| Message ID | 20241109173814.1058040-1-adolf.belka@ipfire.org |
|---|---|
| State | New |
| Headers |
Return-Path: <development-bounces@lists.ipfire.org> Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mail01.haj.ipfire.org", Issuer "R11" (verified OK)) by web04.haj.ipfire.org (Postfix) with ESMTPS id 4Xm31t4dznz3x61 for <patchwork@web04.haj.ipfire.org>; Sat, 9 Nov 2024 17:38:26 +0000 (UTC) Received: from mail02.haj.ipfire.org (mail02.haj.ipfire.org [172.28.1.201]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) client-signature ECDSA (secp384r1)) (Client CN "mail02.haj.ipfire.org", Issuer "E6" (verified OK)) by mail01.ipfire.org (Postfix) with ESMTPS id 4Xm31p2MHpz15G; Sat, 9 Nov 2024 17:38:22 +0000 (UTC) Received: from mail02.haj.ipfire.org (localhost [127.0.0.1]) by mail02.haj.ipfire.org (Postfix) with ESMTP id 4Xm31p02dNz34LQ; Sat, 9 Nov 2024 17:38:22 +0000 (UTC) Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mail01.haj.ipfire.org", Issuer "R11" (verified OK)) by mail02.haj.ipfire.org (Postfix) with ESMTPS id 4Xm31l4316z32VK for <development@lists.ipfire.org>; Sat, 9 Nov 2024 17:38:19 +0000 (UTC) Received: from [127.0.0.1] (localhost [127.0.0.1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by mail01.ipfire.org (Postfix) with ESMTPSA id 4Xm31k15bszQS; Sat, 9 Nov 2024 17:38:17 +0000 (UTC) DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=ipfire.org; s=202003ed25519; t=1731173898; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding; bh=f0AvD0HtXcxyQoB1AYf8y6pHC9vd8NdW/qpTQacRj6U=; b=bZTI6XuuSIEC95gXKBSLN3JbzIj+Gqn43NRuEO7UHb00hZ3X1myFG9dEu4a/OtF0JoWzrW KTeX1CoDIDb8B+CQ== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ipfire.org; s=202003rsa; t=1731173898; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding; bh=f0AvD0HtXcxyQoB1AYf8y6pHC9vd8NdW/qpTQacRj6U=; b=QYfUIWre8FFmA5id1zRd9pQMlKQPUFEaFY5MQBtRH2dmzMEZstljk9JvfzLabcMxqAnn6r h8G6QXgcLM4TluvDPW9bSZH4QHXdhegR8DDxnLVh5cxWM2nWaDxyYevBXB8aybUadNLjKa e5wuJweGWM18CBAu5eDvQGvIHf8xxZVPjFcjmNSIL1n76JTngED4/FnZJIIuaSPOwxyZzV AbwiGMe8JLzznJB5ltpuwy2tnazUCnqGTzEhaUcK33ou8rZ029X8uhqhKG8rTYUBfyEBql woyzB82ki9dEbr5SMh9uxvssIbqoAo+ljEdqJD4NBQFlDCT42XaCPpejqxBBHg== From: Adolf Belka <adolf.belka@ipfire.org> To: development@lists.ipfire.org Subject: [PATCH] curl: Update to version 8.11.0 Date: Sat, 9 Nov 2024 18:38:08 +0100 Message-ID: <20241109173814.1058040-1-adolf.belka@ipfire.org> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Message-ID-Hash: HWEKLU5SIMFNXDXHZJ5QSGR73TPLDCBN X-Message-ID-Hash: HWEKLU5SIMFNXDXHZJ5QSGR73TPLDCBN X-MailFrom: adolf.belka@ipfire.org X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header X-Mailman-Version: 3.3.8 Precedence: list List-Id: IPFire development talk <development.lists.ipfire.org> Archived-At: <https://lists.ipfire.org/hyperkitty/list/development@lists.ipfire.org/message/HWEKLU5SIMFNXDXHZJ5QSGR73TPLDCBN/> List-Archive: <https://lists.ipfire.org/hyperkitty/list/development@lists.ipfire.org/> List-Help: <mailto:development-request@lists.ipfire.org?subject=help> List-Owner: <mailto:development-owner@lists.ipfire.org> List-Post: <mailto:development@lists.ipfire.org> List-Subscribe: <mailto:development-join@lists.ipfire.org> List-Unsubscribe: <mailto:development-leave@lists.ipfire.org> |
| Series |
curl: Update to version 8.11.0
|
|
Commit Message
Adolf Belka
Nov. 9, 2024, 5:38 p.m. UTC
- Update from version 8.10.0 to 8.11.0
- Update of rootfile
- Changelog
8.11.0
Changes:
curl: --create-dirs works for --dump-header as well
gtls: Add P12 format support
ipfs: add options to disable
TLS: TLSv1.3 earlydata support for curl
WebSockets: make support official (non-experimental)
Bugfixes:
alt-svc: honor data->state.httpwant
altsvc: avoid using local buffer and memcpy
asyn-ares: remove typecast, fix expire
autotools: add support for 'unity' builds, enable in CI
bearssl: avoid strpcy() when generating TLS version log message
