Lines Matching +full:- +full:wno +full:- +full:invalid +full:- +full:source +full:- +full:encoding
12 - RELEASE: 7.64.1
14 - Revert "ntlm: remove USE_WIN32_CRYPTO check to get USE_NTLM2SESSION set"
20 - [Christian Schmitz brought this change]
27 - tool_cb_wrt: fix writing to Windows null device NUL
29 - Improve console detection.
36 Bug: https://github.com/curl/curl/issues/3175#issuecomment-439068724
37 Reported-by: Gisle Vanem
39 - CURLMOPT_PIPELINING.3: fix typo
42 - TODO: config file parsing
47 - os400: Disable Alt-Svc by default since it's experimental
49 Follow-up to 520f0b4 which added Alt-Svc support and enabled it by
53 Ref: https://github.com/curl/curl/commit/520f0b4#commitcomment-32792332
54 Ref: https://curl.haxx.se/mail/lib-2019-02/0008.html
59 - tests: Fixed XML validation errors in some test files.
61 - tests: Fix some incorrect precheck error messages.
66 - curl_url.3: this is not experimental anymore
68 - travis: bump the used wolfSSL version to 4.0.0
78 - lib: Fix typos in comments
81 - openssl: if cert type is ENG and no key specified, key is ENG too
87 - sectransp: tvOS 11 is required for ALPN support
89 Reported-by: nianxuejie on github
90 Assisted-by: Nick Zitzmann
91 Assisted-by: Jay Satiro
95 - test1541: threaded connection sharing
97 The threaded-shared-conn.c example turned into test case. Only works if
105 - os400: alt-svc support.
111 - conncache: use conn->data to know if a transfer owns it
113 - make sure an already "owned" connection isn't returned unless
116 - clear ->data when returning the connection to the cache again
120 Bug: https://curl.haxx.se/mail/lib-2019-03/0064.html
124 - RELEASE-NOTES: synced
126 - [Chris Young brought this change]
128 configure: add --with-amissl
138 - [Chris Young brought this change]
145 - [Chris Young brought this change]
149 - [Chris Young brought this change]
153 - makefile: make checksrc and hugefile commands "silent"
160 - curl.1: --user and --proxy-user are hidden from ps output
162 Suggested-by: Eric Curtin
163 Improved-by: Dan Fandrich
168 - curl.1: mark the argument to --cookie as <data|filename>
172 Suggested-by: Tim Rühsen
177 - fuzzer: Only clone the latest fuzzer code, for speed.
180 - [Dominik Hölzl brought this change]
197 Expect: 100-continue and CURLOPT_KEEP_SENDING_ON_ERROR -> 1)
198 * Consider "Persistent-Auth" header, detect if not present;
206 - [Marc Schlatter brought this change]
219 - file: fix "Checking if unsigned variable 'readcount' is less than zero."
225 - memdebug: log pointer before freeing its data
237 - RELEASE-NOTES: synced
240 - travis: actually use updated compiler versions
251 Ref: https://docs.travis-ci.com/user/languages/c/#c11c11-and-beyond-and-toolchain-versioning
255 - travis: update clang to version 7
260 - [Andre Guibert de Bruet brought this change]
273 - multi: removed unused code for request retries
275 This code was once used for the non multi-interface using code path, but
282 - doh: inherit some SSL options from user's easy handle
284 - Inherit SSL options for the doh handle but not SSL client certs,
287 SSL kerberos or SSL gss-api settings.
289 - Fix inheritance of verbose setting.
291 - Inherit NOSIGNAL.
293 There is no way for the user to set options for the doh (DNS-over-HTTPS)
307 - test331: verify set-cookie for dotless host name
312 - Revert "cookies: extend domain checks to non psl builds"
319 - memdebug: make debug-specific functions use curl_dbg_ prefix
326 - cmdline-opts/proxytunnel.d: the option tunnnels all protocols
330 Reported-by: Daniel Lublin
333 - KNOWN_BUGS: Client cert (MTLS) issues with Schannel
337 - ROADMAP: updated to some more current things to work on
339 - tests: fix multiple may be used uninitialized warnings
341 - RELEASE-NOTES: synced
343 - source: fix two 'nread' may be used uninitialized warnings
349 - gopher: remove check for path == NULL
356 Assisted-by: Dan Fandrich
360 - examples: only include <curl/curl.h>
364 Reviewed-by: Marcel Raad
367 - ssh: loop the state machine if not done and not blocking
382 - multi: support verbose conncache closure handle
384 - Change closure handle to receive verbose setting from the easy handle
395 Co-authored-by: Daniel Stenberg
400 - CURLU: fix NULL dereference when used over proxy
408 - altsvc_out: check the return code from Curl_gmtime
414 - docs/ALTSVC.md: docs describing the approach
418 - alt-svc: add a travis build
420 - alt-svc: add test 355 and 356 to verify with command line curl
422 - alt-svc: the curl command line bits
424 - alt-svc: the libcurl bits
426 - travis: add build using gnutls
430 - RELEASE-NOTES: synced
432 - [Simon Legner brought this change]
440 - gnutls: remove call to deprecated gnutls_compression_get_name
446 Docs: https://www.gnutls.org/manual/html_node/Compatibility-API.html
451 - system_win32: move win32_init here from easy.c
457 Reported-by: Gisle Vanem
462 - curl_easy_duphandle.3: clarify that a duped handle has no shares
464 Reported-by: Sara Golemon
469 - 10-at-a-time.c: fix too long line
471 - [Arnaud Rebillout brought this change]
491 Signed-off-by: Arnaud Rebillout <arnaud.rebillout@collabora.com>
493 - urldata: simplify bytecounters
495 - no need to have them protocol specific
497 - no need to set pointers to them with the Curl_setup_transfer() call
499 - make Curl_setup_transfer() operate on a transfer pointer, not
502 - switch some counters from long to the more proper curl_off_t type
506 - examples/10-at-a-time.c: improve readability and simplify
508 - use better variable names to explain their purposes
509 - convert logic to curl_multi_wait()
511 - threaded-resolver: shutdown the resolver thread without error message
519 Reported-by: Michael Schmid
523 - [Ԝеѕ brought this change]
525 docs: update max-redirs.d phrasing
527 clarify redir - "in absurdum" doesn't seem to make sense in this context
531 - ssh: fix Condition '!status' is always true
540 - test578: make it read data from the correct test
542 - Curl_easy: remove req.maxfd - never used!
549 - http: set state.infilesize when sending formposts
557 Reported-by: Matt McClure
558 Bug: https://curl.haxx.se/mail/archive-2019-02/0023.html
561 - INSTALL: refer to the current TLS library names and configure options
563 - FAQ: minor updates and spelling fixes
565 - GOVERNANCE.md: minor spelling fixes
567 - Secure Transport: no more "darwinssl"
571 Reviewed-by: Nick Zitzmann
576 - AppVeyor: add classic MinGW build
584 - AppVeyor: add MinGW-w64 build
586 Add a MinGW-w64 build using CMake's MSYS Makefiles generator.
593 - cookies: only save the cookie file if the engine is enabled
595 Follow-up to 8eddb8f4259.
607 Assisted-by: Michael Wallner
608 Assisted-by: Marcel Raad
612 - [DaVieS brought this change]
614 cacertinmem.c: use multiple certificates for loading CA-chain
618 - urldata: convert bools to bitfields and move to end
621 memory. For a rather feature-complete build on x86_64 Linux, gcc 8.1.2
630 - [Don J Olmstead brought this change]
636 - curl: display --version features sorted alphabetically
640 - runtests: detect "schannel" as an alias for "winssl"
642 Follow-up to 180501cb02
644 Reported-by: Marcel Raad
649 - AppVeyor: update to Visual Studio 2017
656 - AppVeyor: switch VS 2015 builds to VS 2017 image
662 - AppVeyor: explicitly select worker image
670 - strerror: make the strerror function use local buffers
682 Co-authored-by: Jay Satiro
686 - [Michael Wallner brought this change]
695 - AppVeyor: re-enable test 500
701 - AppVeyor: remove redundant builds
709 - RELEASE-NOTES: synced
711 - [Bernd Mueller brought this change]
718 - [Michael Felt brought this change]
722 - Add an additional check for LDAP that also checks for OpenSSL since
728 - [georgeok brought this change]
732 Add support for Ephemeral elliptic curve Diffie-Hellman key exchange
739 - multi: call multi_done on connect timeouts
745 Reported-by: accountantM on github
749 - examples: remove recursive calls to curl_multi_socket_action
760 - configure: remove CURL_CHECK_FUNC_FDOPEN call
768 - wolfssl: stop custom-adding curves
773 Pointed-out-by: David Garske
777 - configure: remove the unused fdopen macro
784 - url: change conn shutdown order to unlink data as last step
786 - Split off connection shutdown procedure from Curl_disconnect into new
789 - Change the shutdown procedure to close the sockets before
797 Bug: https://curl.haxx.se/mail/lib-2019-02/0101.html
798 Reported-by: Pavel Löbl
804 - Fix strict-prototypes GCC warning
810 - tests: Fixed XML validation errors in some test files.
813 - TODO: Allow SAN names in HTTP/2 server push
815 Suggested-by: Nicolas Grekas
817 - RELEASE-NOTES: synced
819 - curl: remove MANUAL from -M output
826 which is 25% of the -M output.
829 page using that as source. It renders poorly on the site (especially for
834 - http2: verify :athority in push promise requests
841 Reported-by: Nicolas Grekas
842 Bug: https://curl.haxx.se/mail/lib-2019-02/0057.html
845 - singlesocket: fix the 'sincebefore' placement
850 This is a follow-up to 4c35574 (shipped in curl 7.64.0)
852 Reported-by: buzo-ffm on github
853 Detected-by: Jan Alexander Steffens
857 - connection: never reuse CONNECT_ONLY conections
861 Reported-by: Pavel Löbl
862 Bug: https://curl.haxx.se/mail/lib-2019-02/0064.html
866 - cli tool: fix mime post with --disable-libcurl-option configure option
868 Reported-by: Marcel Raad
873 - x509asn1: cleanup and unify code layout
875 - rename 'n' to buflen in functions, and use size_t for them. Don't pass
878 - move most function comments to above the function starts like we use
881 - remove several unnecessary typecasts (especially of NULL)
883 Reviewed-by: Patrick Monnerat
886 - curl_multi_remove_handle.3: use at any time, just not from within callbacks
890 - http: make adding a blank header thread-safe
892 Previously the function would edit the provided header in-place when a
898 Reported-by: d912e3 on github
902 - unit1651: survive curl_easy_init() fails
904 - [Frank Gevaerts brought this change]
906 rand: Fix a mismatch between comments in source and header.
908 Reported-by: Björn Stenberg <bjorn@haxx.se>
912 - x509asn1: replace single char with an array
915 cause invalid accesses to adjacent memory locations.
920 - examples/http2-serverpush: add some sensible error checks
927 - easy: fix win32 init to work without CURL_GLOBAL_WIN32
929 - Change the behavior of win32_init so that the required initialization
951 - cookie: Add support for cookie prefixes
953 The draft-ietf-httpbis-rfc6265bis-02 draft, specify a set of prefixes
956 defined, __Host- and __Secure, and updates the testcase with the
960 Reviewed-by: Daniel Stenberg <daniel@haxx.se>
962 - mbedtls: release sessionid resources on error
970 Reported-by: Michał Antoniak <M.Antoniak@posnet.com>
971 Reviewed-by: Daniel Stenberg <daniel@haxx.se>
974 - cli tool: refactor encoding conversion sequence for switch case fallthrough.
976 - version.c: silent scan-build even when librtmp is not enabled
979 - RELEASE-NOTES: synced
981 - Curl_now: figure out windows version in win32_init
987 Reported-by: Paul Groke
992 - unit1307: just fail without FTP support
1001 - travis: enable valgrind for the iconv tests too
1005 - travis: add scan-build
1009 - examples/sftpuploadresume: Value stored to 'result' is never read
1011 Detected by scan-build
1013 - examples/http2-upload: cleaned up
1015 Fix scan-build warnings, no globals, no silly handle scan. Also remove
1018 - examples/http2-download: cleaned up
1020 To avoid scan-build warnings and global variables.
1022 - examples/postinmemory: Potential leak of memory pointed to by 'chunk.memory'
1024 Detected by scan-build
1026 - examples/httpcustomheader: Value stored to 'res' is never read
1028 Detected by scan-build
1030 - examples: remove superfluous null-pointer checks
1032 in ftpget, ftpsget and sftpget, so that scan-build stops warning for
1035 Detected by scan-build
1037 - strip_trailing_dot: make sure NULL is never used for strlen
1039 scan-build warning: Null pointer passed as an argument to a 'nonnull'
1042 - [Jay Satiro brought this change]
1044 connection_check: restore original conn->data after the check
1046 - Save the original conn->data before it's changed to the specified
1049 This is a follow-up to 38d8e1b 2019-02-11.
1055 transfer for the check (ie original conn->data ignored and set to the
1057 cleared conn->data after the check. The original conn->data was not
1058 restored, so presumably it was thought that a valid conn->data was no
1061 Several days later it was discovered that a valid conn->data was needed
1062 after the check and follow-up fix was landed in bbae24c which partially
1064 conn->data was changed to only when pruning dead connections. In that
1065 case conn->data was not cleared and the original conn->data not
1070 because original conn->data could be null which could cause a bad deref
1072 expanded the scope to all cases. conn->data was not cleared and the
1073 original conn->data not restored.
1075 A day later it was discovered that not restoring the original conn->data
1078 code path that still needs the original conn->data. This commit is the
1079 follow-up fix for that, it restores the original conn->data after the
1082 Assisted-by: tholin@users.noreply.github.com
1083 Reported-by: tholin@users.noreply.github.com
1088 - memdebug: bring back curl_mark_sclose
1095 - transfer.c: do not compute length of undefined hex buffer.
1097 On non-ascii platforms, the chunked hex header was measured for char code
1105 - KNOWN_BUGS: Cannot compile against a static build of OpenLDAP
1110 - x509asn1: "Dereference of null pointer"
1112 Detected by scan-build (false positive).
1115 - configure: show features as well in the final summary
1119 - KNOWN_BUGS: curl compiled on OSX 10.13 failed to run on OSX 10.10
1123 - KNOWN_BUGS: Deflate error after all content was received
1127 - gssapi: fix deprecated header warnings
1133 - TODO: Upgrade to websockets
1137 - TODO: cmake test suite improvements
1142 - curl: "Dereference of null pointer"
1144 Rephrase to satisfy scan-build.
1147 - unit1307: require FTP support
1156 - TODO: TFO support on Windows
1162 - multi: Dereference of null pointer
1166 Detected by scan-build.
1170 - urlglob: Argument with 'nonnull' attribute passed null
1172 Detected by scan-build.
1175 - schannel: restore some debug output but only for debug builds
1177 Follow-up to 84c10dc from earlier today which wrapped a lot of the noisy
1182 - examples/crawler: Fix the Accept-Encoding setting
1184 - Pass an empty string to CURLOPT_ACCEPT_ENCODING to use the default
1191 - mime: put the boundary buffer into the curl_mime struct
1194 fixed-size and always used for each part.
