cURL 7.30.0

v7.29.0 [02-07-13]

Changes:

• metalink/md5: Use CommonCrypto on Apple operating systems
• href_extractor: new example code extracting href elements
• NSS can be used for metalink hashing

• Fix broken libmetalink-aware OpenSSL build
• gnutls: fix the error is fatal logic
• darwinssl: un-broke iOS build, fix error on server disconnect
• asyn-ares: restore functionality with c-ares < 1.6.1
• tlsauthtype: deal with the string case insensitively
• Fixed MSVC libssh2 static build
• evhiperfifo: fix the pointer passed to WRITEDATA
• BUGS: fix the bug tracker URL
• winbuild: Use machine type of development environment
• FTP: prevent the multi interface from blocking
• uniformly use AM_CPPFLAGS, avoid deprecated INCLUDES
• httpcustomheader.c: free the headers after use
• fix >2000 bytes POST over NTLM-using proxy
• redirects to URLs with fragments
• don't send '#' fragments when using proxy
• OpenSSL: show full issuer string
• fix HTTP auth regression
• CURLOPT_SSL_VERIFYHOST: stop supporting the 1 value
• ftp: EPSV-disable fix over SOCKS
• Digest: Add microseconds into nounce calculation
• SCP/SFTP: improve error code used for send failures
• SSL: Several SSL-backend related fixes
• removed the notorious "additional stuff not fine" debug output
• OpenSSL: Disable SSL/TLS compression - avoid the "CRIME" attack
• FILE: Make upload-writes unbuffered
• custom memory callbacks failure with HTTP proxy (and more)
• TFTP: handle resends
• autoconf: don't force-disable compiler debug option
• winbuild: Fix PDB file output
• test2032: spurious failure caused by premature termination
• memory leak: CURLOPT_RESOLVE with multi interface

v7.28.1 [11-25-12]

Changes:

• metalink/md5: Use CommonCrypto on Apple operating systems
• href_extractor: new example code extracting href elements
• NSS can be used for metalink hashing

• Fix broken libmetalink-aware OpenSSL build
• gnutls: fix the error is fatal logic
• darwinssl: un-broke iOS build, fix error on server disconnect
• asyn-ares: restore functionality with c-ares < 1.6.1
• tlsauthtype: deal with the string case insensitively
• Fixed MSVC libssh2 static build
• evhiperfifo: fix the pointer passed to WRITEDATA
• BUGS: fix the bug tracker URL
• winbuild: Use machine type of development environment
• FTP: prevent the multi interface from blocking
• uniformly use AM_CPPFLAGS, avoid deprecated INCLUDES
• httpcustomheader.c: free the headers after use
• fix >2000 bytes POST over NTLM-using proxy
• redirects to URLs with fragments
• don't send '#' fragments when using proxy
• OpenSSL: show full issuer string
• fix HTTP auth regression
• CURLOPT_SSL_VERIFYHOST: stop supporting the 1 value
• ftp: EPSV-disable fix over SOCKS
• Digest: Add microseconds into nounce calculation
• SCP/SFTP: improve error code used for send failures
• SSL: Several SSL-backend related fixes
• removed the notorious "additional stuff not fine" debug output
• OpenSSL: Disable SSL/TLS compression - avoid the "CRIME" attack
• FILE: Make upload-writes unbuffered
• custom memory callbacks failure with HTTP proxy (and more)
• TFTP: handle resends
• autoconf: don't force-disable compiler debug option
• winbuild: Fix PDB file output
• test2032: spurious failure caused by premature termination
• memory leak: CURLOPT_RESOLVE with multi interface

v7.28.0 [10-12-12]

Changes:

• SSH: added agent based authentication
• ftp: active conn, allow application to set sockopt after accept() call with CURLSOCKTYPE_ACCEPT
• multi: add curl_multi_wait()
• metalink: Added support for Microsoft Windows CryptoAPI
• md5: Added support for Microsoft Windows CryptoAPI
• parse_proxy: treat "socks://x" as a socks4 proxy
• socks: Added support for IPv6 connections through SOCKSv5 proxy

