curl and libcurl 8.10.0 Public curl releases: 260 Command line options: 265 curl_easy_setopt() options: 306 Public functions in libcurl: 94 Contributors: 3232 This release includes the following changes: o autotools: add `--with-windows-unicode` option [103] o curl: --help [option] displays documentation for given cmdline option [19] o curl: add --skip-existing [54] o curl: for -O, use "default" as filename when the URL has none [34] o curl: make --rate accept "number of units" [4] o curl: make --show-headers the same as --include [6] o curl: support --dump-header % to direct to stderr [31] o curl: support embedding a CA bundle and --dump-ca-embed [20] o curl: support repeated use of the verbose option; -vv etc [35] o curl: use libuv for parallel transfers with --test-event [82] o getinfo: add CURLINFO_POSTTRANSFER_TIME_T [87] o mbedtls: add CURLOPT_TLS13_CIPHERS support [78] o rustls: add support for setting TLS version and ciphers [113] o vtls: stop offering alpn http/1.1 for http2-prior-knowledge [53] o wolfssl: add CURLOPT_TLS13_CIPHERS support [76] o wolfssl: add support for ssl cert blob / ssl key blob options [50] This release includes the following bugfixes: o autotools: fix typo in tests/data target [30] o aws_sigv4: fix canon order for headers with same prefix [74] o bearssl: fix setting tls version [203] o bearssl: improve shutdown handling [45] o BINDINGS: add zig binding [100] o build: add `iphlpapi` lib for libssh on Windows [166] o build: improve compiler version detection portability o build: silence C4232 MSVC warnings in vcpkg ngtcp2 builds [137] o build: use -Wno-format-overflow [195] o buildconf.bat: fix tool_hugehelp.c generation [173] o cf-socket: prevent KEEPALIVE_FACTOR being set to 1000 for Windows [185] o cfilters: send flush [13] o CHANGES: rename to CHANGES.md, no longer generated [40] o CI: enable parallel testing in CI builds [18] o ci: Update actions/upload-artifact digest to 89ef406 [24] o cmake: add `CURL_USE_PKGCONFIG` option [138] o cmake: add Linux CI job, fix pytest with cmake [71] o cmake: add math library when using wolfssl and ngtcp2 [66] o cmake: add missing `pkg-config` hints to Find modules [158] o cmake: add missing version detection to Find modules [170] o cmake: add rustls [116] o cmake: add support for versioned symbols option [51] o cmake: add wolfSSH support [117] o cmake: allow `pkg-config` in more envs [147] o cmake: cleanup header paths [59] o cmake: delete MSVC warning suppression for tests/server [101] o cmake: detect `nghttp2` via `pkg-config`, enable by default [21] o cmake: detect and show VCPKG in platform flags [84] o cmake: distcheck for files in CMake subdir [9] o cmake: drop custom `CMakeOutput.log`/`CMakeError.log` logs [27] o cmake: drop libssh CONFIG-style detection [167] o cmake: drop no-op `tests/data/CMakeLists.txt` [26] o cmake: drop reference to undefined variable [25] o cmake: drop unused `HAVE_IDNA_STRERROR` [62] o cmake: drop unused internal variable [22] o cmake: exclude tests/http/clients builds by default [110] o cmake: fix `GSS_VERSION` for Heimdal found via pkg-config [77] o cmake: fix `pkg-config`-based detection in `FindGSS.cmake` [94] o cmake: fix and tidy up c-ares builds, enable in more CI jobs [156] o cmake: fix find rustls [148] o cmake: fixup linking libgsasl when detected via CMake-native o cmake: honor custom `CMAKE_UNITY_BUILD_BATCH_SIZE` [163] o cmake: limit `pkg-config` to UNIX and MSVC+vcpkg by default [188] o cmake: limit libidn2 `pkg-config` detection to `UNIX` [109] o cmake: migrate dependency detections to Find modules [183] o cmake: more small tidy-ups and fixes [80] o cmake: rename wolfSSL and zstd config variables to uppercase [151] o cmake: show