From: Daniel Stenberg Date: Thu, 6 Mar 2025 15:48:46 +0000 (+0100) Subject: RELEASE-NOTES: synced X-Git-Tag: curl-8_13_0~239 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=ff86c1951be0d55caabd7a802b7b7de24b8f56ba;p=thirdparty%2Fcurl.git RELEASE-NOTES: synced --- diff --git a/RELEASE-NOTES b/RELEASE-NOTES index 5e9b92768d..0f07e360fa 100644 --- a/RELEASE-NOTES +++ b/RELEASE-NOTES @@ -4,16 +4,17 @@ curl and libcurl 8.13.0 Command line options: 268 curl_easy_setopt() options: 307 Public functions in libcurl: 96 - Contributors: 3358 + Contributors: 3363 This release includes the following changes: o curl: add write-out variable 'tls_earlydata' [79] + o curl: make --url support a file with URLs [104] + o gnutls: set priority via --ciphers [167] o IMAP: add CURLOPT_UPLOAD_FLAGS and --upload-flags [124] o lib: add CURLFOLLOW_OBEYCODE and CURLFOLLOW_FIRSTONLY [147] o OpenSSL/quictls: add support for TLSv1.3 early data [150] o rustls: add support for CERTINFO [106] - o tool_getparam: make --url support a file with URLs [104] o var: add a '64dec' function that can base64 decode a string [78] o wolfssl: tls early data support [50] @@ -29,14 +30,16 @@ This release includes the following bugfixes: o build: enable -Wjump-misses-init for GCC 4.5+ [62] o build: fix compiler warnings in feature detections [39] o build: set `-O3` and tune WinCE in CI, fix `getpart`, `vtls_scache` fallouts [137] + o build: set `HAVE_STDINT_H` if `stdint.h` is available [155] o build: set `HAVE_WRITABLE_ARGV` for Apple cross-builds [8] o build: silence bogus `-Wconversion` warnings with gcc 5.1-5.4 [68] o build: silence mingw32ce C99 format warnings, simplify CI [143] + o build: tidy-ups around `inet_pton` [180] o c-ares: error out for unsupported versions, drop unused macros [85] o ca-native.md: sync with CURLSSLOPT_NATIVE_CA [72] o cf-socket: deduplicate Windows Vista detection [11] o cf-socket: remove empty switch [75] - o client writer: handle pause before deocding [61] + o client writer: handle pause before decoding [61] o cmake: `SHARE_LIB_OBJECT=ON` requires CMake 3.12 or newer [46] o cmake: add pre-fill for Unix, enable in GHA/macos, verify pre-fills [42] o cmake: allow `CURL_STATIC_CRT` with shared libcurl and no curl exe [123] @@ -50,6 +53,7 @@ This release includes the following bugfixes: o cmake: drop two stray TLS feature checks for wolfSSL [9] o cmake: exclude `-MP` for `clang-cl` again [132] o cmake: fix `HAVE_ATOMIC`/`HAVE_STDATOMIC` pre-fill for clang-cl [28] + o cmake: fix detection pre-fills for iOS [153] o cmake: fix ECH detection in custom-patched OpenSSL [32] o cmake: hide empty `MINGW64_VERSION` output for mingw32ce [114] o cmake: improve httpd detection for pytest [127] @@ -71,12 +75,14 @@ This release includes the following bugfixes: o curl.h: change some enums to defines with L suffix [84] o curl.h: convert CURLUSESSL* names to defines [146] o curl.h: stop defining non-curl `__has_declspec_attribute` [142] + o curl.h: switch `CURL_HTTP_VERSION*` enums to long constants [160] o curl_msh3: remove verify bypass from DEBUGBUILDs [43] o curl_trc: fix build with CURL_DISABLE_VERBOSE_STRINGS [109] o CURLMOPT_SOCKETFUNCTION.md: add advice for socket callback invocation[69] o CURLOPT_HTTPHEADER.md: add comments to the example [90] o CURLOPT_HTTPHEADER.md: rephrases [108] o docs/cmdline-opts: unify HTTP version style in --help output [139] + o docs: adapt to removed --with-random [177] o docs: add FD_ZERO to curl_multi_fdset example [19] o docs: bump `rustls` to 0.14.1 [111] o docs: correct argument names & URL redirection [4] @@ -89,7 +95,10 @@ This release includes the following bugfixes: o gnutls: fix use of pkcs11 urls for keys/certs [122] o hash: use single linked list for entries [57] o hostip: make CURLOPT_RESOLVE support replacing IPv6 addresses [47] + o http2: add on_invalid_frame callback for error detection [174] + o http2: detect session being closed on ingress handling [173] o http2: enhance error messages on Curl_dyn* upon receiving headers [149] + o http2: reset stream on response