mirror of
https://github.com/curl/curl.git
synced 2024-12-21 06:50:10 +08:00
340 lines
15 KiB
Plaintext
340 lines
15 KiB
Plaintext
curl and libcurl 7.87.1
|
|
|
|
Public curl releases: 213
|
|
Command line options: 250
|
|
curl_easy_setopt() options: 302
|
|
Public functions in libcurl: 91
|
|
Contributors: 2806
|
|
|
|
This release includes the following changes:
|
|
|
|
o curl.h: add CURL_HTTP_VERSION_3ONLY [82]
|
|
o share: add sharing of HSTS cache among handles [7]
|
|
o src: add --http3-only [81]
|
|
o tool_operate: share HSTS between handles
|
|
o urlapi: add CURLU_PUNYCODE [25]
|
|
|
|
This release includes the following bugfixes:
|
|
|
|
o cf-socket: fix build when not HAVE_GETPEERNAME [89]
|
|
o cf-socket: keep sockaddr local in the socket filters [69]
|
|
o cfilters:Curl_conn_get_select_socks: use the first non-connected filter [24]
|
|
o CI: add a workflow to automatically label pull requests [102]
|
|
o CI: add pytest GHA to CI test/tests-httpd on a HTTP/3 setup [109]
|
|
o cmake: bump requirement to 3.7 [23]
|
|
o cmake: check for sendmsg [39]
|
|
o cmake: delete redundant macro definition `SECURITY_WIN32` [91]
|
|
o cmake: fix the snprintf detection [5]
|
|
o cmake: remove deprecated symbols check [96]
|
|
o cmake: set SOVERSION also for macOS [68]
|
|
o cmake: use list APPEND syntax for CMAKE_REQUIRED_DEFINITIONS [94]
|
|
o CODEOWNERS: remove the peeps mentioned as CI owners [128]
|
|
o connect: fix access of pointer before NULL check [83]
|
|
o connect: fix build when not ENABLE_IPV6 [88]
|
|
o connect: fix strategy testing for attempts, timeouts and happy-eyeball [110]
|
|
o connections: introduce http/3 happy eyeballs [127]
|
|
o cookies: fp is always not NULL [104]
|
|
o copyright.pl: cease doing year verifications [74]
|
|
o copyright: update all copyright lines and remove year ranges [35]
|
|
o curl.h: allow up to 10M buffer size [76]
|
|
o curl.h: mark CURLSSLBACKEND_MESALINK as deprecated [52]
|
|
o curl: output warning at --verbose output for debug-enabled version [80]
|
|
o curl_free.3: fix return type of `curl_free` [113]
|
|
o curl_global_sslset.3: clarify the openssl situation [53]
|
|
o curl_log: for failf/infof and debug logging implementations [87]
|
|
o curl_version_info.3: fix typo [100]
|
|
o curl_ws_send.3: clarify how to send multi-frame messages
|
|
o CURLOPT_HEADERDATA.3: warn DLL users must set write function [45]
|
|
o CURLOPT_READFUNCTION.3: the callback 'size' arg is always 1 [73]
|
|
o CURLOPT_WRITEFUNCTION.3: fix memory leak in example [122]
|
|
o dict: URL decode the entire path always [120]
|
|
o docs/DEPRECATE.md: deprecate gskit [36]
|
|
o docs: add link to GitHub Discussions [49]
|
|
o docs: mention indirect effects of --insecure [19]
|
|
o docs: POSTFIELDSIZE must be set to -1 with read function [97]
|
|
o doh: ifdef IPv6 code [123]
|
|
o easyoptions: fix header printing in generation script [84]
|
|
o escape: hex decode with a lookup-table [107]
|
|
o escape: use table lookup when adding %-codes to output [105]
|
|
o examples: remove the curlgtk.c example [48]
|
|
o fopen: remove unnecessary assignment [111]
|
|
o ftpserver: lower the DATA connect timeout to speed up torture tests [27]
|
|
o GHA/macos.yml: bump to gcc-12 [106]
|
|
o GHA/macos: use Xcode_14.0.1 for cmake builds [132]
