From ba6c1f9a4b2d5c67aceebe091c18030defc18d3d Mon Sep 17 00:00:00 2001 From: Patrik Juvonen Date: Fri, 27 Jul 2018 06:42:11 +0300 Subject: [PATCH 01/11] curl: update from 7.59.0 to 7.61.0 --- vendor/curl/CHANGES | 9829 +++++++------ vendor/curl/CMakeLists.txt | 158 +- vendor/curl/Makefile | 26 +- vendor/curl/Makefile.in | 10 +- vendor/curl/RELEASE-NOTES | 361 +- vendor/curl/acinclude.m4 | 311 +- vendor/curl/aclocal.m4 | 1 + vendor/curl/config.guess | 487 +- vendor/curl/config.sub | 203 +- vendor/curl/configure | 1576 +- vendor/curl/configure.ac | 184 +- vendor/curl/docs/CHECKSRC.md | 2 +- vendor/curl/docs/CIPHERS.md | 61 + vendor/curl/docs/CODE_STYLE.md | 84 +- vendor/curl/docs/DEPRECATE.md | 73 + vendor/curl/docs/GOVERNANCE.md | 144 + vendor/curl/docs/INSTALL.cmake | 2 +- vendor/curl/docs/INSTALL.md | 52 +- vendor/curl/docs/KNOWN_BUGS | 120 +- vendor/curl/docs/MAIL-ETIQUETTE | 2 +- vendor/curl/docs/Makefile.am | 47 +- vendor/curl/docs/Makefile.in | 49 +- ...RELEASE-PROCEDURE => RELEASE-PROCEDURE.md} | 13 +- vendor/curl/docs/SECURITY-PROCESS.md | 29 +- vendor/curl/docs/THANKS | 63 +- vendor/curl/docs/TODO | 74 +- vendor/curl/docs/cmdline-opts/Makefile.in | 5 +- vendor/curl/docs/cmdline-opts/Makefile.inc | 3 +- vendor/curl/docs/cmdline-opts/cacert.d | 5 + vendor/curl/docs/cmdline-opts/cert-type.d | 6 +- vendor/curl/docs/cmdline-opts/cert.d | 11 + vendor/curl/docs/cmdline-opts/ciphers.d | 2 +- vendor/curl/docs/cmdline-opts/cookie.d | 3 +- vendor/curl/docs/cmdline-opts/data.d | 2 +- vendor/curl/docs/cmdline-opts/form.d | 2 +- vendor/curl/docs/cmdline-opts/ftp-port.d | 6 +- vendor/curl/docs/cmdline-opts/gen.pl | 6 + vendor/curl/docs/cmdline-opts/interface.d | 2 +- vendor/curl/docs/cmdline-opts/max-time.d | 2 +- vendor/curl/docs/cmdline-opts/ntlm.d | 2 +- vendor/curl/docs/cmdline-opts/page-footer | 6 +- vendor/curl/docs/cmdline-opts/page-header | 8 +- vendor/curl/docs/cmdline-opts/post303.d | 9 +- .../curl/docs/cmdline-opts/proxy-cert-type.d | 2 +- .../docs/cmdline-opts/proxy-service-name.d | 2 +- vendor/curl/docs/cmdline-opts/proxytunnel.d | 2 +- vendor/curl/docs/cmdline-opts/range.d | 2 +- vendor/curl/docs/cmdline-opts/remote-time.d | 4 +- vendor/curl/docs/cmdline-opts/retry-delay.d | 4 +- .../curl/docs/cmdline-opts/retry-max-time.d | 2 +- vendor/curl/docs/cmdline-opts/sasl-ir.d | 2 +- vendor/curl/docs/cmdline-opts/show-error.d | 2 +- vendor/curl/docs/cmdline-opts/silent.d | 2 +- vendor/curl/docs/cmdline-opts/ssl-reqd.d | 2 +- vendor/curl/docs/cmdline-opts/ssl.d | 2 +- vendor/curl/docs/cmdline-opts/tftp-blksize.d | 2 +- vendor/curl/docs/cmdline-opts/tlsv1.1.d | 2 +- vendor/curl/docs/cmdline-opts/tlsv1.2.d | 2 +- vendor/curl/docs/cmdline-opts/tlsv1.3.d | 2 +- vendor/curl/docs/cmdline-opts/tlsv1.d | 4 +- vendor/curl/docs/cmdline-opts/url.d | 2 +- vendor/curl/docs/cmdline-opts/user-agent.d | 4 +- vendor/curl/docs/curl-config.1 | 2 +- vendor/curl/docs/curl.1 | 114 +- vendor/curl/docs/examples/Makefile.in | 4 +- vendor/curl/docs/examples/Makefile.inc | 2 +- vendor/curl/docs/examples/Makefile.netware | 4 +- vendor/curl/docs/examples/cacertinmem.c | 4 +- vendor/curl/docs/examples/chkspeed.c | 26 +- vendor/curl/docs/examples/crawler.c | 210 + vendor/curl/docs/examples/curlx.c | 4 +- vendor/curl/docs/examples/debug.c | 6 +- vendor/curl/docs/examples/evhiperfifo.c | 1 - vendor/curl/docs/examples/fileupload.c | 12 +- vendor/curl/docs/examples/fopen.c | 4 +- vendor/curl/docs/examples/getinmemory.c | 2 +- vendor/curl/docs/examples/hiperfifo.c | 145 +- vendor/curl/docs/examples/http2-download.c | 6 +- vendor/curl/docs/examples/http2-serverpush.c | 12 +- vendor/curl/docs/examples/http2-upload.c | 10 +- .../curl/docs/examples/multi-debugcallback.c | 6 +- vendor/curl/docs/examples/multi-uv.c | 4 +- vendor/curl/docs/examples/progressfunc.c | 40 +- vendor/curl/docs/examples/sessioninfo.c | 2 +- vendor/curl/docs/examples/sftpuploadresume.c | 8 +- .../docs/examples/shared-connection-cache.c | 2 +- vendor/curl/docs/examples/smtp-mime.c | 2 +- .../curl/docs/examples/threaded-shared-conn.c | 2 +- vendor/curl/docs/libcurl/Makefile.am | 4 +- vendor/curl/docs/libcurl/Makefile.in | 6 +- vendor/curl/docs/libcurl/curl_easy_cleanup.3 | 2 +- .../curl/docs/libcurl/curl_easy_duphandle.3 | 2 +- vendor/curl/docs/libcurl/curl_easy_escape.3 | 2 +- vendor/curl/docs/libcurl/curl_easy_getinfo.3 | 48 +- vendor/curl/docs/libcurl/curl_easy_init.3 | 2 +- vendor/curl/docs/libcurl/curl_easy_pause.3 | 2 +- vendor/curl/docs/libcurl/curl_easy_perform.3 | 2 +- vendor/curl/docs/libcurl/curl_easy_recv.3 | 2 +- vendor/curl/docs/libcurl/curl_easy_reset.3 | 2 +- vendor/curl/docs/libcurl/curl_easy_send.3 | 2 +- vendor/curl/docs/libcurl/curl_easy_setopt.3 | 18 +- vendor/curl/docs/libcurl/curl_easy_strerror.3 | 2 +- vendor/curl/docs/libcurl/curl_easy_unescape.3 | 2 +- vendor/curl/docs/libcurl/curl_escape.3 | 2 +- vendor/curl/docs/libcurl/curl_formadd.3 | 2 +- vendor/curl/docs/libcurl/curl_formfree.3 | 2 +- vendor/curl/docs/libcurl/curl_formget.3 | 2 +- vendor/curl/docs/libcurl/curl_free.3 | 2 +- vendor/curl/docs/libcurl/curl_getdate.3 | 2 +- vendor/curl/docs/libcurl/curl_getenv.3 | 2 +- .../curl/docs/libcurl/curl_global_cleanup.3 | 2 +- vendor/curl/docs/libcurl/curl_global_init.3 | 4 +- .../curl/docs/libcurl/curl_global_init_mem.3 | 2 +- vendor/curl/docs/libcurl/curl_global_sslset.3 | 9 +- vendor/curl/docs/libcurl/curl_mime_addpart.3 | 2 +- vendor/curl/docs/libcurl/curl_mime_data.3 | 2 +- vendor/curl/docs/libcurl/curl_mime_data_cb.3 | 4 +- vendor/curl/docs/libcurl/curl_mime_encoder.3 | 2 +- vendor/curl/docs/libcurl/curl_mime_filedata.3 | 4 +- vendor/curl/docs/libcurl/curl_mime_filename.3 | 2 +- vendor/curl/docs/libcurl/curl_mime_free.3 | 2 +- vendor/curl/docs/libcurl/curl_mime_headers.3 | 2 +- vendor/curl/docs/libcurl/curl_mime_init.3 | 2 +- vendor/curl/docs/libcurl/curl_mime_name.3 | 2 +- vendor/curl/docs/libcurl/curl_mime_subparts.3 | 2 +- vendor/curl/docs/libcurl/curl_mime_type.3 | 4 +- vendor/curl/docs/libcurl/curl_mprintf.3 | 2 +- .../curl/docs/libcurl/curl_multi_add_handle.3 | 14 +- vendor/curl/docs/libcurl/curl_multi_assign.3 | 2 +- vendor/curl/docs/libcurl/curl_multi_cleanup.3 | 2 +- vendor/curl/docs/libcurl/curl_multi_fdset.3 | 2 +- .../curl/docs/libcurl/curl_multi_info_read.3 | 2 +- vendor/curl/docs/libcurl/curl_multi_init.3 | 2 +- vendor/curl/docs/libcurl/curl_multi_perform.3 | 2 +- .../docs/libcurl/curl_multi_remove_handle.3 | 2 +- vendor/curl/docs/libcurl/curl_multi_setopt.3 | 2 +- vendor/curl/docs/libcurl/curl_multi_socket.3 | 23 +- .../docs/libcurl/curl_multi_socket_action.3 | 12 +- .../curl/docs/libcurl/curl_multi_strerror.3 | 2 +- vendor/curl/docs/libcurl/curl_multi_timeout.3 | 2 +- vendor/curl/docs/libcurl/curl_multi_wait.3 | 2 +- vendor/curl/docs/libcurl/curl_share_cleanup.3 | 2 +- vendor/curl/docs/libcurl/curl_share_init.3 | 2 +- vendor/curl/docs/libcurl/curl_share_setopt.3 | 11 +- .../curl/docs/libcurl/curl_share_strerror.3 | 2 +- vendor/curl/docs/libcurl/curl_slist_append.3 | 2 +- .../curl/docs/libcurl/curl_slist_free_all.3 | 2 +- vendor/curl/docs/libcurl/curl_strequal.3 | 2 +- vendor/curl/docs/libcurl/curl_unescape.3 | 2 +- vendor/curl/docs/libcurl/curl_version.3 | 2 +- vendor/curl/docs/libcurl/curl_version_info.3 | 9 +- vendor/curl/docs/libcurl/index.html | 71 - vendor/curl/docs/libcurl/libcurl-easy.3 | 2 +- vendor/curl/docs/libcurl/libcurl-env.3 | 4 +- vendor/curl/docs/libcurl/libcurl-errors.3 | 2 +- vendor/curl/docs/libcurl/libcurl-multi.3 | 22 +- vendor/curl/docs/libcurl/libcurl-security.3 | 28 +- vendor/curl/docs/libcurl/libcurl-share.3 | 2 +- vendor/curl/docs/libcurl/libcurl-symbols.3 | 42 +- vendor/curl/docs/libcurl/libcurl-thread.3 | 2 +- vendor/curl/docs/libcurl/libcurl-tutorial.3 | 22 +- vendor/curl/docs/libcurl/libcurl.3 | 2 +- .../docs/libcurl/opts/CURLINFO_ACTIVESOCKET.3 | 2 +- .../libcurl/opts/CURLINFO_APPCONNECT_TIME.3 | 4 +- .../libcurl/opts/CURLINFO_APPCONNECT_TIME_T.3 | 65 + .../docs/libcurl/opts/CURLINFO_CERTINFO.3 | 2 +- .../libcurl/opts/CURLINFO_CONDITION_UNMET.3 | 2 +- .../docs/libcurl/opts/CURLINFO_CONNECT_TIME.3 | 4 +- .../libcurl/opts/CURLINFO_CONNECT_TIME_T.3 | 60 + .../opts/CURLINFO_CONTENT_LENGTH_DOWNLOAD.3 | 2 +- .../opts/CURLINFO_CONTENT_LENGTH_DOWNLOAD_T.3 | 4 +- .../opts/CURLINFO_CONTENT_LENGTH_UPLOAD.3 | 2 +- .../opts/CURLINFO_CONTENT_LENGTH_UPLOAD_T.3 | 4 +- .../docs/libcurl/opts/CURLINFO_CONTENT_TYPE.3 | 2 +- .../docs/libcurl/opts/CURLINFO_COOKIELIST.3 | 11 +- .../libcurl/opts/CURLINFO_EFFECTIVE_URL.3 | 2 +- .../docs/libcurl/opts/CURLINFO_FILETIME.3 | 2 +- .../docs/libcurl/opts/CURLINFO_FILETIME_T.3 | 2 +- .../libcurl/opts/CURLINFO_FTP_ENTRY_PATH.3 | 2 +- .../docs/libcurl/opts/CURLINFO_HEADER_SIZE.3 | 2 +- .../libcurl/opts/CURLINFO_HTTPAUTH_AVAIL.3 | 2 +- .../libcurl/opts/CURLINFO_HTTP_CONNECTCODE.3 | 2 +- .../docs/libcurl/opts/CURLINFO_HTTP_VERSION.3 | 2 +- .../docs/libcurl/opts/CURLINFO_LASTSOCKET.3 | 2 +- .../docs/libcurl/opts/CURLINFO_LOCAL_IP.3 | 2 +- .../docs/libcurl/opts/CURLINFO_LOCAL_PORT.3 | 2 +- .../libcurl/opts/CURLINFO_NAMELOOKUP_TIME.3 | 4 +- .../libcurl/opts/CURLINFO_NAMELOOKUP_TIME_T.3 | 61 + .../docs/libcurl/opts/CURLINFO_NUM_CONNECTS.3 | 2 +- .../docs/libcurl/opts/CURLINFO_OS_ERRNO.3 | 2 +- .../libcurl/opts/CURLINFO_PRETRANSFER_TIME.3 | 4 +- .../opts/CURLINFO_PRETRANSFER_TIME_T.3 | 65 + .../docs/libcurl/opts/CURLINFO_PRIMARY_IP.3 | 2 +- .../docs/libcurl/opts/CURLINFO_PRIMARY_PORT.3 | 2 +- .../curl/docs/libcurl/opts/CURLINFO_PRIVATE.3 | 2 +- .../docs/libcurl/opts/CURLINFO_PROTOCOL.3 | 17 +- .../libcurl/opts/CURLINFO_PROXYAUTH_AVAIL.3 | 2 +- .../opts/CURLINFO_PROXY_SSL_VERIFYRESULT.3 | 2 +- .../libcurl/opts/CURLINFO_REDIRECT_COUNT.3 | 2 +- .../libcurl/opts/CURLINFO_REDIRECT_TIME.3 | 4 +- .../libcurl/opts/CURLINFO_REDIRECT_TIME_T.3 | 64 + .../docs/libcurl/opts/CURLINFO_REDIRECT_URL.3 | 2 +- .../docs/libcurl/opts/CURLINFO_REQUEST_SIZE.3 | 2 +- .../libcurl/opts/CURLINFO_RESPONSE_CODE.3 | 2 +- .../libcurl/opts/CURLINFO_RTSP_CLIENT_CSEQ.3 | 2 +- .../libcurl/opts/CURLINFO_RTSP_CSEQ_RECV.3 | 2 +- .../libcurl/opts/CURLINFO_RTSP_SERVER_CSEQ.3 | 2 +- .../libcurl/opts/CURLINFO_RTSP_SESSION_ID.3 | 2 +- .../curl/docs/libcurl/opts/CURLINFO_SCHEME.3 | 2 +- .../libcurl/opts/CURLINFO_SIZE_DOWNLOAD.3 | 2 +- .../libcurl/opts/CURLINFO_SIZE_DOWNLOAD_T.3 | 4 +- .../docs/libcurl/opts/CURLINFO_SIZE_UPLOAD.3 | 2 +- .../libcurl/opts/CURLINFO_SIZE_UPLOAD_T.3 | 4 +- .../libcurl/opts/CURLINFO_SPEED_DOWNLOAD.3 | 2 +- .../libcurl/opts/CURLINFO_SPEED_DOWNLOAD_T.3 | 4 +- .../docs/libcurl/opts/CURLINFO_SPEED_UPLOAD.3 | 2 +- .../libcurl/opts/CURLINFO_SPEED_UPLOAD_T.3 | 4 +- .../docs/libcurl/opts/CURLINFO_SSL_ENGINES.3 | 2 +- .../libcurl/opts/CURLINFO_SSL_VERIFYRESULT.3 | 10 +- .../opts/CURLINFO_STARTTRANSFER_TIME.3 | 4 +- .../opts/CURLINFO_STARTTRANSFER_TIME_T.3 | 64 + .../docs/libcurl/opts/CURLINFO_TLS_SESSION.3 | 2 +- .../docs/libcurl/opts/CURLINFO_TLS_SSL_PTR.3 | 37 +- .../docs/libcurl/opts/CURLINFO_TOTAL_TIME.3 | 4 +- .../docs/libcurl/opts/CURLINFO_TOTAL_TIME_T.3 | 62 + .../opts/CURLMOPT_CHUNK_LENGTH_PENALTY_SIZE.3 | 2 +- .../CURLMOPT_CONTENT_LENGTH_PENALTY_SIZE.3 | 2 +- .../docs/libcurl/opts/CURLMOPT_MAXCONNECTS.3 | 2 +- .../opts/CURLMOPT_MAX_HOST_CONNECTIONS.3 | 2 +- .../opts/CURLMOPT_MAX_PIPELINE_LENGTH.3 | 2 +- .../opts/CURLMOPT_MAX_TOTAL_CONNECTIONS.3 | 2 +- .../docs/libcurl/opts/CURLMOPT_PIPELINING.3 | 2 +- .../opts/CURLMOPT_PIPELINING_SERVER_BL.3 | 2 +- .../opts/CURLMOPT_PIPELINING_SITE_BL.3 | 2 +- .../docs/libcurl/opts/CURLMOPT_PUSHDATA.3 | 2 +- .../docs/libcurl/opts/CURLMOPT_PUSHFUNCTION.3 | 2 +- .../docs/libcurl/opts/CURLMOPT_SOCKETDATA.3 | 2 +- .../libcurl/opts/CURLMOPT_SOCKETFUNCTION.3 | 2 +- .../docs/libcurl/opts/CURLMOPT_TIMERDATA.3 | 2 +- .../libcurl/opts/CURLMOPT_TIMERFUNCTION.3 | 2 +- .../opts/CURLOPT_ABSTRACT_UNIX_SOCKET.3 | 2 +- .../libcurl/opts/CURLOPT_ACCEPTTIMEOUT_MS.3 | 2 +- .../libcurl/opts/CURLOPT_ACCEPT_ENCODING.3 | 24 +- .../docs/libcurl/opts/CURLOPT_ADDRESS_SCOPE.3 | 2 +- .../curl/docs/libcurl/opts/CURLOPT_APPEND.3 | 2 +- .../docs/libcurl/opts/CURLOPT_AUTOREFERER.3 | 2 +- .../docs/libcurl/opts/CURLOPT_BUFFERSIZE.3 | 2 +- .../curl/docs/libcurl/opts/CURLOPT_CAINFO.3 | 7 +- .../curl/docs/libcurl/opts/CURLOPT_CAPATH.3 | 2 +- .../curl/docs/libcurl/opts/CURLOPT_CERTINFO.3 | 2 +- .../libcurl/opts/CURLOPT_CHUNK_BGN_FUNCTION.3 | 2 +- .../docs/libcurl/opts/CURLOPT_CHUNK_DATA.3 | 2 +- .../libcurl/opts/CURLOPT_CHUNK_END_FUNCTION.3 | 2 +- .../libcurl/opts/CURLOPT_CLOSESOCKETDATA.3 | 2 +- .../opts/CURLOPT_CLOSESOCKETFUNCTION.3 | 2 +- .../libcurl/opts/CURLOPT_CONNECTTIMEOUT.3 | 2 +- .../libcurl/opts/CURLOPT_CONNECTTIMEOUT_MS.3 | 2 +- .../docs/libcurl/opts/CURLOPT_CONNECT_ONLY.3 | 2 +- .../docs/libcurl/opts/CURLOPT_CONNECT_TO.3 | 6 +- .../opts/CURLOPT_CONV_FROM_NETWORK_FUNCTION.3 | 2 +- .../opts/CURLOPT_CONV_FROM_UTF8_FUNCTION.3 | 2 +- .../opts/CURLOPT_CONV_TO_NETWORK_FUNCTION.3 | 2 +- .../curl/docs/libcurl/opts/CURLOPT_COOKIE.3 | 2 +- .../docs/libcurl/opts/CURLOPT_COOKIEFILE.3 | 2 +- .../docs/libcurl/opts/CURLOPT_COOKIEJAR.3 | 2 +- .../docs/libcurl/opts/CURLOPT_COOKIELIST.3 | 2 +- .../docs/libcurl/opts/CURLOPT_COOKIESESSION.3 | 2 +- .../libcurl/opts/CURLOPT_COPYPOSTFIELDS.3 | 2 +- vendor/curl/docs/libcurl/opts/CURLOPT_CRLF.3 | 2 +- .../curl/docs/libcurl/opts/CURLOPT_CRLFILE.3 | 2 +- .../docs/libcurl/opts/CURLOPT_CUSTOMREQUEST.3 | 4 +- .../docs/libcurl/opts/CURLOPT_DEBUGDATA.3 | 2 +- .../docs/libcurl/opts/CURLOPT_DEBUGFUNCTION.3 | 2 +- .../libcurl/opts/CURLOPT_DEFAULT_PROTOCOL.3 | 2 +- .../docs/libcurl/opts/CURLOPT_DIRLISTONLY.3 | 2 +- .../opts/CURLOPT_DISALLOW_USERNAME_IN_URL.3 | 57 + .../libcurl/opts/CURLOPT_DNS_CACHE_TIMEOUT.3 | 2 +- .../docs/libcurl/opts/CURLOPT_DNS_INTERFACE.3 | 2 +- .../docs/libcurl/opts/CURLOPT_DNS_LOCAL_IP4.3 | 2 +- .../docs/libcurl/opts/CURLOPT_DNS_LOCAL_IP6.3 | 2 +- .../docs/libcurl/opts/CURLOPT_DNS_SERVERS.3 | 2 +- .../opts/CURLOPT_DNS_SHUFFLE_ADDRESSES.3 | 70 + .../opts/CURLOPT_DNS_USE_GLOBAL_CACHE.3 | 2 +- .../docs/libcurl/opts/CURLOPT_EGDSOCKET.3 | 2 +- .../docs/libcurl/opts/CURLOPT_ERRORBUFFER.3 | 14 +- .../opts/CURLOPT_EXPECT_100_TIMEOUT_MS.3 | 4 +- .../docs/libcurl/opts/CURLOPT_FAILONERROR.3 | 4 +- .../curl/docs/libcurl/opts/CURLOPT_FILETIME.3 | 2 +- .../docs/libcurl/opts/CURLOPT_FNMATCH_DATA.3 | 2 +- .../libcurl/opts/CURLOPT_FNMATCH_FUNCTION.3 | 2 +- .../libcurl/opts/CURLOPT_FOLLOWLOCATION.3 | 6 +- .../docs/libcurl/opts/CURLOPT_FORBID_REUSE.3 | 2 +- .../docs/libcurl/opts/CURLOPT_FRESH_CONNECT.3 | 2 +- .../curl/docs/libcurl/opts/CURLOPT_FTPPORT.3 | 2 +- .../docs/libcurl/opts/CURLOPT_FTPSSLAUTH.3 | 2 +- .../docs/libcurl/opts/CURLOPT_FTP_ACCOUNT.3 | 2 +- .../opts/CURLOPT_FTP_ALTERNATIVE_TO_USER.3 | 2 +- .../opts/CURLOPT_FTP_CREATE_MISSING_DIRS.3 | 2 +- .../libcurl/opts/CURLOPT_FTP_FILEMETHOD.3 | 2 +- .../opts/CURLOPT_FTP_RESPONSE_TIMEOUT.3 | 2 +- .../libcurl/opts/CURLOPT_FTP_SKIP_PASV_IP.3 | 2 +- .../docs/libcurl/opts/CURLOPT_FTP_SSL_CCC.3 | 2 +- .../docs/libcurl/opts/CURLOPT_FTP_USE_EPRT.3 | 2 +- .../docs/libcurl/opts/CURLOPT_FTP_USE_EPSV.3 | 2 +- .../docs/libcurl/opts/CURLOPT_FTP_USE_PRET.3 | 2 +- .../libcurl/opts/CURLOPT_GSSAPI_DELEGATION.3 | 2 +- .../opts/CURLOPT_HAPPY_EYEBALLS_TIMEOUT_MS.3 | 2 +- .../libcurl/opts/CURLOPT_HAPROXYPROTOCOL.3 | 58 + .../curl/docs/libcurl/opts/CURLOPT_HEADER.3 | 2 +- .../docs/libcurl/opts/CURLOPT_HEADERDATA.3 | 2 +- .../libcurl/opts/CURLOPT_HEADERFUNCTION.3 | 4 +- .../docs/libcurl/opts/CURLOPT_HEADEROPT.3 | 4 +- .../libcurl/opts/CURLOPT_HTTP200ALIASES.3 | 2 +- .../curl/docs/libcurl/opts/CURLOPT_HTTPAUTH.3 | 12 +- .../curl/docs/libcurl/opts/CURLOPT_HTTPGET.3 | 17 +- .../docs/libcurl/opts/CURLOPT_HTTPHEADER.3 | 2 +- .../curl/docs/libcurl/opts/CURLOPT_HTTPPOST.3 | 2 +- .../libcurl/opts/CURLOPT_HTTPPROXYTUNNEL.3 | 6 +- .../opts/CURLOPT_HTTP_CONTENT_DECODING.3 | 2 +- .../opts/CURLOPT_HTTP_TRANSFER_DECODING.3 | 2 +- .../docs/libcurl/opts/CURLOPT_HTTP_VERSION.3 | 4 +- .../opts/CURLOPT_IGNORE_CONTENT_LENGTH.3 | 2 +- .../docs/libcurl/opts/CURLOPT_INFILESIZE.3 | 2 +- .../libcurl/opts/CURLOPT_INFILESIZE_LARGE.3 | 2 +- .../docs/libcurl/opts/CURLOPT_INTERFACE.3 | 7 +- .../libcurl/opts/CURLOPT_INTERLEAVEDATA.3 | 2 +- .../libcurl/opts/CURLOPT_INTERLEAVEFUNCTION.3 | 2 +- .../docs/libcurl/opts/CURLOPT_IOCTLDATA.3 | 2 +- .../docs/libcurl/opts/CURLOPT_IOCTLFUNCTION.3 | 4 +- .../docs/libcurl/opts/CURLOPT_IPRESOLVE.3 | 2 +- .../docs/libcurl/opts/CURLOPT_ISSUERCERT.3 | 2 +- .../opts/CURLOPT_KEEP_SENDING_ON_ERROR.3 | 2 +- .../docs/libcurl/opts/CURLOPT_KEYPASSWD.3 | 2 +- .../curl/docs/libcurl/opts/CURLOPT_KRBLEVEL.3 | 2 +- .../docs/libcurl/opts/CURLOPT_LOCALPORT.3 | 2 +- .../libcurl/opts/CURLOPT_LOCALPORTRANGE.3 | 2 +- .../docs/libcurl/opts/CURLOPT_LOGIN_OPTIONS.3 | 2 +- .../libcurl/opts/CURLOPT_LOW_SPEED_LIMIT.3 | 2 +- .../libcurl/opts/CURLOPT_LOW_SPEED_TIME.3 | 2 +- .../docs/libcurl/opts/CURLOPT_MAIL_AUTH.3 | 2 +- .../docs/libcurl/opts/CURLOPT_MAIL_FROM.3 | 2 +- .../docs/libcurl/opts/CURLOPT_MAIL_RCPT.3 | 2 +- .../docs/libcurl/opts/CURLOPT_MAXCONNECTS.3 | 2 +- .../docs/libcurl/opts/CURLOPT_MAXFILESIZE.3 | 2 +- .../libcurl/opts/CURLOPT_MAXFILESIZE_LARGE.3 | 2 +- .../docs/libcurl/opts/CURLOPT_MAXREDIRS.3 | 2 +- .../opts/CURLOPT_MAX_RECV_SPEED_LARGE.3 | 2 +- .../opts/CURLOPT_MAX_SEND_SPEED_LARGE.3 | 2 +- .../curl/docs/libcurl/opts/CURLOPT_MIMEPOST.3 | 2 +- vendor/curl/docs/libcurl/opts/CURLOPT_NETRC.3 | 4 +- .../docs/libcurl/opts/CURLOPT_NETRC_FILE.3 | 2 +- .../opts/CURLOPT_NEW_DIRECTORY_PERMS.3 | 2 +- .../libcurl/opts/CURLOPT_NEW_FILE_PERMS.3 | 2 +- .../curl/docs/libcurl/opts/CURLOPT_NOBODY.3 | 2 +- .../docs/libcurl/opts/CURLOPT_NOPROGRESS.3 | 2 +- .../curl/docs/libcurl/opts/CURLOPT_NOPROXY.3 | 2 +- .../curl/docs/libcurl/opts/CURLOPT_NOSIGNAL.3 | 2 +- .../libcurl/opts/CURLOPT_OPENSOCKETDATA.3 | 2 +- .../libcurl/opts/CURLOPT_OPENSOCKETFUNCTION.3 | 2 +- .../curl/docs/libcurl/opts/CURLOPT_PASSWORD.3 | 2 +- .../docs/libcurl/opts/CURLOPT_PATH_AS_IS.3 | 4 +- .../libcurl/opts/CURLOPT_PINNEDPUBLICKEY.3 | 2 +- .../curl/docs/libcurl/opts/CURLOPT_PIPEWAIT.3 | 2 +- vendor/curl/docs/libcurl/opts/CURLOPT_PORT.3 | 2 +- vendor/curl/docs/libcurl/opts/CURLOPT_POST.3 | 12 +- .../docs/libcurl/opts/CURLOPT_POSTFIELDS.3 | 8 +- .../docs/libcurl/opts/CURLOPT_POSTFIELDSIZE.3 | 2 +- .../opts/CURLOPT_POSTFIELDSIZE_LARGE.3 | 2 +- .../docs/libcurl/opts/CURLOPT_POSTQUOTE.3 | 2 +- .../docs/libcurl/opts/CURLOPT_POSTREDIR.3 | 4 +- .../curl/docs/libcurl/opts/CURLOPT_PREQUOTE.3 | 2 +- .../docs/libcurl/opts/CURLOPT_PRE_PROXY.3 | 2 +- .../curl/docs/libcurl/opts/CURLOPT_PRIVATE.3 | 2 +- .../docs/libcurl/opts/CURLOPT_PROGRESSDATA.3 | 2 +- .../libcurl/opts/CURLOPT_PROGRESSFUNCTION.3 | 2 +- .../docs/libcurl/opts/CURLOPT_PROTOCOLS.3 | 2 +- vendor/curl/docs/libcurl/opts/CURLOPT_PROXY.3 | 4 +- .../docs/libcurl/opts/CURLOPT_PROXYAUTH.3 | 2 +- .../docs/libcurl/opts/CURLOPT_PROXYHEADER.3 | 2 +- .../docs/libcurl/opts/CURLOPT_PROXYPASSWORD.3 | 2 +- .../docs/libcurl/opts/CURLOPT_PROXYPORT.3 | 2 +- .../docs/libcurl/opts/CURLOPT_PROXYTYPE.3 | 2 +- .../docs/libcurl/opts/CURLOPT_PROXYUSERNAME.3 | 2 +- .../docs/libcurl/opts/CURLOPT_PROXYUSERPWD.3 | 2 +- .../docs/libcurl/opts/CURLOPT_PROXY_CAINFO.3 | 6 +- .../docs/libcurl/opts/CURLOPT_PROXY_CAPATH.3 | 4 +- .../docs/libcurl/opts/CURLOPT_PROXY_CRLFILE.3 | 4 +- .../libcurl/opts/CURLOPT_PROXY_KEYPASSWD.3 | 4 +- .../opts/CURLOPT_PROXY_PINNEDPUBLICKEY.3 | 2 +- .../libcurl/opts/CURLOPT_PROXY_SERVICE_NAME.3 | 2 +- .../docs/libcurl/opts/CURLOPT_PROXY_SSLCERT.3 | 4 +- .../libcurl/opts/CURLOPT_PROXY_SSLCERTTYPE.3 | 4 +- .../docs/libcurl/opts/CURLOPT_PROXY_SSLKEY.3 | 2 +- .../libcurl/opts/CURLOPT_PROXY_SSLKEYTYPE.3 | 4 +- .../libcurl/opts/CURLOPT_PROXY_SSLVERSION.3 | 2 +- .../opts/CURLOPT_PROXY_SSL_CIPHER_LIST.3 | 2 +- .../libcurl/opts/CURLOPT_PROXY_SSL_OPTIONS.3 | 2 +- .../opts/CURLOPT_PROXY_SSL_VERIFYHOST.3 | 8 +- .../opts/CURLOPT_PROXY_SSL_VERIFYPEER.3 | 2 +- .../opts/CURLOPT_PROXY_TLS13_CIPHERS.3 | 64 + .../opts/CURLOPT_PROXY_TLSAUTH_PASSWORD.3 | 2 +- .../libcurl/opts/CURLOPT_PROXY_TLSAUTH_TYPE.3 | 2 +- .../opts/CURLOPT_PROXY_TLSAUTH_USERNAME.3 | 2 +- .../opts/CURLOPT_PROXY_TRANSFER_MODE.3 | 4 +- vendor/curl/docs/libcurl/opts/CURLOPT_PUT.3 | 4 +- vendor/curl/docs/libcurl/opts/CURLOPT_QUOTE.3 | 4 +- .../docs/libcurl/opts/CURLOPT_RANDOM_FILE.3 | 2 +- vendor/curl/docs/libcurl/opts/CURLOPT_RANGE.3 | 2 +- .../curl/docs/libcurl/opts/CURLOPT_READDATA.3 | 2 +- .../docs/libcurl/opts/CURLOPT_READFUNCTION.3 | 2 +- .../libcurl/opts/CURLOPT_REDIR_PROTOCOLS.3 | 2 +- .../curl/docs/libcurl/opts/CURLOPT_REFERER.3 | 2 +- .../libcurl/opts/CURLOPT_REQUEST_TARGET.3 | 2 +- .../curl/docs/libcurl/opts/CURLOPT_RESOLVE.3 | 7 +- .../opts/CURLOPT_RESOLVER_START_DATA.3 | 2 +- .../opts/CURLOPT_RESOLVER_START_FUNCTION.3 | 2 +- .../docs/libcurl/opts/CURLOPT_RESUME_FROM.3 | 2 +- .../libcurl/opts/CURLOPT_RESUME_FROM_LARGE.3 | 2 +- .../libcurl/opts/CURLOPT_RTSP_CLIENT_CSEQ.3 | 4 +- .../docs/libcurl/opts/CURLOPT_RTSP_REQUEST.3 | 10 +- .../libcurl/opts/CURLOPT_RTSP_SERVER_CSEQ.3 | 2 +- .../libcurl/opts/CURLOPT_RTSP_SESSION_ID.3 | 2 +- .../libcurl/opts/CURLOPT_RTSP_STREAM_URI.3 | 2 +- .../libcurl/opts/CURLOPT_RTSP_TRANSPORT.3 | 2 +- .../curl/docs/libcurl/opts/CURLOPT_SASL_IR.3 | 2 +- .../curl/docs/libcurl/opts/CURLOPT_SEEKDATA.3 | 2 +- .../docs/libcurl/opts/CURLOPT_SEEKFUNCTION.3 | 4 +- .../docs/libcurl/opts/CURLOPT_SERVICE_NAME.3 | 2 +- vendor/curl/docs/libcurl/opts/CURLOPT_SHARE.3 | 2 +- .../docs/libcurl/opts/CURLOPT_SOCKOPTDATA.3 | 2 +- .../libcurl/opts/CURLOPT_SOCKOPTFUNCTION.3 | 2 +- .../docs/libcurl/opts/CURLOPT_SOCKS5_AUTH.3 | 2 +- .../libcurl/opts/CURLOPT_SOCKS5_GSSAPI_NEC.3 | 2 +- .../opts/CURLOPT_SOCKS5_GSSAPI_SERVICE.3 | 2 +- .../libcurl/opts/CURLOPT_SSH_AUTH_TYPES.3 | 2 +- .../libcurl/opts/CURLOPT_SSH_COMPRESSION.3 | 2 +- .../opts/CURLOPT_SSH_HOST_PUBLIC_KEY_MD5.3 | 2 +- .../docs/libcurl/opts/CURLOPT_SSH_KEYDATA.3 | 2 +- .../libcurl/opts/CURLOPT_SSH_KEYFUNCTION.3 | 2 +- .../libcurl/opts/CURLOPT_SSH_KNOWNHOSTS.3 | 2 +- .../opts/CURLOPT_SSH_PRIVATE_KEYFILE.3 | 2 +- .../libcurl/opts/CURLOPT_SSH_PUBLIC_KEYFILE.3 | 2 +- .../curl/docs/libcurl/opts/CURLOPT_SSLCERT.3 | 13 +- .../docs/libcurl/opts/CURLOPT_SSLCERTTYPE.3 | 2 +- .../docs/libcurl/opts/CURLOPT_SSLENGINE.3 | 2 +- .../libcurl/opts/CURLOPT_SSLENGINE_DEFAULT.3 | 2 +- .../curl/docs/libcurl/opts/CURLOPT_SSLKEY.3 | 2 +- .../docs/libcurl/opts/CURLOPT_SSLKEYTYPE.3 | 2 +- .../docs/libcurl/opts/CURLOPT_SSLVERSION.3 | 44 +- .../libcurl/opts/CURLOPT_SSL_CIPHER_LIST.3 | 2 +- .../docs/libcurl/opts/CURLOPT_SSL_CTX_DATA.3 | 2 +- .../libcurl/opts/CURLOPT_SSL_CTX_FUNCTION.3 | 4 +- .../libcurl/opts/CURLOPT_SSL_ENABLE_ALPN.3 | 2 +- .../libcurl/opts/CURLOPT_SSL_ENABLE_NPN.3 | 2 +- .../libcurl/opts/CURLOPT_SSL_FALSESTART.3 | 2 +- .../docs/libcurl/opts/CURLOPT_SSL_OPTIONS.3 | 2 +- .../opts/CURLOPT_SSL_SESSIONID_CACHE.3 | 2 +- .../libcurl/opts/CURLOPT_SSL_VERIFYHOST.3 | 2 +- .../libcurl/opts/CURLOPT_SSL_VERIFYPEER.3 | 14 +- .../libcurl/opts/CURLOPT_SSL_VERIFYSTATUS.3 | 2 +- .../curl/docs/libcurl/opts/CURLOPT_STDERR.3 | 2 +- .../libcurl/opts/CURLOPT_STREAM_DEPENDS.3 | 2 +- .../libcurl/opts/CURLOPT_STREAM_DEPENDS_E.3 | 4 +- .../docs/libcurl/opts/CURLOPT_STREAM_WEIGHT.3 | 4 +- .../opts/CURLOPT_SUPPRESS_CONNECT_HEADERS.3 | 2 +- .../docs/libcurl/opts/CURLOPT_TCP_FASTOPEN.3 | 2 +- .../docs/libcurl/opts/CURLOPT_TCP_KEEPALIVE.3 | 2 +- .../docs/libcurl/opts/CURLOPT_TCP_KEEPIDLE.3 | 2 +- .../docs/libcurl/opts/CURLOPT_TCP_KEEPINTVL.3 | 2 +- .../docs/libcurl/opts/CURLOPT_TCP_NODELAY.3 | 2 +- .../docs/libcurl/opts/CURLOPT_TELNETOPTIONS.3 | 2 +- .../docs/libcurl/opts/CURLOPT_TFTP_BLKSIZE.3 | 2 +- .../libcurl/opts/CURLOPT_TFTP_NO_OPTIONS.3 | 2 +- .../docs/libcurl/opts/CURLOPT_TIMECONDITION.3 | 2 +- .../curl/docs/libcurl/opts/CURLOPT_TIMEOUT.3 | 2 +- .../docs/libcurl/opts/CURLOPT_TIMEOUT_MS.3 | 2 +- .../docs/libcurl/opts/CURLOPT_TIMEVALUE.3 | 2 +- .../libcurl/opts/CURLOPT_TIMEVALUE_LARGE.3 | 2 +- .../docs/libcurl/opts/CURLOPT_TLS13_CIPHERS.3 | 63 + .../libcurl/opts/CURLOPT_TLSAUTH_PASSWORD.3 | 2 +- .../docs/libcurl/opts/CURLOPT_TLSAUTH_TYPE.3 | 2 +- .../libcurl/opts/CURLOPT_TLSAUTH_USERNAME.3 | 2 +- .../docs/libcurl/opts/CURLOPT_TRANSFERTEXT.3 | 2 +- .../libcurl/opts/CURLOPT_TRANSFER_ENCODING.3 | 2 +- .../libcurl/opts/CURLOPT_UNIX_SOCKET_PATH.3 | 4 +- .../libcurl/opts/CURLOPT_UNRESTRICTED_AUTH.3 | 2 +- .../curl/docs/libcurl/opts/CURLOPT_UPLOAD.3 | 4 +- vendor/curl/docs/libcurl/opts/CURLOPT_URL.3 | 16 +- .../docs/libcurl/opts/CURLOPT_USERAGENT.3 | 2 +- .../curl/docs/libcurl/opts/CURLOPT_USERNAME.3 | 2 +- .../curl/docs/libcurl/opts/CURLOPT_USERPWD.3 | 2 +- .../curl/docs/libcurl/opts/CURLOPT_USE_SSL.3 | 2 +- .../curl/docs/libcurl/opts/CURLOPT_VERBOSE.3 | 2 +- .../docs/libcurl/opts/CURLOPT_WILDCARDMATCH.3 | 6 +- .../docs/libcurl/opts/CURLOPT_WRITEDATA.3 | 2 +- .../docs/libcurl/opts/CURLOPT_WRITEFUNCTION.3 | 2 +- .../docs/libcurl/opts/CURLOPT_XFERINFODATA.3 | 2 +- .../libcurl/opts/CURLOPT_XFERINFOFUNCTION.3 | 2 +- .../libcurl/opts/CURLOPT_XOAUTH2_BEARER.3 | 10 +- vendor/curl/docs/libcurl/opts/Makefile.in | 14 + vendor/curl/docs/libcurl/opts/Makefile.inc | 12 + vendor/curl/docs/libcurl/symbols-in-versions | 20 +- vendor/curl/include/Makefile.in | 2 + vendor/curl/include/README | 19 +- vendor/curl/include/curl/Makefile.in | 2 + vendor/curl/include/curl/curl.h | 28 +- vendor/curl/include/curl/curlver.h | 8 +- vendor/curl/include/curl/system.h | 24 +- vendor/curl/include/curl/typecheck-gcc.h | 2 +- vendor/curl/lib/CMakeLists.txt | 7 - vendor/curl/lib/Makefile.am | 4 +- vendor/curl/lib/Makefile.b32 | 185 - vendor/curl/lib/Makefile.in | 65 +- vendor/curl/lib/Makefile.inc | 8 +- vendor/curl/lib/Makefile.netware | 4 +- vendor/curl/lib/asyn-ares.c | 19 +- vendor/curl/lib/asyn-thread.c | 73 +- vendor/curl/lib/base64.c | 3 +- vendor/curl/lib/checksrc.pl | 28 +- vendor/curl/lib/config-linux.h | 968 -- vendor/curl/lib/conncache.c | 37 +- vendor/curl/lib/conncache.h | 4 +- vendor/curl/lib/connect.c | 12 +- vendor/curl/lib/content_encoding.c | 17 +- vendor/curl/lib/cookie.c | 313 +- vendor/curl/lib/cookie.h | 8 +- vendor/curl/lib/curl_addrinfo.c | 7 +- vendor/curl/lib/curl_config.h.cmake | 9 + vendor/curl/lib/curl_config.h.in | 62 +- vendor/curl/lib/curl_ctype.c | 11 + vendor/curl/lib/curl_ctype.h | 33 + vendor/curl/lib/curl_fnmatch.c | 43 +- vendor/curl/lib/curl_memrchr.c | 19 +- vendor/curl/lib/curl_ntlm_core.c | 15 +- vendor/curl/lib/curl_path.h | 5 +- vendor/curl/lib/curl_sasl.c | 17 +- vendor/curl/lib/curl_setup.h | 36 +- vendor/curl/lib/dict.c | 6 +- vendor/curl/lib/easy.c | 38 +- vendor/curl/lib/escape.c | 6 +- vendor/curl/lib/file.c | 8 +- vendor/curl/lib/fileinfo.c | 7 +- vendor/curl/lib/fileinfo.h | 5 +- vendor/curl/lib/formdata.c | 5 +- vendor/curl/lib/ftp.c | 104 +- vendor/curl/lib/ftp.h | 4 +- vendor/curl/lib/ftplistparser.c | 28 +- vendor/curl/lib/getinfo.c | 22 + vendor/curl/lib/hash.c | 17 +- vendor/curl/lib/hmac.c | 4 +- vendor/curl/lib/hostcheck.c | 2 +- vendor/curl/lib/hostip.c | 108 +- vendor/curl/lib/hostip.h | 13 +- vendor/curl/lib/hostip6.c | 35 +- vendor/curl/lib/http.c | 163 +- vendor/curl/lib/http.h | 10 +- vendor/curl/lib/http2.c | 141 +- vendor/curl/lib/http_chunks.c | 15 +- vendor/curl/lib/http_negotiate.c | 2 +- vendor/curl/lib/http_ntlm.c | 14 +- vendor/curl/lib/http_proxy.c | 10 +- vendor/curl/lib/imap.c | 16 +- vendor/curl/lib/inet_ntop.c | 2 +- vendor/curl/lib/ldap.c | 9 - vendor/curl/lib/libcurl.plist | 6 +- vendor/curl/lib/md5.c | 9 +- vendor/curl/lib/memdebug.h | 9 +- vendor/curl/lib/mime.c | 53 +- vendor/curl/lib/mk-ca-bundle.pl | 7 +- vendor/curl/lib/multi.c | 163 +- vendor/curl/lib/multihandle.h | 8 +- vendor/curl/lib/multiif.h | 5 +- vendor/curl/lib/netrc.c | 4 +- vendor/curl/lib/nwlib.c | 4 +- vendor/curl/lib/openldap.c | 23 +- vendor/curl/lib/parsedate.c | 1 + vendor/curl/lib/pingpong.c | 15 +- vendor/curl/lib/pipeline.c | 3 +- vendor/curl/lib/pop3.c | 4 +- vendor/curl/lib/progress.c | 113 +- vendor/curl/lib/progress.h | 14 +- vendor/curl/lib/psl.c | 111 + vendor/curl/lib/psl.h | 47 + vendor/curl/lib/rand.c | 2 +- vendor/curl/lib/rtsp.c | 9 +- vendor/curl/lib/security.c | 4 +- vendor/curl/lib/select.c | 8 +- vendor/curl/lib/sendf.c | 48 +- vendor/curl/lib/sendf.h | 5 +- vendor/curl/lib/setopt.c | 70 +- vendor/curl/lib/sha256.c | 12 +- vendor/curl/lib/share.c | 11 +- vendor/curl/lib/share.h | 6 +- vendor/curl/lib/smb.c | 14 +- vendor/curl/lib/smtp.c | 5 +- vendor/curl/lib/socks.c | 8 +- vendor/curl/lib/splay.c | 3 +- vendor/curl/lib/ssh-libssh.c | 30 +- vendor/curl/lib/ssh.c | 87 +- vendor/curl/lib/strtoofft.c | 2 - vendor/curl/lib/telnet.c | 54 +- vendor/curl/lib/tftp.c | 25 +- vendor/curl/lib/timeval.c | 4 +- vendor/curl/lib/transfer.c | 63 +- vendor/curl/lib/url.c | 154 +- vendor/curl/lib/urldata.h | 56 +- vendor/curl/lib/vauth/cleartext.c | 14 +- vendor/curl/lib/vauth/digest.c | 6 +- vendor/curl/lib/vauth/krb5_sspi.c | 10 +- vendor/curl/lib/vauth/ntlm.c | 12 +- vendor/curl/lib/vauth/ntlm.h | 8 +- vendor/curl/lib/vauth/ntlm_sspi.c | 20 +- vendor/curl/lib/vauth/spnego_sspi.c | 10 +- vendor/curl/lib/vauth/vauth.c | 6 +- vendor/curl/lib/vauth/vauth.h | 2 + vendor/curl/lib/version.c | 6 +- vendor/curl/lib/vtls/axtls.c | 15 +- vendor/curl/lib/vtls/cyassl.c | 21 +- vendor/curl/lib/vtls/darwinssl.c | 34 +- vendor/curl/lib/vtls/gskit.c | 42 +- vendor/curl/lib/vtls/gtls.c | 22 +- vendor/curl/lib/vtls/mbedtls.c | 21 +- vendor/curl/lib/vtls/nss.c | 26 +- vendor/curl/lib/vtls/openssl.c | 306 +- vendor/curl/lib/vtls/polarssl.c | 16 +- vendor/curl/lib/vtls/schannel.c | 560 +- vendor/curl/lib/vtls/schannel.h | 74 + vendor/curl/lib/vtls/schannel_verify.c | 557 + vendor/curl/lib/vtls/vtls.c | 33 +- vendor/curl/lib/vtls/vtls.h | 26 +- vendor/curl/lib/warnless.h | 7 +- vendor/curl/lib/wildcard.c | 20 +- vendor/curl/lib/wildcard.h | 8 +- vendor/curl/lib/x509asn1.c | 4 +- vendor/curl/ltmain.sh | 552 +- vendor/curl/m4/ax_compile_check_sizeof.m4 | 115 + vendor/curl/m4/curl-compilers.m4 | 28 +- vendor/curl/m4/curl-confopts.m4 | 42 +- vendor/curl/m4/curl-functions.m4 | 19 +- vendor/curl/maketgz | 56 +- vendor/curl/packages/AIX/Makefile.in | 2 + vendor/curl/packages/AIX/RPM/Makefile.in | 2 + vendor/curl/packages/DOS/README | 2 +- vendor/curl/packages/EPM/Makefile.in | 2 + vendor/curl/packages/Linux/Makefile.in | 2 + vendor/curl/packages/Linux/RPM/Makefile.in | 2 + vendor/curl/packages/Makefile.in | 2 + vendor/curl/packages/OS400/README.OS400 | 8 +- vendor/curl/packages/OS400/ccsidcurl.c | 79 + vendor/curl/packages/OS400/ccsidcurl.h | 20 +- vendor/curl/packages/OS400/curl.inc.in | 182 +- vendor/curl/packages/OS400/os400sys.c | 150 +- vendor/curl/packages/Solaris/Makefile.in | 2 + vendor/curl/packages/Win32/Makefile.in | 2 + vendor/curl/packages/Win32/cygwin/Makefile.in | 2 + vendor/curl/packages/vms/Makefile.in | 2 + .../packages/vms/build_gnv_curl_pcsi_desc.com | 2 +- .../packages/vms/setup_gnv_curl_build.com | 2 +- vendor/curl/scripts/Makefile.am | 2 + vendor/curl/scripts/Makefile.in | 4 + vendor/curl/src/CMakeLists.txt | 4 - vendor/curl/src/Makefile.am | 4 +- vendor/curl/src/Makefile.b32 | 154 - vendor/curl/src/Makefile.in | 6 +- vendor/curl/src/Makefile.m32 | 4 +- vendor/curl/src/Makefile.netware | 4 +- vendor/curl/src/curl.rc | 50 +- vendor/curl/src/tool_cb_dbg.c | 14 +- vendor/curl/src/tool_cb_hdr.c | 63 +- vendor/curl/src/tool_cb_hdr.h | 4 +- vendor/curl/src/tool_cb_prg.c | 12 +- vendor/curl/src/tool_cb_wrt.c | 13 +- vendor/curl/src/tool_cb_wrt.h | 4 +- vendor/curl/src/tool_cfgable.h | 7 +- vendor/curl/src/tool_doswin.c | 11 +- vendor/curl/src/tool_doswin.h | 1 + vendor/curl/src/tool_formparse.c | 14 +- vendor/curl/src/tool_getparam.c | 42 +- vendor/curl/src/tool_help.c | 20 +- vendor/curl/src/tool_hugehelp.c | 11996 ++++++++-------- vendor/curl/src/tool_libinfo.c | 2 +- vendor/curl/src/tool_main.c | 3 +- vendor/curl/src/tool_metalink.c | 13 +- vendor/curl/src/tool_msgs.c | 2 +- vendor/curl/src/tool_operate.c | 119 +- vendor/curl/src/tool_paramhlp.c | 10 +- vendor/curl/src/tool_parsecfg.c | 8 +- vendor/curl/src/tool_urlglob.c | 4 +- vendor/curl/src/tool_version.h | 2 +- vendor/curl/src/tool_writeout.c | 4 +- vendor/curl/tests/FILEFORMAT | 8 +- vendor/curl/tests/Makefile.am | 4 +- vendor/curl/tests/Makefile.in | 6 +- vendor/curl/tests/certs/Makefile.am | 29 +- vendor/curl/tests/certs/Makefile.in | 31 +- .../certs/Server-localhost-firstSAN-sv.crl | 13 + .../certs/Server-localhost-firstSAN-sv.crt | 80 + .../certs/Server-localhost-firstSAN-sv.csr | 11 + .../certs/Server-localhost-firstSAN-sv.der | Bin 0 -> 862 bytes .../certs/Server-localhost-firstSAN-sv.dhp | 0 .../certs/Server-localhost-firstSAN-sv.key | 15 + .../certs/Server-localhost-firstSAN-sv.pem | 120 + .../Server-localhost-firstSAN-sv.pub.der | Bin 0 -> 162 bytes .../Server-localhost-firstSAN-sv.pub.pem | 6 + .../certs/Server-localhost-lastSAN-sv.crl | 14 + .../certs/Server-localhost-lastSAN-sv.crt | 80 + .../certs/Server-localhost-lastSAN-sv.csr | 11 + .../certs/Server-localhost-lastSAN-sv.der | Bin 0 -> 862 bytes .../certs/Server-localhost-lastSAN-sv.dhp | 0 .../certs/Server-localhost-lastSAN-sv.key | 15 + .../certs/Server-localhost-lastSAN-sv.pem | 120 + .../certs/Server-localhost-lastSAN-sv.pub.der | Bin 0 -> 162 bytes .../certs/Server-localhost-lastSAN-sv.pub.pem | 6 + vendor/curl/tests/certs/scripts/Makefile.in | 2 + vendor/curl/tests/data/DISABLED | 2 - vendor/curl/tests/data/Makefile.in | 18 +- vendor/curl/tests/data/Makefile.inc | 16 +- vendor/curl/tests/data/test1026 | 3 + vendor/curl/tests/data/test1108 | 2 +- vendor/curl/tests/data/test1116 | 2 + vendor/curl/tests/data/test1136 | 2 +- vendor/curl/tests/data/test1148 | 11 +- vendor/curl/tests/data/test1155 | 54 + vendor/curl/tests/data/test1156 | 70 + vendor/curl/tests/data/test1164 | 52 + vendor/curl/tests/data/test1208 | 1 + vendor/curl/tests/data/test1209 | 2 +- vendor/curl/tests/data/test1319 | 3 - vendor/curl/tests/data/test1321 | 3 - vendor/curl/tests/data/test1400 | 1 - vendor/curl/tests/data/test1401 | 1 - vendor/curl/tests/data/test1402 | 1 - vendor/curl/tests/data/test1403 | 1 - vendor/curl/tests/data/test1404 | 1 - vendor/curl/tests/data/test1405 | 1 - vendor/curl/tests/data/test1406 | 1 - vendor/curl/tests/data/test1407 | 1 - vendor/curl/tests/data/test1417 | 1 + vendor/curl/tests/data/test1420 | 1 - vendor/curl/tests/data/test1455 | 59 + vendor/curl/tests/data/test1456 | 59 + vendor/curl/tests/data/test155 | 4 +- vendor/curl/tests/data/test1553 | 4 +- vendor/curl/tests/data/test1557 | 36 + vendor/curl/tests/data/test1590 | 54 + vendor/curl/tests/data/test1608 | 26 + vendor/curl/tests/data/test1609 | 26 + vendor/curl/tests/data/test2010 | 4 +- vendor/curl/tests/data/test2072 | 20 +- vendor/curl/tests/data/test2074 | 57 + vendor/curl/tests/data/test2075 | 34 + vendor/curl/tests/data/test266 | 1 + vendor/curl/tests/data/test3000 | 57 + vendor/curl/tests/data/test3001 | 57 + vendor/curl/tests/data/test46 | 28 +- vendor/curl/tests/data/test851 | 2 +- vendor/curl/tests/data/test92 | 14 + vendor/curl/tests/libtest/CMakeLists.txt | 12 +- vendor/curl/tests/libtest/Makefile.am | 7 +- vendor/curl/tests/libtest/Makefile.in | 1218 +- vendor/curl/tests/libtest/Makefile.inc | 13 +- vendor/curl/tests/libtest/lib1156.c | 162 + vendor/curl/tests/libtest/lib1502.c | 12 +- vendor/curl/tests/libtest/lib1509.c | 2 +- vendor/curl/tests/libtest/lib1521.c | 2571 ---- vendor/curl/tests/libtest/lib1535.c | 2 +- vendor/curl/tests/libtest/lib1536.c | 2 +- vendor/curl/tests/libtest/lib1537.c | 15 +- vendor/curl/tests/libtest/lib1554.c | 3 +- vendor/curl/tests/libtest/lib1557.c | 62 + vendor/curl/tests/libtest/lib1900.c | 8 +- vendor/curl/tests/libtest/lib500.c | 50 +- vendor/curl/tests/libtest/lib506.c | 2 +- vendor/curl/tests/libtest/lib512.c | 6 +- vendor/curl/tests/libtest/lib517.c | 1 + vendor/curl/tests/libtest/lib544.c | 2 +- vendor/curl/tests/libtest/lib552.c | 8 +- vendor/curl/tests/libtest/lib556.c | 2 +- vendor/curl/tests/libtest/lib579.c | 3 +- vendor/curl/tests/libtest/lib586.c | 2 +- vendor/curl/tests/libtest/lib650.c | 4 +- vendor/curl/tests/libtest/lib652.c | 4 +- vendor/curl/tests/libtest/stub_gssapi.c | 54 +- vendor/curl/tests/libtest/testtrace.c | 8 +- vendor/curl/tests/runtests.1 | 2 +- vendor/curl/tests/runtests.pl | 21 +- vendor/curl/tests/server/CMakeLists.txt | 6 - vendor/curl/tests/server/Makefile.in | 2 + vendor/curl/tests/server/fake_ntlm.c | 2 +- vendor/curl/tests/server/getpart.c | 2 +- vendor/curl/tests/server/rtspd.c | 26 +- vendor/curl/tests/server/sockfilt.c | 37 +- vendor/curl/tests/server/sws.c | 13 +- vendor/curl/tests/server/testpart.c | 6 +- vendor/curl/tests/server/tftpd.c | 16 +- vendor/curl/tests/server/util.c | 5 +- vendor/curl/tests/testcurl.1 | 2 +- vendor/curl/tests/testcurl.pl | 2 +- vendor/curl/tests/unit/Makefile.in | 100 +- vendor/curl/tests/unit/Makefile.inc | 9 +- vendor/curl/tests/unit/README | 4 +- vendor/curl/tests/unit/unit1300.c | 2 +- vendor/curl/tests/unit/unit1303.c | 2 +- vendor/curl/tests/unit/unit1307.c | 113 +- vendor/curl/tests/unit/unit1309.c | 29 +- vendor/curl/tests/unit/unit1395.c | 4 +- vendor/curl/tests/unit/unit1604.c | 4 +- vendor/curl/tests/unit/unit1607.c | 10 +- vendor/curl/tests/unit/unit1608.c | 70 + vendor/curl/tests/unit/unit1609.c | 214 + 810 files changed, 22925 insertions(+), 20305 deletions(-) create mode 100644 vendor/curl/docs/DEPRECATE.md create mode 100644 vendor/curl/docs/GOVERNANCE.md rename vendor/curl/docs/{RELEASE-PROCEDURE => RELEASE-PROCEDURE.md} (92%) create mode 100644 vendor/curl/docs/examples/crawler.c delete mode 100644 vendor/curl/docs/libcurl/index.html create mode 100644 vendor/curl/docs/libcurl/opts/CURLINFO_APPCONNECT_TIME_T.3 create mode 100644 vendor/curl/docs/libcurl/opts/CURLINFO_CONNECT_TIME_T.3 create mode 100644 vendor/curl/docs/libcurl/opts/CURLINFO_NAMELOOKUP_TIME_T.3 create mode 100644 vendor/curl/docs/libcurl/opts/CURLINFO_PRETRANSFER_TIME_T.3 create mode 100644 vendor/curl/docs/libcurl/opts/CURLINFO_REDIRECT_TIME_T.3 create mode 100644 vendor/curl/docs/libcurl/opts/CURLINFO_STARTTRANSFER_TIME_T.3 create mode 100644 vendor/curl/docs/libcurl/opts/CURLINFO_TOTAL_TIME_T.3 create mode 100644 vendor/curl/docs/libcurl/opts/CURLOPT_DISALLOW_USERNAME_IN_URL.3 create mode 100644 vendor/curl/docs/libcurl/opts/CURLOPT_DNS_SHUFFLE_ADDRESSES.3 create mode 100644 vendor/curl/docs/libcurl/opts/CURLOPT_HAPROXYPROTOCOL.3 create mode 100644 vendor/curl/docs/libcurl/opts/CURLOPT_PROXY_TLS13_CIPHERS.3 create mode 100644 vendor/curl/docs/libcurl/opts/CURLOPT_TLS13_CIPHERS.3 delete mode 100644 vendor/curl/lib/Makefile.b32 delete mode 100644 vendor/curl/lib/config-linux.h create mode 100644 vendor/curl/lib/psl.c create mode 100644 vendor/curl/lib/psl.h create mode 100644 vendor/curl/lib/vtls/schannel_verify.c create mode 100644 vendor/curl/m4/ax_compile_check_sizeof.m4 delete mode 100644 vendor/curl/src/Makefile.b32 create mode 100644 vendor/curl/tests/certs/Server-localhost-firstSAN-sv.crl create mode 100644 vendor/curl/tests/certs/Server-localhost-firstSAN-sv.crt create mode 100644 vendor/curl/tests/certs/Server-localhost-firstSAN-sv.csr create mode 100644 vendor/curl/tests/certs/Server-localhost-firstSAN-sv.der create mode 100644 vendor/curl/tests/certs/Server-localhost-firstSAN-sv.dhp create mode 100644 vendor/curl/tests/certs/Server-localhost-firstSAN-sv.key create mode 100644 vendor/curl/tests/certs/Server-localhost-firstSAN-sv.pem create mode 100644 vendor/curl/tests/certs/Server-localhost-firstSAN-sv.pub.der create mode 100644 vendor/curl/tests/certs/Server-localhost-firstSAN-sv.pub.pem create mode 100644 vendor/curl/tests/certs/Server-localhost-lastSAN-sv.crl create mode 100644 vendor/curl/tests/certs/Server-localhost-lastSAN-sv.crt create mode 100644 vendor/curl/tests/certs/Server-localhost-lastSAN-sv.csr create mode 100644 vendor/curl/tests/certs/Server-localhost-lastSAN-sv.der create mode 100644 vendor/curl/tests/certs/Server-localhost-lastSAN-sv.dhp create mode 100644 vendor/curl/tests/certs/Server-localhost-lastSAN-sv.key create mode 100644 vendor/curl/tests/certs/Server-localhost-lastSAN-sv.pem create mode 100644 vendor/curl/tests/certs/Server-localhost-lastSAN-sv.pub.der create mode 100644 vendor/curl/tests/certs/Server-localhost-lastSAN-sv.pub.pem create mode 100644 vendor/curl/tests/data/test1155 create mode 100644 vendor/curl/tests/data/test1156 create mode 100644 vendor/curl/tests/data/test1164 create mode 100644 vendor/curl/tests/data/test1455 create mode 100644 vendor/curl/tests/data/test1456 create mode 100644 vendor/curl/tests/data/test1557 create mode 100644 vendor/curl/tests/data/test1590 create mode 100644 vendor/curl/tests/data/test1608 create mode 100644 vendor/curl/tests/data/test1609 create mode 100644 vendor/curl/tests/data/test2074 create mode 100644 vendor/curl/tests/data/test2075 create mode 100644 vendor/curl/tests/data/test3000 create mode 100644 vendor/curl/tests/data/test3001 create mode 100644 vendor/curl/tests/libtest/lib1156.c delete mode 100644 vendor/curl/tests/libtest/lib1521.c create mode 100644 vendor/curl/tests/libtest/lib1557.c create mode 100644 vendor/curl/tests/unit/unit1608.c create mode 100644 vendor/curl/tests/unit/unit1609.c diff --git a/vendor/curl/CHANGES b/vendor/curl/CHANGES index dce9c1779d..bb92d3a45d 100644 --- a/vendor/curl/CHANGES +++ b/vendor/curl/CHANGES @@ -6,6965 +6,7266 @@ Changelog -Version 7.59.0 (13 Mar 2018) +Version 7.61.0 (11 Jul 2018) -Daniel Stenberg (13 Mar 2018) -- release: 7.59.0 +Daniel Stenberg (11 Jul 2018) +- release: 7.61.0 -Kamil Dudka (13 Mar 2018) -- tests/.../spnego.py: fix identifier typo - - Detected by Coverity Analysis: - - Error: IDENTIFIER_TYPO: - curl-7.58.0/tests/python_dependencies/impacket/spnego.py:229: identifier_typo: Using "SuportedMech" appears to be a typo: - * Identifier "SuportedMech" is only known to be referenced here, or in copies of this code. - * Identifier "SupportedMech" is referenced elsewhere at least 4 times. - curl-7.58.0/tests/python_dependencies/impacket/smbserver.py:2651: identifier_use: Example 1: Using identifier "SupportedMech". - curl-7.58.0/tests/python_dependencies/impacket/smbserver.py:2308: identifier_use: Example 2: Using identifier "SupportedMech". - curl-7.58.0/tests/python_dependencies/impacket/spnego.py:252: identifier_use: Example 3: Using identifier "SupportedMech" (2 total uses in this function). - curl-7.58.0/tests/python_dependencies/impacket/spnego.py:229: remediation: Should identifier "SuportedMech" be replaced by "SupportedMech"? +- TODO: Configurable loading of OpenSSL configuration file - Closes #2379 + Closes #2724 -Daniel Stenberg (13 Mar 2018) -- CURLOPT_COOKIEFILE.3: "-" as file name means stdin +- post303.d: clarify that this is an RFC violation - Reported-by: Aron Bergman - Bug: https://curl.haxx.se/mail/lib-2018-03/0049.html + ... and not the other way around, which this previously said. - [ci skip] + Reported-by: Vasiliy Faronov + Fixes #2723 + Closes #2726 -- Revert "hostip: fix compiler warning: 'variable set but not used'" - - This reverts commit a577059f92fc65bd6b81717f0737f897a5b34248. - - The assignment really needs to be there or we risk working with an - uninitialized pointer. +- [Ruslan Baratov brought this change] -Michael Kaufmann (12 Mar 2018) -- limit-rate: fix compiler warning + CMake: remove redundant and old end-of-block syntax - follow-up to 72a0f62 + Reviewed-by: Jakub Zakrzewski + Closes #2715 -Viktor Szakats (12 Mar 2018) -- checksrc.pl: add -i and -m options +Jay Satiro (9 Jul 2018) +- lib/curl_setup.h: remove unicode character - To sync it with changes made for the libssh2 project. - Also cleanup some whitespace. - -- curl-openssl.m4: fix spelling [ci skip] + Follow-up to 82ce416. + + Ref: https://github.com/curl/curl/commit/8272ec5#commitcomment-29646818 -- FAQ: fix a broken URL [ci skip] +Daniel Stenberg (9 Jul 2018) +- lib/curl_setup.h: remove unicode bom from 8272ec50f02 -Daniel Stenberg (12 Mar 2018) -- http2: mark the connection for close on GOAWAY +Marcel Raad (9 Jul 2018) +- schannel: fix -Wsign-compare warning - ... don't consider it an error! + MinGW warns: + /lib/vtls/schannel.c:219:64: warning: signed and unsigned type in + conditional expression [-Wsign-compare] - Assisted-by: Jay Satiro - Reported-by: Łukasz Domeradzki - Fixes #2365 - Closes #2375 - -- credits: Viktor prefers without accent + Fix this by casting the ptrdiff_t to size_t as we know it's positive. + + Closes https://github.com/curl/curl/pull/2721 -- openldap: white space changes, fixed up the copyright years +- schannel: workaround for wrong function signature in w32api + + Original MinGW's w32api has CryptHashData's second parameter as BYTE * + instead of const BYTE *. + + Closes https://github.com/curl/curl/pull/2721 -- openldap: check ldap_get_attribute_ber() results for NULL before using +- schannel: make more cipher options conditional - CVE-2018-1000121 - Reported-by: Dario Weisser - Bug: https://curl.haxx.se/docs/adv_2018-97a2.html + They are not defined in the original MinGW's . + + Closes https://github.com/curl/curl/pull/2721 -- FTP: reject path components with control codes +- curl_setup: include before - Refuse to operate when given path components featuring byte values lower - than 32. + Otherwise, only part of it gets pulled in through on + original MinGW. - Previously, inserting a %00 sequence early in the directory part when - using the 'singlecwd' ftp method could make curl write a zero byte - outside of the allocated buffer. + Fixes https://github.com/curl/curl/issues/2361 + Closes https://github.com/curl/curl/pull/2721 + +- examples: fix -Wformat warnings - Test case 340 verifies. + When size_t is not a typedef for unsigned long (as usually the case on + Windows), GCC emits -Wformat warnings when using lu and lx format + specifiers with size_t. Silence them with explicit casts to + unsigned long. - CVE-2018-1000120 - Reported-by: Duy Phan Thanh - Bug: https://curl.haxx.se/docs/adv_2018-9cd6.html + Closes https://github.com/curl/curl/pull/2721 -- readwrite: make sure excess reads don't go beyond buffer end +Daniel Stenberg (9 Jul 2018) +- smtp: use the upload buffer size for scratch buffer malloc - CVE-2018-1000122 - Bug: https://curl.haxx.se/docs/adv_2018-b047.html + ... not the read buffer size, as that can be set smaller and thus cause + a buffer overflow! CVE-2018-0500 - Detected by OSS-fuzz + Reported-by: Peter Wu + Bug: https://curl.haxx.se/docs/adv_2018-70a2.html -- BUGS: updated link to security process +- [Dave Reisner brought this change] -- limit-rate: kick in even before "limit" data has been received + scripts: include _curl as part of CLEANFILES - ... and make sure to avoid integer overflows with really large values. + Closes #2718 + +- [Nick Zitzmann brought this change] + + darwinssl: allow High Sierra users to build the code using GCC - Reported-by: 刘佩东 - Fixes #2371 - Closes #2373 + ...but GCC users lose out on TLS 1.3 support, since we can't weak-link + enumeration constants. + + Fixes #2656 + Closes #2703 -- docs/SECURITY.md -> docs/SECURITY-PROCESS.md +- [Ruslan Baratov brought this change] -- SECURITY.md: call it the security process + CMake: Remove unused 'output_var' from 'collect_true' + + Variable 'output_var' is not used and can be removed. + Function 'collect_true' renamed to 'count_true'. -Michael Kaufmann (11 Mar 2018) -- Curl_range: fix FTP-only and FILE-only builds +- [Ruslan Baratov brought this change] + + CMake: Remove unused functions - follow-up to e04417d + Closes #2711 -- hostip: fix compiler warning: 