CMake platform/compiler flags [63] o cmake: show warning if libpsl is not found [154] o cmake: sync up formatting in Find modules [129] o cmake: TLS 1.3 warning only for bearssl and sectranp [118] o cmake: update `curl-config.cmake.in` template var list o cmake: update list of "advanced" variables [119] o cmake: use numeric comparison for `HAVE_WIN32_WINNT` [69] o configure: delete unused `m4/xc-translit.m4` [114] o configure: detect AppleIDN [70] o configure: fail if PSL is not disabled but not found [46] o configure: replace nonportable grep -o with awk [111] o cookie.md: try to articulate the two different uses this option has [92] o curl: allow 500MB data URL encode strings [38] o curl: find curlrc in XDG_CONFIG_HOME without leading dot [186] o curl: fix --proxy-pinnedpubkey [91] o curl: fix the -w urle.* variables [153] o curl: make the progress bar detect terminal width changes [169] o curl: warn on unsupported SSL options [106] o Curl_rand_bytes to control env override [17] o curl_sha512_256: fix symbol collisions with nettle library [131] o CURLOPT_XFERINFOFUNCTION: clarify the callback return codes [141] o dist: add missing `docs/examples/CMakeLists.txt` [58] o dist: add missing `FindNettle.cmake` [11] o dist: add missing `lib/optiontable.pl` [115] o dist: add missing `test_*.py` scripts [102] o dist: drop buildconf [65] o dist: fix reproducible build from release tarball [36] o dmaketgz: only run 'make distclean' if Makefile exists o docs/SSLCERTS: rewrite [174] o docs: add description of effect of --location-trusted on cookie [157] o docs: improve cipher options documentation [159] o docs: mention "@-" in more places [67] o docs: remove ALTSVC.md, HSTS.md, HTTP2.md and PARALLEL-TRANSFERS.md [105] o docs: update CIPHERS.md [140] o doh-url.md: point out DOH server IP pinning [37] o easy: fix curl_easy_upkeep for shared connection caches [52] o escape: allow curl_easy_escape to generate 3*input length output [39] o ftp: flush pingpong before response [73] o GHA/windows: enable MulitSSL in an MSVC job [2] o GHA: scan git repository and detect unvetted binary files [3] o gnutls/wolfssl: improve error message when certificate fails [125] o hash: provide asserts to verify API use [96] o http/2: simplify eos/blocked handling [90] o http2+h3 filters: fix ctx init [142] o http2: fix GOAWAY message sent to server [171] o http2: improve rate limiting of downloads [33] o http2: improved upload eos handling [41] o hyper: call Curl_req_set_upload_done() [126] o idn: more strictly check AppleIDN errors [98] o idn: support non-UTF-8 input under AppleIDN [99] o INSTALL.md: MultiSSL and QUIC are mutually exclusive [7] o KNOWN_BUGS: "special characers" in URL works with aws-sigv4 [81] o krb5: add Linux/macOS CI tests, fix cmake GSS detection [83] o krb5: fix `-Wcast-align` [95] o lib: add eos flag to send methods [14] o lib: avoid macro collisions between wolfSSL and GnuTLS headers [133] o lib: convert some debugf()s into traces [8] o lib: delete stray undefs for `vsnprintf`, `vsprintf` [152] o lib: fix AIX build issues [112] o lib: fix building with wolfSSL without DES support [134] o lib: prefer `CURL_SHA256_DIGEST_LENGTH` over the unprefixed name [132] o libcurl.pc: add `Cflags.private` [10] o libcurl.pc: add reference to `libgsasl` [150] o libcurl/docs: expand on redirect following and secrets to other hosts [85] o llist: remove direct struct accesses, use only functions [72] o Makefile.mk: fixup enabling libidn2 [61] o Makefile: remove 'scripts' duplicate from DIST_SUBDIRS o maketgz: accept option to include latest commit hash [5] o managen: wordwrap long example lines in ASCII output [143] o manpage: ensure a maximum width for the text version [75] o max-filesize.md: mention zero disables the limit [93] o mbedtls: add more informative logging [162] o mbedtls: fix setting tls version [200] o mbedtls: no longer use MBEDTLS_SSL_VERIFY_OPTIONAL [181] o mime: avoid inifite loop in client reader [155] o mk-ca-bundle.pl: include a link to the caextract webpage [68] o multi: make the "general" list of easy handles a Curl_llist [97] o multi: on socket callback error, remove socket hash entry nonetheless [149] o ngtcp2: use NGHTTP3 prefix instead of NGTCP2 for errors in h3 callbacks [79] o openssl: improve shutdown handling [44] o pingpong: drain the input buffer when reading responses [193] o progress: ratelimit/progress tweaks [32] o pytests: add tests for HEAD requests in all HTTP versions [42] o runtests: if DISABLED cannot be read, error out [56] o runtests: log ignored but passed tests [130] o rustls: fix setting tls version [202] o rustls: make all tests pass [1] o scorecard: tweak request measurements [139] o SECURITY: mention OpenSSF best practices gold badge [161] o setopt: allow CURLOPT_INTERFACE to be set to NULL [165] o sha256: fix symbol collision between nettle (GnuTLS) and OpenSSL [135] o sigpipe: init the struct so that first apply ignores [49] o smtp: add tracing feature [120] o splay: use access functions, add asserts, use Curl_timediff [121] o spnego_gssapi: implement TLS channel bindings for openssl [146] o ssh: deduplicate SSH backend includes (and fix libssh cmake unity build) [177] o test httpd: tweak cipher list [124] o test1707: output diff more for debugging differences in CI outputs o test556: improve robustness [64] o test579: improve robustness [60] o test587: improve robustness [123] o test649: improve robustness [122] o test677: improve robustness [47] o tests/runner: only allow [!A-Za-z0-9_-] in %if feature names [55] o tests: don't mangle output if hostname or type unknown o tests: ignore QUIT from FTP protocol comparisons [108] o tests: provide docs as curldown, not nroff [12] o tidy-up: misc build, tests, `lib/macos.c` [172] o tidy-up: OS names [57] o tool_operhlp: fix "potentially uninitialized local variable 'pc' used" [48] o tool_paramhlp: bump maximum post data size in memory to 16GB [128] o transfer: Curl_sendrecv() and event related improvements [164] o url: dns_entry related improvements [16] o urldata: introduce `data->mid`, a unique identifier inside a multi [127] o urldata: remove 'scratch' from the UrlState struct [86] o verify-release: shell script that verifies a release tarball [29] o version: fix shadowing a `libssh.h` symbol [176] o vtls: add SSLSUPP_CIPHER_LIST [107] o vtls: fix MSVC 'cast truncates constant value' warning [23] o vtls: fix static function name collisions between TLS backends [136] o vtls: init ssl peer only once [15] o websocket: introduce blocking sends [145] o wolfssl: avoid taking cached x509 store ref if sslctx already using it [88] o wolfssl: fix CURLOPT_SSLVERSION [144] o wolfssl: fix setting tls version [201] o wolfssl: improve shutdown handling [43] o ws: flags to opcodes should ignore CURLWS_CONT flag [104] o x509asn1: raise size limit for x509 certification information [28] This release includes the following known bugs: See docs/KNOWN_BUGS (https://curl.se/docs/knownbugs.html) For all changes ever done in curl: See https://curl.se/changes.html Planned upcoming removals include: o Hyper support after February 2025 [89] o TLS libraries not supporting TLS 1.3 See https://curl.se/dev/deprecate.html for details This release would not have looked like this without help, code, reports and advice from friends like these: Alex Snast, Antoine du Hamel, Austin Moore, Benjamin Riefenstahl Mecom, Bo Anderson, Christoph Reiter, Dan