|
|
o GHA: add job on Slackware 15.0 [58]
|
|
o GHA: move the quiche job here from zuul [75]
|
|
o GHA: use designated ngtcp2 and its dependencies versions [77]
|
|
o haxproxy: send before TLS handhshake [34]
|
|
o hsts.d: explain hsts more [78]
|
|
o hsts: handle adding the same host name again
|
|
o http2: fix compiler warning due to uninitialized variable
|
|
o http2: when using printf %.*s, the length arg must be 'int' [41]
|
|
o HTTP3: mention what needs to be in place to remove EXPERIMENTAL label [31]
|
|
o http: add additional condition for including stdint.h [54]
|
|
o http: decode transfer encoding first [51]
|
|
o http: fix "part of conditional expression is always false" [125]
|
|
o http: remove the trace message "Mark bundle... multiuse" [6]
|
|
o http_aws_sigv4: remove typecasts from HMAC_SHA256 macro [121]
|
|
o http_proxy: do not assign data->req.p.http use local copy [59]
|
|
o INSTALL: document how to use multiple TLS backends [103]
|
|
o lib670: make test.h the first include [56]
|
|
o lib: connect/h2/h3 refactor [57]
|
|
o lib: fix typos [99]
|
|
o lib: fix typos in comments which repeat a word [67]
|
|
o libssh2: try sha2 algos for hostkey methods [2]
|
|
o libtest: add a sleep macro for Windows [115]
|
|
o Linux CI: update some dependecies to latest tag [44]
|
|
o Makefile.mk: fix wolfssl and mbedtls default paths [21]
|
|
o man pages: call the custom user pointer 'clientp' consistently [135]
|
|
o md4: fix build with GnuTLS + OpenSSL v1 [12]
|
|
o misc: fix grammar and spelling [14]
|
|
o misc: fix spelling [134]
|
|
o misc: reduce struct and struct field sizes [65]
|
|
o msh3: add support for request payload [28]
|
|
o msh3: update to v0.5 Release [17]
|
|
o msh3: update to v0.6 [60]
|
|
o multihandle: turn bool struct fields into bits [26]
|
|
o ngtcp2: add CURLOPT_SSL_CTX_FUNCTION support for openssl+wolfssl [62]
|
|
o ngtcp2: fix the build without 'sendmsg' [38]
|
|
o noproxy: support for space-separated names is deprecated [66]
|
|
o nss: implement data_pending method [43]
|
|
o openssl: adapt to boringssl's error code type [118]
|
|
o openssl: don't ignore CA paths when using Windows CA store (redux) [101]
|
|
o openssl: don't log raw record headers [93]
|
|
o openssl: make the BIO_METHOD a local variable in the connection filter [79]
|
|
o openssl: only use CA_BLOB if verifying peer [112]
|
|
o openssl: remove attached easy handles from SSL instances [29]
|
|
o os400: fixes to make-lib.sh and initscript.sh [71]
|
|
o packages: remove Android, update README [108]
|
|
o release-notes.pl: check fixes/closes lines better
|
|
o Revert "x509asn1: avoid freeing unallocated pointers" [37]
|
|
o runtest.pl: add expected fourth return value [40]
|
|
o runtests: also tear down http2/http3 servers when https server is stopped [8]
|
|
o runtests: consider warnings fatal and error on them [32]
|
|
o runtests: fix detection of TLS backends [50]
|
|
o runtests: make 'mbedtls' a testable feature
|
|
o scripts: fix Appveyor job detection in cijobs.pl
|
|
o scripts: set file mode +x on all perl and shell scripts [63]
|
|
o sectransp: fix for incomplete read/writes [61]
|
|
o SECURITY-PROCESS.md: document severity levels [20]
|
|
o setopt: move the SHA256 opt within #ifdef libssh2 [42]
|
