Closes #13708
-
-Tatsuhiro Tsujikawa (19 May 2024)
-
-- GHA: bump nghttp2 to v1.62.1
-
- Use gcc-12 explicitly to compile C++20 source files.
-
- Closes #13702
-
-Viktor Szakats (19 May 2024)
-
-- GHA: add NetBSD, OpenBSD, FreeBSD/arm64 and OmniOS jobs
-
- Add these jobs to GHA:
- - NetBSD, cmake-unity, clang, OpenSSL, x86_64, with tests, w/o python,
- no parallelism (was flaky sometimes)
- - OpenBSD, cmake-unity, clang, LibreSSL, x86_64, with tests,
- with python, -j8, TFTP results ignored due to #13623.
- - FreeBSD, cmake-unity and autotools, clang, OpenSSL, arm64
- (Tests disabled for arm64, because they are slow. It's available for
- x86_64 with python, -j12.)
- Configuration matches our existing Cirrus CI one.
- - OmniOS, autotools, gcc, OpenSSL, x86_64, with tests, -j12.
-
- All build with websockets and examples.
-
- Closes #13583
-
-- GHA: disable TFTP test on native Windows
-
- Some TFTP tests seem to enter into a loop and maybe hang?
-
- E.g. 1007, 1009, 1238
-
- Try fixing it by skipping all TFTP tests.
-
- Ref: https://github.com/curl/curl/actions/runs/9141987545/job/25137038249?pr=
- 13698
-
- Also drop mingw-w64 test exclusions copy-pasted from MSYS jobs.
-
- Possibly related: cffbcc3110c1eda2e333f9cfe2e269154618793a #5364
-
- Close #13699
-
-renovate[bot] (18 May 2024)
-
-- GHA: pin dependencies
-
- Closes #13691
-
-Viktor Szakats (18 May 2024)
-
-- cmake: do not pass linker flags to the static library tool
-
- Do not add linker flags to the global CMake static library tool (aka
- "static linker") (e.g. `ar`) flags list. They don't mix well. This was
- only done after successfully detecting GSSAPI.
-
- Linker flags seen on Old Linux CI:
- ```
- -- |GSS_LINKER_FLAGS|-Wl,--enable-new-dtags -Wl,-rpath -Wl,/usr/lib/x86_64-li
- nux-gnu/heimdal|
- -- |CMAKE_STATIC_LINKER_FLAGS| -Wl,--enable-new-dtags -Wl,-rpath -Wl,/usr/lib
- /x86_64-linux-gnu/heimdal|
- ```
- Ref: https://github.com/curl/curl/actions/runs/9138988036/job/25130791712#ste
- p:6:85
-
- Causing:
- ```
- /usr/bin/ar qc libcurltool.a -Wl,--enable-new-dtags -Wl,-rpath -Wl,/usr/lib/
- x86_64-linux-gnu/heimdal
- CMakeFiles/curltool.dir/slist_wc.c.o CMakeFiles/curltool.dir/tool_binmode.c
- .o CMakeFiles/curltool.dir/tool_bname.c.o
- [...]
- CMakeFiles/curltool.dir/tool_writeout_json.c.o CMakeFiles/curltool.dir/tool
- _xattr.c.o CMakeFiles/curltool.dir/var.c.o
- CMakeFiles/curltool.dir/__/lib/base64.c.o CMakeFiles/curltool.dir/__/lib/dy
- nbuf.c.o
- /usr/bin/ar: invalid option -- 'W'
- Usage: /usr/bin/ar [emulation options] [-]{dmpqrstx}[abcDfilMNoPsSTuvV] [--pl
- ugin <name>] [member-name] [count] archive-file file...
- /usr/bin/ar -M [<mri-script]
- ```
- Ref: https://github.com/curl/curl/actions/runs/9138988036/job/25130791712#ste
- p:9:125
-
- This problem is invisible at the moment because of another bug (#13698)
- that misses building unit tests when not using either the
- `ENABLE_DEBUG=ON` or `ENABLE_CURLDEBUG=ON` options (to set
- `-DCURLDEBUG`):
- ```
- test 1300 SKIPPED: curl lacks unittest support
- ```
- Ref: https://github.com/curl/curl/actions/runs/9135571781/job/25123104557#ste
- p:9:2883
-
- With that fixed, this becomes the next issue.
-
- It's possible this bug also required an older CMake version and/or
- a specific OS environment which uses linker flags in GSSAPI that are not
- playing well with `ar` options, to reproduce.
-
- Follow-up to 558814e16d84aa202c5ccc0c8108a9d728e77a58 (2014-09-25)
- Ref: #13698
- Closes #13697
-
-- GHA: ignore flaky test2302 results on Windows
-
- WebSockets:
- ```
- TESTFAIL: These test cases failed: 2302
- ```
- Ref: https://github.com/curl/curl/actions/runs/9139155361/job/25131144383?pr=
- 13689#step:14:9892
-
- Follow-up to 36fd2dd6ee874726c628e67fcf6415a2e52bfe29 #13599
- Ref: #13692
- Closes #13696
-
-- GHA: add MSYS, mingw-w64, Cygwin jobs
-
- - re-implement autotools MSYS and Cygwin AppVeyor jobs in GHA.
- Now build with SSL and PSL to improve test coverage.
- - re-implement MSYS2 mingw-w64 gcc 13 AppVeyor job in GHA.
- `CMake, mingw-w64, gcc 13, Debug, x64, Schannel, Static, Unicode`
- - add new cmake Cygwin job (build-only).
- - enable `-j14` parallelism when running tests.
- - delete the 5 migrated jobs from AppVeyor CI.
- - add 2 build-only mingw-w64 builds, gcc Release and clang OpenSSL.
- - also enable brotli, libssh2, nghttp2 for more test coverage.
-
- These jobs offer better performance, more flexibility and
- parallelization compared to the AppVeyor ones they replace. It also
- offloads AppVeyor, allowing to iterate faster. They also appear more
- reliable than e.g. Azure Windows jobs, where runners are prone to fail
- [1].
-
- Closes #13599
-
- [1]:
- `Exit code 143 returned from process: file name 'C:\Windows\system32\docker.E
- XE',
- arguments 'exec -i 6b13a669c6dfe7fb9f59414369872fd64d61c7182f880c3d39c135cb
- 4c115c8f
- C:\__a\externals\node\bin\node.exe C:\__w\_temp\containerHandlerInvoker.js'.`
-
-Stefan Eissing (17 May 2024)
-
-- pytest: fixes for recent python, add FTP tests
-
- Fixes:
- - in uds tests, abort also silently on os errors
- - be conservative on the h3 goaway duration
- - detect curl debug build and use in checks
- - fix caddy version check for slight difference under linux
- - set caddy default path fitting for linux
- - fix deprecation warnings in valid time checks
-
- FTP tests:
- - add '--with-test-vsftpd=path' to configure
- - use vsftpd default path suitable for linux
- - add test_30 with plain FTP tests
- - add test_31 with --ssl-reqd FTP tests
- - add vsftpd to linux GHA for pytest workflows
-
- Closes #13661
-
-- rustls: fix handshake done handling
-
- - rustls report it has finished the TLS handshake *before*
- all relevant data has been sent off, e.g. it FINISHED message
- - On connections the send data immediately, this was never noticed
- as the FINISHED in rustls buffers was send with the app data
- - On passive FTP connections, curl does not send any data after
- the handshake, leaving FINISHED unsent and the server never
- responded as it was waiting on this.
-
- Closes #13686
-
-Daniel Stenberg (17 May 2024)
-
-- x509asn1: return error on missing OID
-
- to avoid crash when dereferencing a NULL pointer.
-
- Reported-by: Trzik on github
- Patch-by: Trzik on github
- Fixes #13684
- Closes #13685
-
-- CURLOPT_WRITEFUNCTION.md: fix the callback proto in the example
-
- Reported-by: Michael Litwak
- Fixes #13681
- Closes #13687
-
-Viktor Szakats (17 May 2024)
-
-- src: tidy up types, add necessary casts
-
- Cherry-picked from #13489
- Closes #13614
-
-- lib: fix compiler warnings (gcc)
-
- Seen when setting `ENABLE_DEBUG=ON` and `-DDEBUGBUILD` for mingw-w64
- gcc 13.2.0 CMake unity builds in 'Release' configurations.
-
- ```
- curl/lib/curl_gethostname.c:71:5: error: 'strncpy' specified bound 1025 equal
- s destination size [-Werror=stringop-truncation]
- 71 | strncpy(name, force_hostname, namelen);
- | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
- In file included from curl/_bld/lib/CMakeFiles/libcurl_object.dir/Unity/unity
- _0_c.c:175:
- In function 'hostcache_timestamp_remove',
- inlined from 'Curl_hash_clean_with_criterium' at curl/lib/hash.c:265:19,
- inlined from 'Curl_hash_clean_with_criterium' at curl/lib/hash.c:247:1,
- inlined from 'hostcache_prune' at curl/lib/hostip.c:228:3,
- inlined from 'Curl_hostcache_prune' at curl/lib/hostip.c:256:21:
- curl/lib/hostip.c:205:12: error: 'now' may be used uninitialized [-Werror=may
- be-uninitialized]
- 205 | time_t age = prune->now - c->timestamp;
- | ^~~
- curl/lib/hostip.c: In function 'Curl_hostcache_prune':
- curl/lib/hostip.c:241:10: note: 'now' was declared here
- 241 | time_t now;
- | ^~~
- In function 'hostcache_timestamp_remove',
- inlined from 'fetch_addr' at curl/lib/hostip.c:310:8:
- curl/lib/hostip.c:205:23: error: 'user.now' may be used uninitialized [-Werro
- r=maybe-uninitialized]
- 205 | time_t age = prune->now - c->timestamp;
- | ~~~~~^~~~~
- curl/lib/hostip.c: In function 'fetch_addr':
- curl/lib/hostip.c:304:33: note: 'user' declared here
- 304 | struct hostcache_prune_data user;
- | ^~~~
- In file included from curl/_bld/lib/CMakeFiles/libcurl_object.dir/Unity/unity
- _0_c.c:40:
- curl/lib/cf-socket.c: In function 'cf_socket_send':
- curl/lib/cf-socket.c:1294:10: error: 'c' may be used uninitialized [-Werror=m
- aybe-uninitialized]
- 1294 | if(c >= ((100-ctx->wblock_percent)*256/100)) {
- | ~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
- curl/lib/cf-socket.c:1292:19: note: 'c' was declared here
- 1292 | unsigned char c;
- | ^
- In file included from curl/_bld/lib/CMakeFiles/libcurl_object.dir/Unity/unity
- _0_c.c:364:
- In function 'tftp_state_timeout',
- inlined from 'tftp_multi_statemach' at curl/lib/tftp.c:1230:27:
- curl/lib/tftp.c:1208:5: error: 'current' may be used uninitialized [-Werror=m
- aybe-uninitialized]
- 1208 | if(current > state->rx_time + state->retry_time) {
- | ^
- curl/lib/tftp.c: In function 'tftp_multi_statemach':
- curl/lib/tftp.c:1192:10: note: 'current' was declared here
- 1192 | time_t current;
- | ^~~~~~~
- ```
- Ref: https://ci.appveyor.com/project/curlorg/curl/builds/49792835/job/91c8dj5
- qb36spfe0#L112
- Ref: https://github.com/curl/curl/actions/runs/9082968838/job/24960616145#ste
- p:12:62
-
- Ref: #13592
- Closes #13643
-
-Andrew (16 May 2024)
-
-- wakeup_create: use FD_CLOEXEC/SOCK_CLOEXEC
-
- for `pipe()`/`socketpair()`
-
- Fixes #13618
- Closes #13625
-
-Stefan Eissing (16 May 2024)
-
-- rustls: fix partial send handling
-
- When TLS bytes could not completely sent off, the amount of plain bytes
- already added to rustls were forgotten. This lead to send those byte
- duplicate, corrupting the request send to the server.
-
- Closes #13676
-
-- pytest: add DELETE tests, check server version
-
- - add tests for DELETE working
- - check apache version in keepalive test
- - fix some comments
-
- Closes #13679
-
-Juliusz Sosinowicz (16 May 2024)
-
-- vquic-tls: use correct cert name check API for wolfSSL
-
- wolfSSL_X509_check_host checks the peer name against the alt names and
- the common name.
-
- Fixes #13487
- Closes #13680
-
-Viktor Szakats (16 May 2024)
-
-- cmake: initialize `BUILD_TESTING` before first use
-
- Before this patch `BUILD_TESTING` was used once, then initialized, then
- used again. This caused the `curlu` library not being built when relying
- on an implicit `BUILD_TESTING=ON` setting, and ending up with a link
- error when building the `testdeps` target.
-
- It did not cause issues when `BUILD_TESTING` was explicitly set.
-
- Move the initialization before the first use to fix it.
-
- Regression from aace27b0965c10394544d1dacc9c2cb2fe0de3d3 #12287
- Closes #13668
-
-Daniel Stenberg (16 May 2024)
-
-- libtest: 2308 verifies CURLE_WRITE_ERROR after write callback error
-
- Verifies that the issue in #13669 actually is fixed. This return code is
- what the CURLOPT_WRITEFUNCTION manpage documents should be returned.
-
- This code is mostly from the
- Source-written-by: Trumeet on github
- Closes #13671
-
-Antoine Bollengier (16 May 2024)
-
-- socketpair: fix compilation when USE_UNIX_SOCKETS is not defined
-
- Closes #13666
-
-Stefan Eissing (16 May 2024)
-
-- rustsls: fix error code on receive
-
- - use CURLE_RECV_ERROR instead of CURLE_READ_ERROR when receiving
- data fails.
-
- Closes #13670
-
-Max Dymond (16 May 2024)
-
-- ci: disable Renovate dashboard
-
- The Renovate dashboard insists on an open issue,
- which is a problem. Disable the dashboard. Status
- can still be seen at https://developer.mend.io/github/curl/curl.
-
- Fixes #13630
- Closes #13673
-
-Daniel Stenberg (16 May 2024)
-
-- RELEASE-NOTES: synced
-
-renovate[bot] (16 May 2024)
-
-- GHA: update awslabs/aws-lc to v1.27.0
-
- Closes #13667
-
-Daniel Stenberg (15 May 2024)
-
-- curl_easy_pause.md: use correct defines in example
-
- Spotted-by: Harry Sintonen
- Closes #13664
-
-Viktor Szakats (15 May 2024)
-
-- appveyor: more tidy-ups
-
- - use `--disable` when calling `curl --version`. Just in case.
-
- - use single-quotes for a constant.
-
- Closes #13662
-
-- reuse: migrate standalone license file to dep5
-
- Follow-up to 73a36021207284ad2b4340ffde34a51b0ba4d47a
- Closes #13660
-
-- appveyor: guard against crash-build with VS2008
-
- The combination of `-DDEBUGBUILD`, a shared `curl.exe`, and the VS2008
- compiler creates a `curl.exe` segfaulting on startup:
-
- ```
- + _bld/src/curl.exe --version
- ./appveyor.sh: line 122: 793 Segmentation fault "${curl}" --version
- Command exited with code 139
- ```
- Ref: https://ci.appveyor.com/project/curlorg/curl/builds/49817266/job/651iy6q
- n1e238pqj#L191
-
- Add job that triggers the issue and add the necessary logic to skip
- running the affected `curl.exe`.
-
- Ref: #13592
- Closes #13654
-
-renovate[bot] (15 May 2024)
-
-- GHA: pin dependencies
-
- Closes #13628
-
-Orgad Shaneh (15 May 2024)
-
-- socket: remove redundant call to getsockname
-
- The result "add" is unused.
-
- Closes #13655
-
-renovate[bot] (15 May 2024)
-
-- CI: renovate updates
-
- - GHA: update actions/checkout action to v4
- - GHA: update wolfSSL/wolfssh to v1.4.17
- - GHA: update wolfSSL/wolfssl to v5.7.0
- - Update the regex config in renovate.json
-
- Closes #13632
- Closes #13641
- Closes #13658
- Closes #13659
-
-Max Dymond (15 May 2024)
-
-- ci: fix renovate config for WolfSSL/WolfSSH tagging scheme
-
- WolfSSL/WolfSSH use a different versioning scheme;
- stable builds end with `-stable`. Renovate requires
- some extra configuration to extract the version
- from these types of tags.
-
- Closes #13644
-
-- ci: set semantic type as CI and include digests as CI operations
-
- Replace "chore" with "ci" for renovate's semantic
- type, and include digests with "pin" and
- "pinDigest" as ci operations.
-
- Closes #13644
-
-Daniel Stenberg (15 May 2024)
-
-- DEPRECATE.md: TLS libraries without 1.3 support
-
- curl drops support for TLS libraries without TLS 1.3 capability after
- May 2025.
-
- It requires that a curl build using the library should be able to
- negotiate and use TLS 1.3, or else it is not good enough. We support a
- vast amount of other TLS libraries that are likely to satisfy users
- better.
-
- Closes #13544
-
-- Revert "ci: update nghttp2/nghttp2 to v1.62.0"
-
- This reverts commit 14f2c767555b7598d7783ccd9093670b84d28488.
-
- We need to also upgrade the C++ compiler for that bump to work.
-
- Closes #13656
-
-renovate[bot] (15 May 2024)
-
-- Dockerfile: update debian digest to 911821c
-
- Closes #13629
-
-- ci: update gnutls/gnutls to v3.8.5
-
- Closes #13640
-
-- ci: update awslabs/aws-lc to v1.26.0
-
- Closes #13647
-
-- ci: update cloudflare/quiche to v0.21.0
-
- Closes #13648
-
-- ci: update libressl-portable/portable to v3.9.2
-
- Closes #13649
-
-- ci: update nghttp2/nghttp2 to v1.62.0
-
- Closes #13650
-
-- ci: update ngtcp2/nghttp3 to v1.3.0
-
- Closes #13651
-
-- ci: update ngtcp2/ngtcp2 to v1.5.0
-
- Closes #13652
-
-Max Dymond (14 May 2024)
-
-- ci: handle git submodules for mbedTLS
-
-- ci: reconfigure renovate
-
- - set prefix for github actions updates to be gha:
- - set prefix for other renovate actions to be ci:
- - disable debian updates in linux-old.yml
-
-Viktor Szakats (14 May 2024)
-
-- tidy-up: whitespace [ci skip]
-
-- warnless: delete orphan declarations
-
- Follow-up to 358f7e757781857c4b498a68634726609fa3884a #11932
- Closes #13639
-
-Daniel Stenberg (14 May 2024)
-
-- BUG-BOUNTY.md: clarify the third party situation
-
- We do not pay bounties for problems in other libraries.
-
- Closes #13560
-
-Stefan Eissing (14 May 2024)
-
-- http tests: in CI skip test_02_23* for quiche
-
- For unknown reasons, these tests fail in CI often, but run fine locally.
- Skip them in CI to avoid unrelated PRs to have failures.
-
- Closes #13638
-
-Daniel Gustafsson (14 May 2024)
-
-- hsts: explicitly skip blank lines
-
- Keep blank lines or lines containing only whitespace to make it all
- the way to the more expensive sscanf call in hsts_add.
-
- Closes: #13603
- Reviewed-by: Daniel Stenberg <daniel@haxx.se>
-
-- autotools: Only probe for SGI MIPS compilers on IRIX
-
- MIPSPro and the predecessor compiler which was part of the IDO (IRIS
- Development Option) were only ever shipped on the SGI IRIX operating
- system (with MIPSPro on 6.0+ which was released in 1994). Limit the
- autoconf check to IRIX when probing for these compilers to save some
- cycles on other platforms.
-
- Closes: #13611
- Reviewed-by: Daniel Stenberg <daniel@haxx.se>
-
-Viktor Szakats (14 May 2024)
-
-- tests: fix test 1167 to skip digit-only symbols
-
- This avoids mistaking symbols with their numeric value when using
- certain C preprocessors which output these numeric values at the
- beginning of the line as part of an expression.
-
- Seen on OpenBSD 7.5 + clang.
-
- Example `test1167.pl -v` output, before this patch:
- ```
- Source: cpp /home/runner/work/curl/curl/tests/../include/curl/curl.h
- Symbol: 20000
- Line #3835: 20000 + 142,
- [...]
- Bad symbols in public header files:
- 20000
- [...]
- ```
- Ref: https://github.com/curl/curl/actions/runs/9069136530/job/24918015357#ste
- p:3:7513
-
- Ref: #13583
- Closes #13634
-
-Daniel Stenberg (14 May 2024)
-
-- lib: call Curl_strntolower instead of doing crafted loops
-
- Closes #13627
-
-- setopt: acknowledge errors proper for CURLOPT_COOKIEJAR
-
- Error out on error, do not continue.
-
- Closes #13624
-
-- vtls: remove duplicate assign
-
- Curl_ssl_peer_cleanup() already clears the ->sni field, no point in
- assigning it again.
-
- Spotted by CodeSonar
-
- Closes #13626
-
-Max Dymond (13 May 2024)
-
-- Group all non-major updates together to reduce PR spam
-
-- Add the remainder of the workflows
-
-- Add some basic versioning for some workflows to check whether this is detecte
- d properly
-
-renovate[bot] (13 May 2024)
-
-- Add renovate.json
-
-Daniel Stenberg (13 May 2024)
-
-- vauth: make two functions void that always just returned OK
-
- Removes the need to check return values when they can never fail.
-
- Pointed out by CodeSonar
-
- Closes #13621
-
-- setopt: remove check for 'option' that is always true
-
- - make sure that passing in option set to NULL clears the fields
- correctly
-
- - remove the weird second take if Curl_parse_login_details() returns
- error
-
- Follow-up to 7333faf00bf25db7cd1e0012d6b140
-
- Spotted by CodeSonar
-
- Closes #13619
-
-Viktor Szakats (13 May 2024)
-
-- tests: tidy up types in server code
-
- Cherry-picked from #13489
- Closes #13610
-
-Daniel Stenberg (13 May 2024)
-
-- setopt: make the setstropt_userpwd args compulsory
-
- They were always used so no point in allowing them to be optional.
-
- follow-up to 0e37b42dc956bd8a
-
- Closes #13608
- Reviewed-by: Daniel Gustafsson
-
-- RELEASE-NOTES: synced
-
-Daniel Gustafsson (13 May 2024)
-
-- websocket: Avoid memory leak in error path
-
- In the errorpath for randstr being too long to copy into the buffer
- we leak the randstr when returning CURLE_FAILED_INIT. Fix by using
- an explicit free on randstr in the errorpath.
-
- Closes: #13602
- Reviewed-by: Daniel Stenberg <daniel@haxx.se>
-
-- hsts: Remove single-use single-line function
-
- The hsts_entry() function contains of a single line and is only
- used in a single place in the code, so move the allocation into
- hsts_create instead to improve code readability. C code usually
- don't use the factory abstraction for object creation, and this
- small example wasn't following our usual code style.
-
- Closes: #13604
- Reviewed-by: Daniel Stenberg <daniel@haxx.se>
-
-Viktor Szakats (12 May 2024)
-
-- lib: bump hash sizes to `size_t`
-
- Follow-up to cc907e80a2498c0599253271a6f657f614b52a4e #13502
- Cherry-picked from #13489
- Closes #13601
-
-- tests: make the unit test result type `CURLcode`
-
- Before this patch, the result code was a mixture of `int` and
- `CURLcode`.
-
- Also adjust casts and fix a couple of minor issues found along the way.
-
- Cherry-picked from #13489
- Closes #13600
-
-- appveyor: tidy-ups
-
- - delete a duplicate line.
- - simplify a `make` call.
- - merge two `if` branches.
- - reorder autotools options for clarity.
- - add `--enable-warnings` where missing (it's also the default.)
- - add empty lines to YAML for readability.
- - use lowercase install prefix/directory.
-
- Closes #13598
-
-Daniel Stenberg (12 May 2024)
-
-- docs/cmdline-opts: mention STARTTLS for --ssl and --ssl-reqd
-
- ... since users might look for those terms in the manpage.
-
- Closes #13590
-
-- setopt: warn on Curl_set*opt() uses not using the return value
-
- And switch the invokes that would "set" NULL to instead just plainly
- free the pointer, as those were otherwise the invokes that would ignore
- the return code. And possibly confuse static code analyzers.
-
- Closes #13591
-
-Orgad Shaneh (12 May 2024)
-
-- autotools: delete unused functions
-
- Closes #13605
-
-Viktor Szakats (11 May 2024)
-
-- examples: fix/silence `-Wsign-conversion`
-
- - extend `FD_SET()` hack to all platforms (was only Cygwin).
- Warnings may also happen in other envs, e.g. OmniOS.
- Ref: https://github.com/libssh2/libssh2/actions/runs/8854199687/job/2431676
- 2831#step:3:2021
-
- - tidy-up `CURLcode` vs `int` use.
-
- - cast an unsigned to `long` before passing to `curl_easy_setopt()`.
-
- Cherry-picked from #13489
- Follow-up to 3829759bd042c03225ae862062560f568ba1a231 #12489
- Closes #13501
-
-Orgad Shaneh (11 May 2024)
-
-- cmake: fix `HAVE_IOCTLSOCKET_FIONBIO` test with gcc 14
-
- The function signature has had u_long flags since ever. This is how it
- is defined in the documentation, and implemented in MinGW.
-
- The code that uses ioctlsocket in nonblock.c also has unsigned long.
-
- Error:
- CurlTests.c:275:41: error: passing argument 3 of 'ioctlsocket' from incompati
- ble pointer type [-Wincompatible-pointer-types]
- 275 | if(0 != ioctlsocket(0, FIONBIO, &flags))
- | ^~~~~~
- | |
- | int *
- In file included from CurlTests.c:266:
- /opt/mxe/usr/i686-w64-mingw32.static/include/winsock2.h:1007:76: note: expect
- ed 'u_long *' {aka 'long unsigned int *'} but argument is of type 'int *'
- 1007 | WINSOCK_API_LINKAGE int WSAAPI ioctlsocket(SOCKET s,__LONG32 cmd,u_
- long *argp);
- | ~~
- ~~~~~~^~~~
-
- Closes #13578
-
-Jay Satiro (10 May 2024)
-
-- ftp: fix build for CURL_DISABLE_VERBOSE_STRINGS
-
- This is a follow-up to b7c7dffe which changed the FTP state change
- verbose debug text (aka infof) to tracing debug text (aka trc).
