./www/curl, Client that groks URLs

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]


Branch: CURRENT, Version: 8.6.0, Package name: curl-8.6.0, Maintainer: leot

Curl is a command line tool for transferring files with URL syntax, supporting
FTP, FTPS, HTTP, HTTPS, GOPHER, TELNET, DICT, FILE and LDAP. Curl supports
HTTPS certificates, HTTP POST, HTTP PUT, FTP uploading, HTTP form based upload,
proxies, cookies, user+password authentication (Basic, Digest, NTLM, Negotiate,
kerberos...), file transfer resume, proxy tunneling and a busload of other
useful tricks.


Required to run:
[security/heimdal] [security/openssl] [www/nghttp2] [devel/libidn2]

Required to build:
[pkgtools/cwrappers]

Package options: gssapi, http2, idn, inet6

Master sites:

Filesize: 2568.465 KB

Version history: (Expand)


CVS history: (Expand)


   2024-01-31 08:21:08 by Thomas Klausner | Files touched by this commit (4) | Package updated
Log message:
*curl*: update to 8.6.0

This release includes the following changes:

 o add CURLE_TOO_LARGE [48]
 o add CURLINFO_QUEUE_TIME_T [76]
 o add CURLOPT_SERVER_RESPONSE_TIMEOUT_MS: add [39]
 o asyn-thread: use GetAddrInfoExW on >= Windows 8 [55]
 o configure: make libpsl detection failure cause error [109]
 o docs/cmdline: change to .md for cmdline docs [77]
 o docs: introduce "curldown" for libcurl man page format [102]
 o runtests: support -gl. Like -g but for lldb. [47]

This release includes the following bugfixes:

 o altsvc: free 'as' when returning error [23]
 o appveyor: replace PowerShell with bash + parallel autotools [54]
 o appveyor: switch to out-of-tree builds [29]
 o asyn-ares: with modern c-ares, use its default timeout [127]
 o build: delete unused `HAVE_{GSSHEIMDAL,GSSMIT,HEIMDAL}` [4]
 o build: delete/replace clang warning pragmas [111]
 o build: enable missing OpenSSF-recommended warnings, with fixes [11]
 o build: fix `-Wconversion`/`-Wsign-conversion` warnings [26]
 o build: fix Windows ADDRESS_FAMILY detection [35]
 o build: more `-Wformat` fixes [40]
 o build: remove redundant `CURL_PULL_*` settings [8]
 o cf-h1-proxy: no CURLOPT_USERAGENT in CONNECT with hyper [133]
 o cf-socket: show errno in tcpkeepalive error messages [120]
 o CI/distcheck: run full tests [31]
 o cmake: add option to disable building docs
 o cmake: fix generation for system name iOS [53]
 o cmake: fix typo [5]
 o cmake: freshen up docs/INSTALL.cmake [101]
 o cmake: prefill/cache `HAVE_STRUCT_SOCKADDR_STORAGE` [45]
 o cmake: rework options to enable curl and libcurl docs [161]
 o cmake: when USE_MANUAL=YES, build the curl.1 man page [113]
 o cmdline-opts/write-out.d: remove spurious double quotes
 o cmdline-opts: update availability for the *-ca-native options [66]
 o cmdline/gen: fix the sorting of the man page options [33]
 o configure: add libngtcp2_crypto_boringssl detection [155]
 o configure: fix no default int compile error in ipv6 detection [69]
 o configure: when enabling QUIC, check that TLS supports QUIC [87]
 o connect: remove margin from eyeballer alloc [79]
 o content_encoding: change return code to typedef'ed enum [94]
 o cookie.d: document use of empty string to enable cookie engine [106]
 o cookie: avoid fopen with empty file name [24]
 o curl.h: CURLOPT_DNS_SERVERS is only available with c-ares [131]
 o curl: show ipfs and ipns as supported "protocols" [15]
 o curl_easy_getinfo.3: remove the wrong time value count [116]
 o curl_multi_fdset.3: remove mention of null pointer support [134]
 o CURLINFO_REFERER.3: clarify that it is the *request* header [70]
 o CURLOPT_AUTOREFERER.3: mention CURLINFO_REFERER
 o CURLOPT_POSTFIELDS.3: fix incorrect C string escape in example [27]
 o CURLOPT_SSH_*_KEYFILE: clarify [57]
 o dist: add tests/errorcodes.pl to the tarball [6]
 o docs: clean up Protocols: for cmdline options [32]
 o docs: describe and highlight super cookies [80]
 o docs: do not start lines/sentences with So, But nor And [140]
 o docs: install curl.1 with cmake [166]
 o docs: mention env vars not used by schannel [124]
 o doh: remove unused local variable [34]
 o examples: add four new examples [99]
 o file+ftp: use stack buffers instead of data->state.buffer [138]
 o ftp: handle the PORT parsing without allocation [44]
 o ftp: use dynbuf to store entrypath [83]
 o ftp: use memdup0 to store the OS from a SYST 215 response [82]
 o ftpserver.pl: send 213 SIZE response without spurious newline
 o gen.pl: support ## for doing .IP in table-like lists [105]
 o gen: do italics/bold for a range of letters, not just single word [78]
 o GHA: add a job scanning for "bad words" in markdown [164]
 o GHA: bump ngtcp2, gnutls, mod_h2, quiche [158]
 o gnutls: fix build with --disable-verbose [3]
 o haproxy-clientip.d: document the arg [68]
 o headers: make sure the trailing newline is not stored [97]
 o headers: remove assert from Curl_headers_push [115]
 o hostip: return error immediately when Curl_ip2addr() fails [19]
 o hsts: remove assert for zero length domain [96]
 o http2: improved on_stream_close/data_done handling [49]
 o http3/quiche: fix result code on a stream reset [91]
 o http3: initial support for OpenSSL 3.2 QUIC stack [110]
 o http: adjust_pollset fix [85]
 o http: check for "Host:" case insensitively [154]
 o http: fix off-by-one error in request method length check [14]
 o http: only act on 101 responses when they are HTTP/1.1 [98]
 o http: remove comment reference to a removed solution [156]
 o http: use stack scratch buffer [150]
 o http_proxy: a blank CURLOPT_USERAGENT should not be used in CONNECT [90]
 o krb5: add prototype to silence clang warnings on mvsnprintf() [119]
 o lib: add debug log outputs for CURLE_BAD_FUNCTION_ARGUMENT [62]
 o lib: error out on multissl + http3 [13]
 o lib: fix variable undeclared error caused by `infof` changes [2]
 o lib: reduce use of strncpy [30]
 o lib: rename Curl_strndup to Curl_memdup0 to avoid misunderstanding [36]
