mirror of
https://github.com/curl/curl.git
synced 2024-11-27 05:50:21 +08:00
347 lines
16 KiB
Plaintext
347 lines
16 KiB
Plaintext
curl and libcurl 8.5.0
|
|
|
|
Public curl releases: 253
|
|
Command line options: 258
|
|
curl_easy_setopt() options: 303
|
|
Public functions in libcurl: 93
|
|
Contributors: 3030
|
|
|
|
This release includes the following changes:
|
|
|
|
o gnutls: support CURLSSLOPT_NATIVE_CA [31]
|
|
o HTTP3: ngtcp2 builds are no longer experimental [77]
|
|
|
|
This release includes the following bugfixes:
|
|
|
|
o appveyor: make VS2008-built curl tool runnable [93]
|
|
o asyn-thread: use pipe instead of socketpair for IPC when available [4]
|
|
o autotools: accept linker flags via `CURL_LDFLAGS_{LIB,BIN}` [128]
|
|
o autotools: avoid passing `LDFLAGS` twice to libcurl [127]
|
|
o autotools: delete LCC compiler support bits [137]
|
|
o autotools: fix/improve gcc and Apple clang version detection [136]
|
|
o autotools: stop setting `-std=gnu89` with `--enable-warnings` [135]
|
|
o autotools: update references to deleted `crypt-auth` option [46]
|
|
o BINDINGS: add V binding [54]
|
|
o build: add `src/.checksrc` to source tarball [1]
|
|
o build: always revert `#pragma GCC diagnostic` after use [143]
|
|
o build: delete `HAVE_STDINT_H` and `HAVE_INTTYPES_H` [107]
|
|
o build: delete support bits for obsolete Windows compilers [106]
|
|
o build: fix 'threadsafe' feature detection for older gcc [19]
|
|
o build: fix compiler warning with auths disabled [85]
|
|
o build: fix libssh2 + `CURL_DISABLE_DIGEST_AUTH` + `CURL_DISABLE_AWS` [120]
|
|
o build: picky warning updates [125]
|
|
o build: require Windows XP or newer [86]
|
|
o cfilter: provide call to tell connection to forget a socket [65]
|
|
o CI: add autotools, out-of-tree, debug build to distro check job [14]
|
|
o CI: ignore test 286 on Appveyor gcc 9 build [6]
|
|
o cmake: add `CURL_DISABLE_BINDLOCAL` option [146]
|
|
o cmake: add test for `DISABLE` options, add `CURL_DISABLE_HEADERS_API` [138]
|
|
o cmake: dedupe Windows system libs [114]
|
|
o cmake: fix `HAVE_H_ERRNO_ASSIGNABLE` detection [2]
|
|
o cmake: fix CURL_DISABLE_GETOPTIONS [12]
|
|
o cmake: fix multiple include of CURL package [96]
|
|
o cmake: fix OpenSSL quic detection in quiche builds [56]
|
|
o cmake: option to disable install & drop `curlu` target when unused [72]
|
|
o cmake: pre-fill rest of detection values for Windows [50]
|
|
o cmake: replace `check_library_exists_concat()` [23]
|
|
o cmake: speed up threads setup for Windows [68]
|
|
o cmake: speed up zstd detection [69]
|
|
o config-win32: set `HAVE_SNPRINTF` for mingw-w64 [123]
|
|
o configure: better --disable-http [80]
|
|
o configure: check for the fseeko declaration too [55]
|
|
o content_encoding: make Curl_all_content_encodings allocless [101]
|
|
o curl.h: on FreeBSD include sys/param.h instead of osreldate.h [21]
|
|
o curl: improved IPFS and IPNS URL support [87]
|
|
o curl_easy_duphandle.3: clarify how HSTS and alt-svc are duped [99]
|
|
o curl_setup: disallow Windows IPv6 builds missing getaddrinfo [57]
|
|
o curl_sspi: support more revocation error names in error messages [95]
|
|
o CURLOPT_CAINFO_BLOB.3: explain what CURL_BLOB_COPY does [113]
|
|
o CURLOPT_WRITEFUNCTION.3: clarify libcurl returns for CURL_WRITEFUNC_ERROR [45]
|
|
o CURPOST_POSTFIELDS.3: add CURLOPT_COPYPOSTFIELDS in SEE ALSO
|
|
o docs/example/keepalive.c: show TCP keep-alive options [73]
|
|
o docs/example/localport.c: show off CURLOPT_LOCALPORT [83]