-
- Prior to this change if libcurl was without DEBUGBUILD and built with
- CURL_DISABLE_VERBOSE_STRINGS (ie --disable-verbose) the build would
- error.
-
- Caught by Circle CI job openssl-no-verbose.
-
-- lib: clear the easy handle's saved errno before transfer
-
- - Clear data->state.os_errno before transfer.
-
- - Explain the change in behavior in the CURLINFO_OS_ERRNO doc.
-
- - Add to the CURLINFO_OS_ERRNO doc the list of libcurl network-related
- errors that may cause the errno to be saved.
-
- data->state.os_errno is saved before libcurl returns a network-related
- failure such as connection failure. It is accessible to the user via
- CURLINFO_OS_ERRNO so they can get more information about the failure.
-
- Prior to this change it wasn't cleared before transfer, so if a user
- retrieved the saved errno it could be from a previous transfer. That is
- because an errno is not always saved for network-related errors.
-
- Closes https://github.com/curl/curl/pull/13574
-
-Stefan Eissing (10 May 2024)
-
-- ftp: add tracing support
-
- - add `Curl_trc_feat_ftp` for tracing via trace config
- - add macro CURL_TRC_FTP(data, fmt, ...)
- - replace DEBUGF(infof()) statements in ftp.c by CURL_TRC_FTP()
- - always trace FTP connection state
-
- Closes #13580
-
-Daniel Stenberg (10 May 2024)
-
-- http: remove redundant check
-
- Spotted by CodeSonar
-
- Closes #13582
-
-Viktor Szakats (10 May 2024)
-
-- ldap: fix unused variables (seen on OmniOS)
-
- ```
- ../../lib/ldap.c: In function 'ldap_do':
- ../../lib/ldap.c:380:11: error: unused variable 'ldap_ca' [-Werror=unused-v
- ariable]
- 380 | char *ldap_ca = conn->ssl_config.CAfile;
- | ^~~~~~~
- ../../lib/ldap.c:379:9: error: unused variable 'ldap_option' [-Werror=unuse
- d-variable]
- 379 | int ldap_option;
- | ^~~~~~~~~~~
- ```
- Ref: https://github.com/curl/curl/actions/runs/9033564377/job/24824192730#ste
- p:3:6059
-
- Ref: #13583
- Closes #13588
-
-Daniel Stenberg (10 May 2024)
-
-- url: make parse_login_details use memdup0
-
- Also make the user and password arguments mandatory, since all code
- paths in libcurl used them anyway.
-
- Adapted unit test case 1620 to the new rules.
-
- Closes #13584
-
-Orgad Shaneh (10 May 2024)
-
-- digest: replace strcpy for empty string with simple assignment
-
- Closes #13586
-
-Viktor Szakats (10 May 2024)
-
-- autotools: fix `HAVE_IOCTLSOCKET_FIONBIO` test for gcc 14
-
- ```
- conftest.c:152:41: error: passing argument 3 of 'ioctlsocket' from incompatib
- le pointer type [-Wincompatible-pointer-types]
- 152 | if(0 != ioctlsocket(0, FIONBIO, &flags))
- | ^~~~~~
- | |
- | int *
- ```
-
- Reported-by: LigH
- Fixes #13579
- Closes #13587
-
-- CI: ignore test 286 on Appveyor gcc 7 build
-
- Disabled earlier for gcc 9 builds. gcc 7 uses the same runner and
- prone to similar intermittent failures.
-
- Follow-up to f1e05a6e6e7225fa09952abb2c935ae1abe44f45 #12106 #12040
- Closes #13575
-
-Daniel Stenberg (10 May 2024)
-
-- cf-socket: don't try getting local IP without socket
-
- In cf_tcp_connect(), it might fail and not get a socket assigned to
- ctx->sock but set_local_ip() is still called which would make
- getsockname() get invoked with a negative file desriptor and fail.
-
- By adding this check, set_local_ip() will now instead blank out the
- fields correctly.
-
- Spotted by CodeSonar
-
- Closes #13577
-
-- tool_getparam: remove two redundant conditions
-
- When getstr() does not return error, it returns a valid pointer.
-
- Spotted by CodeSonar
-
- Closes #13576
-
-Stefan Eissing (10 May 2024)
-
-- quiche: trust its timeout handling
-
- - set the idle timeout transport parameter
- in milliseconds as documented by quiche
- - do not calculate the idle timeout, rely on
- quiche handling it
-
- Closes #13581
-
-Daniel Stenberg (10 May 2024)
-
-- dmaketgz: accept a SOURCE_DATE_EPOCH as an second argument
-
- to make it easier to reproduce a tarball
-
- Closes #13573
-
-- RELEASE-NOTES: synced
-
-Stefan Eissing (10 May 2024)
-
-- h3/ngtcp2: improve error handling
-
- - identify ngtcp2 and nghttp3 error codes that are fatal
- - close quic connection on fatal errors
- - refuse further filter operations once connection is closed
- - confusion about the nghttp3 API. We should close the QUIC stream on
- cancel and not use the nghttp3 calls intended to be invoked when the
- QUIC stream was closed by the peer.
-
- Closes #13562
-
-Jay Satiro (10 May 2024)
-
-- docs: fix some CURLINFO examples
-
- - improve getinfo result check for example sections:
- CURLINFO_ACTIVESOCKET, CURLINFO_LASTSOCKET, CURLINFO_SSL_VERIFYRESULT,
- CURLINFO_PROXY_SSL_VERIFYRESULT
-
- - fix getinfo result check for example sections:
- CURLINFO_NUM_CONNECTS, CURLINFO_OS_ERRNO
-
- - fix verify result check for example sections:
- CURLINFO_PROXY_SSL_VERIFYRESULT
-
- Bug: https://github.com/curl/curl/discussions/13557#discussion-6625507
- Reported-by: farazrbx@users.noreply.github.com
-
- Closes https://github.com/curl/curl/pull/13559
-
-Daniel Stenberg (9 May 2024)
-
-- KNOWN_BUGS: gssapi library name + version is missing in curl_version_info()
-
- Closes #13492
- Closes #13570
-
-- krb5: use dynbuf
-
- Closes #13568
-
-- managen: fix the option sort order
-
- ... it used to strip off the .d file extension to sort correctly but
- ever since the extension changed to .md the operation failed and the
- sort got wrong.
-
- Follow-up to 2494b8dd5175cee7f2e
-
- Closes #13567
-
-Stefan Eissing (8 May 2024)
-
-- GHA: repair the linux-old job
-
- package libc6_2.28-10+deb10u2_amd64.deb changed to
- libc6_2.28-10+deb10u3_amd64.deb
-
- Closes #13564
-
-Viktor Szakats (8 May 2024)
-
-- appveyor: make gcc 6 mingw64 job build-only
-
- This job has proven to be the flakiest of all, and it's also the oldest
- Windows runner we had tests running on: 'Visual Studio 2015', that is
- running on Windows Server 2012 R2:
- https://www.appveyor.com/docs/windows-images-software/
-
- Turn off tests on this job to help stabilizing CI runs.
-
- This was also one of the slowest running job amongst the AppVeyor CI ones.
-
- Flakiness data:
- https://testclutch.curl.se/static/reports/summary.html
- Entries:
- Appveyor / CMake, mingw-w64, gcc 6, Debug, x86, Schannel, Static, no-unity
- (curl) [current]
- Appveyor / CMake, mingw-w64, gcc 6, Debug, x86, Schannel, Static (curl) [fo
- rmer]
-
- Closes #13566
-
-Stefan Eissing (8 May 2024)
-
-- unit2604: use alloc instead of overlong string const
-
- Closes #13563
-
-Daniel Gustafsson (8 May 2024)
-
-- bufq: remove duplicate word in comment
-
- Inspired by 13552.
-
- Closes: #13554
- Reviewed-by: Daniel Stenberg <daniel@haxx.se>
-
-Viktor Szakats (8 May 2024)
-
-- lib/cf-h1-proxy: silence compiler warnings (gcc 14)
-
- They came up ealier with gcc 12 (Windows), but apparently gcc 14 is
- still reporting them, also under Linux.
-
- ```
- /home/runner/work/curl-for-win/curl-for-win/curl/lib/cf-h1-proxy.c: In functi
- on 'cf_h1_proxy_close':
- /home/runner/work/curl-for-win/curl-for-win/curl/lib/cf-h1-proxy.c:1060:17: w
- arning: null pointer dereference [-Wnull-dereference]
- 1060 | cf->connected = FALSE;
- /home/runner/work/curl-for-win/curl-for-win/curl/lib/cf-h1-proxy.c:1061:8: wa
- rning: null pointer dereference [-Wnull-dereference]
- 1061 | if(cf->ctx) {
- | ~~^~~~~
- In function 'tunnel_free',
- inlined from 'cf_h1_proxy_destroy' at /home/runner/work/curl-for-win/curl
- -for-win/curl/lib/cf-h1-proxy.c:1053:3:
- /home/runner/work/curl-for-win/curl-for-win/curl/lib/cf-h1-proxy.c:198:27: wa
- rning: null pointer dereference [-Wnull-dereference]
- 198 | struct h1_tunnel_state *ts = cf->ctx;
- | ^~
- ```
- Ref: https://github.com/curl/curl-for-win/actions/runs/8985369476/job/2467921
- 9528#step:3:6320
-
- Fixes #13237
- Closes #13555
-
-Michał Antoniak (8 May 2024)
-
-- mbedtls: support TLS 1.3
-
- Closes #13539
-
-Daniel Stenberg (8 May 2024)
-
-- version: use msnprintf instead of strncpy
-
- - to ensure a terminating null byte
- - to avoid zero-padding the target
-
- debug code only
-
- Closes #13549
-
-- curl_path: make Curl_get_pathname use dynbuf
-
- ... instead of malloc and memcpy
-
- - unit test 2604 verifies Curl_get_pathname()
-
- Closes #13550
-
-- lib: make protocol handlers store scheme name lowercase
-
- - saves a lowercase operation when the "[scheme]_proxy" name is
- generated
- - appears less "shouting"
- - update test 970, 972, 1438 and 1536
-
- Closes #13553
-
-- lib: remove two instances of "only only" messages
-
- Fixes #13551
- Reported-by: Lucas Nussbaum
- Closes #13552
-
-Pavel Pavlov (7 May 2024)
-
-- asyn-thread: fix curl_global_cleanup crash in Windows
-
- - Make sure that asynchronous resolves handled by Winsock are stopped
- before WSACleanup is called.
-
- This is implemented by ensuring that when Curl_resolver_kill is called
- (eg via multi_done) it will cancel the Winsock asynchronous resolve and
- wait for the cancellation to complete. Winsock runs the asynchronous
- completion routine immediately when a resolve is canceled.
-
- Prior to this change it was possible that during curl_global_cleanup
- "a DNS resolver thread created by GetAddrInfoExW did not terminate yet,
- however curl is already shutting down, deinitializing Winsock with
- WSACleanup() leading to an access violation."
-
- Background:
-
- If libcurl is built with the asynchronous threaded resolver option for
- Windows then it resolves in one of two ways. For Windows 8.1 and later,
- libcurl resolves by using the Winsock asynchronous resolver which does
- its own thread management. For older versions of Windows, libcurl
- resolves by creating a separate thread that calls getaddrinfo. This
- change only affects the former and it's already handled for the latter.
-
- Reported-by: Ch40zz@users.noreply.github.com
-
- Fixes https://github.com/curl/curl/issues/13509
- Closes https://github.com/curl/curl/pull/13518
-
-Jay Satiro (7 May 2024)
-
-- asyn-thread: fix Curl_thread_create result check
-
- - Compare to curl_thread_t_null instead of 0 for error.
-
- Currently for both supported thread libraries (pthreads and Windows)
- curl_thread_t_null is defined as 0. However, the pattern throughout the
- code is to check against curl_thread_t_null and not 0 since for
- posterity some thread library may not use 0 for error.
-
- Closes https://github.com/curl/curl/pull/13542
-
-- curl_multibyte: remove access() function wrapper for Windows
-
- - Remove curlx_win32_access() which was a wrapper to use access() in
- Windows.
-
- This is a follow-up to 602fc213, one of two commits which removed
- access() calls from the codebase and banned use of the function.
-
- Closes https://github.com/curl/curl/pull/13529
-
-Daniel Gustafsson (6 May 2024)
-
-- tls: Remove EXAMPLEs from deprecated options
-
- CURLOPT_EGDSOCKET and CURLOPT_RANDOM_FILE are both completely dead
- so remove their example sections since the code there is useless.
- There is still a way to inject a random file for OpenSSL older than
- 1.1.0 but it's not what the example showed (and it's not even done
- with this option) so we refrain from documenting it here.
-
- Closes: #13540
- Reviewed-by: Daniel Stenberg <daniel@haxx.se>
-
-- tests: Only require EXAMPLE for non-deprecated options
-
- Manpages which document deprecated CURLOPT_ or CURLINFO_ are not
- required to have an EXAMPLE section since they might effectively
- be dead no-ops which we don't want to trick users into believing
- they can use by copying example code.
-
- Closes: #13540
- Reviewed-by: Daniel Stenberg <daniel@haxx.se>
-
-Daniel Stenberg (6 May 2024)
-
-- EXPERIMENTAL: add graduation requirements for each feature
-
- Starting now, experimental features should have a set of documentated
- requirements of what is needed for the feature to graduate.
-
- This adds requirements to all existing experiments.
-
- Closes #13541
-
-Ivan (6 May 2024)
-
-- misc: fix typos, quoting and spelling
-
- Fix wording of comments, and misquotings where `' is markdown parsed
- where it shouldn't be, and remove a misspelled preprocessor comment
- which really isn't needed (and removing it makes it match surrounding
- code better).
-
- Closes: #13538
- Reviewed-by: Daniel Gustafsson <daniel@yesql.se>
-
-Daniel Gustafsson (6 May 2024)
-
-- tests: Mark tftpd timer function as noreturn
-
- This avoids the below compiler warning:
-
- tftpd.c:280:1: warning: function 'timer' could be declared with
- attribute 'noreturn' [-Wmissing-noreturn]
-
- Closes: #13534
- Reviewed-by: Daniel Stenberg <daniel@haxx.se>
-
-- doh: Remove unused function prototype
-
- Closes: #13536
- Reviewed-by: Daniel Stenberg <daniel@haxx.se>
-
-Daniel Stenberg (6 May 2024)
-
-- doh: cleanups in ECH related functions
-
- - make local_decode_rdata_name use dynbuf instead of calloc + memcpy
- - avoid extra memdup in local_decode_rdata_alpn
- - no need to if() before free()
- - use memdup instead of calloc + memcpy in Curl_doh_decode_httpsrr
-
- Reviewed-by: Stephen Farrell
- Closes #13526
-
-Viktor Szakats (5 May 2024)
-
-- libssh2: delete redundant feature guard
-
- Delete `HAVE_LIBSSH2_VERSION` (equivalent to
- `LIBSSH2_VERSION_NUM` > 0x010100) guard surrounding
- a `LIBSSH2_VERSION_NUM` > 0x010B00 one.
-
- Reviewed-by: Daniel Gustafsson
- Closes #13537
-
-Jan Venekamp (5 May 2024)
-
-- tool_cfgable: free {proxy_}cipher13_list on exit
-
- Author: Jan Venekamp
- Reviewed-by: Daniel Gustafsson <daniel@yesql.se>
- Closes: #13531
-
-RainRat (4 May 2024)
-
-- doh: Fix typo in comment
-
- Closes: #13504
- Author: RainRat on Github
- Reviewed-by: Daniel Stenberg <daniel@haxx.se>
- Reviewed-by: Daniel Gustafsson <daniel@yesql.se>
-
-Christian Schmitz (4 May 2024)
-
-- dynbuf: Fix returncode on memory error
-
- Curl_dyn_vaddf should return a proper error code in case allocating
- memory failed.
-
- Closes: #13533
- Author: Christian Schmitz <support@monkeybreadsoftware.de>
- Reviewed-by: Daniel Gustafsson <daniel@yesql.se>
-
-Daniel Stenberg (3 May 2024)
-
-- RELEASE-NOTES: synced
-
-Jan Venekamp (2 May 2024)
-
-- bearssl: use common code for cipher suite lookup
-
- Take advantage of the Curl_cipher_suite_walk_str() and
- Curl_cipher_suite_get_str() functions introduced in commit fba9afeb.
-
- This also fixes CURLOPT_SSL_CIPHER_LIST not working at all for bearssl
- due to commit ff74cef5.
-
- Closes #13464
-
-Daniel Stenberg (2 May 2024)
-
-- curl.h: change CURL_SSLVERSION_* from enum to defines
-
- C++20 and later compilers emit a deprecation warning if values from two
- different enums are combined with a bitwise operation the way the
- CURL_SSLVERSION_* values were previously created.
-
- Reported-by: Michael Kaufmann
- Fixes #13510
- Closes #13511
-
-- configure: error on missing perl if docs or manual is enabled
-
- Fixes #13508
- Reported-by: Harmen Stoppels
- Closes #13514
-
-- tool_cb_rea: limit rate unpause for -T . uploads
-
- To avoid getting stuck in a busy-loop when nothing is read from stdin,
- this function now checks the call rate and might enforce a short sleep
- when called repeatedly without uploading anything. It is a crude
- work-around to avoid a 100% busy CPU.
-
- Reported-by: magisterquis on hackerone
- Fixes #13174
- Closes #13506
-
-Viktor Szakats (1 May 2024)
-
-- appveyor: enable websockets for VS2017 jobs
-
- Follow-up to eb4fe6c6340c3d5b0c347c6e30be004d4f9117d7 #13232
- Closes #13513
-
-Daniel Stenberg (30 Apr 2024)
-
-- if2ip: make the buf_size arg a size_t
-
- sizes should be size_t
-
- Ref: #13489
- Closes #13505
-
-- cf-https-connect: use timeouts as unsigned ints
-
- To match the type used in 'set.happy_eyeballs_timeout'.
-
- Ref: #13489
- Closes #13503
-
-- hash: change 'slots' to size_t from int
-
- - an unsigned type makes more sense
- - size_t seems suitable
- - on 64 bit args, the struct alignment makes the new Curl_hash remain
- the same size
-
- Closes #13502
-
-Viktor Szakats (30 Apr 2024)
-
-- libssh2: replace `access()` with `stat()`
-
- Prefer `stat()` to verify the presence of key files.
-
- This drops the last uses of `access()` in the codebase, which was
- reported to cause issues in some cases.
-
- Also add `access()` to the list of banned functions in checksrc.
-
- Ref: https://github.com/curl/curl/pull/13412#issuecomment-2065505415
- Ref: https://github.com/curl/curl/pull/13482#issuecomment-2078980522
- Ref: #13497
- Co-authored-by: Jay Satiro
- Closes #13498
-
-Daniel Stenberg (30 Apr 2024)
-
-- multi: remove useless assignment
-
- Spotted by CodeSonar
-
- Closes #13500
-
-- RELEASE-NOTES: synced
-
-fuzzard (29 Apr 2024)
-
-- cmake: FindNGHTTP2 add static lib name to find_library call
-
- Add the static library name, nghttp2_static as a name to search.
-
- This provides cmake parity with the winbuild Makefile.vc allowing
- the cmake build to find and allow the link to static nghttp2 library.
-
-Viktor Szakats (29 Apr 2024)
-
-- DISTROS: add patch and issues link for curl-for-win
-
- curl-for-win sometimes includes curl patches that were already merged in
- master, but not yet part of a stable release.
-
- Also include the Issues link. Build-specific issues are handled there.
-
- Ref: #13493
- Closes #13499
-
-Daniel Stenberg (29 Apr 2024)
-
-- mime: avoid using access()
-
- If stat() fails, there is no point in calling access()
-
- Also: return error immediately if the stat() fails.
-
- Ref: #13482
- Closes #13497
-
-Stefan Eissing (29 Apr 2024)
-
-- tests: add SNI and peer name checks
-
- - connect to DNS names with trailing dot
- - connect to DNS names with double trailing dot
- - rustls, always give `peer->hostname` and let it
- figure out SNI itself
- - add SNI tests for ip address and localhost
- - document in code and TODO that QUIC with ngtcp2+wolfssl
- does not do proper peer verification of the certificate
- - mbedtls, skip tests with ip address verification as not
- supported by the library
-
- Closes #13486
-
-Daniel Stenberg (29 Apr 2024)
-
-- curl_getdate.md: document two-digit year handling
-
- Mentioned-by: Paul Gilmartin
- Ref: https://curl.se/mail/archive-2024-04/0014.html
- Closes #13494
-
-Viktor Szakats (29 Apr 2024)
-
-- cmake: add `BUILD_EXAMPLES` option to build examples
-
- You can enable it with `-DBUILD_EXAMPLES=ON`.
-
- To match autotools' `make examples` feature.
- Windows (static) builds not tested.
-
- Also enable examples in a pair of CI jobs.
-
- Apply related updates to the macOS CI workflow:
- - drop unused `CXX` envs.
- - drop no longer needed `-Wno-error=undef -Wno-error=conversion` flags.
- - pass `-Wno-deprecated-declarations` to GCC too (for `BUILD_EXAMPLES`).
- - document why `-Wno-deprecated-declarations` is necessary.
-
- Closes #13491
-
-Stefan Eissing (26 Apr 2024)
-
-- http3: quiche+ngtcp2 improvements
-
- - quiche: error transfers that try to receive on a closed
- or draining connection
- - ngtcp2: use callback for extending max bidi streams. This
- allows more precise calculation of MAX_CONCURRENT as we
- only can start a new stream when the server acknowledges
- the close - not when we locally have closed it.
- - remove a fprintf() from h2-download client to avoid excess
- log files on tests timing out.
-
- Closes #13475
-
-- vtls: TLS session storage overhaul
-
- - add session with destructor callback
- - remove vtls `session_free` method
- - let `Curl_ssl_addsessionid()` take ownership
- of session object, freeing it also on failures
- - change tls backend use
- - test_17, add tests for SSL session resumption
-
- Closes #13386
-
-- multi: multi_wait improvements
-
- - only call `multi_getsock()` once for all transfers
- - realloc pollset array on demand
- - fold repeated sockets
-
- Closes #13150
-
-Philip Heiduck (25 Apr 2024)
-
-- ci: remove microsoft-prod.list
-
- This is added by default, and it is often broken, but we don't need
- anything from it.
-
- Closes #13473
-
-Evgeny Grin (Karlson2k) (25 Apr 2024)
-
-- curl_setup.h: detect 'inline' support
-
- Closes #13355
-
-Daniel Stenberg (25 Apr 2024)
-
-- multi: avoid memory-leak risk
-
- 'newurl' is allocated in some conditions and used in a few scenarios,
- but there were theoretical combinations in which it would not get freed.
- Move the free to happen unconditionally. Never triggered by tests, but
- spotted by Coverity.
-
- Closes #13471
-
-Johann Sebastian Schicho (25 Apr 2024)
-
-- sendf: Curl_cwriter_write: remove comment disallowing zero length writes
-
- They are needed to pass CLIENTWRITE_EOS.
-
- Closes #13477
-
-Stefan Eissing (25 Apr 2024)
-
-- CI: macos fixes for new ARM GHA images
-
- - based on #13478 with additions from #13476
- - make homebrew install path flexible
- - fix OpenSSL pkgconfig files libdir
- - add path to --with-libssh2 target
- - disable gcc securetransport due to linker
- errors (missing symbols), probably because
- the os version is no longer low enough
-
- Assisted-by: Viktor Szakats
-
- Closes #13479
-
-- content_encoding: ignore duplicate chunked encoding
-
- - ignore duplicate "chunked" transfer-encodings from
- a server to accomodate for broken implementations
- - add test1482 and test1483
-
- Reported-by: Mel Zuser
- Fixes #13451
- Closes #13461
-
-Daniel Stenberg (25 Apr 2024)
-
-- tool: move tool_ftruncate64 to tool_util.c
-
- ... and the prototype to tool_setup.h, to make them both available more
- widely and accurately.
-
- Follow-up to 00bef95946d3511
-
- Fixes #13458
- Closes #13459
-
-Viktor Szakats (24 Apr 2024)
-
-- lib: silence `-Wsign-conversion` in base64, strcase, mprintf
-
- Closes #13467
-
-- CI: retain failure code after `./configure` with Circle CI
-
- Suggested-by: Dan Fandrich
- Follow-up to 43299e93c06b96fea8a8dc9b1c2e49c82bc21801 #13462
- Follow-up to d7332e3e46c3ef401b34e6a1a129eb4dd846c452 #12635
- Closes #13468
-
-Daniel Stenberg (24 Apr 2024)
-
-- RELEASE-NOTES: synced
-
-Jan Venekamp (24 Apr 2024)
-
-- mbedTLS: implement CURLOPT_SSL_CIPHER_LIST option
-
- Use a lookup list to set the cipher suites, allowing the
- ciphers to be set by either openssl or IANA names.
-
- To keep the binary size of the lookup list down we compress
- each entry in the cipher list down to 2 + 6 bytes using the
- C preprocessor.
-
- Closes #13442
-
-Viktor Szakats (24 Apr 2024)
-
-- CI: show more failed `config.log` on Circle CI
-
- Show last 1000 lines of `config.log` if `./configure` fails. This was
- already done for one job, this patch extends it to all.
-
- Ref: #13438
- Closes #13462
-
-Daniel Stenberg (24 Apr 2024)
-
-- telnet: check return code from fileno()
-
- and return error if necessary
-
- Spotted by CodeSonar
-
- Closes #13457
-
-Viktor Szakats (24 Apr 2024)
-
-- tls: fix SecureTransport + BearSSL cmake unity builds
-
- Avoid clashing static function names by namespacing them.
-
- Pointed-out-by: Jan Venekamp
- Ref: https://github.com/curl/curl/pull/13442#discussion_r1576350700
- Closes #13450
-
-Jay Satiro (24 Apr 2024)
-
-- dllmain: Call OpenSSL thread cleanup for Windows and Cygwin
-
- - Call OPENSSL_thread_stop on thread termination (DLL_THREAD_DETACH)
- to prevent a memory leak in case OpenSSL is linked statically.
-
- - Warn in libcurl-thread.3 that if OpenSSL is linked statically then it
- may require thread cleanup.
-
- OpenSSL may need per-thread cleanup to stop a memory leak. For Windows
- and Cygwin if libcurl was built as a DLL then we can do that for the
- user by calling OPENSSL_thread_stop on thread termination. However, if
- libcurl was built statically then we do not have notification of thread
- termination and cannot do that for the user.