header error [175] o HTTP3.md: only speak about minimal versions [18] o http: convert parsers to strparse [48] o http: fix NTLM info message typo [22] @@ -97,6 +106,7 @@ This release includes the following bugfixes: o http: make the RTSP version check stricter [73] o http: negotiation and room for alt-svc/https rr to navigate [64] o http: version negotiation [45] + o http_aws_sigv4: cannot be used for proxy [171] o http_aws_sigv4: use strparse more for parsing [55] o http_chunks: replace a strofft call with curl_str_hex [138] o https-rr: implementation improvements [44] @@ -104,6 +114,7 @@ This release includes the following bugfixes: o httpsrr: fix the HTTPS-RR threaded-resolver build combo [67] o INSTALL-CMAKE.md: CMake usage updates [101] o INSTALL-CMAKE.md: mention `ZLIB_USE_STATIC_LIBS` [112] + o lib1156: pass longs to `curl_easy_setopt()` [159] o lib: better optimized casecompare() and ncasecompare() [3] o lib: fix two curlx_strtoofft invokes [128] o lib: replace while(ISBLANK()) loops with Curl_str_passblanks() [148] @@ -116,11 +127,15 @@ This release includes the following bugfixes: o managen: correct the warning for un-escaped '<' and '>' [1] o msvc: drop support for VS2005 and older [96] o multi: event based rework [74] + o multi: start the loop over when handles are removed [129] o openssl: check return value of X509_get0_pubkey [105] o openssl: drop support for old OpenSSL/LibreSSL versions [95] + o openssl: fix pkcs11 URI checking for key files. [152] o openssl: remove bad `goto`s into other scope [63] o pytest: test negotiate with http proxy [83] + o request: clear sendbuf_hds_len when resetting request bufq [166] o runtests: accept `CURL_DIRSUFFIX` without ending slash [133] + o runtests: check and report if `diff` tool is missing [162] o runtests: drop recognizing 'winssl' as Schannel [102] o runtests: drop ref to unused external function o runtests: recognize AWS-LC as OpenSSL [103] @@ -131,25 +146,38 @@ This release includes the following bugfixes: o schannel: guard ALPN init code to ALPN builds [91] o scripts/managen: fix option 'single' [31] o scripts/managen: fix parsing of markdown code sections [30] - o setopt: remove unnecesary void pointer typecasts [76] + o setopt: remove unnecessary void pointer typecasts [76] o shutdowns: split shutdown handling from connection pool [156] + o src: avoid strdup on platforms not doing UTF-8 conversions [176] o ssh: consider sftp quote commands case sensitive [33] o ssl session cache: add exportable flag [56] o strparse: make Curl_str_number() return error for no digits [14] o strparse: switch the API to work on 'const char *' [2] o strparse: switch to curl_off_t as base data type [7] o test1167: catch #defines with extra whitespace [140] + o tests/certs: cleanup [151] + o tests/server: replace `errno` with `SOCKERRNO` in sockfilt, socksd, sws [183] + o tests/server: replace `strerror` with `sstrerror` in socksd o tests: fix comment in lib533 [121] o tests: fix enum/int confusion, fix autotools `CFLAGS` for `servers` [27] + o tests: make sure 'commands.log' is generated in the correct logdir [172] + o tests: mark tests 1631, 1632 flaky [157] o tidy-up: align MSYS2/Cygwin codepaths, follow Cygwin `MAX_PID` bump [97] o tidy-up: delete, comment or scope C macros reported unused [16] o tidy-up: drop unused `CURL_INADDR_NONE` macro and `in_addr_t` type [26] o tidy-up: use `CURL_ARRAYSIZE()` [37] o timediff: fix comment for curlx_mstotv() [25] o timediff: remove unnecessary double typecast [53] + o tool_dirhie: create dir hierarchy without strtok [169] o tool_getparam: clear sensitive arguments better [66] + o tool_getparam: do parse_upload_flags without the alloc/free [181] + o tool_getparam: parse --trace-config without strdup()/free() [178] + o tool_getparam: parse_header() without strtok [165] + o tool_operate: change "1 retries" to "1 retry" [145] o tool_operate: fail SSH transfers without server auth [70] o tool_operate: remove unnecessary (long) typecasts [141] + o tool_paramhlp: do --proto parsing without strtok [170] + o