1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
|
curl and libcurl 7.69.0
Public curl releases: 189
Command line options: 230
curl_easy_setopt() options: 270
Public functions in libcurl: 82
Contributors: 2113
This release includes the following changes:
o polarssl: removed [16]
o smtp: introducing CURLOPT_MAIL_RCPT_ALLLOWFAILS and --mail-rcpt-allowfails [23]
o wolfSSH: new support SSH backend [5]
This release includes the following bugfixes:
o CMake: Add support for CMAKE_LTO option [22]
o CMake: use check_symbol_exists also for inet_pton [19]
o CURLINFO_COOKIELIST.3: Fix example [67]
o CURLOPT_ALTSVC_CTRL.3: fix the DEFAULT wording [74]
o CURLOPT_PROXY_SSL_OPTIONS.3: Sync with CURLOPT_SSL_OPTIONS.3
o CURLOPT_REDIR_PROTOCOLS.3: update the DEFAULT section [83]
o GnuTLS: Always send client cert [76]
o HTTP-COOKIES.md: describe the cookie file format [21]
o HTTP-COOKIES: mention that a trailing newline is required [81]
o KNOWN_BUGS: Multiple methods in a single WWW-Authenticate: header
o README: mention that the docs is in docs/ [49]
o RELEASE-PROCEDURE: feature win is closed post-release a few days [62]
o SOCKS: make the connect phase non-blocking [64]
o altsvc: improved header parser [63]
o altsvc: keep a copy of the file name to survive handle reset [50]
o altsvc: make saving the cache an atomic operation [84]
o altsvc: use h3-25 [40]
o azure: disable brotli on the macos debug-builds [68]
o checksrc.bat: Fix not being able to run script from the main curl dir [54]
o cleanup: fix several comment typos [78]
o cleanup: fix typos and wording in docs and comments [39]
o cmake: Enable SMB for Windows builds [12]
o cmake: Improve libssh2 check on Windows [8]
o cmake: support specifying the target Windows version [27]
o configure.ac: fix comments about --with-quiche [53]
o conn: do not reuse connection if SOCKS proxy credentials differ [32]
o conncache: removed unused Curl_conncache_bundle_size() [33]
o connect: remove some spurious infof() calls [80]
o connection reuse: respect the max_concurrent_streams limits [3]
o contributors: Also include people who contributed to curl-www [58]
o contrithanks: Use the most recent tag by default [59]
o cookie: check __Secure- and __Host- case sensitively [43]
o cookies: make saving atomic with a rename [85]
o create-dirs.d: mention the mode [73]
o curl: Let -D merge headers in one file again [25]
o curl: avoid using strlen for testing if a string is empty [37]
o curl: error on --alt-svc use w/o support [61]
o curl: make #0 not output the full URL [4]
o curl: make the -# spaceship bar not wrap the line [30]
o curl: remove 'config' field from OutStruct [6]
o curl:progressbarinit: ignore column width from terminals < 20 [18]
o curl_global_init: assume the EINTR bit by default [31]
o curl_global_init: move the IPv6 works status bool to multi handle [48]
o data.d: remove "Multiple files can also be specified" [26]
o digest: Do not quote algorithm in HTTP authorisation [55]
o docs/HTTP3: add --enable-alt-svc to curl's configure
o docs/HTTP3: update the OpenSSL branch to use for ngtcp2
o easy: remove dead code [72]
o form.d: fix two minor typos [34]
o ftp: convert 'sock_accepted' to a plain boolean [66]
o ftp: remove superfluous checking for crlf in user or pwd [56]
o ftp: shrink temp buffers used for PORT [60]
o github action: add CIFuzz [77]
o github: Instructions to post "uname -a" on Unix systems in issues [52]
o hostip: move code to resolve IP address literals to `Curl_resolv` [13]
o http2: make pausing/unpausing set/clear local stream window [86]
o http2: now requires nghttp2 >= 1.12.0 [75]
o http: added 417 response treatment [89]
o http: increase EXPECT_100_THRESHOLD to 1Mb [28]
o http: move "oauth_bearer" from connectdata to Curl_easy [24]
o include: remove non-curl prefixed defines [15]
o libssh2: add support for forcing a hostkey type [7]
