Log message:
curl libcurl-gnutls: updated to 8.3.0

Fixed in 8.3.0 - September 13 2023

Changes:

curl: make %output{} in -w specify a file to write to
gskit: remove
lib: --disable-bindlocal builds curl without local binding support
nss: remove support for this TLS library
tool: add "variable" support
trace: make tracing available in non-debug builds
url: change default value for CURLOPT_MAXREDIRS to 30
urlapi: CURLU_PUNY2IDN - convert from punycode to IDN name
wolfssl: support loading system CA certificates
Bugfixes:

altsvc: accept and parse IPv6 addresses in response headers
asyn-ares: reduce timeout to 2000ms
aws-sigv4: canonicalize the query
aws-sigv4: fix having date header twice in some cases
aws-sigv4: handle no-value user header entries
bearssl: don't load CA certs when peer verification is disabled
bearssl: handshake fix, provide proper get_select_socks() implementation
build: fix portability of mancheck and checksrc targets
build: streamline non-UWP wincrypt detections
c-hyper: adjust the hyper to curlcode conversion
c-hyper: fix memory leaks in `Curl_http`
cf-haproxy: make CURLOPT_HAPROXY_CLIENT_IP set the *source* IP
cf-socket: log successful interface bind
CI/cirrus: disable python install on FreeBSD
CI: add a 32-bit i686 Linux build
CI: add caching to many jobs
CI: move on to ngtcp2 v0.19.1
CI: move the Alpine build from Cirrus to GHA
CI: ngtcp2-linux: use separate caches for tls libraries
CI: remove Windows builds from Cirrus, without replacement
CI: switch macOS ARM build from Cirrus to Circle CI
CI: use master again for wolfssl
cirrus: install everthing with pkg, avoid pip
cmake: add GnuTLS option
cmake: add support for `CURL_DEFAULT_SSL_BACKEND`
cmake: add support for single libcurl compilation pass
cmake: allow `SHARE_LIB_OBJECT=ON` on all platforms
cmake: assume `wldap32` availability on Windows
cmake: cache more config and delete unused ones
cmake: detect `SSL_set0_wbio` in OpenSSL
cmake: drop `HAVE_LIBWINMM` and `HAVE_LIBWS2_32` feature checks
cmake: fix to use variable for the curl namespace
cmake: fixup H2 duplicate symbols for unity builds
cmake: set SIZEOF_LONG_LONG in curl_config.h
cmake: support building static and shared libcurl in one go
cmdline-docs: make sure to phrase it as "added in ...."
cmdline-docs: use present tense, not future
cmdline-opts/docs: mention the negative option part
cmdline-opts/page-header: clarify stronger that !opt == URL
cmdline-opts/page-header: reorder, clean up
configure, cmake, lib: more form api deprecation
configure: fix `HAVE_TIME_T_UNSIGNED` check
configure: trust pkg-config when it's used for zlib
configure: use the pkg-config --libs-only-l flag for libssh2
connect: stop halving the remaining timeout when less than 600 ms left
cookie-jar.d: emphasize that this option is ONLY writing cookies
crypto: ensure crypto initialization works
curl_url_get/set.3: add missing semicolon in SYNOPSIS
CURLINFO_CERTINFO.3: better explain curl_certinfo struct
CURLINFO_TLS_SSL_PTR.3: clarify a recommendation
CURLOPT_*TIMEOUT*: extend and clarify
CURLOPT_SSL_VERIFYPEER.3: mention it does not load CA certs when disabled
CURLOPT_URL.3: add two URL API calls in the see-also section
CURLOPT_URL.3: explain curl_url_set() uses the same parser
digest: Use hostname to generate spn instead of realm
disable.d: explain --disable not implemented prior to 7.50.0
docs/cmdline-opts/gen.pl: hide "added in" before 7.50.0
docs/cmdline-opts: match the current output
docs/cmdline-opts: spellfixes, typos and polish
docs/cmdline: add small "warning" to verbose options
docs/cmdline: remove repeated working for negotiate + ntlm
docs/HYPER.md: document a workaround for a link error
docs: add curl_global_trace to some SEE ALSO sections
docs: link to the website versions instead of markdowns
docs: mark --ssl-revoke-best-effort as Schannel specific
docs: mention critical files in same directories as curl saves
docs: removing "pausing transfers" from HYPER.md.
docs: rewrite to present tense
easy: remove #ifdefs to make code easier on the eye
egd: delete feature detection and related source code
ftp: fix temp write of ipv6 address
gen.pl: escape all dashes (ascii minus) to avoid unicode hyphens
gen.pl: replace all single quotes with aq
GHA: adding quiche workflow
headers: accept leading whitespaces on first response header
http2: avoid too early connection re-use/multiplexing
http2: cleanup trace messages
http2: disable asssertion blocking OSSFuzz testing
http2: fix in h2 proxy tunnel: progress in ingress on sending
http2: polish things around POST
http2: upgrade tests and add fix for non-existing stream
http3/ngtcp2: shorten handshake, trace cleanup