|
o setopt: use >, not >=, when checking if uarg is larger than uint-max [140]
|
|
o socketpair: allow localhost MITM sniffers [30]
|
|
o strdup: name it Curl_strdup [16]
|
|
o system.h: assume OS400 is always built with ILEC compiler [95]
|
|
o test1560: use a UTF8-using locale when run [46]
|
|
o tests-httpd: basic infra to run curl against an apache httpd [72]
|
|
o tests: add 3 new HTTP/2 test cases, plus https: support for nghttpx [9]
|
|
o tests: avoid use of sha1 in certificates [4]
|
|
o tls: fixes for wolfssl + openssl combo builds [133]
|
|
o tool_getparam: fix hiding of command line secrets [85]
|
|
o tool_operate: fix `CURLOPT_SOCKS5_GSSAPI_NEC` type [1]
|
|
o tool_operate: fix error codes during DOS filename sanitize [138]
|
|
o tool_operate: fix error codes on bad URL & OOM [139]
|
|
o tool_operate: fix headerfile writing [64]
|
|
o tool_operate: repair --rate [119]
|
|
o transfer: break the read loop when RECV is cleared [22]
|
|
o typecheck: accept expressions for option/info parameters [3]
|
|
o url: fix part of conditional expression is always true [147]
|
|
o urlapi: avoid Curl_dyn_addf() for hex outputs [130]
|
|
o urlapi: fix part of conditional expression is always true: qlen [146]
|
|
o urlapi: skip path checks if path is just "/" [131]
|
|
o urlapi: skip the extra dedotdot alloc if no dot in path [126]
|
|
o urldata: cease storing TLS auth type [55]
|
|
o urldata: make 'ftp_create_missing_dirs' depend on FTP || SFTP [13]
|
|
o urldata: make set.http200aliases conditional on HTTP being present [11]
|
|
o urldata: move the cookefilelist to the 'set' struct [15]
|
|
o urldata: remove unused struct fields, made more conditional [10]
|
|
o vtls: fix hostname handling in filters [98]
|
|
o vtls: manage current easy handle in nested cfilter calls [90]
|
|
o vtls: use ALPN HTTP/1.0 when HTTP/1.0 is used
|
|
o winbuild: document that arm64 is supported [92]
|
|
o wolfssl: remove deprecated post-quantum algorithms [124]
|
|
o workflows/linux.yml: merge 3 common packages [18]
|
|
o write-out.d: add 'since version' to %{header_json} documentation [129]
|
|
o write-out.d: clarify Windows % symbol escaping [86]
|
|
o writeout: add %{certs} and %{num_certs} [33]
|
|
o ws: fix autoping handling [70]
|
|
o ws: fix multiframe send handling [143]
|
|
o ws: remove bad assert [117]
|
|
o ws: unstick connect-only shutdown [116]
|
|
o x509asn1: fix compile errors and warnings [47]
|
|
o zuul: stop using this CI service [114]
|
|
|
|
This release includes the following known bugs:
|
|
|
|
o see docs/KNOWN_BUGS (https://curl.se/docs/knownbugs.html)
|
|
|
|
Planned upcoming removals include:
|
|
|
|
o gskit
|
|
o NSS
|
|
o Support for systems without 64 bit data types
|
|
|
|
See https://curl.se/dev/deprecate.html for details
|
|
|
|
This release would not have looked like this without help, code, reports and
|
|
advice from friends like these:
|
|
|
|
Alexey Savchuk, Andrei Rybak, Andy Alt, Anthony Hu, Brian Green,
|
|
Cameron Blomquist, Dan Fandrich, Daniel Gustafsson, Daniel Stenberg,
|
|
dekerser on github, Divy Le Ray, Esdras de Morais da Silva, Fujii Hironori,
|
|
Gerrit Renker, Gisle Vanem, Hannah Schierling, Harry Sintonen, Hide Ishikawa,
|
|
highmtworks on github, Jakob Hirsch, John Bampton, John Porter,
|