-
- Also, there are several other unusual cases where it may be necessary
- for the user to call OPENSSL_thread_stop, so in the libcurl-thread
- warning I added a link to the OpenSSL documentation.
-
- Co-authored-by: Viktor Szakats
-
- Reported-by: southernedge@users.noreply.github.com
- Reported-by: zmcx16@users.noreply.github.com
-
- Ref: https://www.openssl.org/docs/man3.0/man3/OPENSSL_thread_stop.html#NOTES
-
- Fixes https://github.com/curl/curl/issues/12327
- Closes https://github.com/curl/curl/pull/12408
-
-Jan Venekamp (24 Apr 2024)
-
-- rustls: remove incorrect SSLSUPP_TLS13_CIPHERSUITES flag
-
- The rustls backend advertises SSLSUPP_TLS13_CIPHERSUITES, but
- the code does not actually seem to support it (yet?). Removed
- the flag and corrected documentation.
-
- Closes #13452
-
-Stefan Eissing (24 Apr 2024)
-
-- quiche: expire all active transfers on connection close
-
- - when a connection close is detected, all ongoing transfers
- need to expire bc no more POLL events are likely to happen
- for them.
-
- Fixes #13439
- Reported-by: Jay Satiro
- Closes #13447
-
-Dan Fandrich (23 Apr 2024)
-
-- tests: fix feature case in test1481
-
- This test was being skipped everywhere because the feature never
- matched.
-
- Closes #13445
-
-Gusted (23 Apr 2024)
-
-- tool_operate: don't truncate the etag save file by default
-
- This fixes a regression of 75d79a4486b279100209ddf8c7fdb12955fb66e9. The
- code in tool-operate truncated the etag save file, under the assumption
- that the file would be written with a new etag value. However since
- 75d79a4486b279100209ddf8c7fdb12955fb66e9 that might not be the case
- anymore and could result in the file being truncated when --etag-compare
- and --etag-save was used and that the etag value matched with what the
- server responded. Instead the truncation should not be done when a new
- etag value should be written.
-
- Test 3204 was added to verify that the file with the etag value doesn't
- change the contents when used by --etag-compare and --etage-save and
- that value matches with what the server returns on a non 2xx response.
-
- Closes #13432
-
-Abdullah Alyan (22 Apr 2024)
-
-- tests: enable test 1117 for hyper
-
- Closes #13436
-
-Daniel Stenberg (22 Apr 2024)
-
-- sendf: useless assignment in cr_lc_read()
-
- Spotted by CodeSonar
-
- Closes #13437
-
-- tool_paramhlp: remove duplicate assign
-
- Spotted by CodeSonar
-
- Closes #13433
-
-- transfer: remove useless assignment
-
- in Curl_xfer_recv_resp
-
- Spotted by CodeSonar
-
- Closes #13435
-
-- http: acknowledge a returned error code
-
- ... and do not overwrite it with a new value that could then hide the
- problem.
-
- Spotted by CodeSonar
-
- Closes #13434
-
-- tool_operate: init vars unconditionally in post_per_transfer
-
- In case of (the unlikely) early return, they could otherwise remain
- uninitialized
-
- Spotted by CodeSonar
-
- Closes #13430
-
-- RELEASE-NOTES: synced
-
-- urlapi: allow setting port number zero
-
- Also set and check errno when strtoul() parsing numbers for better error
- checking.
-
- Updated test 1560
-
- Closes #13427
-
-- http_aws_sigv4: remove useless assignment
-
- This code assigned the variable the same value it already had
-
- Spotted by CodeSonar
-
- Closes #13426
-
-- file: remove useless assignment
-
- This code assigned the variable the same value it already had.
-
- Spotted by CodeSonar
-
- Closes #13425
-
-- test2406: verify -f with HTTP/2
-
-Stefan Eissing (19 Apr 2024)
-
-- http2 + ngtcp2: pass CURLcode errors from callbacks
-
- - errors returned by Curl_xfer_write_resp() and the header variant are
- not errors in the protocol. The result needs to be returned on the
- next recv() from the protocol filter.
-
- - make xfer write errors for response data cause the stream to be
- cancelled
-
- - added pytest test_02_14 and test_02_15 to verify that also for
- parallel processing
-
- Reported-by: Laramie Leavitt
- Fixes #13411
- Closes #13424
-
-Daniel Stenberg (19 Apr 2024)
-
-- request: make Curl_req_init return void
-
- Since it could not return error and therefore this change removes dead
- code for the caller.
-
- Spotted by CodeSonar.
-
- Closes #13423
-
-- multi: remove the unused Curl_preconnect function
-
- The implementation has been removed, no point in keeping it around.
-
- Follow-up to 476adfeac019ed
-
- Closes #13422
-
-- Curl_creader_read: init two variables to avoid using them uninited
-
- Spotted by CodeSonar
-
- Closes #13419
-
-- http: reject HTTP major version switch mid connection
-
- A connection that has seen an HTTP major version now refuses any other
- major HTTP version in future responses. Previously, a HTTP/1.x
- connection would just silently accept HTTP/2 or HTTP/3 in the status
- lines as long as it had support for those built-in. It would then just
- lead to confusion and badness.
-
- Indirectly Spotted by CodeSonar which identified a duplicate assignment
- in this function.
-
- Add test 471 to verify
-
- Closes #13421
-
-- mqtt: when Curl_xfer_recv returns error, don't use nread
-
- A returned error code makes other return value unreliable, and in this
- case potentially uninitialized. On error, do not read other return
- values like the nread counter.
-
- Spotted by CodeSonar
-
- Closes #13418
-
-- ftp: fix socket leak on rare error
-
- In the function AcceptServerConnect() the newly created socket would
- leak if Curl_conn_tcp_accepted_set() returns error. Which basically
- should never happen.
-
- Spotted by CodeSonar.
-
- Closes #13417
-
-- urlapi: remove unused flags argument from Curl_url_set_authority
-
- The function is only called from a single place (for HTTP/2 server push)
- so might as well just assume this fixed option every time.
-
- Closes #13409
-
-- github/ISSUE_TEMPLATE: tweak the commericual support text
-
-- github/ISSUE_TEMPLATE: link the GitHub discussions too
-
- ... and move the feature request line to the bottom.
-
-- curl_url_get.md: clarify queries and fragments and CURLU_GET_EMPTY
-
- Follow-up to 3eac21d86bc5
-
- Closes #13407
-
-Stefan Eissing (18 Apr 2024)
-
-- tests: check caddy server version to match test expectations
-
- - new caddy servers no longer return 200 on POSTs, but 405
- as they should
-
- Closes #13405
-
-Daniel Stenberg (18 Apr 2024)
-
-- curl_url_set.md: extended
-
- Closes #13404
-
-- urlapi: add CURLU_GET_EMPTY for empty queries and fragments
-
- By default the API inhibits empty queries and fragments extracted.
- Unless this new flag is set.
-
- This also makes the behavior more consistent: without it set, zero
- length queries and fragments are considered not present in the URL. With
- the flag set, they are returned as a zero length strings if they were in
- fact present in the URL.
-
- This applies when extracting the individual query and fragment
- components and for the full URL.
-
- Closes #13396
-
-- RELEASE-NOTES: synced
-
-- lib1560: test with leading zeroes and more IPv4 versions
-
- Inspired by WHATWG URL Spec test inputs
-
- Closes #13400
-
-Christian Schmitz (17 Apr 2024)
-
-- smtp: result of Curl_bufq_cread was not used
-
- return the result back to the caller.
-
- Closes #13398
-
-Daniel Stenberg (17 Apr 2024)
-
-- urlapi: fix relative redirects to fragment-only
-
- Using the URL API for a redirect URL when the redirected-to string
- starts with a hash, ie is only a fragment, the API would produce the
- wrong final URL.
-
- Adjusted test 1560 to test for several new redirect cases.
-
- Closes #13394
-
-Jiwoo Park (17 Apr 2024)
-
-- url: fix use of an uninitialized variable
-
- Closes #13399
-
-Patrick Monnerat (17 Apr 2024)
-
-- os400: sync with latest changes
-
- - Conversion support for new version info character field rtmp_version.
- - New ILE/RPG declarations.
-
- Closes #13402
-
-Daniel Stenberg (17 Apr 2024)
-
-- ngtcp2: fix macro use
-
- macro "H3_STREAM_CTX" requires 2 arguments, but only 1 given
-
- Follow-up to c6655f7029ec5c128561e3ecf1f93db3ed0432a4
-
- Closes #13401
-
-Christian Schmitz (17 Apr 2024)
-
-- sendf: fix two typos in comments
-
- The parameters are named data, not date.
-
- Closes #13393
-
-- lib: silence warnings on comma misuse
-
- Building curl with -Wcomma, I see warnings about "possible misuse of
- comma operator here" and moving fields assignment out of the for() fixes
- it.
-
- Closes #13392
-
-Stefan Eissing (17 Apr 2024)
-
-- http/2, http/3: decouple stream state from easy handle
-
- - add `Curl_hash_offt` as hashmap between a `curl_off_t` and
- an object. Use this in h2+h3 connection filters to associate
- `data->id` with the internal stream state.
- - changed implementations of all affected connection filters
- - removed `h2_ctx*` and `h3_ctx*` from `struct HTTP` and thus
- the easy handle
- - solves the problem of attaching "foreign protocol" easy handles
- during connection shutdown
-
- Test 1616 verifies the new hash functions.
-
- Closes #13204
-
-Daniel Stenberg (17 Apr 2024)
-
-- ROADMAP: remove completed entries, mention websocket
-
-- THANKS-filter: name fixes
-
-Christian Schmitz (17 Apr 2024)
-
-- winbuild: add ENABLE_WEBSOCKETS option
-
- Closes #13232
-
-Daniel Stenberg (17 Apr 2024)
-
-- dmaketgz: compacter
-
- Removes the need for disabling shellcheck warnings.
-
- Follow-up to d28f74913c2
- Proposed-by: Viktor Szakats
- Closes #13391
-
-Dan Fandrich (16 Apr 2024)
-
-- tests: Fix uninitialized value warning
-
- The check for an option must be predicated on options existing at all.
-
- Follow-up to f7cc9e91
-
-Christian Schmitz (17 Apr 2024)
-
-- idn: add native AppleIDN (icucore) support for macOS/iOS
-
- I implemented the IDN functions for macOS and iOS using Unicode
- libraries coming with macOS and iOS.
-
- Builds and runs here on macOS 14.2.1. Also verified to load and
- run on older macOS version 10.13.
-
- Build requires macOS SDK 13 or equivalent.
-
- Set `-DUSE_APPLE_IDN=ON` CMake option to enable it.
- With autotools and other build tools, set these manual options:
- ```
- CPPFLAGS=-DUSE_APPLE_IDN
- LIBS=-licucore
- ```
-
- Completes TODO 1.6.
-
- TODO: add autotools option and feature-detection.
-
- Refs: #5330 #5371
- Co-authored-by: Viktor Szakats
- Closes #13246
-
-Stefan Eissing (16 Apr 2024)
-
-- http3: extend download abort tests, fixes in ngtcp2
-
- - fix flow handling in ngtcp2 to ACK data on streams
- we abort ourself.
- - extend test_02_23* cases to also run for h3
- - skip test_02_23* for OpenSSL QUIC as it gets stalled
- on progressing the connection
-
- Closes #13374
-
-Daniel Stenberg (16 Apr 2024)
-
-- tests: add -q as first option when invoking curl for tests
-
- To reduce the risk that the user running the tests has a .curlrc present
- that messes things up.
-
- Support 'option="no-q"' for the <command> tag to switch it off on demand.
- Use this new feature in test 433 and 436.
-
- Ref: #13284
- Closes #13387
-
-- dmaketgz: release tarball generation using docker
-
- For easier reproducibility.
-
- Mention using this script in RELEASE-PROCEDURE
-
- Closes #13388
-
-Viktor Szakats (16 Apr 2024)
-
-- cmake: update ECH code and minor fixups
-
- - `openssl_check_symbol_exists()` expects a 4th argument now.
- Follow-up to edc2702a1fe3a4a5386ffd9aa4f240f0c0197fa2 #13373
-
- - minor comment/script touch-ups.
- Follow-up to a362962b7289ec02b412890c9515657cf0ed50ac #11922
-
- - fix indentation.
-
- Closes #13383
-
-- tests: fix shellcheck issues in `ech_tests.sh`
-
- Add double-quotes where missing.
-
- Follow-up to a362962b7289ec02b412890c9515657cf0ed50ac #11922
- Closes #13382
-
-- dist: add ECH files to tarball
-
- Also sort `EXTRA_DIST` list in `tests/Makefile.am` and make it diffable.
-
- Follow-up to a362962b7289ec02b412890c9515657cf0ed50ac #11922
- Closes #13381
-
-- openvms: look for `USE_IPV6` in `config.h` (was: `ENABLE_IPV6`)
-
- The OpenVMS script `config_h.com` is parsing the config header
- generated by autotools. Let's make it look for the macro name we now
- use universally across the codebase.
-
- Follow-up to e411c98f702f0fb38dceec95e7507ef15a00d12c #13349
- Closes #13360
-
-daniel-j-h (16 Apr 2024)
-
-- Dockerfile: for release automation and reproducibility
-
- Closes #13250
-
-Stefan Eissing (16 Apr 2024)
-
-- cw-out: improved error handling
-
- - remember error encountered in invoking write callback and always fail
- afterwards without further invokes
-
- - check behaviour in test_02_17 with h2-pausing client
-
- Reported-by: Pavel Kropachev
- Fixes #13337
- Closes #13340
-
-Daniel Stenberg (16 Apr 2024)
-
-- version: add "ECH" as a feature
-
- If available
-
- Follow-up to a362962b7
- Closes #13378
-
-- CURLOPT_ECH: polish
-
- - remove the pointer to build instructions, it won't work in manpages
- - add see-also
- - minor white space edits
-
- Closes #13379
-
-Viktor Szakats (16 Apr 2024)
-
-- tidy-up: whitespace [ci skip]
-
-- mbedtls: fix building with v3 in CMake Unity mode
-
- Before this patch the internal feature detection macro
- `HAS_MBEDTLS_RESULT_CODE_BASED_FUNCTIONS` was defined in three files,
- with an incomplete logic in one of them. In Unity mode that spilled
- into another source file and broke the build.
-
- Closes #13377
-
-- cmake: add librtmp/rtmpdump option and detection
-
- Add CMake option `USE_LIBRTMP`. Disabled by default.
-
- This library requires OpenSSL TLS-backend when linked statically.
-
- Follow-up to 6eb9e65781fa1fd8a0bcfe0715187a3a35f09ae4 #13364
- Closes #13373
-
-Stephen Farrell (16 Apr 2024)
-
-- TLS: add support for ECH (Encrypted Client Hello)
-
- An EXPERIMENTAL feature used with CURLOPT_ECH and --ech.
-
- Closes #11922
-
-Daniel Stenberg (15 Apr 2024)
-
-- RELEASE-NOTES: synced
-
-- multi: introduce SETUP state for better timeouts
-
- Since we can go to the CONNECT state from PENDING, potentially multiple
- times for a single transfer, this change introdues a SETUP state that
- happens before CONNECT when doing a new transfer.
-
- Now, doing a redirect on a handle goes back to SETUP (not CONNECT like
- before) and we initilize the connect timeout etc in SETUP. Previously,
- we would do it in CONNECT but that would make it unreliable in cases
- where a transfer goes in and out between CONNECT and PENDING multiple
- times.
-
- SETUP is transient, so the handle never actually stays in that state.
-
- Additionally: take care of timeouts of PENDING transfers in
- curl_multi_perform()
-
- Ref: #13227
- Closes #13371
-
-Tal Regev (15 Apr 2024)
-
-- cmake: forward `USE_LIBRTMP` option to C
-
- Define in C `USE_LIBRTMP` if user requested it from cmake.
-
- Closes #13364
-
-Daniel Stenberg (15 Apr 2024)
-
-- curl_version_info: provide librtmp version
-
- Ref: https://github.com/curl/curl/pull/13364#issuecomment-2054151942
- Reported-by: talregev on github
- Closes #13368
-
-blankie (15 Apr 2024)
-
-- docs: clarify CURLOPT_MAXFILESIZE and CURLOPT_MAXFILESIZE_LARGE
-
- The bounds of the size parameter were not specified, and nor was it
- specified how to disable the maximum file size check.
-
- The documentation also incorrectly stated that CURLOPT_MAXFILESIZE
- always returns CURLE_OK and that CURLOPT_MAXFILESIZE_LARGE only returns
- CURLE_OK or CURLE_UNKNOWN_OPTION.
-
- It also did not mention what the default value is, which is zero. This
- commit updates the documentation to make note of all these things.
-
- Closes #13372
-
-Patrick Monnerat (15 Apr 2024)
-
-- OS400: post-shellcheck changes adjustments
-
- Build scripts must be executed by the os/400 shell (sh), not bash which
- is a PASE program.
-
- Shell function get_make_vars() escaping reworked to match $() subcommand
- construct.
-
- Follow-up to 8a622baf9e9233241bbe93d6599c99cb46478614
- Closes #13366
-
-Viktor Szakats (15 Apr 2024)
-
-- OS400: tidy-up
-
- Drop/fixup mods trying to make some syntax highlighters happier.
-
- Follow-up to 8a622baf9e9233241bbe93d6599c99cb46478614 #13309
- Closes #13362
-
-Daniel Stenberg (15 Apr 2024)
-
-- multi: timeout handles even without connection
-
- When there is a "change" in a multi handle and pending handles are moved
- back to the main list to be retested if they can proceed further (for
- example a previous transfer completed or a connection has a confirmed
- multiplexed state), the timeout check in multi_runsingle() would not
- trigger because it required an established connection.
-
- This could make a pending tranfer go back to pending state even though
- it had been "in progress" for a longer time than permitted. By removing
- the requirement for an associated connection, the timeout check will be
- done proper even for transfers that has not yet been assigned one.
-
- Ref #13227
- Reported-by: Rahul Krishna M
- Closes #13276
-
-Patrick Monnerat (15 Apr 2024)
-
-- mprintf: check fputc error rather than matching returned character
-
- OS/400 ascii fputc wrapper deviates from the posix standard by the
- fact that it returns the ebcdic encoding of the original ascii
- character. Testing for a matching value for success will then always
- fail.
-
- This commit replaces the chariacter comparison by an explicit error
- return check.
-
- Follow-up to ef2cf58
- Closes #13367
-
-Viktor Szakats (14 Apr 2024)
-
-- ci: add CMake build variation, fixup libssh detection in `linux-old`
-
- To test without c-ares and hit `easy_lock.h` on an old system. Use this
- new build step to introduce small variations, and also test libssh2.
-
- Also add workaround to existing job to enable libssh. (CMake's generic
- auto-detection doesn't seem to work here.):
- ```
- CMake Warning at CMakeLists.txt:908 (find_package):
- Could not find a package configuration file provided by "libssh" with any
- of the following names:
-
- libsshConfig.cmake
- libssh-config.cmake
- ```
- Ref: https://github.com/curl/curl/actions/runs/8661316091/job/23750974358#ste
- p:5:69
-
- Closes #13361
-
-- lib: merge `ENABLE_QUIC` C macro into `USE_HTTP3`
-
- Before this patch `lib/curl_setup.h` defined these two macros right
- next to each other, then the source code used them interchangeably.
-
- After this patch, `USE_HTTP3` guards all HTTP/3 / QUIC features.
- (Like `USE_HTTP2` does for HTTP/2.) `ENABLE_QUIC` is no longer used.
-
- This patch doesn't change the way HTTP/3 is enabled via autotools
- or CMake. Builders who enabled HTTP/3 manually by defining both of
- these macros via `CPPFLAGS` can now delete `-DENABLE_QUIC`.
-
- Closes #13352
-
-- build: prefer `USE_IPV6` macro internally (was: `ENABLE_IPV6`)
-
- Before this patch, two macros were used to guard IPv6 features in curl
- sources: `ENABLE_IPV6` and `USE_IPV6`. This patch makes the source use
- the latter for consistency with other similar switches.
-
- `-DENABLE_IPV6` remains accepted for compatibility as a synonym for
- `-DUSE_IPV6`, when passed to the compiler.
-
- `ENABLE_IPV6` also remains the name of the CMake and `Makefile.vc`
- options to control this feature.
-
- Closes #13349
-
-Dan Fandrich (12 Apr 2024)
-
-- DISTROS: mark rolling release distros
-
- These are ones that are unlikely to have back-ported curl patches.
-
- Closes #13353
-
-Daniel Stenberg (12 Apr 2024)
-
-- mbedtls: cut off trailing newlines from debug logs
-
- To avoid double newlines in the output.
-
- Reported-by: Gisle Vanem
- Fixes #13321
- Closes #13356
-
-- RELEASE-NOTES: synced
-
-Stefan Eissing (12 Apr 2024)
-
-- CURLINFO_REQUEST_SIZE: fixed, add tests for transfer infos reported
-
- - tests for 'size_request' and other stats reported, for
- presence and consistency
-
- Reported-by: Jonatan Vela
- Fixes #13269
- Closes #13275
-
-Viktor Szakats (11 Apr 2024)
-
-- dist: add files missing from release tarball
-
- Closes #13346
-
-- ci: parallelize more, tidy up cmake commands (distcheck, macos)
-
- Also enable `-DCURL_WERROR=ON` in the Linux cmake build test.
-
- Closes #13343
-
-Toon Claes (11 Apr 2024)
-
-- docs: add CURLOPT_NOPROGRESS to CURLOPT_XFERINFOFUNCTION example
-
- It's important to set `CURLOPT_NOPROGRESS` to `0` if you want your
- transfer callback function, set by `CURLOPT_XFERINFOFUNCTION`, getting
- called. To emphasize this to the users, add this to the code example.
-
- Closes #13348
-
-RainRat (11 Apr 2024)
-
-- misc: fix typos
-
- Closes #13344
-
-Colin Leroy-Mira (11 Apr 2024)
-
-- file: add support for getting basic directory listings
-
- Not supported on Windows (yet)
-
- Closes #13137
-
-Viktor Szakats (11 Apr 2024)
-
-- ci: add curl-for-win builds: Linux MUSL, macOS, Windows
-
- Linux MUSL (llvm/clang), macOS Apple clang, Windows (llvm/clang).
-
- Configured with HTTP/2 and HTTP/3 and other dependencies (the default
- curl-for-win) for a comprehensive build test.
-
- ```
- curl 8.8.0-DEV (x86_64-unknown-linux-musl) libcurl/8.8.0-DEV LibreSSL/3.9.1 z
- lib/1.3.1 brotli/1.1.0 zstd/1.5.6 libpsl/0.21.5 libssh2/1.11.0 nghttp2/1.61.0
- ngtcp2/1.4.0 nghttp3/1.2.0
- Protocols: dict file ftp ftps gopher gophers http https imap imaps ipfs ipns
- mqtt pop3 pop3s rtsp scp sftp smb smbs smtp smtps telnet tftp ws wss
- Features: alt-svc AsynchDNS brotli HSTS HTTP2 HTTP3 HTTPS-proxy IPv6 Largefil
- e libz NTLM PSL SSL threadsafe UnixSockets zstd
-
- curl 8.8.0-DEV (x86_64-apple-darwin) libcurl/8.8.0-DEV LibreSSL/3.9.1 zlib/1.
- 3.1 brotli/1.1.0 zstd/1.5.6 libpsl/0.21.5 libssh2/1.11.0 nghttp2/1.61.0 ngtcp
- 2/1.4.0 nghttp3/1.2.0
- Protocols: dict file ftp ftps gopher gophers http https imap imaps ipfs ipns
- ldap ldaps mqtt pop3 pop3s rtsp scp sftp smb smbs smtp smtps telnet tftp ws w
- ss
- Features: alt-svc AsynchDNS brotli HSTS HTTP2 HTTP3 HTTPS-proxy IPv6 Largefil
- e libz NTLM PSL SSL threadsafe UnixSockets zstd
-
- curl 8.8.0-DEV (x86_64-w64-mingw32) libcurl/8.8.0-DEV LibreSSL/3.9.1 zlib/1.3
- .1 brotli/1.1.0 zstd/1.5.6 WinIDN libpsl/0.21.5 libssh2/1.11.0 nghttp2/1.61.0
- ngtcp2/1.4.0 nghttp3/1.2.0
- Protocols: dict file ftp ftps gopher gophers http https imap imaps ipfs ipns
- ldap ldaps mqtt pop3 pop3s rtsp scp sftp smb smbs smtp smtps telnet tftp ws w
- ss
- Features: alt-svc AsynchDNS brotli HSTS HTTP2 HTTP3 HTTPS-proxy IDN IPv6 Kerb
- eros Largefile libz NTLM PSL SPNEGO SSL SSPI threadsafe UnixSockets zstd
- ```
-
- Limited to x64, because for build testing the additional CPUs don't add
- much value compared to the extra build time. They can be enabled easily
- if deemed useful.
-
- To the extent of curl-for-win configuration options, it's trivial to add
- further build combinations.
-
- Closes #13335
-
-- OS400: fix shellcheck warnings in scripts
-
- - use `$()` instead of backticks, and re-arrange double-quotes inside.
- - add missing `|| exit 1` to `cd` calls. (could be dropped by using `set -eu`
- .)
- - add `-n` to a few `if`s.
- - shorten redirections by using `{} >` (as shellcheck recommended).
- - silence warnings where variables were detected as unused (SC2034).
- - a couple misc updates to silence warnings.
- - switch to bash shebang for `-ot` feature.
- - split two lines to unbreak syntax highlighting in my editor. (`$(expr \`, `
- $(dirname \`)
-
- Also enable CI checks for OS/400 shell scripts.
-
- Ref: #13307
- Closes #13309
-
-Stefan Eissing (11 Apr 2024)
-
-- lib: add Curl_xfer_write_resp_hd
-
- Add method in protocol handlers to allow writing of a single,
- 0-terminated header line. Avoids parsing and copying these lines.
-
- Closes #13165
-
-- llist: add Curl_llist_append()
-
- - use for better readability in all places where the "insert_next"
- actually performs an append to the list
- - add some tests in unit1300
-
- Closes #13336
-
-- gnutls: lazy init the trust settings
-
- - delay loading of trust anchors and CRLs after the ClientHello
- has been sent off
- - add tracing to IO operations
- - on IO errors, return the CURLcode of the underlying filter
-
- Closes #13339
-
-Marcel Raad (10 Apr 2024)
-
-- http_negotiate: fix `CURL_DISABLE_PROXY` build
-
- `proxyuserpwd` was removed from `dynamically_allocated_data` in commit
- f46385d36df.