|
|
o docs/examples/interface.c: show CURLOPT_INTERFACE use [84]
|
|
o docs/libcurl: fix three minor man page format mistakes [26]
|
|
o docs: add supported version for the json write-out [92]
|
|
o docs: clarify that curl passes on input unfiltered [47]
|
|
o docs: fix function typo in curl_easy_option_next.3 [36]
|
|
o docs: KNOWN_BUGS cleanup
|
|
o docs: preserve the modification date when copying the prebuilt man page [89]
|
|
o docs: remove bold from some man page SYNOPSIS sections [90]
|
|
o docs: use SOURCE_DATE_EPOCH for generated manpages [16]
|
|
o doh: provide better return code for responses w/o addresses [133]
|
|
o doh: use PIPEWAIT when HTTP/2 is attempted [63]
|
|
o duphandle: also free 'outcurl->cookies' in error path [122]
|
|
o duphandle: make dupset() not return with pointers to old alloced data [109]
|
|
o duphandle: use strdup to clone *COPYPOSTFIELDS if size is not set [132]
|
|
o easy: in duphandle, init the cookies for the new handle [131]
|
|
o easy: remove duplicate wolfSSH init call [37]
|
|
o easy_lock: add a pthread_mutex_t fallback [13]
|
|
o getenv: PlayStation doesn't have getenv() [41]
|
|
o GHA: move mod_h2 version in CI to v2.0.25 [43]
|
|
o hostip: show the list of IPs when resolving is done [35]
|
|
o hostip: silence compiler warning `-Wparentheses-equality` [62]
|
|
o hsts: skip single-dot hostname [67]
|
|
o HTTP/2, HTTP/3: handle detach of onoing transfers [134]
|
|
o http2: header conversion tightening [33]
|
|
o http2: provide an error callback and failf the message [53]
|
|
o http2: safer invocation of populate_binsettings [8]
|
|
o http: allow longer HTTP/2 request method names [112]
|
|
o http: avoid Expect: 100-continue if Upgrade: is used [15]
|
|
o http: consider resume with CURLOPT_FAILONERRROR and 416 to be fine [81]
|
|
o http: fix `-Wunused-parameter` with no auth and no proxy [149]
|
|
o http: fix `-Wunused-variable` compiler warning [115]
|
|
o http: fix empty-body warning [76]
|
|
o http_aws_sigv4: canonicalise valueless query params [88]
|
|
o hyper: temporarily remove HTTP/2 support [139]
|
|
o IPFS: fix IPFS_PATH and file parsing [119]
|
|
o keylog: disable if unused [145]
|
|
o lib: add and use Curl_strndup() [97]
|
|
o lib: apache style infof and trace macros/functions [71]
|
|
o lib: fix gcc warning in printf call [7]
|
|
o libcurl-thread.3: simplify the TLS section [79]
|
|
o Makefile.am: drop vc10, vc11 and vc12 projects from dist [103]
|
|
o Makefile.mk: fix `-rtmp` option for non-Windows
|
|
o misc: fix -Walloc-size warnings [118]
|
|
o msh3: error when built with CURL_DISABLE_SOCKETPAIR set [61]
|
|
o multi: use pipe instead of socketpair to *wakeup() [18]
|
|
o ntlm_wb: use pipe instead of socketpair when possible [44]
|
|
o openldap: move the alloc of ldapconninfo to *connect() [29]
|
|
o openldap: set the callback argument in oldap_do [30]
|
|
o openssl: avoid BN_num_bits() NULL pointer derefs [9]
|
|
o openssl: fix infof() to avoid compiler warning for %s with null [70]
|
|
o openssl: identify the "quictls" backend correctly [82]
|
|
o openssl: include SIG and KEM algorithms in verbose [52]
|
|
o openssl: make CURLSSLOPT_NATIVE_CA import Windows intermediate CAs [58]
|
|
o openssl: two multi pointer checks should probably rather be asserts [91]
|
|
o page-footer: clarify exit code 25 [51]
|
|
o projects: add VC14.20 project files [104]
|
|
o pytest: use lower count in repeat tests [98]
|
|