 o lib: replace readwrite with write_resp [137]
 o lib: strndup/memdup instead of malloc, memcpy and null-terminate [42]
 o libssh2: use `libssh2_session_callback_set2()` with v1.11.1 [103]
 o libssh: improve the deprecation warning dismissal [20]
 o libssh: supress warnings without version check [18]
 o Makefile.am: fix the MSVC project generation [22]
 o Makefile.mk: drop Windows support [12]
 o mbedtls: fix `-Wnull-dereference` and `-Wredundant-decls` [117]
 o mbedtls: free the entropy when threaded [46]
 o mime: use memdup0 instead of malloc + memcpy [63]
 o mksymbolsmanpage.pl: provide references to where the symbol is used
 o mprintf: overhaul and bugfixes [52]
 o mqtt: use stack scratch buffer for recv+publish [148]
 o multi: remove total timer reset in file_do() while fetching file:// [89]
 o ngtcp2: put h3 at the front of alpn [58]
 o ntlm_wb: do not use data->state.buffer any longer [151]
 o openldap: fix an LDAP crash [75]
 o openldap: fix STARTTLS [67]
 o openssl: re-match LibreSSL deinit with init [17]
 o openssl: when verifystatus fails, remove session id from cache [100]
 o OS400: sync ILE/RPG binding [114]
 o pingpong: stop using the download buffer [159]
 o pop3: replace calloc + memcpy with memdup0 [60]
 o pytest: scorecard tracking CPU and RSS [157]
 o quiche: return CURLE_HTTP3 on send to invalid stream [65]
 o readwrite_data: loop less [21]
 o Revert "urldata: move async resolver state from easy handle to \ 
connectdata" [16]
 o rtsp: deal with borked server responses [129]
 o runtests: for mode="text" on <stdout>, fix newlines on both \ 
parts [64]
 o sasl: make login option string override http auth [142]
 o schannel: fix `-Warith-conversion` gcc 13 warning [28]
 o sectransp: do verify_cert without memdup for blobs [93]
 o sectransp_ make TLSCipherNameForNumber() available in non-verbose config [1]
 o sendf: fix compiler warning with CURL_DISABLE_HEADERS_API [38]
 o setopt: clear mimepost when formp is freed [92]
 o setopt: use memdup0 when cloning COPYPOSTFIELDS [107]
 o socks: fix generic output string to say SOCKS instead of SOCKS4 [144]
 o socks: use own buffer instead of data->state.buffer [143]
 o ssh: fix namespace of two local macros [51]
 o ssh: use stack scratch buffer for seeks [146]
 o strerror: repair get_winsock_error() [56]
 o system.h: sync mingw `CURL_TYPEOF_CURL_SOCKLEN_T` with other compilers [9]
 o system_win32: fix a function pointer assignment warning [71]
 o telnet: use dynbuf instad of malloc for escape buffer [108]
 o telnet: use stack scratch buffer for do [149]
 o tests/server: delete workaround for old-mingw [25]
 o tests: avoid int/size_t conversion size/sign warnings [163]
 o tests: respect $TMPDIR when creating unix domain sockets [50]
 o tool: make parser reject blank arguments if not supported [86]
 o tool: prepend output_dir in header callback [95]
 o tool_getparam: bsearch cmdline options [74]
 o tool_getparam: do not try to expand without an argument [59]
 o tool_getparam: stop supporting `@filename` style for --cookie [121]
 o tool_listhelp: regenerate after recent .d updates [61]
 o tool_operate: make --remove-on-error only remove "real" files [125]
 o tool_operate: stop setting the file comment on Amiga [128]
 o transfer: adjust_pollset improvements [81]
 o transfer: fix upload rate limiting, add test cases [37]
 o transfer: make the select_bits_paused condition check both directions [104]
 o transfer: remove warning: Value stored to 'blen' is never read [136]
 o url: don't set default CA paths for Secure Transport backend [126]
 o url: for disabled protocols, mention if found in redirect [7]
 o urlapi: remove assert [162]
 o verify-examples.pl: fail verification on unescaped backslash [72]
 o version: show only the libpsl version, not its dependencies [130]
 o vquic: extract TLS setup into own source [88]
 o vtls: fix missing multissl version info [73]
 o vtls: receive max buffer [139]
 o vtls: remove the Curl_cft_ssl_proxy object if CURL_DISABLE_PROXY [41]
 o websockets: check for negative payload lengths [123]
 o websockets: refactor decode chain [122]
 o windows: delete redundant headers [43]
 o windows: simplify detecting and using system headers [10]
 o wolfssl: load certificate *chain* for PEM client certs [84]
 o x509asn1: remove code for WANT_VERIFYHOST [132]
 o x509asn1: switch from malloc to dynbuf [112]
   2023-12-07 08:50:55 by Thomas Klausner | Files touched by this commit (5) | Package updated
Log message:
curl: update to 8.5.0

