mirror of
https://github.com/curl/curl.git
synced 2024-12-15 06:40:09 +08:00
340 lines
16 KiB
Plaintext
340 lines
16 KiB
Plaintext
curl and libcurl 8.3.0
|
|
|
|
Public curl releases: 251
|
|
Command line options: 257
|
|
curl_easy_setopt() options: 303
|
|
Public functions in libcurl: 92
|
|
Contributors: 2969
|
|
|
|
This release includes the following changes:
|
|
|
|
o curl: make %output{} in -w specify a file to write to [36]
|
|
o gskit: remove [71]
|
|
o lib: --disable-bindlocal builds curl without local binding support
|
|
o nss: remove support for this TLS library [10]
|
|
o tool: add "variable" support [1]
|
|
o trace: make tracing available in non-debug builds [41]
|
|
o url: change default value for CURLOPT_MAXREDIRS to 30 [46]
|
|
o urlapi: CURLU_PUNY2IDN - convert from punycode to IDN name [54]
|
|
o wolfssl: support loading system CA certificates [8]
|
|
|
|
This release includes the following bugfixes:
|
|
|
|
o altsvc: accept and parse IPv6 addresses in response headers [113]
|
|
o asyn-ares: reduce timeout to 2000ms [148]
|
|
o aws-sigv4: fix having date header twice in some cases [141]
|
|
o bearssl: don't load CA certs when peer verification is disabled [33]
|
|
o bearssl: handshake fix, provide proper get_select_socks() implementation [99]
|
|
o build: streamline non-UWP wincrypt detections [87]
|
|
o c-hyper: adjust the hyper to curlcode conversion [52]
|
|
o c-hyper: fix memory leaks in `Curl_http` [126]
|
|
o cf-haproxy: make CURLOPT_HAPROXY_CLIENT_IP set the *source* IP [61]
|
|
o cf-socket: log successful interface bind [39]
|
|
o CI/cirrus: disable python install on FreeBSD [83]
|
|
o CI: add caching to many jobs [19]
|
|
o CI: move the Alpine build from Cirrus to GHA
|
|
o CI: ngtcp2-linux: use separate caches for tls libraries [125]
|
|
o CI: remove Windows builds from Cirrus, without replacement [131]
|
|
o CI: switch macOS ARM build from Cirrus to Circle CI
|
|
o CI: use master again for wolfssl
|
|
o cirrus: install everthing with pkg, avoid pip [110]
|
|
o cmake: add GnuTLS option [103]
|
|
o cmake: add support for `CURL_DEFAULT_SSL_BACKEND` [128]
|
|
o cmake: add support for single libcurl compilation pass [21]
|
|
o cmake: allow `SHARE_LIB_OBJECT=ON` on all platforms [80]
|
|
o cmake: assume `wldap32` availability on Windows [81]
|
|
o cmake: cache more config and delete unused ones [4]
|
|
o cmake: detect `SSL_set0_wbio` in OpenSSL [22]
|
|
o cmake: drop `HAVE_LIBWINMM` and `HAVE_LIBWS2_32` feature checks [68]
|
|
o cmake: fix to use variable for the curl namespace [79]
|
|
o cmake: fixup H2 duplicate symbols for unity builds [23]
|
|
o cmake: support building static and shared libcurl in one go [17]
|
|
o cmdline-opts/docs: mention the negative option part [90]
|
|
o cmdline-opts/page-header: clarify stronger that !opt == URL [123]
|
|
o cmdline-opts/page-header: reorder, clean up [51]
|
|
o configure, cmake, lib: more form api deprecation [7]
|
|
o configure: use the pkg-config --libs-only-l flag for libssh2 [16]
|
|
o connect: stop halving the remaining timeout when less than 600 ms left [147]
|
|
o cookie-jar.d: emphasize that this option is ONLY writing cookies [72]
|
|
o crypto: ensure crypto initialization works [69]
|
|
o CURLINFO_CERTINFO.3: better explain curl_certinfo struct [64]
|
|
o CURLINFO_TLS_SSL_PTR.3: clarify a recommendation [75]
|
|
o CURLOPT_*TIMEOUT*: extend and clarify [101]
|
|