• WSAPoll disabled on Windows builds due to its bugs
• segfault on request retries
• curl-config: parentheses fix
• VC build: add define for openssl
• globbing: fix segfault when >9 globs were used
• fixed a few clang-analyzer warnings
• metalink: change code order to build with gnutls-nettle
• gtls: fix build failure by including nettle-specific headers
• change preferred HTTP auth on a handle previously used for another auth
• file: use fdopen() to avoid race condition
• Added DWANT_IDN_PROTOTYPES define for MSVC too
• verbose: fixed (nil) output of hostnames in re-used connections
• metalink: Un-broke the build when building --with-darwinssl
• curl man page cleanup
• Avoid leak of local device string when reusing connection
• Curl_socket_check: fix return code for timeout
• nss: do not print misleading NSS error codes
• configure: remove the --enable/disable-nonblocking options
• darwinssl: add TLS 1.1 and 1.2 support, replace deprecated functions
• NTLM: re-use existing connection better
• schannel crash on multi and easy handle cleanup
• SOCKS: truly disable it if CURL_DISABLE_PROXY is defined
• mk-ca-bundle: detect start of trust section better
• gnutls: do not fail on non-fatal handshake errors
• SMTP: only send SIZE if supported
• ftpserver: respond with a 250 to SMTP EHLO
• ssh: do not crash if MD5 fingerprint is not provided by libssh2
• winbuild: Added support for building with SPNEGO enabled
• metalink: Fixed validation of binary files containing EOF
• setup.h: fixed for MS VC10 build
• cmake: use standard findxxx modules for cmake v2.8+
• HTTP_ONLY: disable more protocols
• Curl_reconnect_request: clear pointer on failure
• https.c example: remember to call curl_global_init()
• metalink: Filter resource URLs by type
• multi interface: CURLOPT_LOW_SPEED_* fix during rate limitation
• curl_schannel: Removed buffer limit and optimized buffer strategy

v7.27.0 [07-31-12]

Changes:

• nss: use human-readable error messages provided by NSS
• added --metalink for metalink download support
• pop3: Added support for sasl plain text authentication
• pop3: Added support for sasl login authentication
• pop3: Added support for sasl ntlm authentication
• pop3: Added support for sasl cram-md5 authentication
• pop3: Added support for sasl digest-md5 authentication
• pop3: Added support for apop authentication
• Added support for Schannel (Native Windows) SSL/TLS encryption
• Added support for Darwin SSL (Native Mac OS X and iOS)
• http: print reason phrase from HTTP status line on error

• pop3: Fixed the issue of having to supply the user name for all requests
• configure: fix LDAPS disabling related misplaced closing parenthesis
• cmdline: made -D option work with -O and -J
• configure: Fix libcurl.pc and curl-config generation for static MingW* cross builds
• ssl: fix duplicated SSL handshake with multi interface and proxy
• winbuild: Fix Makefile.vc ignoring USE_IPV6 and USE_IDN flags
• OpenSSL: support longer certificate subject names
• openldap: OOM fixes
• log2changes.pl: fix the Version output
• lib554.c: use curl_formadd() properly
• urldata.h: fix cyassl build clash with wincrypt.h
• cookies: changed the URL in the cookiejar headers
• http-proxy: keep CONNECT connections alive (for NTLM)
• NTLM SSPI: fixed to work with unicode user names and passwords
• OOM fix in the curl tool when cloning cmdline options
• fixed some examples to use curl_global_init() properly
• cmdline: stricter numerical option parser
• HTTP HEAD: don't force-close after response-headers
• test231: fix wrong -C use
• docs: switch to proper UTF-8 for text file encoding
• keepalive: DragonFly uses milliseconds
• HTTP Digest: Client's "qop" value should not be quoted
• make distclean works again

v7.26.0 [06-12-12]

Changes:

• nss: the minimal supported version of NSS bumped to 3.12.x
• nss: human-readable names are now provided for NSS errors if available
• add a manual page for mk-ca-bundle
• added --post303 and the CURL_REDIR_POST_303 option for CURLOPT_POSTREDIR
• smtp: Add support for DIGEST-MD5 authentication
• pop3: Added support for additional pop3 commands

