curl/RELEASE-NOTES
2024-01-13 17:02:45 +01:00

247 lines
11 KiB
Plaintext

curl and libcurl 8.6.0
Public curl releases: 254
Command line options: 258
curl_easy_setopt() options: 304
Public functions in libcurl: 93
Contributors: 3064
This release includes the following changes:
o add CURLE_TOO_LARGE [48]
o add CURLINFO_QUEUE_TIME_T [76]
o add CURLOPT_SERVER_RESPONSE_TIMEOUT_MS: add [39]
o asyn-thread: use GetAddrInfoExW on >= Windows 8 [55]
o configure: make libpsl detection failure cause error [109]
o runtests: support -gl. Like -g but for lldb. [47]
This release includes the following bugfixes:
o altsvc: free 'as' when returning error [23]
o appveyor: replace PowerShell with bash + parallel autotools [54]
o appveyor: switch to out-of-tree builds [29]
o build: delete unused `HAVE_{GSSHEIMDAL,GSSMIT,HEIMDAL}` [4]
o build: enable missing OpenSSF-recommended warnings, with fixes [11]
o build: fix `-Wconversion`/`-Wsign-conversion` warnings [26]
o build: fix Windows ADDRESS_FAMILY detection [35]
o build: more `-Wformat` fixes [40]
o build: remove redundant `CURL_PULL_*` settings [8]
o CI/distcheck: run full tests [31]
o cmake: fix generation for system name iOS [53]
o cmake: fix typo [5]
o cmake: prefill/cache `HAVE_STRUCT_SOCKADDR_STORAGE` [45]
o cmdline-docs: use .IP consistently [13]
o cmdline-opts: update availability for the *-ca-native options [66]
o cmdline/gen: fix the sorting of the man page options [33]
o configure: fix no default int compile error in ipv6 detection [69]
o configure: when enabling QUIC, check that TLS supports QUIC [87]
o connect: remove margin from eyeballer alloc [79]
o content_encoding: change return code to typedef'ed enum [94]
o cookie.d: document use of empty string to enable cookie engine [106]
o cookie: avoid fopen with empty file name [24]
o curl: show ipfs and ipns as supported "protocols" [15]
o CURLINFO_REFERER.3: clarify that it is the *request* header [70]
o CURLOPT_AUTOREFERER.3: mention CURLINFO_REFERER
o CURLOPT_POSTFIELDS.3: fix incorrect C string escape in example [27]
o CURLOPT_SSH_*_KEYFILE: clarify [57]
o dist: add tests/errorcodes.pl to the tarball [6]
o docs: clean up Protocols: for cmdline options [32]
o docs: describe and highlight super cookies [80]
o doh: remove unused local variable [34]
o examples: add four new examples [99]
o ftp: handle the PORT parsing without allocation [44]
o ftp: use dynbuf to store entrypath [83]
o ftp: use memdup0 to store the OS from a SYST 215 response [82]
o gen.pl: support ## for doing .IP in table-like lists [105]
o gen: do italics/bold for a range of letters, not just single word [78]
o gnutls: fix build with --disable-verbose [3]
o haproxy-clientip.d: document the arg [68]
o headers: make sure the trailing newline is not stored [97]
o hostip: return error immediately when Curl_ip2addr() fails [19]
o hsts: remove assert for zero length domain [96]
o http2: improved on_stream_close/data_done handling [49]
o http3/quiche: fix result code on a stream reset [91]
o http: adjust_pollset fix [85]
o http: fix off-by-one error in request method length check [14]
o http_proxy: a blank CURLOPT_USERAGENT should not be used in CONNECT [90]
o lib: add debug log outputs for CURLE_BAD_FUNCTION_ARGUMENT [62]
o lib: fix variable undeclared error caused by `infof` changes [2]
o lib: reduce use of strncpy [30]
o lib: rename Curl_strndup to Curl_memdup0 to avoid misunderstanding [36]
o lib: strndup/memdup instead of malloc, memcpy and null-terminate [42]
o libssh: improve the deprecation warning dismissal [20]
o libssh: supress warnings without version check [18]