1198 - schannel: be quiet
1200 Convert numerous infof() calls into debug-build only messages since they
1203 Bug: https://curl.haxx.se/mail/lib-2019-02/0027.html
1204 Reported-by: Volker Schmid
1207 - [Romain Geissler brought this change]
1209 Curl_resolv: fix a gcc -Werror=maybe-uninitialized warning
1213 - http2: multi_connchanged() moved from multi.c, only used for h2
1217 - curl: "Function call argument is an uninitialized value"
1219 Follow-up to cac0e4a6ad14b42471eb
1221 Detected by scan-build
1224 - pretransfer: don't strlen() POSTFIELDS set for GET requests
1229 Reported-by: Renaud Allard
1232 - multi: remove verbose "Expire in" ... messages
1234 Reported-by: James Brown
1235 Bug: https://curl.haxx.se/mail/archive-2019-02/0013.html
1238 - mbedtls: make it build even if MBEDTLS_VERSION_C isn't set
1240 Reported-by: MAntoniak on github
1245 - non-ascii.c: fix typos in comments
1250 - fnmatch: disable if FTP is disabled
1254 - curl_path: only enabled for SSH builds
1256 - [Frank Gevaerts brought this change]
1263 test 1457 is adjusted to make the output actually match (by using --silent)
1269 - cli tool: do not use mime.h private structures.
1271 Option -F generates an intermediate representation of the mime structure
1273 the --libcurl statements.
1275 Reported-by: Daniel Stenberg
1280 - curlver: bump to 7.64.1-dev
1282 - RELEASE-NOTES: synced
1285 before the cut-off date, we update again.
1288 - curl: follow-up to 3f16990ec84
1290 Commit 3f16990ec84cc4b followed-up a bug in b49652ac66cc0 but was
1294 Reviewed-by: Daniel Stenberg <daniel@haxx.se>
1296 - dns: release sharelock as soon as possible
1304 Reviewed-by: Daniel Stenberg <daniel@haxx.se>
1307 - curl: follow-up to b49652ac66cc0
1309 On FreeBSD, return non-zero on error otherwise zero.
1311 Reported-by: Marcel Raad
1313 - multi: (void)-prefix when ignoring return values
1316 are replace by empty macros at build-time.
1318 - curl: fix FreeBSD compiler warning in the --xattr code
1322 - connection_check: set ->data to the transfer doing the check
1325 sure a working one is set before handler->connection_check() is called.
1327 Reported-by: jnbr on github
1331 - hostip: make create_hostcache_id avoid alloc + free
1335 - scripts/singleuse: script to use to track single-use functions
1345 - cleanup: make local functions static
1347 urlapi: turn three local-only functions into statics
1364 normal builds and non-static for unit test builds
1381 - cirrus: Added FreeBSD builds using Cirrus CI.
1383 The build logs will be at https://cirrus-ci.com/github/curl/curl
1390 - url/idnconvert: remove scan for <= 32 ascii values
1397 - urlapi: reduce variable scope, remove unreachable 'break'
1404 - zsh.pl: escape ':' character
1411 % curl --reso<TAB>
1412 % curl -E <TAB>
1416 - zsh.pl: update regex to better match curl -h output
1425 --- /usr/share/zsh/vendor-completions/_curl 2019-01-15 20:47:40.000000000 +0000
1426 +++ _curl 2019-02-05 20:57:29.453349040 +0000
1427 @@ -9,48 +9,48 @@
1429 _arguments -C -S \
1430 …--happy-eyeballs-timeout-ms'[How long to wait in milliseconds for IPv6 before trying IPv4]':'<mill…
1431 + --resolve'[Resolve the host+port to this address]':'<host:port:address[,address]...>' \
1432 {-c,--cookie-jar}'[Write cookies to <filename> after operation]':'<filename>':_files \
1433 {-D,--dump-header}'[Write the received headers to <filename>]':'<filename>':_files \
1434 {-y,--speed-time}'[Trigger '\''speed-limit'\'' abort after this time]':'<seconds>' \
1435 --proxy-cacert'[CA certificate to verify peer against for proxy]':'<file>':_files \
1436 - --tls13-ciphers'[of TLS 1.3 ciphersuites> TLS 1.3 cipher suites to use]':'<list' \
1437 + --tls13-ciphers'[TLS 1.3 cipher suites to use]':'<list of TLS 1.3 ciphersuites>' \
1438 {-E,--cert}'[Client certificate file and password]':'<certificate[:password]>' \
1439 --libcurl'[Dump libcurl equivalent code of this command line]':'<file>':_files \
1440 --proxy-capath'[CA directory to verify peer against for proxy]':'<dir>':_files \
1441 - --proxy-negotiate'[HTTP Negotiate (SPNEGO) authentication on the proxy]':'Use' \
1442 --proxy-pinnedpubkey'[FILE/HASHES public key to verify proxy with]':'<hashes>' \
1443 --crlfile'[Get a CRL list in PEM format from the given file]':'<file>':_files \
1444 - --proxy-insecure'[HTTPS proxy connections without verifying the proxy]':'Do' \
1445 - --proxy-ssl-allow-beast'[security flaw for interop for HTTPS proxy]':'Allow' \
1446 + --proxy-negotiate'[Use HTTP Negotiate (SPNEGO) authentication on the proxy]' \
1447 --abstract-unix-socket'[Connect via abstract Unix domain socket]':'<path>' \
1448 --pinnedpubkey'[FILE/HASHES Public key to verify peer against]':'<hashes>' \
1449 + --proxy-insecure'[Do HTTPS proxy connections without verifying the proxy]' \
1450 --proxy-pass'[Pass phrase for the private key for HTTPS proxy]':'<phrase>' \
1451 + --proxy-ssl-allow-beast'[Allow security flaw for interop for HTTPS proxy]' \
1452 {-p,--proxytunnel}'[Operate through an HTTP proxy tunnel (using CONNECT)]' \
1453 --socks5-hostname'[SOCKS5 proxy, pass host name to proxy]':'<host[:port]>' \
1454 --proto-default'[Use PROTOCOL for any URL missing a scheme]':'<protocol>' \
1455 - --proxy-tls13-ciphers'[list> TLS 1.3 proxy cipher suites]':'<ciphersuite' \
1456 + --proxy-tls13-ciphers'[TLS 1.3 proxy cipher suites]':'<ciphersuite list>' \
1457 --socks5-gssapi-service'[SOCKS5 proxy service name for GSS-API]':'<name>' \
1458 --ftp-alternative-to-user'[String to replace USER \[name\]]':'<command>' \
1459 - --ftp-ssl-control'[SSL/TLS for FTP login, clear for transfer]':'Require' \
1460 {-T,--upload-file}'[Transfer local FILE to destination]':'<file>':_files \
1461 --local-port'[Force use of RANGE for local port numbers]':'<num/range>' \
1462 --proxy-tlsauthtype'[TLS authentication type for HTTPS proxy]':'<type>' \
1463 {-R,--remote-time}'[Set the remote file'\''s time on the local output]' \
1464 - --retry-connrefused'[on connection refused (use with --retry)]':'Retry' \
1465 - --suppress-connect-headers'[proxy CONNECT response headers]':'Suppress' \
1466 - {-j,--junk-session-cookies}'[session cookies read from file]':'Ignore' \
1467 - --location-trusted'[--location, and send auth to other hosts]':'Like' \
1468 + --ftp-ssl-control'[Require SSL/TLS for FTP login, clear for transfer]' \
1469 --proxy-cert-type'[Client certificate type for HTTPS proxy]':'<type>' \
1470 {-O,--remote-name}'[Write output to a file named as the remote file]' \
1471 + --retry-connrefused'[Retry on connection refused (use with --retry)]' \
1472 + --suppress-connect-headers'[Suppress proxy CONNECT response headers]' \
1473 --trace-ascii'[Like --trace, but without hex output]':'<file>':_files \
1474 --connect-timeout'[Maximum time allowed for connection]':'<seconds>' \
1475 --expect100-timeout'[How long to wait for 100-continue]':'<seconds>' \
1476 {-g,--globoff}'[Disable URL sequences and ranges using {} and \[\]]' \
1477 + {-j,--junk-session-cookies}'[Ignore session cookies read from file]' \
1478 {-m,--max-time}'[Maximum time allowed for the transfer]':'<seconds>' \
1479 --dns-ipv4-addr'[IPv4 address to use for DNS requests]':'<address>' \
1480 --dns-ipv6-addr'[IPv6 address to use for DNS requests]':'<address>' \
1481 - --ignore-content-length'[the size of the remote resource]':'Ignore' \
1482 {-k,--insecure}'[Allow insecure server connections when using SSL]' \
1483 + --location-trusted'[Like --location, and send auth to other hosts]' \
1484 --mail-auth'[Originator address of the original email]':'<address>' \
1485 --noproxy'[List of hosts which do not use proxy]':'<no-proxy-list>' \
1486 --proto-redir'[Enable/disable PROTOCOLS on redirect]':'<protocols>' \
1487 @@ -62,18 +62,19 @@
1488 --socks5-basic'[Enable username/password auth for SOCKS5 proxies]' \
1489 --cacert'[CA certificate to verify peer against]':'<file>':_files \
1490 {-H,--header}'[Pass custom header(s) to server]':'<header/@file>' \
1491 + --ignore-content-length'[Ignore the size of the remote resource]' \
1492 {-i,--include}'[Include protocol response headers in the output]' \
1493 --proxy-header'[Pass custom header(s) to proxy]':'<header/@file>' \
1494 --unix-socket'[Connect through this Unix domain socket]':'<path>' \
1495 {-w,--write-out}'[Use output FORMAT after completion]':'<format>' \
1496 - --http2-prior-knowledge'[HTTP 2 without HTTP/1.1 Upgrade]':'Use' \
1497 {-o,--output}'[Write to file instead of stdout]':'<file>':_files \
1498 - {-J,--remote-header-name}'[the header-provided filename]':'Use' \
1499 + --preproxy'[\[protocol://\]host\[:port\] Use this proxy first]' \
1500 --socks4a'[SOCKS4a proxy on given host + port]':'<host[:port]>' \
1501 {-Y,--speed-limit}'[Stop transfers slower than this]':'<speed>' \
1502 {-z,--time-cond}'[Transfer based on a time condition]':'<time>' \
1503 --capath'[CA directory to verify peer against]':'<dir>':_files \
1504 {-f,--fail}'[Fail silently (no output at all) on HTTP errors]' \
1505 + --http2-prior-knowledge'[Use HTTP 2 without HTTP/1.1 Upgrade]' \
1506 --proxy-tlspassword'[TLS password for HTTPS proxy]':'<string>' \
1507 {-U,--proxy-user}'[Proxy user and password]':'<user:password>' \
1508 --proxy1.0'[Use HTTP/1.0 proxy on given port]':'<host[:port]>' \
1509 @@ -81,52 +82,49 @@
1510 {-A,--user-agent}'[Send User-Agent <name> to server]':'<name>' \
1511 --egd-file'[EGD socket path for random data]':'<file>':_files \
1512 --fail-early'[Fail on first transfer error, do not continue]' \
1513 - --haproxy-protocol'[HAProxy PROXY protocol v1 header]':'Send' \
1514 - --preproxy'[Use this proxy first]':'[protocol://]host[:port]' \
1515 + {-J,--remote-header-name}'[Use the header-provided filename]' \
1516 --retry-max-time'[Retry only within this period]':'<seconds>' \
1517 --socks4'[SOCKS4 proxy on given host + port]':'<host[:port]>' \
1518 --socks5'[SOCKS5 proxy on given host + port]':'<host[:port]>' \
1519 - --socks5-gssapi-nec'[with NEC SOCKS5 server]':'Compatibility' \
1520 - --ssl-allow-beast'[security flaw to improve interop]':'Allow' \
1521 --cert-status'[Verify the status of the server certificate]' \
1522 - --ftp-create-dirs'[the remote dirs if not present]':'Create' \
1523 {-:,--next}'[Make next URL use its separate set of options]' \
1524 --proxy-key-type'[Private key file type for proxy]':'<type>' \
1525 - --remote-name-all'[the remote file name for all URLs]':'Use' \
1526 {-X,--request}'[Specify request command to use]':'<command>' \
1527 --retry'[Retry request if transient problems occur]':'<num>' \
1528 - --ssl-no-revoke'[cert revocation checks (WinSSL)]':'Disable' \
1529 --cert-type'[Certificate file type (DER/PEM/ENG)]':'<type>' \
1530 --connect-to'[Connect to host]':'<HOST1:PORT1:HOST2:PORT2>' \
1531 --create-dirs'[Create necessary local directory hierarchy]' \
1532 + --haproxy-protocol'[Send HAProxy PROXY protocol v1 header]' \
1533 --max-redirs'[Maximum number of redirects allowed]':'<num>' \
1534 {-n,--netrc}'[Must read .netrc for user name and password]' \
1535 + {-x,--proxy}'[\[protocol://\]host\[:port\] Use this proxy]' \
1536 --proxy-crlfile'[Set a CRL list for proxy]':'<file>':_files \
1537 --sasl-ir'[Enable initial response in SASL authentication]' \
1538 - --socks5-gssapi'[GSS-API auth for SOCKS5 proxies]':'Enable' \
1539 + --socks5-gssapi-nec'[Compatibility with NEC SOCKS5 server]' \
1540 + --ssl-allow-beast'[Allow security flaw to improve interop]' \
1541 + --ftp-create-dirs'[Create the remote dirs if not present]' \
1542 --interface'[Use network INTERFACE (or address)]':'<name>' \
1543 --key-type'[Private key file type (DER/PEM/ENG)]':'<type>' \
1544 --netrc-file'[Specify FILE for netrc]':'<filename>':_files \
1545 {-N,--no-buffer}'[Disable buffering of the output stream]' \
1546 --proxy-service-name'[SPNEGO proxy service name]':'<name>' \
1547 - --styled-output'[styled output for HTTP headers]':'Enable' \
1548 + --remote-name-all'[Use the remote file name for all URLs]' \
1549 + --ssl-no-revoke'[Disable cert revocation checks (WinSSL)]' \
1550 --max-filesize'[Maximum file size to download]':'<bytes>' \
1551 --negotiate'[Use HTTP Negotiate (SPNEGO) authentication]' \
1552 --no-keepalive'[Disable TCP keepalive on the connection]' \
1553 {-#,--progress-bar}'[Display transfer progress as a bar]' \
1554 - {-x,--proxy}'[Use this proxy]':'[protocol://]host[:port]' \
1555 - --proxy-anyauth'[any proxy authentication method]':'Pick' \
1556 {-Q,--quote}'[Send command(s) to server before transfer]' \
1557 - --request-target'[the target for this request]':'Specify' \
1558 + --socks5-gssapi'[Enable GSS-API auth for SOCKS5 proxies]' \
1559 {-u,--user}'[Server user and password]':'<user:password>' \
1560 {-K,--config}'[Read config from a file]':'<file>':_files \
1561 {-C,--continue-at}'[Resumed transfer offset]':'<offset>' \
1562 --data-raw'[HTTP POST data, '\''@'\'' allowed]':'<data>' \
1563 - --disallow-username-in-url'[username in url]':'Disallow' \
1564 --krb'[Enable Kerberos with security <level>]':'<level>' \
1565 --proxy-ciphers'[SSL ciphers to use for proxy]':'<list>' \
1566 --proxy-digest'[Use Digest authentication on the proxy]' \
1567 --proxy-tlsuser'[TLS username for HTTPS proxy]':'<name>' \
1568 + --styled-output'[Enable styled output for HTTP headers]' \
1569 {-b,--cookie}'[Send cookies from string/file]':'<data>' \
1570 --data-urlencode'[HTTP POST data url encoded]':'<data>' \
1571 --delegation'[GSS-API delegation permission]':'<LEVEL>' \
1572 @@ -134,7 +132,10 @@
1573 --post301'[Do not switch to GET after following a 301]' \
1574 --post302'[Do not switch to GET after following a 302]' \
1575 --post303'[Do not switch to GET after following a 303]' \
1576 + --proxy-anyauth'[Pick any proxy authentication method]' \
1577 + --request-target'[Specify the target for this request]' \
1578 --trace-time'[Add time stamps to trace/verbose output]' \
1579 + --disallow-username-in-url'[Disallow username in url]' \
1580 --dns-servers'[DNS server addrs to use]':'<addresses>' \
1581 {-G,--get}'[Put the post data in the URL and use GET]' \
1582 --limit-rate'[Limit transfer speed to RATE]':'<speed>' \
1583 @@ -148,21 +149,21 @@
1584 --metalink'[Process given URLs as metalink XML file]' \
1585 --tr-encoding'[Request compressed transfer encoding]' \
1586 --xattr'[Store metadata in extended file attributes]' \
1587 - --ftp-skip-pasv-ip'[the IP address for PASV]':'Skip' \
1588 --pass'[Pass phrase for the private key]':'<phrase>' \
1589 --proxy-ntlm'[Use NTLM authentication on the proxy]' \
1590 {-S,--show-error}'[Show error even when -s is used]' \
1591 - --ciphers'[of ciphers> SSL ciphers to use]':'<list' \
1592 + --ciphers'[SSL ciphers to use]':'<list of ciphers>' \
1593 --form-string'[Specify multipart MIME data]':'<name=string>' \
1594 --login-options'[Server login options]':'<options>' \
1595 --tftp-blksize'[Set TFTP BLKSIZE option]':'<value>' \
1596 - --tftp-no-options'[not send any TFTP options]':'Do' \
1597 {-v,--verbose}'[Make the operation more talkative]' \
1598 + --ftp-skip-pasv-ip'[Skip the IP address for PASV]' \
1599 --proxy-key'[Private key for HTTPS proxy]':'<key>' \
1600 {-F,--form}'[Specify multipart MIME data]':'<name=content>' \
1601 --mail-from'[Mail from this address]':'<address>' \
1602 --oauth2-bearer'[OAuth 2 Bearer Token]':'<token>' \
1603 --proto'[Enable/disable PROTOCOLS]':'<protocols>' \
1604 + --tftp-no-options'[Do not send any TFTP options]' \
1605 --tlsauthtype'[TLS authentication type]':'<type>' \
1606 --doh-url'[Resolve host names over DOH]':'<URL>' \
1607 --no-sessionid'[Disable SSL session-ID reusing]' \
1608 @@ -173,14 +174,13 @@
1609 --ftp-ssl-ccc'[Send CCC after authenticating]' \
1610 {-4,--ipv4}'[Resolve names to IPv4 addresses]' \
1611 {-6,--ipv6}'[Resolve names to IPv6 addresses]' \
1612 - --netrc-optional'[either .netrc or URL]':'Use' \
1613 --service-name'[SPNEGO service name]':'<name>' \
1614 {-V,--version}'[Show version number and quit]' \
1615 --data-ascii'[HTTP POST ASCII data]':'<data>' \
1616 --ftp-account'[Account data string]':'<data>' \
1617 - --compressed-ssh'[SSH compression]':'Enable' \
1618 --disable-eprt'[Inhibit using EPRT or LPRT]' \
1619 --ftp-method'[Control CWD usage]':'<method>' \
1620 + --netrc-optional'[Use either .netrc or URL]' \
1621 --pubkey'[SSH Public key file name]':'<key>' \
1622 --raw'[Do HTTP "raw"; no transfer decoding]' \
1623 --anyauth'[Pick any authentication method]' \
1624 @@ -189,6 +189,7 @@
1625 --no-alpn'[Disable the ALPN TLS extension]' \
1626 --tcp-nodelay'[Use the TCP_NODELAY option]' \
1627 {-B,--use-ascii}'[Use ASCII/text transfer]' \
1628 + --compressed-ssh'[Enable SSH compression]' \
1629 --digest'[Use HTTP Digest Authentication]' \
1630 --proxy-tlsv1'[Use TLSv1 for HTTPS proxy]' \
1631 --engine'[Crypto engine to use]':'<name>' \
1634 - tool_operate: fix typecheck warning
1638 ../include/curl/typecheck-gcc.h:47:9: error: call to
1640 curl_easy_setopt expects a long argument for this option [-Werror]
1645 - [Chris Araman brought this change]
1649 - Fix potential crashes in schannel shutdown.