• nss: libcurl now uses NSS_InitContext() to prevent collisions if available [1]
• URL parse: reject numerical IPv6 addresses outside brackets
• MD5: fix OOM memory leak
• OpenSSL cert: provide more details when cert check fails
• HTTP: empty chunked POST ended up in two zero size chunks
• fixed a regression when curl resolved to multiple addresses and the first isn't supported [7]
• -# progress meter: avoid superfluous updates and duplicate lines
• headers: surround GCC attribute names with double underscores
• PolarSSL: correct return code for CRL matches
• PolarSSL: include version number in version string
• PolarSSL: add support for asynchronous connect
• mk-ca-bundle: revert the LWP usage
• IPv6 cookie domain: get rid of the first bracket before the second
• connect.c: return changed to CURLE_COULDNT_CONNECT when opensocket fails
• OpenSSL: Made cert hostname check conform to RFC 6125
• HTTP: reset expected DL/UL sizes on redirects
• CMake: fix Windows LDAP/LDAPS option handling
• CMake: fix MS Visual Studio x64 unsigned long long literal suffix
• configure: update detection logic of getaddrinfo() thread-safeness
• configure: check for gethostbyname in the watt lib
• curl-config.1: fix curl-config usage in example
• smtp: Fixed non-escaping of dot character at beginning of line
• MakefileBuild.vc: use the correct IDN variable
• autoconf: improve handling of versioned symbols
• curl.1: clarify -x usage
• curl: shorten user-agent
• smtp: issue with the multi-interface always sending postdata
• compile error with GnuTLS+Nettle fixed
• winbuild: fix IPv6 enabled build

v7.25.0 [03-31-12]

Changes:

• configure: add option disable --libcurl output
• --ssl-allow-beast and CURLOPT_SSL_OPTIONS added
• Added CURLOPT_TCP_KEEPALIVE, CURLOPT_TCP_KEEPIDLE, CURLOPT_TCP_KEEPINTVL
• curl: use new library-side TCP_KEEPALIVE options
• Added a new CURLOPT_MAIL_AUTH option
• Added support for --mail-auth
• --libcurl now also works with -F and more!

• --max-redirs: allow negative numbers as option value
• parse_proxy: bail out on zero-length proxy names
• configure: don't modify LD_LIBRARY_PATH for cross compiles
• curl_easy_reset: reset the referer string
• curl tool: don't abort glob-loop due to failures
• CONNECT: send correct Host: with IPv6 numerical address
• Explicitly link to the nettle/gcrypt libraries
• more resilient connection times among IP addresses
• winbuild: fix IPV6 and IDN options
• SMTP: Fixed error when using CURLOPT_CONNECT_ONLY
• cyassl: update to CyaSSL 2.0.x API
• smtp: Fixed an issue with the EOB checking
• pop3: Fixed drop of final CRLF in EOB checking
• smtp: Fixed an issue with writing postdata
• smtp: Added support for returning SMTP response codes
• CONNECT: fix ipv6 address in the Request-Line
• curl-config: only provide libraries with --libs
• LWIP: don't consider HAVE_ERRNO_H to be winsock
• ssh: tunnel through HTTP proxy if requested
• cookies: strip off [brackets] from numerical ipv6 host names
• libcurl docs: version corrections
• cmake: list_spaces_append_once failure
• resolve with c-ares: don't resolve IPv6 when not working
• smtp: changed error code for EHLO and HELO responses
• parsedate: fix a numeric overflow

v7.23.1 [01-06-12]

Bugfixes:

• Windows: curl would fail if it found no CA cert, unless -k was used. Even if a non-SSL protocol URL was used

v7.22.0 [09-15-11]

Changes:

• Added --tr-encoding and CURLOPT_TRANSFER_ENCODING

• curl-config: fix --version
• curl_easy_setopt.3: CURLOPT_PROXYTYPE clarification
• use HTTPS properly after CONNECT
• SFTP: close file before post quote operations

v7.21.7 [06-27-11]

Changes:

• Added --tr-encoding and CURLOPT_TRANSFER_ENCODING

• curl-config: fix --version
• curl_easy_setopt.3: CURLOPT_PROXYTYPE clarification
• use HTTPS properly after CONNECT
• SFTP: close file before post quote operations

v7.21.6 [04-30-11]

Changes:

• Added --tr-encoding and CURLOPT_TRANSFER_ENCODING

• curl-config: fix --version
• curl_easy_setopt.3: CURLOPT_PROXYTYPE clarification
• use HTTPS properly after CONNECT
• SFTP: close file before post quote operations

v7.21.5 [04-19-11]

Changes:

• SOCKOPTFUNCTION: callback can say already-connected
• Added --netrc-file
• Added (new) support for cyassl
• TSL-SRP: enabled with OpenSSL
• Added CURLE_NOT_BUILT_IN and CURLE_UNKNOWN_OPTION