o libssh2: fix variable type [17]
o libssh: improve known hosts handling [87]
o llist: removed unused Curl_llist_move() [33]
o location.d: the method change is from POST to GET only [46]
o md4: Fixed compilation issues when using GNU TLS gcrypt [95]
o mk-ca-bundle: add support for CKA_NSS_SERVER_DISTRUST_AFTER [36]
o multi: Change curl_multi_wait/poll to error on negative timeout [11]
o multi: fix outdated comment [71]
o multi: if Curl_readwrite sets 'comeback' use expire, not loop [65]
o multi_done: if multiplexed, make conn->data point to another transfer [45]
o ngtcp2: Add an error code for QUIC connection errors [10]
o ngtcp2: fixed to only use AF_INET6 when ENABLE_IPV6 [63]
o ngtcp2: update to git master and its draft-25 support [42]
o ntlm: Move the winbind data into the NTLM data structure
o ntlm: Pass the Curl_easy structure to the private winbind functions
o ntlm: Removed the dependency on the TLS libaries when using MD5 [93]
o ntlm_wb: Use Curl_socketpair() for greater portability [57]
o oauth2-bearer.d: works for HTTP too [44]
o openssl: make CURLINFO_CERTINFO not truncate x509v3 fields [35]
o openssl: remove redundant assignment [38]
o os400: fixed the build [29]
o quiche: update to draft-25 [41]
o runtests: make random seed fixed for a month [1]
o schannel: Make CURLOPT_CAINFO work better on Windows 7 [9]
o schannel_verify: Fix alt names manual verify for UNICODE builds [20]
o singleuse.pl: support new API functions, fix curl_dbg_ handling [33]
o smtp: Support UTF-8 based host names [90]
o smtp: Support the SMTPUTF8 extension [90]
o strcase: turn Curl_raw_tolower into static [33]
o strerror: Increase STRERROR_LEN 128 -> 256 [70]
o test1323: added missing 'unit test' feature requirement
o tests: Added a unit test for MD4 digest generation [92]
o tests: Added a unit test for SHA256 digest generation [94]
o tests: Added a unit test for the HMAC hash generation [91]
o tests: deduce the tool name from the test case for unit tests [88]
o tool_dirhie: Allow directory traversal during creation [2]
o tool_homedir: Change GetEnv() to use libcurl's curl_getenv() [69]
o tool_util: Improve Windows version of tvnow() [82]
o travis: update non-OpenSSL Linux jobs to Bionic [38]
o url: Include the failure reason when curl_win32_idn_to_ascii() fails [51]
o urlapi: guess scheme properly with credentials given [47]
o urldata: do string enums without #ifdefs for build scripts [29]
o vtls: Refactor Curl_multissl_version to make the code clearer [14]
o win32: USE_WIN32_CRYPTO to enable Win32 based MD4, MD5 and SHA256 [79]
This release includes the following known bugs:
o see docs/KNOWN_BUGS (https://curl.haxx.se/docs/knownbugs.html)
This release would not have looked like this without help, code, reports and
advice from friends like these:
3dyd on github, Alessandro Ghedini, Anderson Toshiyuki Sasaki, Andrew Potter,
Andrius Merkys, Aron Rotteveel, Austin Green, bnfp on github,
bramus on github, Brian Carpenter, bsammon on github, Christian Heimes,
Christoph M. Becker, Craig Andrews, crazydef on github, Cristian Greco,
Dan Fandrich, Daniel Gustafsson, Daniel Marjamäki, Daniel Stenberg,
Dan Jacobson, dmitrmax on github, Edgaras Janušauskas, Emil Engler,
Faizur Rahman, Frank Gevaerts, hamstergene on github, Harry Sintonen,
James Fuller, Jeroen Ooms, jethrogb on github, Johannes Schindelin,
Jon Rumsey, Joonas Kuorilehto, Kunal Ekawde, Leo Neat, Marc Aldorasi,
Marcel Raad, mbeifuss on github, Mike Frysinger, Mike Norton, Mischa Salle,
naost3rn on github, Nicolas Guillier, Orgad Shaneh, Pavel Volgarev,
Pedro Monreal, Peter Piekarski, Pierre-Yves Bigourdan, Ray Satiro,
Santino Keupp, Steve Holme, Sunny Bean, Tobias Hieta, vshmuk on hackerone,
ygthien on github, 加藤郁之,
(57 contributors)
Thanks! (and sorry if I forgot to mention someone)
References to bug reports and discussions on issues:
[1] = https://curl.haxx.se/bug/?i=4734
[2] = https://curl.haxx.se/bug/?i=4796
[3] = https://curl.haxx.se/bug/?i=4779
[4] = https://curl.haxx.se/bug/?i=4812
[5] = https://daniel.haxx.se/blog/2020/01/12/curl-even-more-wolfed/
[6] = https://curl.haxx.se/bug/?i=4807
[7] = https://curl.haxx.se/bug/?i=4747
[8] = https://curl.haxx.se/bug/?i=4804
[9] = https://curl.haxx.se/bug/?i=3711
[10] = https://curl.haxx.se/bug/?i=4754
[11] = https://curl.haxx.se/bug/?i=4763
[12] = https://curl.haxx.se/bug/?i=4717
[13] = https://curl.haxx.se/bug/?i=4798
[14] = https://curl.haxx.se/bug/?i=4803
[15] = https://curl.haxx.se/bug/?i=4793
[16] = https://curl.haxx.se/bug/?i=4825
[17] = https://curl.haxx.se/bug/?i=4823
[18] = https://curl.haxx.se/bug/?i=4818
[19] = https://curl.haxx.se/bug/?i=4808
[20] = https://curl.haxx.se/bug/?i=4761
[21] = https://curl.haxx.se/bug/?i=4805
[22] = https://curl.haxx.se/bug/?i=4799
[23] = https://curl.haxx.se/bug/?i=4816
[24] = https://curl.haxx.se/bug/?i=4824
[25] = https://curl.haxx.se/bug/?i=4762
[26] = https://curl.haxx.se/mail/archive-2020-01/0016.html
[27] = https://curl.haxx.se/bug/?i=4815
[28] = https://curl.haxx.se/bug/?i=4814
[29] = https://curl.haxx.se/bug/?i=4822
[30] = https://curl.haxx.se/bug/?i=4849
[31] = https://curl.haxx.se/bug/?i=4840
[32] = https://curl.haxx.se/bug/?i=4835
[33] = https://curl.haxx.se/bug/?i=4842
[34] = https://curl.haxx.se/bug/?i=4843
[35] = https://curl.haxx.se/bug/?i=4837
[36] = https://curl.haxx.se/bug/?i=4834
[37] = https://curl.haxx.se/bug/?i=4873
[38] = https://curl.haxx.se/bug/?i=4872
[39] = https://curl.haxx.se/bug/?i=4869
[40] = https://curl.haxx.se/bug/?i=4868
[41] = https://curl.haxx.se/bug/?i=4867
[42] = https://curl.haxx.se/bug/?i=4865
[43] = https://curl.haxx.se/bug/?i=4864
[44] = https://curl.haxx.se/bug/?i=4862
[45] = https://curl.haxx.se/bug/?i=4845
[46] = https://curl.haxx.se/bug/?i=4859
[47] = https://curl.haxx.se/bug/?i=4856
[48] = https://curl.haxx.se/bug/?i=4851
[49] = https://curl.haxx.se/bug/?i=4830
[50] = https://curl.haxx.se/bug/?i=4898
[51] = https://curl.haxx.se/bug/?i=4899
[52] = https://curl.haxx.se/bug/?i=4896
[53] = https://curl.haxx.se/bug/?i=4897
[54] = https://curl.haxx.se/bug/?i=4894
[55] = https://curl.haxx.se/bug/?i=4890
[56] = https://curl.haxx.se/bug/?i=4887
[57] = https://curl.haxx.se/bug/?i=4886
[58] = https://curl.haxx.se/bug/?i=4884
[59] = https://curl.haxx.se/bug/?i=4883
[60] = https://curl.haxx.se/bug/?i=4880
[61] = https://curl.haxx.se/bug/?i=4878
[62] = https://curl.haxx.se/bug/?i=4877
[63] = https://curl.haxx.se/bug/?i=4875
[64] = https://curl.haxx.se/bug/?i=4907
[65] = https://curl.haxx.se/bug/?i=4927
[66] = https://curl.haxx.se/bug/?i=4929
[67] = https://curl.haxx.se/bug/?i=4930
[68] = https://curl.haxx.se/bug/?i=4925
[69] = https://curl.haxx.se/bug/?i=4774
[70] = https://curl.haxx.se/bug/?i=4920
[71] = https://curl.haxx.se/bug/?i=4901
[72] = https://curl.haxx.se/bug/?i=4900
[73] = https://curl.haxx.se/bug/?i=4766
[74] = https://curl.haxx.se/bug/?i=4909
[75] = https://curl.haxx.se/bug/?i=4961
[76] = https://curl.haxx.se/bug/?i=1411
[77] = https://curl.haxx.se/bug/?i=4960
[78] = https://curl.haxx.se/bug/?i=4957
[79] = https://curl.haxx.se/bug/?i=4955
[80] = https://curl.haxx.se/bug/?i=4951
[81] = https://curl.haxx.se/bug/?i=4946
[82] = https://curl.haxx.se/bug/?i=4947
[83] = https://curl.haxx.se/bug/?i=4943
[84] = https://curl.haxx.se/bug/?i=4936
[85] = https://curl.haxx.se/bug/?i=4914
[86] = https://curl.haxx.se/bug/?i=4939
[87] = https://curl.haxx.se/bug/?i=4953
[88] = https://curl.haxx.se/bug/?i=4976
[89] = https://curl.haxx.se/bug/?i=4949
[90] = https://curl.haxx.se/bug/?i=4892
[91] = https://curl.haxx.se/bug/?i=4973
[92] = https://curl.haxx.se/bug/?i=4970
[93] = https://curl.haxx.se/bug/?i=4967
[94] = https://curl.haxx.se/bug/?i=4968
[95] = https://curl.haxx.se/bug/?i=4959
|