1660 - INTERNALS.md: fix subsection depth and link
1666 Reviewed-by: Daniel Stenberg <daniel@haxx.se>
1671 - RELEASE-NOTES: 7.64.0
1673 - RELEASE-PROCEDURE: update the release calendar
1675 - THANKS: 7.64.0 status
1678 - ROADMAP: remove already performed item
1681 for the draft-ietf-httpbis-cookie-alone-01 cookie draft, and while
1686 Reviewed-by: Daniel Stenberg <daniel@haxx.se>
1688 - [Etienne Simard brought this change]
1696 Reviewed-by: Daniel Gustafsson <daniel@yesql.se>
1699 - [Julian Z brought this change]
1707 - [Ladar Levison brought this change]
1711 - Use explicit include opt for perl calls.
1715 At the top, perl is called using with the "-Isrcdir" option, and it
1718 https://github.com/curl/curl/blob/curl-7_63_0/tests/runtests.pl#L183
1721 as the symbol-scan.pl script in particular couldn't find its
1724 https://github.com/curl/curl/blob/curl-7_63_0/tests/runtests.pl#L3868
1726 This patch fixes that oversight by making calls to perl sub-shells
1732 - [Daniel Gustafsson brought this change]
1741 Bug: https://curl.haxx.se/docs/CVE-2019-3823.html
1742 Reported-by: Brian Carpenter (Geeknik Labs)
1743 CVE-2019-3823
1745 - ntlm: fix *_type3_message size check to avoid buffer overflow
1747 Bug: https://curl.haxx.se/docs/CVE-2019-3822.html
1748 Reported-by: Wenxiang Qian
1749 CVE-2019-3822
1751 - NTLM: fix size check condition for type2 received data
1753 Bug: https://curl.haxx.se/docs/CVE-2018-16890.html
1754 Reported-by: Wenxiang Qian
1755 CVE-2018-16890
1758 - [georgeok brought this change]
1765 401 response. Scope affects only the Schannel(winssl)-SSPI combination.
1771 - RELEASE-NOTES: synced
1773 - schannel: stop calling it "winssl"
1775 Stick to "Schannel" everywhere. The configure option --with-winssl is
1776 kept to allow existing builds to work but --with-schannel is added as an
1781 - multi: set the EXPIRE_*TIMEOUT timers at TIMER_STARTSINGLE time
1786 Bug: https://curl.haxx.se/mail/lib-2019-01/0073.html
1787 Reported-by: Zhao Yisha
1790 - [John Marshall brought this change]
1798 URL: https://curl.haxx.se/mail/lib-2019-01/0084.html
1802 - [Gisle Vanem brought this change]
1809 - TODO: WinSSL: 'Add option to disable client cert auto-send'
1813 default auto-send behavior.
1815 Reported-by: Jeroen Ooms
1820 - [Jeremie Rapin brought this change]
1828 Signed-off-by: Jeremie Rapin <j.rapin@overkiz.com>
1832 - unit1653: make it survive torture tests
1835 - [Michael Kujawa brought this change]
1849 - configure: rewrite --enable-code-coverage
1854 Reported-by: William A. Rowe Jr
1858 - [Felix Hädicke brought this change]
1869 - [Felix Hädicke brought this change]
1887 - RELEASE-NOTES: synced
1889 - [Archangel_SDY brought this change]
1896 - KNOWN_BUGS: tests not compatible with python3
1902 - memcmp: avoid doing single char memcmp
1909 Reviewed-by: Daniel Stenberg <daniel@haxx.se>
1910 Reviewed-by: Jay Satiro <raysatiro@yahoo.com>
1913 - COPYING: it's 2019
1917 - [hhb brought this change]
1931 - [georgeok brought this change]
1943 - schannel: on connection close there might not be a transfer
1945 Reported-by: Marcel Raad
1949 - [Joel Depooter brought this change]
1957 "Failure establishing ssh session: -5, Unable to exchange encryption keys"
1962 - Fix typo in manpage
1965 - RELEASE-NOTES: synced
1968 - cmake: updated check for HAVE_POLL_FINE to match autotools
1971 - curl-compilers.m4: check for __ibmxl__ to detect xlclang
1973 Follow-up to 2fa0d57e2e3. The __xlc__ symbol is only defined there if a
1979 - openssl: fix the SSL_get_tlsext_status_ocsp_resp call
1984 Reported-by: Pavel Pavlov
1988 - curl-compilers.m4: detect xlclang
1991 front-end and if detected, avoids some clang specific magic.
1993 Reported-by: Kees Dekker
1997 - README: add codacy code quality badge
2001 - extract_if_dead: follow-up to 54b201b48c90a
2004 them should get conn->data updated and now neither call path clears it.
2006 scan-build found a case where conn->data would be NULL dereferenced in
2011 - multi: remove "Dead assignment"
2013 Found by scan-build. Follow-up to 4c35574bb785ce.
2017 - tests: move objnames-* from lib into tests
2025 - travis: added cmake build for osx
2028 - [Frank Gevaerts brought this change]
2030 cookie: fix comment typo (url_path_len -> uri_path_len)
2035 - winbuild: conditionally use /DZLIB_WINAPI
2047 - src/Makefile: make 'tidy' target work for metalink builds
2049 - extract_if_dead: use a known working transfer when checking connections
2052 connection before calling the protocol-specific connection check
2053 function, and then clear it again afterward as a non-used connection has
2056 Reported-by: Jeroen Ooms
2057 Reviewed-by: Marcel Raad
2058 Reviewed-by: Daniel Gustafsson
2062 - openssl: adapt to 3.0.0, OpenSSL_version_num() is deprecated
2069 - cmake: added checks for HAVE_VARIADIC_MACROS_C99 and HAVE_VARIADIC_MACROS_GCC
2072 - urldata: rename easy_conn to just conn
2079 Going forward, we should favour using "data->conn" (since a transfer
2080 always only has a single connection or none at all) to "conn->data"
2082 it and updating conn->data to be correct is error prone and a frequent
2087 - tool_cb_prg: avoid integer overflow
2091 Reported-by: Peng Li
2096 - travis: turn off copyright year checks in checksrc
2108 - KNOWN_BUGS: cmake makes unusable tool_hugehelp.c with MinGW
2112 - KNOWN_BUGS: Improve --data-urlencode space encoding
2117 - os400: add a missing closing bracket
2119 See https://github.com/curl/curl/issues/3453#issuecomment-453054458
2121 Reported-by: jonrumsey on github
2123 - os400: fix extra parameter syntax error.
2125 Reported-by: jonrumsey on github
2129 - test1558: verify CURLINFO_PROTOCOL on file:// transfer
2135 - RELEASE-NOTES: synced
2137 - xattr: strip credentials from any URL that is stored
2146 - cookies: allow secure override when done over HTTPS
2150 Reported-by: Jeroen Ooms
2154 - multi: multiplexing improvements
2190 socket - and when curl_multi_socket_action() was called to tell libcurl about
2202 - test1561: improve test name
2206 - [Katsuhiko YOSHIDA brought this change]
2208 cookies: skip custom cookies when redirecting cross-site
2212 - THANKS: fixups and a dedupe
2216 - timediff: fix math for unsigned time_t
2218 Bug: https://curl.haxx.se/mail/lib-2018-12/0088.html
2222 - [Bernhard M. Wiedemann brought this change]
2224 tests: allow tests to pass by 2037-02-12
2230 - RELEASE-NOTES: synced
2232 - [Brad Spencer brought this change]
2234 curl_multi_remove_handle() don't block terminating c-ares requests
2243 - Revert "http_negotiate: do not close connection until negotiation is completed"
2252 - curl/urlapi.h: include "curl.h" first
2256 Reviewed-by: Daniel Gustafsson
2257 Reported-by: Ben Kohler
2262 - VS projects: fix build warning
2274 - schannel: fix compiler warning
2278 non-const and casting the argument to Curl_convert_UTF8_to_tchar to
2279 non-const too, like we do in all other places.
2284 - [Rikard Falkeborn brought this change]
2288 - [Rikard Falkeborn brought this change]
2294 - libtest/stub_gssapi: use "real" snprintf
2300 Bug: https://curl.haxx.se/mail/lib-2019-01/0000.html
2301 Reported-by: Shlomi Fish
2302 Reviewed-by: Daniel Gustafsson
2303 Reviewed-by: Kamil Dudka
2307 - INTERNALS: correct some outdated function names
2311 - docs/version.d: mention MultiSSL
2313 Reviewed-by: Daniel Gustafsson
2317 - [Rikard Falkeborn brought this change]
2325 Reviewed-by: Daniel Gustafsson <daniel@yesql.se>
2327 - THANKS: add more missing names
2332 - docs: mention potential leak in curl_slist_append
2334 When a non-empty list is appended to, and used as the returnvalue,
2342 Reported-by: dnivras on github
2343 Reviewed-by: Daniel Stenberg <daniel@haxx.se>
2346 - tvnow: silence conversion warnings
2348 MinGW-w64 defaults to targeting Windows 7 now, so GetTickCount64 is
2353 - THANKS: dedupe more names
2355 Researched-by: Tae Wong
2358 - [Markus Moeller brought this change]
2365 Ref: https://winprotocoldoc.blob.core.windows.net/productionwindowsarchives/MS-NLMP/[MS-NLMP].pdf
2372 - THANKS: added missing names from year <= 2000
2378 - urlapi: fix parsing ipv6 with zone index
2389 Reported-by: GitYuanQu on github
2390 Reviewed-by: Daniel Stenberg <daniel@haxx.se>
2393 - THANKS: dedupe Guenter Knauf
2395 Reported-by: Tae Wong
2397 - THANKS: missing name from the 6.3.1 release!
2400 - RELEASE-NOTES: synced
2402 - [Claes Jakobsson brought this change]
2407 try-last so any non-wildcard entry is resolved first. If specified,
2412 curl --resolve *:443:10.0.0.2 --resolve a.com:443:10.0.0.1 \
2416 --connect-to a.com:443:10.0.0.1:443 --connect-to :443:10.0.0.2:443
2419 Reviewed-by: Daniel Stenberg <daniel@haxx.se>
2421 - url: fix incorrect indentation
2424 - os400: upgrade ILE/RPG binding.
2426 - Trailer function support.
2427 - http 0.9 option.
2428 - curl_easy_upkeep.
2431 - FAQ: remove mention of sourceforge for github
2437 Reviewed-by: Daniel Stenberg <daniel@haxx.se>
2439 - openvms: fix typos in documentation
2441 - openvms: fix OpenSSL discovery on VAX
2447 Reviewed-by: Viktor Szakats <commit@vszakats.net>
2450 - [Ruslan Baratov brought this change]
2454 Reviewed-by: Sergei Nikulov
2458 - Revert "libssh: no data pointer == nothing to do"
2463 - disconnect: set conn->data for protocol disconnect
2465 Follow-up to fb445a1e18d: Set conn->data explicitly to point out the
2466 current transfer when invoking the protocol-specific disconnect function
2469 Bug: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12173
2472 - [Pavel Pavlov brought this change]
2476 - Use QueryPerformanceCounter on Windows Vista+
2490 - libssh: no data pointer == nothing to do
2492 - conncache_unlock: avoid indirection by changing input argument type
2494 - disconnect: separate connections and easy handles better
2499 Long-term, the 'conn->data' pointer should probably be removed as it is a
2500 little too error-prone. Still used very widely though.