Security fix release.
   2023-11-08 14:21:43 by Thomas Klausner | Files touched by this commit (2377)
Log message:
*: recursive bump for icu 74.1
   2023-10-25 00:11:51 by Thomas Klausner | Files touched by this commit (2298)
Log message:
*: bump for openssl 3
   2023-10-22 15:34:31 by Jonathan Schleifer | Files touched by this commit (2)
Log message:
curl: Make brotli an option

This fixes the linker errors on Fedora 39 for me. Apparently curl picks up the
headers and assumes the libraries must exist then. Explicitly disabling brotli
when not using it or depending on the buildlink when enabling it fixes this.
   2023-10-11 09:16:03 by Adam Ciarcinski | Files touched by this commit (5) | Package updated
Log message:
curl libcurl-gnutls: updated to 8.4.0

Fixed in 8.4.0 - October 11 2023

Changes:

curl: add support for the IPFS protocols via HTTP gateway
curl_multi_get_handles: get easy handles from a multi handle
mingw: delete support for legacy mingw.org toolchain

Bugfixes:

acinclude.m4: Document proper system truststore on FreeBSD
appveyor: fix yamlint issues, indent
appveyor: rewrite batch in PowerShell + CI improvements
autotools: adjust `CURL_CA_PATH` value to CMake
autotools: restore `HAVE_IOCTL_*` detections
base64: also build for curl
bufq: remove Curl_bufq_skip_and_shift (unused)
build: delete checks for C89 standard headers
build: do not publish `HAVE_BORINGSSL`, `HAVE_AWSLC` macros
cf-socket: simulate slow/blocked receives in debug
cmake, configure: also link with CoreServices
cmake: add check for suseconds_t
cmake: add feature checks for `memrchr` and `getifaddrs`
cmake: add missing checks
cmake: delete old `HAVE_LDAP_URL_PARSE` logic
cmake: detect `HAVE_CLOCK_GETTIME_MONOTONIC_RAW`
cmake: detect `HAVE_GETADDRINFO_THREADSAFE`
cmake: detect `sys/wait.h` and `netinet/udp.h`
cmake: detect TLS-SRP in OpenSSL/wolfSSL/GnuTLS
cmake: disable unity mode with Windows Unicode + TrackMemory
cmake: fix `HAVE_LDAP_SSL`, `HAVE_LDAP_URL_PARSE` on non-Windows
cmake: fix `HAVE_WRITABLE_ARGV` detection
cmake: fix duplicate symbols when linking tests
cmake: fix missing `zlib.h` when compiling `libcurltool`
cmake: fix stderr initialization in unity builds
cmake: fix the help text to the static build option in CMakeLists.txt
cmake: fix unity builds for more build combinations
cmake: fix unity symbol collisions in h2 builds
cmake: fix unity with Windows Unicode + TrackMemory
cmake: improve OpenLDAP builds
cmake: lib `CURL_STATICLIB` fixes (Windows)
cmake: move global headers to specific checks
cmake: pre-cache `HAVE_BASENAME` for mingw-w64 and MSVC
cmake: pre-cache `HAVE_POLL_FINE` on Windows
cmake: tidy-up `NOT_NEED_LBER_H` detection
cmake: validate `CURL_DEFAULT_SSL_BACKEND` config value
configure: check for the capath by default
configure: remove unused checks
configure: replace adhoc domain with `localhost` in tests
configure: sort AC_CHECK_FUNCS
connect: expire the timeout when trying next
connect: only start the happy eyeballs timer when needed
cookie: do not store the expire or max-age strings
cookie: remove unnecessary struct fields
cookie: set ->running in cookie_init even if data is NULL
create-dirs.d: clarify it also uses --output-dirs
curl.h: mark CURLSSLBACKEND_NSS as deprecated since 8.3.0
curl_easy_pause.3: mention h2/h3 buffering
curl_easy_pause.3: mention it works within callbacks
curl_easy_pause: set "in callback" true on exit if true
CURLOPT_DEBUGFUNCTION.3: warn about internal handles
docs/libcurl/opts/Makefile.inc: add missing manpage files
docs: adapt SEE ALSO sections to new requirements
docs: explain how PINNEDPUBLICKEY is independent of VERIFYPEER
docs: replace made up domains with example.com
docs: update curl man page references
docs: use CURLSSLBACKEND_NONE
doh: inherit DEBUGFUNCTION/DATA
escape: replace Curl_isunreserved with ISUNRESERVED