bearssl: improved session handling, test exceptions
bufq: unwrite fix
build: add `ldap` to `libcurl.pc` `Requires:`
build: add pytest targets
build: clarify CA embed is for curl tool, mark default, improve summary
build: detect and use `_setmode()` with Cygwin/MSYS, also use on Windows
build: disable warning `-Wunreachable-code-break`
build: fix clang-cl builds, add CI job
build: fix cross-compile check for poll with bionic
build: fix possible `-Wformat-overflow` in lib557
build: limit arc4random detection to no-SSL configs
build: show if CA bundle to embed was found
build: tidy up and improve versioned-symbols options
build: tidy up deprecation suppression, enable warnings for clang
certs: add missing `-CAcreateserial` option for LibreSSL
checksrc: add check for spaces around logical AND operators
checksrc: Added checks for colon operator in ternary expressions
checksrc: check for spaces around '?', '>' and '<'
ci: dump `curl_config.h` to log in all jobs
CI: run with standard mod_http2
cmake, Makefile.mk: use -isystem for headers, silence BearSSL issues
cmake/FindCares: fix version detection for c-ares 1.34.1
cmake/FindNGTCP2: use library path as hint for finding crypto module
cmake: add missed variable to comment
cmake: add native `pkg-config` detection for mbedTLS, MSH3, Quiche, Rustls, wolfSSL
cmake: allow building tests in unity mode
cmake: apply `WIN32_LEAN_AND_MEAN` to all feature checks
cmake: avoid setting `BUILD_TESTING`
cmake: clear package version after `pkg-config` detection
cmake: delete unused NEED_LBER_H, HAVE_LDAP_H
cmake: detect `HAVE_NETINET_IN6_H`, `HAVE_CLOSESOCKET_CAMEL`, `HAVE_PROTO_BSDSOCKET_H`
cmake: detect GNU GSS
cmake: disable default OpenSSL if BearSSL, GnuTLS or Rustls is enabled
cmake: do not propagate unused `HAVE_GSSAPI_GSSAPI_KRB5_H` to C
cmake: document `-D` and env build options
cmake: drop obsolete items from `TODO` and `INSTALL-CMAKE`
cmake: drop redundant assignments
cmake: drop redundant zlib var, rename function (internals)
cmake: expand CURL_USE_PKGCONFIG to non-cross MINGW
cmake: fix broken dependency chain for cmdline-opts, tidy-ups
cmake: fix compile warnings for clang-cl
cmake: fix missing spacing in log message
cmake: limit `CURL_STATIC_CRT` to MSVC
cmake: make `test-ci` target skip building dependencies
cmake: mark as advanced some internal Find* variables
cmake: readd `generate-curl.1` dependency for `src` just in case
cmake: rename LDAP dependency config variables to match Find modules
cmake: replace `check_include_file_concat()` for LDAP and GSS detection
cmake: replace `CURL_*_DIR` with `{PROJECT,CMAKE_CURRENT}_*_DIR`
cmake: require quictls (or fork) when using msh3 on non-Windows
cmake: separate target for examples, optimize CI, fix fallouts
cmake: set version for `project()` and add CPack support
cmake: stop adding dependency headers to global `CMAKE_REQUIRED_INCLUDES`
cmake: sync torture test parallelism with autotools
cmake: tidy up `CURL_DISABLE_FORM_API` initialization
cmake: tidy up and shorten symbol hiding initialization
cmake: tidy up line order
cmake: tidy up picky warning initialization
cmake: tidy-ups and rebase fixups
cmake: tweaks around debug mode and hidden symbols
cmake: untangle feature detection interdependencies
cmake: use `list(APPEND)` on `CURL_INCLUDES`
cmake: use OpenSSL for LDAP detection only if available
cmake: use the `BSD` variable
config: rename the OS define to CURL_OS to reduce collision risk
configure: add GSS to `libcurl.pc` `Depends:`
configure: catch Apple in more target triplets
configure: drop duplicate feature checks for `poll()`, `if_nametoindex()`
configure: drop unused bare `socket.h` detection
configure: improve help string for some options
conncache: find bundle again in case it is removed
conncache: more efficient implementation of cpool_remove_bundle
cookie: overhaul and cleanup