-
- Closes https://github.com/curl/curl/pull/13334
-
-Viktor Szakats (10 Apr 2024)
-
-- quic: fixup duplicate static function name (for cmake unity)
-
- Visible in daily curl-for-win builds:
- https://github.com/curl/curl-for-win/actions/runs/8621925870
-
- ```
- lib/vquic/curl_ngtcp2.c:1916:12: error: redefinition of 'ossl_new_session_cb'
- static int ossl_new_session_cb(SSL *ssl, SSL_SESSION *ssl_sessionid)
- ^
- lib/vtls/openssl.c:2978:12: note: previous definition is here
- static int ossl_new_session_cb(SSL *ssl, SSL_SESSION *ssl_sessionid)
- ^
- ```
- https://github.com/curl/curl-for-win/actions/runs/8621925870/job/23631885439#
- step:3:6965
-
- Follow-up to 3210101088dfa3d6a125d213226b092f2f866722 #13172
- Closes #13332
-
-- appveyor: make VS2010 job build-only, enable Schannel, fix compiler warnings
-
- Tests were consistently flaky for a while.
-
- Also fix compiler warnings in `CertOpenStore()` calls for old MSVC compilers:
- ```
- C:/projects/curl/lib/vtls/schannel.c(688):
- warning C4306: 'type cast' : conversion from 'int' to 'LPCSTR' of greater s
- ize
- C:/projects/curl/lib/vtls/schannel_verify.c(642):
- warning C4306: 'type cast' : conversion from 'int' to 'LPCSTR' of greater s
- ize
- ```
- Ref: https://ci.appveyor.com/project/curlorg/curl/builds/49580310/job/ywu2y44
- kymgc0nif#L106
-
- Closes #13330
-
-Daniel Stenberg (10 Apr 2024)
-
-- projects: drop MSVC project files for recent versions
-
- We encourage users to generate visual studio project files using CMake.
-
- We keep project files in git for ancient visual studio versions that
- cmake cannot generate files for, but we no longer ship the project files
- in the tarballs.
-
- appveyor: switch VisualStudioSolution job to VC12 (Visual Studio 2013)
-
- Co-Authored-by: Viktor Szakats
- Co-Authored-by: Jay Satiro
-
- Closes #13311
-
-Viktor Szakats (9 Apr 2024)
-
-- cmake: use namespaced custom target names
-
- Rename custom target to namespaced (unique) names to avoid colliding
- with 3rd-party projects (e.g. libzip) built together with curl.
-
- Reported-by: hammlee96 on github
- Fixes #13324
- Closes #13326
-
-- appveyor: re-enable OpenSSL 3, bump to 3.2.1
-
- Ref: b62454a875d70f93ab5347c050903596feb45a23 #13266
- Closes #13329
-
-Stefan Eissing (9 Apr 2024)
-
-- CI: upgrade openssl version to 3.3.0 for openssl-quic
-
- Closes #13328
-
-Daniel Stenberg (9 Apr 2024)
-
-- RELEASE-NOTES: synced
-
- Bump to 8.8.0-DEV
-
-- curl_multi_waitfds.md: add protocol mention
-
- Follow-up to 02beac6bb6b
-
-Dmitry Karpov (9 Apr 2024)
-
-- lib: add curl_multi_waitfds
-
- New function call, similar to curl_multi_fdset()
-
- Closes #13135
-
-Viktor Szakats (9 Apr 2024)
-
-- dist: verify tarball reproducibility in CI
-
- Closes #13327
-
-Stefan Eissing (9 Apr 2024)
-
-- tests: stabilitze test_02_23*
-
- - h2-download now always opens the output file on first write callback
- invocation, if it will pause the transfer or not.
- - Checks on output files then does not depend on the amount of data curl
- has collected for the first write.
-
- Closes #13323
-
-- tls: fix compile issues on old-linux CI
-
- Follow-up to 3210101088dfa
- Closes #13325
-
-Viktor Szakats (9 Apr 2024)
-
-- dist: add reproducible dir entries to tarballs
-
- In the initial implementation of reproducible tarballs, they were
- missing directory entries, while .zip archives had them. It meant
- that on extracting the tarball, on-disk directory entries got the
- current timestamp.
-
- This patch fixes this by including directory entries in the tarball,
- with reproducible timestamps. It also moves sorting inside tar,
- to ensure reproducible directory entry timestamps on extract
- (without the need of `--delay-directory-restore` option, when
- extracting with GNU tar. BSD tar got that right by default.)
-
- GNU tar 1.28 (2014-07-28) introduced `--sort=`.
-
- Ref: https://github.com/curl/curl/pull/13299#discussion_r1555957350
- Follow-up to 860cd5fc2dc8e165fadd2c19a9b7c73b3ae5069d #13299
- Closes #13322
-
-Stefan Eissing (9 Apr 2024)
-
-- tls: use shared init code for TCP+QUIC
-
- Closes #13172
-
-Daniel Stenberg (9 Apr 2024)
-
-- .mailmap: update Gisle's preferred email
-
-Jan Macku (9 Apr 2024)
-
-- doc: pytest `--repeat` -> `--count`
-
- Pytest doesn't have a `--repeat` option, but it does have a `--count`
- option.
-
- ```
- --count=COUNT Number of times to repeat each test
- ```
-
- Closes #13218
-
-Daniel Stenberg (9 Apr 2024)
-
-- src/Makefile.am: access curl.txt using a relative path, not abs
-
- ... to make it work when mounted using different mount points. Like when
- generated/used inside and outside of a docker image.
-
- Closes #13320
-
-- build: remove MacOSX-Framework script
-
- I don't think this is much used these days.
-
- Also remove the libcurl.plist file used (only) by this script
-
- Closes #13313
-
-- release-tools.sh: store the timestamp and release tag too
-
- When maketgz invokes this script to generate the docs/RELEASE-TOOLS.md
- file that gets bundled in the release, it now also passes on the exact
- timestamp and version number so that those details also get mentioned in
- the document. They will help users reproduce an identical tarball.
-
- Closes #13319
-
-Viktor Szakats (8 Apr 2024)
-
-- GHA: disable permissions where missing
-
- Reviewed-by: Daniel Stenberg
- Closes #13306
-
-Stefan Eissing (8 Apr 2024)
-
-- CI: update component versions
-
- - ngtcp2: v1.4.0
- - nghttp3: v1.2.0
- - nghttp2: v1.61.0
- - mod_h2: v2.0.27
-
- Closes #13316
-
-Jérôme Leclercq (8 Apr 2024)
-
-- CMake: check fseeko after detecting HAVE_FILE_OFFSET_BITS
-
- Closes #13264
-
-Stefan Eissing (8 Apr 2024)
-
-- http2: emit RST when client write fails
-
- - When the writing of response data fails, reset the stream
- and do not return a callback error to nghttp2. That would
- be a fatal error for the connection and harm other requests.
- - add test cases for various abort scenarios
-
- Reported-by: Konstantin Kuzov
- Fixes #13292
- Closes #13298
-
-Kailun Qin (8 Apr 2024)
-
-- mbedtls: call mbedtls_ssl_setup() after RNG callback is set
-
- Since mbedTLS v3.6.0, the RNG check added in ssl_conf_check() will fail
- if no RNG is provided when calling mbedtls_ssl_setup().
-
- Therefore, mbedtls_ssl_conf_rng() needs to be called before the SSL
- context is passed to mbedtls_ssl_setup().
-
- Ref: https://github.com/Mbed-TLS/mbedtls/commit/b422cab052b51ec84758638d6783d
- 6ba4fc60613
-
- Signed-off-by: Kailun Qin <kailun.qin@intel.com>
- Closes #13314
-
-Daniel Stenberg (8 Apr 2024)
-
-- NTLM_WB: drop support
-
- The feature has not worked for months and has been marked as DEPRECATED
- for six+ months.
-
- Closes #13249
-
-- curl_trc: fix build error when lacking verbose messages
-
- Follow-up from 0b28ece657b2273
- Closes #13312
-
-Viktor Szakats (8 Apr 2024)
-
-- contrithanks: honor `CURLWWW` variable
-
- Reviewed-by: Daniel Stenberg
- Closes #13315
-
-- GHA: add shellcheck job and fix warnings, shell tidy-ups
-
- Reviewed-by: Daniel Stenberg
- Closes #13307
-
-- dist: do not require Perl in `maketgz`
-
- Perl remains required for the tarball build process.
-
- Follow-up to 860cd5fc2dc8e165fadd2c19a9b7c73b3ae5069d #13299
-
- Reviewed-by: Daniel Stenberg
- Closes #13310
-
-Daniel Stenberg (8 Apr 2024)
-
-- RELEASE-NOTES: synced
-
-- docs/cmdline-opts: invoke managen using a relative path
-
- ... no need to use an absolute path, that makes the build unncessarily
- fail if invoked using a different mount point. managen now takes options
- to find the input files.
-
- Update test1478 to provide the dir arguments to managen
-
- Closes #13281
-
-- GHA: add valgrind to a wolfSSL build
-
- Closes #13274
-
-Viktor Szakats (7 Apr 2024)
-
-- dist: `set -eu`, fix shellcheck, make reproducible and smaller tarballs
-
- - set bash `-eu` and fix fallouts.
- - fix shellcheck warnings.
- - set and use `SOURCE_DATE_EPOCH` for reproducibility.
- Authored-by: Daniel J. H.
- Ref: #13280
- - set `TZ=UTC` and `LC_ALL=C` for reproducibility.
- - make file timestamps in tarball/zip reproducible.
- - make directory timestamps in zip reproducible.
- - make timestamps of tarballs/zip reproducible.
- - make file order in tarball/zip reproducible.
- - omit extra file metadata from zip for reproducibility.
- - use maximum zip compression.
- - use POSIX `ustar` tarball format to avoid supply chain vulnerability:
- https://seclists.org/oss-sec/2021/q4/0
- - make uid/gid in tarball reproducible.
- - omit owner user/group names from tarball for reproducibility and privacy.
- - omit current timestamp from .gz header for reproducibility.
- - display SHA-256 hashes of produced tarballs/zip.
- - fix whitespace.
-
- `.tar.gz` also became smaller in the process: 4,462,311 -> 4,148,249 bytes (8
- .7.1)
-
- Requires GNU tar, GNU date, `sha256sum`.
-
- Reviewed-by: Daniel Stenberg
- Ref: #13250
- Closes #13299
-
-Gisle Vanem (7 Apr 2024)
-
-- tests/http: fix compiler warning
-
- - Init result code variable to fix clang warning that it may be used
- uninitialized.
-
- Fixes https://github.com/curl/curl/issues/13301
- Closes https://github.com/curl/curl/pull/13304
-
-Stefan Eissing (6 Apr 2024)
-
-- vquic: use new curl_int64_t type
-
- - add curl_int64_t signed 64-bit type for lib use
-
- - define CURL_PRId64, CURL_PRIu64 format ids
-
- - use curl_int64_t in vquic
-
- curl_int64_t signed complements the existing curl_uint64_t unsigned.
-
- Note that `curl_int64_t` and `int64_t` are assignable from each other
- but not identical. Some platforms with 64 long type defint int64_t as
- "long long" (staring at macOS) which messes up things like pointers and
- format identifiers.
-
- Closes https://github.com/curl/curl/pull/13293
-
-Jay Satiro (5 Apr 2024)
-
-- lib: use multi instead of multi_easy for the active multi
-
- - Use data->multi and not data->multi_easy to refer to the active multi.
-
- The easy handle's active multi is always data->multi.
-
- This is a follow up to 757dfdf which changed curl so that an easy handle
- used with the easy interface and then multi interface cannot have two
- different multi handles associated with it at the same time
- (data->multi_easy from the easy interface and data->multi from the multi
- interface).
-
- Closes https://github.com/curl/curl/pull/12665
-
-Viktor Szakats (5 Apr 2024)
-
-- tidy-up: whitespace [ci skip]
-
-Daniel Stenberg (5 Apr 2024)
-
-- makefile: remove the sorting from the vc-ide action
-
- This target generates the MSVC project files. This change removes the
- extra sorting and instead makes the script use the order of the files as
- listed in the variables - which are mostly sorted anyway.
-
- This is an attempt to make the project file generation more easily
- reproducible.
-
- Ref: #13250
- Closes #13294
-
-Gisle Vanem (5 Apr 2024)
-
-- bearssl: fix compiler warnings
-
- "variables may be uninitialized when used"
-
- Fixes #13290
- Closes #13297
-
-Daniel Stenberg (5 Apr 2024)
-
-- DISTROS: Cygwin updates
-
- Brought-by: Brian Inglis
- Fixes #13258
- Co-authored-by: Viktor Szakats
- Closes #13279
-
-Stefan Eissing (5 Apr 2024)
-
-- lib: add trace support for client reads and writes
-
- - add `CURL_TRC_READ()` and `CURL_TRC_WRITE()`
- - use in generic client writers and readers, as well
- as http headers, chunking and websockets
-
- Closes #13223
-
-Michał Antoniak (5 Apr 2024)
-
-- urldata: remove fields not used depending on used features
-
- Reduced size of dynamically_allocated_data structure.
-
- Reduced number of stored values in enum dupstring and enum dupblob. This
- affects the reduced array placed in the UserDefined structure.
-
- Closes #13188
-
-Viktor Szakats (5 Apr 2024)
-
-- cmake: enable `-pedantic-errors` for clang when `CURL_WERROR=ON`
-
- clang doesn't have the issues of GCC and old CMake versions.
-
- Note: This introduces asymmetry with autotools, which only enables
- this for GCC.
-
- Reviewed-by: Daniel Stenberg
- Closes #13286
-
-- cmake: fix `CURL_WERROR=ON` for old CMake and use it in GHA/linux-old
-
- - cmake: fix `-pedantic-errors` for old CMake with `CURL_WERROR=ON` set.
-
- `-pedantic-errors` option throws a warning with GCC (all versions) and
- makes `check_symbol_exists()` fail in CMake versions older than
- v3.23.0 (2022-03-29), when CMake introduced a workaround:
-
- https://gitlab.kitware.com/cmake/cmake/-/issues/13208
- https://gitlab.kitware.com/cmake/cmake/-/commit/eeb45401163d831b8c841ef6eba
- 81466b4067b68
- https://gitlab.kitware.com/cmake/cmake/-/commit/1ab7c3cd28b27ca162c4559e102
- 6e5cad1898ade
-
- Follow-up to 3829759bd042c03225ae862062560f568ba1a231 #12489
-
- - set `CURL_WERROR=ON` for the `linux-old` job in CI.
-
- Closes #13282
-
-- lib: use `#error` instead of invalid syntax in `curl_setup_once.h`
-
- Reviewed-by: Daniel Stenberg
- Closes #13287
-
-Daniel Stenberg (5 Apr 2024)
-
-- GHA: on macOS remove $HOME/.curlrc
-
- A recent image upgrade added a $HOME/.curlrc by default using --ipv4.
-
- Ref: https://github.com/actions/runner-images/pull/9586
- Fixes #13284
- Closes #13285
-
-Viktor Szakats (4 Apr 2024)
-
-- cmake: fixup `DEPENDS` filename
-
- Fixing:
- ```
- make[2]: Circular docs/curl-config.1 <- docs/curl-config.1 dependency dropped
- .
- make[2]: Circular docs/mk-ca-bundle.1 <- docs/mk-ca-bundle.1 dependency dropp
- ed.
- ```
- Ref: https://github.com/curl/curl/actions/runs/8559617487/job/23456740844?pr=
- 13282#step:6:18
-
- Follow-up to 5023ffad2c27d4b916ddb91800f99ecc5d3aad07 #13197
- Closes #13283
-
-- GHA: enable unity mode for cmake jobs + tidy-ups
-
- Unity mode is not supported by CMake v3.7.2 used in linux-old, but
- enable it anyway for consistency and to kick in automatically once
- migrating to a newer old Linux in the future.
-
- Also:
- - replace `CMAKE_COMPILE_WARNING_AS_ERROR` with `CURL_WERROR`.
- - delete default build option `PICKY_COMPILER=ON`.
-
- Closes #13277
-
-Dan Fandrich (4 Apr 2024)
-
-- CI: Add CI build on Debian stretch to test old support
-
- This version still has ELTS support and contains some old versions of
- key components like cmake to help prevent us from breaking that support.
-
- Closes #13029
-
-Stefan Eissing (4 Apr 2024)
-
-- request: paused upload on completed download, assess connection
-
- A transfer with a completed download that is still uploading needs to
- check the connection state when it is PAUSEd, since connection
- close/errors would otherwise go unnoticed.
-
- Reported-by: Sergey Bronnikov
- Fixes #13260
- Closes #13271
-
-Daniel Stenberg (4 Apr 2024)
-
-- url: do not URL decode proxy crendentials
-
- The two options CURLOPT_PROXYUSERNAME and CURLOPT_PROXYPASSWORD set the
- actual names as-is, not URL encoded.
-
- Modified test 503 to use percent-encoded strings in the credential
- strings that should be passed on as-is.
-
- Reported-by: Sergey Ogryzkov
- Fixes #13265
- Closes #13270
-
-Viktor Szakats (4 Apr 2024)
-
-- appveyor: enable cmake unity mode by default
-
- Leave one non-unity cmake job. This makes the jobs finish slightly
- quicker, while giving more coverage for unity issues.
-
- Before:
- https://ci.appveyor.com/project/curlorg/curl/builds/49496977
- https://ci.appveyor.com/project/curlorg/curl/builds/49500372
- After:
- https://ci.appveyor.com/project/curlorg/curl/builds/49500338
-
- Also fixup unrelated whitespace.
-
- Reviewed-by: Daniel Stenberg
- Closes #13217
-
-Daniel Stenberg (4 Apr 2024)
-
-- RELEASE-NOTES: synced
-
-Viktor Szakats (4 Apr 2024)
-
-- cmake: speed up libcurl doc building again
-
- This time limit the number of files per command to avoid exceeding
- limitations of certain OS/shell envs.
-
- Such known env is Windows with the `cmd.exe` shell, which features an
- 8K command-line length limit to this day.
-
- Allowlisting `UNIX` to have no limit and using a limit of 200 for other
- envs to be safe. If there is a way to detect `cmd.exe` and/or we know
- which precise envs are sensitive to this, we can tweak these conditions
- further.
-
- Even with the low limit, this patch reduces external commands by 200x,
- making builds much faster.
-
- Ref: #12762 2620aa930bc73af1e4c70b10e3125b957b96ecfb (initial)
- Ref: #13047 f03c85635f35269f1f45b983bf216624f541760a (revert)
-
- Reviewed-by: Daniel Stenberg
- Closes #13207
-
-- cmake: tidy-up to use `WORKING_DIRECTORY`
-
- Reviewed-by: Daniel Stenberg
- Closes #13206
-
-- cmake: generate misc manpages and install `mk-ca-bundle.pl`
-
- - install `mk-ca-bundle.pl` like autotools does.
-
- - generate and install `mk-ca-bundle.1` and `curl-config.1` like
- autotools. This fixes tests 1140 and 1173.
-
- Reported-by: Dan Fandrich
- Fixes #13194
-
- - add option `BUILD_MISC_DOCS` to control building the above two
- manpages. Enabled by default.
-
- - appveyor: stop disabling tests 1140 and 1173.
-
- Reviewed-by: Daniel Stenberg
- Closes #13197
-
-Fabian Keil (4 Apr 2024)
-
-- wolfssl: plug memory leak in wolfssl_connect_step2()
-
- Fixes:
-
- test 2034...[simple HTTPS GET with DER public key pinning]
- ==61829== 22,610 (3,744 direct, 18,866 indirect) bytes in 1 blocks are d
- efinitely lost in loss record 51 of 54
- ==61829== at 0x484BB74: malloc (vg_replace_malloc.c:446)
- ==61829== by 0x4B53A80: wolfSSL_Malloc (memory.c:344)
- ==61829== by 0x4C1C8E1: wolfSSL_X509_new (x509.c:5326)
- ==61829== by 0x4C3977D: d2i_X509orX509REQ (x509.c:3628)
- ==61829== by 0x4C1D1F4: wolfSSL_X509_d2i (x509.c:3664)
- ==61829== by 0x4C1C37B: wolfSSL_X509_dup (x509.c:13425)
- ==61829== by 0x4C197DB: wolfSSL_get_peer_certificate (ssl.c:18765)
- ==61829== by 0x33297C: wolfssl_connect_step2 (wolfssl.c:875)
- ==61829== by 0x331669: wolfssl_connect_common (wolfssl.c:1287)
- ==61829== by 0x3303E9: wolfssl_connect_nonblocking (wolfssl.c:1319)
- ==61829== by 0x32FE89: ssl_connect_nonblocking (vtls.c:510)
- ==61829== by 0x32DBE5: ssl_cf_connect (vtls.c:1679)
- ==61829== by 0x27ABD7: Curl_conn_cf_connect (cfilters.c:307)
- ==61829== by 0x27D9CF: cf_setup_connect (connect.c:1199)
- ==61829== by 0x27ABD7: Curl_conn_cf_connect (cfilters.c:307)
- ==61829== by 0x283CEA: cf_hc_baller_connect (cf-https-connect.c:135)
-
- Closes #13272
-
-Viktor Szakats (3 Apr 2024)
-
-- appveyor: OpenSSL 3 no longer found by CMake, revert to 1.1.1
-
- OpenSSL moved directories, and bumped versions in AppVeyor CI.
-
- Downgrading is not an ideal solution, but however trivial the solution
- may be, I failed to come with anything that made CMake recognize either
- OpenSSL 3.1 or 3.2.
-
- Possibly caused by:
- https://github.com/appveyor/build-images/commit/702e8cdca01f28f6a40687783f493
- c786cebbe2c
- https://github.com/appveyor/build-images/pull/149
-
- Closes #13266
-
-hongfei.li (3 Apr 2024)
-
-- winbuild: use $(RC) correctly
-
- Cloes #13267
-
-Daniel Stenberg (3 Apr 2024)
-
-- dist: remove the curl-config.1 from the tarball
-
- The markdown file is already there and the .1 file gets generated in the
- build.
-
- Ref: #13250
- Closes #13268
-
-- curl_global_trace.md: shorten the description
-
- Closes #13263
-
-- test1901: verify chunked POST from callback with CURLOPT_POSTFIELDSIZE set
-
- Follow-up to 721941aadf4ad
-
- Ref: #13257
- Closes #13262
-
-Stefan Eissing (2 Apr 2024)
-
-- http: with chunked POST forced, disable length check on read callback
-
- - when an application forces HTTP/1.1 chunked transfer encoding
- by setting the corresponding header and instructs curl to use
- the CURLOPT_READFUNCTION, disregard any POST length information.
- - this establishes backward compatibility with previous curl versions
-
- Applications are encouraged to not force "chunked", but rather
- set length information for a POST. By setting -1, curl will
- auto-select chunked on HTTP/1.1 and work properly on other HTTP
- versions.
-
- Reported-by: Jeff King
- Fixes #13229
- Closes #13257
-
-Jay Satiro (1 Apr 2024)
-
-- INSTALL-CMAKE.md: explain `cmake -G <generator-name>`
-
- - Explain that CMake's -G option can be used to specify which build
- system to generate files for.
-
- Example: cmake ../curl -G "MinGW Makefiles"
-
- Ref: https://github.com/curl/curl/pull/12224#issuecomment-2026813645
-
- Closes https://github.com/curl/curl/pull/13244
-
-Daniel Stenberg (1 Apr 2024)
-
-- libcurl-opts: mention pipelining less
-
- libcurl has not supported HTTP pipelining since many years. Remove a few
- (more) mentions of the feature.
-
- Closes #13254
-
-Daniel McCarney (31 Mar 2024)
-
-- m4: reposition USE_RUSTLS="yes" for pkg-config
-
- It's necessary to set this var to "yes" _after_ AC_DEFINE and AC_SUBST
- in order for a later `test` to pass so that `check_for_ca_bundle=1` ends
- up being set. This is in turn required for the default CA certificate
- bundle to be set when building w/ rustls & pkg-config.
-
- Reported-by: Matt Jolly
- Fixes #13248
- Closes #13251
-
-Daniel Stenberg (31 Mar 2024)
-
-- maketgz: put docs/RELEASE-TOOL.md into the tarball
-
- Generated with scripts/release-tools.sh
-
- The script lists the exact Debian package names and version numbers for
- the tools that are used to generate the tarball.
-
- Closes #13239
-
-- cd2nroff/manage: use UTC when SOURCE_DATE_EPOCH is set
-
- Make them independent of the TZ setting. Also set a date string like
- YYYY-MM-DD to avoid a local month name in the date.
-
- Reported-by: Carlos Henrique Lima Melara
- Fixes #13242
- Closes #13243
-
-- RELEASE-NOTES: synced
-
-- docs/MAIL-ETIQUETTE: convert to markdown
-
- To render nicer. To get spellchecked.
-
- Closes #13247
-
-- reuse: add copyright + license info to individual docs/*.md files
-
- Instead of use 'docs/*.md' in dep5. For clarity and avoiding a wide-
- matching wildcard.
-
- + Remove mention of old files from .reuse/dep5
- + add info to .github/dependabot.yml
- + make scripts/copyright.pl warn on non-matching patterns
-
- Closes #13245
-
-- test470: warn about unicode quote character read from config file
-
- Idea-by: Emanuele Torre
-
-- test469: verify warning when argument has unicode quote
-
-- tool_getparam: output warning for leading unicode quote character
-
- ... in the option argument.
-
- Typically this is a mistake done when copying example command lines from
- online documentation using the wrong quote character.
-
- Presumably there are also other potential quote characters that might be
- used, and this check is done without even knowing that unicode is used!
-
- Reported-by: Sanjay Pujare
- Fixes #13214
- Closes #13215
-
-- tool: follow-up getenv fix
-
- Remove a double free. Change the IPFS env use to a plain getenv() simply
- because coverity gets confused.
-
- Follow-up to 9126b141c9398fe
- Closes #13241
-
-- idn: make Curl_idnconvert_hostname() use Curl_idn_decode()
-
- In the name of less code duplication
-
- Closes #13236
-
-- curl-confopts.m4: define CARES_NO_DEPRECATED when c-ares is used
-
- Starting in 1.28.0 c-ares added deprecation warnings for some API calls
- libcurl uses.