2502 Reported-by: masbug on github
2506 - libssh: free sftp_canonicalize_path() data correctly
2508 Assisted-by: Harry Sintonen
2513 - RELEASE-NOTES: synced
2515 - http: added options for allowing HTTP/0.9 responses
2517 Added CURLOPT_HTTP09_ALLOWED and --http0.9 for this purpose.
2527 - if2ip: remove unused function Curl_if_is_interface_name
2531 - http2: clear pause stream id if it gets closed
2533 Reported-by: Florian Pritz
2539 - [David Garske brought this change]
2547 Reviewed-by: Daniel Stenberg <daniel@haxx.se>
2548 Reviewed-by: Daniel Gustafsson <daniel@yesql.se>
2551 - mbedtls: follow-up VERIFYHOST fix from f097669248
2553 Fix-by: Eric Rosenquist
2558 - curlver: bump to 7.64.0 for next release
2561 - cookies: extend domain checks to non psl builds
2564 the cookie request. The check for non-PSL enabled builds is quite
2568 Reviewed-by: Daniel Stenberg <daniel@haxx.se>
2571 - [Matus Uzak brought this change]
2575 Follow-up to 09e401e01bf9. If connection gets reused, then data member
2581 - curl -J: do not append to the destination file
2583 Reported-by: Kamil Dudka
2587 - mbedtls: use VERIFYHOST
2591 Reported-by: Eric Rosenquist
2595 - pingpong: change default response timeout to 120 seconds
2599 - pingpong: ignore regular timeout in disconnect phase
2605 Reported-by: jasal82 on github
2610 - TODO: Windows: set attribute 'archive' for completed downloads
2614 - RELEASE-NOTES: synced
2616 - http: minor whitespace cleanup from f464535b
2618 - [Ayoub Boudhar brought this change]
2633 - darwinssl: accept setting max-tls with default min-tls
2635 Reported-by: Andrei Neculau
2639 - gopher: fix memory leak from 9026083ddb2a9
2641 - [Leonardo Taccari brought this change]
2649 - [Leonardo Taccari brought this change]
2651 gopher: always include the entire gopher-path in request
2663 - [Leonardo Taccari brought this change]
2676 - OS400: handle memory error in list conversion
2689 Reviewed-by: Daniel Stenberg <daniel@haxx.se>
2691 - cookies: leave secure cookies alone
2694 'secure' flag set. This reduces the risk of non-secure origins
2696 Internet-Draft draft-ietf-httpbis-cookie-alone-01 which updates
2700 Reviewed-by: Daniel Stenberg <daniel@haxx.se>
2703 - docs: fix the --tls-max description
2705 Reported-by: Tobias Lindgren
2711 - urlapi: Fix port parsing of eol colon
2718 Reviewed-by: Daniel Stenberg <daniel@haxx.se>
2723 - RELEASE-NOTES: 7.63.0
2725 - THANKS: from the curl 7.62.0 cycle
2727 - test1519: use lib1518 and test CURLINFO_REDIRECT_URL more
2729 - Curl_follow: extract the Location: header field unvalidated
2736 Reported-by: Pavel Pavlov
2740 - multi: convert two timeout variables to timediff_t
2748 - delta: use --diff-filter on the git diff-tree invokes
2750 Suggested-by: Dave Reisner
2753 - documentation: curl_formadd field and file names are now escaped
2755 Prior to 7.56.0, fieldnames and filenames were set in Content-Disposition
2756 header without special processing: this may lead to invalid RFC 822
2757 quoted-strings.
2761 Reported-by: daboul on github
2765 - scripts/delta: show repo delta info from last release
2770 - tests: add urlapi unittest
2777 Reviewed-by: Daniel Stenberg <daniel@haxx.se>
2778 Reviewed-by: Marcel Raad <Marcel.Raad@teamviewer.com>
2780 - urlapi: fix portnumber parsing for ipv6 zone index
2790 Reported-by: tonystz on Github
2791 Reviewed-by: Daniel Stenberg <daniel@haxx.se>
2792 Reviewed-by: Marcel Raad <Marcel.Raad@teamviewer.com>
2795 - [Jay Satiro brought this change]
2799 - Include query in the path passed to generate HTTP auth.
2807 - [Michael Kaufmann brought this change]
2817 - [Samuel Surtees brought this change]
2821 - Match URL scheme with LDAP and LDAPS
2822 - Retrieve attributes, scope and filter from URL query instead
2828 - RELEASE-NOTES: synced
2830 - [Stefan Kanthak brought this change]
2840 Replace the hard-coded constants in both *.rc files with #define'd
2843 Thumbs-uped-by: Rod Widdowson, Johannes Schindelin
2844 URL: https://curl.haxx.se/mail/lib-2018-11/0000.html
2847 - test329: verify cookie max-age=0 immediate expiry
2849 - cookies: expire "Max-Age=0" immediately
2851 Reported-by: Jeroen Ooms
2855 - [Johannes Schindelin brought this change]
2860 HTTP/1.1, 2018-12-06): with NTLM, we can switch to HTTP/1.1
2874 Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
2876 - [Ben Greear brought this change]
2880 URL: https://curl.haxx.se/mail/lib-2018-11/0055.html
2884 - [Johannes Schindelin brought this change]
2891 …https://docs.microsoft.com/en-us/iis/get-started/whats-new-in-iis-10/http2-on-iis#when-is-http2-no…
2895 and to be re-opened using HTTP/1.1.
2900 Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
2902 - [Johannes Schindelin brought this change]
2904 curl_global_sslset(): id == -1 is not necessarily an error
2906 It is allowed to call that function with id set to -1, specifying the
2910 Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
2915 - .gitattributes: make tabs in indentation a visible error
2917 Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
2920 - RELEASE-NOTES: synced
2922 - doh: fix memory leak in OOM situation
2924 Reviewed-by: Daniel Gustafsson
2927 - doh: make it work for h2-disabled builds too
2929 Reported-by: dtmsecurity at github
2933 - packages: remove old leftover files and dirs
2935 This subdir has mostly become an attic of never-used cruft from the
2940 - [Gergely Nagy brought this change]
2949 - [Paul Howarth brought this change]
2953 - [Paul Howarth brought this change]
2959 - [Paul Howarth brought this change]
2975 - travis: enable COPYRIGHTYEAR extended warning
2981 - checksrc: add COPYRIGHTYEAR check
2999 Reviewed-by: Daniel Stenberg <daniel@haxx.se>
3002 - CHECKSRC.md: document more warnings
3007 - RELEASE-NOTES: synced
3009 - SECURITY-PROCESS: bountygraph shuts down
3015 - curl: fix memory leak reading --writeout from file
3020 Reported-by: Brian Carpenter
3024 - tool_main: rename function to make it unique and better
3030 - TODO: remove CURLOPT_DNS_USE_GLOBAL_CACHE entry
3033 making it a manual code-edit operation to turn it back on. The removal
3036 spend cycles on an already in-progress entry.
3038 Reviewed-by: Daniel Stenberg <daniel@haxx.se>
3041 - [Sevan Janiyan brought this change]
3051 - [Konstantin Kushnir brought this change]
3055 - fix syntax error in FindGSS.cmake
3056 - correct krb5 include directory. FindGSS exports
3062 - test328: verify Content-Encoding: none
3068 - [James Knight brought this change]
3070 configure: include all libraries in ssl-libs fetch
3073 ensure all libraries are included. The call `--libs-only-l` can produce
3074 only a subset of found in a `--libs` call (e.x. pthread may be excluded).
3075 Adding `--libs-only-other` ensures other libraries are also included in
3080 checking for openssl options with pkg-config... found
3081 configure: pkg-config: SSL_LIBS: "-lssl -lz -ldl -lcrypto -lz -ldl "
3082 …configure: pkg-config: SSL_LDFLAGS: "-L/home/jdknight/<workdir>/staging/usr/lib -L/home/jdknight/<…
3083 configure: pkg-config: SSL_CPPFLAGS: "-I/home/jdknight/<workdir>/staging/usr/include "
3084 checking for HMAC_Update in -lcrypto... no
3085 checking for HMAC_Init_ex in -lcrypto... no
3086 checking OpenSSL linking with -ldl... no
3087 checking OpenSSL linking with -ldl and -lpthread... no
3089 …figure: WARNING: Use --with-ssl, --with-gnutls, --with-polarssl, --with-cyassl, --with-nss, --with…
3091 …SSL support: no (--with-{ssl,gnutls,nss,polarssl,mbedtls,cyassl,axtls,winssl,darwinssl} )
3096 checking for openssl options with pkg-config... found
3097 configure: pkg-config: SSL_LIBS: "-lssl -lz -ldl -pthread -lcrypto -lz -ldl -pthread "
3098 …configure: pkg-config: SSL_LDFLAGS: "-L/home/jdknight/<workdir>/staging/usr/lib -L/home/jdknight/<…
3099 configure: pkg-config: SSL_CPPFLAGS: "-I/home/jdknight/<workdir>/staging/usr/include "
3100 checking for HMAC_Update in -lcrypto... yes
3101 checking for SSL_connect in -lssl... yes
3106 Signed-off-by: James Knight <james.d.knight@live.com>
3110 - doh: fix typo in infof call
3112 Reviewed-by: Daniel Stenberg <daniel@haxx.se>
3114 - cmdline-opts/gen.pl: define the correct varname
3120 Reviewed-by: Daniel Stenberg <daniel@haxx.se>
3123 - RELEASE-NOTES: synced
3125 - curl_easy_perform: fix timeout handling
3133 Reported-by: Antoni Villalonga
3138 - CURLOPT_WRITEFUNCTION.3: spell out that it gets called many times
3140 - cookies: create the cookiejar even if no cookies to save
3147 Reported-by: daboul on github
3151 - checksrc: ban snprintf use, add command line flag to override warns
3153 - snprintf: renamed and we now only use msnprintf()
3159 Reported-by: Tomas Hoger
3160 Assisted-by: Daniel Gustafsson
3164 - [Tobias Hintze brought this change]
3169 eglibc-2.19 there is a memory leakage and invalid free bug which
3170 surfaces in some special circumstances (PF_UNSPEC hint with invalid or
3171 non-existent names). The valgrind runs in testing fail in these
3175 this commit changes the hints to IPv4 protocol by passing `--ipv4` flag
3178 - [Tobias Hintze brought this change]
3187 - [UnknownShadow200 brought this change]
3194 - configure: Fix typo in comment
3197 - openssl: support session resume with TLS 1.3
3215 Reviewed-by: Daniel Stenberg <daniel@haxx.se>
3220 - ssl: fix compilation with OpenSSL 0.9.7
3222 - ENGINE_cleanup() was used without including "openssl/engine.h"
3223 - enable engine support for OpenSSL 0.9.7
3228 - openssl: disable TLS renegotiation with BoringSSL
3231 with an #ifdef. Define ALLOW_RENEG at build-time to enable.
3234 applications opt-in this.
3236 Concern-raised-by: David Benjamin
3240 - [Romain Fliedel brought this change]
3244 When using c-ares for asyn dns, the dns socket fd was silently closed
3245 by c-ares without curl being aware. curl would then 'realize' the fd
3256 In asyn-ares.c Curl_resolver_duphandle we can't use ares_dup anymore
3261 - [Romain Fliedel brought this change]
3266 - [pkubaj brought this change]
3284 Reviewed-by: Daniel Gustafsson <daniel@yesql.se>
3285 Reviewed-by: Daniel Stenberg <daniel@haxx.se>
3288 - [Han Han brought this change]
3295 - docs: add more description to unified ssl error codes
3297 - curle: move deprecated error code to ifndef block
3300 - os400: add CURLOPT_CURLU to ILE/RPG binding.
3302 - os400: Add curl_easy_conn_upkeep() to ILE/RPG binding.
3304 - os400: fix return type of curl_easy_pause() in ILE/RPG binding.
3307 - RELEASE-NOTES: synced
3309 - impacket: add LICENSE
3316 Reported-by: infinnovation-dev on github
3321 - tool_doswin: Fix uninitialized field warning
3328 [-Wmissing-field-initializers]
3336 Reviewed-by: Marcel Raad <Marcel.Raad@teamviewer.com>
3337 Reviewed-by: Jay Satiro <raysatiro@yahoo.com>
3339 - openssl: Remove SSLEAY leftovers
3346 Reviewed-by: Daniel Stenberg <daniel@haxx.se>
3349 - [Elia Tufarolo brought this change]
3357 - pop3: only do APOP with a valid timestamp
3359 Brought-by: bobmitchell1956 on github
3364 - [Peter Wu brought this change]
3372 excess debug spam when using `curl -v` against a TLSv1.3-enabled server:
3382 - tests: disable SO_EXCLUSIVEADDRUSE for stunnel on Windows
3390 - [Kamil Dudka brought this change]
3396 - nss: set default max-tls to 1.3/1.2
3401 - tool_cb_wrt: Silence function cast compiler warning
3409 'intptr_t {aka long long int}' to non-matching type 'void *'
3410 [-Wbad-function-cast]
3411 (HANDLE) _get_osfhandle(fileno(outs->stream)),
3422 Reviewed-by: Marcel Raad <Marcel.Raad@teamviewer.com>
3423 Reviewed-by: Viktor Szakats <commit@vszakats.net>
3426 - nss: fix fallthrough comment to fix picky compiler warning
3428 - docs: expanded on some CURLU details
3430 - [Tim Rühsen brought this change]
3441 - curl: --local-port range was not "including"
3446 Reported-by: infinnovation-dev on github
3450 - [Jérémy Rocher brought this change]
3465 1 - https://boringssl.googlesource.com/boringssl/+/HEAD/PORTING.md#tls-renegotiation
3466 2 - https://boringssl.googlesource.com/boringssl/+/master/include/openssl/ssl.h#3482
3467 3 - https://boringssl.googlesource.com/boringssl/+/1d5ef3bb1eb97848617db5e7d633d735a401df86
3469 Signed-off-by: Jérémy Rocher <rocher.jeremy@gmail.com>
3473 - HISTORY: add some milestones
3483 - KNOWN_BUGS: add --proxy-any connection issue
3485 Add the identified issue with --proxy-any and proxy servers which
3490 Reported-by: NTMan on Github
3491 Reviewed-by: Daniel Stenberg <daniel@haxx.se>
3494 - [Jim Fuller brought this change]
3498 Allows an application to pass in a pre-parsed URL via a URL handle.
3502 - [Gisle Vanem brought this change]
3515 - curl: --local-port fix followup
3519 Reported-by: infinnovation-dev on github
3524 - [Gisle Vanem brought this change]
3529 - RELEASE-NOTES: synced
3531 - curl: fix --local-port integer overflow
3538 Reported-by: Brian Carpenter
3541 - curl: correct the switch() logic in ourWriteOut
3543 Follow-up to e431daf013, as I did the wrong correction for a compiler
3544 warning. It should be a break and not a fall-through.
3546 Pointed-out-by: Frank Gevaerts
3548 - [Frank Gevaerts brought this change]
3550 curl: add %{stderr} and %{stdout} for --write-out
3555 - winssl: be consistent in Schannel capitalization
3561 Reviewed-by: Daniel Stenberg <daniel@haxx.se>
3564 - TODO: Have the URL API offer IDN decoding
3566 Similar to how URL decoding/encoding is done, we could have URL
3569 Suggested-by: Alexey Melnichuk
3572 - urlapi: only skip encoding the first '=' with APPENDQUERY set
3575 encoding the first to better allow "name=content" for any content.