'variable set but not used' +- KNOWN_BUGS: Stick to same family over SOCKS proxy -Daniel Stenberg (11 Mar 2018) -- HTTP: allow "header;" to replace an internal header with a blank one +- libssh: goto DISCONNECT state on error, not SSH_SESSION_FREE - Reported-by: Michael Kaufmann - Fixes #2357 - Closes #2362 + ... because otherwise not everything get closed down correctly. + + Fixes #2708 + Closes #2712 -- http2: verbose output new MAX_CONCURRENT_STREAMS values +- libssh: include line number in state change debug messages - ... as it is interesting for many users. + Closes #2713 -- SECURITY: distros' max embargo time is 14 days now +- KNOWN_BUGS: Borland support is dropped, AIX problem is too old -Patrick Monnerat (8 Mar 2018) -- curl tool: accept --compressed also if Brotli is enabled and zlib is not. +- [Jeroen Ooms brought this change] -Daniel Stenberg (5 Mar 2018) -- THANKS + mailmap: remove duplicates, fixup full names + example/crawler.c: simple crawler based on libxml2 + + Closes #2706 -- [sergii.kavunenko brought this change] +- RELEASE-NOTES: synced - WolfSSL: adding TLSv1.3 - - Closes #2349 +- DEPRECATE: include year when specifying date -- RELEASE-NOTES/THANKS: synced with cc1d4c505 +- DEPRECATE: linkified -- [Richard Alcock brought this change] +- DEPRECATE: mention the PR that disabled axTLS - winbuild: prefer documented zlib library names +- docs/DEPRECATE.md: spelling and minor formatting + +- DEPRECATE: new doc describing planned item removals - Check for existence of import and static libraries with documented names - and use them if they do. Fallback to previous names. + Closes #2704 + +- [Gisle Vanem brought this change] + + telnet: fix clang warnings - According to - https://github.com/madler/zlib/blob/master/win32/README-WIN32.txt on - Windows, the names of the import library is "zdll.lib" and static - library is "zlib.lib". + telnet.c(1401,28): warning: cast from function call of type 'int' to + non-matching type 'HANDLE' (aka 'void *') [-Wbad-function-cast] - closes #2354 + Fixes #2696 + Closes #2700 -Marcel Raad (4 Mar 2018) -- krb5: use nondeprecated functions - - gss_seal/gss_unseal have been deprecated in favor of - gss_wrap/gss_unwrap with GSS-API v2 from January 1997 [1]. The first - version of "The Kerberos Version 5 GSS-API Mechanism" [2] from June - 1996 already says "GSS_Wrap() (formerly GSS_Seal())" and - "GSS_Unwrap() (formerly GSS_Unseal())". +- docs: fix missed option name markups + +- [Gaurav Malhotra brought this change] + + openssl: Remove some dead code - Use the nondeprecated functions to avoid deprecation warnings. + Closes #2698 + +- openssl: make the requested TLS version the *minimum* wanted - [1] https://tools.ietf.org/html/rfc2078 - [2] https://tools.ietf.org/html/rfc1964 + The code treated the set version as the *exact* version to require in + the TLS handshake, which is not what other TLS backends do and probably + not what most people expect either. - Closes https://github.com/curl/curl/pull/2356 + Reported-by: Andreas Olsson + Assisted-by: Gaurav Malhotra + Fixes #2691 + Closes #2694 -Daniel Stenberg (4 Mar 2018) -- curl.1: mention how to add numerical IP addresses in NO_PROXY +- RELEASE-NOTES: synced -- CURLOPT_NOPROXY.3: mention how to list numerical IPv6 addresses +- openssl: allow TLS 1.3 by default + + Reported-by: Andreas Olsson + Fixes #2692 + Closes #2693 -- NO_PROXY: fix for IPv6 numericals in the URL +- [Adrian Peniak brought this change] + + CURLINFO_TLS_SSL_PTR.3: improve the example - Added test 1265 that verifies. + The previous example was a little bit confusing, because SSL* structure + (or other "in use" SSL connection pointer) is not accessible after the + transfer is completed, therefore working with the raw TLS library + specific pointer needs to be done during transfer. - Reported-by: steelman on github - Fixes #2353 - Closes #2355 + Closes #2690 -- build: get CFLAGS (including -werror) used for examples and tests +- travis: add a build using the synchronous name resolver - ... so that the CI and more detects compiler warnings/errors properly! + ... since default uses the threaded one and we test the c-ares build + already. - Closes #2337 + Closes #2689 -Marcel Raad (3 Mar 2018) -- curl_ctype: fix macro redefinition warnings +- configure: remove CURL_CHECK_NI_WITHSCOPEID too - On MinGW and Cygwin, GCC and clang have been complaining about macro - redefinitions since 4272a0b0fc49a1ac0ceab5c4a365c9f6ab8bf8e2. Fix this - by undefining the macros before redefining them as suggested in - https://github.com/curl/curl/pull/2269. + Since it isn't used either and requires the getnameinfo check - Suggested-by: Daniel Stenberg + Follow-up to 0aeca41702d2 -Dan Fandrich (2 Mar 2018) -- unit1307: proper cleanup on OOM to fix torture tests +- getnameinfo: not used + + Closes #2687 -Marcel Raad (28 Feb 2018) -- unit1309: fix warning on Windows x64 +- easy_perform: use *multi_timeout() to get wait times - When targeting x64, MinGW-w64 complains about conversions between - 32-bit long and 64-bit pointers. Fix this by reusing the - GNUTLS_POINTER_TO_SOCKET_CAST / GNUTLS_SOCKET_TO_POINTER_CAST logic - from gtls.c, moving it to warnless.h as CURLX_POINTER_TO_INTEGER_CAST / - CURLX_INTEGER_TO_POINTER_CAST. + ... and trim the threaded Curl_resolver_getsock() to return zero + millisecond wait times during the first three milliseconds so that + localhost or names in the OS resolver cache gets detected and used + faster. - Closes https://github.com/curl/curl/pull/2341 + Closes #2685 -- travis: update compiler versions +Max Dymond (27 Jun 2018) +- configure: Add dependent libraries after crypto - Update clang to version 3.9 and GCC to version 6. + The linker is pretty dumb and processes things left to right, keeping a + tally of symbols it hasn't resolved yet. So, we need -ldl to appear + after -lcrypto otherwise the linker won't find the dl functions. - Closes https://github.com/curl/curl/pull/2345 + Closes #2684 -Daniel Stenberg (26 Feb 2018) -- docs/MANUAL: formfind.pl is not accessible on the site anymore - - Fixes #2342 +Daniel Stenberg (27 Jun 2018) +- GOVERNANCE: linkify, changed some titles -Jay Satiro (24 Feb 2018) -- curl-openssl.m4: Fix version check for OpenSSL 1.1.1 - - - Add OpenSSL 1.1.1 to the header/library version lists. +- GOVERNANCE: add maintainer details/duties + +- url: check Curl_conncache_add_conn return code - - Detect OpenSSL 1.1.1 library using its function ERR_clear_last_mark, - which was added in that version. + ... it was previously unchecked in two places and thus errors could + remain undetected and cause trouble. - Prior to this change an erroneous header/library mismatch was caused by - lack of OpenSSL 1.1.1 detection. I tested using openssl-1.1.1-pre1. + Closes #2681 -Viktor Szakats (23 Feb 2018) -- lib655: silence compiler warning - - Closes https://github.com/curl/curl/pull/2335 +- include/README: remove "hacking" advice, not the right place -- spelling fixes +- RELEASE-NOTES: synced + +- CURLOPT_SSL_VERIFYPEER.3: fix syntax mistake - Detected using the `codespell` tool. + Follow-up to b6a16afa0aa5 + +- netrc: use a larger buffer - Also contains one URL protocol upgrade. + ... to work with longer passwords etc. Grow it from a 256 to a 4096 + bytes buffer. - Closes https://github.com/curl/curl/pull/2334 + Reported-by: Dario Nieuwenhuis + Fixes #2676 + Closes #2680 -Daniel Stenberg (24 Feb 2018) -- projects/README: remove reference to dead IDN link/package - - Reported-by: Stefan Kanthak and Rod Widdowson +- [Patrick Schlangen brought this change] + + CURLOPT_SSL_VERIFYPEER.3: Add performance note - Fixes #2325 + Closes #2673 -Jay Satiro (23 Feb 2018) -- [Rod Widdowson brought this change] +- [Javier Blazquez brought this change] - winbuild: Use macros for the names of some build utilities + multi: fix crash due to dangling entry in connect-pending list - - Add macros to the top of the makefile for rc and mt utilities so that - it is easier to change their locations. + Fixes #2677 + Closes #2679 + +- ConnectionExists: make sure conn->data is set when "taking" a connection - Bug: https://curl.haxx.se/mail/lib-2018-02/0075.html - Reported-by: Stefan Kanthak + Follow-up to 2c15693. - Closes https://github.com/curl/curl/issues/2329 + Bug #2674 + Closes #2675 -Daniel Stenberg (23 Feb 2018) -- TODO: remove "sha-256 digest", added in 2b5b37cb9109e7c2 +- [Kevin R. Bulgrien brought this change] -- curl_share_setopt.3: connection cache is shared within multi handles + system.h: fix for gcc on 32 bit OpenServer + + Bug: https://curl.haxx.se/mail/lib-2018-06/0100.html -Jay Satiro (22 Feb 2018) -- [Rod Widdowson brought this change] +- [Raphael Gozzo brought this change] - winbuild: Use CALL to run batch scripts + cmake: allow multiple SSL backends - Co-authored-by: Stefan Kanthak + This will make possible to select the SSL backend (using + curl_global_sslset()) even when the libcurl is built using CMake - Closes https://github.com/curl/curl/issues/2330 - Closes https://github.com/curl/curl/pull/2331 + Closes #2665 -Patrick Monnerat (22 Feb 2018) -- os400: add curl_resolver_start_callback type to ILE/RPG binding - -Daniel Stenberg (22 Feb 2018) -- form.d: rephrased somewhat, added two example command lines +- url: fix dangling conn->data pointer + + By masking sure to use the *current* easy handle with extracted + connections from the cache, and make sure to NULLify the ->data pointer + when the connection is put into the cache to make this mistake easier to + detect in the future. + + Reported-by: Will Dietz + Fixes #2669 + Closes #2672 -Jay Satiro (21 Feb 2018) -- [Francisco Sedano brought this change] +- CURLOPT_INTERFACE.3: interface names not supported on Windows - url: Add option CURLOPT_RESOLVER_START_FUNCTION - - - Add new option CURLOPT_RESOLVER_START_FUNCTION to set a callback that - will be called every time before a new resolve request is started - (ie before a host is resolved) with a pointer to backend-specific - resolver data. Currently this is only useful for ares. +- travis: run more tests for coverage check - - Add new option CURLOPT_RESOLVER_START_DATA to set a user pointer to - pass to the resolver start callback. + ... run a few more tortured based and run all tests event-based. - Closes https://github.com/curl/curl/pull/2311 + Closes #2664 -- lib: CURLOPT_HAPPY_EYEBALLS_TIMEOUT => CURLOPT_HAPPY_EYEBALLS_TIMEOUT_MS +- multi: fix memory leak when stopped during name resolve - - In keeping with the naming of our other connect timeout options rename - CURLOPT_HAPPY_EYEBALLS_TIMEOUT to CURLOPT_HAPPY_EYEBALLS_TIMEOUT_MS. + When the application just started the transfer and then stops it while + the name resolve in the background thread hasn't completed, we need to + wait for the resolve to complete and then cleanup data accordingly. - This change adds the _MS suffix since the option expects milliseconds. - This is more intuitive for our users since other connect timeout options - that expect milliseconds use _MS such as CURLOPT_TIMEOUT_MS, - CURLOPT_CONNECTTIMEOUT_MS, CURLOPT_ACCEPTTIMEOUT_MS. + Enabled test 1553 again and added test 1590 to also check when the host + name resolves successfully. - The tool option already uses an -ms suffix, --happy-eyeballs-timeout-ms. + Detected by OSS-fuzz. + Closes #1968 + +Viktor Szakats (15 Jun 2018) +- maketgz: delete .bak files, fix indentation - Follow-up to 2427d94 which added the lib and tool option yesterday. + Ref: https://github.com/curl/curl/pull/2660 - Ref: https://github.com/curl/curl/pull/2260 + Closes https://github.com/curl/curl/pull/2662 -Patrick Monnerat (21 Feb 2018) -- sasl: prefer PLAIN mechanism over LOGIN +Daniel Stenberg (15 Jun 2018) +- runtests.pl: remove debug leftover from bb9a340c73f3 + +- curl-confopts.m4: fix typo from ed224f23d5beb - SASL PLAIN is a standard, LOGIN only a draft. The LOGIN draft says - PLAIN should be used instead if available. + Fixes my local configure to detect a custom installed c-ares without + pkgconfig. -Daniel Stenberg (21 Feb 2018) -- RELEASE-NOTES: synced with 2427d94c6 +- docs/RELEASE-PROCEDURE.md: renamed to use .md extension + + Closes #2663 -Jay Satiro (20 Feb 2018) -- [Anders Bakken brought this change] +- RELEASE-PROCEDURE: gpg sign the tags - url: Add option CURLOPT_HAPPY_EYEBALLS_TIMEOUT +- RELEASE-NOTES: synced + +- CURLOPT_HTTPAUTH.3: CURLAUTH_BEARER was added in 7.61.0 + +- [Mamta Upadhyay brought this change] + + maketgz: fix sed issues on OSX - - Add new option CURLOPT_HAPPY_EYEBALLS_TIMEOUT to set libcurl's happy - eyeball timeout value. + maketgz creates release tarballs and removes the -DEV string in curl + version (e.g. 7.58.0-DEV), else -DEV shows up on command line when curl + is run. maketgz works fine on linux but fails on OSX. Problem is with + the sed commands that use option -i without an extension. Maketgz + expects GNU sed instead of BSD and this simply won't work on OSX. Adding + a backup extension .bak after -i fixes this issue - - Add new optval macro CURL_HET_DEFAULT to represent the default happy - eyeballs timeout value (currently 200 ms). + Running the script as if on OSX gives this error: - - Add new tool option --happy-eyeballs-timeout-ms to expose - CURLOPT_HAPPY_EYEBALLS_TIMEOUT. The -ms suffix is used because the - other -timeout options in the tool expect seconds not milliseconds. + sed: -e: No such file or directory - Closes https://github.com/curl/curl/pull/2260 + Adding a .bak extension resolves it + + Closes #2660 -- hostip: fix 'potentially uninitialized variable' warning +- configure: enhance ability to detect/build with static openssl - Follow-up to 50d1b33. + Fix the -ldl and -ldl + -lpthread checks for OpenSSL, necessary for + building with static libs without pkg-config. - Caught by AppVeyor. - -Daniel Stenberg (20 Feb 2018) -- TODO: warning if curl version is not in sync with libcurl version - -Jay Satiro (20 Feb 2018) -- [Anders Bakken brought this change] + Reported-by: Marcel Raad + Fixes #2199 + Closes #2659 - CURLOPT_RESOLVE: Add support for multiple IP addresses per entry +- configure: use pkg-config for c-ares detection - This enables users to preresolve but still take advantage of happy - eyeballs and trying multiple addresses if some are not connecting. + First check if there's c-ares information given as pkg-config info and use + that as first preference. - Ref: https://github.com/curl/curl/pull/2260 + Reported-by: pszemus on github + Fixes #2203 + Closes #2658 -Daniel Stenberg (20 Feb 2018) -- [Sergio Borghese brought this change] +- GOVERNANCE.md: explains how this project is run + + Closes #2657 - examples/sftpuploadresume: resume upload via CURLOPT_APPEND +- KNOWN_BUGS: NTLM doen't support password with § character - URL: https://curl.haxx.se/mail/lib-2018-02/0072.html + Closes #2120 -- curl --version: show PSL if the run-time lib has it enabled +- KNOWN_BUGS: slow connect to localhost on Windows - ... not of the #define was set at build-time! + Closes #2281 -- TODO: "Support in-memory certs/ca certs/keys" +- [Matteo Bignotti brought this change] + + mk-ca-bundle.pl: make -u delete certdata.txt if found not changed - removed SSLKEYLOGFILE support (fixed) + certdata.txt should be deleted also when the process is interrupted by + "same certificate downloaded, exiting" - removed "consider SSL patches" (outdated) + The certdata.txt is currently kept on disk even if you give the -u + option - Closes #2310 - -- CURLOPT_HEADER.3: clarify problems with different data sizes + Closes #2655 -- test1556: verify >16KB headers to the header callback +- progress: remove a set of unused defines + + Reported-by: Peter Wu + Closes #2654 -- header callback: don't chop headers into smaller pieces +- TODO: "Option to refuse usernames in URLs" done - Reported-by: Guido Berhoerster - Fixes #2314 - Closes #2316 + Implemented by Björn in 946ce5b61f -- test1154: verify that long HTTP headers get rejected +- [Lyman Epp brought this change] -- http: fix the max header length detection logic + Curl_init_do: handle NULL connection pointer passed in - Previously, it would only check for max length if the existing alloc - buffer was to small to fit it, which often would make the header still - get used. + Closes #2653 + +- runtests: support variables in - Reported-by: Guido Berhoerster - Bug: https://curl.haxx.se/mail/lib-2018-02/0056.html + ... and make use of that to make 1455 work better without using a fixed + local port number. - Closes #2315 + Fixes #2649 + Closes #2650 -- CURLOPT_HEADERFUNCTION.3: fix typo from d939226813 +- Curl_debug: remove dead printhost code - Reported-by: Erik Johansson - Bug: https://github.com/curl/curl/commit/d9392268131c1b8d18dec3fa30e0bded833a5db7#commitcomment-27607495 - -- CURLOPT_HEADERFUNCTION.3: mention folded headers + The struct field is never set (since 5e0d9aea3) so remove the use of it + and remove the connectdata pointer from the prototype. + + Reported-by: Tejas + Bug: https://curl.haxx.se/mail/lib-2018-06/0054.html + Closes #2647 -- TODO: 1.1 Option to refuse usernames in URLs +Viktor Szakats (12 Jun 2018) +- schannel: avoid incompatible pointer warning - Also expanded the CURL_REFUSE_CLEARTEXT section with more ideas. + with clang-6.0: + ``` + vtls/schannel_verify.c: In function 'add_certs_to_store': + vtls/schannel_verify.c:212:30: warning: passing argument 11 of 'CryptQueryObject' from incompatible pointer type [-Wincompatible-pointer-types] + &cert_context)) { + ^ + In file included from /usr/share/mingw-w64/include/schannel.h:10:0, + from /usr/share/mingw-w64/include/schnlsp.h:9, + from vtls/schannel.h:29, + from vtls/schannel_verify.c:40: + /usr/share/mingw-w64/include/wincrypt.h:4437:26: note: expected 'const void **' but argument is of type 'CERT_CONTEXT ** {aka struct _CERT_CONTEXT **}' + WINIMPM WINBOOL WINAPI CryptQueryObject (DWORD dwObjectType, const void *pvObject, DWORD dwExpectedContentTypeFlags, DWORD dwExpectedFormatTypeFlags, DWORD dwFlags, + ^~~~~~~~~~~~~~~~ + ``` + Ref: https://msdn.microsoft.com/library/windows/desktop/aa380264 + + Closes https://github.com/curl/curl/pull/2648 -- TODO: 1.7 Support HTTP/2 for HTTP(S) proxies +Daniel Stenberg (12 Jun 2018) +- [Robert Prag brought this change] -- ssh: add two missing state names + schannel: support selecting ciphers - The list of state names (used in debug builds) was out of sync in - relation to the list of states (used in all builds). + Given the contstraints of SChannel, I'm exposing these as the algorithms + themselves instead; while replicating the ciphersuite as specified by + OpenSSL would have been preferable, I found no way in the SChannel API + to do so. - I now added an assert to make sure the sizes of the two lists match, to - aid in detecting this mistake better in the future. + To use this from the commandline, you need to pass the names of contants + defining the desired algorithms. For example, curl --ciphers + "CALG_SHA1:CALG_RSA_SIGN:CALG_RSA_KEYX:CALG_AES_128:CALG_DH_EPHEM" + https://github.com The specific names come from wincrypt.h - Regression since c92d2e14cf, shipped in 7.58.0. + Closes #2630 + +- [Bernhard M. Wiedemann brought this change] + + test 46: make test pass after 2025 - Reported-by: Somnath Kundu + shifting the expiry date to 2037 for now + to be before the possibly problematic year 2038 - Fixes #2312 - Closes #2313 + similar in spirit to commit e6293cf8764e9eecb + + Closes #2646 -- Revert "KNOWN_BUGS: 2.5 curl should not offer "ALPN: h2" when using https-proxy" +- [Marian Klymov brought this change] + + cppcheck: fix warnings - This reverts commit de9fac00c40db321d44fa6fbab6eb62ec4c83998. + - Get rid of variable that was generating false positive warning + (unitialized) - Reported-by: Jay Satiro - -Jay Satiro (15 Feb 2018) -- non-ascii: fix implicit declaration warning + - Fix issues in tests - Follow-up to b46cfbc. + - Reduce scope of several variables all over - Caught by Travis CI. + etc + + Closes #2631 -Daniel Stenberg (15 Feb 2018) -- travis: add build with iconv enabled +- openssl: assume engine support in 1.0.1 or later - ... to verify it builds and works fine. + Previously it was checked for in configure/cmake, but that would then + leave other build systems built without engine support. - Ref: https://curl.haxx.se/mail/lib-2017-09/0031.html + While engine support probably existed prior to 1.0.1, I decided to play + safe. If someone experience a problem with this, we can widen the + version check. - Closes #1872 + Fixes #2641 + Closes #2644 -- TODO: 18.18 retry on network is unreachable - - Closes #1603 +- RELEASE-NOTES: synced -- KNOWN_BUGS: 2.5 curl should not offer "ALPN: h2" when using https-proxy - - Closes #1254 +- RELEASE-PROCEDURE: update the release calendar for 2019 -Kamil Dudka (15 Feb 2018) -- nss: use PK11_CreateManagedGenericObject() if available - - ... so that the memory allocated by applications using libcurl does not - grow per each TLS connection. +- [Gisle Vanem brought this change] + + boringssl + schannel: undef X509_NAME in lib/schannel.h - Bug: https://bugzilla.redhat.com/1510247 + Fixes the build problem when both boringssl and schannel are enabled. - Closes #2297 + Fixes #2634 + Closes #2643 -Daniel Stenberg (15 Feb 2018) -- [Björn Stenberg brought this change] +- [Vladimir Kotal brought this change] - TODO fixed: Detect when called from within callbacks + mk-ca-bundle.pl: leave certificate name untouched in decode() - Closes #2302 + Closes #2640 -- BINDINGS: fix curb link (and remove ruby-curl-multi) +- [Rikard Falkeborn brought this change] + + tests/libtests/Makefile.am: Add lib1521.c to CLEANFILES - Reported-by: Klaus Stein + This removes the generated lib1521.c when running make clean. + + Closes #2633 -- curl_gssapi: make sure this file too uses our *printf() +- [Rikard Falkeborn brought this change] -- libcurl-security.3: separate file:// section + tests/libtest: Add lib1521 to nodist_SOURCES - ... just to make it more apparent. Even if it repeats - some pieces of information. - -- libcurl-security.3: the http://192.168.0.1/my_router_config case + Since 467da3af0, lib1521.c is generated instead of checked in. According + to the commit message, the intention was to remove it from the tarball + as well. However, it is still present when running make dist. To remove + it, add it to nodist_lib1521_SOURCES. This also means there is no need + for the manually added dist-rule in the Makefile. - Mentioned-By: Rich Moore + Also update CMakelists.txt to handle the fact that we now may have + nodist_SOURCES. -- libcurl-security.3: mention the URL standards problems too +- [Stephan Mühlstrasser brought this change] -- libcurl-security.3: split out from libcurl-tutorial.3 + system.h: add support for IBM xlc C compiler - To make more accessible. + Added a section to system.h guarded with __xlc__ for the IBM xml C + compiler. Before this change the section titled 'generic "safe guess" on + old 32 bit style' was used, which resulted in a wrong definition of + CURL_TYPEOF_CURL_SOCKLEN_T, and for 64-bit also CURL_TYPEOF_CURL_OFF_T + was wrong. - Merged in some new language from "URLs are dangerous things" as discussed on - the mailing list a few days ago: + Compilation warnings fixed with this change: - Bug: https://curl.haxx.se/mail/lib-2018-02/0013.html + CC libcurl_la-ftp.lo + "ftp.c", line 290.55: 1506-280 (W) Function argument assignment between types "unsigned long* restrict" and "int*" is not allowed. + "ftp.c", line 293.48: 1506-280 (W) Function argument assignment between types "unsigned long* restrict" and "int*" is not allowed. + "ftp.c", line 1070.49: 1506-280 (W) Function argument assignment between types "unsigned long* restrict" and "int*" is not allowed. + "ftp.c", line 1154.53: 1506-280 (W) Function argument assignment between types "unsigned long* restrict" and "int*" is not allowed. + "ftp.c", line 1187.51: 1506-280 (W) Function argument assignment between types "unsigned long* restrict" and "int*" is not allowed. + CC libcurl_la-connect.lo + "connect.c", line 448.56: 1506-280 (W) Function argument assignment between types "unsigned long* restrict" and "int*" is not allowed. + "connect.c", line 516.66: 1506-280 (W) Function argument assignment between types "unsigned long* restrict" and "int*" is not allowed. + "connect.c", line 687.55: 1506-280 (W) Function argument assignment between types "unsigned long* restrict" and "int*" is not allowed. + "connect.c", line 696.55: 1506-280 (W) Function argument assignment between types "unsigned long* restrict" and "int*" is not allowed. + CC libcurl_la-tftp.lo + "tftp.c", line 1115.33: 1506-280 (W) Function argument assignment between types "unsigned long* restrict" and "int*" is not allowed. + + Closes #2637 -- RELEASE-NOTES: synced with e551910f8 +- cmdline-opts/cert-type.d: mention "p12" as a recognized type as well -Patrick Monnerat (13 Feb 2018) -- tests: new tests for http raw mode +Viktor Szakats (3 Jun 2018) +- spelling fixes - Test 319 checks proper raw mode data with non-chunked gzip - transfer-encoded server data. - Test 326 checks raw mode with chunked server data. + Detected using the `codespell` tool (version 1.13.0). - Bug: #2303 - Closes #2308 + Also secure and fix an URL. -Kamil Dudka (12 Feb 2018) -- tlsauthtype.d: works only if libcurl is built with TLS-SRP support +Daniel Stenberg (2 Jun 2018) +- axtls: follow-up spell fix of comment + +- axTLS: not considered fit for use - Bug: https://bugzilla.redhat.com/1542256 + URL: https://curl.haxx.se/mail/lib-2018-06/0000.html - Closes #2306 + This is step one. It adds #error statements that require source edits to + make curl build again if asked to use axTLS. At a later stage we might + remove the axTLS specific code completely. + + Closes #2628 -Patrick Monnerat (12 Feb 2018) -- smtp: fix processing of initial dot in data +- build: remove the Borland specific makefiles - RFC 5321 4.1.1.4 specifies the CRLF terminating the DATA command - should be taken into account when chasing the . end marker. - Thus a leading dot character in data is also subject to escaping. + According to the user survey 2018, not even one out of 670 users use + them. Nobody on the mailing list spoke up for them either. - Tests 911 and test server are adapted to this situation. - New tests 951 and 952 check proper handling of initial dot in data. + Closes #2629 + +- curl_addrinfo: use same #ifdef conditions in source as header - Closes #2304 + ... for curl_dofreeaddrinfo -Daniel Stenberg (12 Feb 2018) -- sha256: avoid redefine +- multi: remove a DEBUGF() + + ... it might call infof() with a NULL first argument that isn't harmful + but makes it not do anything. The infof() line is not very useful + anymore, it has served it purpose. Good riddance! + + Fixes #2627 -- [Douglas Mencken brought this change] +- [Alibek.Jorajev brought this change] - sha256: build with OpenSSL < 0.9.8 too + CURLOPT_RESOLVE: always purge old entry first - support for SHA-2 was introduced in OpenSSL 0.9.8 + If there's an existing entry using the selected name. - Closes #2305 - -- [Bruno Grasselli brought this change] + Closes #2622 - README: language fix +- fnmatch: use the system one if available - s/off/from + If configure detects fnmatch to be available, use that instead of our + custom one for FTP wildcard pattern matching. For standard compliance, + to reduce our footprint and to use already well tested and well + exercised code. - Closes #2300 + A POSIX fnmatch behaves slightly different than the internal function + for a few test patterns currently and the macOS one yet slightly + different. Test case 1307 is adjusted for these differences. + + Closes #2626 -Patrick Monnerat (12 Feb 2018) -- http_chunks: don't write chunks twice with CURLOPT_HTTP_TRANSFER_DECODING on +Patrick Monnerat (31 May 2018) +- os400: add new option in ILE/RPG binding - Bug: #2303 - Reported-By: Henry Roeland + Follow-up to commit 946ce5b -Daniel Stenberg (9 Feb 2018) -- get_posix_time: only check for overflows if they can happen! +Daniel Stenberg (31 May 2018) +- tests/libtest/.gitignore: follow-up fix to ignore lib5* too -Michael Kaufmann (9 Feb 2018) -- schannel: fix "no previous prototype" compiler warning +- KNOWN_BUGS: CURL_GLOBAL_SSL + + Closes #2276 -Jay Satiro (9 Feb 2018) -- [Mohammad AlSaleh brought this change] +- [Bernhard Walle brought this change] - content_encoding: Add "none" alias to "identity" + configure: check for declaration of getpwuid_r - Some servers return a "content-encoding" header with a non-standard - "none" value. + On our x86 Android toolchain, getpwuid_r is implemented but the header + is missing: - Add "none" as an alias to "identity" as a work-around, to avoid - unrecognised content encoding type errors. + netrc.c:81:7: error: implicit declaration of function 'getpwuid_r' [-Werror=implicit-function-declaration] - Signed-off-by: Mohammad AlSaleh + Unfortunately, the function is used in curl_ntlm_wb.c, too, so I moved + the prototype to curl_setup.h. - Closes https://github.com/curl/curl/pull/2298 - -Steve Holme (8 Feb 2018) -- build-openssl.bat: Follow up to 648679ab8e to suppress copy/move output + Signed-off-by: Bernhard Walle + Closes #2609 -- build-openssl.bat: Fixed incorrect move if destination build folder exists +- [Rikard Falkeborn brought this change] -Michael Kaufmann (8 Feb 2018) -- schannel: fix compiler warnings + tests: update .gitignore for libtests - Closes #2296 + Closes #2624 -Steve Holme (7 Feb 2018) -- curl_addrinfo.c: Allow Unix Domain Sockets to compile under Windows - - Windows 10.0.17061 SDK introduces support for Unix Domain Sockets. - Added the necessary include file to curl_addrinfo.c. - - Note: The SDK (which is considered beta) has to be installed, VS 2017 - project file has to be re-targeted for Windows 10.0.17061 and #define - enabled in config-win32.h. +- [Rikard Falkeborn brought this change] -Patrick Monnerat (7 Feb 2018) -- fnmatch: optimize processing of consecutive *s and ?s pattern characters + strictness: correct {infof, failf} format specifiers - Reported-By: Daniel Stenberg - Fixes #2291 - Closes #2293 + Closes #2623 -Steve Holme (6 Feb 2018) -- build-openssl.bat/build-wolfssl.bat: Build platform is optional +- [Björn Stenberg brought this change] + + option: disallow username in URL - Whilst the compiler parameter is mandatory, platform is optional as it - is automatically calculated by the :configure section. + Adds CURLOPT_DISALLOW_USERNAME_IN_URL and --disallow-username-in-url. Makes + libcurl reject URLs with a username in them. - This partially reverts commit 6d62d2c55d. + Closes #2340 -Daniel Stenberg (6 Feb 2018) -- [Patrick Schlangen brought this change] +- libcurl-security.3: improved layout for two rememdy lists - openssl: Don't add verify locations when verifypeer==0 +- libcurl-security.3: refer to URL instead of in-source markdown file + +Viktor Szakats (30 May 2018) +- curl.rc: embed manifest for correct Windows version detection - When peer verification is disabled, calling - SSL_CTX_load_verify_locations is not necessary. Only call it when - verification is enabled to save resources and increase performance. + * enable it in `src/Makefile.m32` + * enable it in `winbuild/MakefileBuild.vc` if a custom manifest is + _not_ enabled via the existing `EMBED_MANIFEST` option + * enable it for all Windows CMake builds (also disable the built-in + minimal manifest, added by CMake by default.) - Closes #2290 - -Steve Holme (5 Feb 2018) -- build-wolfssl.bat: Extend VC15 support to include Enterprise and Professional + For other