curl-rustls.m4: set linker flags to allow rustls build on macos
curl.h: remove the struct pointer for CURL/CURLSH/CURLM typedefs
curl: add build options for safe/no CA bundle search (Windows)
curl: detect ECH support dynamically, not at build time
curl_addrinfo: support operating systems with only getaddrinfo(3)
curl_multi_perform.md: fix typo
curl_trc: fix build with verbose messages disabled
curl_url_set.md: document HOST handling when URL is parsed
curl_ws_recv.md: the 'meta' pointer is only returned on success
curl_ws_recv: return recv 0 and point meta to NULL on all errors
CURLMOPT_PIPELINING.md: clarify that CURLPIPE_NOTHING is not default
CURLOPT_APPEND.md: goes for SFTP as well
CURLOPT_HEADERFUNCTION.md: do not modify the passed in buffer
DISABLED: disable test 1060 with hyper
DISTROS: avoid use of "very"
Dockerfile: update Docker digest to d830561
docs/cmdline-opts: GnuTLS supports PKCS#11 URI in --cert option
docs: clarify FTP over HTTP proxy functionality somewhat
docs: fix a typo in some cipher options
ech: spelling, whitespace, say `--ech` default config
ftp: fix 0-length last write on upload from stdin
ftp: move listen handling to socket filter
GHA: optimize test prereq steps
gnutls: use session cache for QUIC
hsts: avoid the local buffer and memcpy on lookup
hsts: improve subdomain handling
hsts: support "implied LWS" properly around max-age
http2: auto reset stream on server eos
http_aws_sigv4: avoid local buffer and strcpy
INSTALL-CMAKE.md: mention focus on shared libraries
INSTALL-CMAKE: fix punctuation and a typo
INSTALL.md: fix a typo that slipped in to RISC OS
json.md: cli-option `--json` is an alias of `--data-binary`
lib, src, tests: added space around ternary expressions
lib/cw-out: initialize 'flush_all' directly
lib/src: white space edits to comply better with code style
lib: avoid assigning 'result' temporarily
lib: fix disabled-verbose-strings + enable-debug build warnings
lib: fix unity builds with BearSSL, MSH3, Quiche, OmniOS
lib: move curl_path.[ch] into vssh/
lib: msnprintf tidy-ups
lib: remove Curl_ prefix from static functions
lib: remove function pointer typecasts for hmac/sha256/md5
lib: use bool/TRUE/FALSE properly
libcurl/opts: improve phrasing for connection cap related options
libssh.c: handle EGAINS during proto-connect correctly
libssh2: delete duplicate `break`
libssh2: put the readdir buffers into struct
libssh2: use the Curl_* memory functions to avoid memdebug
libssh2: use the filename buffer when getting the homedir
libtests: generate the lib1521 atomically
mbedTLS: fix handling of TLSv1.3 sessions
mbedtls: handle session as blobs
mbedtls: remove failf() use from mbedtls_random
mk-lib1521: fix the long return code check
mprintf: do not ignore length modifiers of `%o`, `%x`, `%X`
mprintf: treat `%o` as unsigned, add tests for `%o`, `%x`, `%X`
mqtt: fix mqtt.md wording and add clearer explanation
multi.c: make stronger check for paused transfer before asserting
multi.c: warn/assert on stall only without timer
multi: avoid reading whole struct pointer from pointer
multi: convert Curl_follow to static multi_follow
multi: make curl_multi_cleanup invalidate magic latter
multi: make multi_handle_timeout use the connect timeout
multi: split multi_runsingle into sub functions
negotiate: conditional check around GSS & SSL specific code
netrc: cache the netrc file in memory
ngtcp2: do not loop on recv
ngtcp2: set max window size to 10x of initial (128KB)
openssl quic: populate x509 store before handshake
openssl: convert a memcpy to dynbuf use
openssl: extend the OpenSSL error messages
openssl: improve retries on shutdown
openssl: remove two strcpy() calls
OS400: don't delete source files when building with debug
packages/OS400/curlmain: remove the strncpy calls
processhelp.pm: improve taskkill calls (Windows)
pytest: fix run against multissl curl
pytest: improve pytest_07_42a reliability