3577 Reported-by: Alexey Melnichuk
3581 - url: a short host name + port is not a scheme
3593 Assisted-by: Marcel Raad
3594 Reported-by: Hagai Auro
3600 - [Sangamkar brought this change]
3610 - tool: add undocumented option --dump-module-paths for win32
3612 - Add an undocumented diagnostic option for Windows to show the full
3626 - curl_multibyte: fix a malloc overcalculation
3635 - netrc: don't ignore the login name specified with "--user"
3637 - for "--netrc", don't ignore the login/password specified with "--user",
3640 - fix the documentation of CURL_NETRC_REQUIRED
3641 - improve the detection of login/password changes when reading .netrc
3642 - don't read .netrc if both login and password are already set
3648 - OS400: add URL API ccsid wrappers and sync ILE/RPG bindings
3651 - [Yasuhiro Matsumoto brought this change]
3653 curl: fixed UTF-8 in current console code page (Windows)
3659 - TODO: 2.6 multi upkeep
3664 - unittest: make 1652 stable across collations
3671 Reported-by: Marcel Raad
3673 Reviewed-by: Daniel Stenberg <daniel@haxx.se>
3674 Reviewed-by: Marcel Raad <Marcel.Raad@teamviewer.com>
3677 - Revert "url: a short host name + port is not a scheme"
3684 - symbols-in-versions: add missing CURLU_ symbols
3686 ...and fix symbol-scan.pl to also scan urlapi.h
3688 Reported-by: Alexey Melnichuk
3693 - infof: clearly indicate truncation
3708 Reviewed-by: Daniel Stenberg <daniel@haxx.se>
3709 Reviewed-by: Marcel Raad <Marcel.Raad@teamviewer.com>
3712 - tool_getparam: fix some comments
3715 - url: a short host name + port is not a scheme
3723 Reported-by: Hagai Auro
3727 - URL: fix IPv6 numeral address parser
3731 Reported-by: tpaukrt on github
3735 - travis: remove curl before a normal build
3743 - [Tim Rühsen brought this change]
3753 - Curl_follow: accept non-supported schemes for "fake" redirects
3756 stored for later retrieval, curl always accepted "non-supported"
3759 Reported-by: Brad King
3764 - openvms: fix example name
3771 Reviewed-by: Daniel Stenberg <daniel@haxx.se>
3772 Reviewed-by: Viktor Szakats <commit@vszakats.net>
3775 - configure: show CFLAGS, LDFLAGS etc in summary
3781 - version: bump for next cycle
3783 - axtls: removed
3790 Assisted-by: Daniel Gustafsson
3793 - [marcosdiazr brought this change]
3799 - travis: build with sanitize=address,undefined,signed-integer-overflow
3805 - schannel: use Curl_ prefix for global private symbols
3813 - tests: drop http_pipe.py script no longer used
3820 - runtests: use the local curl for verifying
3824 Reported-by: Alessandro Ghedini
3825 Bug: https://curl.haxx.se/mail/lib-2018-10/0118.html
3832 - RELEASE-NOTES: 7.62.0
3834 - THANKS: 7.62.0 status
3837 - vtls: add MesaLink to curl_sslbackend enum
3844 Reviewed-by: Daniel Stenberg <daniel@haxx.se>
3847 - [Ruslan Baratov brought this change]
3853 - test2080: verify the fix for CVE-2018-16842
3855 - voutf: fix bad arethmetic when outputting warnings to stderr
3857 CVE-2018-16842
3858 Reported-by: Brian Carpenter
3859 Bug: https://curl.haxx.se/docs/CVE-2018-16842.html
3861 - [Tuomo Rinne brought this change]
3863 cmake: uniform ZLIB to use USE_ variable and clean curl-config.cmake.in
3867 - [Tuomo Rinne brought this change]
3871 - [Tuomo Rinne brought this change]
3875 - unit1650: fix "null pointer passed as argument 1 to memcmp"
3881 - travis: add a "make tidy" build that runs clang-tidy
3885 - unit1300: fix stack-use-after-scope AddressSanitizer warning
3889 - Curl_auth_create_plain_message: fix too-large-input-check
3891 CVE-2018-16839
3892 Reported-by: Harry Sintonen
3893 Bug: https://curl.haxx.se/docs/CVE-2018-16839.html
3895 - Curl_close: clear data->multi_easy on free to avoid use-after-free
3898 CVE-2018-16840
3899 Reported-by: Brian Carpenter (Geeknik Labs)
3901 Bug: https://curl.haxx.se/docs/CVE-2018-16840.html
3903 - [randomswdev brought this change]
3914 - rand: add comment to skip a clang-tidy false positive
3916 - test1651: unit test Curl_extract_certinfo()
3920 - x509asn1: always check return code from getASN1Element()
3922 - Makefile: add 'tidy' target that runs clang-tidy
3928 - RELEASE-PROCEDURE: adjust the release dates
3930 See: https://curl.haxx.se/mail/lib-2018-10/0107.html
3933 - x509asn1: suppress left shift on signed value
3936 this change silents clang-tidy about it.
3939 Reported-By: Daniel Stenberg
3942 - multi: Fix error handling in the SENDPROTOCONNECT state
3950 - RELEASE-NOTES: synced
3952 - openssl: output the correct cipher list on TLS 1.3 error
3957 Reported-by: Ricky-Tigg on github
3961 - docs/CIPHERS: fix the TLS 1.3 cipher names
3966 Reported-by: Ricky-Tigg on github
3970 - travis: install gnutls-bin package
3972 This is required for gnutls-serv, which enables a few more tests.
3977 - ssh: free the session on init failures
3988 Reviewed-by: Daniel Stenberg <daniel@haxx.se>
3991 - docs/RELEASE-PROCEDURE: remove old entries, modify the Dec 2018 date
3995 - [Daniel Gustafsson brought this change]
4001 - gtls: Values stored to but never read
4003 Detected by clang-tidy
4007 - [Alexey Eremikhin brought this change]
4009 curl.1: --ipv6 mutexes ipv4 (fixed typo)
4014 - tool_main: make TerminalSettings static
4016 Reported-by: Gisle Vanem
4017 …Bug: https://github.com/curl/curl/commit/becfe1233ff2b6b0c3e1b6a10048b55b68c2539f#commitcomment-31…
4020 - curl-config.in: remove dependency on bc
4022 Reported-by: Dima Pasechnik
4026 - [Gisle Vanem brought this change]
4032 setsockopt(r->m_sb.sb_socket, SOL_SOCKET, SO_RCVTIMEO,
4039 - configure: remove CURL_CONFIGURE_CURL_SOCKLEN_T
4041 Follow-up to #3166 which did the cmake part of this. This type/define is
4046 - [Ruslan Baratov brought this change]
4058 - urldata: Fix comment in header
4062 - netrc: free temporary strings if memory allocation fails
4064 - Change the inout parameters after all needed memory has been
4066 - Free the allocated temporary strings if strdup() fails.
4071 - [Ruslan Baratov brought this change]
4077 - RELEASE-NOTES: synced
4080 - [Gisle Vanem brought this change]
4088 - Curl_follow: return better errors on URL problems
4094 - Curl_follow: remove remaining free(newurl)
4096 Follow-up to 05564e750e8f0c. This function no longer frees the passed-in
4099 Reported-by: Michael Kaufmann
4101 ent-30985666
4104 - headers: end all headers with guard comment
4112 Reviewed-by: Jay Satiro <raysatiro@yahoo.com>
4113 Reviewed-by: Daniel Stenberg <daniel@haxx.se>
4116 - CIPHERS.md: Mention the options used to set TLS 1.3 ciphers
4121 - docs/BUG-BOUNTY: the sponsors actually decide the amount
4129 - multi: avoid double-free
4137 Reported-by: Dario Weißer
4140 - multi: make the closure handle "inherit" CURLOPT_NOSIGNAL
4144 Reported-by: Martin Ankerl
4149 - VS projects: add USE_IPV6
4156 - config_win32: enable LDAPS
4163 - travis: add build for "configure --disable-verbose"
4168 - tool_cb_hdr: handle failure of rename()
4173 Reviewed-by: Jay Satiro
4176 - RELEASE-NOTES: synced
4178 - docs/SECURITY-PROCESS: the hackerone IBB program drops curl
4183 - [Matthew Whitehead brought this change]
4201 - INSTALL: mention mesalink in TLS section
4208 Reviewed-by: Daniel Stenberg <daniel@haxx.se>
4211 - nonblock: fix unused parameter warning
4217 - Curl_follow: Always free the passed new URL
4222 - replace rawgit links [ci skip]
4229 - docs/BUG-BOUNTY.md: for vulns published since Aug 1st 2018
4233 - travis: make distcheck scan for BOM markers
4240 - CMake: remove BOM
4244 Reported-by: Viktor Szakats
4245 Ref: https://github.com/curl/curl/pull/3120#issuecomment-428673136
4248 - transfer: fix typo in comment
4251 - docs: add "see also" links for SSL options
4253 - link TLS 1.2 and TLS 1.3 options
4254 - link proxy and non-proxy options
4259 - AppVeyor: remove BDIR variable that sneaked in again
4264 - CMake: disable -Wpedantic-ms-format
4267 supports only %I64 for printing 64-bit values, but warns about it.
4272 - ldap: show precise LDAP call in error message on Windows
4277 Ref: https://github.com/curl/curl/pull/878/files#diff-7a636f08047c4edb53a240f540b4ecf6R468
4279 Reviewed-by: Daniel Stenberg <daniel@haxx.se>
4280 Reviewed-by: Marcel Raad <Marcel.Raad@teamviewer.com>
4283 - docs/DEPRECATE: minor reformat to render nicer on web
4286 - CURLOPT_SSL_VERIFYSTATUS: Fix typo
4291 - curl_setup: define NOGDI on Windows
4298 - Windows: fixes for MinGW targeting Windows Vista
4306 - TODO: fixed 'API for URL parsing/splitting'
4309 - KNOWN_BUGS: Fix various typos
4312 Reviewed-by: Daniel Stenberg <daniel@haxx.se>
4315 - spelling fixes [ci skip]
4320 Reviewed-by: Marcel Raad <Marcel.Raad@teamviewer.com>
4323 - RELEASE-NOTES: synced
4325 - curl_ntlm_wb: check aprintf() return codes
4331 - docs/BUG-BOUNTY: proposed additional docs
4337 - [Rick Deist brought this change]
4343 - FILE: fix CURLOPT_NOBODY and CURLOPT_HEADER output
4349 Makes "curl -i file://.." and "curl -I file://.." work like before
4354 Reported-by: Shaun Jackman
4359 - gskit: make sure to terminate version string
4362 result in the buffer not being NULL-terminated since strncpy() doesn't
4364 to terminate (and handle zero-sized buffers), move to using snprintf()
4368 Reviewed-by: Daniel Stenberg <daniel@haxx.se>
4369 Reviewed-by: Viktor Szakats <commit@vszakats.net>
4371 - TODO: add LD_PRELOAD support on macOS
4375 - runtests: skip ld_preload tests on macOS
4382 Reported-by: Github user @jakirkham
4383 Reviewed-by: Daniel Stenberg <daniel@haxx.se>
4386 - AppVeyor: use Debug builds to run tests
4392 - AppVeyor: add HTTP_ONLY build
4396 - AppVeyor: add WinSSL builds
4403 - AppVeyor: add remaining Visual Studio versions
4406 There's no 64-bit VC9 compiler on AppVeyor, so use it as the Win32
4411 - AppVeyor: break long line
4415 - AppVeyor: remove unused BDIR variable
4420 - test2100: test DoH using IPv4-only
4429 - tests/FILEFORMAT: mention how to use <fileN> and <stripfileN> too
4433 - RELEASE-NOTES: synced
4435 - [Dmitry Kostjuchenko brought this change]
4441 - doh: keep the IPv4 address in (original) network byte order
4450 - INTERNALS.md: wrap lines longer than 79
4453 - INTERNALS: escape reference to parameter
4456 generated HTML page, as <string> isn't a valid HTML tag. Fix by back-
4460 Reviewed-by: Jay Satiro <raysatiro@yahoo.com>
4461 Reviewed-by: Daniel Stenberg <daniel@haxx.se>
4463 - checksrc: handle zero scoped ignore commands
4477 Reviewed-by: Daniel Stenberg <daniel@haxx.se>
4479 - checksrc: enable strict mode and warnings
4494 Reviewed-by: Daniel Stenberg <daniel@haxx.se>
4495 Reviewed-by: Marcel Raad <Marcel.Raad@teamviewer.com>
4498 - CMake: suppress MSVC warning C4127 for libtest
4503 - Merge branch 'dmitrykos-fix_missing_CMake_defines'
4505 - [Dmitry Kostjuchenko brought this change]
4514 - AppVeyor: disable test 500
4522 - AppVeyor: set custom install prefix
4524 CMake's default has spaces and in 32-bit mode parentheses, which result
4525 in syntax errors in curl-config.
4529 - AppVeyor: Remove non-SSL non-test builds
4535 - AppVeyor: run test suite
4540 Ref: https://github.com/curl/curl/issues/3070#issuecomment-425922224
4543 - AppVeyor: use in-tree build
4550 - doh: make sure TTL isn't re-inited by second (discarded?) response
4554 - test320: strip out more HTML when comparing
4556 To make the test case work with different gnutls-serv versions better.
4558 Reported-by: Kamil Dudka
4563 - runtests: use Windows paths for Windows curl
4569 - [Colin Hogben brought this change]
4571 tests/negtelnetserver.py: fix Python2-ism in neg TELNET server
4580 - memory: ensure to check allocation results
4593 Reviewed-by: Jay Satiro <raysatiro@yahoo.com>
4594 Reviewed-by: Daniel Stenberg <daniel@haxx.se>
4596 - comment: Fix multiple typos in function parameters
4602 Reviewed-by: Daniel Stenberg <daniel@haxx.se>
4604 - CURLOPT_SSLVERSION.3: fix typos and consistent spelling
4610 Reviewed-by: Marcel Raad <Marcel.Raad@teamviewer.com>
4611 Reviewed-by: Daniel Stenberg <daniel@haxx.se>
4613 - SECURITY-PROCESS: make links into hyperlinks
4620 Reviewed-by: Daniel Stenberg <daniel@haxx.se>
4623 - CURLOPT_HEADER.3: fix typo
4625 - nss: fix nssckbi module loading on Windows
4627 - Use .DLL extension instead of .so to load modules on Windows.
4629 Bug: https://curl.haxx.se/mail/lib-2018-09/0077.html
4630 Reported-by: Maxime Legros
4632 Ref: https://github.com/curl/curl/pull/3016/#issuecomment-423069442
4636 - data-binary.d: clarify default content-type is x-www-form-urlencoded
4638 - Advise user that --data-binary sends a default content type of
4639 x-www-form-urlencoded, and to have the data treated as arbitrary
4640 binary data by the server set the content-type header to octet-stream.
4642 Ref: https://github.com/curl/curl/pull/2852#issuecomment-426465094
4647 - test1299: use single quotes around asterisk
4649 Ref: https://github.com/curl/curl/issues/1751#issuecomment-321522580
4652 - docs/CIPHERS: mention the colon separation for OpenSSL
4656 - runtests: ignore disabled even when ranges are given
4667 - urlapi: starting with a drive letter on win32 is not an abs url
4669 ... and libcurl doesn't support any single-letter URL schemes (if there
4670 even exist any) so it should be fairly risk-free.
