| Message ID | 20250603121835.3299551-1-adolf.belka@ipfire.org |
|---|---|
| State | Staged |
| Commit | 5e55603f197d4ca311e5ae4c6b0af6413d8afdc1 |
| Headers |
Return-Path: <development+bounces-531-patchwork=ipfire.org@lists.ipfire.org> Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) client-signature RSA-PSS (4096 bits)) (Client CN "mail01.haj.ipfire.org", Issuer "R10" (verified OK)) by web04.haj.ipfire.org (Postfix) with ESMTPS id 4bBVB21ff4z3xSm for <patchwork@web04.haj.ipfire.org>; Tue, 3 Jun 2025 12:18:50 +0000 (UTC) Received: from mail02.haj.ipfire.org (mail02.haj.ipfire.org [172.28.1.201]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) client-signature ECDSA (secp384r1)) (Client CN "mail02.haj.ipfire.org", Issuer "E5" (verified OK)) by mail01.ipfire.org (Postfix) with ESMTPS id 4bBV9w5PBLz6f5 for <patchwork@ipfire.org>; Tue, 3 Jun 2025 12:18:44 +0000 (UTC) Received: from mail02.haj.ipfire.org (localhost [127.0.0.1]) by mail02.haj.ipfire.org (Postfix) with ESMTP id 4bBV9v1qgQz35Z9 for <patchwork@ipfire.org>; Tue, 3 Jun 2025 12:18:43 +0000 (UTC) X-Original-To: development@lists.ipfire.org Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mail01.haj.ipfire.org", Issuer "R10" (verified OK)) by mail02.haj.ipfire.org (Postfix) with ESMTPS id 4bBV9r2VK5z2y97 for <development@lists.ipfire.org>; Tue, 3 Jun 2025 12:18:40 +0000 (UTC) Received: from [127.0.0.1] (localhost [127.0.0.1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by mail01.ipfire.org (Postfix) with ESMTPSA id 4bBV9q2sDKzld; Tue, 3 Jun 2025 12:18:39 +0000 (UTC) DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=ipfire.org; s=202003ed25519; t=1748953119; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding; bh=ih0hK4eC1aoqJqk9Z92Sjqeu4xwfmxaB6GHw7lbjSj0=; b=gQ5Xdb+cJyok7hO/dE/fJ4WmC66yLbWd+KZ7NesRyAQj7AKI2BA9H4dx67DhzxcTuT/9ei e+sNKHOGCWvvCVCw== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ipfire.org; s=202003rsa; t=1748953119; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding; bh=ih0hK4eC1aoqJqk9Z92Sjqeu4xwfmxaB6GHw7lbjSj0=; b=uJKR4+OvqS5MElI2molR7zwKVCdKNch5pFtnLLYwDoKaVC/F7fB3cG/ewtzODQbWQxDS0Y 1h0bdqdQq6oYhUfaer6FZwy8wpp1rKcKALomxDnSp8qou6ja31HqY9fNQS8hZa3XM2u85C IbXBw6aO536Bed3jVf/sR0mrW2Zu5g46dRDvcAAD95YmARtpuEpK9VSRL0vLiw1QWxGPjI ZIwbkd/y8tMwaB5ZgMRaoV+w+xj6UmX62l0z1a3yjbb1dEqqSBTbmO6uHbaQg5+XpvYWne rYafQyEQFevaWShE8vjAKGJL7O/9OkvLDtRaxgyMb9D7or2U+CFgNxBbaNcXgw== From: Adolf Belka <adolf.belka@ipfire.org> To: development@lists.ipfire.org Cc: Adolf Belka <adolf.belka@ipfire.org> Subject: [PATCH] curl: Update to version 8.14.0 Date: Tue, 3 Jun 2025 14:18:31 +0200 Message-ID: <20250603121835.3299551-1-adolf.belka@ipfire.org> Precedence: list List-Id: <development.lists.ipfire.org> List-Subscribe: <https://lists.ipfire.org/>, <mailto:development+subscribe@lists.ipfire.org?subject=subscribe> List-Unsubscribe: <https://lists.ipfire.org/>, <mailto:development+unsubscribe@lists.ipfire.org?subject=unsubscribe> List-Post: <mailto:development@lists.ipfire.org> List-Help: <mailto:development+help@lists.ipfire.org?subject=help> Sender: <development@lists.ipfire.org> Mail-Followup-To: <development@lists.ipfire.org> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit |
| Series |
curl: Update to version 8.14.0
|
|
Commit Message
Adolf Belka
June 3, 2025, 12:18 p.m. UTC
- Update from version 8.13.0 to 8.14.0
- Update of rootfile
- Changelog
8.14.0
Changes:
mqtt: send ping at upkeep interval
schannel: handle pkcs12 client certificates containing CA certificates
TLS: add CURLOPT_SSL_SIGNATURE_ALGORITHMS and --sigalgs
vquic: ngtcp2 + openssl support
wcurl: import v2025.04.20 script + docs
websocket: add option to disable auto-pong reply
Bugfixes:
_SEEALSO.md: remove spaces around command and man page section
asny-thrdd: fix detach from running thread
asnyc-thrdd: explain how this is okay with a comment
asyn resolver code improvements
async-threaded resolver: use ref counter
async: DoH improvements
autotools: detect `wolfSSL_set_quic_use_legacy_code` like cmake does
autotools: install shell completion files on cross build
aws-sigv4: allow a blank string
