| Index | index by Group | index by Distribution | index by Vendor | index by creation date | index by Name | Mirrors | Help | Search |
| Name: libcurl-devel-doc | Distribution: openSUSE Tumbleweed |
| Version: 8.19.0 | Vendor: openSUSE |
| Release: 2.1 | Build date: Thu Mar 26 16:01:40 2026 |
| Group: Unspecified | Build host: reproducible |
| Size: 673011 | Source RPM: curl-8.19.0-2.1.src.rpm |
| Packager: https://bugs.opensuse.org | |
| Url: https://curl.se | |
| Summary: Manual pages for libcurl | |
Manual pages for the libcurl C API.
curl
* Thu Mar 26 2026 Pedro Monreal <pmonreal@suse.com>
- Update %suse_version checks for SLES 16.x (jsc#PED-15813)
* Wed Mar 11 2026 Pedro Monreal <pmonreal@suse.com>
- Update to 8.19.0:
* Security fixes:
- CVE-2026-1965: Bad reuse of HTTP Negotiate connection (bsc#1259362)
- CVE-2026-3783: Token leak with redirect and netrc (bsc#1259363)
- CVE-2026-3784: Wrong proxy connection reuse with credentials (bsc#1259364)
- CVE-2026-3805: Use after free in SMB connection reuse (bsc#1259365)
* Changes:
- BUG-BOUNTY.md: we stop the bug-bounty end of Jan 2026
- cmake: add 'CURL_BUILD_EVERYTHING' option
- mqtt: initial support for MQTTS
- tool: support fractions for --limit-rate and --max-filesize
- tool_cb_hdr: with -J, use the redirect name as a backup
- vquic: drop support for OpenSSL-QUIC
* Bugfixes:
- altsvc: only accept 17 byte dates from files
- asyn-ares: abort with OOM error when Curl_dnscache_mk_entry fails
- build: move curl stat struct type to the curlx namespace
- build: require POSIX 'strdup()'
- build: tidy up and dedupe 'strdup' functions
- cf-socket: ignore SOCK_CLOEXEC etc for socktype equality checks
- cf-socket: use SOCK_CLOEXEC in socket_open when available
- cmake: reference OpenSSL and ZLIB imported targets only when enabled
- cmake: skip binutils ld hack if zlib/openssl target is not 'IMPORTED'
- config2setopts: acknowledge OOM error from CURLOPT_MIMEPOST
- curl: add -I and -i to -h important
- curl_setup.h: simplify curl memory macro mappings
- curlx: drop unused 'curlx_saferealloc()'
- digest: escape double quotes and backslashes in realm and nonce
- digest: fix memory leak in auth_create_digest_http_message()
- digest: handle quotes in the path
- easy: reset errorbuf on eyeballing success
- easy: reset pausing when resetting request
- ftp: replace a 'curlx_free()' with 'curlx_dyn_free()'
- ftp: split ftp_state_use_port into sub functions
- GOVERNANCE.md: Post-Daniel BDFL
- gss: exclude verbose error logic from non-verbose builds
- h2+h3: align stream close handling
- hostip.c: fix leak of addrinfo
- hostip6: remove debug-only code
- hostip: fix unreachable code in rare build configuration
- http/3: add description for known server error codes
- http1: fix potential NULL dereference in 'Curl_h1_req_parse_read()'
- http: only send bearer if auth is allowed
- imap: add a check for Curl_meta_get()
- imap: check 'imap_sendf()' printf masks at compile-time
- imap: skip literals inside quoted strings
- include: mask computed auth/proto bitmasks to 32 bits
- lib: disable websockets early if no http
- lib: make sigpipe handling more lazy
- lib: reorder protocol functions to avoid forward declarations (email,ftp, misc, ssh)
- lib: separate scheme info from protocol implementation
- lib: use (u)int64_t instead of long long
- mbedtls: guard TLS 1.3 + session tickets usage inside ifdef
- mbedtls: no pinnedpubkey wo MBEDTLS_SSL_KEEP_PEER_CERTIFICATE
- md4, md5: drop redundant forward declarations
- md4, md5: replace custom types with 'uint32_t'
- mimepost: allocate main struct on-demand
- mk-ca-bundle.pl: drop support for obsolete/insecure fingerprint algos
- mqtt: better too-big-message-check
- mqtt: fix EOF handling
- mqtt: verify Remaining Length for CONNACK and PUBACK
- multi: avoid a theoretical 32-bit wrap
- multi: probe for IPv6 functionality in multi_init()
- noproxy: simplify, don't mix const non-const in strchr()
- openldap: avoid forward declarations in ldaps code
- openssl+ech: workaround for insecure handshakes
- openssl: adapt to OpenSSL master adding const to more APIs
- OpenSSL: check reuse of sessions for verify status
- openssl: disable local keylog feature if built-in upstream
- openssl: fix compiler warning with OpenSSL master
- openssl: fix potential OOB read in debug/verbose logging
- quiche: use PRIu64 for outputting the stream id
- request.h: rename parameter 'buf' to 'req' in Curl_req_send
- rtsp: fix assertion failure on zero-length RTP payload
- rtspd: fix to check 'realloc()' result
- setopt: refuse blobs with zero length
- ssh: dedupe state change function
- tftp: correct the filename length check
- timeout handling: auto-detect effective timeout
- tls: add new SSLSUPP flags for several options
- tls: remove checks for DEFAULT
- tool: enable header separation for HTTPS proxies
- tool_cb_hdr: suppress header output when --out-null
- tool_operate: reset the URL --url-query between --next
- url: fix reuse of connections using HTTP Negotiate
- urlapi: use U_CURLU_URLDECODE when toggling it off unsigned
- urldata: byebye 'conn->hostname_resolve'
- urldata: change 'keep_post' into three distinct bitfields
- urldata: convert 'long' fields to fixed variable types
- urldata: switch to uint* types
- usercertinmem: use the correct cert BIO
- vquic: handle SOCKEMSGSIZE correctly
- vtls: dedupe common on-session-reuse logic
- vtls: use ALPN http/1.0 & http/1.1 for HTTP/1.0 requests
- VULN-DISCLOSURE-POLICY.md: push reports to the web form
- VULN-DISCLOSURE-POLICY.md: use hackerone
- x509asn1: make encodeOID stop on too long input
* Remove now unrecognized option --with-openssl-quic
* Rebase patches:
- curl-disabled-redirect-protocol-message.patch
- dont-mess-with-rpmoptflags.patch
- libcurl-ocloexec.patch
* Tue Mar 10 2026 Jan Engelhardt <jengelh@inai.de>
- Build with --enable-ntlm. Certain Exchange Server endpoints
oddly permit NTLM but not Basic-type authentication.