pytest: include `buildinfo.txt` in the output
pytest: include curl version string and python platform in log
pytest: show curl features and protocols
quic: use send/recvmmsg when available
quic: use the session cache with wolfSSL as well
request: on shutdown send, proceed normally on timeout
runtests.md: suggest a value for -j for torture tests
runtests: add comment for handle64 pathsep requirement
runtests: drop unused code for old/classic-mingw support
runtests: pass single backslashes with Windows Perl
runtests: use deterministic sort for `TESTINFO` lines
schannel: fix TLS cert verification by IP SAN
schannel: ignore error on recv beyond close notify
schannel: reclassify extra-verbose schannel_recv messages
select: use poll() if existing, avoid poll() with no sockets
sendf: add condition to max-filesize check
server/mqttd: fix two memory leaks
setopt: avoid superfluous length checks before strcmp()
setopt: return error for bad input to CURLOPT_RTSP_REQUEST
setopt_cptr: make overflow check only done when needed
singleuse: make `git grep` faster, add Apple `nm` support
smb: do not redefine `getpid` on Windows
smb: replace use of strcpy() with snprintf()
socks_gssapi: switch to dynbuf from buffer with strcpy
source: avoid use of 'very' in comments
src/lib: remove redundant ternary operators
src: guard for double declaration of `curl_ca_embed` in unity builds
sws: fix unused static function with `TCP_NODELAY` undefined
telnet: avoid two strcpy() by pointing to the strings instead
test1035: convert host name back to utf8 as should be
test1515: add tracing and more debug info
test1540: add debug logging
test190: replace %FTPTIME2 with a fixed value
test1915: add tracing and connect timeout
test1915: remove wrong comment
test2502: add libtest debug tracing
test504: fix handling on pending connect
testrun: explicitly set proper IP address for stunnel listen/connect
tests/http: fix ubuntu GnuTLS CI failures
tests/scorecard: allow remote server test
tests/server/util.c: remove use of strncpy
tests/valgrind.pm: fix warnings with no valgrind report to show
tests/valgrind.supp: remove a travis suppression, add a Debian
tests: add and use `%PERL` variable to refer to the Perl binary
tests: add codeset-utf8 as a feature
tests: add file: tests with existing files
tests: allow pytests to run in out-of-tree builds
tests: capture stdin to get the vsftpd version number
tests: change Python code style to pass ruff checks
tests: check http/2 and http/3 server responsiveness
tests: delete duplicate macro check
tests: enable additional ruff Python lint options
tests: fix `%POSIX_PWD` on native Windows Perl
tests: fix callback signatures to please UndefinedBehaviorSanitizer
tests: Fix FILEFORMAT <file name=""> directive
tests: fix keyword for test1411
tests: fix shell quoting on native Windows Perl
tests: fix some Python typing issues
tests: fixup `checkcmd` `PATH` on non-unixy platforms
tests: improve mqtt server handling
tests: introduce %CLIENT6IP-NB
tests: let openssl generate random cert serials
tests: libtests and unit tests need explicit #include memdebug
tests: make precheck for HTTP on 127.0.0.1 into a feature
tests: Only log warnings or worse by default in smbserver
tests: postcheck is now in verify
tests: remove all valgrind disable instructions
tests: remove debug requirement on 38 tests
tests: remove the %FTPTIME3 variable
tests: replace `%PWD` with `%FILE_PWD` for `file://`
tests: replace `%PWD` with `%SSH_PWD` in SCP/SFTP tests
tests: replace hard-coded `/dev/null` with variable
tests: simplify `pathhelp.pm`, avoid using external tools
tests: speed up builds with single-binary test bundles
tests: testrunner fairness
tests: testrunner reliability improvements
tests: use '-4' where needed
tests: use a set for several of the curl_props
tftp: avoid two memcpy/strcpy
tidy-up: rename CURL_WINDOWS_APP to CURL_WINDOWS_UWP