o quic: manage connection idle timeouts [5]
|
|
o quiche: use quiche_conn_peer_transport_params() [116]
|
|
o rand: fix build error with autotools + LibreSSL [111]
|
|
o resolve.d: drop a multi use-sentence [100]
|
|
o RTSP: improved RTP parser [32]
|
|
o sasl: fix `-Wunused-function` compiler warning [124]
|
|
o schannel: add CA cache support for files and memory blobs [121]
|
|
o setopt: remove outdated cookie comment [64]
|
|
o socks: better buffer size checks for socks4a user and hostname [20]
|
|
o socks: make SOCKS5 use the CURLOPT_IPRESOLVE choice [38]
|
|
o test1683: remove commented-out check alternatives
|
|
o test3103: add missing quotes around a test tag attribute
|
|
o test613: stop showing an error on missing output file
|
|
o tests/README: SOCKS tests are not using OpenSSH, it has its own server [48]
|
|
o tests/server: add more SOCKS5 handshake error checking [27]
|
|
o tests: Fix Windows test helper tool search & use it for handle64 [17]
|
|
o tidy-up: casing typos, delete unused Windows version aliases [144]
|
|
o tool: fix --capath when proxy support is disabled [28]
|
|
o tool: support bold headers in Windows [117]
|
|
o tool_cb_hdr: add an additional parsing check [129]
|
|
o tool_cb_wrt: fix write output for very old Windows versions [24]
|
|
o tool_getparam: limit --rate to be smaller than number of ms [3]
|
|
o tool_operate: do not mix memory models [108]
|
|
o tool_operate: fix links in ipfs errors [22]
|
|
o tool_urlglob: fix build for old gcc versions [25]
|
|
o tool_urlglob: make multiply() bail out on negative values [11]
|
|
o transfer: avoid calling the read callback again after EOF [130]
|
|
o transfer: only reset the FTP wildcard engine in CLEAR state [42]
|
|
o url: don't touch the multi handle when closing internal handles [40]
|
|
o url: find scheme with a "perfect hash" [141]
|
|
o url: fix `-Wzero-length-array` with no protocols [147]
|
|
o url: fix builds with `CURL_DISABLE_HTTP` [148]
|
|
o url: protocol handler lookup tidy-up [66]
|
|
o url: proxy ssl connection reuse fix [94]
|
|
o urlapi: avoid null deref if setting blank host to url encode [75]
|
|
o urlapi: skip appending NULL pointer query [74]
|
|
o urlapi: when URL encoding the fragment, pass in the right length [59]
|
|
o urldata: move async resolver state from easy handle to connectdata [34]
|
|
o urldata: move cookielist from UserDefined to UrlState [126]
|
|
o urldata: move hstslist from 'set' to 'state' [105]
|
|
o urldata: move the 'internal' boolean to the state struct [39]
|
|
o vssh: remove the #ifdef for Curl_ssh_init, use empty macro
|
|
o vtls: cleanup SSL config management [78]
|
|
o vtls: late clone of connection ssl config [60]
|
|
o vtls: use ALPN "http/1.1" for HTTP/1.x, including HTTP/1.0 [102]
|
|
o VULN-DISCLOSURE-POLICY: escape sequences are not a security flaw [110]
|
|
o wolfssl: add default case for wolfssl_connect_step1 switch [49]
|
|
o wolfssl: require WOLFSSL_SYS_CA_CERTS for loading system CA [10]
|
|
|
|
This release includes the following known bugs:
|
|
|
|
o see docs/KNOWN_BUGS (https://curl.se/docs/knownbugs.html)
|
|
|
|
Planned upcoming removals include:
|
|
|
|
o support for space-separated NOPROXY patterns
|
|
|
|
See https://curl.se/dev/deprecate.html for details
|
|
|
|
This release would not have looked like this without help, code, reports and
|
|
advice from friends like these:
|
|
|
|
12932 on github, Alex Bozarth, Alex Klyubin, Ammar Faizi, Andrew Kurushin,
|
|