o CURLOPT_SSL_VERIFYPEER.3: mention it does not load CA certs when disabled [42]
|
|
o disable.d: explain --disable not implemented prior to 7.50.0 [115]
|
|
o docs/cmdline-opts/gen.pl: hide "added in" before 7.50.0 [76]
|
|
o docs/cmdline-opts: match the current output [104]
|
|
o docs/cmdline-opts: spellfixes, typos and polish [9]
|
|
o docs/cmdline: add small "warning" to verbose options [59]
|
|
o docs/cmdline: remove repeated working for negotiate + ntlm [58]
|
|
o docs/HYPER.md: document a workaround for a link error [73]
|
|
o docs: link to the website versions instead of markdowns [3]
|
|
o docs: mention critical files in same directories as curl saves [119]
|
|
o docs: removing "pausing transfers" from HYPER.md. [134]
|
|
o docs: rewrite to present tense [105]
|
|
o easy: remove #ifdefs to make code easier on the eye [34]
|
|
o egd: delete feature detection and related source code [5]
|
|
o ftp: fix temp write of ipv6 address [143]
|
|
o gen.pl: escape all dashes (ascii minus) to avoid unicode hyphens [50]
|
|
o gen.pl: replace all single quotes with aq [78]
|
|
o GHA: adding quiche workflow [35]
|
|
o headers: accept leading whitespaces on first response header [37]
|
|
o http2: avoid too early connection re-use/multiplexing [20]
|
|
o http2: cleanup trace messages [56]
|
|
o http2: disable asssertion blocking OSSFuzz testing [31]
|
|
o http2: fix in h2 proxy tunnel: progress in ingress on sending [32]
|
|
o http2: upgrade tests and add fix for non-existing stream [44]
|
|
o http3/ngtcp2: shorten handshake, trace cleanup [13]
|
|
o http3: quiche, handshake optimization, trace cleanup [63]
|
|
o http: close the connection after a late 417 is received [109]
|
|
o http: do not require a user name when using CURLAUTH_NEGOTIATE [86]
|
|
o http: remove the p_pragma struct field [60]
|
|
o http: return error when receiving too large header set [43]
|
|
o hyper: fix a progress upload counter bug [122]
|
|
o hyper: fix ownership problems [116]
|
|
o imap: add a check for failing strdup()
|
|
o imap: remove the only sscanf() call in the IMAP code [84]
|
|
o include/curl/mprintf.h: add __attribute__ for the prototypes [38]
|
|
o lib: build fixups when built with most things disabled [97]
|
|
o lib: fix a few *printf() flag mistakes [47]
|
|
o lib: fix null ptr derefs and uninitialized vars (h2/h3) [107]
|
|
o lib: move mimepost data from ->req.p.http to ->state [94]
|
|
o libtest: use curl_free() to free libcurl allocated data [114]
|
|
o list-only.d: mention SFTP as supported protocol [55]
|
|
o macOS: fix target detection more [11]
|
|
o misc: fix various typos [18]
|
|
o multi.h: the 'revents' field of curl_waitfd is supported [117]
|
|
o multi: remove 'processing: <url>' debug message [142]
|
|
o openssl: auto-detect `SSL_R_TLSV13_ALERT_CERTIFICATE_REQUIRED` [65]
|
|
o OpenSSL: clear error queue after SSL_shutdown [120]
|
|
o openssl: make aws-lc version support OCSP [48]
|
|
o openssl: Support async cert verify callback [24]
|
|
o openssl: switch to modern init for LibreSSL 2.7.0+ [70]
|
|
o openssl: use `SSL_CTX_set_ciphersuites` with LibreSSL 3.4.1 [66]
|
|
o openssl: use `SSL_CTX_set_keylog_callback` with LibreSSL 3.5.0 [67]
|
|
o os400: build test servers [136]
|
|
o os400: do not check translatable options at build time [95]
|
|
o os400: implement CLI tool [140]
|
|
o page-footer: QLOGDIR works with ngtcp2 and quiche [62]
|
|
o page-header: move up a URL paragraph from GLOBBING to URL
|
|