tls: avoid abusing CURLE_SSL_ENGINE_INITFAILED
tool: support --show-headers AND --remote-header-name
tool_doswin: simplify; remove unused options and strncpy calls
tool_getparam: drop unused time() call
tool_getparam: replace two uses of strncpy(), ban strncpy
tool_operate: make --skip-existing work for --parallel
tool_operate: reuse the schannel backend check
tool_xattr: create the user.creator xattr attribute
unit1307: tidy up Apple OS detection
unit1660: fix unreachable code warning in no-SSL builds
url: connection reuse on h3 connections
url: use same credentials on redirect
urlapi: drop unused header
urlapi: normalize the IPv6 address
version: minor cleanups
version: say quictls in MSH3 builds
vquic: fix compiler warning with gcc + MUSL
vquic: recv_mmsg, use fewer, but larger buffers
vtls: convert Curl_pin_peer_pubkey to use dynbuf
vtls: convert pubkey_pem_to_der to use dynbuf
warnless: remove curlx_sktosi and curlx_sitosk
winbuild/README: consolidate command prompt section
winbuild/README: document how to clean a build
winbuild: add initial wolfSSL support
winbuild: drop `gen_resp_file.bat`
wolfssl: convert malloc + memcpys to dynbuf for cipher string
wolfSSL: fix handling of TLSv1.3 sessions
wolfssl: no more use of the OpenSSL API
wolfssl: use old version API without openssl extra
8.10.1
Bugfixes:
autotools: fix `--with-ca-embed` build rule
cmake: ensure `CURL_USE_OPENSSL`/`USE_OPENSSL_QUIC` are set in sync
cmake: fix MSH3 to appear on the feature list
connect: store connection info when really done
CURLMOPT_TIMERFUNCTION.md: emphasize that only a single timer should run
FTP: partly revert eeb7c1280742f5c8fa48a4340fc1e1a1a2c7075a
http2: when uploading data from stdin, fix eos forwarding
http: make max-filesize check not count ignored bodies
lib: fix AF_INET6 use outside of USE_IPV6
libcurl-docs: CURLINFO_LOCAL_* work for QUIC as well as TCP
multi: check that the multi handle is valid in curl_multi_assign
QUIC: on connect, keep on trying on draining server
request: correctly reset the eos_sent flag
runtests: accecpt 'quictls' as OpenSSL compatible
rustls: fixed minor logic bug in default cipher selection
rustls: rustls-ffi 0.14.0 update
rustls: support strong CSRNG data
setopt: remove superfluous use of ternary expressions
singleuse: drop `Curl_memrchr()` for no-HTTP builds
test537: cap the rlimit max this test runs
tests: tweak lock file handling and timers
tool_cb_wrt: use "curl_response" if no file name in URL
transfer: fix sendrecv() without interim poll
vtls: fix `Curl_ssl_conn_config_match` doc param
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
---
config/rootfiles/common/curl | 1 +
lfs/curl | 4 ++--
2 files changed, 3 insertions(+), 2 deletions(-)
diff --git a/config/rootfiles/common/curl b/config/rootfiles/common/curl index be5ba351d..7d0f47756 100644 --- a/config/rootfiles/common/curl +++ b/config/rootfiles/common/curl @@ -37,6 +37,7 @@ usr/lib/libcurl.so.4.8.0 #usr/share/man/man3/CURLINFO_CONTENT_LENGTH_UPLOAD_T.3 #usr/share/man/man3/CURLINFO_CONTENT_TYPE.3 #usr/share/man/man3/CURLINFO_COOKIELIST.3 +#usr/share/man/man3/CURLINFO_EARLYDATA_SENT_T.3 #usr/share/man/man3/CURLINFO_EFFECTIVE_METHOD.3 #usr/share/man/man3/CURLINFO_EFFECTIVE_URL.3 #usr/share/man/man3/CURLINFO_FILETIME.3 diff --git a/lfs/curl b/lfs/curl index 4b901cad7..c3d5d2762 100644 --- a/lfs/curl +++ b/lfs/curl @@ -24,7 +24,7 @@ include Config -VER = 8.10.0 +VER = 8.11.0 THISAPP = curl-$(VER) DL_FILE = $(THISAPP).tar.xz @@ -40,7 +40,7 @@ objects = $(DL_FILE) $(DL_FILE) = $(DL_FROM)/$(DL_FILE) -$(DL_FILE)_BLAKE2 = 18b438c0e4e7b0b698a1fee16406c611124e3d137349869dd8dbb43b5ba45163c6a053e02f665e627424c96e18f8499c13ebe1eeb4c1441936d0183d28696ae6 +$(DL_FILE)_BLAKE2 = 3db13ed558bee332e07e1eab878b5ecae14cd049c115eea3a25fcb78cf28aadfe577dc224df75b62844529994ec478a9a74fed5c9bae338f809d231420ae5d0a install : $(TARGET)