4672 Reported-by: Marcel Raad
4678 - doh: fix curl_easy_setopt argument type
4680 CURLOPT_POSTFIELDSIZE is long. Fixes a compiler warning on 64-bit
4684 - RELEASE-NOTES: synced
4687 - [Ruslan Baratov brought this change]
4699 * Install 'CURLConfig.cmake' instead of 'curl-config.cmake'
4703 'CURLConfig.cmake' file. This will make 'curl-config.cmake.in' template
4712 - test1650: make it depend on http/2
4714 Follow-up to 570008c99da0ccbb as it gets link errors.
4716 Reported-by: Michael Kaufmann
4719 - [Nate Prewitt brought this change]
4727 - doh: only build if h2 enabled
4732 Reported-by: Marcel Raad
4735 - test2100: require http2 to run
4737 Reported-by: Marcel Raad
4741 - multi: fix memory leak in content encoding related error path
4745 Credit to OSS-Fuzz
4746 Bug: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=10728
4749 - travis: bump the Secure Transport build to use xcode 10
4752 (https://github.com/travis-ci/travis-ci/issues/9956) we've been using
4759 - [Rich Turner brought this change]
4761 curl: enabled Windows VT Support and UTF-8 output
4768 - multi: fix location URL memleak in error path
4770 Follow-up to #3044 - fix a leak OSS-Fuzz detected
4774 - cmake: fixed path used in generation of docs/tests during curl build through add_subdicectory(...)
4776 - [Brad King brought this change]
4781 instead of lib absolute paths, 2018-07-17) and commit f826b4ce98 (cmake:
4782 bumped minimum version to 3.4, 2018-07-19) required CMake 3.4 to fix
4791 - curl_threads: fix classic MinGW compile break
4796 …[0] https://sourceforge.net/p/mingw/mingw-org-wsl/ci/wsl-5.1-release/tree/mingwrt/include/process.…
4797 …[1] https://sourceforge.net/p/mingw/mingw-org-wsl/ci/wsl-5.1-release/tree/mingwrt/include/process.…
4799 Bug: https://github.com/curl/curl/issues/2924#issuecomment-424334807
4803 - configure: s/AC_RUN_IFELSE/CURL_RUN_IFELSE
4810 - [Doron Behar brought this change]
4816 - RELEASE-NOTES: synced
4818 - Curl_http2_done: fix memleak in error path
4823 Detected by OSS-Fuzz
4825 Bug: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=10669
4828 - http: fix memleak in rewind error path
4832 Detected by OSS-Fuzz
4834 Bug: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=10665
4838 - test320: fix regression in [ci skip]
4840 The value in question is coming directly from `gnutls-serv`, so it cannot
4843 Reported-by: Marcel Raad
4844 …Ref: https://github.com/curl/curl/commit/6ae6b2a533e8630afbb21f570305bd4ceece6348#commitcomment-30…
4847 - Curl_retry_request: fix memory leak
4849 Detected by OSS-Fuzz
4851 Bug: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=10648
4854 - openssl: load built-in engines too
4858 Reported-by: Jean Fabrice
4862 - [Christian Heimes brought this change]
4864 OpenSSL: enable TLS 1.3 post-handshake auth
4866 OpenSSL 1.1.1 requires clients to opt-in for post-handshake
4870 Signed-off-by: Christian Heimes <christian@python.org>
4874 - [Even Rouault brought this change]
4878 This fixes potential out-of-buffer access on "file:./" URL
4882 ==24516== Copyright (C) 2002-2015, and GNU GPL'd, by Julian Seward et al.
4883 ==24516== Using Valgrind-3.11.0 and LibVEX; rerun with -h for copyright info
4884 ==24516== Command: /home/even/install-curl-git/bin/curl file:./
4887 ==24516== at 0x4C31F9C: strcmp (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
4901 https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=10637
4902 Credit to OSS-Fuzz
4907 - update URLs in tests
4909 - and one in docs/MANUAL as well
4913 - whitespace fixes
4915 - replace tabs with spaces where possible
4916 - remove line ending spaces
4917 - remove double/triple newlines at EOF
4918 - fix a non-UTF-8 character
4919 - cleanup a few indentations/line continuations
4925 - http: add missing return code check
4929 Follow-up from 46e164069d1a523
4933 - ftp: don't access pointer before NULL check
4937 Follow-up from 46e164069d1a523
4939 - unit1650: fix out of boundary access
4945 - docs/examples: URL updates
4947 - also update two URLs outside of docs/examples
4948 - fix spelling of filename persistant.c
4949 - fix three long lines that started failing checksrc.pl
4953 - examples/Makefile.m32: sync with core [ci skip]
4956 - fix two warnings in synctime.c (one of them Windows-specific)
4957 - upgrade URLs in synctime.c and remove a broken one
4962 - examples/parseurl.c: show off the URL API a bit
4966 - SECURITY-PROCESS: mention the bountygraph program [ci skip]
4970 - url: use the URL API internally as well
4977 - URL and mailmap updates, remove an obsolete directory [ci skip]
4982 - RELEASE-NOTES: synced
4984 - configure: force-use -lpthreads on HPUX
4987 without the correct -l option but then end up failing at run-time.
4989 Reported-by: Eason-Yu on github
4993 - [Erik Minekus brought this change]
4999 - urlapi: fix support for address scope in IPv6 numerical addresses
5003 - [Loganaden Velvindron brought this change]
5009 - TODO: c-ares and CURLOPT_OPENSOCKETFUNCTION
5016 - vtls: fix ssl version "or later" behavior change for many backends
5018 - Treat CURL_SSLVERSION_MAX_NONE the same as
5022 This is a follow-up to 6015cef which changed the behavior of setting
5028 - Fix CURL_SSLVERSION_MAX_DEFAULT for OpenSSL.
5034 Co-authored-by: Daniel Gustafsson
5040 - certs: generate tests certs with sha256 digest algorithm
5048 - urlapi: document the error codes, remove two unused ones
5050 Assisted-by: Daniel Gustafsson
5053 - urlapi: add CURLU_GUESS_SCHEME and fix hostname acceptance
5065 Assisted-by: Daniel Gustafsson
5069 - nss: try to connect even if libnssckbi.so fails to load
5073 Reported-by: Maxime Legros
5074 Bug: https://curl.haxx.se/mail/lib-2018-09/0077.html
5079 - urlapi: don't set value which is never read
5083 fixes the deadstore bug-report from clang static analysis.
5086 Reviewed-by: Daniel Stenberg <daniel@haxx.se>
5088 - todo: Update reference to already done item
5094 Reviewed-by: Daniel Stenberg <daniel@haxx.se>
5097 - RELEASE-NOTES: synced
5099 - [slodki brought this change]
5107 Reviewed-by: Sergei Nikulov
5110 - curl_multi_wait: call getsock before figuring out timeout
5117 - examples/http2-pushinmemory: receive HTTP/2 pushed files in memory
5122 - darwinssl: Fix realloc memleak
5129 Reviewed-by: Daniel Stenberg <daniel@haxx.se>
5130 Reviewed-by: Nick Zitzmann <nickzman@gmail.com>
5132 - [Kruzya brought this change]
5139 - memory: add missing curl_printf header
5146 Reviewed-by: Daniel Stenberg <daniel@haxx.se>
5149 - [Si brought this change]
5151 curl: update --tlsv* descriptions in --help output
5155 - http: made Curl_add_buffer functions take a pointer-pointer
5158 the error-paths and their cleanups easier.
5162 - http2: fix memory leaks on error-path
5164 - [Rikard Falkeborn brought this change]
5171 - secure Openwall URLs
5174 - openssl: show "proper" version number for libressl builds
5178 - [Rainer Jung brought this change]
5186 - sendf: use failf() rather than Curl_failf()
5192 Reviewed-by: Daniel Stenberg <daniel@haxx.se>
5194 - sendf: Fix whitespace in infof/failf concatenation
5202 Reviewed-by: Daniel Stenberg <daniel@haxx.se>
5204 - krb5: fix memory leak in krb_auth
5208 Reviewed-by: Daniel Stenberg <daniel@haxx.se>
5210 - ftp: include command in Curl_ftpsend sendbuffer
5218 Reviewed-by: Daniel Stenberg <daniel@haxx.se>
5220 - ntlm_wb: Fix memory leaks in ntlm_wb_response
5226 Reviewed-by: Daniel Stenberg <daniel@haxx.se>
5229 - [Yiming Jing brought this change]
5233 - [Yiming Jing brought this change]
5237 - [Yiming Jing brought this change]
5243 - [Yiming Jing brought this change]
5247 - [Dave Reisner brought this change]
5261 - [Dave Reisner brought this change]
5265 - urlglob: improve error message
5269 Reported-by: Daniel Shahaf
5274 - [Yiming Jing brought this change]
5276 tests/certs: rebuild certs with 2048-bit RSA keys
5279 However, RSA claims that 1024-bit RSA keys are likely to become
5280 crackable some time before 2010. The NIST recommends at least 2048-bit
5288 - TODO: fix typo in item
5291 Reviewed-by: Daniel Stenberg <daniel@haxx.se>
5294 - anyauthput: fix compiler warning on 64-bit Windows
5302 - lib: fix gcc8 warning on Windows
5307 - openssl: fix gcc8 warning
5309 - Use memcpy instead of strncpy to copy a string without termination,
5313 Suggested-by: Viktor Szakats
5318 - libcurl-url.3: overview man page for the URL API
5322 - example/asiohiper: insert warning comment about its status
5330 - docs/cmdline-opts: update the documentation of --tlsv1.0
5336 - docs/examples: do not wait when no transfers are running
5341 - [Daniel Gustafsson brought this change]
5351 - [Daniel Gustafsson brought this change]
5357 - [Daniel Gustafsson brought this change]
5368 - [Daniel Gustafsson brought this change]
5377 - ntlm_wb: bail out if the response gets overly large
5382 Reported-by: Harry Sintonen
5385 - [Daniel Gustafsson brought this change]
5391 - urlapi: avoid derefencing a possible NULL pointer
5395 - RELEASE-NOTES: synced
5398 - test324: fix after 3f3b26d6feb0667714902e836af608094235fca2
5403 - curl_url_set.3: correct description
5405 - curl_url-docs: fix AVAILABILITY as Added in curl 7.62.0
5407 - URL-API
5414 - curl_easy_upkeep: removed 'conn' from the name
5421 - [Max Dymond brought this change]
5432 - [Philipp Waehnert brought this change]
5438 configuration option --disable-ssl-auto-load-config disables this
5449 - doh: minor edits to please Coverity
5456 - schannel: avoid switch-cases that go to default anyway
5461 Reported-by: Thomas Glanzmann
5462 Approved-by: Marc Hörsken
5463 Bug: https://curl.haxx.se/mail/lib-2018-09/0020.html
5466 - [Nicklas Avén brought this change]
5480 - CURLOPT_UPLOAD_BUFFERSIZE: set upload buffer size
5487 - travis: add the DOH tests to the torture testing
5489 - DOH: add test case 1650 and 2100
5491 - curl: --doh-url added
5493 - setopt: add CURLOPT_DOH_URL
5497 - [Han Han brought this change]
5503 - [Han Han brought this change]
5513 - [Han Han brought this change]
5520 - [Han Han brought this change]
5526 - [Han Han brought this change]
5532 - CURLOPT_DNS_USE_GLOBAL_CACHE: deprecated
5537 Bug: https://curl.haxx.se/mail/lib-2018-09/0010.html
5540 - url: default to CURL_HTTP_VERSION_2TLS if built h2-enabled
5544 - multiplex: enable by default
5548 - [Jim Fuller brought this change]
5552 Approved-by: Daniel Gustafsson
5555 - test1452: mark as flaky
5561 - pipelining: deprecated
5566 To re-enable the support, the single line change in lib/multi.c needs to
5573 - RELEASE-NOTES: start working on 7.62.0
5578 - THANKS: 7.61.1 status
5580 - RELEASE-NOTES: 7.61.1
5582 - Curl_getoff_all_pipelines: ignore unused return values
5584 Since scan-build would warn on the dead "Dead store/Dead increment"
5587 - sftp: fix indentation
5590 - [Przemysław Tomaszewski brought this change]
5592 sftp: don't send post-qoute sequence when retrying a connection
5598 - url, vtls: make CURLOPT{,_PROXY}_TLS13_CIPHERS work
5600 This is a follow-up to PR #2607 and PR #2926.
5605 - [Jay Satiro brought this change]
5607 tool_operate: Add http code 408 to transient list for --retry
5609 - Treat 408 request timeout as transient so that curl will retry the
5610 request if --retry was used.
5614 - [Jay Satiro brought this change]
5621 Bug: https://github.com/curl/curl/pull/2607#issuecomment-417283187
5622 Reported-by: Kamil Dudka
5626 - Curl_ntlm_core_mk_nt_hash: return error on too long password
5631 This is CVE-2018-14618
5633 Bug: https://curl.haxx.se/docs/CVE-2018-14618.html
5635 Reported-by: Zhaoyang Wu
5637 - [Rikard Falkeborn brought this change]
5644 - test1148: fix precheck output
5649 - all: s/int/size_t cleanup
5651 Assisted-by: Rikard Falkeborn
5655 - ssh-libssh: use FALLTHROUGH to silence gcc8
5658 - tool_operate: Fix setting proxy TLS 1.3 ciphers
5661 - [Daniel Gustafsson brought this change]
5663 cookies: support creation-time attribute for cookies
5666 SHOULD be sorted by creation-time (earlier first). This adds a
5667 creation-time record to the cookie struct in order to make cookie
5668 sorting more deterministic. The creation-time is defined as the
5670 jar being the oldest. The creation-time is thus not serialized
5678 - Don't use Windows path %PWD for SSH tests
5692 - CURLOPT_SSL_CTX_FUNCTION.3: clarify connection reuse warning
5694 Reported-by: Daniel Stenberg
5699 - THANKS-filter: dedup Daniel Jeliński
5701 - RELEASE-NOTES: synced
5703 - CURLOPT_ACCEPT_ENCODING.3: list them comma-separated [ci skip]
5705 - CURLOPT_SSL_CTX_FUNCTION.3: might cause unintended connection reuse [ci skip]
5711 - curl: fix time-of-check, time-of-use race in dir creation
5713 Patch-by: Jay Satiro
5718 - cmdline-opts/page-footer: fix edit mistake
5722 follow-up to a7ba60bb7250
5724 - docs: clarify NO_PROXY env variable functionality
5726 Reported-by: Kirill Marchuk
5731 - lib1522: fix curl_easy_setopt argument type
5735 - curl_threads: silence bad-function-cast warning
5743 - README: add appveyor build badge [ci skip]
5747 - [Ihor Karpenko brought this change]
5753 less-demanding in sense of required user credentials ( for example,
5764 Bug: https://curl.haxx.se/mail/lib-2018-08/0198.html
5768 - [Leonardo Taccari brought this change]
5784 - cookie tests: treat files as text
5789 - libcurl-thread.3: expand somewhat on the NO_SIGNAL motivation
5791 Multi-threaded applictions basically MUST set CURLOPT_NO_SIGNAL to 1L to
5794 Either way, a multi-threaded application that uses libcurl/openssl needs
5800 - RELEASE-NOTES: synced
5803 - Tests: fixes for Windows
5805 - test 1268 requires unix sockets
5806 - test 2072 must be disabled also for MSYS/MinGW
5809 - http2: abort the send_callback if not setup yet
5814 Detected by OSS-Fuzz
5815 Bug: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=10012
5817 - http2: remove four unused nghttp2 callbacks
5821 - x509asn1: use FALLTHROUGH
5826 - test1148: disable if decimal separator is not point
5835 - Enable more GCC warnings
5838 -Wold-style-definition
5839 -Warray-bounds=2 instead of the default 1
5840 -Wformat=2, but only for GCC 4.8+ as Wno-format-nonliteral is not
5842 -Wunused-const-variable, which enables level 2 instead of the default 1
5843 -Warray-bounds also in debug mode through -ftree-vrp
5844 -Wnull-dereference also in debug mode through
5845 -fdelete-null-pointer-checks
5849 - curl-compilers: enable -Wimplicit-fallthrough=4 for GCC
5857 - curl-compilers: enable -Wbad-function-cast on GCC
5864 - configure: conditionally enable pedantic-errors
5866 Enable pedantic-errors for GCC >= 5 with --enable-werror. Before GCC 5,
5867 pedantic-errors was synonymous to -Werror=pedantic [0], which is still
5873 [0] https://gcc.gnu.org/onlinedocs/gcc-4.9.0/gcc/Warning-Options.html
5874 [1] https://clang.llvm.org/docs/UsersManual.html#options-to-control-error-and-warning-messages
5875 [2] https://gcc.gnu.org/onlinedocs/gcc-5.1.0/gcc/Warning-Options.html
5879 - Remove unused definitions
5884 - x509asn1: make several functions static
5890 - INTERNALS: require GnuTLS >= 2.11.3
5897 - http2: avoid set_stream_user_data() before stream is assigned
5899 ... before the stream is started, we have it set to -1.