* Wed Jan 07 2026 Lucas Mulling <lucas.mulling@suse.com>
- Update to 8.18.0:
* Security fixes:
- [bsc#1256105, CVE-2025-14017] ldap: call ldap_init() before setting the options
- [bsc#1255731, CVE-2025-14524] curl_sasl: if redirected, require permission to use bearer
- [bsc#1255734, CVE-2025-15224] libssh: require private key or user-agent for public key auth
- [bsc#1255732, CVE-2025-14819] openssl: toggling CURLSSLOPT_NO_PARTIALCHAIN makes a different CA cache
- [bsc#1255733, CVE-2025-15079] libssh: set both knownhosts options to the same file
* Changes:
- openssl: bump minimum OpenSSL version to 3.0.0
* Bugfixes:
- alt-svc: more flexibility on same destination
- altsvc: accept ma/persist per alternative entry
- altsvc: make it one malloc instead of three per entry
- asyn-ares: handle Curl_dnscache_mk_entry() OOM error
- asyn-ares: remove hostname free on OOM
- asyn-thrdd: fix Curl_async_getaddrinfo() on systems without getaddrinfo
- asyn-thrdd: release rrname if ares_init_options fails
- auth: always treat Curl_auth_ntlm_get() returning NULL as OOM
- autotools: add nettle library detection via pkg-config (for GnuTLS)
- autotools: drop autoconf <2.59 compatibility code (zz60-xc-ovr)
- autotools: fix LargeFile feature display on Windows (after prev patch)
- autotools: tidy-up 'if' expressions
- build: add build-level 'CURL_DISABLE_TYPECHECK' options
- build: exclude clang prereleases from compiler warning options
- build: replace '-pedantic' with '-Wpedantic' when supported
- build: set '-Wno-format-signedness'
- build: tidy-up MSVC CRT warning suppression macros
- ccsidcurl: make curl_mime_data_ccsid() use the converted size
- cf-h1-proxy: support folded headers in CONNECT responses
- cf-https-connect: allocate ctx at first in cf_hc_create()
- cf-socket: drop feature check for 'IPV6_V6ONLY' on Windows
- cf-socket: enable Win10 'TCP_KEEP*' options with old SDKs
- cf-socket: limit use of 'TCP_KEEP*' to Windows 10.0.16299+ at runtime
- cf-socket: return OOM error if socket() fails due to OOM
- cf-socket: trace ignored errors
- cfilters: make conn_forget_socket a private libssh function
- checksrc.pl: detect assign followed by more than one space
- cmake: adjust defaults for target platforms not supporting shared libs
- cmake: define dependencies as 'IMPORTED' interface targets
- cmake: delete unused file 'CMake/CMakeConfigurableFile.in'
- cmake: disable 'CURL_CA_PATH' auto-detection if 'USE_APPLE_SECTRUST=ON'
- cmake: fix 'ws2_32' reference in 'curl-config.cmake'
- cmake: honor 'CURL_DISABLE_INSTALL' and 'CURL_ENABLE_EXPORT_TARGET'
- cmake: replace deprecated 'OPENSSL_FOUND' with 'OpenSSL_FOUND'
- cmake: replace deprecated 'PERL_FOUND' with 'Perl_FOUND'
- cmake: save and restore 'CMAKE_MODULE_PATH' in 'curl-config.cmake'
- cmake: set found status to OFF when not found (for compression deps)
- code: minor indent fixes before closing braces
- config-win32.h: delete obsolete, non-Windows comments
- config-win32.h: drop unused/obsolete 'CURL_HAS_OPENLDAP_LDAPSDK'
- config2setopts: add space in cookie header with multiple -b
- config2setopts: bail out if curl_url_get() returns OOM
- config2setopts: exit if curl_url_set() fails on OOM
- configure: delete unused variable
- conncache: silence '-Wnull-dereference' on gcc 14 RISC-V 64
- conncontrol: reuse handling
- connect: reshuffle Curl_timeleft_ms to avoid 'redundant condition'
- connection: attached transfer count
- content_encoding: avoid strcpy
- cookie. return proper error on OOM
- cookie: allocate the main struct once cookie is fine
- cookie: flush better
- cookie: only keep and use the canonical cleaned up path
- cookie: propagate errors better, cleanup the internal API
- cookie: return error on OOM
- cookie: when parsing a cookie header, delay all allocations until okay
- cshutdn: acknowledge FD_SETSIZE for shutdown descriptors
- curl: fix progress meter in parallel mode
- curl_fopen: do not pass invalid mode flags to 'open()' on Windows
- curl_gssapi: make sure Curl_gss_log_error() has an initialized buffer
- curl_ntlm_core: fix DES_* symbols for some wolfSSL builds
- curl_quiche: refuse headers with CR, LF or null bytes
- curl_sasl: make Curl_sasl_decode_mech compare case insensitively
- curl_setup.h: document more funcs flagged by '_CRT_SECURE_NO_WARNINGS'
- curl_setup.h: drop stray '#undef stat' (Windows)
- curl_setup.h: drop superfluous parenthesis from 'Curl_safefree' macro
- curl_threads: don't do another malloc if the first fails
- curl_trc: delete unused DoH remains
- CURLINFO: remove 'get' and 'get the' from each short desc
- CURLINFO_SCHEME/PROTOCOL: they return the "scheme" for a "transfer"
- CURLINFO_TLS_SSL_PTR.md: remove CURLINFO_TLS_SESSION text
- CURLMOPT_SOCKETFUNCTION.md: fix the callback argument use
- CURLOPT_ACCEPT_ENCODING.md: warn about the expansion
- CURLOPT_FOLLOWLOCATION.md: s/Authentication:/Authorization:/
- CURLOPT_HAPROXY_CLIENT_IP.md: emphasize reused connection use
- CURLOPT_READFUNCTION.md: clarify the size of the buffer
- CURLOPT_SSH_KEYFUNCTION.md: fix minor indent mistake in example
- curlx/fopen: replace open CRT functions their with '_s' counterparts (Windows)
- curlx/multibyte: stop setting macros for non-Windows
- curlx/strerr: use 'strerror_s()' on Windows
- curlx: add 'curlx_rename()', fix to support long filenames on Windows
- curlx: curlx_strcopy() instead of strcpy()
- curlx: limit use of system allocators to the minimum possible
- curlx: replace 'mbstowcs'/'wcstombs' with '_s' counterparts (Windows)
- curlx: replace 'sprintf' with 'snprintf'
- curlx: use curl alloc in 'curlx_win32_stat()' (Windows)
- curlx: use curlx allocators in non-memdebug builds (Windows)
- DEPRECATE: add CMake <3.18 deprecation for April 2026
- digest: fix OWS and escaped quote handling
- digest_sspi: fix a memory leak on error path
- digest_sspi: properly free sspi identity
- doc: some returned in-memory data may not be altered
- docs: add a note about --compressed to note about binary output
- docs: clarify how to do unix domain sockets with SOCKS proxy
- docs: fix checksrc 'EQUALSPACE' warnings
- docs: fix time_posttransfer output unit as seconds
- docs: mention umask need when curl creates files
- docs: remove dead URLs
- docs: rename CURLcode variables to 'result'
- docs: spell it Rustls with a capital R
- docs: switch more URLs to https://
- docs: use mresult as variable name for CURLMcode
- escape: add a length check in curl_easy_escape
- file: do not pass invalid mode flags to 'open()' on upload (Windows)
- formdata: validate callback is non-NULL before use
- ftp: make EPRT connections non-blocking
- ftp: refactor a piece of code by merging the repeated part
- ftp: remove #ifdef for define that is always defined
- ftp: return better on OOM in two places
- ftp: return from ftp_state_use_port immediately on OOM
- getenv: drop internal 1-to-1 wrapper
- getinfo: improve perf in debug mode
- h2/h3: handle methods with spaces
- headers: add length argument to Curl_headers_push()
- hostcheck: fail wildcard match if host starts with a dot
- hostip.h: drop redundant 'setjmp.h' include
- hostip: don't store negative lookup on OOM
- hostip: make more functions return CURLcode
- hostip: only store negative response for CURLE_COULDNT_RESOLVE_HOST
- hsts: propagate and error out correctly on OOM
- hsts: use one malloc instead of two per entry
- http: acknowledge OOM errors from Curl_input_ntlm
- http: avoid two strdup()s and do minor simplifications
- http: error on OOM when creating range header
- http: fix OOM exit in Curl_http_follow
- http: handle oom error from Curl_input_digest()
- http: replace atoi use in Curl_http_follow with curlx_str_number
- http: return OOM errors from hsts properly
- http: the :authority header should never contain user+password
- http: unfold response headers earlier
- idn: avoid allocations and wcslen on Windows
- idn: clarify null-termination on Windows
- idn: fix memory leak in 'win32_ascii_to_idn()'
- idn: use curlx allocators on Windows
- imap: check buffer length before accessing it
- imap: make sure Curl_pgrsSetDownloadSize() does not overflow
- inet_ntop: avoid the strlen()
- krb5: fix detecting channel binding feature
- krb5_sspi: unify a part of error handling
- ldap: drop PP logic for old, unsupported, Windows SDKs
- ldap: improve detection of Apple LDAP
- ldap: provide version for "legacy" ldap as well
- lib/sendf.h: forward declare two structs
- lib: cleanup for some typos about spaces and code style
- lib: create unitprotos.h in the builddir, not srcdir
- lib: drop unused or duplicate 'curlx/timeval.h' includes
- lib: drop unused protocol headers
- lib: eliminate size_t casts
- lib: error for OOM when extracting URL query
- lib: fix formatting nits (part 2)
- lib: fix formatting nits (part 3)
- lib: fix formatting nits
- lib: fix gssapi.h include on IBMi
- lib: name the main CURLMcode variable 'mresult'
- lib: refactor the type of funcs which have useless return and checks
- lib: replace '_tcsncpy'/'wcsncpy'/'wcscpy' with '_s' counterparts (Windows)
- lib: timer stats improvements
- lib: use 'SOCKET_WRITABLE()'/'SOCKET_READABLE()' where possible
- libssh2: add paths to error messages for quote commands
- libssh2: cleanup ssh_force_knownhost_key_type
- libssh2: consider strdup() failures OOM and return correctly
- libssh2: replace atoi() in ssh_force_knownhost_key_type
- libssh: fix state machine loop to progress as it should
- libssh: properly free sftp_attributes
- libtests: replace 'atoi()' with 'curlx_str_number()'
- limit-rate: add example using --limit-rate and --max-time together
- localtime: detect thread-safe alternatives and use them
- m4/sectrust: fix test(1) operator
- manage: expand the 'libcurl support required' message
- mbedTLS: cleanup insecure/deprecated code
- mbedtls: fix potential use of uninitialized 'nread'
- mbedtls: sync format across log messages
- mbedtls_threadlock: avoid calloc, use array
- mdlinkcheck: ignore IP numbers, allow '@' in raw URLs
- mdlinkcheck: only look for markdown links in markdown files
- memdebug: add mutex for thread safety
- memdebug: fix realloc logging