-
- Closes #13240
-
-- vquic: use CURL_FORMAT_CURL_OFF_T for 64 bit printf output
-
- Reported-by: Keitagit-kun on github
- Fixes #13224
- Closes #13231
-
-- openldap: create ldap URLs correctly for IPv6 addresses
-
- Reported-by: Sergio Durigan Junior
- Fixes #13228
- Closes #13235
-
-- curl: use curl_getenv instead of the curlx_ version
-
- The curlx one was once introduced when we still considered dropping the
- libcurl function at some point. To reduce confusion and to make it
- easier to understand when curl_free() should be used, use the actual
- libcurl function call directly instead.
-
- Closes #13230
-
-Evgeny Grin (Karlson2k) (30 Mar 2024)
-
-- curl_sha512_256: do not use workaround for NetBSD when not needed
-
- Assisted-by: riastradh on github
- Assisted-by: Michael Kaufmann
- Closes #13225
-
-Matt Jolly (30 Mar 2024)
-
-- m4: fix rustls pkg-config codepath
-
- The previous pkg-config code would successfully detect rustls but did
- not set all appropriate variables and call the right macros to properly
- configure cURL.
-
- Reported-by: kpcyrd on github
- Fixes #13200
- Closes #13202
-
-Daniel McCarney (30 Mar 2024)
-
-- deps: update librustls 0.12.0 -> 0.13.0
-
- This commit updates the optional rustls-ffi librustls dependency from
- 0.12.0 to 0.13.0. This version is based on the latest available rustls
- release (0.23.4).
-
- The breaking API changes from 0.12.0 to 0.13.0 are in API surface unused
- by curl, so this is an in-place update without any code changes.
-
- The `RUSTLS.md` documentation is updated to reflect the new version in
- use, and to clarify that `cbindgen` isn't required to build `librustls`
- - it's only used by developers to update the vendored `rustls.h` header
- file maintained upstream.
-
- Closes #13238
-
-Daniel Stenberg (28 Mar 2024)
-
-- RELEASE-NOTES: synced
-
-- tool_xattr: "guess" URL scheme if none is provided
-
- ... when figuring out the source URL to store.
-
- Reported-by: Dagfinn Ilmari Mannsåker
- Fixes #13205
- Closes #13221
-
-- tool_xattr: in debug builds, act normally if CURL_FAKE_XATTR is not set
-
- Closes #13220
-
-Stefan Eissing (28 Mar 2024)
-
-- content_encoding: brotli and others, pass through 0-length writes
-
- - curl's transfer handling may write 0-length chunks at the end of the
- download with an EOS flag. (HTTP/2 does this commonly)
-
- - content encoders need to pass-through such a write and not count this
- as error in case they are finished decoding
-
- Fixes #13209
- Fixes #13212
- Closes #13219
-
-Tobias Stoeckmann (28 Mar 2024)
-
-- libssh2: set length to 0 if strdup failed
-
- Internally, libssh2 dereferences the NULL pointer if length is non-zero.
- The callback function cannot return the error condition, so at least
- prevent subsequent crash.
-
- Closes #13213
-
-Daniel Stenberg (28 Mar 2024)
-
-- RELEASE-PROCEDURE: mention an initial working build
-
- This is the step that was not done and caused the 8.7.0 mishap (it
- lacked the correctly generated hugehelp file).
-
- Remove the mention of the copyright script as this is verified by a CI
- job these days: the REUSE one.
-
- Closes #13216
-
-Paul Howarth (28 Mar 2024)
-
-- curl_sha512_255: fix detection of OpenSSL 1.1.1 or later
-
- Use the same OPENSSL_VERSION_NUMBER comparison as in lib/vtls/openssl.c.
-
- Closes #13208
-
-Robert Moreton (28 Mar 2024)
-
-- cf-socket: remove references to l_ip, l_port
-
- Fixes #13210
- Closes #13211
-
-Daniel Stenberg (28 Mar 2024)
-
-- openssl: do not set SSL_MODE_RELEASE_BUFFERS
-
- While it might save some memory, it causes OpenSSL to instead do a huge
- amount of allocations.
-
- Ref: #13136
- Closes #13203
-
-- curl: make --help adapt to the terminal width
-
- Instead of assuming and working with 80 colums, try figuring out what
- width is actually used.
-
- Ref: #13141
-
- Closes #13171
-
-- RELEASE-NOTES: synced
-
- and bump to 8.7.2 for now
-
-- configure: make --disable-docs imply --disable-manual
-
- Because when the docs is not built, the necesary curl.txt file is not
- present so then the manual cannot get built.
-
- Reported-by: Harry Sintonen
- Closes #13191
-
-Chris Webb (27 Mar 2024)
-
-- cmdline-docs: fix make install with configure --disable-docs
-
- make -C docs/cmdline-opts install depends on all-am, which in turn
- depends on $(MANS), unconditionally defined to be $(man_MANS).
-
- As with CLEANFILES, only add curl.1 to man_MANS when BUILD_DOCS is true
- so we don't try to build curl.1 unnecessarily.
-
- Closes #13198
-
-Version 8.7.1 (27 Mar 2024)
-
-Daniel Stenberg (27 Mar 2024)
-
-- RELEASE-PROCEDURE: remove old release dates, add new pending ones
-
-Version 8.7.0 (27 Mar 2024)
-
-Daniel Stenberg (27 Mar 2024)
-
-- RELEASE-NOTES: synced
-
- curl 8.7.0 release
-
-- THANKS: new contributors from the 8.7.0 release
-
-- CURLOPT_POSTFIELDS.md: used for MQTT as well
-
- Closes #13189
-
-- http: remove stale comment about rewindbeforesend
-
- ... because that struct field exists no more.
-
- Follow-up to 14bcea074a782272.
-
- Closes #13187
-
-- DISTROS: add document with distro pointers
-
- Lots of organizations distribute curl packages to end users. This is a
- collection of pointers to where to learn more about curl on and with
- each distro.
-
- Assisted-by: Alan Coopersmith
- Assisted-by: Andrew Kaster
- Assisted-by: Andy Fiddaman
- Assisted-by: Arjan van de Ven
- Assisted-by: Brian Clemens
- Assisted-by: chrysos349 on github
- Assisted-by: Dan Fandrich
- Assisted-by: Dan McDonald
- Assisted-by: Gaelan Steele
- Assisted-by: graywolf on github
- Assisted-by: Jan Macku
- Assisted-by: John Marshall
- Assisted-by: Jonathan Perkin
- Assisted-by: Kevin Daudt
- Assisted-by: Marcus Müller
- Assisted-by: Michał Górny
- Assisted-by: Outvi V
- Assisted-by: Ross Burton
- Assisted-by: Sean Molenaar
- Assisted-by: Till Wegmüller
- Assisted-by: Viktor Szakats
- Assisted-by: Winni Neessen
-
- Closes #13178
-
-Fabian Keil (25 Mar 2024)
-
-- wolfSSL: do not call the stub function wolfSSL_BIO_set_init()
-
- Calling the function isn't necessary and causes the build
- to fail when wolfSSL has been compiled with NO_WOLFSSL_STUB:
-
- Making all in opts
- CCLD curl
- ld: error: undefined symbol: wolfSSL_BIO_set_init
- >>> referenced by wolfssl.c:235 (vtls/wolfssl.c:235)
- >>> libcurl_la-wolfssl.o:(wolfssl_bio_cf_create) in archiv
- e ../lib/.libs/libcurl.a
- cc: error: linker command failed with exit code 1 (use -v to see invocat
- ion)
- *** Error code 1
-
- Closes #13164
-
-Daniel Stenberg (25 Mar 2024)
-
-- cmdline-opts: shorter help texts
-
- In an effort to increase the readability of the "--help all" output on
- narrow (80 column) terminals.
-
- Co-authored-by: Jay Satiro
-
- Closes #13169
-
-Matt Jolly (25 Mar 2024)
-
-- curl-rustls.m4: add pkg-config support to rustls detection
-
- Based on the existing openssl pkg-config detection, this commit tries to
- use pkg-config to find `rustls` then falls back to the current approach
- if that fails.
-
- We use the following logic:
-
- - if no path is provided, just use pkg-config, if it's not there we have
- a problem!
- - if a path is provided, try pkg-config
- + if pkg-config fails, try and find rustls directly
-
- Closes #13179
-
-Mohammadreza Hendiani (25 Mar 2024)
-
-- TODO: update 13.11 with more information
-
- Closes #13173
-
-Daniel Stenberg (23 Mar 2024)
-
-- docs/libcurl: generate PROTOCOLS from meta-data
-
- Remove the PROTOCOLS section from the source files completely and
- instead generate them based on the header data in the curldown files.
-
- It also generates TLS backend information for options marked for TLS as
- protocol.
-
- Closes #13175
-
-- CURLMOPT_MAX*: mention what happens if changed mid-transfer
-
- For CURLMOPT_MAXCONNECTS and CURLMOPT_MAX_HOST_CONNECTIONS
-
- Ref: #13158
- Closes #13176
-
-- docs/libcurl: add TLS backend info for all TLS options
-
- All man pages that are listed to be for TLS now must also specify
- exactly what TLS backends the option works for, or use All if they all
- work.
-
- cd2nroff makes sure this is done and that the listed backends exist.
-
- Closes #13168
-
-- docs/libcurl: cleanups
-
- - CURLINFO_TLS_SESSION.md: remove mention of NSS
- - CURLINFO_TLS_SSL_PTR.md: remove NSS leftover
- - CURLOPT_CAINFO.md: drop mention of backends not supporting this
- - CURLOPT_CAPATH.md: wolfSSL also supports this
-
- Closes #13166
-
-- docs: make each libcurl man specify protocol(s)
-
- The mandatory header now has a mandatory list of protocols for which the
- manpage is relevant.
-
- Most man pages already has a "PROTOCOLS" section, but this introduces a
- stricter way to specify the relevant protocols.
-
- cd2nroff verifies that at least one protocol is mentioned (which can be
- `*`).
-
- This information is not used just yet, but A) the PROTOCOLS section can
- now instead get generated and get a unified wording across all manpages
- and B) this allows us to more reliably filter/search for protocol
- specific manpages/options.
-
- Closes #13166
-
-Stefan Eissing (21 Mar 2024)
-
-- http2, http3: only return CURLE_PARTIAL_FILE when bytes were received
-
- - should resolve spurious pytest failures when stream were reset
- right after response header were received
-
- Clsoes #13151
-
-- http: separate response parsing from response action
-
- - move code that triggers on end-of-response into separate function from
- parsing
- - simplify some headp/headerlen usage
- - add `httpversion` to SingleRequest to indicate the version of the
- current response
-
- Closes #13134
-
-Daniel Stenberg (21 Mar 2024)
-
-- http2: remove the third (unused) argument from http2_data_done()
-
- Closes #13154
-
-- RELEASE-NOTES: synced
-
-Evgeny Grin (Karlson2k) (21 Mar 2024)
-
-- RELEASE-NOTES: corrected
-
- Corrected link for item 118
-
- Closes #13157
-
-Daniel Stenberg (19 Mar 2024)
-
-- CURLOPT_INTERFACE.md: remove spurious amp, add see-also
-
- Closes #13149
-
-Stefan Eissing (19 Mar 2024)
-
-- http: improve response header handling, save cpu cycles
-
- Saving some cpu cycles in http response header processing:
- - pass the length of the header line along
- - use string constant sizeof() instead of strlen()
- - check line length if prefix is possible
- - switch on first header char to limit checks
-
- Closes #13143
-
-Daniel Stenberg (19 Mar 2024)
-
-- tool_getparam: accept a blank -w ""
-
- Added test 468 to verify.
-
- Regression from 07bcae89d5d00 (shipped in 8.6.0)
- Reported-by: Thomas Pyle
- Fixes #13144
- Closes #13145
-
-Evgeny Grin (Karlson2k) (18 Mar 2024)
-
-- curl_sha512_256: work around a NetBSD bug
-
- Based on Michael Kaufmann analysis and suggestion
-
- Closes #13133
-
-Stefan Eissing (18 Mar 2024)
-
-- http: expect 100 rework
-
- Move all handling of HTTP's `Expect: 100-continue` feature into a client
- reader. Add sending flag `KEEP_SEND_TIMED` that triggers transfer
- sending on general events like a timer.
-
- HTTP installs a `CURL_CR_PROTOCOL` reader when announcing `Expect:
- 100-continue`. That reader works as follows:
-
- - on first invocation, records time, starts the `EXPIRE_100_TIMEOUT`
- timer, disables `KEEP_SEND`, enables `KEEP_SEND_TIMER` and returns 0,
- eos=FALSE like a paused upload.
-
- - on subsequent invocation it checks if the timer has expired. If so, it
- enables `KEEP_SEND` and switches to passing through reads to the
- underlying readers.
-
- Transfer handling's `readwrite()` will be invoked when a timer expires
- (like `EXPIRE_100_TIMEOUT`) or when data from the server arrives. Seeing
- `KEEP_SEND_TIMER`, it will try to upload more data, which triggers
- reading from the client readers again. Which then may lead to a new
- pausing or cause the upload to start.
-
- Flags and timestamps connected to this have been moved from
- `SingleRequest` into the reader's context.
-
- Closes #13110
-
-- mbedtls: fix pytest for newer versions
-
- Fix the expectations in pytest for newer versions of mbedtls
-
- Closes #13132
-
-Daniel Stenberg (15 Mar 2024)
-
-- ipv6.md: mention IPv4 mapped addresses
-
- Reported-by: Josh Soref
- Assisted-by: Jay Satiro
- Fixes #13112
- Closes #13131
-
-Stefan Eissing (15 Mar 2024)
-
-- http: revisit http_perhapsrewind()
-
- - use facilities provided by client readers better
- - work also for non-uploading requests like GET/HEAD
- - update documentation
-
- Closes #13117
-
-- test 1541: verify getinfo values on first header callback
-
- Reported-by: chensong1211 on github
- Ref: #13125
- Closes #13128
-
-- TLS: start shutdown only when peer did not already close
-
- - When curl sees a TCP close from the peer, do not start a TLS shutdown.
- TLS shutdown is a handshake and if the peer already closed the
- connection, it is not interested in participating.
-
- Reported-by: dfdity on github
- Assisted-by: Jiří Bok
- Assisted-by: Pēteris Caune
- Fixes #10290
- Closes #13087
-
-Daniel Stenberg (14 Mar 2024)
-
-- RELEASE-NOTES: synced
-
-- curl: make --libcurl output better CURLOPT_*SSLVERSION
-
- The option is really two enums ORed together, so it needs special
- attention to make the code output nice.
-
- Added test 1481 to verify. Both the server and the proxy versions.
-
- Reported-by: Boris Verkhovskiy
- Fixes #13127
- Closes #13129
-
-- GHA/linux: add sysctl trick to work-around GitHub runner issue
-
- The GitHub image runner update from 20240304.1.0 to 20240310.1
- introduces a problem for clang-14. The issue is caused by
- incompatibility between llvm 14 provided in ubuntu-22.04 image and the
- much newer kernel configured with high-entropy ASLR.
-
- As a work-around, we issue a sysctl command to lower the entropy and get
- clang-14 to work again.
-
- URL: https://github.com/actions/runner-images/issues/9491
-
- Closes #13124
-
-- SPONSORS: describe the basics
-
- Closes #13119
-
-- GOVERNANCE: document the core team
-
- Closes #13118
-
-Jay Satiro (13 Mar 2024)
-
-- vquic-tls: fix the error code returned for bad CA file
-
- - Return CURLE_SSL_CACERT_BADFILE if wolfSSL encounters a problem
- reading the cert file or path.
-
- This is a follow-up to the parent commit aedbbdf1.
-
- Reported-by: Karthikdasari0423@users.noreply.github.com
-
- Fixes https://github.com/curl/curl/issues/13115
-
-Daniel Stenberg (12 Mar 2024)
-
-- vquic-tls: return appropirate errors on wolfSSL errors
-
- Reported-by: Dexter Gerig
- Closes #13107
-
-Viktor Szakats (12 Mar 2024)
-
-- tidy-up: one comment and EOF newlines
-
- Reviewed-by: Daniel Stenberg
- Closes #13108
-
-Daniel Stenberg (12 Mar 2024)
-
-- cmdline-opts: language cleanups
-
- Use imperative mood consistently for the first sentence describing an
- option.
-
- "Set this" instead "tell curl to set" or "this sets..."
-
- Plus some extra cleanups and rephrasing.
-
- Closes #13106
-
-- managen: remove space before protocols
-
- For options that are listed for specific protocols, the protocols (shown
- first within parentheses) are now output without the leading space in the
- manpage output.
-
- Closes #13105
-
-Jay Satiro (12 Mar 2024)
-
-- mbedtls: properly cleanup the thread-shared entropy
-
- - Store the state of the thread-shared entropy for global init/cleanup.
-
- - Use curl's thread support of mbedtls for all Windows builds instead of
- just when the threaded resolver is used via USE_THREADS_WIN32.
-
- Prior to this change on global cleanup curl builds that have curl thread
- support for mbedtls freed the entropy (8b1d2298) but failed to mark that
- it had been freed, which caused problems on subsequent init + transfer.
-
- Bug: https://github.com/curl/curl/discussions/11919#discussioncomment-8687105
- Reported-by: awesomekosm@users.noreply.github.com
-
- Closes https://github.com/curl/curl/pull/13071
-
-Daniel Stenberg (12 Mar 2024)
-
-- tool_getparam: handle non-existing (out of range) short-options
-
- ... correctly, even when they follow an existing one without a space in
- between.
-
- Verify with test 467
-
- Follow-up to 07dd60c05b
- Reported-by: Geeknik Labs
- Fixes #13101
- Closes #13102
-
-Stefan Eissing (11 Mar 2024)
-
-- lib: move 'done' parameter to SingleRequests
-
- A transfer may do several `SingleRequest`s for its success. This happens
- regularly for authentication, follows and retries on failed connections.
- The "readwrite()" calls and functions connected to those carried a `bool
- *done` parameter to indicate that the current `SingleRequest` is over.
- This may happen before `upload_done` or `download_done` bits of
- `SingleRequest` are set.
-
- The problem with that is now `write_resp()` protocol handlers are
- invoked in places where the `bool *done` cannot be passed up to the
- caller. Instead of being a bool in the call chain, it needs to become a
- member of `SingleRequest`, reflecting its state.
-
- This removes the `bool *done` parameter and adds the `done` bit to
- `SingleRequest` instead. It adds `Curl_req_soft_reset()` for using a
- `SingleRequest` in a follow up, clearing `done` and other
- flags/counters.
-
- Closes #13096
-
-- request: clarify message when request has been sent off
-
- Change the "uploaded and fine" message for requests without a body
-
- Reported-by: Karthikdasari0423 on github
- Fixes #13093
- Closes #13095
-
-Daniel Stenberg (11 Mar 2024)
-
-- RELEASE-NOTES: synced
-
-Stefan Eissing (9 Mar 2024)
-
-- lib: keep conn IP information together
-
- new struct ip_quadruple for holding local/remote addr+port
-
- - used in data->info and conn and cf-socket.c
- - copy back and forth complete struct
- - add 'secondary' to conn
- - use secondary in reporting success for ftp 2nd connection
-
- Reported-by: DasKutti on github
- Fixes #13084
- Closes #13090
-
-Daniel Stenberg (8 Mar 2024)
-
-- scripts/managen: the new name and home for the manpage generator
-
- It was previously docs/cmdline-opts/gen.pl
-
- Closes #13089
-
-- VULN-DISCLOSURE-POLICY.md: update detail about CVE requests
-
- curl is a CNA now
-
- Closes #13088
-
-Stefan Eissing (8 Mar 2024)
-
-- lib: client reader polish
-
- - seek_func/seek_client, use transfer values only
- - remove copies held in `struct connectdata`, use only
- ever `data->set.seek_func`
- - resolves possible issues in multiuse connections
- - new mime post reader eliminates need to ever overwriting this
-
- - websockets, remove empty Curl_ws_done() function
-
- Closes #13079
-
-Marcel Raad (8 Mar 2024)
-
-- lib1598: fix `CURLOPT_POSTFIELDSIZE` usage
-
- It requires a `long` argument.
-
- Closes https://github.com/curl/curl/pull/13085
-
-Daniel Stenberg (8 Mar 2024)
-
-- docs/cmdline-opts: drop the curl.1 from the dist tarball
-
- Since it is no longer needed for building tool_hugehelp.c and all the
- docs is available in readable markdown format in the tarball, the peeps
- that don't want to build the manpage still do good.
-
- Removing it also fixes the complexity of out-of-tree builds when the
- curl.1 exists in the source tree.
-
-- test1140/1173: extend wildcards to find curl.1
-
- ... in its new build path.
-
- Also update the test scripts to be more precise in error messages to
- help us understand CI errors better.
-
- Follow-up to f03c85635f35269f1
- Ref: #13029
- Closes #13083
-
-- http2: minor tweaks to optimize two struct sizes
-
- - use BIT() instead of bool
- - place the struct fields in (roughly) size order
-
- Closes #13082
-
-- buildconf.bat: remove outdated groff/nroff use
-
- - don't try to generate the real hugehelp file, because it requires
- curl.txt which needs a build
- - don't attempt to do anything in a c-ares subdirectory
-
- Follow-up to f03c85635f35269
- Closes #13078
-
-- http2: memory errors in the push callbacks are fatal
-
- Use the correct nghttp2 error code accordingly.
-
- Closes #13081
-
-Viktor Szakats (7 Mar 2024)
-
-- mkhelp: rename variable to fix compiler warnings
-
- ```
- src\tool_operate.c(541,33): warning C4459: declaration of 'm' hides global de
- claration [_bld\src\curl.vcxproj]
- _bld\src\tool_hugehelp.c(8,27):
- see declaration of 'm'
- src\tool_paramhlp.c(307,14): warning C4459: declaration of 'm' hides global d
- eclaration [_bld\src\curl.vcxproj]
- src\tool_progress.c(118,16): warning C4459: declaration of 'm' hides global d
- eclaration [_bld\src\curl.vcxproj]
- src\tool_writeout.c(288,31): warning C4459: declaration of 'm' hides global d
- eclaration [_bld\src\curl.vcxproj]
- ```
- Ref: https://ci.appveyor.com/project/curlorg/curl/builds/49348159/job/51ee75c
- d2n0wj6lc#L614
-
- Reviewed-by: Daniel Stenberg
- Closes #13077
-
-Daniel Stenberg (7 Mar 2024)
-
-- KNOWN_BUGS: POP3 issue when reading small chunks
-
- Closes #12063
-
-- RELEASE-NOTES: synced
-
-Robert Moreton (7 Mar 2024)
-
-- asyn-ares: fix data race warning
-
- - Store the c-ares version during global init.
-
- Prior to this change several threads could write the same data to a
- static int variable at the same time. Though in practice it's not a
- problem ThreadSanitizer may warn.
-
- Reported-by: Nikita Taranov
- Assisted-by: Jay Satiro
-
- Fixes #13065
- Closes #13000
-
-Stefan Eissing (7 Mar 2024)
-
-- hyper: implement unpausing via client reader
-
- Just a tidy up to contain 'ifdef' pollution of common
- code parts with implementation specifics.
-
- - remove the ifdef hyper unpausing in easy.c
- - add hyper client reader for CURL_CR_PROTOCOL phase
- that implements the unpause method for calling
- the hyper waker if it is set
-
- Closes #13075
-
-- ngtcp2: no recvbuf for stream
-
- - write response data directly to the transfer via
- `Curl_xfer_write_resp()` like we do in HTTP/2.
-
- Closes #13073
-
-- docs/cmdline-opts/.gitignore: ignore curl.txt
-
- Closes #13076
-
-Evgeny Grin (Karlson2k) (7 Mar 2024)
-
-- sha512_256: add support for GnuTLS and OpenSSL
-
- This is a follow-up for PR #12897.
-
- Add support for SHA-512/256 digest calculation by TLS backends.
- Currently only OpenSSL and GnuTLS (actually, nettle) support
- SHA-512/256.
-
- Closes #13070
-
-- digest: add check for hashing error
-
- Closes #13072
-
-Viktor Szakats (7 Mar 2024)
-
-- cmake: enable `ENABLE_CURL_MANUAL` by default
-
- Meaning `curl.1` and `src/tool_hugehelp.c` are built by default,
- and `--manual` in curl tool is also enabled by default.
-
- This syncs behaviour with autotools.
-
- For a reproducible `curl.1`, `SOURCE_DATE_EPOCH` needs to be set
- to a consistent date, e.g. the timestamp of `CHANGES`.
-
- A pre-built manual (e.g. the one distributed in the official source
- tarball) will be ignored and rebuilt after this patch, unless
- explicitly disabling this option.
-
- Fixes #13028
- Closes #13069
-
-Stefan Eissing (7 Mar 2024)
-
-- http2: push headers better cleanup
-
- - provide common cleanup method for push headers
-
- Closes #13054
-
-Daniel Stenberg (7 Mar 2024)
-
-- GIT-INFO: convert to markdown
-
- Closes #13074
-
-Richard Levitte (7 Mar 2024)
-
-- cmake: fix libcurl.pc and curl-config library specifications
-
- Letting CMake figure out where libraries are located gives you full
- paths. When generating libcurl.pc and curl-config, getting libraries as
- full paths is unusual when one expects to get a list of -l<libname>.
-
- To meet expectations, an effort is made to convert the full paths into
- -l<libname>, possibly with -L<libdir> before it.
-
- Fixes #6169
- Fixes #12748
- Closes #12930
-
-Daniel Stenberg (7 Mar 2024)
-
-- test463: HTTP with -d @file with file containing CR, LF and null byte
-
-- paramhlp: fix CRLF-stripping files with "-d @file"
-
- All CR and LF bytes should be stripped, as documented, and all other
- bytes are inluded in the data. Starting now, it also excludes null bytes
- as they would otherwise also cut the data short.
-
- Reported-by: Simon K
- Fixes #13063
- Closes #13064
-
-Viktor Szakats (7 Mar 2024)
-
-- cmake: fix `CURL_WINDOWS_SSPI=ON` with Schannel disabled
-
- Prior to this change `CURL_WINDOWS_SSPI` was accidentally forced `OFF`
- when building without the Schannel TLS backend.
-
- This in turn may have caused Kerberos, SPNEGO and SSPI features
- disappearing even with `CURL_WINDOWS_SSPI=ON` set.