tool_parsecfg: make my_get_line skip comments and newlines [130] o urlapi: fix redirect from file:// with query, and simplify [136] o urlapi: simplify junkscan [23] o urldata: remove 'hostname' from struct Curl_async [131] @@ -160,6 +188,7 @@ This release includes the following bugfixes: o wolfssl: fix CA certificate multiple location import [34] o wolfssl: warn if CA native import option is ignored [65] o wolfssl: when using PQ KEM, use ML-KEM, not Kyber [10] + o ws: corrected curlws_cont to reflect its documented purpose [120] This release includes the following known bugs: @@ -181,14 +210,16 @@ This release would not have looked like this without help, code, reports and advice from friends like these: Anthony Hu, Carlos Henrique Lima Melara, Dan Fandrich, Daniel Stenberg, - dependabot[bot], Derek Huang, Dexter Gerig, Harry Sintonen, Jeremy Drake, - John Bampton, Joseph Chen, kayrus on github, kriztalz, Laurențiu Nicola, - lf- on github, Marcel Raad, Mark Phillips, Michał Antoniak, Peng-Yu Chen, - qhill on github, Ray Satiro, renovate[bot], rmg-x on github, - RubisetCie on github, Samuel Dionne-Riel, Sergey, Stefan Eissing, - stevenpackardblp on github, Tatsuhiro Tsujikawa, Tianyi Song, Timo Tijhof, - tiymat, Viktor Szakats, Yedaya Katsman, Zenju on github, Zhaoming Luo - (36 contributors) + dependabot[bot], Derek Huang, Dexter Gerig, Ethan Wilkes, Harry Sintonen, + Jeremy Drake, John Bampton, Joseph Chen, kayrus on github, kriztalz, + Laurențiu Nicola, lf- on github, Marcel Raad, Mark Phillips, Martxel, + Michał Antoniak, Ondřej Hlavatý, Orgad Shaneh, Peng-Yu Chen, + Philippe Antoine, qhill on github, Ray Satiro, renovate[bot], + rmg-x on github, RubisetCie on github, Samuel Dionne-Riel, Sergey, + Stefan Eissing, stevenpackardblp on github, Tatsuhiro Tsujikawa, Tianyi Song, + Timo Tijhof, tiymat, Viktor Szakats, Yedaya Katsman, Zenju on github, + Zhang Wen, Zhaoming Luo + (42 contributors) References to bug reports and discussions on issues: @@ -311,6 +342,7 @@ References to bug reports and discussions on issues: [117] = https://curl.se/bug/?i=16508 [118] = https://curl.se/bug/?i=16527 [119] = https://curl.se/bug/?i=16448 + [120] = https://curl.se/bug/?i=16512 [121] = https://curl.se/bug/?i=16523 [122] = https://curl.se/bug/?i=16249 [123] = https://curl.se/bug/?i=16516 @@ -319,6 +351,8 @@ References to bug reports and discussions on issues: [126] = https://curl.se/bug/?i=16513 [127] = https://curl.se/bug/?i=16515 [128] = https://curl.se/bug/?i=16548 + [129] = https://curl.se/bug/?i=16588 + [130] = https://curl.se/bug/?i=16590 [131] = https://curl.se/bug/?i=16451 [132] = https://curl.se/bug/?i=16550 [133] = https://curl.se/bug/?i=16506 @@ -332,9 +366,34 @@ References to bug reports and discussions on issues: [141] = https://curl.se/bug/?i=16540 [142] = https://curl.se/bug/?i=16491 [143] = https://curl.se/bug/?i=16492 + [145] = https://curl.se/bug/?i=16586 [146] = https://curl.se/bug/?i=16539 [147] = https://curl.se/bug/?i=16473 [148] = https://curl.se/bug/?i=16520 [149] = https://curl.se/bug/?i=16536 [150] = https://curl.se/bug/?i=16477 + [151] = https://curl.se/bug/?i=16593 + [152] = https://curl.se/bug/?i=16591 + [153] = https://curl.se/bug/?i=16594 + [155] = https://curl.se/bug/?i=16585 [156] = https://curl.se/bug/?i=16508 + [157] = https://curl.se/bug/?i=16584 + [159] = https://curl.se/bug/?i=16579 + [160] = https://curl.se/bug/?i=16580 + [162] = https://curl.se/bug/?i=16578 + [165] = https://curl.se/bug/?i=16572 + [166] = https://curl.se/bug/?i=16573 + [167] = https://curl.se/bug/?i=16557 + [169] = https://curl.se/bug/?i=16566 + [170] = https://curl.se/bug/?i=16567 + [171] = https://curl.se/bug/?i=16569 + [172] = https://curl.se/bug/?i=16568 + [173] = https://curl.se/bug/?i=16544 + [174] = https://curl.se/bug/?i=16544 + [175] = https://curl.se/bug/?i=16535 + [176] = https://curl.se/bug/?i=16560 + [177] = https://curl.se/bug/?i=16565 + [178] = https://curl.se/bug/?i=16559 + [180] = https://curl.se/bug/?i=16563 + [181] = https://curl.se/bug/?i=16552 + [183] = https://curl.se/bug/?i=16553