5904 - SSLCERTS: improve the openssl command line
5909 - docs/SECURITY-PROCESS: now we name the files after the CVE id
5911 - RELEASE-NOTES: synced
5913 - upload: change default UPLOAD_BUFSIZE to 64KB
5920 - upload: allocate upload buffer on-demand
5927 - [Laurent Bonnans brought this change]
5936 Reported-by: Anton Gerasimov
5937 Signed-of-by: Laurent Bonnans
5941 - http2: make sure to send after RST_STREAM
5948 Researched-by: Michael Kaufmann
5950 - test1268: check the stderr output as "text"
5952 Follow-up to 099f37e9c57
5954 Pointed-out-by: Marcel Raad
5956 - urldata: remove unused pipe_broke struct field
5963 - curl: warn the user if a given file name looks like an option
5973 - http2: check nghttp2_session_set_stream_user_data return code
5979 - travis: revert back to gcc-7 for coverage builds
5981 ... since the gcc-8 ones seem to fail frequently.
5983 Follow-up from b85207199544ca
5987 - RELEASE-NOTES: synced
5991 - [Adrien brought this change]
6002 Reported-by: adnn on github
6003 Reviewed-by: Sergei Nikulov
6005 - TODO: host name sections in config files
6008 - ssh-libssh: fix infinite connect loop on invalid private key
6016 - ssh-libssh: reduce excessive verbose output about pubkey auth
6021 operates in non-blocking mode.
6027 - travis: disable h2 torture tests for "coverage"
6034 - travis: update to GCC 8
6039 - http: fix for tiny "HTTP/0.9" response
6041 Deal with tiny "HTTP/0.9" (header-less) responses by checking the
6042 status-line early, even before a full "HTTP/" is received to allow
6051 - docs: add disallow-username-in-url.d and haproxy-protocol.d on the list
6057 - .travis.yml: verify that man pages can be regenerated
6064 - Split non-portable part off test 1133
6074 - projects: Improve Windows perl detection in batch scripts
6076 - Determine if perl is in the user's PATH by running perl.exe.
6083 Reported-by: Daniel Jeliński
6085 - [Michael Kaufmann brought this change]
6089 - CURLOPT_HEADERFUNCTION: add newlines
6090 - CURLOPT_INTERLEAVEFUNCTION: fix the description of 'userdata'
6091 - CURLOPT_READDATA: mention crashes, same as in CURLOPT_WRITEDATA
6092 - CURLOPT_READFUNCTION: rename 'instream' to 'userdata' and explain
6098 - GCC: silence -Wcast-function-type uniformly
6100 Pointed-out-by: Rikard Falkeborn
6103 - Silence GCC 8 cast-function-type warnings
6109 [0] https://gcc.gnu.org/onlinedocs/gcc-8.1.0/gcc/Warning-Options.html
6114 - CURLINFO_SIZE_UPLOAD: fix missing counter update
6118 Reported-by: cjmsoregan
6122 - [Daniel Jelinski brought this change]
6128 - RELEASE-NOTES: synced
6130 - openssl: fix potential NULL pointer deref in is_pkcs11_uri
6132 Follow-up to 298d2565e
6136 - travis: execute "set -eo pipefail" for coverage build
6138 Follow-up to 2de63ab179eb78630ee039ad94fb2a5423df522d and
6144 - lib1502: fix memory leak in torture test
6146 Reported-by: Marcel Raad
6150 - docs: mention NULL is fine input to several functions
6154 Reported-by: Markus Elfring
6156 - [Bas van Schaik brought this change]
6162 - [Rikard Falkeborn brought this change]
6171 - [Rikard Falkeborn brought this change]
6180 - [Rikard Falkeborn brought this change]
6182 asyn-thread: Remove unused macro
6188 - [Rikard Falkeborn brought this change]
6196 - [Rikard Falkeborn brought this change]
6205 - [Rikard Falkeborn brought this change]
6213 - [Daniel Jelinski brought this change]
6220 - configure: fix for -lpthread detection with OpenSSL and pkg-config
6222 ... by making sure it uses the -I provided by pkg-config!
6224 Reported-by: pszemus on github
6228 - RELEASE-NOTES: synced
6230 - windows: follow up to the buffer-tuning 1ba1dba7
6235 Pointed-out-by: Viktor Szakats
6237 - [Daniel Jelinski brought this change]
6243 Bug: https://curl.haxx.se/mail/lib-2018-07/0080.html
6247 - [Anderson Toshiyuki Sasaki brought this change]
6257 Acked-by: Nikos Mavrogiannopoulos
6260 - [Ruslan Baratov brought this change]
6267 Use '-DBUILD_SHARED_LIBS=%SHARED%' in appveyor.yml.
6269 Reviewed-by: Sergei Nikulov
6272 - [John Butterfield brought this change]
6278 - [John Butterfield brought this change]
6282 Reviewed-by: Jakub Zakrzewski
6283 Reviewed-by: Sergei Nikulov
6286 - travis: build darwinssl on macos 10.12
6290 Assisted-by: Nick Zitzmann
6294 - DEPRECATE: remove release date from 7.62.0
6299 - lib/Makefile: only do symbol hiding if told to
6302 --disable-symbol-hiding to keep non-curl_ symbols.
6304 Researched-by: Dan Fandrich
6305 Reported-by: Ran Mozes
6310 - hostip: fix unused variable warning
6316 - test1307: disabled
6324 - smb: don't mark it done in smb_do
6326 Follow-up to 09e401e01bf9. The SMB protocol handler needs to use its
6332 - [Rikard Falkeborn brought this change]
6338 - RELEASE-NOTES: synced
6340 - mailmap: Daniel Jelinski
6342 - [Harry Sintonen brought this change]
6353 Discovered-by: Harry Sintonen
6356 - curl: use Content-Disposition before the "URL end" for -OJ
6360 Reported-by: Thomas Klausner
6364 - [Daniel Jelinski brought this change]
6371 - http2: clear the drain counter in Curl_http2_done
6373 Reported-by: Andrei Virtosu
6377 - smb: fix memory leak on early failure
6379 ... by making sure connection related data (->share) is stored in the
6382 Detected by OSS-fuzz
6383 Bug: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=9369
6387 - travis: run a 'make checksrc' too
6394 - examples/ephiperfifo: checksrc compliance
6396 - [Michael Kaufmann brought this change]
6403 - test1157: follow-up to 35ecffb9
6405 Ignore the user-agent line.
6406 Pointed-out-by: Marcel Raad
6409 - tests/http_pipe.py: Use /usr/bin/env to find python
6412 - TODO: Support Authority Information Access certificate extension (AIA)
6416 - conn_free: updated comment to clarify
6421 - test1157: test -H from empty file
6425 - [Tobias Blomberg brought this change]
6427 curl: Fix segfault when -H @headerfile is empty
6429 The curl binary would crash if the -H command line option was given a
6434 - mime: check Curl_rand_hex's return code
6436 Bug: https://curl.haxx.se/mail/archive-2018-07/0015.html
6437 Reported-by: Jeffrey Walton
6440 - [Josh Bialkowski brought this change]
6446 - [Darío Hereñú brought this change]
6452 - [Christopher Head brought this change]
6463 - [Christopher Head brought this change]
6485 - [Carie Pointer brought this change]
6495 - [Even Rouault brought this change]
6497 reuse_conn(): free old_conn->options
6502 I found this with oss-fuzz on GDAL and curl master:
6503 https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=9582
6504 I couldn't reproduce with the oss-fuzz original test case, but looking
6505 at curl source code pointed to this well reproducable leak.
6510 - [Daniel Jelinski brought this change]
6520 - [Johannes Schindelin brought this change]
6528 Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
6531 - [Johannes Schindelin brought this change]
6554 Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
6558 - test320: treat curl320.out file as binary
6566 - vtls: set conn->data when closing TLS
6568 Follow-up to 1b76c38904f0. The VTLS backends that close down the TLS
6576 - tests: fixes for Windows line endlings
6582 - test214: disable MSYS2's POSIX path conversion for URL
6587 Ref https://github.com/msys2/msys2/wiki/Porting#filesystem-namespaces
6590 - http2: several cleanups
6592 - separate easy handle from connections better
6593 - added asserts on a number of places
6594 - added sanity check of pipelines for debug builds
6598 - smb_getsock: always wait for write socket too
6604 Without this fix, an SMB download could easily get stuck when the event-driven
6610 - test1143: disable MSYS2's POSIX path conversion
6616 Ref https://github.com/msys2/msys2/wiki/Porting#filesystem-namespaces
6620 - RELEASE-NOTES: sync
6624 - [Ruslan Baratov brought this change]
6629 Reviewed-by: Sergei Nikulov
6631 - header output: switch off all styles, not just unbold
6635 Reported-by: Zero King
6640 - [Rodger Combs brought this change]
6645 - test1422: add required file feature
6647 curl configured with --enable-debug --disable-file currently complains
6657 - content_encoding: accept up to 4 unknown trailer bytes after raw deflate data
6663 Reported-by: clbr on github
6667 - smb: fix memory-leak in URL parse error path
6669 Detected by OSS-Fuzz
6670 Bug: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=9369
6674 - schannel: enable CALG_TLS1PRF for w32api >= 5.1
6677 …https://osdn.net/projects/mingw/scm/git/mingw-org-wsl/commits/73aedcc0f2e6ba370de0d86ab878ad76a0dd…
6680 - docs/SECURITY-PROCESS: mention bounty, drop pre-notify
6684 - We don't and can't handle pre-notification
6686 - multi: always do the COMPLETED procedure/state
6693 will always return a -1 timeout when all handles are completed.
6697 - Curl_getoff_all_pipelines: improved for multiplexed
6702 - ares: check for NULL in completed-callback
6704 - conn: remove the boolean 'inuse' field
6708 - [Paul Howarth brought this change]
6712 Commit 38203f1585da changed engine detection to be version-based,
6714 with openssl 1.0.0, which has engine support - the configure script
6715 detects that ENGINE_cleanup() is available - but <openssl/engine.h>
6728 - schannel: fix MinGW compile break
6734 …[0] https://osdn.net/projects/mingw/scm/git/mingw-org-wsl/blobs/d1d4a17e51a2b78e252ef0147d483267d5…
6737 Fixes https://github.com/curl/curl/pull/2721#issuecomment-403636043
6741 - examples/crawler.c: move #ifdef to column 0
6746 Reported-by: Jeroen Ooms
6751 - release: 7.61.0
6753 - TODO: Configurable loading of OpenSSL configuration file
6757 - post303.d: clarify that this is an RFC violation
6761 Reported-by: Vasiliy Faronov
6765 - [Ruslan Baratov brought this change]
6767 CMake: remove redundant and old end-of-block syntax
6769 Reviewed-by: Jakub Zakrzewski
6773 - lib/curl_setup.h: remove unicode character
6775 Follow-up to 82ce416.
6777 Ref: https://github.com/curl/curl/commit/8272ec5#commitcomment-29646818
6780 - lib/curl_setup.h: remove unicode bom from 8272ec50f02
6783 - schannel: fix -Wsign-compare warning
6787 conditional expression [-Wsign-compare]
6793 - schannel: workaround for wrong function signature in w32api
6800 - schannel: make more cipher options conditional
6806 - curl_setup: include <winerror.h> before <windows.h>
6814 - examples: fix -Wformat warnings
6817 Windows), GCC emits -Wformat warnings when using lu and lx format
6824 - smtp: use the upload buffer size for scratch buffer malloc
6827 a buffer overflow! CVE-2018-0500
6829 Reported-by: Peter Wu
6830 Bug: https://curl.haxx.se/docs/adv_2018-70a2.html
6832 - [Dave Reisner brought this change]
6838 - [Nick Zitzmann brought this change]
6842 ...but GCC users lose out on TLS 1.3 support, since we can't weak-link
6848 - [Ruslan Baratov brought this change]
6855 - [Ruslan Baratov brought this change]
6861 - KNOWN_BUGS: Stick to same family over SOCKS proxy
6863 - libssh: goto DISCONNECT state on error, not SSH_SESSION_FREE
6870 - libssh: include line number in state change debug messages
6874 - KNOWN_BUGS: Borland support is dropped, AIX problem is too old
6876 - [Jeroen Ooms brought this change]
6882 - RELEASE-NOTES: synced
6884 - DEPRECATE: include year when specifying date
6886 - DEPRECATE: linkified
6888 - DEPRECATE: mention the PR that disabled axTLS
6890 - docs/DEPRECATE.md: spelling and minor formatting
6892 - DEPRECATE: new doc describing planned item removals
6896 - [Gisle Vanem brought this change]
6901 non-matching type 'HANDLE' (aka 'void *') [-Wbad-function-cast]
6906 - docs: fix missed option name markups
6908 - [Gaurav Malhotra brought this change]
6914 - openssl: make the requested TLS version the *minimum* wanted
6920 Reported-by: Andreas Olsson
6921 Assisted-by: Gaurav Malhotra
6925 - RELEASE-NOTES: synced
6927 - openssl: allow TLS 1.3 by default
6929 Reported-by: Andreas Olsson
6933 - [Adrian Peniak brought this change]
6944 - travis: add a build using the synchronous name resolver
6946 ... since default uses the threaded one and we test the c-ares build
6951 - configure: remove CURL_CHECK_NI_WITHSCOPEID too
6955 Follow-up to 0aeca41702d2
6957 - getnameinfo: not used
6961 - easy_perform: use *multi_timeout() to get wait times
6971 - configure: Add dependent libraries after crypto
6974 tally of symbols it hasn't resolved yet. So, we need -ldl to appear
6975 after -lcrypto otherwise the linker won't find the dl functions.