build systems, add the `-DCURL_EMBED_MANIFEST` option to + the list of RC (Resource Compiler) flags to enable the manifest + included in `src/curl.rc`. This may require to disable whatever + automatic or other means in which way another manifest is added to + `curl.exe`. - ...and not just the Community Edition. - -- build-openssl.bat: Extend VC15 support to include Enterprise and Professional + Notice that Borland C doesn't support this method due to a + long-pending resource compiler bug. Watcom C may also not handle + it correctly when the `-zm` `wrc` option is used (this option may + be unnecessary though) and regardless of options in certain earlier + revisions of the 2.0 beta version. - ...and not just the Community Edition. + Closes https://github.com/curl/curl/pull/1221 + Fixes https://github.com/curl/curl/issues/2591 -Michael Kaufmann (5 Feb 2018) -- time-cond: fix reading the file modification time on Windows - - On Windows, stat() may adjust the unix file time by a daylight saving time - offset. Avoid this by calling GetFileTime() instead. +Patrick Monnerat (30 May 2018) +- os400: sync EBCDIC wrappers and ILE/RPG binding with latest options + +- os400: implement mime api EBCDIC wrappers - Fixes #2164 - Closes #2204 + Also sync ILE/RPG binding to define the new functions. -Daniel Stenberg (5 Feb 2018) -- formdata: use the mime-content type function +Daniel Stenberg (29 May 2018) +- setopt: add TLS 1.3 ciphersuites - Reduce code duplication by making Curl_mime_contenttype available and - used by the formdata function. This also makes the formdata function - recognize a set of more file extensions by default. + Adds CURLOPT_TLS13_CIPHERS and CURLOPT_PROXY_TLS13_CIPHERS. - PR #2280 brought this to my attention. + curl: added --tls13-ciphers and --proxy-tls13-ciphers - Closes #2282 + Fixes #2435 + Reported-by: zzq1015 on github + Closes #2607 -- getdate: return -1 for out of range +- configure: override AR_FLAGS to silence warning - ...as that's how the function is documented to work. + The automake default ar flags are 'cru', but the 'u' flag in there + causes warnings on many modern Linux distros. Removing 'u' may have a + minor performance impact on older distros but should not cause harm. - Reported-by: Michael Kaufmann - Bug found in an autobuild with 32 bit time_t + Explained on the automake mailing list already back in April 2015: - Closes #2278 + https://www.mail-archive.com/automake-patches@gnu.org/msg07705.html + + Reported-by: elephoenix on github + Fixes #2617 + Closes #2619 -- [Ben Greear brought this change] +Sergei Nikulov (29 May 2018) +- cmake: fixed comments in compile checks code - build: fix termios issue on android cross-compile +Daniel Stenberg (29 May 2018) +- INSTALL: LDFLAGS=-Wl,-R/usr/local/ssl/lib - Bug: https://curl.haxx.se/mail/lib-2018-01/0122.html - Signed-off-by: Ben Greear + ... the older description doesn't work + + Reported-by: Peter Varga + Fixes #2615 + Closes #2616 -- time_t-fixes: remove typecasts to 'long' for info.filetime +- [Will Dietz brought this change] + + KNOWN_BUGS: restore text regarding #2101. - They're now wrong. + This was added earlier but appears to have been removed accidentally. - Reported-by: Michael Kaufmann + AFAICT this is very much still an issue. - Closes #2277 - -- curl_setup: move the precautionary define of SIZEOF_TIME_T + ----- - ... up to before it may be used for the TIME_T_MAX/MIN logic. + I say "accidentally" because the text seems to have harmlessly snuck + into [1] (which makes no mention of it). [1] was later reverted for + unspecified reasons in [2], presumably because the mentioned issue was + fixed or invalid. - Reported-by: Michael Kaufmann - -- parsedate: s/#if/#ifdef + [1] de9fac00c40db321d44fa6fbab6eb62ec4c83998 + [2] 16d1f369403cbb04bd7b085eabbeebf159473fc2 - Reported-by: Michael Kaufmann - Bug: https://github.com/curl/curl/commit/1c39128d974666107fc6d9ea15f294036851f224#commitcomment-27246479 + Closes #2618 -Patrick Monnerat (31 Jan 2018) -- fnmatch: pattern syntax can no longer fail +- fnmatch: insist on escaped bracket to match - Whenever an expected pattern syntax rule cannot be matched, the - character starting the rule loses its special meaning and the parsing - is resumed: - - backslash at the end of pattern string matches itself. - - Error in [:keyword:] results in set containing :\[dekorwy. + A non-escaped bracket ([) is for a character group - as documented. It + will *not* match an individual bracket anymore. Test case 1307 updated + accordingly to match. - Unit test 1307 updated for this new situation. + Problem detected by OSS-Fuzz, although this fix is probably not a final + fix for the notorious timeout issues. - Closes #2273 + Bug: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=8525 + Closes #2614 -- fnmatch: accept an alphanum to be followed by a non-alphanum in char set +Patrick Monnerat (28 May 2018) +- psl: use latest psl and refresh it periodically - Also be more tolerant about set pattern syntax. - Update unit test 1307 accordingly. + The latest psl is cached in the multi or share handle. It is refreshed + before use after 72 hours. + New share lock CURL_LOCK_DATA_PSL controls the psl cache sharing. + If the latest psl is not available, the builtin psl is used. - Bug: https://curl.haxx.se/mail/lib-2018-01/0114.html + Reported-by: Yaakov Selkowitz + Fixes #2553 + Closes #2601 -- fnmatch: do not match the empty string with a character set +Daniel Stenberg (28 May 2018) +- [Fabrice Fontaine brought this change] -Jay Satiro (30 Jan 2018) -- build: fix windows build methods for curl_ctype.c + configure: fix ssh2 linking when built with a static mbedtls - - Fix winbuild and the VS project generator to treat curl_ctype.{c,h} as - curlx files since they are required by both src and lib. - - Follow-up to 4272a0b which added curl_ctype. - -Daniel Stenberg (30 Jan 2018) -- progress-bar.d: update to match implementation + The ssh2 pkg-config file could contain the following lines when build + with a static version of mbedtls: + Libs: -L${libdir} -lssh2 /xxx/libmbedcrypto.a + Libs.private: /xxx/libmbedcrypto.a - ... since commit 993dd5651a6 + This static mbedtls library must be used to correctly detect ssh2 + support and this library must be copied in libcurl.pc otherwise + compilation of any application (such as upmpdcli) with libcurl will fail + when trying to found mbedtls functions included in libssh2. So, replace + pkg-config --libs-only-l by pkg-config --libs. - Reported-by: Martin Dreher - Bug: https://github.com/curl/curl/pull/2242#issuecomment-361059228 + Fixes: + - http://autobuild.buildroot.net/results/43e24b22a77f616d6198c10435dcc23cc3b9088a - Closes #2271 + Signed-off-by: Fabrice Fontaine + Closes #2613 -- http2: set DEBUG_HTTP2 to enable more HTTP/2 logging - - ... instead of doing it unconditionally in debug builds. It cluttered up - the output a little too much. +- RELEASE-NOTES: synced -- [Max Dymond brought this change] +- [Bernhard Walle brought this change] - file: Check the return code from Curl_range and bail out on error + cmake: check for getpwuid_r + + The autotools-based build system does it, so we do it also in CMake. + + Bug: #2609 + Signed-off-by: Bernhard Walle -- [Max Dymond brought this change] +- cmdline-opts/gen.pl: warn if mutexes: or see-also: list non-existing options - Curl_range: add check to ensure "from <= to" +- [Frank Gevaerts brought this change] -- [Max Dymond brought this change] + curl.1: Fix cmdline-opts reference errors. + + --data, --form, and --ntlm were declared to be mutually exclusive with + non-existing options. --data and --form referred to --upload (which is + short for --upload-file and therefore did work, so this one was merely + a bit confusing), --ntlm referred to --negotiated instead of --negotiate. + + Closes #2612 - Curl_range: commonize FTP and FILE range handling +- [Frank Gevaerts brought this change] + + docs: fix cmdline-opts metadata headers case consistency. - Closes #2205 + Almost all headers start with an uppercase letter, but some didn't. -- RELEASE-NOTES: synced with 811beab9f +- mailmap: Max Savenkov -- curlver: next release will be 7.59.0 +Sergei Nikulov (28 May 2018) +- [Max Savenkov brought this change] -- [Michał Janiszewski brought this change] + Fix the test for fsetxattr and strerror_r tests in CMake to work without compiling - curl/curl.h: fix comment typo for CURLOPT_DNS_LOCAL_IP6 +Daniel Stenberg (27 May 2018) +- mailmap: a Richard Alcock fixup + +- [Richard Alcock brought this change] + + schannel: add failf calls for client certificate failures - Closes #2275 + Closes #2604 -- time: support > year 2038 time stamps for system with 32bit long +- [Richard Alcock brought this change] + + winbuild: In MakefileBuild.vc fix typo DISTDIR->DIRDIST - ... with the introduction of CURLOPT_TIMEVALUE_LARGE and - CURLINFO_FILETIME_T. + Change requirement from $(DISTDIR) to $(DIRDIST) - Fixes #2238 - Closes #2264 + closes #2603 -- curl_easy_reset: clear digest auth state +- [Richard Alcock brought this change] + + winbuild: only delete OUTFILE if it exists - Bug: https://curl.haxx.se/mail/lib-2018-01/0074.html - Reported-by: Ruurd Beerstra - Fixes #2255 - Closes #2272 + This removes the slightly annoying "Could not file LIBCURL_OBJS.inc" and + "Could not find CURL_OBJS.inc.inc" message when building into a clean + folder. + + closes #2602 -- [Adam Marcionek brought this change] +- [Alejandro R. Sedeño brought this change] - winbuild: make linker generate proper PDB + content_encoding: handle zlib versions too old for Z_BLOCK - Link.exe requires /DEBUG to properly generate a full pdb file on release - builds. + Fallback on Z_SYNC_FLUSH when Z_BLOCK is not available. - Closes #2274 + Fixes #2606 + Closes #2608 -- curl: add --proxy-pinnedpubkey +- multi: provide a socket to wait for in Curl_protocol_getsock - To verify a proxy's public key. For when using HTTPS proxies. + ... even when there's no protocol specific handler setup. - Fixes #2192 - Closes #2268 + Bug: https://curl.haxx.se/mail/lib-2018-05/0062.html + Reported-by: Sean Miller + Closes #2600 -- configure: set PATH_SEPARATOR to colon for PATH w/o separator - - The logic tries to figure out what the path separator in the $PATH - variable is, but if there's only one directory in the $PATH it - fails. This change make configure *guess* on colon instead of erroring - out, simply because that is probably the more common character. +- [Linus Lewandowski brought this change] + + httpauth: add support for Bearer tokens - PATH_SEPARATOR can always be set by the user to override the guessing. + Closes #2102 + +- TODO: CURLINFO_PAUSE_STATE - (tricky bug to reproduce, as in my case for example the configure script - requires binaries in more than one directory so passing in a PATH with a - single dir fails.) + Closes #2588 + +Sergei Nikulov (24 May 2018) +- cmake: set -d postfix for debug builds if not specified + using -DCMAKE_DEBUG_POSTFIX explicitly - Reported-by: Earnestly on github - Fixes #2202 - Closes #2265 + fixes #2121, obsoletes #2384 -- curl_ctype: private is*() type macros and functions +Daniel Stenberg (23 May 2018) +- configure: add basic test of --with-ssl prefix - ... since the libc provided one are locale dependent in a way we don't - want. Also, the "native" isalnum() (for example) works differently on - different platforms which caused test 1307 failures on macos only. + When given a prefix, the $PREFIX_OPENSSL/lib/openssl.pc or + $PREFIX_OPENSSL/include/openssl/ssl.h files must be present or cause an + error. Helps users detect when giving configure the wrong path. - Closes #2269 + Reported-by: Oleg Pudeyev + Assisted-by: Per Malmberg + Fixes #2580 -Marcel Raad (29 Jan 2018) -- build: open VC15 projects with VS 2017 +Patrick Monnerat (22 May 2018) +- http resume: skip body if http code 416 (range error) is ignored. - Previously, they were opened with Visual Studio 2015 by default, which - cannot build them. + This avoids appending error data to already existing good data. + + Test 92 is updated to match this change. + New test 1156 checks all combinations of --range/--resume, --fail, + Content-Range header and http status code 200/416. + + Fixes #1163 + Reported-By: Ithubg on github + Closes #2578 -Daniel Stenberg (29 Jan 2018) -- RELEASE-NOTES: synced with 094647fca +Daniel Stenberg (22 May 2018) +- tftp: make sure error is zero terminated before printfing it -- TODO: UTF-8 filenames in Content-Disposition +- configure: add missing m4/ax_compile_check_sizeof.m4 - Closes #1888 + follow-up to mistake in 6876ccf90b4 -- KNOWN_BUGS: DICT responses show the underlying protocol +Jay Satiro (22 May 2018) +- [Johannes Schindelin brought this change] + + schannel: make CAinfo parsing resilient to CR/LF - Closes #1809 + OpenSSL has supported --cacert for ages, always accepting LF-only line + endings ("Unix line endings") as well as CR/LF line endings ("Windows + line endings"). + + When we introduced support for --cacert also with Secure Channel (or in + cURL speak: "WinSSL"), we did not take care to support CR/LF line + endings, too, even if we are much more likely to receive input in that + form when using Windows. + + Let's fix that. + + Happily, CryptQueryObject(), the function we use to parse the ca-bundle, + accepts CR/LF input already, and the trailing LF before the END + CERTIFICATE marker catches naturally any CR/LF line ending, too. So all + we need to care about is the BEGIN CERTIFICATE marker. We do not + actually need to verify here that the line ending is CR/LF. Just + checking for a CR or an LF is really plenty enough. + + Signed-off-by: Johannes Schindelin + + Closes https://github.com/curl/curl/pull/2592 -Jay Satiro (27 Jan 2018) -- [Alessandro Ghedini brought this change] +Daniel Stenberg (22 May 2018) +- CURLOPT_ACCEPT_ENCODING.3: add brotli and clarify a bit - docs: fix typos in man pages +- RELEASE-NOTES: synced + +- KNOWN_BUGS: mention the -O with %-encoded file names - Closes https://github.com/curl/curl/pull/2266 + Closes #2573 -Patrick Monnerat (26 Jan 2018) -- lib555: drop text conversion and encode data as ascii codes +- checksrc: make sure sizeof() is used *with* parentheses - If CURL_DOES_CONVERSION is enabled, uploaded LFs are mapped to CRLFs, - giving a result that is different from what is expected. - This commit avoids using CURLOPT_TRANSFERTEXT and directly encodes data - to upload in ascii. + ... and unify the source code to adhere. - Bug: https://github.com/curl/curl/pull/1872 + Closes #2563 -Daniel Stenberg (26 Jan 2018) -- lib517: make variable static to avoid compiler warning +- curl: added --styled-output - ... with clang on macos + It is enabled by default, so --no-styled-output will switch off the + detection/use of bold headers. + + Closes #2538 -Patrick Monnerat (26 Jan 2018) -- lib544: sync ascii code data with textual data +- curl: show headers in bold - Data mismatch caused test 545 to fail when character encoding - conversion is enabled. + The feature is only enabled if the output is believed to be a tty. - Bug: https://github.com/curl/curl/pull/1872 + -J: There's some minor differences and improvements in -J handling, as + now J should work with -i and it actually creates a file first using the + initial name and then *renames* that to the one found in + Content-Disposition (if any). + + -i: only shows headers for HTTP transfers now (as documented). + Previously it would also show for pieces of the transfer that were HTTP + (for example when doing FTP over a HTTP proxy). + + -i: now shows trailers as well. Previously they were not shown at all. + + --libcurl: the CURLOPT_HEADER is no longer set, as the header output is + now done in the header callback. -Daniel Stenberg (25 Jan 2018) -- [Travis