- mk-ca-bundle.md: the file format docs URL is permaredirected
- mk-ca-bundle.pl: default to SHA256 fingerprints with '-t' option
- mk-ca-bundle.pl: use 'open()' with argument list to replace backticks
- mqtt: reject overly big messages
- mqtt: return error when a too large packet is decoded
- multi: make max_total_* members size_t
- multi: remove MSTATE_TUNNELING
- multi: simplify admin handle processing
- multibyte: limit 'curlx_convert_*wchar*()' functions to Unicode builds
- ngtcp2+openssl: fix leak of session
- ngtcp2: remove the unused Curl_conn_is_ngtcp2 function
- ngtcp2: retune window sizes
- noproxy: fix build on systems without IPv6
- noproxy: fix ipv6 handling
- noproxy: replace atoi with curlx_str_number
- openssl: exit properly on OOM when getting certchain
- openssl: fix a potential memory leak of bio_out
- openssl: fix a potential memory leak of params.cert
- openssl: fix building against no-dsa openssl
- openssl: fix building against no-ocsp openssl with Apple SecTrust
- openssl: no verify failf message unless strict
- openssl: release ssl_session if sess_reuse_cb fails
- openssl: remove code handling default version
- openssl: simplify 'HAVE_KEYLOG_CALLBACK' guard
- openssl: stop checking for 'OPENSSL_NO_SHA*' macros
- openssl: stop checking for 'OPENSSL_NO_TLSEXT' macro
- osslq: code readability
- progress: make it one column narrower
- progress: narrower time display, multiple fixes
- progress: show fewer digits
- quiche: use client writer
- ratelimit blocking: fix busy loop
- ratelimit: redesign
- rtmp: fix double-free on URL parse errors
- rtmp: precaution for a potential integer truncation
- rtmp: stop redefining 'setsockopt' system symbol on Windows
- schannel: cap the maximum allowed size for loading cert
- schannel: fix memory leak of cert_store_path on four error paths
- schannel: replace atoi() with curlx_str_number()
- schannel: use Win8 'CERT_NAME_SEARCH_ALL_NAMES_FLAG' with old SDKs
- schannel_verify: fix a memory leak of cert_context
- scripts: fix shellcheck SC2046 warnings
- scripts: use end-of-options marker in 'find -exec' commands
- setopt: disable CURLOPT_HAPROXY_CLIENT_IP on NULL
- setopt: when setting bad protocols, don't store them
- sftp: fix range downloads in both SSH backends
- slist: constify Curl_slist_append_nodup() string argument
- smb: fix a size check to be overflow safe
- socketpair: drop redundant '_WIN32' branch and include
- socks_sspi: use free() not FreeContextBuffer()
- source: misc typos
- speedcheck: do not trigger low speed cancel on transfers with CURL_READFUNC_PAUSE
- speedlimit: also reset on send unpausing
- src: drop redundant definition of 'BIT()'
- src: fix formatting nits
- ssh: tracing and better pollset handling
- sspi: fix memory leaks on error paths in 'Curl_create_sspi_identity()'
- sws: fix binding to unix socket on Windows
- synctime: tidy up, make it work on all platforms
- telnet: abort on bad suboption sequence
- telnet: replace atoi for BINARY handling with curlx_str_number
- tftp: release filename if conn_get_remote_addr fails
- tftpd: fix/tidy up 'open()' mode flags
- tidy-up: avoid '(())', clang-format fixes and more
- tidy-up: move 'CURL_UNCONST()' out from macro 'curl_unicodefree()'
- tidy-up: URLs (cont.) and mdlinkcheck
- tidy-up: URLs
- tool: consider (some) curl_easy_setopt errors fatal
- tool: log when loading .curlrc in verbose mode
- tool_cfgable: free ssl-sessions at exit
- tool_doswin: clear pointer when thread takes ownership
- tool_doswin: increase allowable length of path sanitizer
- tool_doswin: remove the max length check
- tool_getparam: simplify the --rate parser
- tool_getparam: use memdup0() instead of malloc + copy
- tool_getparam: verify that a file exists for some options
- tool_help: add checks to avoid unsigned wrap around
- tool_ipfs: check return codes better
- tool_msgs: make voutf() use stack instead of heap
- tool_operate: exit on curl_share_setopt errors
- tool_operate: fix a case of ignoring return code in operate()
- tool_operate: fix case of ignoring return code in single_transfer
- tool_operate: remove redundant condition
- tool_operate: return error for OOM in append2query
- tool_operate: use curlx_str_number instead of atoi
- tool_paramhlp: refuse --proto remove all protocols
- tool_paramhlp: remove a malloc+free from proto2num()
- tool_paramhlp: simplify number parsing
- tool_progress: fix large time outputs and decimal size display
- tool_urlglob: acknowledge OOM in peek_ipv6
- tool_urlglob: clean up used memory on errors better
- tool_urlglob: constify an argument
- tool_urlglob: fix propagating OOM error from 'sanitize_file_name()'
- tool_urlglob: support globs as long as config line lengths
- tool_writeout: bail out proper on OOM
- url: fix return code for OOM in parse_proxy()
- url: if curl_url_get() fails due to OOM, error out properly
- url: if OOM in parse_proxy() return error
- url: return error at once when OOM in netrc handling
- urlapi: fix mem-leaks in curl_url_get error paths
- urlapi: handle OOM properly when setting URL
- urlapi: return OOM correctly from parse_hostname_login()
- verify-release: update to avoid shellcheck warning SC2034
- vquic-tls/gnutls: call Curl_gtls_verifyserver unconditionally
- vquic: do not pass invalid mode flags to 'open()' (Windows)
- vquic: do_sendmsg full init
- vquic: ignore 0-length UDP packets
- vquic: initialize new callback in nghttp3 1.14.0+
- vtls: drop unused 'use_alpn' from 'ssl_connect_data' struct
- vtls: fix CURLOPT_CAPATH use
- vtls: handle possible malicious certs_num from peer
- vtls: pinned key check
- wcurl: import v2025.11.09
- wcurl: import v2026.01.05
- ws: replace a cast by matching the format string
- x509asn1: drop unused 'hostcheck.h', 'vtls_int.h' includes
* Rebase patches:
- libcurl-ocloexec.patch
- curl-secure-getenv.patch
* Remove patch curl-vtls-fix-CURLOPT_CAPATH-use.patch
* Wed Nov 19 2025 Pedro Monreal <pmonreal@suse.com>
- Fix a regression in curl 8.17.0: [bsc#1253116]
* Builds with no CURL_CA_PATH ignore CURLOPT_CAPATH
* vtls: fix CURLOPT_CAPATH use [gh#curl/curl#19401]
* Add upstream curl-vtls-fix-CURLOPT_CAPATH-use.patch
* Wed Nov 05 2025 Pedro Monreal <pmonreal@suse.com>
- Update to 8.17.0:
* Security fixes:
- [bsc#1252859, CVE-2025-10966] curl: missing SFTP host
verification with wolfSSH
- [bsc#1253757, CVE-2025-11563] curl: wcurl path traversal with
percent-encoded slashes
* Changes:
- krb5: drop support for Kerberos FTP
- multi: add notifications API
- ssl: support Apple SecTrust configurations
- tool_getparam: add --knownhosts
- vssh: drop support for wolfSSH
- wcurl: import v2025.11.04
* Bugfixes:
- ares: fix leak in tracing
- base64: accept zero length argument to base64_encode
- c-ares: when resolving failed, persist error
- cf-socket: set FD_CLOEXEC on all sockets opened
- cf-socket: use the right byte order for ports in bindlocal
- conn: fix hostname move on connection reuse
- conncache: prevent integer overflow in maxconnects calculation
- cookie: avoid saving a cookie file if no transfer was done
- curl_easy_getinfo: error code on NULL arg
- curl_path: make sure just whitespace is illegal
- digest_sspi: fix two memory leaks in error branches
- ftp: add extra buffer length check
- ftp: check errors on remote ip for data connection
- gnutls: check conversion of peer cert chain
- gnutls: fix re-handshake comments
- gssapi: make channel binding conditional on GSS_C_CHANNEL_BOUND_FLAG
- gtls: check the return value of gnutls_pubkey_init()
- hmac: free memory properly on errors
- HTTP3: clarify the status for "old" OpenSSL, not current
- kerberos: bump minimum to 1.3 (2003-07-08), drop legacy logic
- krb5_gssapi: fix memory leak on error path
- krb5_sspi: the chlg argument is NOT optional
- ldap: avoid null ptr deref on failure
- ldap: do not base64 encode zero length string
- lib: SSL connection reuse
- libssh/libssh2: reject quote command lines with too much data
- libssh/sftp: fix resume corruption by avoiding O_APPEND with rresume
- libssh: acknowledge SSH_AGAIN in the SFTP state machine
- nghttp3: return NGHTTP3_ERR_CALLBACK_FAILURE from recv_header
- ngtcp2: close just-opened QUIC stream when submit_request fails
- ngtcp2: compare idle timeout in ms to avoid overflow
- noproxy: fix the IPV6 network mask pattern match
- NTLM: disable if DES support missing from OpenSSL or mbedTLS
- openldap: limit max incoming size
- openssl: call SSL_get_error() with proper error
- openssl: check CURL_SSLVERSION_MAX_DEFAULT properly
- openssl: fail if more than MAX_ALLOWED_CERT_AMOUNT certs
- openssl: fail the transfer if ossl_certchain() fails
- openssl: fix peer certificate leak in channel binding
- openssl: fix resource leak in provider error path
- openssl: free UI_METHOD on exit path
- openssl: only try engine/provider if a cert file/name is provided
- openssl: set io_need always
- openssl: skip session resumption when verifystatus is set
- pop3: fix CAPA response termination detection
- quic: fix min TLS version handling
- quic: ignore EMSGSIZE on receive
- schannel: properly close the certfile on error
- schannel_verify: fix mem-leak in Curl_verify_host
- socks: avoid UAF risk in error path
- socks: deny server basic-auth if not configured
- socks_gssapi: reject too long tokens
- socks_gssapi: remove the forced "no protection"
- thread: errno on thread creation
- ws: reject curl_ws_recv called with NULL buffer with a buflen
* Rebase libcurl-ocloexec.patch
* Remove curl-handle_user-defined_connection_headers.patch upstream
* Fri Sep 26 2025 Pedro Monreal <pmonreal@suse.com>
- curl: http: handle user-defined connection headers [bsc#1249448]
* Add curl-handle_user-defined_connection_headers.patch
* Wed Sep 10 2025 Pedro Monreal <pmonreal@suse.com>
- Update to 8.16.0:
* Security fixes:
- [bsc#1249191, CVE-2025-9086] Out of bounds read for cookie path
- [bsc#1249348, CVE-2025-10148] Predictable WebSocket mask
* Changes:
- curl: add --follow and --out-null
- curl: add --parallel-max-host to limit concurrent connections per host
- curl: make --retry-delay and --retry-max-time accept decimal seconds
- hostip: cache negative name resolves
- ip happy eyeballing: keep attempts running