Anubhav Rai, boilingoden, calvin2021y on github, Carlos Henrique Lima Melara,
|
|
Casey Bodley, Charlie C, Dan Fandrich, Daniel Jeliński, Daniel Stenberg,
|
|
David Suter, Emanuele Torre, Enno Boland, enWILLYado on github,
|
|
Faraz Fallahi, Gisle Vanem, Goro FUJI, Harry Mallon, icy17 on github,
|
|
Jacob Hoffman-Andrews, Jan Alexander Steffens, Jeroen Ooms, Jiri Hruska,
|
|
Junho Choi, Kai Pastor, Kareem, Kartatz on Github, kirbyn17 on hackerone,
|
|
lkordos on github, Loïc Yhuel, LoRd_MuldeR, lRoccoon on github,
|
|
Maksymilian Arciemowicz, Manfred Schwarb, Marcel Raad, Marcin Rataj,
|
|
Mark Gaiser, Martin Schmatz, Michael Kaufmann, Nico Rieck, Niracler Li,
|
|
Ophir Lojkine, Paweł Wegner, Philip Heiduck, Ray Satiro, rilysh,
|
|
Romain Geissler, Sam James, Samuel Henrique, sd0 on hackerone, Smackd0wn,
|
|
Sohom Datta, Stefan Eissing, Steven Allen, Torben Dury, Turiiya,
|
|
Viktor Szakats, zhengqwe on github, 積丹尼 Dan Jacobson
|
|
(63 contributors)
|
|
|
|
References to bug reports and discussions on issues:
|
|
|
|
[1] = https://curl.se/bug/?i=12084
|
|
[2] = https://curl.se/bug/?i=12093
|
|
[3] = https://curl.se/bug/?i=12116
|
|
[4] = https://curl.se/bug/?i=12146
|
|
[5] = https://curl.se/bug/?i=12064
|
|
[6] = https://curl.se/bug/?i=12040
|
|
[7] = https://curl.se/bug/?i=12082
|
|
[8] = https://curl.se/bug/?i=12101
|
|
[9] = https://curl.se/bug/?i=12099
|
|
[10] = https://curl.se/bug/?i=12108
|
|
[11] = https://curl.se/bug/?i=12102
|
|
[12] = https://curl.se/bug/?i=12091
|
|
[13] = https://curl.se/bug/?i=12090
|
|
[14] = https://curl.se/bug/?i=12088
|
|
[15] = https://curl.se/bug/?i=12022
|
|
[16] = https://curl.se/bug/?i=12092
|
|
[17] = https://curl.se/bug/?i=12115
|
|
[18] = https://curl.se/bug/?i=12142
|
|
[19] = https://curl.se/bug/?i=12125
|
|
[20] = https://curl.se/bug/?i=12139
|
|
[21] = https://curl.se/bug/?i=12107
|
|
[22] = https://curl.se/bug/?i=12133
|
|
[23] = https://curl.se/bug/?i=11285
|
|
[24] = https://curl.se/bug/?i=12131
|
|
[25] = https://curl.se/bug/?i=12124
|
|
[26] = https://curl.se/bug/?i=12126
|
|
[27] = https://curl.se/bug/?i=12117
|
|
[28] = https://curl.se/bug/?i=12089
|
|
[29] = https://curl.se/bug/?i=12166
|
|
[30] = https://curl.se/bug/?i=12166
|
|
[31] = https://curl.se/bug/?i=12137
|
|
[32] = https://curl.se/bug/?i=12052
|
|
[33] = https://curl.se/bug/?i=12097
|
|
[34] = https://curl.se/bug/?i=12198
|
|
[35] = https://curl.se/bug/?i=12145
|
|
[36] = https://curl.se/bug/?i=12170
|
|
[37] = https://curl.se/bug/?i=12168
|
|
[38] = https://curl.se/bug/?i=11949
|
|
[39] = https://curl.se/bug/?i=12165
|
|
[40] = https://curl.se/bug/?i=12165
|
|
[41] = https://curl.se/bug/?i=12140
|
|
[42] = https://curl.se/bug/?i=11775
|
|
[43] = https://curl.se/bug/?i=12157
|
|
[44] = https://curl.se/bug/?i=12149
|
|
[45] = https://curl.se/bug/?i=12201
|
|
[46] = https://curl.se/bug/?i=12194
|
|
[47] = https://curl.se/bug/?i=12249
|
|
[48] = https://curl.se/bug/?i=12195
|
|
[49] = https://curl.se/bug/?i=12218
|
|
[50] = https://curl.se/bug/?i=12044
|
|
[51] = https://curl.se/bug/?i=12189
|
|
[52] = https://curl.se/bug/?i=12030
|
|
[53] = https://curl.se/bug/?i=12179
|
|
[54] = https://curl.se/bug/?i=12182
|
|
[55] = https://curl.se/bug/?i=12086
|
|
[56] = https://curl.se/bug/?i=12160
|
|
[57] = https://curl.se/bug/?i=12221
|
|
[58] = https://curl.se/bug/?i=12155
|
|
[59] = https://curl.se/bug/?i=12250
|
|
[60] = https://curl.se/bug/?i=12237
|
|
[61] = https://curl.se/bug/?i=12213
|
|
[62] = https://curl.se/bug/?i=12215