o quiche: adjust quiche `QUIC_IDLE_TIMEOUT` to 60s
|
|
o quiche: enable quiche to handle timeout events [82]
|
|
o resolve: use PF_INET6 family lookups when CURL_IPRESOLVE_V6 is set [2]
|
|
o Revert "schannel: reverse the order of certinfo insertions" [14]
|
|
o schannel: fix user-set legacy algorithms in Windows 10 & 11 [53]
|
|
o schannel: verify hostname independent of verify cert [74]
|
|
o sectransp: fix compiler warnings [129]
|
|
o sectransp: prevent CFRelease() of NULL [26]
|
|
o secureserver.pl: fix stunnel path quoting [112]
|
|
o secureserver.pl: fix stunnel version parsing [111]
|
|
o SECURITY-PROCESS.md: not a sec issue: Tricking user to run a cmdline [146]
|
|
o system.h: add CURL_OFF_T definitions on HP-UX with HP aCC [108]
|
|
o test1304: build and skip without netrc support
|
|
o test1554: check translatable string options in OS400 wrapper [96]
|
|
o test1608: make it build and get skipped without shuffle DNS support
|
|
o test687/688: two more basic --xattr tests [89]
|
|
o tests/tftpd+mqttd: make variables static to silence picky warnings [57]
|
|
o tests: add 'large-time' as a testable feature [92]
|
|
o tests: add support for nested %if conditions [91]
|
|
o tests: don't call HTTP errors OK in test cases
|
|
o tests: ensure `libcurl.def` contains all exports [45]
|
|
o tests: fix h3 server check and parallel instances [6]
|
|
o tests: TLS session sharing test [100]
|
|
o tests: update cookie expiry dates to far in the future [121]
|
|
o time-cond.d: mention what happens on a missing file [93]
|
|
o tool: avoid including leading spaces in the Location hyperlink [145]
|
|
o tool: change some fopen failures from warnings to errors [144]
|
|
o tool: make the length argument an int for printf()-.* flags [49]
|
|
o tool_cb_wrt: fix invalid unicode for windows console [25]
|
|
o tool_operate: allow both SSL_CERT_FILE and SSL_CERT_DIR [12]
|
|
o tool_paramhlp: improve str2num(): avoid unnecessary call to strlen() [118]
|
|
o tool_urlglob: use the correct format specifier for curl_off_t in msnprintf [88]
|
|
o transfer: don't set TIMER_STARTTRANSFER on first send [77]
|
|
o unit2600: fix build warning if built without verbose messages
|
|
o url: remove infof() output for "still name resolving" [28]
|
|
o urlapi: fix heap buffer overflow [30]
|
|
o urlapi: make sure zoneid is also duplicated in curl_url_dup [29]
|
|
o urlapi: return CURLUE_BAD_HOSTNAME if puny2idn encoding fails [102]
|
|
o urlapi: setting a blank URL ("") is not an ok URL [106]
|
|
o vquic: show stringified messages for errno [40]
|
|
o vtls: clarify "ALPN: offers" message [27]
|
|
o winbuild: improve check for static zlib [15]
|
|
o wolfSSL: avoid the OpenSSL compat API when not needed [85]
|
|
o workflows/macos.yml: disable zstd and alt-svc in the http-only build [98]
|
|
o write-out.d: clarify %{time_starttransfer}
|
|
|
|
This release includes the following known bugs:
|
|
|
|
o see docs/KNOWN_BUGS (https://curl.se/docs/knownbugs.html)
|
|
|
|
Planned upcoming removals include:
|
|
|
|
o support for space-separated NOPROXY patterns
|
|
o support for the original legacy mingw version 1
|
|
|
|
See https://curl.se/dev/deprecate.html for details
|
|
|
|
This release would not have looked like this without help, code, reports and
|
|
advice from friends like these:
|
|
|
|
ad0p on github, Alexander Jaeger, Alexander Kanavin, apparentorder on github,
|
|
balikalina on Github, Christian Hesse, Dan Fandrich, Daniel Gustafsson,