http3: quiche, handshake optimization, trace cleanup
http: close the connection after a late 417 is received
http: do not require a user name when using CURLAUTH_NEGOTIATE
http: fix sending of large requests
http: remove the p_pragma struct field
http: return error when receiving too large header set
hyper: fix a progress upload counter bug
hyper: fix ownership problems
hyper: remove `hyptransfer->endtask`
imap: add a check for failing strdup()
imap: remove the only sscanf() call in the IMAP code
include.d: explain headers not printed with --fail before 7.75.0
include/curl/mprintf.h: add __attribute__ for the prototypes
krb5: fix "implicit conversion loses integer precision" warnings
lib: add ability to disable auths individually
lib: build fixups when built with most things disabled
lib: fix a few *printf() flag mistakes
lib: fix null ptr derefs and uninitialized vars (h2/h3)
lib: move mimepost data from ->req.p.http to ->state
libtest: use curl_free() to free libcurl allocated data
list-only.d: mention SFTP as supported protocol
macOS: fix target detection more
misc: fix various typos
multi.h: the 'revents' field of curl_waitfd is supported
multi: more efficient pollfd count for poll
multi: remove 'processing: <url>' debug message
ngtcp2: fix handling of large requests
openssl: auto-detect `SSL_R_TLSV13_ALERT_CERTIFICATE_REQUIRED`
openssl: clear error queue after SSL_shutdown
openssl: make aws-lc version support OCSP
openssl: Support async cert verify callback
openssl: switch to modern init for LibreSSL 2.7.0+
openssl: use `SSL_CTX_set_ciphersuites` with LibreSSL 3.4.1
openssl: use `SSL_CTX_set_keylog_callback` with LibreSSL 3.5.0
openssl: when CURLOPT_SSL_CTX_FUNCTION is registered, init x509 store before
os400: build test servers
os400: do not check translatable options at build time
os400: implement CLI tool
page-footer: QLOGDIR works with ngtcp2 and quiche
page-header: move up a URL paragraph from GLOBBING to URL
pytest: fix check for slow_network skips to only apply when intended
quic: don't set SNI if hostname is an IP address
quiche: adjust quiche `QUIC_IDLE_TIMEOUT` to 60s
quiche: enable quiche to handle timeout events
resolve: use PF_INET6 family lookups when CURL_IPRESOLVE_V6 is set
revert "schannel: reverse the order of certinfo insertions"
schannel: fix ordering of cert chain info
schannel: fix user-set legacy algorithms in Windows 10 & 11
schannel: verify hostname independent of verify cert
sectransp: fix compiler warnings
sectransp: prevent CFRelease() of NULL
secureserver.pl: fix stunnel path quoting
secureserver.pl: fix stunnel version parsing
SECURITY-PROCESS.md: not a sec issue: Tricking user to run a cmdline
system.h: add CURL_OFF_T definitions on HP-UX with HP aCC
test1304: build and skip without netrc support
test1554: check translatable string options in OS400 wrapper
test1608: make it build and get skipped without shuffle DNS support
test687/688: two more basic --xattr tests
tests/tftpd+mqttd: make variables static to silence picky warnings
tests: add 'large-time' as a testable feature
tests: add support for nested %if conditions
tests: don't call HTTP errors OK in test cases
tests: ensure `libcurl.def` contains all exports
tests: fix h3 server check and parallel instances
tests: TLS session sharing test
tests: update cookie expiry dates to far in the future
time-cond.d: mention what happens on a missing file
tool: avoid including leading spaces in the Location hyperlink
tool: change some fopen failures from warnings to errors
tool: make the length argument an int for printf()-.* flags
tool_cb_wrt: fix invalid unicode for windows console
tool_filetime: make -z work with file dates before 1970
tool_operate: allow both SSL_CERT_FILE and SSL_CERT_DIR
tool_operate: make aws-sigv4 not require TLS to be used
tool_paramhlp: improve str2num(): avoid unnecessary call to strlen()
tool_urlglob: use the correct format specifier for curl_off_t in msnprintf
transfer: also stop the sending on closed connection
transfer: don't set TIMER_STARTTRANSFER on first send
unit2600: fix build warning if built without verbose messages
url: remove infof() output for "still name resolving"
urlapi: fix heap buffer overflow
urlapi: make sure zoneid is also duplicated in curl_url_dup
urlapi: return CURLUE_BAD_HOSTNAME if puny2idn encoding fails
urlapi: setting a blank URL ("") is not an ok URL
vquic: show stringified messages for errno
vtls: clarify "ALPN: offers" message
winbuild: improve check for static zlib
wolfSSL: avoid the OpenSSL compat API when not needed
workflows/macos.yml: disable zstd and alt-svc in the http-only build
write-out.d: clarify %{time_starttransfer}
ws: fix spelling mistakes in examples and tests