o Makefile.am: fix the MSVC project generation [22]
o Makefile.mk: drop Windows support [12]
o mbedtls: free the entropy when threaded [46]
o mime: use memdup0 instead of malloc + memcpy [63]
o mprintf: overhaul and bugfixes [52]
o multi: remove total timer reset in file_do() while fetching file:// [89]
o ngtcp2: put h3 at the front of alpn [58]
o openldap: fix an LDAP crash [75]
o openldap: fix STARTTLS [67]
o openssl: re-match LibreSSL deinit with init [17]
o pop3: replace calloc + memcpy with memdup0 [60]
o quiche: return CURLE_HTTP3 on send to invalid stream [65]
o readwrite_data: loop less [21]
o Revert "urldata: move async resolver state from easy handle to connectdata" [16]
o runtests: for mode="text" on <stdout>, fix newlines on both parts [64]
o schannel: fix `-Warith-conversion` gcc 13 warning [28]
o sectransp: do verify_cert without memdup for blobs [93]
o sectransp_ make TLSCipherNameForNumber() available in non-verbose config [1]
o sendf: fix compiler warning with CURL_DISABLE_HEADERS_API [38]
o setopt: clear mimepost when formp is freed [92]
o setopt: use memdup0 when cloning COPYPOSTFIELDS [107]
o ssh: fix namespace of two local macros [51]
o strerror: repair get_winsock_error() [56]
o system.h: sync mingw `CURL_TYPEOF_CURL_SOCKLEN_T` with other compilers [9]
o system_win32: fix a function pointer assignment warning [71]
o telnet: use dynbuf instad of malloc for escape buffer [108]
o tests/server: delete workaround for old-mingw [25]
o tests: respect $TMPDIR when creating unix domain sockets [50]
o tool: make parser reject blank arguments if not supported [86]
o tool: prepend output_dir in header callback [95]
o tool_getparam: bsearch cmdline options [74]
o tool_getparam: do not try to expand without an argument [59]
o tool_listhelp: regenerate after recent .d updates [61]
o transfer: adjust_pollset improvements [81]
o transfer: fix upload rate limiting, add test cases [37]
o url: for disabled protocols, mention if found in redirect [7]
o verify-examples.pl: fail verification on unescaped backslash [72]
o vquic: extract TLS setup into own source [88]
o vtls: fix missing multissl version info [73]
o vtls: remove the Curl_cft_ssl_proxy object if CURL_DISABLE_PROXY [41]
o windows: delete redundant headers [43]
o windows: simplify detecting and using system headers [10]
o wolfssl: load certificate *chain* for PEM client certs [84]
This release includes the following known bugs:
o see docs/KNOWN_BUGS (https://curl.se/docs/knownbugs.html)
Planned upcoming removals include:
o support for space-separated NOPROXY patterns
See https://curl.se/dev/deprecate.html for details
This release would not have looked like this without help, code, reports and
advice from friends like these:
Andy Alt, annalee, Baruch Siach, Ben, Boris Verkhovskiy,
bubbleguuum on github, Cajus Pollmeier, calvin2021y on github, Chara White,
Chris Sauer, Dan Fandrich, Daniel Gustafsson, Daniel Stenberg,
dependabot[bot], Dmitry Karpov, Gabe, Geeknik Labs, Gisle Vanem,
Hans-Christian Egtvedt, Haydar Alaidrus, hgdagon on github, iAroc on github,
ivanfywang, Karthikdasari0423 on github, Lealem Amedie, Marcel Raad,
Mark Sinkovics, Mauricio Scheffer, Michał Antoniak, Mike Hommey, Ozan Cansel,
Patrick Monnerat, Pavel Pavlov, Ray Satiro, RevaliQaQ on github,
Stefan Eissing, Tatsuhiko Miyagawa, Theo, Thomas Ferguson, Viktor Szakats,
Xi Ruoyao, Yedaya Katsman, Yifei Kong, YX Hao, zengwei, zengwei2000
(46 contributors)
References to bug reports and discussions on issues:
[1] = https://curl.se/bug/?i=12474
[2] = https://curl.se/bug/?i=12470
[3] = https://curl.se/bug/?i=12505
[4] = https://curl.se/bug/?i=12506