|
|
Daniel Stenberg, Dan Jacobson, Davide Masserut, Derzsi Dániel,
|
|
Douglas R. Reno, ed0d2b2ce19451f2, Emanuele Torre, Enrico Scholz, eppesuig,
|
|
FC Stegerman, Gabriel Corona, Gerome Fournier, Gisle Vanem, Goro FUJI,
|
|
Graham Campbell, Guillaume Algis, Harry Sintonen, Jacob Mealey,
|
|
JazJas on github, John Bampton, John Hawthorn, Joseph Tharayil,
|
|
junsik on github, kyled-dell on github, Lukas Tribus, Maksim Arhipov,
|
|
Maksim Sciepanienka, Marcel Raad, Marin Hannache, Markus Sommer,
|
|
Martin Galvan, Mathew Benson, Matthias Gatto, Maurício Meneghini Fauth,
|
|
Michael Osipov, Nathan Moinvaziri, Niall McGee, Nicholas Nethercote,
|
|
Nicolás Ojeda Bär, oliverpool on github, Pablo Busse, Patrick Monnerat,
|
|
Philippe Antoine on HackerOne, pszlazak on github, Ray Satiro,
|
|
Richard W.M. Jones, Rutger Broekhoff, Ryan Schmidt, Samuel Chiang,
|
|
Satana de Sant'Ana, Sergey, Sevan Janiyan, Stefan Eissing,
|
|
Thomas M. DuBuisson, trrui-huawei, Viktor Szakats, wangzhikun,
|
|
Wilhelm von Thiele, yushicheng7788 on github, zhihaoy on github
|
|
(68 contributors)
|
|
|
|
References to bug reports and discussions on issues:
|
|
|
|
[1] = https://curl.se/bug/?i=11346
|
|
[2] = https://curl.se/bug/?i=11564
|
|
[3] = https://github.com/curl/curl-www/issues/272
|
|
[4] = https://curl.se/bug/?i=11551
|
|
[5] = https://curl.se/bug/?i=11556
|
|
[6] = https://curl.se/bug/?i=11553
|
|
[7] = https://curl.se/bug/?i=9621
|
|
[8] = https://curl.se/bug/?i=11452
|
|
[9] = https://curl.se/bug/?i=11562
|
|
[10] = https://curl.se/bug/?i=11459
|
|
[11] = https://curl.se/bug/?i=11502
|
|
[12] = https://curl.se/bug/?i=11325
|
|
[13] = https://curl.se/bug/?i=11609
|
|
[14] = https://curl.se/bug/?i=11536
|
|
[15] = https://curl.se/bug/?i=11521
|
|
[16] = https://curl.se/bug/?i=11538
|
|
[17] = https://curl.se/bug/?i=11505
|
|
[18] = https://curl.se/bug/?i=11561
|
|
[19] = https://curl.se/bug/?i=11532
|
|
[20] = https://curl.se/mail/lib-2023-07/0045.html
|
|
[21] = https://curl.se/bug/?i=11546
|
|
[22] = https://curl.se/bug/?i=11555
|
|
[23] = https://curl.se/bug/?i=11550
|
|
[24] = https://curl.se/bug/?i=11499
|
|
[25] = https://curl.se/bug/?i=9841
|
|
[26] = https://curl.se/bug/?i=9194
|
|
[27] = https://curl.se/mail/lib-2023-07/0041.html
|
|
[28] = https://curl.se/bug/?i=11394
|
|
[29] = https://curl.se/mail/lib-2023-07/0047.html
|
|
[30] = https://curl.se/bug/?i=11560
|
|
[31] = https://curl.se/bug/?i=11500
|
|
[32] = https://curl.se/bug/?i=11527
|
|
[33] = https://curl.se/bug/?i=11457
|
|
[34] = https://curl.se/bug/?i=11525
|
|
[35] = https://curl.se/bug/?i=11517
|
|
[36] = https://curl.se/bug/?i=11416
|
|
[37] = https://curl.se/bug/?i=11605
|
|
[38] = https://curl.se/bug/?i=11589
|
|
[39] = https://curl.se/bug/?i=11608
|
|
[40] = https://curl.se/bug/?i=11584
|
|
[41] = https://curl.se/bug/?i=11421
|
|
[42] = https://curl.se/bug/?i=11606
|
|
[43] = https://curl.se/bug/?i=11582
|
|
[44] = https://curl.se/bug/?i=11563
|
|
[45] = https://curl.se/bug/?i=11570
|
|
[46] = https://curl.se/bug/?i=11581
|
|
[47] = https://curl.se/bug/?i=11579
|
|
[48] = https://curl.se/bug/?i=11568
|
|
[49] = https://curl.se/bug/?i=11578
|
|
[50] = https://curl.se/bug/?i=11635
|
|
[51] = https://curl.se/bug/?i=11638
|
|
[52] = https://curl.se/bug/?i=11621
|
|
[53] = https://curl.se/bug/?i=10741
|
|
[54] = https://curl.se/bug/?i=11655
|
|
[55] = https://curl.se/bug/?i=11628
|