FAQ: How do I upgrade curl.exe in Windows?
GHA/linux: run singleuse to detect single-use global functions
GHA: add workflow to compare configure vs cmake outputs
h2-proxy: remove left-over mistake in drain_tunnel()
h2: testcase and fix for pausing h2 streams
h3: add support for ngtcp2 with AWS-LC builds
http2: refused stream handling for retry
http: fix CURL_DISABLE_BEARER_AUTH breakage
http: h1/h2 proxy unification
http: remove wrong comment for http_should_fail
http: use per-request counter to check too large headers
http_aws_sigv4: fix sorting with empty parts
idn: fix WinIDN null ptr deref on bad host
idn: if idn2_check_version returns NULL, return error
inet_ntop: add typecast to silence Coverity
lib: disambiguate Curl_client_write flag semantics
lib: enable hmac for digest as well
lib: failf/infof compiler warnings
lib: let the max filesize option stop too big transfers too
lib: move handling of `data->req.writer_stack` into Curl_client_write()
lib: provide and use Curl_hexencode
lib: remove TIME_WITH_SYS_TIME
lib: use wrapper for curl_mime_data fseek callback
libssh2: fix error message on failed pubkey-from-file
libssh: cap SFTP packet size sent
Makefile.mk: always set `CURL_STATICLIB` for lib (Windows)
MANUAL.md: change domain to example.com
misc: better random strings
MQTT: improve receive of ACKs
multi: do CURLM_CALL_MULTI_PERFORM at two more places
multi: fix small timeouts
multi: remove Curl_multi_dump
multi: round the timeout up to prevent early wakeups
multi: set CURLM_CALL_MULTI_PERFORM after switch to DOING_MORE
openssl: improve ssl shutdown handling
openssl: use X509_ALGOR_get0 instead of reaching into X509_ALGOR
pytest: exclude test_03_goaway in CI runs due to timing dependency
quic: set ciphers/curves the same way regular TLS does
quiche: fix build error with --with-ca-fallback
RELEASE-PROCEDURE.md: updated coming release dates
runtests: display the test status if tests appear hung
runtests: eliminate a warning on old perl versions
socks: return error if hostname too long for remote resolve
src/mkhelp: make generated code pass `checksrc`
test1056: disable on Windows
test1474: disable test on NetBSD, OpenBSD and Solaris 10
test1592: greatly increase the maximum test timeout
test1903: actually verify the cookies after the test
test1906: set a lower timeout since it's hit on Windows
test2600: remove special case handling for USE_ALARM_TIMEOUT
test650: fix an end tag typo
test661: return from test early in case of curl error
test: add missing <feature>s
tests: close the shell used to start sshd
tests: fix a race condition in ftp server disconnect
tests: fix compiler warnings
tests: Fix zombie processes left behind by FTP tests.
tests: improve SLOWDOWN test reliability by reducing sent data
tests: increase lib571 timeout from 3s to 30s
tests: log the test result code after each libtest
tests: propagate errors in libtests
tests: set --expect100-timeout to improve test reliability
tests: show which curl tool `runtests.pl` is using
tests: stop overriding the lock timeout
tftpd: always use curl's own tftp.h
tool: use our own stderr variable
tool_cb_wrt: fix debug assertion
tool_getparam: accept variable expansion on file names too
tool_setopt: remove unused function tool_setopt_flags
upload-file.d: describe the file name slash/backslash handling
url: fall back to http/https proxy env-variable if ws/wss not set
url: fix netrc info message
warnless: remove unused functions
wolfssh: do cleanup in Curl_ssh_cleanup
wolfssl: allow capath with CURLOPT_CAINFO_BLOB
wolfssl: if CURLOPT_CAINFO_BLOB is set, ignore the CA files
wolfssl: ignore errors in CA path
   2023-09-29 12:45:04 by Tobias Nygren | Files touched by this commit (3) | Package updated
Log message:
curl: fix libcurl breakage on macOS 14, via upstream