Burtrum brought this change] +- configure: compile-time SIZEOF checks + + ... instead of exeucting code to get the size. Removes the use of + LD_LIBRARY_PATH for this. + + Fixes #2586 + Closes #2589 + Reported-by: Bernhard Walle - GSKit: restore pinnedpubkey functionality +- configure: replace AC_TRY_RUN with CURL_RUN_IFELSE - inadvertently removed in 283babfaf8d8f3bab9d3c63cea94eb0b84e79c37 + ... and export LD_LIBRARY_PATH properly. This is a follow-up from + 2d4c215. - Closes #2263 + Fixes #2586 + Reported-by: Bernhard Walle -- [Dair Grant brought this change] +- docs: clarify CURLOPT_HTTPGET somewhat + + Reported-by: bsammon on github + Fixes #2590 - darwinssl: Don't import client certificates into Keychain on macOS +- curl_fnmatch: only allow two asterisks for matching - Closes #2085 + The previous limit of 5 can still end up in situation that takes a very + long time and consumes a lot of CPU. + + If there is still a rare use case for this, a user can provide their own + fnmatch callback for a version that allows a larger set of wildcards. + + This commit was triggered by yet another OSS-Fuzz timeout due to this. + Bug: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=8369 + + Closes #2587 -- configure: fix the check for unsigned time_t +- checksrc: fix too long line - Assign the time_t variable negative value and then check if it is - greater than zero, which will evaluate true for unsigned time_t but - false for signed time_t. + follow-up to e05ad5d -- parsedate: fix date parsing for systems with 32 bit long +- [Aleks brought this change] + + docs: mention HAproxy protocol "version 1" - Make curl_getdate() handle dates before 1970 as well (returning negative - values). + ...as there's also a version 2. - Make test 517 test dates for 64 bit time_t. + Closes #2579 + +- examples/progressfunc: make it build on older libcurls - This fixes bug (3) mentioned in #2238 + This example was changed in ce2140a8c1 to use the new microsecond based + getinfo option. This change makes it conditionally keep using the older + option so that the example still builds with older libcurl versions. - Closes #2250 + Closes #2584 -- [McDonough, Tim brought this change] +- stub_gssapi: fix numerous 'unused parameter' warnings + + follow-up to d9e92fd9fd1d - openssl: fix pinned public key build error in FIPS mode +- [Philip Prindeville brought this change] + + getinfo: add microsecond precise timers for various intervals - Here is a version that should work with all versions of openssl 0.9.7 - through 1.1.0. + Provide a set of new timers that return the time intervals using integer + number of microseconds instead of floats. - Links to the docs: - https://www.openssl.org/docs/man1.0.2/crypto/EVP_DigestInit.html - https://www.openssl.org/docs/man1.1.0/crypto/EVP_DigestInit.html + The new info names are as following: - At the very bottom of the 1.1.0 documentation there is a history section - that states, " stack allocated EVP_MD_CTXs are no longer supported." + CURLINFO_APPCONNECT_TIME_T + CURLINFO_CONNECT_TIME_T + CURLINFO_NAMELOOKUP_TIME_T + CURLINFO_PRETRANSFER_TIME_T + CURLINFO_REDIRECT_TIME_T + CURLINFO_STARTTRANSFER_TIME_T + CURLINFO_TOTAL_TIME_T - If EVP_MD_CTX_create and EVP_MD_CTX_destroy are not defined, then a - simple mapping can be used as described here: - https://wiki.openssl.org/index.php/Talk:OpenSSL_1.1.0_Changes + Closes #2495 + +- openssl: acknowledge --tls-max for default version too - Closes #2258 + ... previously it only used the max setting if a TLS version was also + explicitly asked for. + + Reported-by: byte_bucket + Fixes #2571 + Closes #2572 -- [Travis Burtrum brought this change] +- bump: start working on the pending 7.61.0 - SChannel/WinSSL: Replace Curl_none_md5sum with Curl_schannel_md5sum +- [Dagobert Michelsen brought this change] -- [Travis Burtrum brought this change] + tests/libtest/Makefile: Do not unconditionally add gcc-specific flags + + The warning flag leads e.g. Sun Studio compiler to bail out. + + Closes #2576 - SChannel/WinSSL: Implement public key pinning +- schannel_verify: fix build for non-schannel + +Jay Satiro (16 May 2018) +- rand: fix typo + +- schannel: disable manual verify if APIs not available - Closes #1429 + .. because original MinGW and old compilers do not have the Windows API + definitions needed to support manual verification. -- bump: towards 7.58.1 +- [Archangel_SDY brought this change] -- cookies: remove verbose "cookie size:" output + schannel: disable client cert option if APIs not available - It was once used for some debugging/verifying logic but should never have - ended up in git! + Original MinGW targets Windows 2000 by default, which lacks some APIs and + definitions for this feature. Disable it if these APIs are not available. + + Closes https://github.com/curl/curl/pull/2522 -- TODO: hardcode the "localhost" addresses +Version 7.60.0 (15 May 2018) -- TODO: CURL_REFUSE_CLEARTEXT +Daniel Stenberg (15 May 2018) +- RELEASE-NOTES: 7.60.0 release + +- THANKS: added people from the curl 7.60.0 release + +- docs/libcurl/index.html: removed - An idea that popped up in discussions on twitter. + The HTML files are long gone from the dist, now remove the last HTML + file pointing to those missing files. + + d -- progress-bar: don't use stderr explicitly, use bar->out +- [steini2000 brought this change] + + http2: remove unused variable - Reported-By: Gisle Vanem - Bug: https://github.com/curl/curl/commit/993dd5651a6c853bfe3870f6a69c7b329fa4e8ce#commitcomment-27070080 + Closes #2570 -GitHub (24 Jan 2018) -- [Gisle Vanem brought this change] +- [steini2000 brought this change] - Fixes for MSDOS etc. + http2: use easy handle of stream for logging + +- gcc: disable picky gcc-8 function pointer warnings in two places - djgpp do have 'mkdir(dir, mode)'. Other DOS-compilers does not - But djgpp seems the only choice for MSDOS anyway. + Reported-by: Rikard Falkeborn + Bug: #2560 + Closes #2569 + +- http2: use the correct function pointer typedef - PellesC do have a 'F_OK' defined in it's . + Fixes gcc-8 picky compiler warnings + Reported-by: Rikard Falkeborn + Bug: #2560 + Closes #2568 + +- CODE_STYLE: mention return w/o parens, but sizeof with - Update year in Copyright. + ... and remove the github markdown syntax so that it renders better on + the web site. Also, don't use back-ticks inlined to allow the CSS to + highlight source code better. -- [Gisle Vanem brought this change] +- [Rikard Falkeborn brought this change] - Fix small typo. + examples: Fix format specifiers + + Closes #2561 -Version 7.58.0 (23 Jan 2018) +- [Rikard Falkeborn brought this change] -Daniel Stenberg (23 Jan 2018) -- RELEASE: 7.58.0 + tool: Fix format specifiers -- [Gisle Vanem brought this change] +- [Rikard Falkeborn brought this change] - progress-bar: get screen width on windows + ntlm: Fix format specifiers -- test1454: --connect-to with IPv6 address w/o IPv6 support! +- [Rikard Falkeborn brought this change] -- CONNECT_TO: fail attempt to set an IPv6 numerical without IPv6 support + tests: Fix format specifiers + +- [Rikard Falkeborn brought this change] + + lib: Fix format specifiers + +- contributors.sh: use "on github", not at + +- http2: getsock fix for uploads - Bug: https://curl.haxx.se/mail/lib-2018-01/0087.html - Reported-by: John Hascall + When there's an upload in progress, make sure to wait for the socket to + become writable. - Closes #2257 - -- docs: fix man page syntax to make test 1140 OK again + Detected-by: steini2000 on github + Bug: #2520 + Closes #2567 -- http: prevent custom Authorization headers in redirects +- pingpong: fix response cache memcpy overflow - ... unless CURLOPT_UNRESTRICTED_AUTH is set to allow them. This matches how - curl already handles Authorization headers created internally. + Response data for a handle with a large buffer might be cached and then + used with the "closure" handle when it has a smaller buffer and then the + larger cache will be copied and overflow the new smaller heap based + buffer. - Note: this changes behavior slightly, for the sake of reducing mistakes. + Reported-by: Dario Weisser + CVE: CVE-2018-1000300 + Bug: https://curl.haxx.se/docs/adv_2018-82c2.html + +- http: restore buffer pointer when bad response-line is parsed - Added test 317 and 318 to verify. + ... leaving the k->str could lead to buffer over-reads later on. - Reported-by: Craig de Stigter - Bug: https://curl.haxx.se/docs/adv_2018-b3bf.html - -- curl: progress bar refresh, get width using ioctl() + CVE: CVE-2018-1000301 + Assisted-by: Max Dymond - Get screen width from the environment variable COLUMNS first, if set. If - not, use ioctl(). If nether works, assume 79. + Detected by OSS-Fuzz. + Bug: https://curl.haxx.se/docs/adv_2018-b138.html + Bug: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=7105 + +Patrick Monnerat (13 May 2018) +- cookies: do not take cookie name as a parameter - Closes #2242 + RFC 6265 section 4.2.1 does not set restrictions on cookie names. + This is a follow-up to commit 7f7fcd0. + Also explicitly check proper syntax of cookie name/value pair. - The "refresh" is for the -# output when no total transfer size is - known. It will now only use a single updated line even for this case: + New test 1155 checks that cookie names are not reserved words. - The "-=O=-" ship moves when data is transferred. The four flying - "hashes" move (on a sine wave) on each refresh, independent of data. - -- RELEASE-NOTES: synced with bb0ffcc36 - -- libcurl-env.3: first take - -- TODO: two possible name resolver improvements - -- [Kartik Mahajan brought this change] + Reported-By: anshnd at github + Fixes #2564 + Closes #2566 - http2: don't close connection when single transfer is stopped +Daniel Stenberg (12 May 2018) +- smb: reject negative file sizes - Fixes #2237 - Closes #2249 + Assisted-by: Max Dymond + + Detected by OSS-Fuzz + Bug: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=8245 -- test558: fix for multissl builds +- setup_transfer: deal with both sockets being -1 - vtls.c:multissl_init() might do a curl_free() call so strip that out to - make this work with more builds. We just want to verify that - memorytracking works so skipping one line is no harm. + Detected by Coverity; CID 1435559. Follow-up to f8d608f38d00. It would + index the array with -1 if neither index was a socket. -- examples/url2file.c: add missing curl_global_cleanup() call +- travis: add build using NSS - Reported-by: XhstormR on github - Fixes #2245 + Closes #2558 -- [Michael Gmelin brought this change] +- [Sunny Purushe brought this change] - SSH: Fix state machine for ssh-agent authentication + openssl: change FILE ops to BIO ops - In case an identity didn't match[0], the state machine would fail in - state SSH_AUTH_AGENT instead of progressing to the next identity in - ssh-agent. As a result, ssh-agent authentication only worked if the - identity required happened to be the first added to ssh-agent. + To make builds with VS2015 work. Recent changes in VS2015 _IOB_ENTRIES + handling is causing problems. This fix changes the OpenSSL backend code + to use BIO functions instead of FILE I/O functions to circumvent those + problems. - This was introduced as part of commit c4eb10e2f06fbd6cc904f1d78e4, which - stated that the "else" statement was required to prevent getting stuck - in state SSH_AUTH_AGENT. Given the state machine's logic and libssh2's - interface I couldn't see how this could happen or reproduce it and I - also couldn't find a more detailed description of the problem which - would explain a test case to reproduce the problem this was supposed to - fix. + Closes #2512 + +- travis: add a build using WolfSSL - [0] libssh2_agent_userauth returning LIBSSH2_ERROR_AUTHENTICATION_FAILED + Assisted-by: Dan Fandrich - Closes #2248 + Closes #2528 -- openssl: fix potential memory leak in SSLKEYLOGFILE logic - - Coverity CID 1427646. +- RELEASE-NOTES: typo -- openssl: fix the libressl build again - - Follow-up to 84fcaa2e7. libressl does not have the API even if it says it is - late OpenSSL version... +- RELEASE-NOTES: synced + +- [Daniel Gustafsson brought this change] + + URLs: fix one more http url - Fixes #2246 - Closes #2247 + This file wasn't included in commit 4af40b3646d3b09 which updated all + haxx.se http urls to https. The file was committed prior to that update, + but may have been merged after it and hence didn't get updated. - Reported-by: jungle-boogie on github + Closes #2550 -- unit1307: test many wildcards too +- github/lock: auto-lock closed issues after 90 days of inactivity -- curl_fnmatch: only allow 5 '*' sections in a single pattern +- vtls: fix missing commas - ... to avoid excessive recursive calls. The number 5 is totally - arbitrary and could be modified if someone has a good motivation. + follow-up to e66cca046cef -- ftp-wildcard: fix matching an empty string with "*[^a]" +- vtls: use unified "supports" bitfield member in backends - .... and avoid advancing the pointer to trigger an out of buffer read. + ... instead of previous separate struct fields, to make it easier to + extend and change individual backends without having to modify them all. - Detected by OSS-fuzz - Bug: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5251 - Assisted-by: Max Dymond + closes #2547 -- SMB: fix numeric constant suffix and variable types +- transfer: don't unset writesockfd on setup of multiplexed conns - 1. don't use "ULL" suffix since unsupported in older MSVC - 2. use curl_off_t instead of custom long long ifdefs - 3. make get_posix_time() not do unaligned data access + Curl_setup_transfer() can be called to setup a new individual transfer + over a multiplexed connection so it shouldn't unset writesockfd. - Fixes #2211 - Closes #2240 - Reported-by: Chester Liu + Bug: #2520 + Closes #2549 -- [rouzier brought this change] +- [Frank Gevaerts brought this change] - CURLOPT_TCP_NODELAY.3: fix typo + configure: put CURLDEBUG and DEBUGBUILD in lib/curl_config.h - Closes #2239 + They are removed from the compiler flags. + + This ensures that make dependency tracking will force a rebuild whenever + configure --enable-debug or --enable-curldebug changes. + + Closes #2548 -- smtp/pop3/imap_get_message: decrease the data length too... +- http: don't set the "rewind" flag when not uploading anything - Follow-up commit to 615edc1f73 which was incomplete. + It triggers an assert. - Assisted-by: Max Dymond - Detected by OSS-fuzz - Bug: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5206 + Detected by OSS-Fuzz + Bug: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=8144 + Closes #2546 -- openssl: enable SSLKEYLOGFILE support by default +- travis: add an mbedtls build - Fixes #2210 - Closes #2236 + Closes #2531 -Patrick Monnerat (14 Jan 2018) -- mime: clone mime tree upon easy handle duplication. +- configure: only check for CA bundle for file-using SSL backends - A mime tree attached to an easy handle using CURLOPT_MIMEPOST is - strongly bound to the handle: there is a pointer to the easy handle in - each item of the mime tree and following the parent pointer list - of mime items ends in a dummy part stored within the handle. + When only building with SSL backends that don't use the CA bundle file + (by default), skip the check. - Because of this binding, a mime tree cannot be shared between different - easy handles, thus it needs to be cloned upon easy handle duplication. + Fixes #2543 + Fixes #2180 + Closes #2545 + +- ssh-libssh.c: fix left shift compiler warning - There is no way for the caller to get the duplicated mime tree - handle: it is then set to be automatically destroyed upon freeing the - new easy handle. + ssh-libssh.c:2429:21: warning: result of '1 << 31' requires 33 bits to + represent, but 'int' only has 