curl: Update to version 8.14.0
- Update from version 8.13.0 to 8.14.0
- Update of rootfile
- Changelog
8.14.0
Changes:
mqtt: send ping at upkeep interval
schannel: handle pkcs12 client certificates containing CA certificates
TLS: add CURLOPT_SSL_SIGNATURE_ALGORITHMS and --sigalgs
vquic: ngtcp2 + openssl support
wcurl: import v2025.04.20 script + docs
websocket: add option to disable auto-pong reply
Bugfixes:
_SEEALSO.md: remove spaces around command and man page section
asny-thrdd: fix detach from running thread
asnyc-thrdd: explain how this is okay with a comment
asyn resolver code improvements
async-threaded resolver: use ref counter
async: DoH improvements
autotools: detect `wolfSSL_set_quic_use_legacy_code` like cmake does
autotools: install shell completion files on cross build
aws-sigv4: allow a blank string
build: check required rustls-ffi version
build: enable gcc-12/13+, clang-10+ picky warnings
build: enable gcc-15 picky warnings
certs: drop unused `default_bits` from `.prm` files
cf-https-connect: use the passed in dns struct pointer
cf-socket: fix FTP accept connect
cfilters: remove assert
cmake/FindNGTCP2: simplify multi-pkg-config detection
cmake: append picky warnings to `CMAKE_REQUIRED_FLAGS` as string
cmake: avoid 'target is imported but not globally visible' when consuming
libcurl with old cmake
cmake: do not install `mk-ca-bundle` script and manpage
cmake: enable `-Wall` for MSVC when `PICKY_COMPILER=ON`
cmake: extend integration tests
cmake: fix `fish` install directory detection via `pkg-config`
cmake: fix nghttp3 static linking with `USE_OPENSSL_QUIC=ON`
cmake: fix option() and mark_as_advanced() mixed order
cmake: fix shell completion install when just one flavor is enabled
cmake: honor individual picky option overrides found in `CMAKE_C_FLAGS`
cmake: install shell completions for cross-builds
cmake: link `crypt32` for OpenSSL feature detection
cmake: merge `CURL_WERROR` logic into `PickyWarnings.cmake`
cmake: prefer `COMPILE_OPTIONS` over `CMAKE_C_FLAGS` for custom C options
cmake: quotes, whitespace, use `VERSION_GREATER_EQUAL`
cmake: revert `CURL_LTO` behavior for multi-config generators
cmake: set `BUILDING_LIBCURL` directly for unit test targets
cmake: stop deleting `-W<n>` from `CMAKE_C_FLAGS` (MSVC)
cmake: tidy up and document feature detections in dependencies
cmake: use `CMAKE_COMPILE_WARNING_AS_ERROR` if available
cmake: use `INCLUDE_DIRECTORIES` prop to specify local header dirs
cmake: use `LIB_NAME` in `curl-config.cmake.in`
cmake: use absolute paths for completion targets
cmake: use the `LINK_OPTIONS` property with CMake 3.13+
configure: catch asking for double resolver without https-rr
configure: fix --disable-rt
configure: restore link checks
configure: suppress command not found for brew
conncache: make Curl_cpool_init return void
connect: shutdown timer fix
content_encoding: Transfer-Encoding parser improvements
CONTRIBUTE: add project guidelines for AI use
contrithanks.sh: drop set -e
cpool/cshutdown: force close connections under pressure
curl: fix memory leak when -h is used in config file
curl: only warn once for --manual in manual-disabled build
curl_get_line: handle lines ending on the buffer boundary
curl_krb5: only use functions if FTP is still enabled
curl_multibyte: fixup low-level calls, include in unity builds
curl_osslq: remove a leftover debug fprintf() call
curl_version_info.md: clarify ssl_version for MultiSSL
CURLMOPT_TIMERFUNCTION.md: correct the example
CURLOPT_ERRORBUFFER.md: buffer is read only after curl takes ownership
CURLOPT_FOLLOWLOCATION.md: switch to GET => no body
CURLOPT_READFUNCTION.md: mention the seek callback
CURLOPT_XFERINFOFUNCTION.md: fix the callback return type in example
curlx: move the docs to docs/internals/
DEPRECATE.md: drop support for VS2008
DEPRECATE.md: drop Windows CE support