-
- This patch fixes it by using the `CURL_USE_SCHANNEL` setting as a
- default for `CURL_WINDOWS_SSPI`, but allowing a manual override.
-
- Also update the option text to better tell its purpose.
-
- Thanks-to: Andreas Loew
- Reviewed-by: Daniel Stenberg
- Ref: #13056
- Closes #13061
-
-Jay Satiro (6 Mar 2024)
-
-- KNOWN_BUGS: FTPS server compatibility on Windows with Schannel
-
- - Remove "2.12 FTPS with Schannel times out file list operation"
-
- - Remove "7.12 FTPS directory listing hangs on Windows with Schannel"
-
- - Add "7.12 FTPS server compatibility on Windows with Schannel"
-
- This change adds a more generic bug description that explains FTPS with
- the latest curl and Schannel is not widely used and may have more bugs
- than other TLS backends.
-
- The two removed FTPS Schannel bugs can't be reproduced any longer and
- were likely fixed by 24d6c288.
-
- Ref: https://github.com/curl/curl/issues/5284
- Ref: https://github.com/curl/curl/issues/9161
- Ref: https://github.com/curl/curl/issues/12894
-
- Closes https://github.com/curl/curl/pull/13032
-
-- trace-config.md: remove the mutexed options list
-
- - Remove the rendered manpage message that says:
- "[--trace-config] is mutually exclusive to --trace and -v, --verbose".
-
- Actually it can be used with either of those options, which are mutually
- exclusive to each other but not to --trace-config.
-
- Ref: https://curl.se/docs/manpage.html#--trace-config
-
- Closes https://github.com/curl/curl/pull/13031
-
-Daniel Stenberg (6 Mar 2024)
-
-- mkhelp: simplify the generated hugehelp program
-
- Use a plain array and puts() every line, also allows us to provide the
- strings without ending newlines.
-
- - merge blank lines into the next one as a prefixed newline.
- - turn eight consecutive spaces into a tab (since they can only be on the
- left side of text)
- - the newly generated tool_hugehelp is 3K lines shorter and 50K smaller
- - modifies the top logo layout a little by reducing the indent
-
- Closes #13047
-
-- docs: ascii version of manpage without nroff
-
- Create ASCII version of manpage without nroff
-
- - build src/tool_hugegelp.c from the ascii manpage
- - move the the manpage and the ascii version build to docs/cmdline-opts
- - remove all use of nroff from the build process
- - should make the build entirely reproducible (by avoiding nroff)
-
- - partly reverts 2620aa9 to build libcurl option man pages one by one
- in cmake because the appveyor builds got all crazy until I did
-
- The ASCII version of the manpage
-
- - is built with gen.pl, just like the manpage is
- - has a right-justified column making the appearance similar to the previous
- version
- - uses a 4-space indent per level (instead of the old version's 7)
- - does not do hyphenation of words (which nroff does)
-
- History
-
- We first made the curl build use nroff for building the hugehelp file in
- December 1998, for curl 5.2.
-
- Closes #13047
-
-Stefan Eissing (6 Mar 2024)
-
-- lib: add `void *ctx` to reader/writer instances
-
- - `struct Curl_cwriter` and `struct Curl_creader` now carry a
- `void *ctx` member that points to the instance as allocated.
- - using `r->ctx` and `w->ctx` as pointer to the instance specific
- struct that has been allocated
-
- Reported-by: Rudi Heitbaum
- Fixes #13035
- Closes #13059
-
-- http: fix dead code in setting post client reader
-
- - postsize was always 0, thus the check's else never happened
- after the mime client reader was introduced
-
- Follow-up to 0ba47146f7ff3d
- Closes #13060
-
-- http2: fix push discard
-
- - fix logic in discarding a failed pushed stream so that
- stream context is properly cleaned up
-
- Closes #13055
-
-- transfer.c: break receive loop in speed limited transfers
-
- - the change breaks looping in transfer.c receive for transfers that are
- speed limited on having gotten *some* bytes.
- - the overall speed limit timing is done in multi.c
-
- Reported-by: Dmitry Karpov
- Bug: https://curl.se/mail/lib-2024-03/0001.html
- Closes #13050
-
-- mime: add client reader
-
- Add `mime` client reader. Encapsulates reading from mime parts, getting
- their length, rewinding and unpausing.
-
- - remove special mime handling from sendf.c and easy.c
- - add general "unpause" method to client readers
- - use new reader in http/imap/smtp
- - make some mime functions static that are now only used internally
-
- In addition:
- - remove flag 'forbidchunk' as no longer needed
-
- Closes #13039
-
-Daniel Stenberg (5 Mar 2024)
-
-- RELEASE-NOTES: synced
-
-- TODO: remove "build HTTP/3 with OpenSSL and nghttp3 using cmake"
-
- Follow-up to 8e741644a229c37
-
-Tal Regev (5 Mar 2024)
-
-- cmake: add USE_OPENSSL_QUIC support
-
- Closes #13034
-
-Stefan Eissing (5 Mar 2024)
-
-- TIMER_STARTTRANSFER: set the same for everyone
-
- - set TIMER_STARTTRANSFER on seeing the first response bytes
- in the download client writer, not coming from a CONNECT
- - initialized the timer the same way for all protocols
- - remove explicit setting of TIMER_STARTTRANSFER in file.c
- and c-hyper.c
-
- Closes #13052
-
-Michael Kaufmann (5 Mar 2024)
-
-- http: better error message for HTTP/1.x response without status line
-
- If a response without a status line is received, and the connection is
- known to use HTTP/1.x (not HTTP/0.9), report the error "Invalid status
- line" instead of "Received HTTP/0.9 when not allowed".
-
- Closes #13045
-
-Viktor Szakats (5 Mar 2024)
-
-- KNOWN_BUGS: fix typo
-
- Reviewed-by: Daniel Stenberg
- Closes #13051
-
-Sebastian Neubauer (5 Mar 2024)
-
-- smpt: fix starttls
-
- In cases where the connection was fast, curl sometimes failed to open a
- connection. This fixes a regression of c2d973627bab12abc5486a3f3.
-
- The regression triggered in these steps:
-
- 1. Create an smtp connection
- 2. Use STARTTLS
- 3. Receive the response
- 4. We are inside the loop in `smtp_statemachine`, calling
- `smtp_state_starttls_resp`
- 5. In the good flow, we exit the loop, re-enter `smtp_statemachine` and
- run `smtp_perform_upgrade_tls` at the start of the function.
-
- In the bad flow, we stay in the while loop, calling
- `Curl_pp_readresp`, which reads part of the TLS handshake and things
- go wrong.
-
- The reason is that `Curl_pp_moredata` changed behavior and always
- returns `true`, so we stay in the loop in `smtp_statemachine`. With a
- slow connection `Curl_pp_readresp` cannot read new data and returns
- `CURL_AGAIN`, so we leave the loop and re-enter `smtp_statemachine`.
-
- With a fast connection, `Curl_pp_readresp` reads new data from the tcp
- connection, which is part of the TLS handshake.
-
- The fix is in `Curl_pp_moredata`, which needs to take the final line
- into account and return `false` if only the final line is stored.
-
- Closes #13048
-
-Stefan Eissing (5 Mar 2024)
-
-- lib: enhance client reader resume + rewind
-
- - update client reader documentation
- - client reader, add rewind capabilities
- - tell creader to rewind on next start
- - Curl_client_reset() will keep reader for future rewind if requested
- - add Curl_client_cleanup() for freeing all resources independent of
- rewinds
- - add Curl_client_start() to trigger rewinds
- - move rewind code from multi.c to sendf.c and make part of
- "cr-in"'s implementation
- - http, move the "resume_from" handling into the client readers
- - the setup of a HTTP request is reshuffled to follow:
- * determine method, target, auth negotiation
- * install the client reader(s) for the request, including crlf
- conversions and "chunked" encoding
- * apply ranges to client reader
- * concat request headers, upgrades, cookies, etc.
- * complete request by determining Content-Length of installed
- readers in combination with method
- * send
- - add methods for client readers to
- * return the overall length they will generate (or -1 when unknown)
- * return the amount of data on the CLIENT level, so that
- expect-100 can decide if it want to apply itself
- * set a "resume_from" offset or fail if unsupported
- - struct HTTP has become largely empty now
- - rename `Client_reader_*` to `Curl_creader_*`
-
- Closes #13026
-
-Viktor Szakats (5 Mar 2024)
-
-- openssl-quic: fix BIO leak and Windows warning
-
- Caused by an accidentally duplicated line in
- d6825df334def106f735ce7e0c1a2ea87bddffb0.
-
- ```
- .../lib/vquic/curl_osslq.c:1095:30: warning: implicit conversion loses intege
- r precision: 'curl_socket_t' (aka 'unsigned long long') to 'int' [-Wshorten-6
- 4-to-32]
- 1095 | bio = BIO_new_dgram(ctx->q.sockfd, BIO_NOCLOSE);
- | ~~~~~~~~~~~~~ ~~~~~~~^~~~~~
- 1 warning and 2 errors generated.
- ```
-
- Reviewed-by: Stefan Eissing
- Closes #13043
-
-- openssl-quic: fix unity build, casing, indentation
-
- - rename static functions to avoid duplicate symbols in unity mode.
- - windows -> Windows/window in error message and comment.
- - fix indentation.
-
- Reviewed-by: Stefan Eissing
- Closes #13044
-
-Daniel Stenberg (5 Mar 2024)
-
-- gen.pl: make the "manpageification" faster
-
- The function that replaces occurances of "--longoption" with "-Z,
- --longoption" etc with the proper highlight applied, no longer loops
- over the options.
-
- Closes #13041
-
-- CONTRIBUTE: update the section on documentation format
-
- ... since most of it is markdown now.
-
- Closes #13046
-
-- smtp: free a temp resource
-
- The returned address needs to be freed.
-
- Follow-up to e3905de8196d67b89df1602feb84c1f993211b20
- Spotted by Coverity
-
- Closes #13038
-
-- _VARIABLES.md: improve the description
-
- Closes #13040
-
-dependabot[bot] (4 Mar 2024)
-
-- build(deps): bump fsfe/reuse-action from 2 to 3
-
- Bumps [fsfe/reuse-action](https://github.com/fsfe/reuse-action) from 2 to 3.
- - [Release notes](https://github.com/fsfe/reuse-action/releases)
- - [Commits](https://github.com/fsfe/reuse-action/compare/v2...v3)
-
- ---
- updated-dependencies:
- - dependency-name: fsfe/reuse-action
- dependency-type: direct:production
- update-type: version-update:semver-major
- ...
-
- Signed-off-by: dependabot[bot] <support@github.com>
-
-Stefan Eissing (4 Mar 2024)
-
-- pytest: adapt to API change
-
- - pytest has changed the signature of the hook pytest_report_header()
- for some obscure reason and that change landed in our CI now
-
- - remove the changed param that we never used anyway
-
- Closes #13037
-
-Daniel Stenberg (4 Mar 2024)
-
-- cookie: if psl fails, reject the cookie
-
- A libpsl install without data and no built-in database is now considered
- bad enough to reject all cookies since they cannot be checked. It is
- somewhat of a user error, but still.
-
- Reported-by: Dan Fandrich
- Closes #13033
-
-Stefan Eissing (4 Mar 2024)
-
-- lib: further send/upload handling polish
-
- - Move all the "upload_done" handling to request.c
-
- - add possibility to abort sending of a request
- - add `Curl_req_done_sending()` for checks
- - transfer.c: readwrite_upload() now clean
-
- - removing data->state.ulbuf and data->req.upload_fromhere
-
- - as well as data->req.upload_present
- - set data->req.upload_done on having read all from
- the client and completely flushed the send buffer
-
- - tftp, remove setting of data->req.upload_fromhere
-
- - serves no purpose as `upload_present` is not set
- and the data itself is directly `sendto()` anyway
-
- - smtp, make upload EOB conversion a client reader
- - xfer_ulbuf addition
-
- - add xfer_ulbuf for borrowing, similar to xfer_buf
- - use in file upload
- - use in c-hyper body sending
-
- - h1-proxy, remove init of data->state.uilbuf that is never used
- - smb, add own send_buf instead of using data->state.ulbuf
-
- Closes #13010
-
-Daniel Stenberg (4 Mar 2024)
-
-- RELEASE-NOTES: synced
-
-kpcyrd (3 Mar 2024)
-
-- rustls: fix two warnings related to number types
-
- Reported-by: Gisle Vanem
- Follow-up to #12989
- Closes #13017
-
-Stefan Eissing (3 Mar 2024)
-
-- bufq: writing into a softlimit queue cannot be partial
-
- - when unable to obtain a new chunk on a softlimit bufq,
- this is an allocation error and needs to be reported as
- such.
- - writes into a soflimit bufq never must be partial success
-
- Reported-by: Dan Fandrich
- Fixes #13020
- Closes #13023
-
-Dan Fandrich (2 Mar 2024)
-
-- configure: Don't build shell completions when disabled
-
- With the recent changes to completion file building, the files were
- built always and only installation was selectively disabled. Now, when
- they are disabled they aren't even built, avoiding a build-time error in
- environments where it's not possible to run the curl binary that was
- just created (e.g. if library paths were not set up correctly).
-
- Follow-up to 0f7aba83c
-
- Reported-by: av223119 on github
- Fixes #13027
- Closes #13030
-
-Jay Satiro (2 Mar 2024)
-
-- cmdline-opts/_EXITCODES: sync with libcurl-errors
-
- - Add error code 100 (CURLE_TOO_LARGE) to the list of error codes that
- can be returned by the curl tool.
-
- Closes https://github.com/curl/curl/pull/13015
-
-Stefan Eissing (1 Mar 2024)
-
-- hyper: disable test1598 due to lack of trailer support
-
- Follow-up to 50838095
-
- Closes #13016
-
-Dan Fandrich (1 Mar 2024)
-
-- ftp: Mark a const buffer as const
-
-- appveyor: Properly skip if only CircleCI is changed
-
-- docs: Update minimal binary size in INSTALL.md
-
- Include more options to reduce binary size.
-
-- configure: Don't make shell completions without perl
-
- The code that attempted to skip building the shell completions didn't
- work properly and tried to build them even if perl wasn't available.
- This step, as well as the install step, is now properly skipped without
- perl.
-
- Follow-up to 89733e2dd
-
- Closes #13022
-
-RainRat (1 Mar 2024)
-
-- misc: Fix typos in docs and lib
-
- This fixes miscellaneous typos and duplicated words in the docs, lib
- and test comments and a few user facing errorstrings.
-
- Author: RainRat on Github
- Reviewed-by: Daniel Gustafsson <daniel@yesql.se>
- Reviewed-by: Dan Fandrich <dan@coneharvesters.com>
- Closes: #13019
-
-Dan Fandrich (29 Feb 2024)
-
-- configure: build & install shell completions when enabled
-
- The --with-fish-functions-dir and --with-zsh-functions-dir options
- currently have no effect on a normal build because the scripts/ directory
- where they're used is not built. Add scripts/ to a normal build and
- change the completion options to default to off to preserve the existing
- behaviour.
-
- Closes: #12906
-
-- github/labeler: improve the match patterns
-
-Stefan Eissing (28 Feb 2024)
-
-- tests: add test1598 for POST with trailers
-
- - test POST fields with trailers and chunked encoding
-
- Ref: #12938
- Closes #13009
-
-Daniel Stenberg (28 Feb 2024)
-
-- cmdline-opts/_VERSION: provide %VERSION correctly
-
- ... so that it does not get included verbatim in the output. Fixes a
- regression shipped in 8.6.0.
-
- Also fix a format mistake in form.md
-
- Closes #13008
-
-Stefan Eissing (28 Feb 2024)
-
-- lib: Curl_read/Curl_write clarifications
-
- - replace `Curl_read()`, `Curl_write()` and `Curl_nwrite()` to
- clarify when and at what level they operate
- - send/recv of transfer related data is now done via
- `Curl_xfer_send()/Curl_xfer_recv()` which no longer has
- socket/socketindex as parameter. It decides on the transfer
- setup of `conn->sockfd` and `conn->writesockfd` on which
- connection filter chain to operate.
- - send/recv on a specific connection filter chain is done via
- `Curl_conn_send()/Curl_conn_recv()` which get the socket index
- as parameter.
- - rename `Curl_setup_transfer()` to `Curl_xfer_setup()` for
- naming consistency
- - clarify that the special CURLE_AGAIN hangling to return
- `CURLE_OK` with length 0 only applies to `Curl_xfer_send()`
- and CURLE_AGAIN is returned by all other send() variants.
- - fix a bug in websocket `curl_ws_recv()` that mixed up data
- when it arrived in more than a single chunk (to be made
- into a sperate PR, also)
-
- Added as documented [in
- CLIENT-READER.md](https://github.com/curl/curl/blob/5b1f31dfbab8aef467c419c68
- aa06dc738cb75d4/docs/CLIENT-READERS.md).
-
- - old `Curl_buffer_send()` completely replaced by new `Curl_req_send()`
- - old `Curl_fillreadbuffer()` replaced with `Curl_client_read()`
- - HTTP chunked uploads are now formatted in a client reader added when
- needed.
- - FTP line-end conversions are done in a client reader added when
- needed.
- - when sending requests headers, remaining buffer space is filled with
- body data for sending in "one go". This is independent of the request
- body size. Resolves #12938 as now small and large requests have the
- same code path.
-
- Changes done to test cases:
-
- - test513: now fails before sending request headers as this initial
- "client read" triggers the setup fault. Behaves now the same as in
- hyper build
- - test547, test555, test1620: fix the length check in the lib code to
- only fail for reads *smaller* than expected. This was a bug in the
- test code that never triggered in the old implementation.
-
- Closes #12969
-
-Daniel Gustafsson (28 Feb 2024)
-
-- curldown: Fix email address in Copyright
-
- The curldown conversion accidentally replaced daniel@haxx.se with
- just daniel.se. This reverts back to the proper email address in
- the curldown docs as well as in a few other stray places where it
- was incorrect (while unrelated to curldown).
-
- Reviewed-by: Daniel Stenberg <daniel@haxx.se>
- Closes: #12997
-
-Daniel Stenberg (28 Feb 2024)
-
-- getparam: make --ftp-ssl work again
-
- Follow-up to 9e4e527 which accidentally broke it
-
- Reported-by: Jordan Brown
- Fixes #13006
- Closes #13007
-
-- KNOWN_BUGS: IMAPS connection fails with rustls error
-
- Closes #10457
-
-- KNOWN_BUGS: FTPS upload, FileZilla, GnuTLS and close_notify
-
- Closes #11383
-
-- KNOWN_BUGS: Implicit FTPS upload timeout
-
- Closes #11720
-
-- KNOWN_BUGS: HTTP/2 prior knowledge over proxy
-
- Closes #12641
-
-- TODO: build HTTP/3 with OpenSSL and nghttp3 using cmake
-
- Closes #12988
-
-- TODO: Select signature algorithms
-
- Closes #12982
-
-- examples: use present tense in comments
-
- remove "will" and some other word fixes
-
- Closes #13003
-
-- docs: more language cleanups
-
- - present tense
- - avoid bad words
-
- Closes #13003
-
-Daniel Gustafsson (27 Feb 2024)
-
-- setopt: Fix disabling all protocols
-
- When disabling all protocols without enabling any, the resulting
- set of allowed protocols remained the default set. Clearing the
- allowed set before inspecting the passed value from --proto make
- the set empty even in the errorpath of no protocols enabled.
-
- Co-authored-by: Dan Fandrich <dan@telarity.com>
- Reported-by: Dan Fandrich <dan@telarity.com>
- Reviewed-by: Daniel Stenberg <daniel@haxx.se>
- Closes: #13004
-
-Andreas Kiefer (27 Feb 2024)
-
-- fopen: fix narrowing conversion warning on 32-bit Android
-
- This was fixed in commit 06dc599405f, but came back in commit
- 03cb1ff4d62.
-
- When building for 32-bit ARM or x86 Android, `st_mode` is defined as
- `unsigned int` instead of `mode_t`, resulting in a
- `-Wimplicit-int-conversion` clang warning because `mode_t` is
- `unsigned short`. Add a cast to silence the warning, but only for
- 32-bit Android builds, because other architectures and platforms are
- not affected.
-
- Ref: https://android.googlesource.com/platform/bionic/+/refs/tags/ndk-r25c/li
- bc/include/sys/stat.h#86
- Closes https://github.com/curl/curl/pull/12998
-
-Stefan Eissing (27 Feb 2024)
-
-- lib: Curl_read/Curl_write clarifications
-
- - replace `Curl_read()`, `Curl_write()` and `Curl_nwrite()` to
- clarify when and at what level they operate
- - send/recv of transfer related data is now done via
- `Curl_xfer_send()/Curl_xfer_recv()` which no longer has
- socket/socketindex as parameter. It decides on the transfer
- setup of `conn->sockfd` and `conn->writesockfd` on which
- connection filter chain to operate.
- - send/recv on a specific connection filter chain is done via
- `Curl_conn_send()/Curl_conn_recv()` which get the socket index
- as parameter.
- - rename `Curl_setup_transfer()` to `Curl_xfer_setup()` for
- naming consistency
- - clarify that the special CURLE_AGAIN hangling to return
- `CURLE_OK` with length 0 only applies to `Curl_xfer_send()`
- and CURLE_AGAIN is returned by all other send() variants.
- - fix a bug in websocket `curl_ws_recv()` that mixed up data
- when it arrived in more than a single chunk
-
- The method for sending not just raw bytes, but bytes that are either
- "headers" or "body". The send abstraction stack, to to bottom, now is:
-
- * `Curl_req_send()`: has parameter to indicate amount of header bytes,
- buffers all data.
- * `Curl_xfer_send()`: knows on which socket index to send, returns
- amount of bytes sent.
- * `Curl_conn_send()`: called with socket index, returns amount of bytes
- sent.
-
- In addition there is `Curl_req_flush()` for writing out all buffered
- bytes.
-
- `Curl_req_send()` is active for requests without body,
- `Curl_buffer_send()` still being used for others. This is because the
- special quirks need to be addressed in future parts:
-
- * `expect-100` handling
- * `Curl_fillreadbuffer()` needs to add directly to the new
- `data->req.sendbuf`
- * special body handlings, like `chunked` encodings and line end
- conversions will be moved into something like a Client Reader.
-
- In functions of the pattern `CURLcode xxx_send(..., ssize_t *written)`,
- replace the `ssize_t` with a `size_t`. It makes no sense to allow for negativ
- e
- values as the returned `CURLcode` already specifies error conditions. This
- allows easier handling of lengths without casting.
-
- Closes #12964
-
-Daniel Stenberg (27 Feb 2024)
-
-- multi: make add_handle free any multi_easy
-
- If the easy handle that is being added to a multi handle has previously
- been used for curl_easy_perform(), there is a private multi handle here
- that we can kill off. While it flushes some caches etc for the easy
- handle would it be used for an easy interface transfer again after being
- used in the multi stack, this cleanup simplifies behavior and uses less
- memory.
-
- Closes #12992
-
-- docs: use present tense
-
- avoid "will", detect "will" as a bad word in the CI
-
- Also line wrapped a bunch of paragraphs
-
- Closes #13001
-
-- CURLOPT_SSL_CTX_FUNCTION.md: no promises of lifetime after return
-
- ... and cleanup other language.
-
- Closes #12999
-
-Stefan Eissing (27 Feb 2024)
-
-- lib: send rework
-
- Curl_read/Curl_write clarifications
-
- - replace `Curl_read()`, `Curl_write()` and `Curl_nwrite()` to 1clarify
- when and at what level they operate
-
- - send/recv of transfer related data is now done via
- `Curl_xfer_send()/Curl_xfer_recv()` which no longer has
- socket/socketindex as parameter. It decides on the transfer setup of
- `conn->sockfd` and `conn->writesockfd` on which connection filter
- chain to operate.
-
- - send/recv on a specific connection filter chain is done via
- `Curl_conn_send()/Curl_conn_recv()` which get the socket index as
- parameter.
-
- - rename `Curl_setup_transfer()` to `Curl_xfer_setup()` for naming
- consistency
-
- - clarify that the special CURLE_AGAIN handling to return `CURLE_OK`
- with length 0 only applies to `Curl_xfer_send()` and CURLE_AGAIN is
- returned by all other send() variants.
-
- SingleRequest reshuffling
-
- - move functions into request.[ch]
- - differentiate between reset and free
- - add Curl_req_done() to perform last actions
- - add a send `bufq` to SingleRequest for future use in keeping upload data
-
- Closes #12963
-
-Daniel Stenberg (26 Feb 2024)
-
-- RELEASE-NOTES: synced
-
-- http_chunks: remove unused 'endptr' variable
-
- Closes #12996
-
-Louis Solofrizzo (26 Feb 2024)
-
-- lib: initialize output pointers to NULL before calling strto[ff,l,ul]
-
- In order to make MSAN happy:
-
- ==2200945==WARNING: MemorySanitizer: use-of-uninitialized-value
- #0 0x596f3b3ed246 in curlx_strtoofft [...]/libcurl/src/lib/strtoofft.c:23
- 9:11
- #1 0x596f3b402156 in Curl_httpchunk_read [...]/libcurl/src/lib/http_chunk
- s.c:149:12
- #2 0x596f3b348550 in readwrite_data [...]/libcurl/src/lib/transfer.c:607:
- 11
- [...]
-
- ==2202041==WARNING: MemorySanitizer: use-of-uninitialized-value
- #0 0x5a3fab66a72a in Curl_parse_port [...]/libcurl/src/lib/urlapi.c:547:8
- #1 0x5a3fab650645 in parse_authority [...]/libcurl/src/lib/urlapi.c:796:1
- 2
- #2 0x5a3fab6740f6 in parseurl [...]/libcurl/src/lib/urlapi.c:1176:16
- #3 0x5a3fab664fc5 in parseurl_and_replace [...]/libcurl/src/lib/urlapi.c:
- 1342:12
- [...]
-
- ==2202320==WARNING: MemorySanitizer: use-of-uninitialized-value
- #0 0x569076a0d6b0 in ipv4_normalize [...]/libcurl/src/lib/urlapi.c:683:12
- #1 0x5690769f2820 in parse_authority [...]/libcurl/src/lib/urlapi.c:803:1
- 0
- #2 0x569076a160f6 in parseurl [...]/libcurl/src/lib/urlapi.c:1176:16
- #3 0x569076a06fc5 in parseurl_and_replace [...]/libcurl/src/lib/urlapi.c:
- 1342:12
- [...]
