curl for Windows
Publicado: Mar Jun 01, 2021 8:26 pm
Nueva versión 7.77.0 - May 26 2021
Changes:
configure: make the TLS library choice(s) explicit
curl: ignore options asking for SSLv2 or SSLv3
hsts: enable by default
SSL: support in-memory CA certs for some backends
vtls: refuse setting any SSL version
Bugfixes:
CVE-2021-22897: schannel cipher selection surprise
CVE-2021-22898: TELNET stack contents disclosure
CVE-2021-22901: TLS session caching disaster
AmigaOS: add functions definitions for SHA256
build: fix compilation for Windows UWP platform
c-hyper: don't write to set.writeheader if null
c-hyper: fix handling of zero-byte chunk from hyper
c-hyper: handle body on HYPER_TASK_EMPTY
checksrc: complain on == NULL or != 0 checks in conditions
CI/cirrus: add shared and static Windows release builds
cmake: add CURL_ENABLE_EXPORT_TARGET option
cmake: check for getppid and utimes
cmake: detect CURL_SA_FAMILY_T
cmake: fix two invokes result in different curl_config.h
cmake: make libcurl output filename configurable
cmake: Use multithreaded compilation on VS 2008+
config: remove now-unused macros
configure: if asked for, fail if ldap is not found
configure: provide --with-openssl, deprecate --with-ssl
conn: add 'attach' to protocol handler, make libssh2 use it
connect: use CURL_SA_FAMILY_T for portability
ConnectionExists: respect requests for h1 connections better
cookie: CURLOPT_COOKIEFILE set to NULL switches off cookies
curl-wolfssl.m4: without custom include path, assume /usr/include
curl: include libmetalink version in --version output
Curl_http_header: check for colon when matching Persistent-Auth
Curl_http_input_auth: require valid separator after negotiation type
Curl_input_digest: require space after Digest
curl_mprintf.3: add description
curl_setup: provide the shutdown flags wider
curl_url_set.3: add memory management information
CURLcode: add CURLE_SSL_CLIENTCERT
CURLOPT_CAPATH.3: defaults to a path, not NULL
CURLOPT_IPRESOLVE: preventing wrong IP version from being used
CURLOPT_POSTFIELDS.3: clarify how it gets the size of the data
data_pending: check only SECONDARY socket for FTP(S) transfers
docs/TheArtOfHttpScripting: fix markdown links
docs: camelcase it like GitHub everywhere
docs: cookies from HTTP headers need domain set
docs: fix typo in fail-with-body doc
docs: improve INTERNALS.md regarding getsock cb
docs: replace dots with dashes in markdown enums
easy: ignore sigpipe in curl_easy_send
FILEFORMAT: mention sectransp as a feature
GIT-INFO: suggest using autoreconf instead of buildconf
github: add a workflow with libssh2 on macOS using cmake
github: inhibit deprecated declarations for clang on macOS
GnuTLS: don't allow TLS 1.3 for versions that don't support it
gnutls: make setting only the MAX TLS allowed version work
gskit: fix CURL_DISABLE_PROXY build
gskit: fix undefined reference to 'conn'
hostip.h: remove declaration of unimplemented function
hostip: remove the debug code for LocalHost
http2: call the handle-closed function correctly on closed stream
http2: fix a resource leak in push_promise()
http2: fix resource leaks in set_transfer_url()
http2: make sure pause is done on HTTP
http2: move the stream error field to the per-transfer storage
http2: skip immediate parsing of payload following protocol switch
http2: use nghttp2_session_upgrade2 instead of nghttp2_session_upgrade
HTTP3.md: fix nghttp2's HTTP/3 server port
HTTP3.md: make the ngtcp2 build use the quictls fork
http: deal with partial CONNECT sends
http: fix the check for 'Authorization' with Bearer
http: limit the initial send amount to used upload buffer size
http: reset the header buffer when sending the request
http: use offsets inst of integer literals for header parsing
INSTALL: add IBM i specific quirks
krb5/name_to_level: replace checkprefix with curl_strequal
krb5: don't use 'static' to store PBSZ size response
krb5: remove the unused 'overhead' function
lib/hostip6.c: make NAT64 address synthesis on macOS work
lib1564.c: enable last wakeup test part on Windows
lib: fix 0-length Curl_client_write calls
lib: fix some misuse of curlx_convert_UTF8_to_tchar
libcurl-security.3: be careful of setuid
libcurl-security.3: don't try to filter IPv4 hosts based on the URL
libcurl.3: mention the URL API
libssh2: fix Value stored to 'sshp' is never read
libssh2: ignore timeout during disconnect
libssh: fix "empty expression statement has no effect" warnings
libtest: remove lib530.c
m4: add security frameworks on Mac when compiling rustls
multi: don't close connection HTTP_1_1_REQUIRED
multi: fix slow write/upload performance on Windows
multi: reduce Win32 API calls to improve performance