32 bits [-Wshift-overflow=] - New test 654 checks proper mime structure duplication/release. + 'len' will never be that big anyway so I converted the run-time check to + a regular assert. + +- [Stephan Mühlstrasser brought this change] + + URL: fix ASCII dependency in strcpy_url and strlen_url - Add a warning note in curl_mime_data_cb() documentation about sharing - user data between duplicated handles. + Commit 3c630f9b0af097663a64e5c875c580aa9808a92b partially reverted the + changes from commit dd7521bcc1b7a6fcb53c31f9bd1192fcc884bd56 because of + the problem that strcpy_url() was modified unilaterally without also + modifying strlen_url(). As a consequence strcpy_url() was again + depending on ASCII encoding. - Closes #2235 - -- docs: comment about CURLE_READ_ERROR returned by curl_mime_filedata + This change fixes strlen_url() and strcpy_url() in parallel to use a + common host-encoding independent criterion for deciding whether an URL + character must be %-escaped. + + Closes #2535 -Daniel Stenberg (13 Jan 2018) -- test395: HTTP with overflow Content-Length value +- [Denis Ollier brought this change] -- test394: verify abort of rubbish in Content-Length: value + docs: remove extraneous commas in man pages + + Closes #2544 -- test393: verify --max-filesize with excessive Content-Length +- RELEASE-NOTES: synced -- HTTP: bail out on negative Content-Length: values +- Revert "TODO: remove configure --disable-pthreads" - ... and make the max filesize check trigger if the value is too big. + This reverts commit d5d683a97f9765bddfd964fe32e137aa6e703ed3. - Updates test 178. + --disable-pthreads can be used to disable pthreads and get the threaded + resolver to use the windows threading when building with mingw. + +- vtls: don't define MD5_DIGEST_LENGTH for wolfssl - Reported-by: Brad Spencer - Fixes #2212 - Closes #2223 + ... as it defines it (too) -Marcel Raad (13 Jan 2018) -- [Dan Johnson brought this change] +- TODO: remove configure --disable-pthreads - configure.ac: append extra linker flags instead of prepending them. +Jay Satiro (2 May 2018) +- [David Garske brought this change] + + wolfssl: Fix non-blocking connect - Link order should list libraries after the libraries that use them, - so when we're guessing that we might also need to add -ldl in order - to use -lssl, we should add -ldl after -lssl. + Closes https://github.com/curl/curl/pull/2542 + +Daniel Stenberg (30 Apr 2018) +- CURLOPT_URL.3: add ENCODING section [ci skip] - Closes https://github.com/curl/curl/pull/2234 + Feedback-by: Michael Kilburn -Daniel Stenberg (13 Jan 2018) -- RELEASE-NOTES: synced with 6fa10c8fa +- KNOWN_BUGS: Client cert with Issuer DN differs between backends + + Closes #1411 -Jay Satiro (13 Jan 2018) -- setopt: fix SSLVERSION to allow CURL_SSLVERSION_MAX_ values +- KNOWN_BUGS: Passive transfer tries only one IP address - Broken since f121575 (precedes 7.56.1). + Closes #1508 + +- KNOWN_BUGS: --upload-file . hang if delay in STDIN - Bug: https://github.com/curl/curl/issues/2225 - Reported-by: cmfrolick@users.noreply.github.com + Closes #2051 + +- KNOWN_BUGS: Connection information when using TCP Fast Open - Closes https://github.com/curl/curl/pull/2227 + Closes #1332 -Patrick Monnerat (13 Jan 2018) -- setopt: reintroduce non-static Curl_vsetopt() for OS400 support +- travis: enable libssh2 on both macos and Linux - This also upgrades ILE/RPG bindings with latest setopt options. + It seems to not be detected by default anymore (which is a bug I + believe) - Reported-By: jonrumsey on github - Fixes #2230 - Closes #2233 + Closes #2541 -Jay Satiro (11 Jan 2018) -- [Zhouyihai Ding brought this change] +- TODO: Support the clienthello extension + + Closes #2299 - http2: fix incorrect trailer buffer size +- TODO: CLOEXEC - Prior to this change the stored byte count of each trailer was - miscalculated and 1 less than required. It appears any trailer - after the first that was passed to Curl_client_write would be truncated - or corrupted as well as the size. Potentially the size of some - subsequent trailer could be erroneously extracted from the contents of - that trailer, and since that size is used by client write an - out-of-bounds read could occur and cause a crash or be otherwise - processed by client write. + Closes #2252 + +- tests: provide 'manual' as a feature to optionally require - The bug appears to have been born in 0761a51 (precedes 7.49.0). + ... and make test 1026 rely on that feature so that --disable-manual + builds don't cause test failures. - Closes https://github.com/curl/curl/pull/2231 + Reported-by: Max Dymond and Anders Roxell + Fixes #2533 + Closes #2540 -- [Basuke Suzuki brought this change] +- CURLINFO_PROTOCOL.3: mention the existing defined names - easy: fix connection ownership in curl_easy_pause +Jay Satiro (27 Apr 2018) +- [Daniel Gustafsson brought this change] + + cookies: remove unused macro - Before calling Curl_client_chop_write(), change the owner of connection - to the current Curl_easy handle. This will fix the issue #2217. + Commit 2bc230de63 made the macro MAX_COOKIE_LINE_TXT become unused, + so remove as it's not part of the published API. - Fixes https://github.com/curl/curl/issues/2217 - Closes https://github.com/curl/curl/pull/2221 + Closes https://github.com/curl/curl/pull/2537 -Daniel Stenberg (9 Jan 2018) -- [Dimitrios Apostolou brought this change] +Daniel Stenberg (27 Apr 2018) +- [Daniel Gustafsson brought this change] - system.h: Additionally check __LONG_MAX__ for defining curl_off_t + checksrc: force indentation of lines after an else - __SIZEOF_LONG__ was introduced in GCC 4.4, __LONG_MAX__ was introduced - in GCC 3.3. + This extends the INDENTATION case to also handle 'else' statements + and require proper indentation on the following line. Also fixes the + offending cases found in the codebase. - Closes #2216 - -- COPYING: it's 2018! + Closes #2532 -- progress: calculate transfer speed on milliseconds if possible +- http2: fix null pointer dereference in http2_connisdead - to increase accuracy for quick transfers + This function can get called on a connection that isn't setup enough to + have the 'recv_underlying' function pointer initialized so it would try + to call the NULL pointer. - Fixes #2200 - Closes #2206 + Reported-by: Dario Weisser + + Follow-up to db1b2c7fe9b093f8 (never shipped in a release) + Closes #2536 -Jay Satiro (7 Jan 2018) -- scripts: allow all perl scripts to be run directly +- http2: get rid of another strstr() - - Enable execute permission (chmod +x) + Follow-up to 1514c44655e12e: replace another strstr() call done on a + buffer that might not be zero terminated - with a memchr() call, even if + we know the substring will be found. - - Change interpreter to /usr/bin/env perl + Assisted-by: Max Dymond - Closes https://github.com/curl/curl/pull/2222 + Detected by OSS-Fuzz + Bug: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=8021 + + Closes #2534 -- mail-rcpt.d: fix short-text description +- cyassl: adapt to libraries without TLS 1.0 support built-in + + WolfSSL doesn't enable it by default anymore -- build: remove HAVE_LIMITS_H check +- configure: provide --with-wolfssl as an alias for --with-cyassl + +- RELEASE-NOTES: synced + +- [Daniel Gustafsson brought this change] + + os400.c: fix ASSIGNWITHINCONDITION checksrc warnings - .. because limits.h presence isn't optional, it's required by C89. + All occurrences of assignment within conditional expression in + os400sys.c rewritten into two steps: first assignment and then the check + on the success of the assignment. Also adjust related incorrect brace + positions to match project indentation style. - Ref: http://port70.net/~nsz/c/c89/c89-draft.html#2.2.4.2 + This was spurred by seeing "if((inp = input_token))", but while in there + all warnings were fixed. - Closes https://github.com/curl/curl/pull/2215 + There should be no functional change from these changes. + + Closes #2525 -- openssl: fix memory leak of SSLKEYLOGFILE filename +- [Daniel Gustafsson brought this change] + + cookies: ensure that we have cookies before writing jar - - Free the copy of SSLKEYLOGFILE env returned by curl_getenv during ossl - initialization. + The jar should be written iff there are cookies, so ensure that we still + have cookies after expiration to avoid creating an empty file. - Caught by ASAN. + Closes #2529 -- Revert "curl/system.h: fix compilation with gcc on AIX PPC and IA64 HP-UX" +- strcpy_url: only %-encode values >= 0x80 - This reverts commit c97648b55080343bb371522bf4233e94a2a13a99. + OSS-Fuzz detected - SIZEOF_LONG should not be checked in system.h since that macro is only - defined when building libcurl. + https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=8000 - Ref: https://github.com/curl/curl/pull/2186#issuecomment-354767080 - Ref: https://gcc.gnu.org/onlinedocs/cpp/Common-Predefined-Macros.html - -Michael Kaufmann (30 Dec 2017) -- test1554: improve the error handling + Broke in dd7521bcc1b7 -- test1554: add global initialization and cleanup - -Daniel Stenberg (29 Dec 2017) -- curl_version_info.3: call the argument 'age' +- mime: avoid NULL pointer dereference risk - Reported-by: Pete Lomax - Bug: https://curl.haxx.se/mail/lib-2017-12/0074.html + Coverity detected, CID 1435120 + + Closes #2527 -Patrick Monnerat (27 Dec 2017) -- [Mikalai Ananenka brought this change] +- [Stephan Mühlstrasser brought this change] - brotli: data at the end of content can be lost + ctype: restore character classification for non-ASCII platforms - Decoding loop implementation did not concern the case when all - received data is consumed by Brotli decoder and the size of decoded - data internally hold by Brotli decoder is greater than CURL_MAX_WRITE_SIZE. - For content with unencoded length greater than CURL_MAX_WRITE_SIZE this - can result in the loss of data at the end of content. + With commit 4272a0b0fc49a1ac0ceab5c4a365c9f6ab8bf8e2 curl-speficic + character classification macros and functions were introduced in + curl_ctype.[ch] to avoid dependencies on the locale. This broke curl on + non-ASCII, e.g. EBCDIC platforms. This change restores the previous set + of character classification macros when CURL_DOES_CONVERSIONS is + defined. - Closes #2194 + Closes #2494 -Jay Satiro (26 Dec 2017) -- examples/cacertinmem: ignore cert-already-exists error - - - Ignore X509_R_CERT_ALREADY_IN_HASH_TABLE errors in the CTX callback - since it's possible the cert may have already been loaded by libcurl. +- ftplistparser: keep state between invokes - - Remove the EXAMPLE code in the CURLOPT_SSL_CTX_FUNCTION.3 doc. - Instead have it direct the reader to this cacertinmem.c example. + Fixes FTP wildcard parsing when done over a number of read buffers. - - Fix the CA certificate to use the right CA for example.com, Digicert. + Regression from f786d1f14 - Bug: https://curl.haxx.se/mail/lib-2017-12/0057.html - Reported-by: Thomas van Hesteren + Reported-by: wncboy on github + Fixes #2445 + Closes #2526 + +- examples/http2-upload: expand buffer to avoid silly warning - Closes https://github.com/curl/curl/pull/2182 + http2-upload.c:135:44: error: ‘%02d’ directive output may be truncated + writing between 2 and 11 bytes into a region of size between 8 and 17 -- [Gisle Vanem brought this change] +- examples/sftpuploadresume: typecast fseek argument to long + + /docs/examples/sftpuploadresume.c:102:12: warning: conversion to 'long + int' from 'curl_off_t {aka long long int}' may alter its value - tool_getparam: Support size modifiers for --max-filesize +- Revert "ftplistparser: keep state between invokes" - - Move the size modifier detection code from limit-rate to its own - function so that it can also be used with max-filesize. + This reverts commit abbc8457d85aca74b7cfda1d394b0844932b2934. - Size modifiers are the suffixes such as G (gigabyte), M (megabyte) etc. + Caused fuzzer problems on travis not seen when this was a PR! + +- Curl_memchr: zero length input can't match - For example --max-filesize 1G + Avoids undefined behavior. - Ref: https://curl.haxx.se/mail/archive-2017-12/0000.html + Reported-by: Geeknik Labs + +- ftplistparser: keep state between invokes - Closes https://github.com/curl/curl/pull/2179 + Fixes FTP wildcard parsing when doing over a number of read buffers. + + Regression from f786d1f14 + + Reported-by: wncboy on github + Fixes #2445 + Closes #2519 -Steve Holme (22 Dec 2017) -- build: Fixed incorrect script termination from commit ad1dc10e61 +- ftplistparser: renamed some members and variables + + ... to make them better spell out what they're for. -- Makefile.vc: Added our standard copyright header +- RELEASE-NOTES: synced -- winbuild: Added support for VC15 +- [Christian Schmitz brought this change] -- build: Added Visual Studio 2017 project files + curl_global_sslset: always provide available backends + + Closes #2499 -- build-wolfssl.bat: Added support for VC15 +- http2: convert an assert to run-time check + + Fuzzing has proven we can reach code in on_frame_recv with status_code + not having been set, so let's detect that in run-time (instead of with + assert) and error error accordingly. + + (This should no longer happen with the latest nghttp2) + + Detected by OSS-Fuzz + Bug: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=7903 + Closes #2514 -- build-openssl.bat: Added support for VC15 +- curl.1: clarify that options and URLs can be mixed + + Fixes #2515 + Closes #2517 -Jay Satiro (22 Dec 2017) -- [Dimitrios Apostolou brought this change] +Jay Satiro (23 Apr 2018) +- [Archangel_SDY brought this change] - curl/system.h: fix compilation with gcc on AIX PPC and IA64 HP-UX + CURLOPT_SSLCERT.3: improve WinSSL-specific usage info - Closes https://github.com/curl/curl/pull/2186 + Ref: https://github.com/curl/curl/pull/2376#issuecomment-381858780 + + Closes https://github.com/curl/curl/pull/2504 -- [Mattias Fornander brought this change] +- [Archangel_SDY brought this change] - examples/rtsp: fix error handling macros + schannel: fix build error on targets <= XP - Closes https://github.com/curl/curl/pull/2185 - -Patrick Monnerat (20 Dec 2017) -- curl_easy_reset: release mime-related data. + - Use CRYPT_STRING_HEX instead of CRYPT_STRING_HEXRAW since XP doesn't + support the latter. - Move curl_mime_initpart() and curl_mime_cleanpart() calls to lower-level - functions dealing with UserDefined structure contents. - This avoids memory leakages on curl-generated part mime headers. - New test 2073 checks this using the cli tool --next option: it - triggers a valgrind error if bug is present. + Ref: https://github.com/curl/curl/pull/2376#issuecomment-382153668 - Bug: https://curl.haxx.se/mail/lib-2017-12/0060.html - Reported-by: Martin Galvan + Closes https://github.com/curl/curl/pull/2504 -- content_encoding: rework zlib_inflate +Daniel Stenberg (23 Apr 2018) +- Revert "ftplistparser: keep state between invokes" - - When zlib version is < 1.2.0.4, process gzip trailer before considering - extra data as an error. - - Inflate with Z_BLOCK instead of Z_SYNC_FLUSH to maximize correct data - and minimize corrupt data output. - - Do not try to restart deflate decompression in raw mode if output has - started or if the leading data is not available anymore. - - New test 232 checks inflating raw-deflated content. + This reverts commit 8fb78f9ddc6d858d630600059b8ad84a80892fd9. - Closes #2068 + Unfortunately this fix introduces memory leaks I've not been able to fix + in several days. Reverting this for now to get the leaks fixed. -- brotli: allow compiling with version 0.6.0. +Jay Satiro (21 Apr 2018) +- tool_help: clarify --max-time unit of time is seconds - Some error codes were not yet defined in brotli 0.6.0: do not issue code - for them in this case. + Before: + -m, --max-time