-
- Signed-off-by: Louis Solofrizzo <lsolofrizzo@scaleway.com>
- Closes #12995
-
-Stefan Eissing (26 Feb 2024)
-
-- lib: move client writer into own source
-
- Refactoring of the client writer that passes the data to the
- client/application's callback functions.
-
- - split out into own source cw-out.[ch] from sendf.c
-
- - move tempwrite and tempcount from data->state into the context of the
- client writer
-
- - redesign the 3 tempwrite dynbufs as a linked list of dynbufs. On
- paused transfers, this allows to "record" interleaved HEADER/BODY
- chunks to be "played back" in the same order on unpausing.
-
- - keep the overall size limit of all buffered data to DYN_PAUSE_BUFFER.
- On exceeding that, return CURLE_TOO_LARGE instead of
- CURLE_OUT_OF_MEMORY as before.
-
- - add method to be called when a transfer is DONE to allow writing of
- any data still buffered
-
- - when paused, record HEADER writes exactly as they come for later
- playback. HEADERs are documented to be written one-by-one.
-
- Closes #12898
-
-- urldata: move authneg bit from conn to Curl_easy
-
- - from `conn->bits.authneg` to `data->req.authneg`
- - this is a property of the request about to be made
- and not a property of the connection
- - in multiuse connections, transfer could step on each others
- toes here potentially.
-
- Closes #12949
-
-- c-hyper: add header collection writer in hyper builds
-
- Closes #12880
-
-- http: move headers collecting to writer
-
- - add a client writer that does "push" response
- headers written to the client if the headers api
- is enabled
- - remove special handling in sendf.c
- - needs to be installed very early on connection
- setup to catch CONNECT response headers
-
- Closes #12880
-
-- sendf: Curl_client_write(), make passed in buf const
-
-Michał Antoniak (26 Feb 2024)
-
-- lib: remove curl_mimepart object when CURL_DISABLE_MIME
-
- Remove curl_mimepart object from UserDefined structure when
- CURL_DISABLE_MIME flag is active. Reduce size of UserDefined structure.
-
- Also remove unreachable code: when CURL_DISABLE_MIME is set, httpreq can
- never have HTTPREQ_POST_MIME value and the same goes for the
- CURL_DISABLE_FORM_API flag and the HTTPREQ_POST_FORM value
-
- Closes #12948
-
-kpcyrd (26 Feb 2024)
-
-- rustls: make curl compile with 0.12.0
-
- Closes #12989
-
-Daniel Stenberg (26 Feb 2024)
-
-- strtoofft: fix the overflow check
-
- ... to not rely on wrapping, since it is an undefined behavior that is
- not what always might happen. This is in our private strtoff() parser
- function, used only on platforms without a native version.
-
- Reported-by: vulnerabilityspotter on hackerone
- Closes #12990
-
-- libssh/libssh2: return error on too big range
-
- If trying to get the range 0 - 2^63 and the remote file is 2^63 bytes or
- larger.
-
- Fixes #12983
- Closes #12984
-
-Scott Talbert (24 Feb 2024)
-
-- setopt: fix check for CURLOPT_PROXY_TLSAUTH_TYPE value
-
- Prior to this change CURLOPT_PROXY_TLSAUTH_TYPE would return
- CURLE_BAD_FUNCTION_ARGUMENT on any type other than NULL. Since there is
- only one type of TLS auth and it is also the default (SRP) the TLS auth
- would work anyway.
-
- Closes https://github.com/curl/curl/pull/12981
-
-Jay Satiro (24 Feb 2024)
-
-- mprintf: fix format prefix I32/I64 for windows compilers
-
- - Support I32 & I64 (eg: %I64d) for all Win32 builds.
-
- Prior to this change mprintf support for the I format prefix, which is a
- Microsoft extension, was dependent on the compiler used.
-
- When Borland compiler support was removed in fd7ef00f the prefix was
- then no longer supported for that compiler; however since it's still
- possible to build with Borland I'm restoring support for the prefix in
- this way.
-
- Reported-by: Paweł Witas
-
- Fixes https://github.com/curl/curl/issues/12944
- Closes https://github.com/curl/curl/pull/12950
-
-Daniel Stenberg (23 Feb 2024)
-
-- cd2nroff: gen: make `\>` in input to render as plain '>' in output
-
- The same (copy and pasted) fix/mistake as in gen.pl
-
-- gen: make `\>` in input to render as plain '>' in output
-
- Reported-by: Gisle Vanem
- Fixes #12977
- Closes #12978
-
-Fabrice Fontaine (23 Feb 2024)
-
-- configure.ac: find libpsl with pkg-config
-
- Find libpsl with pkg-config to avoid static build failures.
-
- Ref: http://autobuild.buildroot.org/results/1fb15e1a99472c403d0d3b1a688902f32
- e78d002
-
- Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
- Closes #12947
-
-Daniel Stenberg (23 Feb 2024)
-
-- BUG-BOUNTY.md: clarify that the curl security team decides
-
- Closes #12975
-
-- THANKS: add bug reporter from #740
-
- Ref: https://github.com/curl/curl/issues/740
-
-Stefan Eissing (22 Feb 2024)
-
-- multi: fix multi_sock handling of select_bits
-
- - OR the event bitmask to data->state.select_bits instead of overwriting
- them. They are cleared again on use.
-
- Reported-by: 5533asdg on github
- Fixes #12971
- Closes #12972
-
-Daniel Stenberg (22 Feb 2024)
-
-- curlver: bump to 8.7.0 for next release
-
-- RELEASE-NOTES: synced
-
-- write-out: add '%{proxy_used}'
-
- Returns 1 if the previous transfer used a proxy, otherwise 0. Useful to
- for example determine if a `NOPROXY` pattern matched the hostname or
- not.
-
- Extended test 970 and 972
-
-- CURLINFO_USED_PROXY: return bool whether the proxy was used
-
- Adds test536 to verify
-
- Closes #12719
-
-- sha512_256: remove the cast macro, minor language/format edits
-
- Follow-up to cbe41d151d6a100c
-
- Closes #12966
-
-Stefan Eissing (20 Feb 2024)
-
-- DoH: add trace configuration
-
- - refs #12397 where it is dicussed how to en-/disable verbose output
- of DoH operations
- - introducing `struct curl_trc_feat` to track a curl feature for
- tracing
- - adding `data->state.feat` optionally pointing to the feature a
- transfer belongs to
- - adding trace functions and verbosity checks on features
- - using trace feature in DoH code
- - documenting `doh` as feature for `--trace-config`
-
- Closes #12411
-
-- websocket: fix curl_ws_recv()
-
- - when data arrived in several chunks, the collection into
- the passed buffer always started at offset 0, overwriting
- the data already there.
-
- adding test_20_07 to verify fix
-
- - debug environment var CURL_WS_CHUNK_SIZE can be used to
- influence the buffer chunk size used for en-/decoding.
-
- Closes #12945
-
-Evgeny Grin (Karlson2k) (20 Feb 2024)
-
-- digest: support SHA-512/256
-
- Also fix the tests. New implementation tested with GNU libmicrohttpd.
- The new numbers in tests are real SHA-512/256 numbers (not just some
- random ;) numbers ).
-
-- tests: add SHA-512/256 unit test
-
-- SHA-512/256: implement hash algorithm
-
- Closes #12897
-
-- curl_setup.h: add curl_uint64_t internal type
-
- The unsigned version of curl_off_t basically
-
-Daniel Stenberg (20 Feb 2024)
-
-- docs: dist curl*.1 and install without perl
-
- Drop docs/mk-ca-bundle.1 from the tarball. It can be generated at will.
-
- Closes #12959
- Fixes #12921
- Reported-by: Michael Forney
-
-Stefan Eissing (20 Feb 2024)
-
-- OpenSSL QUIC: adapt to v3.3.x
-
- - set our idle timeout as transport parameter
- - query negotiated idle timeout for connection alive checks
- - query number of available bidi streams on a connection
- - use write_ex2 with SSL_WRITE_FLAG_CONCLUDE to signal
- EOF on last chunk write, so stream close does not
- require an additional QUIC packet
-
- Closes #12933
-
-Ramiro Garcia (19 Feb 2024)
-
-- MANUAL.md: fix typo
-
- Closes #12965
-
-Daniel Stenberg (19 Feb 2024)
-
-- BINDINGS: add mcurl, the python binding
-
- Ref: #12956
- Closes #12962
-
-- mk-ca-bundle.md: cleanups and polish
-
- Closes #12958
-
-- spellcheck.yml: remove .1/.3 handling, clean all man page .md files
-
- Since we generate all .1 and .3 files from markdown now, we can limit
- the spellcheck to the markdown versions only.
-
- Closes #12960
-
-- libcurl-docs: cleanups
-
- CURLMOPT_SOCKETDATA.md: fix typo
- CURLMOPT_TIMERDATA.md: fix typo
- CURLOPT_COOKIELIST.m: quote strings
- CURLOPT_PREREQFUNCTION.md: quote variable names
- CURLOPT_TCP_NODELAY.md: rephrased to please spell checker
- CURLOPT_WILDCARDMATCH.md: rephrased
- libcurl-tutorial.md: use correct option name
- curl_global_init_mem.md: quote headers
- curl_easy_getinfo.md: use correct symbol names in headers
- curl_global_trace.md: quote some headers
- curl_ws_meta.md: quote struct field names
- libcurl-env.md: quote headers
-
-- cd2nroff: remove backticks from titles
-
-- RELEASE-NOTES: synced
-
-Stefan Eissing (18 Feb 2024)
-
-- http_chunks: fix the accounting of consumed bytes
-
- Prior to this change chunks were handled correctly although in verbose
- mode libcurl could incorrectly warn of "Leftovers after chunking" even
- if there were none.
-
- Reported-by: Michael Kaufmann
-
- Fixes https://github.com/curl/curl/issues/12937
- Closes https://github.com/curl/curl/pull/12939
-
-- file: use xfer buf for file:// transfers
-
- - For file:// transfers use the multi handle's transfer buffer for
- up- and downloads.
-
- Prior to this change a6c9a33 (precedes 8.6.0) changed the file://
- transfers to use a smaller stack based buffer, and that caused a
- significant performance decrease in Windows.
-
- Bug: https://github.com/curl/curl/issues/12750#issuecomment-1920103086
- Reported-by: edmcln@users.noreply.github.com
-
- Closes https://github.com/curl/curl/pull/12932
-
-Karthikdasari0423 (18 Feb 2024)
-
-- HTTP3.md: always run nghttp3 submodule init
-
- - For consistency change all 'build nghttp3' commands to run submodule
- init after cloning, even if the branch does not have submodules.
-
- Follow-up to 5a4b2f93 and 4f794558.
-
- Closes https://github.com/curl/curl/pull/12928
-
-LeeRiva (18 Feb 2024)
-
-- CURLOPT_POSTQUOTE.md: fix typo
-
- Closes https://github.com/curl/curl/pull/12926
-
-Evgeny Grin (Karlson2k) (18 Feb 2024)
-
-- checksrc.pl: fix handling .checksrc with CRLF
-
- - When parsing .checksrc chomp the (CR)LF line ending.
-
- Prior to this change on Windows checksrc.pl would not process the
- symbols in .checksrc properly, since many git repos in Windows use auto
- crlf to check out files with CRLF line endings.
-
- Closes https://github.com/curl/curl/pull/12924
-
-Richard Levitte (18 Feb 2024)
-
-- cmake: fix install for older CMake versions
-
- - Generate the docs install list by using a foreach loop instead of
- LIST:TRANSFORM since older CMake can't handle the latter.
-
- Reported-by: Dan Fandrich
-
- Fixes https://github.com/curl/curl/issues/12920
- Closes https://github.com/curl/curl/pull/12922
-
-Stefan Eissing (16 Feb 2024)
-
-- vtls: fix tls proxy peer verification
-
- - When verifying a proxy certificate for an ip address, use the correct
- ip family.
-
- Prior to this change the "connection" ip family was used, which was not
- necessarily the same.
-
- Reported-by: HsiehYuho@users.noreply.github.com
-
- Fixes https://github.com/curl/curl/issues/12831
- Closes https://github.com/curl/curl/pull/12931
-
-Dan Fandrich (15 Feb 2024)
-
-- CI: Bump the Circle CI base Ubuntu image to the latest 20.04
-
- The previous ones are going to be removed soon, plus the new ones
- include all the fixes since then.
-
-Jay Satiro (13 Feb 2024)
-
-- transfer: improve Windows SO_SNDBUF update limit
-
- - Change the 1 second SO_SNDBUF update limit from per transfer to per
- connection.
-
- Prior to this change many transfers over the same connection could cause
- many SO_SNDBUF updates made to that connection per second, which was
- unnecessary.
-
- Closes https://github.com/curl/curl/pull/12911
-
-- schannel: fix hang on unexpected server close
-
- - Treat TLS connection close (either due to a close_notify from the
- server or just closed due to receiving 0) as pending data.
-
- This is because in some cases schannel_recv knows the connection is
- closed but has to return actual pending data so it can't return 0 or an
- error to indicate no more data. In this case schannel_recv must be
- called again, which only happens if readwrite_data sees that there is
- still pending data.
-
- Prior to this change if the total size of the body that libcurl expected
- to receive from the server was unknown then it was possible under some
- network conditions that libcurl would hang waiting to receive more data,
- when in fact a close_notify alert indicating no more data would be sent
- was already processed.
-
- Fixes https://github.com/curl/curl/issues/12894
- Closes https://github.com/curl/curl/pull/12910
-
-Daniel Stenberg (10 Feb 2024)
-
-- KNOWN_BUGS: FTP upload fails if remebered dir is deleted
-
- Closes #12181
- Closes #12923
-
-Michał Antoniak (10 Feb 2024)
-
-- mbedtls: use mbedtls_ssl_conf_{min|max}_tls_version
-
- ... instead of the deprecated mbedtls_ssl_conf_{min|max}_version
-
- Closes #12905
-
-Dan Fandrich (9 Feb 2024)
-
-- CI: bump to actions/cache@v4 to avoid warning
diff --git a/libs/libcurl/docs/RELEASE-NOTES b/libs/libcurl/docs/RELEASE-NOTES new file mode 100644 index 0000000000..fddba01378 --- /dev/null +++ b/libs/libcurl/docs/RELEASE-NOTES @@ -0,0 +1,563 @@ +curl and libcurl 8.10.0
+
+ Public curl releases: 260
+ Command line options: 265
+ curl_easy_setopt() options: 306
+ Public functions in libcurl: 94
+ Contributors: 3239
+
+This release includes the following changes:
+
+ o autotools: add `--enable-windows-unicode` option [103]
+ o curl: --help [option] displays documentation for given cmdline option [19]
+ o curl: add --skip-existing [54]
+ o curl: for -O, use "default" as filename when the URL has none [34]
+ o curl: make --rate accept "number of units" [4]
+ o curl: make --show-headers the same as --include [6]
+ o curl: support --dump-header % to direct to stderr [31]
+ o curl: support embedding a CA bundle and --dump-ca-embed [20]
+ o curl: support repeated use of the verbose option; -vv etc [35]
+ o curl: use libuv for parallel transfers with --test-event [82]
+ o getinfo: add CURLINFO_POSTTRANSFER_TIME_T [87]
+ o mbedtls: add CURLOPT_TLS13_CIPHERS support [78]
+ o rustls: add support for setting TLS version and ciphers [113]
+ o vtls: stop offering alpn http/1.1 for http2-prior-knowledge [53]
+ o wolfssl: add CURLOPT_TLS13_CIPHERS support [76]
+ o wolfssl: add support for ssl cert blob / ssl key blob options [50]
+
+This release includes the following bugfixes:
+
+ o asyn-thread: stop using GetAddrInfoExW on Windows [241]
+ o autotools: fix MS-DOS builds [249]
+ o autotools: fix typo in tests/data target [30]
+ o aws_sigv4: fix canon order for headers with same prefix [74]
+ o bearssl: fix setting tls version [203]
+ o bearssl: improve shutdown handling [45]
+ o BINDINGS: add zig binding [100]
+ o build: add `iphlpapi` lib for libssh on Windows [166]
+ o build: add `poll()` detection for cross-builds [244]
+ o build: add options to disable SHA-512/256 hash algo [239]
+ o build: check OS-native IDN first, then libidn2 [223]
+ o build: delete unused `REQUIRE_LIB_DEPS` [226]
+ o build: drop unused `NROFF` reference [253]
+ o build: drop unused feature-detection code for Apple `poll()` [227]
+ o build: generate `buildinfo.txt` for test logs [256]
+ o build: improve compiler version detection portability
+ o build: make `CURL_FORMAT_CURL_OFF_T[U]` work with mingw-w64 <=7.0.0 [207]
+ o build: silence C4232 MSVC warnings in vcpkg ngtcp2 builds [137]
+ o build: use -Wno-format-overflow [195]
+ o buildconf.bat: fix tool_hugehelp.c generation [173]
+ o cf-socket: fix pollset for listening [179]
+ o cf-socket: prevent KEEPALIVE_FACTOR being set to 1000 for Windows [185]
+ o cfilters: send flush [13]
+ o CHANGES: rename to CHANGES.md, no longer generated [40]
+ o CI: enable parallel testing in CI builds [18]
+ o ci: Update actions/upload-artifact digest to 89ef406 [24]
+ o cmake: `Libs.private` improvements [215]
+ o cmake: add `CURL_USE_PKGCONFIG` option [138]
+ o cmake: add Linux CI job, fix pytest with cmake [71]
+ o cmake: add math library when using wolfssl and ngtcp2 [66]
+ o cmake: add missing `pkg-config` hints to Find modules [158]
+ o cmake: add missing version detection to Find modules [170]
+ o cmake: add rustls [116]
+ o cmake: add support for versioned symbols option [51]
+ o cmake: add wolfSSH support [117]
+ o cmake: allow `pkg-config` in more envs [147]
+ o cmake: cleanup header paths [59]
+ o cmake: default `CURL_DISABLE_LDAPS` to the value of `CURL_DISABLE_LDAP` [231]
+ o cmake: delete MSVC warning suppression for tests/server [101]
+ o cmake: detect `nghttp2` via `pkg-config`, enable by default [21]
+ o cmake: detect and show VCPKG in platform flags [84]
+ o cmake: distcheck for files in CMake subdir [9]
+ o cmake: drop custom `CMakeOutput.log`/`CMakeError.log` logs [27]
+ o cmake: drop libssh CONFIG-style detection [167]
+ o cmake: drop no-op `tests/data/CMakeLists.txt` [26]
+ o cmake: drop reference to undefined variable [25]
+ o cmake: drop unused `HAVE_IDNA_STRERROR` [62]
+ o cmake: drop unused internal variable [22]
+ o cmake: exclude tests/http/clients builds by default [110]
+ o cmake: fix `GSS_VERSION` for Heimdal found via pkg-config [77]
+ o cmake: fix `pkg-config`-based detection in `FindGSS.cmake` [94]
+ o cmake: fix and tidy up c-ares builds, enable in more CI jobs [156]
+ o cmake: fix find rustls [148]
+ o cmake: fixup linking libgsasl when detected via CMake-native
+ o cmake: honor custom `CMAKE_UNITY_BUILD_BATCH_SIZE` [163]
+ o cmake: limit `pkg-config` to UNIX and MSVC+vcpkg by default [188]
+ o cmake: limit libidn2 `pkg-config` detection to `UNIX` [109]
+ o cmake: migrate dependency detections to Find modules [183]
+ o cmake: more small tidy-ups and fixes [80]
+ o cmake: rename wolfSSL and zstd config variables to uppercase [151]
+ o cmake: respect cflags/libdirs of native pkg-config detections [175]
+ o cmake: show CMake platform/compiler flags [63]
+ o cmake: show warning if libpsl is not found [154]
+ o cmake: sync code between test/example targets [234]
+ o cmake: sync up formatting in Find modules [129]
+ o cmake: TLS 1.3 warning only for bearssl and sectranp [118]
+ o cmake: update `curl-config.cmake.in` template var list
+ o cmake: update list of "advanced" variables [119]
+ o cmake: use numeric comparison for `HAVE_WIN32_WINNT` [69]
+ o cmdline-opts: language fix for expect100-timeout.md and max-time.md [192]
+ o configure: delete unused `CURL_DEFINE_UNQUOTED` function [224]
+ o configure: delete unused `HAVE_OPENSSL3` macro [225]
+ o configure: delete unused `m4/xc-translit.m4` [114]
+ o configure: detect AppleIDN [70]
+ o configure: fail if PSL is not disabled but not found [46]
+ o configure: fix WinIDN builds targeting old Windows [210]
+ o configure: remove USE_EXPLICIT_LIB_DEPS [199]
+ o configure: replace nonportable grep -o with awk [111]
+ o connect: always prefer ipv6 in IP eyeballing [209]
+ o connect: limit update IP info [191]
+ o cookie.md: try to articulate the two different uses this option has [92]
+ o curl: allow 500MB data URL encode strings [38]
+ o curl: find curlrc in XDG_CONFIG_HOME without leading dot [186]
+ o curl: fix --proxy-pinnedpubkey [91]
+ o curl: fix the -w urle.* variables [153]
+ o curl: make the progress bar detect terminal width changes [169]
+ o curl: warn on unsupported SSL options [106]
+ o Curl_rand_bytes to control env override [17]
+ o curl_sha512_256: fix symbol collisions with nettle library [131]
+ o CURLMOPT_SOCKETFUNCTION.md: expand on the easy argument [216]
+ o CURLOPT_XFERINFOFUNCTION: clarify the callback return codes [141]
+ o dist: add missing `docs/examples/CMakeLists.txt` [58]
+ o dist: add missing `FindNettle.cmake` [11]
+ o dist: add missing `lib/optiontable.pl` [115]
+ o dist: add missing `test_*.py` scripts [102]
+ o dist: drop buildconf [65]
+ o dist: fix reproducible build from release tarball [36]
+ o dmaketgz: only run 'make distclean' if Makefile exists
+ o docs/SSLCERTS: rewrite [174]
+ o docs: add description of effect of --location-trusted on cookie [157]
+ o docs: document the (weak) random value situation in rustls builds [252]
+ o docs: fix some examples in man pages
+ o docs: improve cipher options documentation [159]
+ o docs: mention "@-" in more places [67]
+ o docs: remove ALTSVC.md, HSTS.md, HTTP2.md and PARALLEL-TRANSFERS.md [105]
+ o docs: update CIPHERS.md [140]
+ o doh-url.md: point out DOH server IP pinning [37]
+ o doh: remove redundant checks [242]
+ o easy: fix curl_easy_upkeep for shared connection caches [52]
+ o escape: allow curl_easy_escape to generate 3*input length output [39]
+ o FEATURES.md: fix typo [180]
+ o ftp: always offer line end conversions [219]
+ o ftp: flush pingpong before response [73]
+ o getinfo: return zero for unsupported options (when disabled) [189]
+ o GHA/windows: enable MulitSSL in an MSVC job [2]
+ o GHA: scan git repository and detect unvetted binary files [3]
+ o gnutls/wolfssl: improve error message when certificate fails [125]
+ o gnutls: send all data [230]
+ o gtls: fix OCSP stapling management [206]
+ o haproxy: send though next filter [222]
+ o hash: provide asserts to verify API use [96]
+ o http/2: simplify eos/blocked handling [90]
+ o http2+h3 filters: fix ctx init [142]
+ o http2: fix GOAWAY message sent to server [171]
+ o http2: improve rate limiting of downloads [33]
+ o http2: improved upload eos handling [41]
+ o http3.md: mention how the fallback can be h1 or h2 [194]
+ o hyper: call Curl_req_set_upload_done() [126]
+ o idn: more strictly check AppleIDN errors [98]
+ o idn: support non-UTF-8 input under AppleIDN [99]
+ o INSTALL.md: MultiSSL and QUIC are mutually exclusive [7]
+ o KNOWN_BUGS: "special characers" in URL works with aws-sigv4 [81]
+ o krb5: add Linux/macOS CI tests, fix cmake GSS detection [83]
+ o krb5: fix `-Wcast-align` [95]
+ o lib: add eos flag to send methods [14]