ngtcp2: fix the cb_acked_stream_data_offset proto
NSS: add ciphers to map
NSS: make colons, commas and spaces valid separators in cipher list
nss_set_blocking: avoid static for sock_opt
ntlm: precaution against super huge type2 offsets
openldap: protect SSL-specific code with proper #ifdef
openldap: replace ldap_ prefix on private functions
openssl: fix build error with OpenSSL < 1.0.2
openssl: remove unneeded cast for CertOpenSystemStore()
os400: additional support for options metadata
progress: fix scan-build-11 warnings
progress: reset limit_size variables at transfer start
progress: when possible, calculate transfer speeds with microseconds
README.md: delete Codacy UTM parameters
Revert "Revert 'multi: implement wait using winsock events'"
rustls: only return CURLE_AGAIN when TLS session is fully drained
rustls: use ALPN
sasl: use 'unsigned short' to store mechanism
schannel: Disable auto credentials; add an option to enable it
schannel: Support strong crypto option
sectransp: allow cipher name to be specified
sectransp: fix EXC_BAD_ACCESS caused by uninitialized buffer
sigpipe: ignore SIGPIPE when using wolfSSL as well
sockfilt: avoid getting stuck waiting for writable socket
sockfilt: fix invalid increment of handles index variable nfd
sws: #ifdef S_IFSOCK use
sws: allow HTTP requests up to 2MB in size
test server: take care of siginterrupt() deprecation
test2100: make it run with and require IPv6
tests/disable-scan.pl: also scan all m4 files
tests/getpart: generate output URL encoded for better diffs
tests: ignore case of chunked hex numbers in tests
tls: add USE_HTTP2 define
tool_getparam: handle failure of curlx_convert_tchar_to_UTF8()
tool_getparam: replace (in-place) '%20' by '+' according to RFC1866
tool_operate: don't discard failed parallel transfer result
tool_writeout: fix the HTTP_CODE json output
travis: disable the failing libssh build
URL-SYNTAX: update IDNA section for WHATWG spec changes
urlapi: "normalize" numerical IPv4 host names
vauth: factor base64 conversions out of authentication procedures
version: add gsasl_version to curl_version_info_data
version: add OpenLDAP version in the output
vtls: deduplicate some DISABLE_PROXY ifdefs
vtls: reset ssl use flag upon negotiation failure
wolfssl: handle SSL_write() returns 0 for error
wolfssl: remove SSLv3 support leftovers
curl for Windows
Saludos,
Changes:
configure: make the TLS library choice(s) explicit
curl: ignore options asking for SSLv2 or SSLv3
hsts: enable by default
SSL: support in-memory CA certs for some backends
vtls: refuse setting any SSL version
Bugfixes:
CVE-2021-22897: schannel cipher selection surprise
CVE-2021-22898: TELNET stack contents disclosure
CVE-2021-22901: TLS session caching disaster
AmigaOS: add functions definitions for SHA256
build: fix compilation for Windows UWP platform
c-hyper: don't write to set.writeheader if null
c-hyper: fix handling of zero-byte chunk from hyper
c-hyper: handle body on HYPER_TASK_EMPTY
checksrc: complain on == NULL or != 0 checks in conditions
CI/cirrus: add shared and static Windows release builds
cmake: add CURL_ENABLE_EXPORT_TARGET option
cmake: check for getppid and utimes
cmake: detect CURL_SA_FAMILY_T
cmake: fix two invokes result in different curl_config.h
cmake: make libcurl output filename configurable
cmake: Use multithreaded compilation on VS 2008+
config: remove now-unused macros
configure: if asked for, fail if ldap is not found
configure: provide --with-openssl, deprecate --with-ssl
conn: add 'attach' to protocol handler, make libssh2 use it
connect: use CURL_SA_FAMILY_T for portability
ConnectionExists: respect requests for h1 connections better
cookie: CURLOPT_COOKIEFILE set to NULL switches off cookies
curl-wolfssl.m4: without custom include path, assume /usr/include
curl: include libmetalink version in --version output
Curl_http_header: check for colon when matching Persistent-Auth
Curl_http_input_auth: require valid separator after negotiation type
Curl_input_digest: require space after Digest
curl_mprintf.3: add description
curl_setup: provide the shutdown flags wider
curl_url_set.3: add memory management information
CURLcode: add CURLE_SSL_CLIENTCERT
CURLOPT_CAPATH.3: defaults to a path, not NULL
CURLOPT_IPRESOLVE: preventing wrong IP version from being used
CURLOPT_POSTFIELDS.3: clarify how it gets the size of the data
data_pending: check only SECONDARY socket for FTP(S) transfers
docs/TheArtOfHttpScripting: fix markdown links
docs: camelcase it like GitHub everywhere
docs: cookies from HTTP headers need domain set
docs: fix typo in fail-with-body doc
docs: improve INTERNALS.md regarding getsock cb