Autoreconfed with upstream m4 changes and relevant hunks extracted manually.
patch-configure can be reverted when curl is updated past 8.4.0.
   2023-09-13 10:15:05 by Adam Ciarcinski | Files touched by this commit (5) | Package updated
Log message:
curl libcurl-gnutls: updated to 8.3.0

Fixed in 8.3.0 - September 13 2023

Changes:

curl: make %output{} in -w specify a file to write to
gskit: remove
lib: --disable-bindlocal builds curl without local binding support
nss: remove support for this TLS library
tool: add "variable" support
trace: make tracing available in non-debug builds
url: change default value for CURLOPT_MAXREDIRS to 30
urlapi: CURLU_PUNY2IDN - convert from punycode to IDN name
wolfssl: support loading system CA certificates
Bugfixes:

altsvc: accept and parse IPv6 addresses in response headers
asyn-ares: reduce timeout to 2000ms
aws-sigv4: canonicalize the query
aws-sigv4: fix having date header twice in some cases
aws-sigv4: handle no-value user header entries
bearssl: don't load CA certs when peer verification is disabled
bearssl: handshake fix, provide proper get_select_socks() implementation
build: fix portability of mancheck and checksrc targets
build: streamline non-UWP wincrypt detections
c-hyper: adjust the hyper to curlcode conversion
c-hyper: fix memory leaks in `Curl_http`
cf-haproxy: make CURLOPT_HAPROXY_CLIENT_IP set the *source* IP
cf-socket: log successful interface bind
CI/cirrus: disable python install on FreeBSD
CI: add a 32-bit i686 Linux build
CI: add caching to many jobs
CI: move on to ngtcp2 v0.19.1
CI: move the Alpine build from Cirrus to GHA
CI: ngtcp2-linux: use separate caches for tls libraries
CI: remove Windows builds from Cirrus, without replacement
CI: switch macOS ARM build from Cirrus to Circle CI
CI: use master again for wolfssl
cirrus: install everthing with pkg, avoid pip
cmake: add GnuTLS option
cmake: add support for `CURL_DEFAULT_SSL_BACKEND`
cmake: add support for single libcurl compilation pass
cmake: allow `SHARE_LIB_OBJECT=ON` on all platforms
cmake: assume `wldap32` availability on Windows
cmake: cache more config and delete unused ones
cmake: detect `SSL_set0_wbio` in OpenSSL
cmake: drop `HAVE_LIBWINMM` and `HAVE_LIBWS2_32` feature checks
cmake: fix to use variable for the curl namespace
cmake: fixup H2 duplicate symbols for unity builds
cmake: set SIZEOF_LONG_LONG in curl_config.h
cmake: support building static and shared libcurl in one go
cmdline-docs: make sure to phrase it as "added in ...."
cmdline-docs: use present tense, not future
cmdline-opts/docs: mention the negative option part
cmdline-opts/page-header: clarify stronger that !opt == URL
cmdline-opts/page-header: reorder, clean up
configure, cmake, lib: more form api deprecation
configure: fix `HAVE_TIME_T_UNSIGNED` check
configure: trust pkg-config when it's used for zlib
configure: use the pkg-config --libs-only-l flag for libssh2
connect: stop halving the remaining timeout when less than 600 ms left
cookie-jar.d: emphasize that this option is ONLY writing cookies
crypto: ensure crypto initialization works
curl_url_get/set.3: add missing semicolon in SYNOPSIS
CURLINFO_CERTINFO.3: better explain curl_certinfo struct
CURLINFO_TLS_SSL_PTR.3: clarify a recommendation
CURLOPT_*TIMEOUT*: extend and clarify
CURLOPT_SSL_VERIFYPEER.3: mention it does not load CA certs when disabled
CURLOPT_URL.3: add two URL API calls in the see-also section
CURLOPT_URL.3: explain curl_url_set() uses the same parser
digest: Use hostname to generate spn instead of realm
disable.d: explain --disable not implemented prior to 7.50.0
docs/cmdline-opts/gen.pl: hide "added in" before 7.50.0
docs/cmdline-opts: match the current output
docs/cmdline-opts: spellfixes, typos and polish
docs/cmdline: add small "warning" to verbose options
docs/cmdline: remove repeated working for negotiate + ntlm
docs/HYPER.md: document a workaround for a link error
docs: add curl_global_trace to some SEE ALSO sections
docs: link to the website versions instead of markdowns
docs: mark --ssl-revoke-best-effort as Schannel specific
docs: mention critical files in same directories as curl saves
docs: removing "pausing transfers" from HYPER.md.
docs: rewrite to present tense
easy: remove #ifdefs to make code easier on the eye
egd: delete feature detection and related source code
ftp: fix temp write of ipv6 address
gen.pl: escape all dashes (ascii minus) to avoid unicode hyphens
gen.pl: replace all single quotes with aq
GHA: adding quiche workflow
headers: accept leading whitespaces on first response header
http2: avoid too early connection re-use/multiplexing
http2: cleanup trace messages
http2: disable asssertion blocking OSSFuzz testing
http2: fix in h2 proxy tunnel: progress in ingress on sending
http2: polish things around POST