Log message:
*: recursive bump for Python 3.11 as new default

Log message:
curl: updated to 8.2.1

8.2.1

Bugfixes:

amigaos: fix sys/mbuf.h m_len macro clash
amissl: add missing signal.h include
amissl: fix AmiSSL v5 detection
cfilters: rename close/connect functions to avoid clashes
ciphers.d: put URL in first column
cmake: add `libcurlu`/`libcurltool` for unit tests
cmake: update ngtcp2 detection
configure: check for nghttp2_session_get_stream_local_window_size
CONTRIBUTE: drop mention of copyright year ranges
CONTRIBUTE: fix syntax in commit message description
curl_multi_wait.3: fix arg quoting to doc macro .BR
docs: mark two TLS options for TLS, not SSL
docs: provide more see also for cipher options
hostip: return IPv6 first for localhost resolves
http2: fix regression on upload EOF handling
http: VLH, very large header test and fixes
libcurl-errors.3: add CURLUE_OK
os400: correct EXPECTED_STRING_LASTZEROTERMINATED
quiche: fix lookup of transfer at multi
quiche: fix segfault and other things
rustls: update rustls-ffi 0.10.0
socks: print ipv6 address within brackets
src/mkhelp: strip off escape sequences
tool: fix tool_seek_cb build when SIZEOF_CURL_OFF_T > SIZEOF_OFF_T
transfer: do not clear the credentials on redirect to absolute URL
unittest: remove unneeded *_LDADD
websocket: rename arguments/variables to match docs

Log message:
curl, libcurl-gnutls: update to 8.2.0

This release includes the following changes:

 o curl: add --ca-native and --proxy-ca-native [24]
 o curl: add --trace-ids [53]
 o CURLOPT_MAIL_RCPT_ALLOWFAILS: replace CURLOPT_MAIL_RCPT_ALLLOWFAILS [5]
 o haproxy: add --haproxy-clientip flag to set client IPs [23]
 o lib: add CURLINFO_CONN_ID and CURLINFO_XFER_ID [54]

This release includes the following bugfixes:

 o bufq: make write/pass methods more robust [21]
 o build: drop unused/redundant `HAVE_WINLDAP_H` [25]
 o cf-socket: don't bypass fclosesocket callback if cancelled before connect [114]
 o cf-socket: move ctx declaration under HAVE_GETPEERNAME [91]
 o cf-socket: skip getpeername()/getsockname for TFTP [65]
 o checksrc: modernise perl file open [87]
 o checksrc: quote the file name to work with "funny" letters [93]
 o CI: brew fix for openssl in default path [116]
 o CI: don't install impacket if tests are not run
 o CI: enable parallel make in more builds
 o circleci: install impacket & wolfssl 5.6.0 [1]
 o cmake: add support for "unity" builds [13]
 o cmake: make use of snprintf [102]
 o cmake: stop CMake from quietly ignoring missing Brotli [81]
 o configure: add check for ldap_init_fd [80]
 o configure: fix run-compiler for old /bin/sh [4]
 o configure: the --without forms of the options are also gone [79]
 o connect-timeout.d: mention that the DNS lookup is included [85]
 o curl.h: include <sys/select.h> for vxworks [78]
 o curl: count uploaded data to stop at the originally given size [14]
 o curl: return error when asked to use an unsupported HTTP version [113]
 o curl_easy_nextheader.3: add missing open parenthesis examples [74]
 o curl_log: evaluate log statement only when transfer is verbose [8]
 o curl_mprintf.3: minor fix of the example
 o curl_pushheader_byname/bynum.3: document in their own man pages [37]
 o curl_url_set: enforce the max string length check for all parts [38]
 o CURLOPT_AWS_SIGV4.3: remove unused variable from example [11]
 o CURLOPT_INFILESIZE.3: mention -1 triggers chunked [55]
 o CURLOPT_MIMEPOST.3: clarify what setting to NULL means [95]
 o CURLOPT_SSH_PRIVATE_KEYFILE.3: expand on the file search [31]
 o docs/libcurl/libcurl.3: cleanups and improvements [46]
 o docs: add more .IP after .RE to fix indentation of generate paragraphs [82]
 o docs: fix missing parameter names in examples [41]
 o docs: update CURLOPT_UPLOAD.3 [63]
 o docs: update HTTP3.md for newer ngtcp2 and nghttp3 [28]
 o docs: use a space after RFC when spelling out RFC numbers [105]
 o example/connect-to: show CURLOPT_CONNECT_TO [47]
 o example/crawler: also set CURLOPT_AUTOREFERER [35]
 o example/crawler: make it use a few more options
 o example/default-scheme: set the default scheme for schemeless URLs [67]
 o example/hsts-preload: show one way to HSTS preload [68]
 o example/http2-download: set CURLOPT_BUFFERSIZE [34]
 o example/ipv6: feature CURLOPT_ADDRESS_SCOPE in use [27]
 o example/maxconnects: set maxconnect example [98]
 o example/opensslthreadlock: remove [59]
 o examples/ftpuploadresume.c: add use of CURLOPT_ACCEPTTIMEOUT_MS [39]
 o examples/http-options: show how to send "OPTIONS *" [69]
 o examples/https.c: use CURLOPT_CA_CACHE_TIMEOUT [19]
 o examples/multi-debugcallback.c: avoid the bool typedef [29]
 o examples/smtp-mime: use CURLOPT_MAIL_RCPT_ALLOWFAILS [71]
 o examples/unixsocket.c: example using CURLOPT_UNIX_SOCKET_PATH [40]
 o examples/websocket.c: websocket example using CONNECT_ONLY [17]
 o examples: make use of CURLOPT_(REDIR_|)PROTOCOLS_STR [70]
 o fopen: fix conversion warning on 32-bit Android [49]
 o fopen: optimize [101]
 o hostip.c: Move macOS-specific calls into global init call [104]
 o HTTP/2: upload handling fixes [56]
 o http2: better support for --limit-rate [7]
 o http2: error stream resets with code CURLE_HTTP2_STREAM [84]
 o http2: fix crash in handling stream weights [76]
 o http2: fix variable type [50]
 o http2: h2 and h2-PROXY connection alive check fixes [83]
 o http2: raise header limitations above and beyond [73]
 o http2: send HEADER & DATA together if possible [99]
 o http2: treat initial SETTINGS as a WINDOW_UPDATE [100]
 o HTTP3.md: update openssl version [57]
 o http3/ngtcp2: upload EAGAIN handling [108]
 o http: rectify the outgoing Cookie: header field size check [72]
 o hyper: fix EOF handling on input [66]
 o hyper: unslow [51]
 o imap-append.c: update to make it more likely to work [106]