docs: replace dots with dashes in markdown enums
easy: ignore sigpipe in curl_easy_send
FILEFORMAT: mention sectransp as a feature
GIT-INFO: suggest using autoreconf instead of buildconf
github: add a workflow with libssh2 on macOS using cmake
github: inhibit deprecated declarations for clang on macOS
GnuTLS: don't allow TLS 1.3 for versions that don't support it
gnutls: make setting only the MAX TLS allowed version work
gskit: fix CURL_DISABLE_PROXY build
gskit: fix undefined reference to 'conn'
hostip.h: remove declaration of unimplemented function
hostip: remove the debug code for LocalHost
http2: call the handle-closed function correctly on closed stream
http2: fix a resource leak in push_promise()
http2: fix resource leaks in set_transfer_url()
http2: make sure pause is done on HTTP
http2: move the stream error field to the per-transfer storage
http2: skip immediate parsing of payload following protocol switch
http2: use nghttp2_session_upgrade2 instead of nghttp2_session_upgrade
HTTP3.md: fix nghttp2's HTTP/3 server port
HTTP3.md: make the ngtcp2 build use the quictls fork
http: deal with partial CONNECT sends
http: fix the check for 'Authorization' with Bearer
http: limit the initial send amount to used upload buffer size
http: reset the header buffer when sending the request
http: use offsets inst of integer literals for header parsing
INSTALL: add IBM i specific quirks
krb5/name_to_level: replace checkprefix with curl_strequal
krb5: don't use 'static' to store PBSZ size response
krb5: remove the unused 'overhead' function
lib/hostip6.c: make NAT64 address synthesis on macOS work
lib1564.c: enable last wakeup test part on Windows
lib: fix 0-length Curl_client_write calls
lib: fix some misuse of curlx_convert_UTF8_to_tchar
libcurl-security.3: be careful of setuid
libcurl-security.3: don't try to filter IPv4 hosts based on the URL
libcurl.3: mention the URL API
libssh2: fix Value stored to 'sshp' is never read
libssh2: ignore timeout during disconnect
libssh: fix "empty expression statement has no effect" warnings
libtest: remove lib530.c
m4: add security frameworks on Mac when compiling rustls
multi: don't close connection HTTP_1_1_REQUIRED
multi: fix slow write/upload performance on Windows
multi: reduce Win32 API calls to improve performance
ngtcp2: fix the cb_acked_stream_data_offset proto
NSS: add ciphers to map
NSS: make colons, commas and spaces valid separators in cipher list
nss_set_blocking: avoid static for sock_opt
ntlm: precaution against super huge type2 offsets
openldap: protect SSL-specific code with proper #ifdef
openldap: replace ldap_ prefix on private functions
openssl: fix build error with OpenSSL < 1.0.2
openssl: remove unneeded cast for CertOpenSystemStore()
os400: additional support for options metadata
progress: fix scan-build-11 warnings
progress: reset limit_size variables at transfer start
progress: when possible, calculate transfer speeds with microseconds
README.md: delete Codacy UTM parameters
Revert "Revert 'multi: implement wait using winsock events'"
rustls: only return CURLE_AGAIN when TLS session is fully drained
rustls: use ALPN
sasl: use 'unsigned short' to store mechanism
schannel: Disable auto credentials; add an option to enable it
schannel: Support strong crypto option
sectransp: allow cipher name to be specified
sectransp: fix EXC_BAD_ACCESS caused by uninitialized buffer
sigpipe: ignore SIGPIPE when using wolfSSL as well
sockfilt: avoid getting stuck waiting for writable socket
sockfilt: fix invalid increment of handles index variable nfd
sws: #ifdef S_IFSOCK use
sws: allow HTTP requests up to 2MB in size
test server: take care of siginterrupt() deprecation
test2100: make it run with and require IPv6
tests/disable-scan.pl: also scan all m4 files
tests/getpart: generate output URL encoded for better diffs
tests: ignore case of chunked hex numbers in tests
tls: add USE_HTTP2 define
tool_getparam: handle failure of curlx_convert_tchar_to_UTF8()
tool_getparam: replace (in-place) '%20' by '+' according to RFC1866
tool_operate: don't discard failed parallel transfer result
tool_writeout: fix the HTTP_CODE json output
travis: disable the failing libssh build
URL-SYNTAX: update IDNA section for WHATWG spec changes
urlapi: "normalize" numerical IPv4 host names
vauth: factor base64 conversions out of authentication procedures
version: add gsasl_version to curl_version_info_data
version: add OpenLDAP version in the output
vtls: deduplicate some DISABLE_PROXY ifdefs
vtls: reset ssl use flag upon negotiation failure
wolfssl: handle SSL_write() returns 0 for error
wolfssl: remove SSLv3 support leftovers
curl for Windows
Saludos,