dist: drop duplicate entry from `CMAKE_DIST`
dns_entry: move from conn to data->state
Dockerfile: update debian:bookworm-slim Docker digest to
90522ee
docs/INSTALL.md: drop reference to removed configure option
docs/libcurl: fix type and prototype problems in examples
docs/libcurl: make examples build with picky compiler options
docs/libcurl: mention sensitive data/headers
docs: add missing return statement in examples
docs: fix incorrect shell substitution in docker run example command
docs: fix typo in retry.md
docs: update distros links
doh: httpsrr fix
doh: make sure CURLOPT_PROTOCOLS is set a with a "long" arg
doh: reduce the DNS request buffer size
easy_reset: fix dohfor_mid member
ECH: reference the OpenSSL ECH feature branch
etag-save.md: mention how using both options is a good idea
eventfd: fix feature guards
formdata: cleanups
ftp: fix bug in failed init
ftp: fix race in upload handling
ftplistparser: add two overflow preventions
ftplistparser: split up into more functions
generate.bat: exclude curlinfo.c from legacy VS projects
genserv.pl: fail with a message if `openssl` is missing or failing
headers: enforce a max number of response header to accept
headers: set an error message on illegal response headers
hostip: fix build without threaded-resolver and without DoH
hostip: show the correct name on proxy resolve error
http2: fix stream window size after unpausing
HTTP3.md: fix incorrect variable placeholders
http: fix a build error when all auths are disabled
http: fix HTTP/2 handling of TE request header using "trailers"
http: in alt-svc negotiation only allow supported HTTP versions
http_aws_sigv4: add additional verbose log statements
http_aws_sigv4: improve sigv4 url encoding and canonicalization
http_chunks: narrow variable scope for 'trlen'
http_negotiate: fix non-SSL build with GSSAPI
https-connect: fix httpsrr target check
HTTPSRR.md: clarify somewhat
if2ip: build the function also if FTP is present
imap: remove redundant condition
INSTALL-CMAKE.md: fix typo
INSTALL.md: update the minimal libcurl size example
KNOWN_BUGS: fix link in sivg4 issue 16.3
lib/src/docs/test: improve curl_easy_setopt() calls
lib1560: use hex notation, drop non-ASCII exception
lib3026: drop DLL pre-load perf mitigation for old mingw
lib: add const to clientwriter tables
lib: drop curlx_getpid, use fake pid in SMB
lib: include files using known path
lib: make Curl_easyopts const
lib: unify conversions to/from hex
libcurl-tutorial.md: fix read callback explanation
libssh: add NULL check for Curl_meta_get()
libssh: fix memory leak
libssh: remove a condition that always equals false
libtest/first: stop defining MEMDEBUG_NODEFINES
libtests: define CURL_DISABLE_DEPRECATION first
make: clean tests better
mbedtls: TLS 1.3 is max when mbedtls has 1.3 support
metahash: add asserts to help analyzers
mk-ca-bundle.pl: follow redirects
mk-ca-bundle: switch URLs to GitHub versions
mkhelp: fix to not generate a line-ending space in some cases
mqtt: use conn/easy meta hash
multi: do transfer book keeping using mid
multi: init_do(): check result
netrc: avoid NULL deref on weird input
netrc: avoid strdup NULL
netrc: deal with null token better
ngtcp2: clarify ignoring of result
openssl-quic: avoid potential `-Wnull-dereference`, add assert
openssl-quic: fix printf mask
openssl-quic: fix shutdown when stream not open
openssl: enable builds for *both* engines and providers
openssl: set the cipher string before doing private cert
parsedate: provide Curl_wkday also for GnuTLS builds
processhelp.pm: always call `taskkill` with `-f` (force)
processhelp.pm: avoid potential endless loop, log more (Windows)
progress: avoid integer overflow when gathering total transfer size
pytest tls: extend coverage
pytest-xdist: pytest in parallel
pytest: add pinnedpubkey test cases
pytest: give parameterised tests better ids for read- and parsability