Fandrich, Daniel Stenberg, David Sardari, dependabot[bot], Emanuele Torre, feelingseas on github, Gruber Glass, Jan Venekamp, Jiacai Liu, Joe Birr-Pixton, John Haugabook, Joshix-1 on github, Justin Maggard, kit-ty-kate on github, lolbinarycat on github, MasterInQuestion on github, Matt Jolly, Max Faxälv, Micah Snyder, Moritz Buhl, Pete Cordell, ralfjunker on github, Rasmus Thomsen, Ray Satiro, renovate[bot], Ryan Carsten Schmidt, Sam Jessup, Sergio Durigan Junior, Slaven Rezić, Stefan Eissing, Steffen Kieß, Tal Regev, Tim Yuer, Viktor Petersson, Viktor Szakats, XYenon, Yedaya Katsman, 罗朝辉 (44 contributors) References to bug reports and discussions on issues: [1] = https://curl.se/bug/?i=14317 [2] = https://curl.se/bug/?i=14276 [3] = https://curl.se/bug/?i=14333 [4] = https://curl.se/bug/?i=14245 [5] = https://curl.se/bug/?i=14363 [6] = https://curl.se/bug/?i=13987 [7] = https://curl.se/bug/?i=14308 [8] = https://curl.se/bug/?i=14322 [9] = https://curl.se/bug/?i=14323 [10] = https://curl.se/bug/?i=14321 [11] = https://curl.se/bug/?i=14285 [12] = https://curl.se/bug/?i=14324 [13] = https://curl.se/bug/?i=14271 [14] = https://curl.se/bug/?i=14220 [15] = https://curl.se/bug/?i=14152 [16] = https://curl.se/bug/?i=14195 [17] = https://curl.se/bug/?i=14264 [18] = https://curl.se/bug/?i=11510 [19] = https://curl.se/bug/?i=13997 [20] = https://curl.se/bug/?i=14059 [21] = https://curl.se/bug/?i=14136 [22] = https://curl.se/bug/?i=14361 [23] = https://curl.se/bug/?i=14341 [24] = https://curl.se/bug/?i=14359 [25] = https://curl.se/bug/?i=14358 [26] = https://curl.se/bug/?i=14357 [27] = https://curl.se/bug/?i=14356 [28] = https://curl.se/bug/?i=14352 [29] = https://curl.se/bug/?i=14350 [30] = https://curl.se/bug/?i=14355 [31] = https://curl.se/bug/?i=13992 [32] = https://curl.se/bug/?i=14335 [33] = https://curl.se/bug/?i=14326 [34] = https://curl.se/bug/?i=13988 [35] = https://curl.se/bug/?i=13977 [36] = https://curl.se/bug/?i=14336 [37] = https://curl.se/bug/?i=14377 [38] = https://curl.se/bug/?i=14337 [39] = https://curl.se/bug/?i=14339 [40] = https://curl.se/bug/?i=14331 [41] = https://curl.se/bug/?i=14253 [42] = https://curl.se/bug/?i=14367 [43] = https://curl.se/bug/?i=14376 [44] = https://curl.se/bug/?i=14375 [45] = https://curl.se/bug/?i=14374 [46] = https://curl.se/bug/?i=14373 [47] = https://curl.se/bug/?i=14455 [48] = https://curl.se/bug/?i=14389 [49] = https://curl.se/bug/?i=14344 [50] = https://curl.se/bug/?i=14018 [51] = https://curl.se/bug/?i=14349 [52] = https://curl.se/bug/?i=12677 [53] = https://curl.se/bug/?i=9963 [54] = https://curl.se/bug/?i=13993 [55] = https://curl.se/bug/?i=14403 [56] = https://curl.se/bug/?i=14411 [57] = https://curl.se/bug/?i=14360 [58] = https://curl.se/bug/?i=14380 [59] = https://curl.se/bug/?i=14416 [60] = https://curl.se/bug/?i=14454 [61] = https://curl.se/bug/?i=14421 [62] = https://curl.se/bug/?i=14420 [63] = https://curl.se/bug/?i=14417 [64] = https://curl.se/bug/?i=14453 [65] = https://curl.se/bug/?i=14412 [66] = https://curl.se/bug/?i=14343 [67] = https://curl.se/bug/?i=14402 [68] = https://github.com/curl/curl-www/issues/374 [69] = https://curl.se/bug/?i=14409 [70] = https://curl.se/bug/?i=14401 [71] = https://curl.se/bug/?i=14382 [72] = https://curl.se/bug/?i=14485 [73] = https://curl.se/bug/?i=14452 [74] = https://curl.se/bug/?i=14370 [75] = https://curl.se/bug/?i=14423 [76] = https://curl.se/bug/?i=14385 [77] = https://curl.se/bug/?i=14393 [78] = https://curl.se/bug/?i=14384 [79] = https://curl.se/bug/?i=14394 [80] = https://curl.se/bug/?i=14450 [81] = https://curl.se/bug/?i=13754 [82] = https://curl.se/bug/?i=14298 [83] = https://curl.se/bug/?i=14447 [84] = https://curl.se/bug/?i=14451 [85] = https://curl.se/bug/?i=14472 [86] = https://curl.se/bug/?i=14500 [87] = https://curl.se/bug/?i=14189 [88] = https://curl.se/bug/?i=14442 [89] = https://curl.se/bug/?i=14492 [90] = https://curl.se/bug/?i=14435 [91] = https://curl.se/bug/?i=14438 [92] = https://curl.se/bug/?i=14491 [93] = https://curl.se/bug/?i=14440 [94] = https://curl.se/bug/?i=14430 [95] = https://curl.se/bug/?i=14433 [96] = https://curl.se/bug/?i=14503 [97] = https://curl.se/bug/?i=14474 [98] = https://curl.se/bug/?i=14431 [99] = https://curl.se/bug/?i=14431 [100] = https://curl.se/bug/?i=14437 [101] = https://curl.se/bug/?i=14428 [102] = https://curl.se/bug/?i=14427 [103] = https://curl.se/bug/?i=7229 [104] = https://curl.se/bug/?i=14397 [105] = https://curl.se/bug/?i=14553 [106] = https://curl.se/bug/?i=14406 [107] = https://curl.se/bug/?i=14406 [108] = https://curl.se/bug/?i=14404 [109] = https://curl.se/bug/?i=14405 [110] = https://curl.se/bug/?i=14477 [111] = https://curl.se/bug/?i=14469 [112] = https://curl.se/bug/?i=14464 [113] = https://curl.se/bug/?i=14535 [114] = https://curl.se/bug/?i=14459 [115] = https://curl.se/bug/?i=14467 [116] = https://curl.se/bug/?i=14534 [117] = https://curl.se/bug/?i=14568 [118] = https://curl.se/bug/?i=14566 [119] = https://curl.se/bug/?i=14540 [120] = https://curl.se/bug/?i=14531 [121] = https://curl.se/bug/?i=14562 [122] = https://curl.se/bug/?i=14526 [123] = https://curl.se/bug/?i=14525 [124] = https://curl.se/bug/?i=14502 [125] = https://curl.se/bug/?i=14501 [126] = https://curl.se/bug/?i=14539 [127] = https://curl.se/bug/?i=14414 [128] = https://curl.se/bug/?i=14521 [129] = https://curl.se/bug/?i=14527 [130] = https://curl.se/bug/?i=14457 [131] = https://curl.se/bug/?i=14514 [132] = https://curl.se/bug/?i=14513 [133] = https://curl.se/bug/?i=14511 [134] = https://curl.se/bug/?i=14512 [135] = https://curl.se/bug/?i=14515 [136] = https://curl.se/bug/?i=14516 [137] = https://curl.se/bug/?i=14510 [138] = https://curl.se/bug/?i=14504 [139] = https://curl.se/bug/?i=14564 [140] = https://curl.se/bug/?i=14460 [141] = https://curl.se/bug/?i=14627 [142] = https://curl.se/bug/?i=14505 [143] = https://curl.se/bug/?i=14543 [144] = https://curl.se/bug/?i=14480 [145] = https://curl.se/bug/?i=14458 [146] = https://curl.se/bug/?i=13098 [147] = https://curl.se/bug/?i=14483 [148] = https://curl.se/bug/?i=14567 [149] = https://curl.se/bug/?i=14557 [150] = https://curl.se/bug/?i=14556 [151] = https://curl.se/bug/?i=14574 [152] = https://curl.se/bug/?i=14631 [153] = https://curl.se/bug/?i=14550 [154] = https://curl.se/bug/?i=14533 [155] = https://curl.se/bug/?i=14532 [156] = https://curl.se/bug/?i=14541 [157] = https://curl.se/bug/?i=14471 [158] = https://curl.se/bug/?i=14545 [159] = https://curl.se/bug/?i=14407 [161] = https://curl.se/bug/?i=14319 [162] = https://curl.se/bug/?i=14444 [163] = https://curl.se/bug/?i=14626 [164] = https://curl.se/bug/?i=14561 [165] = https://curl.se/bug/?i=14629 [166] = https://curl.se/bug/?i=14618 [167] = https://curl.se/bug/?i=14614 [169] = https://curl.se/bug/?i=14565 [170] = https://curl.se/bug/?i=14548 [171] = https://curl.se/bug/?i=14623 [172] = https://curl.se/bug/?i=14558 [173] = https://curl.se/bug/?i=14622 [174] = https://curl.se/bug/?i=14616 [176] = https://curl.se/bug/?i=14617 [177] = https://curl.se/bug/?i=14612 [181] = https://curl.se/bug/?i=14591 [183] = https://curl.se/bug/?i=14555 [185] = https://curl.se/bug/?i=14368 [186] = https://curl.se/bug/?i=12129 [188] = https://curl.se/bug/?i=14575 [193] = https://curl.se/bug/?i=14201 [195] = https://curl.se/bug/?i=14168 [200] = https://curl.se/bug/?i=14588 [201] = https://curl.se/bug/?i=14587 [202] = https://curl.se/bug/?i=14586 [203] = https://curl.se/bug/?i=14585