- multi: add curl_multi_get_offt
- multi: add CURLMOPT_NETWORK_CHANGED to signal network changed
- netrc: use the NETRC environment variable (first) if set
- smtp: allow suffix behind a mail address for RFC 3461
- tls: make default TLS version be minimum 1.2
- tool_getparam: add support for `--longopt=value`
- vquic: drop msh3
- websocket: support CURLOPT_READFUNCTION
* Bugfixes:
- _PROTOCOLS.md: mention file:// is only for absolute paths
- acinclude: --with-ca-fallback only works with OpenSSL
- bufq: add integer overflow checks before chunk allocations
- cmake: fix `ENABLE_UNIX_SOCKETS=OFF` with pre-fill enabled on unix
- cmake: fix setting LTO properties on the wrong targets
- configure: tidy up internal names in ngtcp2 ossl detection logic
- connectdata: remove primary+secondary ip_quadruple
- connection: terminate after goaway
- cookie: don't treat the leading slash as trailing
- cookie: remove expired cookies before listing
- curl: tool_read_cb fix of segfault
- curl_ossl: extend callback table for nghttp3 1.11.0
- DEPRECATE.md: drop old OpenSSL versions
- idn: reject conversions that end up as a zero length hostname
- ngtcp2: extend callback tables for nghttp3 1.11.0 and ngtcp2 1.14.0
- ngtcp2: handshake timeout should be equal to --connect-timeout
- openssl: add and use `HAVE_OPENSSL3` internal macro
- openssl: check SSL_write() length on retries
- openssl: clear errors after a failed `d2i_X509()`
- openssl: drop redundant `HAVE_OPENSSL_VERSION` macro
- openssl: drop single-use interim macro `USE_OPENSSL_SRP`
- openssl: output unescaped utf8 x509 issuer/subject DNs
- parallel-max: bump the max value to 65535
- resolving: dns error tracing
- schannel: add an error message for client cert not found
- schannel: assume `CERT_CHAIN_REVOCATION_CHECK_CHAIN`
- schannel: fix renegotiation
- schannel: improve handshake procedure
- socks: do_SOCKS5: Fix invalid buffer content on short send
- threaded-resolver: fix shutdown
- tool_getparam: warn on more unicode prefixes
- tool_urlglob: add integer overflow protection
- urlapi: allow more path characters "raw" when asked to URL encode
- urlglob: only accept 255 globs
- vtls: set seen http version on successful ALPN
- websocket: handling of PONG frames
- websocket: improve handling of 0-len frames
- websocket: reset upload_done when sending data
- ws: avoid NULL pointer deref in curl_ws_recv
* Rebase libcurl-ocloexec.patch
* Mon Jul 21 2025 Pedro Monreal <pmonreal@suse.com>
- Update to 8.15.0:
* Changes:
- TLS: remove support for Secure Transport and BearSSL
* Bugfixes:
- cf-socket: make socket data_pending a nop
- configure: order LDAP after the SSL libraries
- curl: improve non-blocking STDIN performance
- curl_get_line: make sure lines end with newline
- curl_path: make SFTP handle a path like /~ properly.
- curlinfo: provide the 'digest' feature
- digest: fix build with disabled digest auth
- docs: note SSLS-EXPORT feature in -ssl-sessions doc
- docs: reflect that delimiter-separated capath is only OpenSSL
- docs: sync -tls-earlydata support w/ CURLOPT_SSL_OPTIONS
- http/3: report handshake with version and cipher as for TCP connections
- http2: do not delay RST send on aborted transfer
- http_ntlm: protect against null deref
- ldap: initial support for --with-ldap option
- lib: address singleuse issues
- lib: avoid reusing unclean connection
- lib: drop two interim macros in favor of native libcurl API calls
- lib: stop 'time()' debug overrides at the end of source in altsvc, hsts
- lib: unify recv/send function signatures
- memdebug.h: #undef 'fclose' before defining it
- openssl: enable readahead
- openssl: error on SSL_ERROR_SYSCALL
- openssl: fix handling of buffered data
- openssl: fix openssl engine use
- openssl: fix pkcs11 provider available check
- quic: implement CURLINFO_TLS_SSL_PTR
- schannel: allow partial chains for manual peer verification
- SCP/SFTP: avoid busy loop after EAGAIN
- socks: fix query when filter context is null
- tls: remove Curl_ssl false_start
- tool_getparam: fix --ftp-pasv
- tool_operate: fix return code when --retry is used but not triggered
- top-complexity: lower max allowed complexity threshold to 90
- url: fix NULL deref with bad password when no user is provided
- urlapi: use uppercase hex encoding
- vtls: change send/recv signatures of tls backends
- vtls: prefer ciphersuite to cipher in msgs
- vtls: prefer rustls-ffi ciphersuite name API
- xfer: manage pause bits
* Remove patches upstream:
- curl-fix--ftp-pasv.patch
- fix-return-code-with-retry.patch
* Mon Jul 14 2025 Pedro Monreal <pmonreal@suse.com>
- Fix the --ftp-pasv option in curl v8.14.1 [bsc#1246197]
* tool_getparam: fix --ftp-pasv [5f805ee]
* Add curl-fix--ftp-pasv.patch
* Wed Jul 02 2025 Dirk Müller <dmueller@suse.com>
- add fix-return-code-with-retry.patch to fix return code
being successful even on failures when using -f --retry
* Mon Jun 30 2025 Pedro Monreal <pmonreal@suse.com>
- Disable insecure NTLM authentication support [bsc#1245491, jsc#PED-12960]
* Mon Jun 23 2025 Dirk Müller <dmueller@suse.com>
- split wcurl into a subpackage so that upgrade works (wcurl
used to be a separate package)
* Fri Jun 20 2025 Georg Pfuetzenreuter <mail+rpm@georg-pfuetzenreuter.net>
- Build with experimental OpenSSL based QUIC support to enable --http3
* Fri Jun 06 2025 Pedro Monreal <pmonreal@suse.com>
- Sync spec file with SLE codestreams: [jsc#PED-13055, jsc#PED-13056]
* Add curl-mini.rpmlintrc to avoid rpmlint shlib-policy-name-error
when building the curl-mini package in SLE.
* Add libssh minimum version requirements.
* Use ldconfig_scriptlets when available.
* Remove unused option --disable-ntlm-wb.
* Wed Jun 04 2025 Pedro Monreal <pmonreal@suse.com>
- Update to 8.14.1:
* Security fixes:
- [bsc#1243933, CVE-2025-5399] libcurl can possibly get
trapped in an endless busy-loop when processing specially
crafted packets [d1145df2]
* Bugfixes:
- asyn-thrdd: fix cleanup when RR fails due to OOM
- ftp: fix teardown of DATA connection in done
- http: fail early when rewind of input failed when following redirects
- multi: fix add_handle resizing
- tls BIOs: handle BIO_CTRL_EOF correctly
- tool_getparam: make --no-anyauth not be accepted
- wolfssl: fix sending of early data
- ws: handle blocked sends better
- ws: tests and fixes
* Wed May 28 2025 Pedro Monreal <pmonreal@suse.com>
- Update to 8.14.0:
* Security fixes:
- [CVE-2025-4947, bsc#1243397] QUIC certificate check skip with wolfSSL
- [CVE-2025-5025, bsc#1243706] No QUIC certificate pinning with wolfSSL
* Changes:
- mqtt: send ping at upkeep interval
- schannel: handle pkcs12 client certificates containing CA certificates
- TLS: add CURLOPT_SSL_SIGNATURE_ALGORITHMS and --sigalgs
- vquic: ngtcp2 + openssl support
- wcurl: import v2025.04.20 script + docs
- websocket: add option to disable auto-pong reply
* Bugfixes:
- asny-thrdd: fix detach from running thread
- async-threaded resolver: use ref counter
- async: DoH improvements
- build: enable gcc-12/13+, clang-10+ picky warnings
- build: enable gcc-15 picky warnings
- certs: drop unused `default_bits` from `.prm` files
- cf-https-connect: use the passed in dns struct pointer
- cf-socket: fix FTP accept connect
- cfilters: remove assert
- cmake: fix nghttp3 static linking with `USE_OPENSSL_QUIC=ON`
- cmake: prefer `COMPILE_OPTIONS` over `CMAKE_C_FLAGS` for custom C options
- cmake: revert `CURL_LTO` behavior for multi-config generators
- configure: fix --disable-rt
- CONTRIBUTE: add project guidelines for AI use
- cpool/cshutdown: force close connections under pressure
- curl: fix memory leak when -h is used in config file
- curl_get_line: handle lines ending on the buffer boundary
- headers: enforce a max number of response header to accept
- http: fix HTTP/2 handling of TE request header using "trailers"
- lib: include files using known path
- lib: unify conversions to/from hex
- libssh: add NULL check for Curl_meta_get()
- libssh: fix memory leak
- mqtt: use conn/easy meta hash
- multi: do transfer book keeping using mid
- multi: init_do(): check result
- netrc: avoid NULL deref on weird input
- netrc: avoid strdup NULL
- netrc: deal with null token better
- openssl-quic: avoid potential `-Wnull-dereference`, add assert
- openssl-quic: fix shutdown when stream not open
- openssl: enable builds for *both* engines and providers
- openssl: set the cipher string before doing private cert
- progress: avoid integer overflow when gathering total transfer size
- rand: update comment on Curl_rand_bytes weak random
- rustls: make max size of cert and key reasonable
- smb: avoid integer overflow on weird input date
- urlapi: redirecting to "" is considered fine
* Remove curl-8.13.0-CloseSocket.patch upstream
* Rebase libcurl-ocloexec.patch
* Fri Apr 11 2025 Andreas Stieger <andreas.stieger@gmx.de>
- fix Leap build add curl-8.13.0-CloseSocket.patch
* Wed Apr 09 2025 Pedro Monreal <pmonreal@suse.com>
- Update to 8.13.0:
* Changes:
- curl: add write-out variable 'tls_earlydata'
- curl: make --url support a file with URLs
- gnutls: set priority via --ciphers
- IMAP: add CURLOPT_UPLOAD_FLAGS and --upload-flags
- lib: add CURLFOLLOW_OBEYCODE and CURLFOLLOW_FIRSTONLY
- OpenSSL/quictls: add support for TLSv1.3 early data
- rustls: add support for CERTINFO
- rustls: add support for SSLKEYLOGFILE
- rustls: support ECH w/ DoH lookup for config
- rustls: support native platform verifier
- var: add a '64dec' function that can base64 decode a string
* Bugfixes:
- conn: fix connection reuse when SSL is optional
- hash: use single linked list for entries
- http2: detect session being closed on ingress handling
- http2: reset stream on response header error
- http: remove a HTTP method size restriction
- http: version negotiation
- httpsrr: fix port detection
- libssh: fix freeing of resources in disconnect
- libssh: fix scp large file upload for 32-bit size_t systems
- openssl-quic: do not iterate over multi handles
- openssl: check return value of X509_get0_pubkey
- openssl: drop support for old OpenSSL/LibreSSL versions
- openssl: fix crash on missing cert password
- openssl: fix pkcs11 URI checking for key files.