6980 - GOVERNANCE: linkify, changed some titles
6982 - GOVERNANCE: add maintainer details/duties
6984 - url: check Curl_conncache_add_conn return code
6991 - include/README: remove "hacking" advice, not the right place
6993 - RELEASE-NOTES: synced
6995 - CURLOPT_SSL_VERIFYPEER.3: fix syntax mistake
6997 Follow-up to b6a16afa0aa5
6999 - netrc: use a larger buffer
7004 Reported-by: Dario Nieuwenhuis
7008 - [Patrick Schlangen brought this change]
7014 - [Javier Blazquez brought this change]
7016 multi: fix crash due to dangling entry in connect-pending list
7021 - ConnectionExists: make sure conn->data is set when "taking" a connection
7023 Follow-up to 2c15693.
7028 - [Kevin R. Bulgrien brought this change]
7032 Bug: https://curl.haxx.se/mail/lib-2018-06/0100.html
7034 - [Raphael Gozzo brought this change]
7043 - url: fix dangling conn->data pointer
7046 connections from the cache, and make sure to NULLify the ->data pointer
7050 Reported-by: Will Dietz
7054 - CURLOPT_INTERFACE.3: interface names not supported on Windows
7056 - travis: run more tests for coverage check
7058 ... run a few more tortured based and run all tests event-based.
7062 - multi: fix memory leak when stopped during name resolve
7071 Detected by OSS-fuzz.
7075 - maketgz: delete .bak files, fix indentation
7082 - runtests.pl: remove debug leftover from bb9a340c73f3
7084 - curl-confopts.m4: fix typo from ed224f23d5beb
7086 Fixes my local configure to detect a custom installed c-ares without
7089 - docs/RELEASE-PROCEDURE.md: renamed to use .md extension
7093 - RELEASE-PROCEDURE: gpg sign the tags
7095 - RELEASE-NOTES: synced
7097 - CURLOPT_HTTPAUTH.3: CURLAUTH_BEARER was added in 7.61.0
7099 - [Mamta Upadhyay brought this change]
7103 maketgz creates release tarballs and removes the -DEV string in curl
7104 version (e.g. 7.58.0-DEV), else -DEV shows up on command line when curl
7106 the sed commands that use option -i without an extension. Maketgz
7108 a backup extension .bak after -i fixes this issue
7112 sed: -e: No such file or directory
7118 - configure: enhance ability to detect/build with static openssl
7120 Fix the -ldl and -ldl + -lpthread checks for OpenSSL, necessary for
7121 building with static libs without pkg-config.
7123 Reported-by: Marcel Raad
7127 - configure: use pkg-config for c-ares detection
7129 First check if there's c-ares information given as pkg-config info and use
7132 Reported-by: pszemus on github
7136 - GOVERNANCE.md: explains how this project is run
7140 - KNOWN_BUGS: NTLM doen't support password with § character
7144 - KNOWN_BUGS: slow connect to localhost on Windows
7148 - [Matteo Bignotti brought this change]
7150 mk-ca-bundle.pl: make -u delete certdata.txt if found not changed
7155 The certdata.txt is currently kept on disk even if you give the -u
7160 - progress: remove a set of unused defines
7162 Reported-by: Peter Wu
7165 - TODO: "Option to refuse usernames in URLs" done
7169 - [Lyman Epp brought this change]
7175 - runtests: support variables in <strippart>
7183 - Curl_debug: remove dead printhost code
7188 Reported-by: Tejas
7189 Bug: https://curl.haxx.se/mail/lib-2018-06/0054.html
7193 - schannel: avoid incompatible pointer warning
7195 with clang-6.0:
7198 …ing argument 11 of 'CryptQueryObject' from incompatible pointer type [-Wincompatible-pointer-types]
7201 In file included from /usr/share/mingw-w64/include/schannel.h:10:0,
7202 from /usr/share/mingw-w64/include/schnlsp.h:9,
7205 …/usr/share/mingw-w64/include/wincrypt.h:4437:26: note: expected 'const void **' but argument is of…
7214 - [Robert Prag brought this change]
7224 defining the desired algorithms. For example, curl --ciphers
7230 - [Bernhard M. Wiedemann brought this change]
7241 - [Marian Klymov brought this change]
7245 - Get rid of variable that was generating false positive warning
7248 - Fix issues in tests
7250 - Reduce scope of several variables all over
7256 - openssl: assume engine support in 1.0.1 or later
7268 - RELEASE-NOTES: synced
7270 - RELEASE-PROCEDURE: update the release calendar for 2019
7272 - [Gisle Vanem brought this change]
7281 - [Vladimir Kotal brought this change]
7283 mk-ca-bundle.pl: leave certificate name untouched in decode()
7287 - [Rikard Falkeborn brought this change]
7295 - [Rikard Falkeborn brought this change]
7303 for the manually added dist-rule in the Makefile.
7308 - [Stephan Mühlstrasser brought this change]
7315 CURL_TYPEOF_CURL_SOCKLEN_T, and for 64-bit also CURL_TYPEOF_CURL_OFF_T
7320 CC libcurl_la-ftp.lo
7321 …"ftp.c", line 290.55: 1506-280 (W) Function argument assignment between types "unsigned long* rest…
7322 …"ftp.c", line 293.48: 1506-280 (W) Function argument assignment between types "unsigned long* rest…
7323 …"ftp.c", line 1070.49: 1506-280 (W) Function argument assignment between types "unsigned long* res…
7324 …"ftp.c", line 1154.53: 1506-280 (W) Function argument assignment between types "unsigned long* res…
7325 …"ftp.c", line 1187.51: 1506-280 (W) Function argument assignment between types "unsigned long* res…
7326 CC libcurl_la-connect.lo
7327 …"connect.c", line 448.56: 1506-280 (W) Function argument assignment between types "unsigned long* …
7328 …"connect.c", line 516.66: 1506-280 (W) Function argument assignment between types "unsigned long* …
7329 …"connect.c", line 687.55: 1506-280 (W) Function argument assignment between types "unsigned long* …
7330 …"connect.c", line 696.55: 1506-280 (W) Function argument assignment between types "unsigned long* …
7331 CC libcurl_la-tftp.lo
7332 …"tftp.c", line 1115.33: 1506-280 (W) Function argument assignment between types "unsigned long* re…
7336 - cmdline-opts/cert-type.d: mention "p12" as a recognized type as well
7339 - spelling fixes
7346 - axtls: follow-up spell fix of comment
7348 - axTLS: not considered fit for use
7350 URL: https://curl.haxx.se/mail/lib-2018-06/0000.html
7352 This is step one. It adds #error statements that require source edits to
7358 - build: remove the Borland specific makefiles
7365 - curl_addrinfo: use same #ifdef conditions in source as header
7369 - multi: remove a DEBUGF()
7377 - [Alibek.Jorajev brought this change]
7385 - fnmatch: use the system one if available
7399 - os400: add new option in ILE/RPG binding
7401 Follow-up to commit 946ce5b
7404 - tests/libtest/.gitignore: follow-up fix to ignore lib5* too
7406 - KNOWN_BUGS: CURL_GLOBAL_SSL
7410 - [Bernhard Walle brought this change]
7417 …netrc.c:81:7: error: implicit declaration of function 'getpwuid_r' [-Werror=implicit-function-decl…
7422 Signed-off-by: Bernhard Walle <bernhard@bwalle.de>
7425 - [Rikard Falkeborn brought this change]
7431 - [Rikard Falkeborn brought this change]
7437 - [Björn Stenberg brought this change]
7441 Adds CURLOPT_DISALLOW_USERNAME_IN_URL and --disallow-username-in-url. Makes
7446 - libcurl-security.3: improved layout for two rememdy lists
7448 - libcurl-security.3: refer to URL instead of in-source markdown file
7451 - curl.rc: embed manifest for correct Windows version detection
7456 * enable it for all Windows CMake builds (also disable the built-in
7459 For other build systems, add the `-DCURL_EMBED_MANIFEST` option to
7466 long-pending resource compiler bug. Watcom C may also not handle
7467 it correctly when the `-zm` `wrc` option is used (this option may
7475 - os400: sync EBCDIC wrappers and ILE/RPG binding with latest options
7477 - os400: implement mime api EBCDIC wrappers
7482 - setopt: add TLS 1.3 ciphersuites
7486 curl: added --tls13-ciphers and --proxy-tls13-ciphers
7489 Reported-by: zzq1015 on github
7492 - configure: override AR_FLAGS to silence warning
7500 https://www.mail-archive.com/automake-patches@gnu.org/msg07705.html
7502 Reported-by: elephoenix on github
7507 - cmake: fixed comments in compile checks code
7510 - INSTALL: LDFLAGS=-Wl,-R/usr/local/ssl/lib
7514 Reported-by: Peter Varga
7518 - [Will Dietz brought this change]
7526 -----
7531 fixed or invalid.
7538 - fnmatch: insist on escaped bracket to match
7540 A non-escaped bracket ([) is for a character group - as documented. It
7544 Problem detected by OSS-Fuzz, although this fix is probably not a final
7547 Bug: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=8525
7551 - psl: use latest psl and refresh it periodically
7558 Reported-by: Yaakov Selkowitz
7563 - [Fabrice Fontaine brought this change]
7567 The ssh2 pkg-config file could contain the following lines when build
7569 Libs: -L${libdir} -lssh2 /xxx/libmbedcrypto.a
7576 pkg-config --libs-only-l by pkg-config --libs.
7579 - http://autobuild.buildroot.net/results/43e24b22a77f616d6198c10435dcc23cc3b9088a
7581 Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
7584 - RELEASE-NOTES: synced
7586 - [Bernhard Walle brought this change]
7590 The autotools-based build system does it, so we do it also in CMake.
7593 Signed-off-by: Bernhard Walle <bernhard@bwalle.de>
7595 - cmdline-opts/gen.pl: warn if mutexes: or see-also: list non-existing options
7597 - [Frank Gevaerts brought this change]
7599 curl.1: Fix cmdline-opts reference errors.
7601 --data, --form, and --ntlm were declared to be mutually exclusive with
7602 non-existing options. --data and --form referred to --upload (which is
7603 short for --upload-file and therefore did work, so this one was merely
7604 a bit confusing), --ntlm referred to --negotiated instead of --negotiate.
7608 - [Frank Gevaerts brought this change]
7610 docs: fix cmdline-opts metadata headers case consistency.
7614 - mailmap: Max Savenkov
7617 - [Max Savenkov brought this change]
7622 - mailmap: a Richard Alcock fixup
7624 - [Richard Alcock brought this change]
7630 - [Richard Alcock brought this change]
7632 winbuild: In MakefileBuild.vc fix typo DISTDIR->DIRDIST
7638 - [Richard Alcock brought this change]
7648 - [Alejandro R. Sedeño brought this change]
7657 - multi: provide a socket to wait for in Curl_protocol_getsock
7661 Bug: https://curl.haxx.se/mail/lib-2018-05/0062.html
7662 Reported-by: Sean Miller
7665 - [Linus Lewandowski brought this change]
7671 - TODO: CURLINFO_PAUSE_STATE
7676 - cmake: set -d postfix for debug builds if not specified
7677 using -DCMAKE_DEBUG_POSTFIX explicitly
7682 - configure: add basic test of --with-ssl prefix
7688 Reported-by: Oleg Pudeyev
7689 Assisted-by: Per Malmberg
7693 - http resume: skip body if http code 416 (range error) is ignored.
7698 New test 1156 checks all combinations of --range/--resume, --fail,
7699 Content-Range header and http status code 200/416.
7702 Reported-By: Ithubg on github
7706 - tftp: make sure error is zero terminated before printfing it
7708 - configure: add missing m4/ax_compile_check_sizeof.m4
7710 follow-up to mistake in 6876ccf90b4
7713 - [Johannes Schindelin brought this change]
7717 OpenSSL has supported --cacert for ages, always accepting LF-only line
7721 When we introduced support for --cacert also with Secure Channel (or in
7728 Happily, CryptQueryObject(), the function we use to parse the ca-bundle,
7735 Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
7740 - CURLOPT_ACCEPT_ENCODING.3: add brotli and clarify a bit
7742 - RELEASE-NOTES: synced
7744 - KNOWN_BUGS: mention the -O with %-encoded file names
7748 - checksrc: make sure sizeof() is used *with* parentheses
7750 ... and unify the source code to adhere.
7754 - curl: added --styled-output
7756 It is enabled by default, so --no-styled-output will switch off the
7761 - curl: show headers in bold
7765 -J: There's some minor differences and improvements in -J handling, as
7766 now J should work with -i and it actually creates a file first using the
7768 Content-Disposition (if any).
7770 -i: only shows headers for HTTP transfers now (as documented).
7774 -i: now shows trailers as well. Previously they were not shown at all.
7776 --libcurl: the CURLOPT_HEADER is no longer set, as the header output is
7779 - configure: compile-time SIZEOF checks
7786 Reported-by: Bernhard Walle
7788 - configure: replace AC_TRY_RUN with CURL_RUN_IFELSE
7790 ... and export LD_LIBRARY_PATH properly. This is a follow-up from
7794 Reported-by: Bernhard Walle
7796 - docs: clarify CURLOPT_HTTPGET somewhat
7798 Reported-by: bsammon on github
7801 - curl_fnmatch: only allow two asterisks for matching
7809 This commit was triggered by yet another OSS-Fuzz timeout due to this.
7810 Bug: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=8369
7814 - checksrc: fix too long line
7816 follow-up to e05ad5d
7818 - [Aleks brought this change]
7826 - examples/progressfunc: make it build on older libcurls
7834 - stub_gssapi: fix numerous 'unused parameter' warnings
7836 follow-up to d9e92fd9fd1d
7838 - [Philip Prindeville brought this change]
7857 - openssl: acknowledge --tls-max for default version too
7862 Reported-by: byte_bucket
7866 - bump: start working on the pending 7.61.0
7868 - [Dagobert Michelsen brought this change]
7870 tests/libtest/Makefile: Do not unconditionally add gcc-specific flags
7876 - schannel_verify: fix build for non-schannel
7879 - rand: fix typo
7881 - schannel: disable manual verify if APIs not available
7886 - [Archangel_SDY brought this change]
7898 - RELEASE-NOTES: 7.60.0 release
7900 - THANKS: added people from the curl 7.60.0 release
7902 - docs/libcurl/index.html: removed
7909 - [steini2000 brought this change]
7915 - [steini2000 brought this change]
7919 - gcc: disable picky gcc-8 function pointer warnings in two places
7921 Reported-by: Rikard Falkeborn
7925 - http2: use the correct function pointer typedef
7927 Fixes gcc-8 picky compiler warnings
7928 Reported-by: Rikard Falkeborn
7932 - CODE_STYLE: mention return w/o parens, but sizeof with
7935 the web site. Also, don't use back-ticks inlined to allow the CSS to
7936 highlight source code better.
7938 - [Rikard Falkeborn brought this change]
7944 - [Rikard Falkeborn brought this change]
7948 - [Rikard Falkeborn brought this change]
7952 - [Rikard Falkeborn brought this change]
7956 - [Rikard Falkeborn brought this change]
7960 - contributors.sh: use "on github", not at
7962 - http2: getsock fix for uploads
7967 Detected-by: steini2000 on github
7971 - pingpong: fix response cache memcpy overflow
7978 Reported-by: Dario Weisser
7979 CVE: CVE-2018-1000300
7980 Bug: https://curl.haxx.se/docs/adv_2018-82c2.html
7982 - http: restore buffer pointer when bad response-line is parsed
7984 ... leaving the k->str could lead to buffer over-reads later on.
7986 CVE: CVE-2018-1000301
7987 Assisted-by: Max Dymond
7989 Detected by OSS-Fuzz.
7990 Bug: https://curl.haxx.se/docs/adv_2018-b138.html
7991 Bug: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=7105
7994 - cookies: do not take cookie name as a parameter
7997 This is a follow-up to commit 7f7fcd0.
8002 Reported-By: anshnd at github
8007 - smb: reject negative file sizes
8009 Assisted-by: Max Dymond
8011 Detected by OSS-Fuzz
8012 Bug: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=8245