+ o lib: avoid macro collisions between wolfSSL and GnuTLS headers [133]
+ o lib: convert some debugf()s into traces [8]
+ o lib: delete stray undefs for `vsnprintf`, `vsprintf` [152]
+ o lib: fix AIX build issues [112]
+ o lib: fix building with wolfSSL without DES support [134]
+ o lib: make SSPI global symbols use Curl_ prefix [251]
+ o lib: prefer `CURL_SHA256_DIGEST_LENGTH` over the unprefixed name [132]
+ o lib: remove the final strncpy() calls [240]
+ o lib: remove use of RANDOM_FILE [235]
+ o libcurl.def: move from / into lib [238]
+ o libcurl.pc: add `Cflags.private` [10]
+ o libcurl.pc: add reference to `libgsasl` [150]
+ o libcurl/docs: expand on redirect following and secrets to other hosts [85]
+ o llist: remove direct struct accesses, use only functions [72]
+ o Makefile.dist: fix `ca-firefox` target [254]
+ o Makefile.mk: fixup enabling libidn2 [61]
+ o Makefile: remove 'scripts' duplicate from DIST_SUBDIRS
+ o maketgz: accept option to include latest commit hash [5]
+ o maketgz: fix RELEASE-TOOLS.md for daily tarballs [243]
+ o maketgz: move from / into scripts [237]
+ o managen: fix superfluous leading blank line in quoted sections [211]
+ o managen: in man output, remove the leading space from examples [198]
+ o managen: wordwrap long example lines in ASCII output [143]
+ o manpage: ensure a maximum width for the text version [75]
+ o max-filesize.md: mention zero disables the limit [93]
+ o mbedtls: add more informative logging [162]
+ o mbedtls: fix setting tls version [200]
+ o mbedtls: no longer use MBEDTLS_SSL_VERIFY_OPTIONAL [181]
+ o mime: avoid inifite loop in client reader [155]
+ o mk-ca-bundle.pl: include a link to the caextract webpage [68]
+ o multi: make the "general" list of easy handles a Curl_llist [97]
+ o multi: on socket callback error, remove socket hash entry nonetheless [149]
+ o ngtcp2/osslq: remove NULL pointer dereferences [213]
+ o ngtcp2: use NGHTTP3 prefix instead of NGTCP2 for errors in h3 callbacks [79]
+ o openssl quic: fix memory leak [229]
+ o openssl: certinfo errors now fail correctly [250]
+ o openssl: fix the data race when sharing an SSL session between threads [221]
+ o openssl: improve shutdown handling [44]
+ o pingpong: drain the input buffer when reading responses [193]
+ o POP3: fix multi-line responses [168]
+ o pop3: use the protocol handler ->write_resp [220]
+ o printf: fix mingw-w64 format checks [228]
+ o progress: ratelimit/progress tweaks [32]
+ o pytests: add tests for HEAD requests in all HTTP versions [42]
+ o rand: only provide weak random when needed [233]
+ o runtests: if DISABLED cannot be read, error out [56]
+ o runtests: log ignored but passed tests [130]
+ o runtests: remove "has_textaware" [217]
+ o rustls: fix setting tls version [202]
+ o rustls: make all tests pass [1]
+ o schannel: avoid malloc for CAinfo_blob_digest [247]
+ o scorecard: tweak request measurements [139]
+ o sectransp: fix setting tls version [204]
+ o SECURITY: mention OpenSSF best practices gold badge [161]
+ o setopt: allow CURLOPT_INTERFACE to be set to NULL [165]
+ o setopt: let CURLOPT_ECH set to NULL reset to default [187]
+ o setopt: make CURLOPT_TFTP_BLKSIZE accept bad values [184]
+ o sha256: fix symbol collision between nettle (GnuTLS) and OpenSSL [135]
+ o share: don't reinitialize conncache [214]
+ o sigpipe: init the struct so that first apply ignores [49]
+ o smb: convert superflous assign into assert [246]
+ o smtp: add tracing feature [120]
+ o splay: use access functions, add asserts, use Curl_timediff [121]
+ o spnego_gssapi: implement TLS channel bindings for openssl [146]
+ o src: delete `curlx_m*printf()` aliases [197]
+ o src: fix potential macro confusion in cmake unity builds [208]
+ o src: namespace symbols clashing with lib [248]
+ o src: replace copy of printf mappings with an include [190]
+ o ssh: deduplicate SSH backend includes (and fix libssh cmake unity build) [177]
+ o system_win32: fix typo
+ o test httpd: tweak cipher list [124]
+ o test1521: verify setting options to NULL better [182]
+ o test1707: output diff more for debugging differences in CI outputs
+ o test556: improve robustness [64]
+ o test579: improve robustness [60]
+ o test587: improve robustness [123]
+ o test649: improve robustness [122]
+ o test677: improve robustness [47]
+ o tests/runner: only allow [!A-Za-z0-9_-] in %if feature names [55]
+ o tests: constrain http pytest to tests/http directory [205]
+ o tests: don't mangle output if hostname or type unknown
+ o tests: ignore QUIT from FTP protocol comparisons [108]
+ o tests: provide docs as curldown, not nroff [12]
+ o tidy-up: misc build, tests, `lib/macos.c` [172]
+ o tidy-up: OS names [57]
+ o tool_operhlp: fix "potentially uninitialized local variable 'pc' used" [48]
+ o tool_paramhlp: bump maximum post data size in memory to 16GB [128]
+ o transfer: Curl_sendrecv() and event related improvements [164]
+ o transfer: remove comments, add asserts [218]
+ o transfer: skip EOS read when download done [196]
+ o url: dns_entry related improvements [16]
+ o url: fix connection reuse for HTTP/2 upgrades [236]
+ o urlapi: verify URL *decoded* hostname when set [160]
+ o urldata: introduce `data->mid`, a unique identifier inside a multi [127]
+ o urldata: remove 'scratch' from the UrlState struct [86]
+ o urldata: remove crlf_conversions counter [232]
+ o urldata: remove proxy_connect_closed bit [178]
+ o verify-release: shell script that verifies a release tarball [29]
+ o version: fix shadowing a `libssh.h` symbol [176]
+ o vtls: add SSLSUPP_CIPHER_LIST [107]
+ o vtls: fix MSVC 'cast truncates constant value' warning [23]
+ o vtls: fix static function name collisions between TLS backends [136]
+ o vtls: init ssl peer only once [15]
+ o websocket: introduce blocking sends [145]
+ o wolfssl: avoid taking cached x509 store ref if sslctx already using it [88]
+ o wolfssl: fix CURLOPT_SSLVERSION [144]
+ o wolfssl: fix setting tls version [201]
+ o wolfssl: improve shutdown handling [43]
+ o ws: flags to opcodes should ignore CURLWS_CONT flag [104]
+ o x509asn1: raise size limit for x509 certification information [28]
+
+This release includes the following known bugs:
+
+ See docs/KNOWN_BUGS (https://curl.se/docs/knownbugs.html)
+
+For all changes ever done in curl:
+
+ See https://curl.se/changes.html
+
+Planned upcoming removals include:
+
+ o Hyper support after February 2025 [89]
+ o TLS libraries not supporting TLS 1.3
+
+ See https://curl.se/dev/deprecate.html for details
+
+This release would not have looked like this without help, code, reports and
+advice from friends like these:
+
+ Aki Sakurai, Alex Snast, Antoine du Hamel, Austin Moore,
+ Benjamin Riefenstahl Mecom, Bo Anderson, Chris Swan, Christoph Reiter,
+ Dan Fandrich, Daniel Stenberg, David Sardari, dependabot[bot],
+ Emanuele Torre, Eric Norris, feelingseas on github, Gruber Glass,
+ Hiroki Kurosawa, Ionuț-Francisc Oancea, janedenone on github, Jan Venekamp,
+ Jason Hood, Jiacai Liu, Joe Birr-Pixton, John Haugabook, Joshix-1 on github,
+ Justin Maggard, Kai Pastor, kit-ty-kate on github, lolbinarycat on github,
+ MasterInQuestion on github, Matt Jolly, Max Faxälv, Micah Snyder,
+ Moritz Buhl, Pete Cordell, ralfjunker on github, Rasmus Thomsen, Ray Satiro,
+ Razvan Pricope, renovate[bot], Ryan Carsten Schmidt, Sam Jessup,
+ Sergio Durigan Junior, Slaven Rezić, Stanislav Lange, Stefan Eissing,
+ Steffen Kieß, Tal Regev, Tim Yuer, Venkat Krishna R, Viktor Petersson,
+ Viktor Szakats, XYenon, Yedaya Katsman, Yoshimasa Ohno, наб, 罗朝辉
+ (57 contributors)
+
+References to bug reports and discussions on issues:
+
+ [1] = https://curl.se/bug/?i=14317
+ [2] = https://curl.se/bug/?i=14276
+ [3] = https://curl.se/bug/?i=14333
+ [4] = https://curl.se/bug/?i=14245
+ [5] = https://curl.se/bug/?i=14363
+ [6] = https://curl.se/bug/?i=13987
+ [7] = https://curl.se/bug/?i=14308
+ [8] = https://curl.se/bug/?i=14322
+ [9] = https://curl.se/bug/?i=14323
+ [10] = https://curl.se/bug/?i=14321
+ [11] = https://curl.se/bug/?i=14285
+ [12] = https://curl.se/bug/?i=14324
+ [13] = https://curl.se/bug/?i=14271
+ [14] = https://curl.se/bug/?i=14220
+ [15] = https://curl.se/bug/?i=14152
+ [16] = https://curl.se/bug/?i=14195
+ [17] = https://curl.se/bug/?i=14264
+ [18] = https://curl.se/bug/?i=11510
+ [19] = https://curl.se/bug/?i=13997
+ [20] = https://curl.se/bug/?i=14059
+ [21] = https://curl.se/bug/?i=14136
+ [22] = https://curl.se/bug/?i=14361
+ [23] = https://curl.se/bug/?i=14341
+ [24] = https://curl.se/bug/?i=14359
+ [25] = https://curl.se/bug/?i=14358
+ [26] = https://curl.se/bug/?i=14357
+ [27] = https://curl.se/bug/?i=14356
+ [28] = https://curl.se/bug/?i=14352
+ [29] = https://curl.se/bug/?i=14350
+ [30] = https://curl.se/bug/?i=14355
+ [31] = https://curl.se/bug/?i=13992
+ [32] = https://curl.se/bug/?i=14335
+ [33] = https://curl.se/bug/?i=14326
+ [34] = https://curl.se/bug/?i=13988
+ [35] = https://curl.se/bug/?i=13977
+ [36] = https://curl.se/bug/?i=14336
+ [37] = https://curl.se/bug/?i=14377
+ [38] = https://curl.se/bug/?i=14337
+ [39] = https://curl.se/bug/?i=14339
+ [40] = https://curl.se/bug/?i=14331
+ [41] = https://curl.se/bug/?i=14253
+ [42] = https://curl.se/bug/?i=14367
+ [43] = https://curl.se/bug/?i=14376
+ [44] = https://curl.se/bug/?i=14375
+ [45] = https://curl.se/bug/?i=14374
+ [46] = https://curl.se/bug/?i=14373
+ [47] = https://curl.se/bug/?i=14455
+ [48] = https://curl.se/bug/?i=14389
+ [49] = https://curl.se/bug/?i=14344
+ [50] = https://curl.se/bug/?i=14018
+ [51] = https://curl.se/bug/?i=14349
+ [52] = https://curl.se/bug/?i=12677
+ [53] = https://curl.se/bug/?i=9963
+ [54] = https://curl.se/bug/?i=13993
+ [55] = https://curl.se/bug/?i=14403
+ [56] = https://curl.se/bug/?i=14411
+ [57] = https://curl.se/bug/?i=14360
+ [58] = https://curl.se/bug/?i=14380
+ [59] = https://curl.se/bug/?i=14416
+ [60] = https://curl.se/bug/?i=14454
+ [61] = https://curl.se/bug/?i=14421
+ [62] = https://curl.se/bug/?i=14420
+ [63] = https://curl.se/bug/?i=14417
+ [64] = https://curl.se/bug/?i=14453
+ [65] = https://curl.se/bug/?i=14412
+ [66] = https://curl.se/bug/?i=14343
+ [67] = https://curl.se/bug/?i=14402
+ [68] = https://github.com/curl/curl-www/issues/374
+ [69] = https://curl.se/bug/?i=14409
+ [70] = https://curl.se/bug/?i=14401
+ [71] = https://curl.se/bug/?i=14382
+ [72] = https://curl.se/bug/?i=14485
+ [73] = https://curl.se/bug/?i=14452
+ [74] = https://curl.se/bug/?i=14370
+ [75] = https://curl.se/bug/?i=14423
+ [76] = https://curl.se/bug/?i=14385
+ [77] = https://curl.se/bug/?i=14393
+ [78] = https://curl.se/bug/?i=14384
+ [79] = https://curl.se/bug/?i=14394
+ [80] = https://curl.se/bug/?i=14450
+ [81] = https://curl.se/bug/?i=13754
+ [82] = https://curl.se/bug/?i=14298
+ [83] = https://curl.se/bug/?i=14447
+ [84] = https://curl.se/bug/?i=14451
+ [85] = https://curl.se/bug/?i=14472
+ [86] = https://curl.se/bug/?i=14500
+ [87] = https://curl.se/bug/?i=14189
+ [88] = https://curl.se/bug/?i=14442
+ [89] = https://curl.se/bug/?i=14492
+ [90] = https://curl.se/bug/?i=14435
+ [91] = https://curl.se/bug/?i=14438
+ [92] = https://curl.se/bug/?i=14491
+ [93] = https://curl.se/bug/?i=14440
+ [94] = https://curl.se/bug/?i=14430
+ [95] = https://curl.se/bug/?i=14433
+ [96] = https://curl.se/bug/?i=14503
+ [97] = https://curl.se/bug/?i=14474
+ [98] = https://curl.se/bug/?i=14431
+ [99] = https://curl.se/bug/?i=14431
+ [100] = https://curl.se/bug/?i=14437
+ [101] = https://curl.se/bug/?i=14428
+ [102] = https://curl.se/bug/?i=14427
+ [103] = https://curl.se/bug/?i=7229
+ [104] = https://curl.se/bug/?i=14397
+ [105] = https://curl.se/bug/?i=14553
+ [106] = https://curl.se/bug/?i=14406
+ [107] = https://curl.se/bug/?i=14406
+ [108] = https://curl.se/bug/?i=14404
+ [109] = https://curl.se/bug/?i=14405
+ [110] = https://curl.se/bug/?i=14477
+ [111] = https://curl.se/bug/?i=14469
+ [112] = https://curl.se/bug/?i=14464
+ [113] = https://curl.se/bug/?i=14535
+ [114] = https://curl.se/bug/?i=14459
+ [115] = https://curl.se/bug/?i=14467
+ [116] = https://curl.se/bug/?i=14534
+ [117] = https://curl.se/bug/?i=14568
+ [118] = https://curl.se/bug/?i=14566
+ [119] = https://curl.se/bug/?i=14540
+ [120] = https://curl.se/bug/?i=14531
+ [121] = https://curl.se/bug/?i=14562
+ [122] = https://curl.se/bug/?i=14526
+ [123] = https://curl.se/bug/?i=14525
+ [124] = https://curl.se/bug/?i=14502
+ [125] = https://curl.se/bug/?i=14501
+ [126] = https://curl.se/bug/?i=14539
+ [127] = https://curl.se/bug/?i=14414
+ [128] = https://curl.se/bug/?i=14521
+ [129] = https://curl.se/bug/?i=14527
+ [130] = https://curl.se/bug/?i=14457
+ [131] = https://curl.se/bug/?i=14514
+ [132] = https://curl.se/bug/?i=14513
+ [133] = https://curl.se/bug/?i=14511
+ [134] = https://curl.se/bug/?i=14512
+ [135] = https://curl.se/bug/?i=14515
+ [136] = https://curl.se/bug/?i=14516
+ [137] = https://curl.se/bug/?i=14510
+ [138] = https://curl.se/bug/?i=14504
+ [139] = https://curl.se/bug/?i=14564
+ [140] = https://curl.se/bug/?i=14460
+ [141] = https://curl.se/bug/?i=14627
+ [142] = https://curl.se/bug/?i=14505
+ [143] = https://curl.se/bug/?i=14543
+ [144] = https://curl.se/bug/?i=14480
+ [145] = https://curl.se/bug/?i=14458
+ [146] = https://curl.se/bug/?i=13098
+ [147] = https://curl.se/bug/?i=14483
+ [148] = https://curl.se/bug/?i=14567
+ [149] = https://curl.se/bug/?i=14557
+ [150] = https://curl.se/bug/?i=14556
+ [151] = https://curl.se/bug/?i=14574
+ [152] = https://curl.se/bug/?i=14631
+ [153] = https://curl.se/bug/?i=14550
+ [154] = https://curl.se/bug/?i=14533
+ [155] = https://curl.se/bug/?i=14532
+ [156] = https://curl.se/bug/?i=14541
+ [157] = https://curl.se/bug/?i=14471
+ [158] = https://curl.se/bug/?i=14545
+ [159] = https://curl.se/bug/?i=14407
+ [160] = https://curl.se/bug/?i=14656
+ [161] = https://curl.se/bug/?i=14319
+ [162] = https://curl.se/bug/?i=14444
+ [163] = https://curl.se/bug/?i=14626
+ [164] = https://curl.se/bug/?i=14561
+ [165] = https://curl.se/bug/?i=14629
+ [166] = https://curl.se/bug/?i=14618
+ [167] = https://curl.se/bug/?i=14614
+ [168] = https://curl.se/bug/?i=14677
+ [169] = https://curl.se/bug/?i=14565
+ [170] = https://curl.se/bug/?i=14548
+ [171] = https://curl.se/bug/?i=14623
+ [172] = https://curl.se/bug/?i=14558
+ [173] = https://curl.se/bug/?i=14622
+ [174] = https://curl.se/bug/?i=14616
+ [175] = https://curl.se/bug/?i=14641
+ [176] = https://curl.se/bug/?i=14617
+ [177] = https://curl.se/bug/?i=14612
+ [178] = https://curl.se/bug/?i=14708
+ [179] = https://curl.se/mail/lib-2024-08/0023.html
+ [180] = https://curl.se/bug/?i=14653
+ [181] = https://curl.se/bug/?i=14591
+ [182] = https://curl.se/bug/?i=14634
+ [183] = https://curl.se/bug/?i=14555
+ [184] = https://curl.se/bug/?i=14634
+ [185] = https://curl.se/bug/?i=14368
+ [186] = https://curl.se/bug/?i=12129
+ [187] = https://curl.se/bug/?i=14634
+ [188] = https://curl.se/bug/?i=14575
+ [189] = https://curl.se/bug/?i=14634
+ [190] = https://curl.se/bug/?i=14648
+ [191] = https://curl.se/bug/?i=14699
+ [192] = https://curl.se/bug/?i=14737
+ [193] = https://curl.se/bug/?i=14201
+ [194] = https://curl.se/bug/?i=14736
+ [195] = https://curl.se/bug/?i=14168
+ [196] = https://curl.se/bug/?i=14670
+ [197] = https://curl.se/bug/?i=14647
+ [198] = https://curl.se/bug/?i=14735
+ [199] = https://curl.se/bug/?i=14697
+ [200] = https://curl.se/bug/?i=14588
+ [201] = https://curl.se/bug/?i=14587
+ [202] = https://curl.se/bug/?i=14586
+ [203] = https://curl.se/bug/?i=14585
+ [204] = https://curl.se/bug/?i=14621
+ [205] = https://curl.se/bug/?i=14611
+ [206] = https://curl.se/bug/?i=14642
+ [207] = https://curl.se/bug/?i=14640
+ [208] = https://curl.se/bug/?i=14626
+ [209] = https://curl.se/bug/?i=14761
+ [210] = https://curl.se/bug/?i=12606
+ [211] = https://curl.se/bug/?i=14732
+ [213] = https://curl.se/bug/?i=14701
+ [214] = https://curl.se/bug/?i=14696
+ [215] = https://curl.se/bug/?i=14668
+ [216] = https://curl.se/bug/?i=14795
+ [217] = https://curl.se/bug/?i=14717
+ [218] = https://curl.se/bug/?i=14688
+ [219] = https://curl.se/bug/?i=14717
+ [220] = https://curl.se/bug/?i=14684
+ [221] = https://curl.se/bug/?i=14751
+ [222] = https://curl.se/bug/?i=14756
+ [223] = https://curl.se/bug/?i=14674
+ [224] = https://curl.se/bug/?i=14673
+ [225] = https://curl.se/bug/?i=14672
+ [226] = https://curl.se/bug/?i=14671
+ [227] = https://curl.se/bug/?i=14718
+ [228] = https://curl.se/bug/?i=14703
+ [229] = https://curl.se/bug/?i=14720
+ [230] = https://curl.se/bug/?i=14722
+ [231] = https://curl.se/bug/?i=14758
+ [232] = https://curl.se/bug/?i=14709
+ [233] = https://curl.se/bug/?i=14749
+ [234] = https://curl.se/bug/?i=14660
+ [235] = https://curl.se/bug/?i=14749
+ [236] = https://curl.se/bug/?i=14739
+ [237] = https://curl.se/bug/?i=14797
+ [238] = https://curl.se/bug/?i=14796
+ [239] = https://curl.se/bug/?i=14753
+ [240] = https://curl.se/bug/?i=14830
+ [241] = https://curl.se/bug/?i=13509
+ [242] = https://curl.se/bug/?i=14823
+ [243] = https://curl.se/bug/?i=14820
+ [244] = https://curl.se/bug/?i=14714
+ [246] = https://curl.se/bug/?i=14784
+ [247] = https://curl.se/bug/?i=14777
+ [248] = https://curl.se/bug/?i=14785
+ [249] = https://curl.se/bug/?i=14814
+ [250] = https://curl.se/bug/?i=14780
+ [251] = https://curl.se/bug/?i=14776
+ [252] = https://curl.se/bug/?i=14770
+ [253] = https://curl.se/bug/?i=14812
+ [254] = https://curl.se/bug/?i=14804
+ [256] = https://curl.se/bug/?i=14802
diff --git a/libs/libcurl/docs/THANKS b/libs/libcurl/docs/THANKS index 5b3d9eaeb9..89821c3944 100644 --- a/libs/libcurl/docs/THANKS +++ b/libs/libcurl/docs/THANKS @@ -278,6 +278,7 @@ atjg on github Augustus Saunders
Aurélien Pierre
Austin Green
+Austin Moore
av223119 on github
Avery Fay
awesomekosm on github
@@ -499,6 +500,7 @@ Chris Paulson-Ellis Chris Roberts
Chris Sauer
Chris Smowton
+Chris Swan
Chris Talbot
Chris Webb
Chris Young
@@ -698,6 +700,7 @@ David Phillips David Rosenstrauch
David Ryskalczyk
David Sanderson
+David Sardari
David Schweikert
David Shaw
David Strauss
@@ -887,6 +890,7 @@ Eric Melville Eric Mertens
Eric Murphy
Eric Musser
+Eric Norris
Eric Rautman
Eric Rescorla
Eric Ridge
@@ -948,6 +952,7 @@ Federico Bianchi Federico Pellegrin
Fedor Karpelevitch
Fedor Korotkov
+feelingseas on github
FeignClaims on github
Feist Josselin
Felipe Gasper
@@ -1087,6 +1092,7 @@ Gregory Szorc Griffin Downs
Grigory Entin
Grisha Levit
+Gruber Glass
Guenole Bescon
Guido Berhoerster
Guilherme Puida
@@ -1292,6 +1298,7 @@ Jan Venekamp Jan Verbeek
Jan-Piet Mens
JanB on github
+janedenone on github
janko-js on github
Janne Blomqvist
Janne Johansson
@@ -1302,6 +1309,7 @@ Jari Sundell jasal82 on github
Jason Baietto
Jason Glasgow
+Jason Hood
Jason Juang
Jason Lee
Jason Liu
@@ -1376,6 +1384,7 @@ Jesse Noller Jesse Tan
jethrogb on github
jhoyla on github
+Jiacai Liu
Jiang Wenjian
Jiawen Geng
Jie He
@@ -1400,6 +1409,7 @@ jmdavitt on github jnbr on github
Jocelyn Jaubert
Jochem Broekhoff
+Joe Birr-Pixton
Joe Halpin
Joe Malicki
Joe Mason
@@ -1629,6 +1639,7 @@ Kimmo Kinnunen kirbyn17 on hackerone
Kirill Efimov
Kirill Marchuk
+kit-ty-kate on github
Kjell Ericson
Kjetil Jacobsen
Klaus Crusius
@@ -1746,6 +1757,7 @@ Lluís Batlle i Rossell locpyl-tidnyd on github
Loganaden Velvindron
Loic Dachary
+lolbinarycat on github
LoRd_MuldeR
Loren Kirkby
Lorenzo Miniero
@@ -1954,6 +1966,7 @@ Mauro Iorio Mauro Rappa
Maurício Meneghini Fauth
Max Dymond
+Max Faxälv
Max Katsev
Max Kellermann
Max Khon
@@ -1978,7 +1991,7 @@ Melissa Mears Melroy van den Berg
Mert Yazıcıoğlu
Mettgut Jamalla
-Micah Snyder)
+Micah Snyder
Michael Afanasiev
Michael Anti
Michael Baentsch
@@ -2083,6 +2096,7 @@ Momoka Yamamoto MonkeybreadSoftware on github
moohoorama on github
Morgan Willcock
+Moritz Buhl
Morten Minde Neergaard
Mostyn Bramley-Moore
Moti Avrahami
@@ -2311,6 +2325,7 @@ Per Jensen Per Lundberg
Per Malmberg
Per Nilsson
+Pete Cordell
Pete Lomax
Peter Bray
Peter Forret
@@ -2424,6 +2439,7 @@ Raito Bezarius Rajesh Naganathan
Rajkumar Mandal
Ralf S. Engelschall
+ralfjunker on github
Ralph Beckmann
Ralph Langendam
Ralph Mitchell
@@ -2438,12 +2454,14 @@ Randy Armstrong Randy McMurchy
Raphael Gozzo
Rasmus Melchior Jacobsen
+Rasmus Thomsen
Raul Onitza-Klugman
Ravi Pratap
Ray Dassen
Ray Pekowski
Ray Satiro
Razvan Cojocaru
+Razvan Pricope
rcombs on github
Red Hat Product Security
Reed Loden
@@ -2622,6 +2640,7 @@ Salvatore Sorrentino Sam Deane
Sam Hurst
Sam James
+Sam Jessup
Sam Roth
Sam Schanken
Samanta Navarro
@@ -2743,6 +2762,7 @@ Simon Liu Simon Warta
simplerobot on github
Siva Sivaraman
+Slaven Rezić
SLDiggie on github
Smackd0wn
Smackd0wn on github
@@ -2766,6 +2786,7 @@ Stadler Stephan Stan Hu
Stan van de Burgt
Stanislav Ivochkin
+Stanislav Lange
Stanislav Zidek
Stanley Wucw
Stathis Kapnidis
@@ -2788,6 +2809,7 @@ Stefan Tomanek Stefan Ulrich
Stefan Yohansson
Stefano Simonelli
+Steffen Kieß
Steinar H. Gunderson
steini2000 on github
Stepan Broz
@@ -2920,6 +2942,7 @@ Tim Stack Tim Starling
Tim Tassonis
Tim Verhoeven
+Tim Yuer
Timmy Schierling
Timo Lange
Timo Sirainen
@@ -3038,6 +3061,7 @@ Vasiliy Ulyanov Vasily Lobaskin
Vasy Okhin
Venkat Akella
+Venkat Krishna R
Venkataramana Mokkapati
Vicente Garcia
Victor Magierski
@@ -3046,6 +3070,7 @@ Victor Vieux VictorVG on github
Vijay Panghal
Vikram Saxena
+Viktor Petersson
Viktor Szakats
Vilhelm Prytz
Ville Skyttä
@@ -3136,6 +3161,7 @@ XmiliaH on github xnynx on github
xtonik on github
xwxbug on github
+XYenon
Xì Gà
Yaakov Selkowitz
Yadhu Krishna M
@@ -3158,6 +3184,7 @@ yiyuaner on github Ymir1711 on github
Yonggang Luo
Yongkang Huang
+Yoshimasa Ohno
Younes El-karama
youngchopin on github
Yousuke Kimoto
@@ -3205,6 +3232,7 @@ zzq1015 on github Štefan Kremeň
Борис Верховский
Коваленко Анатолий Викторович
+наб
Никита Дорохин
ウさん
不确定
|