- openssl: remove bad `goto`s into other scope
- setopt: illegal CURLOPT_SOCKS5_AUTH should return error
- setopt: setting PROXYUSERPWD after PROXYUSERNAME/PASSWORD is fine
- sshserver.pl: adjust `AuthorizedKeysFile2` cutoff version
- sshserver: fix excluding obsolete client config lines
- SSLCERTS: list support for SSL_CERT_FILE and SSL_CERT_DIR
- tftpd: prefix TFTP protocol error `E*` constants with `TFTP_`
- tool_operate: fail SSH transfers without server auth
- url: call protocol handler's disconnect in Curl_conn_free
- urlapi: remove percent encoded dot sequences from the URL path
- urldata: remove 'hostname' from struct Curl_async
* Rebase patches:
- libcurl-ocloexec.patch
- curl-secure-getenv.patch
* Thu Feb 13 2025 Pedro Monreal <pmonreal@suse.com>
- Update to 8.12.1:
* Bugfixes:
- asyn-thread: fix build with 'CURL_DISABLE_SOCKETPAIR'
- asyn-thread: fix HTTPS RR crash
- asyn-thread: fix the returned bitmask from Curl_resolver_getsock
- asyn-thread: survive a c-ares channel set to NULL
- cmake: always reference OpenSSL and ZLIB via imported targets
- cmake: respect 'GNUTLS_CFLAGS' when detected via 'pkg-config'
- cmake: respect 'GNUTLS_LIBRARY_DIRS' in 'libcurl.pc' and 'curl-config'
- content_encoding: #error on too old zlib
- imap: TLS upgrade fix
- ldap: drop support for legacy Novell LDAP SDK
- libssh2: comparison is always true because rc <= -1
- libssh2: raise lowest supported version to 1.2.8
- libssh: drop support for libssh older than 0.9.0
- openssl-quic: ignore ciphers for h3
- pop3: TLS upgrade fix
- runtests: fix the disabling of the memory tracking
- runtests: quote commands to support paths with spaces
- scache: add magic checks
- smb: silence '-Warray-bounds' with gcc 13+
- smtp: TLS upgrade fix
- tool_cfgable: sort struct fields by size, use bitfields for booleans
- tool_getparam: add "TLS required" flag for each such option
- vtls: fix multissl-init
- wakeup_write: make sure the eventfd write sends eight bytes
* Thu Feb 06 2025 Pedro Monreal <pmonreal@suse.com>
- Update to 8.12.0:
* Security fixes:
- [bsc#1234068, CVE-2024-11053] curl could leak the password used
for the first host to the followed-to host under certain circumstances.
- [bsc#1232528, CVE-2024-9681] HSTS subdomain overwrites parent cache entry
- [bsc#1236589, CVE-2025-0665] eventfd double close
* Changes:
- curl: add byte range support to --variable reading from file
- curl: make --etag-save acknowledge --create-dirs
- getinfo: fix CURLINFO_QUEUE_TIME_T and add 'time_queue' var
- getinfo: provide info which auth was used for HTTP and proxy
- hyper: drop support
- openssl: add support to use keys and certificates from PKCS#11 provider
- QUIC: 0RTT for gnutls via CURLSSLOPT_EARLYDATA
- vtls: feature ssls-export for SSL session im-/export
* Bugfixes:
- altsvc: avoid integer overflow in expire calculation
- asyn-ares: acknowledge CURLOPT_DNS_SERVERS set to NULL
- asyn-ares: fix memory leak
- asyn-ares: initial HTTPS resolve support
- asyn-thread: use c-ares to resolve HTTPS RR
- async-thread: avoid closing eventfd twice
- cd2nroff: do not insist on quoted <> within backticks
- cd2nroff: support "none" as a TLS backend
- conncache: count shutdowns against host and max limits
- content_encoding: drop support for zlib before 1.2.0.4
- content_encoding: namespace GZIP flag constants
- content_encoding: put the decomp buffers into the writer structs
- content_encoding: support use of custom libzstd memory functions
- cookie: cap expire times to 400 days
- cookie: parse only the exact expire date
- curl: return error if etag options are used with multiple URLs
- curl_multi_fdset: include the shutdown connections in the set
- curl_sha512_256: rename symbols to the curl namespace
- curl_url_set.md: adjust the added-in to 7.62.0
- doh: send HTTPS RR requests for all HTTP(S) transfers
- easy: allow connect-only handle reuse with easy_perform
- easy: make curl_easy_perform() return error if connection still there
- easy_lock: use Sleep(1) for thread yield on old Windows
- ECH: update APIs to those agreed with OpenSSL maintainers
- GnuTLS: fix 'time_appconnect' for early data
- HTTP/2: strip TE request header
- http2: fix data_pending check
- http2: fix value stored to 'result' is never read
- http: ignore invalid Retry-After times
- http_aws_sigv4: Fix invalid compare function handling zero-length pairs
- https-connect: start next immediately on failure
- lib: redirect handling by protocol handler
- multi: fix curl_multi_waitfds reporting of fd_count
- netrc: 'default' with no credentials is not a match
- netrc: fix password-only entries
- netrc: restore _netrc fallback logic
- ngtcp2: fix memory leak on connect failure
- openssl: define `HAVE_KEYLOG_CALLBACK` before use
- openssl: fix ECH logic
- osslq: use SSL_poll to determine writeability of QUIC streams
- sectransp: free certificate on error
- select: avoid a NULL deref in cwfds_add_sock
- src: omit hugehelp and ca-embed from libcurltool
- ssl session cache: change cache dimensions
- system.h: add 64-bit curl_off_t definitions for NonStop
- telnet: handle single-byte input option
- TLS: check connection for SSL use, not handler
- tool_formparse.c: make curlx_uztoso a static in here
- tool_formparse: accept digits in --form type= strings
- tool_getparam: ECH param parsing refix
- tool_getparam: fail --hostpubsha256 if libssh2 is not used
- tool_getparam: fix "Ignored Return Value"
- tool_getparam: fix memory leak on error in parse_ech
- tool_getparam: fix the ECH parser
- tool_operate: make --etag-compare always accept a non-existing file
- transfer: fix CURLOPT_CURLU override logic
- urlapi: fix redirect to a new fragment or query (only)
- vquic: make vquic_send_packets not return without setting psent
- vtls: fix default SSL backend as a fallback
- vtls: only remember the expiry timestamp in session cache
- websocket: fix message send corruption
- x509asn1: add parse recursion limit
* Rebase pathes:
- libcurl-ocloexec.patch
- dont-mess-with-rpmoptflags.patch
* Wed Dec 11 2024 Pedro Monreal <pmonreal@suse.com>
- Update to 8.11.1:
* Security fixes:
- netrc and redirect credential leak [bsc#1234068, CVE-2024-11053]
* Bugfixes:
- build: fix ECH to always enable HTTPS RR
- cookie: treat cookie name case sensitively
- curl-rustls.m4: keep existing 'CPPFLAGS'/'LDFLAGS' when detected
- curl: use realtime in trace timestamps
- digest: produce a shorter cnonce in Digest headers
- docs: document default 'User-Agent'
- docs: suggest --ssl-reqd instead of --ftp-ssl
- duphandle: also init netrc
- hostip: don't use the resolver for FQDN localhost
- http_negotiate: allow for a one byte larger channel binding buffer
- krb5: fix socket/sockindex confusion, MSVC compiler warnings
- libssh: use libssh sftp_aio to upload file
- libssh: when using IPv6 numerical address, add brackets
- mime: fix reader stall on small read lengths
- mk-ca-bundle: remove CKA_NSS_SERVER_DISTRUST_AFTER conditions
- mprintf: fix the integer overflow checks
- multi: fix callback for 'CURLMOPT_TIMERFUNCTION' not being called again when...