[5] = https://curl.se/bug/?i=12464
[6] = https://curl.se/bug/?i=12462
[7] = https://curl.se/bug/?i=12466
[8] = https://curl.se/bug/?i=12502
[9] = https://curl.se/bug/?i=12501
[10] = https://curl.se/bug/?i=12495
[11] = https://curl.se/bug/?i=12489
[12] = https://curl.se/bug/?i=12224
[13] = https://curl.se/bug/?i=12535
[14] = https://curl.se/bug/?i=12534
[15] = https://curl.se/mail/archive-2023-12/0026.html
[16] = https://curl.se/bug/?i=12524
[17] = https://curl.se/bug/?i=12525
[18] = https://curl.se/bug/?i=12523
[19] = https://curl.se/bug/?i=12522
[20] = https://curl.se/bug/?i=12519
[21] = https://curl.se/bug/?i=12504
[22] = https://curl.se/bug/?i=12564
[23] = https://curl.se/bug/?i=12570
[24] = https://curl.se/bug/?i=12514
[25] = https://curl.se/bug/?i=12510
[26] = https://curl.se/bug/?i=12557
[27] = https://curl.se/bug/?i=12588
[28] = https://curl.se/bug/?i=12616
[29] = https://curl.se/bug/?i=12550
[30] = https://curl.se/bug/?i=12499
[31] = https://curl.se/bug/?i=12503
[32] = https://curl.se/bug/?i=12496
[33] = https://curl.se/mail/archive-2023-12/0014.html
[34] = https://curl.se/bug/?i=12491
[35] = https://curl.se/bug/?i=12441
[36] = https://curl.se/bug/?i=12490
[37] = https://curl.se/bug/?i=12559
[38] = https://curl.se/bug/?i=12485
[39] = https://curl.se/bug/?i=12369
[40] = https://curl.se/bug/?i=12540
[41] = https://curl.se/bug/?i=12459
[42] = https://curl.se/bug/?i=12453
[43] = https://curl.se/bug/?i=12539
[44] = https://curl.se/bug/?i=12456
[45] = https://curl.se/bug/?i=12537
[46] = https://curl.se/bug/?i=12584
[47] = https://curl.se/bug/?i=12547
[48] = https://curl.se/bug/?i=12269
[49] = https://curl.se/bug/?i=10936
[50] = https://curl.se/bug/?i=12545
[51] = https://curl.se/bug/?i=12544
[52] = https://curl.se/bug/?i=12561
[53] = https://curl.se/bug/?i=12515
[54] = https://curl.se/bug/?i=12560
[55] = https://curl.se/bug/?i=12481
[56] = https://curl.se/bug/?i=12578
[57] = https://curl.se/bug/?i=12554
[58] = https://curl.se/bug/?i=12576
[59] = https://curl.se/bug/?i=12565
[60] = https://curl.se/bug/?i=12650
[61] = https://curl.se/bug/?i=12612
[62] = https://curl.se/bug/?i=12658
[63] = https://curl.se/bug/?i=12649
[64] = https://curl.se/bug/?i=12612
[65] = https://curl.se/bug/?i=12590
[66] = https://curl.se/bug/?i=12613
[67] = https://curl.se/bug/?i=12610
[68] = https://curl.se/bug/?i=12611
[69] = https://curl.se/bug/?i=12607
[70] = https://curl.se/bug/?i=12605
[71] = https://curl.se/bug/?i=12581
[72] = https://curl.se/bug/?i=12589
[73] = https://curl.se/bug/?i=12599
[74] = https://curl.se/bug/?i=12631
[75] = https://curl.se/bug/?i=12593
[76] = https://curl.se/bug/?i=12368
[78] = https://curl.se/bug/?i=12689
[79] = https://curl.se/bug/?i=12647
[80] = https://curl.se/bug/?i=12687
[81] = https://curl.se/bug/?i=12640
[82] = https://curl.se/bug/?i=12639
[83] = https://curl.se/bug/?i=12638
[84] = https://curl.se/bug/?i=12634
[85] = https://curl.se/bug/?i=12632
[86] = https://curl.se/bug/?i=12620
[87] = https://curl.se/bug/?i=12683
[88] = https://curl.se/bug/?i=12678
[89] = https://curl.se/bug/?i=12682
[90] = https://curl.se/bug/?i=12680
[91] = https://curl.se/bug/?i=12629
[92] = https://curl.se/bug/?i=12608
[93] = https://curl.se/bug/?i=12679
[94] = https://curl.se/bug/?i=12618
[95] = https://curl.se/bug/?i=12614
[96] = https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=65661
[97] = https://curl.se/mail/lib-2024-01/0019.html
[99] = https://curl.se/bug/?i=12671
[105] = https://curl.se/bug/?i=12667
[106] = https://curl.se/bug/?i=12643
[107] = https://curl.se/bug/?i=12651
[108] = https://curl.se/bug/?i=12652
[109] = https://curl.se/bug/?i=12661