|
|
[63] = https://curl.se/bug/?i=12214
|
|
[64] = https://curl.se/bug/?i=12206
|
|
[65] = https://curl.se/bug/?i=12207
|
|
[66] = https://curl.se/bug/?i=12216
|
|
[67] = https://curl.se/bug/?i=12247
|
|
[68] = https://curl.se/bug/?i=12202
|
|
[69] = https://curl.se/bug/?i=12200
|
|
[70] = https://curl.se/bug/?i=12196
|
|
[71] = https://curl.se/bug/?i=12083
|
|
[72] = https://curl.se/bug/?i=12287
|
|
[73] = https://curl.se/bug/?i=12242
|
|
[74] = https://curl.se/bug/?i=12240
|
|
[75] = https://curl.se/bug/?i=12240
|
|
[76] = https://curl.se/bug/?i=12262
|
|
[77] = https://curl.se/bug/?i=12235
|
|
[78] = https://curl.se/bug/?i=12204
|
|
[79] = https://curl.se/bug/?i=12233
|
|
[80] = https://curl.se/bug/?i=12223
|
|
[81] = https://curl.se/bug/?i=10521
|
|
[82] = https://curl.se/bug/?i=12270
|
|
[83] = https://curl.se/bug/?i=12230
|
|
[84] = https://curl.se/bug/?i=12229
|
|
[85] = https://curl.se/bug/?i=12227
|
|
[86] = https://curl.se/bug/?i=12225
|
|
[87] = https://curl.se/bug/?i=12148
|
|
[88] = https://curl.se/bug/?i=8107
|
|
[89] = https://curl.se/bug/?i=12199
|
|
[90] = https://curl.se/bug/?i=12267
|
|
[91] = https://curl.se/bug/?i=12264
|
|
[92] = https://curl.se/bug/?i=12266
|
|
[93] = https://curl.se/bug/?i=12263
|
|
[94] = https://curl.se/bug/?i=12255
|
|
[95] = https://curl.se/bug/?i=12239
|
|
[96] = https://curl.se/bug/?i=11913
|
|
[97] = https://curl.se/bug/?i=12251
|
|
[98] = https://curl.se/bug/?i=12248
|
|
[99] = https://curl.se/bug/?i=12315
|
|
[100] = https://curl.se/bug/?i=12294
|
|
[101] = https://curl.se/bug/?i=12289
|
|
[102] = https://curl.se/bug/?i=12259
|
|
[103] = https://curl.se/bug/?i=12288
|
|
[104] = https://curl.se/bug/?i=12282
|
|
[105] = https://curl.se/bug/?i=12315
|
|
[106] = https://curl.se/bug/?i=12222
|
|
[107] = https://curl.se/bug/?i=12275
|
|
[108] = https://curl.se/bug/?i=12280
|
|
[109] = https://curl.se/bug/?i=12337
|
|
[110] = https://curl.se/bug/?i=12278
|
|
[111] = https://curl.se/bug/?i=12257
|
|
[112] = https://curl.se/bug/?i=12311
|
|
[113] = https://curl.se/bug/?i=12277
|
|
[114] = https://curl.se/bug/?i=12307
|
|
[115] = https://curl.se/bug/?i=12228
|
|
[116] = https://curl.se/bug/?i=12180
|
|
[117] = https://curl.se/bug/?i=12321
|
|
[118] = https://curl.se/bug/?i=12292
|
|
[119] = https://curl.se/bug/?i=12152
|
|
[120] = https://curl.se/bug/?i=12273
|
|
[121] = https://curl.se/bug/?i=12261
|
|
[122] = https://curl.se/bug/?i=12329
|
|
[123] = https://curl.se/bug/?i=12325
|
|
[124] = https://curl.se/bug/?i=12326
|
|
[125] = https://curl.se/bug/?i=12324
|
|
[126] = https://curl.se/bug/?i=12323
|
|
[127] = https://curl.se/bug/?i=12310
|
|
[128] = https://curl.se/bug/?i=12312
|
|
[129] = https://curl.se/bug/?i=12320
|
|
[130] = https://curl.se/mail/lib-2023-11/0017.html
|
|
[131] = https://curl.se/bug/?i=12318
|
|
[132] = https://curl.se/bug/?i=12317
|
|
[133] = https://curl.se/bug/?i=12365
|
|
[134] = https://curl.se/bug/?i=12356
|
|
[135] = https://curl.se/bug/?i=12346
|
|
[136] = https://curl.se/bug/?i=12362
|
|
[137] = https://curl.se/bug/?i=12357
|
|
[138] = https://curl.se/bug/?i=12353
|
|
[139] = https://curl.se/bug/?i=12191
|
|
[141] = https://curl.se/bug/?i=12347
|
|
[143] = https://curl.se/bug/?i=12352
|
|
[144] = https://curl.se/bug/?i=12351
|
|
[145] = https://curl.se/bug/?i=12350
|
|
[146] = https://curl.se/bug/?i=12345
|
|
[147] = https://curl.se/bug/?i=12344
|
|
[148] = https://curl.se/bug/?i=12343
|
|
[149] = https://curl.se/bug/?i=12338
|