build: check required rustls-ffi version
build: enable gcc-12/13+, clang-10+ picky warnings
build: enable gcc-15 picky warnings
certs: drop unused `default_bits` from `.prm` files
cf-https-connect: use the passed in dns struct pointer
cf-socket: fix FTP accept connect
cfilters: remove assert
cmake/FindNGTCP2: simplify multi-pkg-config detection
cmake: append picky warnings to `CMAKE_REQUIRED_FLAGS` as string
cmake: avoid 'target is imported but not globally visible' when consuming
libcurl with old cmake
cmake: do not install `mk-ca-bundle` script and manpage
cmake: enable `-Wall` for MSVC when `PICKY_COMPILER=ON`
cmake: extend integration tests
cmake: fix `fish` install directory detection via `pkg-config`
cmake: fix nghttp3 static linking with `USE_OPENSSL_QUIC=ON`
cmake: fix option() and mark_as_advanced() mixed order
cmake: fix shell completion install when just one flavor is enabled
cmake: honor individual picky option overrides found in `CMAKE_C_FLAGS`
cmake: install shell completions for cross-builds
cmake: link `crypt32` for OpenSSL feature detection
cmake: merge `CURL_WERROR` logic into `PickyWarnings.cmake`
cmake: prefer `COMPILE_OPTIONS` over `CMAKE_C_FLAGS` for custom C options
cmake: quotes, whitespace, use `VERSION_GREATER_EQUAL`
cmake: revert `CURL_LTO` behavior for multi-config generators
cmake: set `BUILDING_LIBCURL` directly for unit test targets
cmake: stop deleting `-W<n>` from `CMAKE_C_FLAGS` (MSVC)
cmake: tidy up and document feature detections in dependencies
cmake: use `CMAKE_COMPILE_WARNING_AS_ERROR` if available
cmake: use `INCLUDE_DIRECTORIES` prop to specify local header dirs
cmake: use `LIB_NAME` in `curl-config.cmake.in`
cmake: use absolute paths for completion targets
cmake: use the `LINK_OPTIONS` property with CMake 3.13+
configure: catch asking for double resolver without https-rr
configure: fix --disable-rt
configure: restore link checks
configure: suppress command not found for brew
conncache: make Curl_cpool_init return void
connect: shutdown timer fix
content_encoding: Transfer-Encoding parser improvements
CONTRIBUTE: add project guidelines for AI use
contrithanks.sh: drop set -e
cpool/cshutdown: force close connections under pressure
curl: fix memory leak when -h is used in config file
curl: only warn once for --manual in manual-disabled build
curl_get_line: handle lines ending on the buffer boundary
curl_krb5: only use functions if FTP is still enabled
curl_multibyte: fixup low-level calls, include in unity builds
curl_osslq: remove a leftover debug fprintf() call
curl_version_info.md: clarify ssl_version for MultiSSL
CURLMOPT_TIMERFUNCTION.md: correct the example
CURLOPT_ERRORBUFFER.md: buffer is read only after curl takes ownership
CURLOPT_FOLLOWLOCATION.md: switch to GET => no body
CURLOPT_READFUNCTION.md: mention the seek callback
CURLOPT_XFERINFOFUNCTION.md: fix the callback return type in example
curlx: move the docs to docs/internals/
DEPRECATE.md: drop support for VS2008
DEPRECATE.md: drop Windows CE support
dist: drop duplicate entry from `CMAKE_DIST`
dns_entry: move from conn to data->state
Dockerfile: update debian:bookworm-slim Docker digest to 90522ee
docs/INSTALL.md: drop reference to removed configure option
docs/libcurl: fix type and prototype problems in examples
docs/libcurl: make examples build with picky compiler options
docs/libcurl: mention sensitive data/headers
docs: add missing return statement in examples
docs: fix incorrect shell substitution in docker run example command
docs: fix typo in retry.md
docs: update distros links
doh: httpsrr fix
doh: make sure CURLOPT_PROTOCOLS is set a with a "long" arg
doh: reduce the DNS request buffer size
easy_reset: fix dohfor_mid member
ECH: reference the OpenSSL ECH feature branch
etag-save.md: mention how using both options is a good idea
eventfd: fix feature guards
formdata: cleanups
ftp: fix bug in failed init
ftp: fix race in upload handling
ftplistparser: add two overflow preventions
ftplistparser: split up into more functions
generate.bat: exclude curlinfo.c from legacy VS projects
genserv.pl: fail with a message if `openssl` is missing or failing