|
[56] = https://curl.se/bug/?i=11592
|
|
[57] = https://curl.se/bug/?i=11594
|
|
[58] = https://curl.se/bug/?i=11597
|
|
[59] = https://curl.se/bug/?i=11596
|
|
[60] = https://curl.se/bug/?i=11681
|
|
[61] = https://curl.se/bug/?i=11619
|
|
[62] = https://curl.se/bug/?i=11631
|
|
[63] = https://curl.se/bug/?i=11618
|
|
[64] = https://curl.se/bug/?i=11666
|
|
[65] = https://curl.se/bug/?i=11617
|
|
[66] = https://curl.se/bug/?i=11616
|
|
[67] = https://curl.se/bug/?i=11615
|
|
[68] = https://curl.se/bug/?i=11612
|
|
[69] = https://curl.se/bug/?i=11614
|
|
[70] = https://curl.se/bug/?i=11611
|
|
[71] = https://curl.se/bug/?i=11460
|
|
[72] = https://curl.se/bug/?i=11661
|
|
[73] = https://curl.se/bug/?i=11653
|
|
[74] = https://curl.haxx.se/mail/lib-2018-10/0113.html
|
|
[75] = https://curl.se/bug/?i=11665
|
|
[76] = https://curl.se/bug/?i=11651
|
|
[77] = https://curl.se/bug/?i=11669
|
|
[78] = https://curl.se/bug/?i=11645
|
|
[79] = https://curl.se/bug/?i=1199308
|
|
[80] = https://curl.se/bug/?i=11627
|
|
[81] = https://curl.se/bug/?i=11624
|
|
[82] = https://curl.se/bug/?i=11654
|
|
[83] = https://curl.se/bug/?i=11705
|
|
[84] = https://curl.se/bug/?i=11673
|
|
[85] = https://curl.se/bug/?i=11752
|
|
[86] = https://sourceforge.net/p/curl/bugs/440/
|
|
[87] = https://curl.se/bug/?i=11657
|
|
[88] = https://curl.se/bug/?i=11698
|
|
[89] = https://curl.se/bug/?i=11697
|
|
[90] = https://curl.se/bug/?i=11695
|
|
[91] = https://curl.se/bug/?i=11728
|
|
[92] = https://curl.se/bug/?i=11696
|
|
[93] = https://curl.se/bug/?i=11727
|
|
[94] = https://curl.se/bug/?i=11680
|
|
[95] = https://curl.se/bug/?i=11650
|
|
[96] = https://curl.se/bug/?i=11650
|
|
[97] = https://curl.se/bug/?i=11687
|
|
[98] = https://curl.se/bug/?i=11683
|
|
[99] = https://curl.se/bug/?i=11675
|
|
[100] = https://curl.se/bug/?i=11675
|
|
[101] = https://curl.se/bug/?i=11686
|
|
[102] = https://curl.se/bug/?i=11674
|
|
[103] = https://curl.se/bug/?i=11685
|
|
[104] = https://curl.se/bug/?i=11723
|
|
[105] = https://curl.se/bug/?i=11713
|
|
[106] = https://curl.se/bug/?i=11714
|
|
[107] = https://curl.se/bug/?i=11739
|
|
[108] = https://curl.se/bug/?i=11718
|
|
[109] = https://curl.se/bug/?i=11678
|
|
[110] = https://curl.se/bug/?i=11711
|
|
[111] = https://curl.se/bug/?i=11722
|
|
[112] = https://curl.se/bug/?i=11721
|
|
[113] = https://curl.se/bug/?i=11737
|
|
[114] = https://curl.se/bug/?i=11746
|
|
[115] = https://curl.se/bug/?i=11710
|
|
[116] = https://curl.se/bug/?i=11745
|
|
[117] = https://curl.se/bug/?i=11749
|
|
[118] = https://curl.se/bug/?i=11742
|
|
[119] = https://curl.se/bug/?i=11530
|
|
[120] = https://curl.se/bug/?i=11736
|
|
[121] = https://curl.se/bug/?i=11576
|
|
[122] = https://curl.se/bug/?i=11780
|
|
[123] = https://curl.se/bug/?i=11734
|
|
[125] = https://curl.se/bug/?i=11766
|
|
[126] = https://curl.se/bug/?i=11729
|
|
[128] = https://curl.se/bug/?i=11774
|
|
[129] = https://curl.se/bug/?i=11773
|
|
[131] = https://curl.se/bug/?i=11771
|
|
[134] = https://curl.se/bug/?i=11764
|
|
[136] = https://curl.se/bug/?i=11547
|
|
[140] = https://curl.se/bug/?i=11547
|
|
[141] = https://curl.se/bug/?i=11738
|
|
[142] = https://curl.se/bug/?i=11759
|
|
[143] = https://curl.se/bug/?i=11747
|
|
[144] = https://curl.se/bug/?i=11677
|
|
[145] = https://curl.se/bug/?i=11735
|
|
[146] = https://curl.se/bug/?i=11757
|
|
[147] = https://curl.se/bug/?i=11693
|
|
[148] = https://curl.se/bug/?i=11753
|