• nss: avoid memory leak on SSL connection failure
• nss: do not ignore failure of SSL handshake
• multi: better failed connect handling when using FTP, SMTP, POP3 and IMAP
• runtests.pl: fix pid number concatenation that prevented it from killing the correct process at times
• PolarSSL: Return 0 on receiving TLS CLOSE_NOTIFY alert
• curl_easy_setopt.3: Removed wrong reference to CURLOPT_USERPASSWORD
• multi: close connection on timeout
• IMAP in multi mode does SSL connections non-blocking
• honours the --disable-ldaps configure option
• Force setopt constants written by --libcurl to be long
• ssh_connect: treat libssh2 return code better
• SFTP upload could stall the state machine when the multi_socket API was used
• SFTP and SCP could leak memory when used with the multi interface and the connection was closed
• Added missing file to repair the MSVC makefiles
• Fixed detection of recvfrom arguments on Android/bionic
• GSS: handle reuse fix
• transfer: avoid insane conversion of time_t
• nss: do not ignore value of CURLOPT_SSL_VERIFYPEER in certain cases
• SMTP-multi: non-blocking connect
• SFTP-multi: set cselect for sftp and scp to fix "stall" risk
• configure: removed wrongly claimed default paths
• pop3: fixed torture tests to succeed
• symbols-in-versions: many corrections
• if a HTTP request gets retried because the connection was dead, rewind if any data was sent as part of it
• only probe for working ipv6 once and then re-use that info for further requests
• requests that are asked to bound to a local interface/port will no longer wrongly re-use connections that aren't
• libcurl.m4: Add missing quotes in AC_LINK_IFELSE
• progress output: don't print the last update on a separate line
• POP3: the command to send is STLS, not STARTTLS
• POP3: PASS command was not sent after upgrade to TLS
• configure: fix libtool warning
• nss: allow to use multiple client certificates for a single host
• HTTP pipelining: Fix handling of zero-length responses
• Don't list NTLM in curl-config when HTTP is disabled
• curl_easy_setopt.3: CURLOPT_RESOLVE typo version
• OpenSSL: build fine with no-sslv2 versions
• checkconnection: don't call with NULL pointer with RTSP and multi interface
• Borland makefile updates
• configure: libssh2 link fix without pkg-config
• certinfo crash
• CCC crash

v7.21.4 [03-11-11]

Changes:

• CURLINFO_FTP_ENTRY_PATH now supports SFTP
• introduced new framework for unit-testing
• IDN: use win32 API if told to
• ares: ask for both IPv4 and IPv6 addresses
• HTTP: do Negotiate authentication using SSPI on windows
• Windows build: alternative makefile
• TLS-SRP: support added when using GnuTLS

• SMTP: add brackets for MAIL FROM
• ossl_seed: no more RAND_screen (on Windows)
• multi: connect fail => use next IP address
• use the timeout when using multiple IP addresses similar to how the easy interface does it
• cookies: tricked dotcounter fixed
• pubkey_show: allocate buffer to fit any-size result
• Curl_nss_connect: avoid PATH_MAX
• Curl_do: avoid using stale conn pointer
• tftpd test server: avoid buffer overflow report from glibc
• nss: avoid CURLE_OUT_OF_MEMORY given a file name without any slash
• nss: fix a bug in handling of CURLOPT_CAPATH
• CMake: Use upstream CheckTypeSize module
• OpenSSL get_cert_chain: support larger data sets
• SCP/SFTP transfers: acknowledge speedcheck
• GnuTLS builds: fix memory leak
• connect problem: use UDP correctly
• Borland C++ makefile tweaks
• OpenSSL: improved error message on SSL_CTX_new failures
• HTTP: memory leak on multiple Location:
• ares_query_completed_cb: don't touch invalid data
• ares: memory leak fix
• mk-ca-bundle: use new cacert url
• Curl_gmtime: added a portable gmtime and check for NULL
• curl.1: typo in -v description
• CURLOPT_SOCKOPTFUNCTION: return proper error code
• --keepalive-time: warn if not supported properly
• file: add support for CURLOPT_TIMECONDITION
• nss: avoid memory leaks and failure of NSS shutdown
• multi: fix CURLM_STATE_TOOFAST for multi_socket