 o imap: Provide method to disable SASL if it is advertised [75]
 o krb5: add typecast to please Coverity
 o libcurl-url.3: also mention CURLUPART_ZONEID
 o libcurl-ws.3. WebSocket API overview [48]
 o libssh2: provide error message when setting host key type fails [9]
 o libssh2: use custom memory functions [12]
 o ngtcp2: assigning timeout, but value is overwritten before used [103]
 o ngtcp2: build with 0.17.0 and nghttp3 0.13.0 [96]
 o ngtcp2: use ever increasing timestamp in io [32]
 o quiche: avoid NULL deref in debug logging [97]
 o quiche: fix defects found in latest coverity report [94]
 o quote.d: fix indentation of generated paragraphs [86]
 o runtests: abort test run after failure without -a [3]
 o runtests: better handle ^C during slow tests
 o runtests: consistently write the test check summary block
 o runtests: create multiple test runners when requested [20]
 o runtests: include missing valgrind package [89]
 o runtests: make test file directories in log/N [44]
 o runtests: rename server command file
 o runtests: use more consistent failure lines
 o runtests: work around a perl without SIGUSR1 [88]
 o runtests; give each server a unique log lock file [43]
 o scripts: Fix GHA matrix job detection in cijobs.pl
 o sectransp: fix EOF handling [92]
 o system.h: remove __IBMC__/__IBMCPP__ guards and apply to all z/OS compiles [10]
 o test2600: fix the description [90]
 o test427: verify sending more cookies than fit in a 8190 bytes line [61]
 o tests/http: Add mod_h2 directive `H2ProxyRequests` [77]
 o tests/servers.pm: pick unused port number with a server socket [16]
 o tests/servers: generate temp names in /tmp for unix domain sockets [6]
 o tests: fix error messages & handling around sockets [30]
 o tests: improve reliability of TFTP tests
 o testutil: allow multiple %-operators on the same line [62]
 o timeval: use CLOCK_MONOTONIC_RAW if available [52]
 o tls13-ciphers.d: include Schannel [36]
 o tool: remove exclamation marks from error/warning messages
 o tool: remove newlines from all helpf/notef/warnf/errorf calls [15]
 o tool_easysrc.h: correct `easysrc_perform` for `CURL_DISABLE_LIBCURL_OPTION` [109]
 o tool_getparam: fix comment [22]
 o tool_operate: allow cookie lines up to 8200 bytes [60]
 o tool_parsecfg: accept line lengths up to 10M [115]
 o tool_urlglob: use curl_off_t instead of longs [2]
 o tool_writeout_json: fix encoding of control characters [107]
 o transfer: clear credentials when redirecting to absolute URL [64]
 o urlapi: have *set(PATH) prepend a slash if one is missing [42]
 o urlapi: scheme must start with alpha [26]
 o vtls: avoid memory leak if sha256 call fails [58]
 o websocket-cb: example doing WebSocket download using callback [18]
 o wolfssl: detect when TLS 1.2 support is not built into wolfssl [111]
 o wolfssl: support setting CA certificates as blob [110]
 o ws: make the curl_ws_meta() return pointer a const [45]

Log message:
www/curl: Need Perl only for running tests.

Log message:
libcurl-gnutls: update to version 8.1.2, use Makefile fragment

Log message:
curl: create Makefile.common, to be used by curl and libcurl-gnutls

Log message:
curl: updated to 8.1.2

curl and libcurl 8.1.2

This release includes the following bugfixes:

 o configure: quote the assignments for run-compiler [1]
 o configure: without pkg-config and no custom path, use -lnghttp2 [8]
 o curl: cache the --trace-time value for a second [9]
 o http2: fix EOF handling on uploads with auth negotiation [7]
 o http3: send EOF indicator early as possible [11]
 o lib1560: verify more scheme guessing [5]
 o lib: remove unused functions, make single-use static [3]
 o libcurl.m4: remove trailing 'dnl' that causes this to break autoconf [10]
 o libssh: when keyboard-interactive auth fails, try password [4]
 o misc: fix spelling mistakes [2]
 o page-header: mention curl version and how to figure out current release [13]
 o page-header: minor wording polish in the URL segment [12]
 o scripts/singleuse.pl: add more API calls
 o urlapi: remove superfluous host name check [6]