|
John Sherrill, Jon Rumsey, Josh Brobst, Kvarec Lezki, Marc Aldorasi,
|
|
Marcel Raad, Mark Roszko, Martin D'Aloia, Martin Waleczek, Michael Osipov,
|
|
Mike Duglas, Muhammad Hussein Ammari, Nick Banks, nick-telia on github,
|
|
norbertmm on github, odek86 on github, Patrick Monnerat, Paul Groke,
|
|
Paul Howarth, Peter Wu, Philip Heiduck, Pronyushkin Petr, Radek Brich,
|
|
Radu Hociung, RanBarLavie on github, Ray Satiro, Ryan Schmidt,
|
|
Sébastien Helleu, Sergey Bronnikov, Sergio-IME on github,
|
|
sergio-nsk on github, SerusDev on github, Stanley Wucw, Stefan Eissing,
|
|
Stefan Talpalaru, Stephan Guilloux, Tatsuhiro Tsujikawa,
|
|
Thomas1664 on github, Thomas Klausner, Timmy Schierling, Viktor Szakats,
|
|
violetlige on github, William Tang, Yurii Rashkovskii
|
|
(66 contributors)
|
|
|
|
References to bug reports and discussions on issues:
|
|
|
|
[1] = https://curl.se/bug/?i=10124
|
|
[2] = https://curl.se/bug/?i=10143
|
|
[3] = https://curl.se/bug/?i=10148
|
|
[4] = https://curl.se/bug/?i=10135
|
|
[5] = https://curl.se/bug/?i=10155
|
|
[6] = https://curl.se/bug/?i=10159
|
|
[7] = https://curl.se/bug/?i=10138
|
|
[8] = https://curl.se/bug/?i=10114
|
|
[9] = https://curl.se/bug/?i=10114
|
|
[10] = https://curl.se/bug/?i=10147
|
|
[11] = https://curl.se/bug/?i=10140
|
|
[12] = https://curl.se/bug/?i=10110
|
|
[13] = https://curl.se/bug/?i=10139
|
|
[14] = https://curl.se/bug/?i=10137
|
|
[15] = https://curl.se/bug/?i=10133
|
|
[16] = https://curl.se/bug/?i=10132
|
|
[17] = https://curl.se/bug/?i=10125
|
|
[18] = https://curl.se/bug/?i=10071
|
|
[19] = https://curl.se/bug/?i=10126
|
|
[20] = https://curl.se/bug/?i=10118
|
|
[21] = https://curl.se/bug/?i=10164
|
|
[22] = https://curl.se/bug/?i=10172
|
|
[23] = https://curl.se/bug/?i=10128
|
|
[24] = https://curl.se/bug/?i=10157
|
|
[25] = https://curl.se/bug/?i=10109
|
|
[26] = https://curl.se/bug/?i=10179
|
|
[27] = https://curl.se/bug/?i=10178
|
|
[28] = https://curl.se/bug/?i=10136
|
|
[29] = https://curl.se/bug/?i=10151
|
|
[30] = https://curl.se/bug/?i=10144
|
|
[31] = https://curl.se/bug/?i=10168
|
|
[32] = https://curl.se/bug/?i=10208
|
|
[33] = https://curl.se/bug/?i=10019
|
|
[34] = https://curl.se/bug/?i=10165
|
|
[35] = https://curl.se/bug/?i=10205
|
|
[36] = https://curl.se/bug/?i=10201
|
|
[37] = https://curl.se/bug/?i=10163
|
|
[38] = https://curl.se/bug/?i=10210
|
|
[39] = https://curl.se/bug/?i=10211
|
|
[40] = https://curl.se/bug/?i=10206
|
|
[41] = https://curl.se/bug/?i=10203
|
|
[42] = https://curl.se/bug/?i=10255
|
|
[43] = https://curl.se/bug/?i=10225
|
|
[44] = https://curl.se/bug/?i=10195
|
|
[45] = https://curl.se/bug/?i=10233
|
|
[46] = https://curl.se/bug/?i=10193
|
|
[47] = https://curl.se/bug/?i=10238
|
|
[48] = https://curl.se/bug/?i=10197
|
|
[49] = https://curl.se/bug/?i=10171
|
|
[50] = https://curl.se/bug/?i=10236
|
|
[51] = https://curl.se/bug/?i=10187
|
|
[52] = https://curl.se/bug/?i=10189
|
|
[53] = https://curl.se/bug/?i=10188
|
|
[54] = https://curl.se/bug/?i=10185
|
|
[55] = https://curl.se/bug/?i=10181
|
|
[56] = https://curl.se/bug/?i=10182
|
|
[57] = https://curl.se/bug/?i=10141
|
|
[58] = https://curl.se/bug/?i=10230
|
|
[59] = https://curl.se/bug/?i=10194
|
|
[60] = https://curl.se/bug/?i=10192
|
|
[61] = https://curl.se/bug/?i=10227