- netrc: address several netrc parser flaws
- netrc: support large file, longer lines, longer tokens
- nghttp2: use custom memory functions
- OpenSSL: improvde error message on expired certificate
- openssl: remove three "Useless Assignments"
- openssl: stop using SSL_CTX_ function prefix for our functions
- pytest: add test for use of CURLMOPT_MAX_HOST_CONNECTIONS
- rtsp: check EOS in the RTSP receive and return an error code
- schannel: remove TLS 1.3 ciphersuite-list support
- setopt: fix CURLOPT_HTTP_CONTENT_DECODING
- setopt: fix missing options for builds without HTTP & MQTT
- socket: handle binding to "host!<ip>"
- socketpair: fix enabling 'USE_EVENTFD'
- strtok: use namespaced 'strtok_r' macro instead of redefining it
* Remove 0001-duphandle-also-init-netrc.patch upstream
* Wed Nov 13 2024 Björn Bidar <bjorn.bidar@thaodan.de>
- Add patch to fix libcurl when netrc parsing is enabled.
curl_easy_duphandle did not init netrc which broke applications such
as for example git. gh#curl/curl#15496
* 0001-duphandle-also-init-netrc.patch
* Wed Nov 06 2024 Pedro Monreal <pmonreal@suse.com>
- Update to 8.11.0:
* Security fixes: [bsc#1232528, CVE-2024-9681]
- curl: HSTS subdomain overwrites parent cache entry
* Changes:
- curl: --create-dirs works for --dump-header as well
- gtls: Add P12 format support
- ipfs: add options to disable
- TLS: TLSv1.3 earlydata support for curl
- WebSockets: make support official (non-experimental)
* Bugfixes:
- build: clarify CA embed is for curl tool, mark default, improve summary
- build: show if CA bundle to embed was found
- build: tidy up and improve versioned-symbols options
- cmake/FindNGTCP2: use library path as hint for finding crypto module
- cmake: disable default OpenSSL if BearSSL, GnuTLS or Rustls is enabled
- cmake: rename LDAP dependency config variables to match Find modules
- cmake: replace 'check_include_file_concat()' for LDAP and GSS detection
- cmake: use OpenSSL for LDAP detection only if available
- curl: add build options for safe/no CA bundle search (Windows)
- curl: detect ECH support dynamically, not at build time
- curl_addrinfo: support operating systems with only getaddrinfo(3)
- ftp: fix 0-length last write on upload from stdin
- gnutls: use session cache for QUIC
- hsts: improve subdomain handling
- hsts: support "implied LWS" properly around max-age
- http2: auto reset stream on server eos
- json.md: cli-option '--json' is an alias of '--data-binary'
- lib: move curl_path.[ch] into vssh/
- lib: remove function pointer typecasts for hmac/sha256/md5
- libssh.c: handle EGAINS during proto-connect correctly
- libssh2: use the filename buffer when getting the homedir
- multi.c: warn/assert on stall only without timer
- negotiate: conditional check around GSS & SSL specific code
- netrc: cache the netrc file in memory
- ngtcp2: do not loop on recv
- ngtcp2: set max window size to 10x of initial (128KB)
- openssl quic: populate x509 store before handshake
- openssl: extend the OpenSSL error messages
- openssl: improve retries on shutdown
- quic: use send/recvmmsg when available
- schannel: fix TLS cert verification by IP SAN
- schannel: ignore error on recv beyond close notify
- select: use poll() if existing, avoid poll() with no sockets
- sendf: add condition to max-filesize check
- server/mqttd: fix two memory leaks
- setopt: return error for bad input to CURLOPT_RTSP_REQUEST
- setopt_cptr: make overflow check only done when needed
- tls: avoid abusing CURLE_SSL_ENGINE_INITFAILED
- tool: support --show-headers AND --remote-header-name
- tool_operate: make --skip-existing work for --parallel
- url: connection reuse on h3 connections
- url: use same credentials on redirect
- urlapi: normalize the IPv6 address
- version: say quictls in MSH3 builds
- vquic: fix compiler warning with gcc + MUSL
- vquic: recv_mmsg, use fewer, but larger buffers
- vtls: convert Curl_pin_peer_pubkey to use dynbuf
- vtls: convert pubkey_pem_to_der to use dynbuf
* Rebase curl-secure-getenv.patch
* Tue Sep 24 2024 Pedro Monreal <pmonreal@suse.com>
- Update to 8.10.1:
* Bugfixes:
- autotools: fix `--with-ca-embed` build rule
- cmake: ensure `CURL_USE_OPENSSL`/`USE_OPENSSL_QUIC` are set in sync
- cmake: fix MSH3 to appear on the feature list
- connect: store connection info when really done
- FTP: partly revert eeb7c1280742f5c8fa48a4340fc1e1a1a2c7075a
- http2: when uploading data from stdin, fix eos forwarding
- http: make max-filesize check not count ignored bodies
- lib: fix AF_INET6 use outside of USE_IPV6
- multi: check that the multi handle is valid in curl_multi_assign
- QUIC: on connect, keep on trying on draining server
- request: correctly reset the eos_sent flag
- setopt: remove superfluous use of ternary expressions
- singleuse: drop `Curl_memrchr()` for no-HTTP builds
- tool_cb_wrt: use "curl_response" if no file name in URL
- transfer: fix sendrecv() without interim poll
- vtls: fix `Curl_ssl_conn_config_match` doc param
* Wed Sep 11 2024 Pedro Monreal <pmonreal@suse.com>
- Update to version 8.10.0:
* Security fixes:
- [bsc#1230093, CVE-2024-8096] curl: OCSP stapling bypass with GnuTLS
* Changes:
- curl: make --rate accept "number of units"
- curl: make --show-headers the same as --include
- curl: support --dump-header % to direct to stderr
- curl: support embedding a CA bundle and --dump-ca-embed
- curl: support repeated use of the verbose option; -vv etc
- curl: use libuv for parallel transfers with --test-event
- vtls: stop offering alpn http/1.1 for http2-prior-knowledge
* Bugfixes:
- curl: allow 500MB data URL encode strings
- curl: warn on unsupported SSL options
- Curl_rand_bytes to control env override
- curl_sha512_256: fix symbol collisions with nettle library
- dist: fix reproducible build from release tarball
- http2: fix GOAWAY message sent to server
- http2: improve rate limiting of downloads
- INSTALL.md: MultiSSL and QUIC are mutually exclusive
- lib: add eos flag to send methods
- lib: make SSPI global symbols use Curl_ prefix
- lib: prefer `CURL_SHA256_DIGEST_LENGTH` over the unprefixed name
- lib: remove the final strncpy() calls
- lib: remove use of RANDOM_FILE
- Makefile.mk: fixup enabling libidn2
- max-filesize.md: mention zero disables the limit
- mime: avoid inifite loop in client reader
- ngtcp2: use NGHTTP3 prefix instead of NGTCP2 for errors in h3 callbacks
- openssl quic: fix memory leak
- openssl: certinfo errors now fail correctly
- openssl: fix the data race when sharing an SSL session between threads
- openssl: improve shutdown handling
- POP3: fix multi-line responses
- pop3: use the protocol handler ->write_resp
- progress: ratelimit/progress tweaks
- rand: only provide weak random when needed
- sectransp: fix setting tls version
- setopt: make CURLOPT_TFTP_BLKSIZE accept bad values
- sha256: fix symbol collision between nettle (GnuTLS) and OpenSSL
- sigpipe: init the struct so that first apply ignores
- smb: convert superflous assign into assert
- smtp: add tracing feature
- spnego_gssapi: implement TLS channel bindings for openssl
- src: delete `curlx_m*printf()` aliases
- ssh: deduplicate SSH backend includes (and fix libssh cmake unity build)
- tool_operhlp: fix "potentially uninitialized local variable 'pc' used"
- tool_paramhlp: bump maximum post data size in memory to 16GB
- transfer: skip EOS read when download done
- url: fix connection reuse for HTTP/2 upgrades
- urlapi: verify URL *decoded* hostname when set
- urldata: introduce `data->mid`, a unique identifier inside a multi
- vtls: add SSLSUPP_CIPHER_LIST
- vtls: fix static function name collisions between TLS backends
- vtls: init ssl peer only once
- websocket: introduce blocking sends
- ws: flags to opcodes should ignore CURLWS_CONT flag
- x509asn1: raise size limit for x509 certification information
* Remove curl-sigpipe.patch upstream
* Rebase curl-secure-getenv.patch
* Mon Aug 12 2024 Pedro Monreal <pmonreal@suse.com>
- Fix regression introduced in version 8.9.1:
* sigpipe: init the struct so that first apply ignores
* Add curl-sigpipe.patch
* Wed Jul 31 2024 Pedro Monreal <pmonreal@suse.com>
- Update to 8.9.1:
* Security fixes:
- curl: ASN.1 date parser overread [bsc#1228535, CVE-2024-7264]
* Bugfixes:
- cmake: detect 'libssh' via 'pkg-config'
- cmake: detect 'nettle' when building with GnuTLS
- connect: fix connection shutdown for event based processing
- curl: more defensive socket code for --ip-tos
- CURLOPT_SSL_CTX_FUNCTION.md: mention CA caching
- CURLSHOPT_SHARE.md: mention sessions/cookies as not thread-safe
- ftpserver.pl: make POP3 LIST serve content from the test file
- lib: survive some NULL input args
- os400: build cli manual.