http2: upgrade tests and add fix for non-existing stream
http3/ngtcp2: shorten handshake, trace cleanup
http3: quiche, handshake optimization, trace cleanup
http: close the connection after a late 417 is received
http: do not require a user name when using CURLAUTH_NEGOTIATE
http: fix sending of large requests
http: remove the p_pragma struct field
http: return error when receiving too large header set
hyper: fix a progress upload counter bug
hyper: fix ownership problems
hyper: remove `hyptransfer->endtask`
imap: add a check for failing strdup()
imap: remove the only sscanf() call in the IMAP code
include.d: explain headers not printed with --fail before 7.75.0
include/curl/mprintf.h: add __attribute__ for the prototypes
krb5: fix "implicit conversion loses integer precision" warnings
lib: add ability to disable auths individually
lib: build fixups when built with most things disabled
lib: fix a few *printf() flag mistakes
lib: fix null ptr derefs and uninitialized vars (h2/h3)
lib: move mimepost data from ->req.p.http to ->state
libtest: use curl_free() to free libcurl allocated data
list-only.d: mention SFTP as supported protocol
macOS: fix target detection more
misc: fix various typos
multi.h: the 'revents' field of curl_waitfd is supported
multi: more efficient pollfd count for poll
multi: remove 'processing: <url>' debug message
ngtcp2: fix handling of large requests
openssl: auto-detect `SSL_R_TLSV13_ALERT_CERTIFICATE_REQUIRED`
openssl: clear error queue after SSL_shutdown
openssl: make aws-lc version support OCSP
openssl: Support async cert verify callback
openssl: switch to modern init for LibreSSL 2.7.0+
openssl: use `SSL_CTX_set_ciphersuites` with LibreSSL 3.4.1
openssl: use `SSL_CTX_set_keylog_callback` with LibreSSL 3.5.0
openssl: when CURLOPT_SSL_CTX_FUNCTION is registered, init x509 store before
os400: build test servers
os400: do not check translatable options at build time
os400: implement CLI tool
page-footer: QLOGDIR works with ngtcp2 and quiche
page-header: move up a URL paragraph from GLOBBING to URL
pytest: fix check for slow_network skips to only apply when intended
quic: don't set SNI if hostname is an IP address
quiche: adjust quiche `QUIC_IDLE_TIMEOUT` to 60s
quiche: enable quiche to handle timeout events
resolve: use PF_INET6 family lookups when CURL_IPRESOLVE_V6 is set
revert "schannel: reverse the order of certinfo insertions"
schannel: fix ordering of cert chain info
schannel: fix user-set legacy algorithms in Windows 10 & 11
schannel: verify hostname independent of verify cert
sectransp: fix compiler warnings
sectransp: prevent CFRelease() of NULL
secureserver.pl: fix stunnel path quoting
secureserver.pl: fix stunnel version parsing
SECURITY-PROCESS.md: not a sec issue: Tricking user to run a cmdline
system.h: add CURL_OFF_T definitions on HP-UX with HP aCC
test1304: build and skip without netrc support
test1554: check translatable string options in OS400 wrapper
test1608: make it build and get skipped without shuffle DNS support
test687/688: two more basic --xattr tests
tests/tftpd+mqttd: make variables static to silence picky warnings
tests: add 'large-time' as a testable feature
tests: add support for nested %if conditions
tests: don't call HTTP errors OK in test cases
tests: ensure `libcurl.def` contains all exports
tests: fix h3 server check and parallel instances
tests: TLS session sharing test
tests: update cookie expiry dates to far in the future
time-cond.d: mention what happens on a missing file
tool: avoid including leading spaces in the Location hyperlink
tool: change some fopen failures from warnings to errors
tool: make the length argument an int for printf()-.* flags
tool_cb_wrt: fix invalid unicode for windows console
tool_filetime: make -z work with file dates before 1970
tool_operate: allow both SSL_CERT_FILE and SSL_CERT_DIR
tool_operate: make aws-sigv4 not require TLS to be used
tool_paramhlp: improve str2num(): avoid unnecessary call to strlen()
tool_urlglob: use the correct format specifier for curl_off_t in msnprintf
transfer: also stop the sending on closed connection
transfer: don't set TIMER_STARTTRANSFER on first send
unit2600: fix build warning if built without verbose messages
url: remove infof() output for "still name resolving"
urlapi: fix heap buffer overflow
urlapi: make sure zoneid is also duplicated in curl_url_dup
urlapi: return CURLUE_BAD_HOSTNAME if puny2idn encoding fails
urlapi: setting a blank URL ("") is not an ok URL
vquic: show stringified messages for errno
vtls: clarify "ALPN: offers" message
winbuild: improve check for static zlib
wolfSSL: avoid the OpenSSL compat API when not needed
workflows/macos.yml: disable zstd and alt-svc in the http-only build
write-out.d: clarify %{time_starttransfer}
ws: fix spelling mistakes in examples and tests