|
|
[62] = https://curl.se/bug/?i=10222
|
|
[63] = https://curl.se/bug/?i=10219
|
|
[64] = https://curl.se/bug/?i=10224
|
|
[65] = https://curl.se/bug/?i=10186
|
|
[66] = https://curl.se/bug/?i=10209
|
|
[67] = https://curl.se/bug/?i=10220
|
|
[68] = https://curl.se/bug/?i=10214
|
|
[69] = https://curl.se/bug/?i=10213
|
|
[70] = https://curl.se/bug/?i=10289
|
|
[71] = https://curl.se/bug/?i=10266
|
|
[72] = https://curl.se/bug/?i=10175
|
|
[73] = https://curl.se/bug/?i=10328
|
|
[74] = https://curl.se/bug/?i=10345
|
|
[75] = https://curl.se/bug/?i=10241
|
|
[76] = https://curl.se/bug/?i=10256
|
|
[77] = https://curl.se/bug/?i=10257
|
|
[78] = https://curl.se/bug/?i=10258
|
|
[79] = https://curl.se/bug/?i=10285
|
|
[80] = https://curl.se/bug/?i=10278
|
|
[81] = https://curl.se/bug/?i=10264
|
|
[82] = https://curl.se/bug/?i=10264
|
|
[83] = https://curl.se/bug/?i=10284
|
|
[84] = https://curl.se/bug/?i=10275
|
|
[85] = https://curl.se/bug/?i=10276
|
|
[86] = https://curl.se/bug/?i=10323
|
|
[87] = https://curl.se/bug/?i=10271
|
|
[88] = https://curl.se/bug/?i=10344
|
|
[89] = https://curl.se/bug/?i=10343
|
|
[90] = https://curl.se/bug/?i=10336
|
|
[91] = https://curl.se/bug/?i=10341
|
|
[92] = https://curl.se/bug/?i=10332
|
|
[93] = https://curl.se/bug/?i=10299
|
|
[94] = https://curl.se/bug/?i=10272
|
|
[95] = https://curl.se/bug/?i=10305
|
|
[96] = https://curl.se/bug/?i=10314
|
|
[97] = https://curl.se/bug/?i=10313
|
|
[98] = https://curl.se/bug/?i=10273
|
|
[99] = https://curl.se/bug/?i=10307
|
|
[100] = https://curl.se/bug/?i=10306
|
|
[101] = https://curl.se/bug/?i=10244
|
|
[102] = https://curl.se/bug/?i=10326
|
|
[103] = https://curl.se/bug/?i=10321
|
|
[104] = https://curl.se/bug/?i=10383
|
|
[105] = https://curl.se/bug/?i=10377
|
|
[106] = https://curl.se/bug/?i=10415
|
|
[107] = https://curl.se/bug/?i=10376
|
|
[108] = https://curl.se/bug/?i=10416
|
|
[109] = https://curl.se/bug/?i=10317
|
|
[110] = https://curl.se/bug/?i=10312
|
|
[111] = https://curl.se/bug/?i=10398
|
|
[112] = https://curl.se/mail/lib-2023-01/0070.html
|
|
[113] = https://curl.se/bug/?i=10373
|
|
[114] = https://curl.se/bug/?i=10368
|
|
[115] = https://curl.se/bug/?i=10295
|
|
[116] = https://curl.se/bug/?i=10366
|
|
[117] = https://curl.se/bug/?i=10347
|
|
[118] = https://curl.se/bug/?i=10360
|
|
[119] = https://curl.se/bug/?i=10357
|
|
[120] = https://curl.se/bug/?i=10298
|
|
[121] = https://curl.se/bug/?i=10400
|
|
[122] = https://curl.se/bug/?i=10390
|
|
[123] = https://curl.se/bug/?i=10397
|
|
[124] = https://curl.se/bug/?i=10440
|
|
[125] = https://curl.se/bug/?i=10399
|
|
[126] = https://curl.se/bug/?i=10403
|
|
[127] = https://curl.se/bug/?i=10349
|
|
[128] = https://curl.se/bug/?i=10386
|
|
[129] = https://curl.se/bug/?i=10395
|
|
[130] = https://curl.se/bug/?i=10384
|
|
[131] = https://curl.se/bug/?i=10385
|
|
[132] = https://curl.se/bug/?i=10356
|
|
[133] = https://curl.se/bug/?i=10322
|
|
[134] = https://curl.se/bug/?i=10437
|
|
[135] = https://curl.se/bug/?i=10434
|
|
[138] = https://curl.se/bug/?i=10414
|
|
[139] = https://curl.se/bug/?i=10130
|
|
[140] = https://curl.se/bug/?i=10421
|
|
[143] = https://curl.se/bug/?i=10413
|
|
[146] = https://curl.se/bug/?i=10408
|
|
[147] = https://curl.se/bug/?i=10407
|