- os400: workaround an IBM ASCII run-time library bug
- transfer: speed limiting fix for 32bit systems
- vtls: avoid forward declaration in MultiSSL builds
- x509asn1: unittests and fixes for gtime2str
* Wed Jul 24 2024 Pedro Monreal <pmonreal@suse.com>
- Update to 8.9.0:
* Security fixes:
- [bsc#1227888, CVE-2024-6197] curl: freeing stack buffer
in utf8asn1str
- [bsc#1228260, CVE-2024-6874] idn: tweak buffer use when
converting with macidn
* Changes:
- curl: add --ip-tos (IP Type of Service / Traffic Class)
- curl: add --mptcp
- curl: add --vlan-priority
- curl: add -w '%{num_retries}
- gnutls: support CA caching
- mbedtls: support CURLOPT_CERTINFO
- noproxy: patterns need to be comma separated
- socket: support binding to interface *AND* IP
- tcpkeepalive: add CURLOPT_TCP_KEEPCNT and --keepalive-cnt
- urlapi: add CURLU_NO_GUESS_SCHEME
- wolfssl: support CA caching
* Bugfixes:
- connection: shutdown TLS (for FTP) better
- curl-config: revert to backticks to support old target envs
- curl: allow etag and content-disposition for 3xx reply
- curl: bsearch the --write-out variable name
- curl: check for --disable case *sensitively*
- doh: fix leak and zero-length HTTPS RR crash
- file: separate fake headers and body with a stand-alone CRLF
- ftp: remove redundant null pointer check in loop condition
- gnutls: improve TLS shutdown
- gnutls: pass in SNI name, not hostname when checking cert
- hostip: skip error check for infallible function call
- http/3: add shutdown support
- http/3: resume upload on ack if we have more data to send
- lib: add a few DEBUGASSERT(data) to aid code analyzers
- lib: add failure reason on bind errors
- lib: graceful connection shutdown
- lib: xfer_setup and non-blocking shutdown
- multi: add multi->proto_hash, a key-value store for protocol data
- multi: do a final progress update on connect failure
- multi: fix multi_wait() timeout handling
- multi: fix pollset during RESOLVING phase
- ngtcp2+quictls: fix cert-status use
- noproxy: test bad ipv6 net size first
- openssl/gnutls: rectify the TLS version checks for QUIC
- openssl: fix hostname handling when using ECH
- openssl: stop duplicate ssl key logging for legacy OpenSSL
- quic: enable UDP GRO
- quic: openssl quic, cmake and doc version update to 3.3.0
- quic: require at least OpenSSL 3.3 for QUIC
- quic: update to quiche 0.22.0
- smtp: for starttls, do full upgrade
- tool_operate: avoid explicitly setting verifypeer to 1
- tool_writeout: get certinfo only when needing it
- transfer: avoid polling socket every transfer loop
- transfer: conn close on paused upload
- transfer: do not use EXPIRE_NOW while blocked
- transfer: remove curl_upload_refill_watermark, no longer used
- transfer: set CSELECT_IN if there is data pending
- url: allow DoH transfers to override max connection limit
- x509asn1: add some common ECDSA OIDs
- x509asn1: ASN1tostr() should fail when 'constructed' is set
- x509asn1: fallback to dotted OID representation
- x509asn1: prevent NULL dereference
- x509asn1: remove superfluous free()
- x509asn1: remove two static variables
* Rebase libcurl-ocloexec.patch
* Remove curl-make-install-curl-config.patch upstream
* Thu Jun 20 2024 Dirk Müller <dmueller@suse.com>
- add multibuild for minimal libcurl flavored build (useful for
container environments)
* Thu Jun 20 2024 Dirk Müller <dmueller@suse.com>
- split zsh and fish completion into subpackages to have
proper supplements
* Mon Jun 17 2024 Dirk Müller <dmueller@suse.com>
- remove mozilla-nss code (unsupported since 8.3.0)
* Fri May 24 2024 Pedro Monreal <pmonreal@suse.com>
- Fix make install for curl-config.1
* docs/Makefile.am: make curl-config.1 install
* Fixed upstream in: github.com/curl/curl/pull/13741
* Add curl-make-install-curl-config.patch
* Wed May 22 2024 Pedro Monreal <pmonreal@suse.com>
- Update to 8.8.0:
* Changes:
- curl_version_info: provide librtmp version
- file: add support for directory listings
- lib: add curl_multi_waitfds
- NTLM_WB: drop support
- TLS: add support for ECH (Encrypted Client Hello)
- urlapi: add CURLU_GET_EMPTY for empty queries and fragments
* Bugfixes:
- build: prefer "USE_IPV6" macro internally (was: "ENABLE_IPV6")
- cd2nroff/manage: use UTC when SOURCE_DATE_EPOCH is set
- cf-socket: don't try getting local IP without socket
- cf-socket: remove references to l_ip, l_port
- configure: make --disable-docs imply --disable-manual
- curl.h: change CURL_SSLVERSION_* from enum to defines
- curl_path: make Curl_get_pathname use dynbuf
- curl_sha512_256: do not use workaround for NetBSD when not needed
- curl_sha512_256: fix detection of OpenSSL 1.1.1 or later
- curl_url_get.md: clarify queries and fragments and CURLU_GET_EMPTY
- DEPRECATE.md: TLS libraries without 1.3 support
- digest: replace strcpy for empty string with simple assignment
- doc: pytest "--repeat" -> "--count"
- docs/cmdline-opts: mention STARTTLS for --ssl and --ssl-reqd
- dynbuf: fix returncode on memory error
- ftp: add tracing support
- ftp: fix socket leak on rare error
- gnutls: lazy init the trust settings
- hsts: explicitly skip blank lines
- http2 + ngtcp2: pass CURLcode errors from callbacks
- http2, http3: decouple stream state from easy handle
- http2: emit RST when client write fails
- http: HEAD response body tolerance
- http: reject HTTP major version switch mid connection
- http: with chunked POST forced, disable length check on read callback
- idn: make Curl_idnconvert_hostname() use Curl_idn_decode()
- if2ip: make the buf_size arg a size_t
- krb5: use dynbuf
- lib/cf-h1-proxy: silence compiler warnings (gcc 14)
- lib: add trace support for client reads and writes
- lib: bump hash sizes to "size_t"
- lib: clear the easy handle's saved errno before transfer
- lib: make protocol handlers store scheme name lowercase
- lib: merge "ENABLE_QUIC" C macro into "USE_HTTP3"
- libssh2: set length to 0 if strdup failed
- openssl: do not set SSL_MODE_RELEASE_BUFFERS
- openssl: revert keylog_callback support for LibreSSL
- OS400: fix shellcheck warnings in scripts
- quiche: expire all active transfers on connection close
- quiche: trust its timeout handling
- tls: use shared init code for TCP+QUIC
- tool_cfgable: free {proxy_}cipher13_list on exit
- url: do not URL decode proxy crendentials
- url: fix use of an uninitialized variable
- url: make parse_login_details use memdup0
- urlapi: allow setting port number zero
- version: use msnprintf instead of strncpy
- vtls: TLS session storage overhaul
- wakeup_create: use FD_CLOEXEC/SOCK_CLOEXEC
- websocket: avoid memory leak in error path
* Wed May 22 2024 Dominique Leuenberger <dimstar@opensuse.org>
- Add split-provides for libcurl-devel -> libcurl-devel-doc.
* Mon May 20 2024 Jan Engelhardt <jengelh@inai.de>
- Spin documentation off to libcurl-devel-doc, this saves buildroots
495 files and time (mandb is run in %posttrans).
* Wed Mar 27 2024 Pedro Monreal <pmonreal@suse.com>
- Update to 8.7.1:
* Fixed empty tool_hugehelp.c file
- Update to 8.7.0:
* Security fixes:
- [bsc#1221665, CVE-2024-2004] Usage of disabled protocol
- [bsc#1221667, CVE-2024-2398] HTTP/2 push headers memory-leak
- [bsc#1221666, CVE-2024-2379] QUIC certificate check bypass with wolfSSL
- [bsc#1221668, CVE-2024-2466] TLS certificate check bypass with mbedTLS
* Changes:
- configure: add --disable-docs flag
- CURLINFO_USED_PROXY: return bool whether the proxy was used
- digest: support SHA-512/256
* Bugfixes:
- asyn-thread: use wakeup_close to close the read descriptor
- bufq: writing into a softlimit queue cannot be partial
- cmake: add USE_OPENSSL_QUIC support
- cookie: if psl fails, reject the cookie
- curl: exit on config file parser errors
- digest: add check for hashing error
- docs/libcurl: add TLS backend info for all TLS options
- file: use xfer buf for file:// transfers
- ftp: do lineend conversions in client writer
- ftp: fix socket wait activity in ftp_domore_getsock
- http2: memory errors in the push callbacks are fatal
- http2: push headers better cleanup
- libssh/libssh2: return error on too big range
- OpenSSL QUIC: adapt to v3.3.x
- setopt: fix check for CURLOPT_PROXY_TLSAUTH_TYPE value
- setopt: fix disabling all protocols
- sha512_256: add support for GnuTLS and OpenSSL
- smtp: fix STARTTLS
- strtoofft: fix the overflow check
- TIMER_STARTTRANSFER: set the same for everyone
- TLS: start shutdown only when peer did not already close
- tool_getparam: accept a blank -w ""
- tool_getparam: handle non-existing (out of range) short-options
- tool_operate: change precedence of server Retry-After time
- transfer.c: break receive loop in speed limited transfers
- version: allow building with ancient libpsl
- vquic-tls: fix the error code returned for bad CA file
- vtls: fix tls proxy peer verification
- vtls: revert "receive max buffer" + add test case
- VULN-DISCLOSURE-POLICY.md: update detail about CVE requests
- websocket: fix curl_ws_recv()
* Remove patch upstream:
- 0001-vtls-revert-receive-max-buffer-add-test-case.patch
* Tue Mar 12 2024 Pedro Monreal <pmonreal@suse.com>
- Remove the nghttp2 version requirement as a version guard around
the nghttp2_option_set_no_rfc9113_leading_and_trailing_ws_validation
function was added in curl 8.0.1.