headers: enforce a max number of response header to accept
headers: set an error message on illegal response headers
hostip: fix build without threaded-resolver and without DoH
hostip: show the correct name on proxy resolve error
http2: fix stream window size after unpausing
HTTP3.md: fix incorrect variable placeholders
http: fix a build error when all auths are disabled
http: fix HTTP/2 handling of TE request header using "trailers"
http: in alt-svc negotiation only allow supported HTTP versions
http_aws_sigv4: add additional verbose log statements
http_aws_sigv4: improve sigv4 url encoding and canonicalization
http_chunks: narrow variable scope for 'trlen'
http_negotiate: fix non-SSL build with GSSAPI
https-connect: fix httpsrr target check
HTTPSRR.md: clarify somewhat
if2ip: build the function also if FTP is present
imap: remove redundant condition
INSTALL-CMAKE.md: fix typo
INSTALL.md: update the minimal libcurl size example
KNOWN_BUGS: fix link in sivg4 issue 16.3
lib/src/docs/test: improve curl_easy_setopt() calls
lib1560: use hex notation, drop non-ASCII exception
lib3026: drop DLL pre-load perf mitigation for old mingw
lib: add const to clientwriter tables
lib: drop curlx_getpid, use fake pid in SMB
lib: include files using known path
lib: make Curl_easyopts const
lib: unify conversions to/from hex
libcurl-tutorial.md: fix read callback explanation
libssh: add NULL check for Curl_meta_get()
libssh: fix memory leak
libssh: remove a condition that always equals false
libtest/first: stop defining MEMDEBUG_NODEFINES
libtests: define CURL_DISABLE_DEPRECATION first
make: clean tests better
mbedtls: TLS 1.3 is max when mbedtls has 1.3 support
metahash: add asserts to help analyzers
mk-ca-bundle.pl: follow redirects
mk-ca-bundle: switch URLs to GitHub versions
mkhelp: fix to not generate a line-ending space in some cases
mqtt: use conn/easy meta hash
multi: do transfer book keeping using mid
multi: init_do(): check result
netrc: avoid NULL deref on weird input
netrc: avoid strdup NULL
netrc: deal with null token better
ngtcp2: clarify ignoring of result
openssl-quic: avoid potential `-Wnull-dereference`, add assert
openssl-quic: fix printf mask
openssl-quic: fix shutdown when stream not open
openssl: enable builds for *both* engines and providers
openssl: set the cipher string before doing private cert
parsedate: provide Curl_wkday also for GnuTLS builds
processhelp.pm: always call `taskkill` with `-f` (force)
processhelp.pm: avoid potential endless loop, log more (Windows)
progress: avoid integer overflow when gathering total transfer size
pytest tls: extend coverage
pytest-xdist: pytest in parallel
pytest: add pinnedpubkey test cases
pytest: give parameterised tests better ids for read- and parsability
pytest: make test_07_22 more lenient to exit codes
quic: no local idle connection timeout, ngtcp2 keep-alive
rand: update comment on Curl_rand_bytes weak random
RELEASE-PROCEDURE.md: release candidate git tagging explained
rtsp: remove redundant condition
runtests: add retry option to reduce flakiness
runtests: fix indentation
runtests: recognize lowercase `windows` in `curl -V`
runtests: remove server verification after start
runtests: split `SSH_PWD` into `SCP_PWD` and `SFTP_PWD`, and more
rustls: make max size of cert and key reasonable
sasl: give help when unable to select AUTH
scripts: completion.pl: sort the completion file for all shells
scripts: drop unused import, formatting
scripts: fix --opts-dir help in completion.pl
scripts: fix perl indentation, whitespace, semicolons
sectransp: fix building for macOS Sierra and older
setopt: provide info for CURLE_BAD_FUNCTION_ARGUMENT
smb: avoid integer overflow on weird input date
socket: use accept4 when available
socketpair: support pipe2 where available
spacecheck.pl: check for non-ASCII chars, fix fallouts
spacecheck.pl: verify `tests/data/test*` for non-ASCII chars
src: drop strcase.[ch] from tool builds
src: include memdebug.h consistently with angle brackets <>
src: rename curlx_safefree to tool_safefree
test1173.pl: whitelist some option-looking names that aren't options