pytest: make test_07_22 more lenient to exit codes
quic: no local idle connection timeout, ngtcp2 keep-alive
rand: update comment on Curl_rand_bytes weak random
RELEASE-PROCEDURE.md: release candidate git tagging explained
rtsp: remove redundant condition
runtests: add retry option to reduce flakiness
runtests: fix indentation
runtests: recognize lowercase `windows` in `curl -V`
runtests: remove server verification after start
runtests: split `SSH_PWD` into `SCP_PWD` and `SFTP_PWD`, and more
rustls: make max size of cert and key reasonable
sasl: give help when unable to select AUTH
scripts: completion.pl: sort the completion file for all shells
scripts: drop unused import, formatting
scripts: fix --opts-dir help in completion.pl
scripts: fix perl indentation, whitespace, semicolons
sectransp: fix building for macOS Sierra and older
setopt: provide info for CURLE_BAD_FUNCTION_ARGUMENT
smb: avoid integer overflow on weird input date
socket: use accept4 when available
socketpair: support pipe2 where available
spacecheck.pl: check for non-ASCII chars, fix fallouts
spacecheck.pl: verify `tests/data/test*` for non-ASCII chars
src: drop strcase.[ch] from tool builds
src: include memdebug.h consistently with angle brackets <>
src: rename curlx_safefree to tool_safefree
test1173.pl: whitelist some option-looking names that aren't options
test1658: add unit test for the HTTPS RR decoder
test: make unittest 1308 into a libtest
tests/ech_tests.sh: sync shebang with rest of bash scripts
tests/FILEFORMAT.md: clarify %hex[] formatting
tests/FILEFORMAT.md: document the aws feature
tests/README.md: document --test-duphandle
tests/README.md: list the openssl tool among the prerequisites
tests/server/dnsd: basic DNS server for test suite
tests/server: check for `stream != NULL` in mqttd
tests/server: fix typo in comment
tests/server: stop using libcurl string comparisons
tests/server: stop using libcurl's printf functions
tests/serverhelp: remove last remnants of http-pipe server
tests/tunit: make a separate directory for tool-based unit tests
tests: add aws feature to the related tests
tests: Add https-mtls server to force client auth
tests: fix some test tag mismatches
tests: mark ipfs tests to require ipfs
tests: move a boolean variable out of the path section
tests: prefer `--insecure` over `-k`
tests: provide all non-ascii data hex encoded
tests: remove some unused test case sections
tests: require IPv6 for 1265, 1324, 2086
tests: separate tunit tests from unit tests more
tests: stop using libcurl's strdup
tests: unify test case keywords
tests: use a more portable null device path
TODO: remove "nicer lacking perl message"
tool_cb_write.c: handle EINTR on flush
tool_getparam: clear argument only when needed
tool_operate: make retrycheck() a separate function
tool_operate: when retrying, only truncate regular files
tool_paramhlp: avoid integer overflow in secs2ms()
tool_parsecfg: make get_line handle lines ending on the buffer boundary
typecheck-gcc.h: fix the typechecks
urlapi: redirecting to "" is considered fine
urlapi: remove unneeded guards around PUNY2IDN
urldata: remove the unused struct field 'hide_progress'
VERSIONS: list all past releases
vquic: consistent name for the stream struct across backends
vquic: init for every call to recvmsg
vtls: avoid NULL deref on bad PEM input
vtls: fix build with ssl but without http
VULN-DISCLOSURE-POLICY: use of weak algos
winbuild: add the deprecation warning to the README
winbuild: curl_get_line is not used for tool builds
windows: fix builds targeting WinXP, test it in CI
wolfssl: fix to enable ALPN when available
ws: fix the header replace check
ws: store protocol context as connection meta data
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
projects / people / mfischer / ipfire-2.x.git / commit