test1658: add unit test for the HTTPS RR decoder
test: make unittest 1308 into a libtest
tests/ech_tests.sh: sync shebang with rest of bash scripts
tests/FILEFORMAT.md: clarify %hex[] formatting
tests/FILEFORMAT.md: document the aws feature
tests/README.md: document --test-duphandle
tests/README.md: list the openssl tool among the prerequisites
tests/server/dnsd: basic DNS server for test suite
tests/server: check for `stream != NULL` in mqttd
tests/server: fix typo in comment
tests/server: stop using libcurl string comparisons
tests/server: stop using libcurl's printf functions
tests/serverhelp: remove last remnants of http-pipe server
tests/tunit: make a separate directory for tool-based unit tests
tests: add aws feature to the related tests
tests: Add https-mtls server to force client auth
tests: fix some test tag mismatches
tests: mark ipfs tests to require ipfs
tests: move a boolean variable out of the path section
tests: prefer `--insecure` over `-k`
tests: provide all non-ascii data hex encoded
tests: remove some unused test case sections
tests: require IPv6 for 1265, 1324, 2086
tests: separate tunit tests from unit tests more
tests: stop using libcurl's strdup
tests: unify test case keywords
tests: use a more portable null device path
TODO: remove "nicer lacking perl message"
tool_cb_write.c: handle EINTR on flush
tool_getparam: clear argument only when needed
tool_operate: make retrycheck() a separate function
tool_operate: when retrying, only truncate regular files
tool_paramhlp: avoid integer overflow in secs2ms()
tool_parsecfg: make get_line handle lines ending on the buffer boundary
typecheck-gcc.h: fix the typechecks
urlapi: redirecting to "" is considered fine
urlapi: remove unneeded guards around PUNY2IDN
urldata: remove the unused struct field 'hide_progress'
VERSIONS: list all past releases
vquic: consistent name for the stream struct across backends
vquic: init for every call to recvmsg
vtls: avoid NULL deref on bad PEM input
vtls: fix build with ssl but without http
VULN-DISCLOSURE-POLICY: use of weak algos
winbuild: add the deprecation warning to the README
winbuild: curl_get_line is not used for tool builds
windows: fix builds targeting WinXP, test it in CI
wolfssl: fix to enable ALPN when available
ws: fix the header replace check
ws: store protocol context as connection meta data
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
---
config/rootfiles/common/curl | 3 +++
lfs/curl | 4 ++--
2 files changed, 5 insertions(+), 2 deletions(-)
diff --git a/config/rootfiles/common/curl b/config/rootfiles/common/curl index f27d3b939..ad9f8397b 100644 --- a/config/rootfiles/common/curl +++ b/config/rootfiles/common/curl @@ -1,5 +1,6 @@ usr/bin/curl #usr/bin/curl-config +#usr/bin/wcurl #usr/include/curl #usr/include/curl/curl.h #usr/include/curl/curlver.h @@ -21,6 +22,7 @@ usr/lib/libcurl.so.4.8.0 #usr/share/aclocal/libcurl.m4 #usr/share/man/man1/curl-config.1 #usr/share/man/man1/curl.1 +#usr/share/man/man1/wcurl.1 #usr/share/man/man3/CURLINFO_ACTIVESOCKET.3 #usr/share/man/man3/CURLINFO_APPCONNECT_TIME.3 #usr/share/man/man3/CURLINFO_APPCONNECT_TIME_T.3 @@ -373,6 +375,7 @@ usr/lib/libcurl.so.4.8.0 #usr/share/man/man3/CURLOPT_SSL_FALSESTART.3 #usr/share/man/man3/CURLOPT_SSL_OPTIONS.3 #usr/share/man/man3/CURLOPT_SSL_SESSIONID_CACHE.3 +#usr/share/man/man3/CURLOPT_SSL_SIGNATURE_ALGORITHMS.3 #usr/share/man/man3/CURLOPT_SSL_VERIFYHOST.3 #usr/share/man/man3/CURLOPT_SSL_VERIFYPEER.3 #usr/share/man/man3/CURLOPT_SSL_VERIFYSTATUS.3 diff --git a/lfs/curl b/lfs/curl index a6cb3bb3d..e436991cd 100644 --- a/lfs/curl +++ b/lfs/curl @@ -24,7 +24,7 @@ include Config -VER = 8.13.0 +VER = 8.14.0 THISAPP = curl-$(VER) DL_FILE = $(THISAPP).tar.xz @@ -40,7 +40,7 @@ objects = $(DL_FILE) $(DL_FILE) = $(DL_FROM)/$(DL_FILE) -$(DL_FILE)_BLAKE2 = 6869634ad50f015d5c7526699034d5a3f27d9588bc32eacc8080dbd6c690f63b1f25cee40d3fdf8fd9dd8535c305ea9c5edf1d5a02bc6d9ce60fd8c88230aca0 +$(DL_FILE)_BLAKE2 = d8b7d58e6923366265a1d95d3a6f14002729dfb95d88b17ec925d096bd199b206f6c9645e1e4be3bc2d295e8898c35990eda6f45329396f38753725907e402a1 install : $(TARGET)