* Upstream commit: https://github.com/curl/curl/commit/744dcf22
* Thu Feb 08 2024 Fabian Vogt <fvogt@suse.com>
- Add patch to fix various TLS related issues including FTP over SSL
transmission timeouts:
* 0001-vtls-revert-receive-max-buffer-add-test-case.patch
- Switch to %autosetup
* Wed Jan 31 2024 Pedro Monreal <pmonreal@suse.com>
- Update to 8.6.0: [bsc#1219149, CVE-2024-0853]
* Security fixes:
- CVE-2024-0853: OCSP verification bypass with TLS session reuse
* Changes:
- add CURLE_TOO_LARGE, CURLINFO_QUEUE_TIME_T
* Bugfixes:
- altsvc: free 'as' when returning error
- asyn-ares: with modern c-ares, use its default timeout
- cf-socket: show errno in tcpkeepalive error messages
- cmdline-opts: update availability for the *-ca-native options
- configure: when enabling QUIC, check that TLS supports QUIC
- content_encoding: change return code to typedef'ed enum
- curl: show ipfs and ipns as supported "protocols"
- CURLINFO_REFERER.3: clarify that it is the *request* header
- dist: add tests/errorcodes.pl to the tarball
- gen.pl: support ## for doing .IP in table-like lists
- GHA: bump ngtcp2, gnutls, mod_h2, quiche
- hostip: return error immediately when Curl_ip2addr() fails
- http3/quiche: fix result code on a stream reset
- http3: initial support for OpenSSL 3.2 QUIC stack
- http: check for "Host:" case insensitively
- http: fix off-by-one error in request method length check
- http: only act on 101 responses when they are HTTP/1.1
- lib: add debug log outputs for CURLE_BAD_FUNCTION_ARGUMENT
- lib: error out on multissl + http3
- lib: fix variable undeclared error caused by `infof` changes
- lib: rename Curl_strndup to Curl_memdup0 to avoid misunderstanding
- lib: strndup/memdup instead of malloc, memcpy and null-terminate
- libssh2: use `libssh2_session_callback_set2()` with v1.11.1
- ngtcp2: put h3 at the front of alpn
- openldap: fix an LDAP crash
- openldap: fix STARTTLS
- openssl: re-match LibreSSL deinit with init
- rtsp: deal with borked server responses
- sasl: make login option string override http auth
- tool: prepend output_dir in header callback
- tool_getparam: stop supporting `@filename` style for --cookie
- transfer: fix upload rate limiting, add test cases
- url: don't set default CA paths for Secure Transport backend
- url: for disabled protocols, mention if found in redirect
- vquic: extract TLS setup into own source
- websockets: check for negative payload lengths
* Remove patches fixed upstream:
- curl-adjust-pollset-fix.patch
- curl-tests-errorcodes.patch
* Rebase dont-mess-with-rpmoptflags.patch
* Fri Jan 05 2024 Michael Pujos <pujos.michael@gmail.com>
- Added curl-adjust-pollset-fix.patch to fix broken MPD http streaming:
https://github.com/curl/curl/issues/12632
* Wed Dec 06 2023 Pedro Monreal <pmonreal@suse.com>
- Update to 8.5.0:
* Security fixes:
- [bsc#1217573, CVE-2023-46218] cookie mixed case PSL bypass
- [bsc#1217574, CVE-2023-46219] HSTS long file name clears contents
* Changes:
- gnutls: support CURLSSLOPT_NATIVE_CA
- HTTP3: ngtcp2 builds are no longer experimental
* Bugfixes:
- asyn-thread: use pipe instead of socketpair for IPC when available
- cmake: fix OpenSSL quic detection in quiche builds
- conncache: use the closure handle when disconnecting surplus connections
- content_encoding: make Curl_all_content_encodings allocless
- cookie: lowercase the domain names before PSL checks
- Curl_http_body: cleanup properly when Curl_getformdata errors
- CURLMOPT_MAX_CONCURRENT_STREAMS: make sure the set value is within range
- doh: provide better return code for responses w/o addresses
- doh: use PIPEWAIT when HTTP/2 is attempted
- duphandle: also free 'outcurl->cookies' in error path
- duphandle: make dupset() not return with pointers to old alloced data
- duphandle: use strdup to clone *COPYPOSTFIELDS if size is not set
- easy: in duphandle, init the cookies for the new handle
- easy_lock: add a pthread_mutex_t fallback
- fopen: create new file using old file's mode
- fopen: create short(er) temporary file name
- getenv: PlayStation doesn't have getenv()
- hostip: show the list of IPs when resolving is done
- hsts: skip single-dot hostname
- HTTP/2, HTTP/3: handle detach of onoing transfers
- http: allow longer HTTP/2 request method names
- hyper: temporarily remove HTTP/2 support
- IPFS: fix IPFS_PATH and file parsing
- multi: during ratelimit multi_getsock should return no sockets
- multi: use pipe instead of socketpair to *wakeup()
- ngtcp2: fix races in stream handling
- ntlm_wb: use pipe instead of socketpair when possible
- openssl: avoid BN_num_bits() NULL pointer derefs
- openssl: fix building with v3 `no-deprecated` + add CI test
- openssl: fix infof() to avoid compiler warning for %s with null
- openssl: identify the "quictls" backend correctly
- openssl: include SIG and KEM algorithms in verbose
- openssl: two multi pointer checks should probably rather be asserts
- openssl: when a session-ID is reused, skip OCSP stapling
- quic: make eyeballers connect retries stop at weird replies
- quic: manage connection idle timeouts
- setopt: check CURLOPT_TFTP_BLKSIZE range on set
- socks: better buffer size checks for socks4a user and hostname
- socks: make SOCKS5 use the CURLOPT_IPRESOLVE choice
- tool: fix --capath when proxy support is disabled
- tool_getparam: limit --rate to be smaller than number of ms
- transfer: abort pause send when connection is marked for closing
- transfer: avoid calling the read callback again after EOF
- transfer: only reset the FTP wildcard engine in CLEAR state
- url: don't touch the multi handle when closing internal handles
- urlapi: avoid null deref if setting blank host to url encode
- urlapi: skip appending NULL pointer query
- urlapi: when URL encoding the fragment, pass in the right length
- vtls: cleanup SSL config management
- vtls: consistently use typedef names for OpenSSL structs
- vtls: late clone of connection ssl config
- vtls: use ALPN "http/1.1" for HTTP/1.x, including HTTP/1.0
* Rebase curl-secure-getenv.patch
* Add curl-tests-errorcodes.patch
* Wed Oct 11 2023 Pedro Monreal <pmonreal@suse.com>
- Update to 8.4.0:
* Security fixes:
- SOCKS5 heap buffer overflow [bsc#1215888, CVE-2023-38545]
- cookie injection with none file [bsc#1215889, CVE-2023-38546]
* Changes:
- curl: add support for the IPFS protocols via HTTP gateway
- curl_multi_get_handles: get easy handles from a multi handle
- mingw: delete support for legacy mingw.org toolchain
* Bugfixes:
- base64: also build for curl
- cf-socket: simulate slow/blocked receives in debug
- configure: check for the capath by default
- connect: expire the timeout when trying next
- connect: only start the happy eyeballs timer when needed
- cookie: do not store the expire or max-age strings
- cookie: remove unnecessary struct fields
- cookie: set ->running in cookie_init even if data is NULL
- create-dirs.d: clarify it also uses --output-dirs
- http2: refused stream handling for retry
- http: h1/h2 proxy unification
- http: use per-request counter to check too large headers
- idn: if idn2_check_version returns NULL, return error
- lib: enable hmac for digest as well
- lib: let the max filesize option stop too big transfers too
- lib: move handling of 'data->req.writer_stack' into Curl_client_write()
- lib: provide and use Curl_hexencode
- lib: use wrapper for curl_mime_data fseek callback
- libssh2: fix error message on failed pubkey-from-file
- libssh: cap SFTP packet size sent
- MQTT: improve receive of ACKs
- multi: do CURLM_CALL_MULTI_PERFORM at two more places
- multi: round the timeout up to prevent early wakeups
- openssl: improve ssl shutdown handling
- openssl: use X509_ALGOR_get0 instead of reaching into X509_ALGOR
- pytest: exclude test_03_goaway in CI runs due to timing dependency
- quic: set ciphers/curves the same way regular TLS does
- quiche: fix build error with --with-ca-fallback
- socks: return error if hostname too long for remote resolve
- tftpd: always use curl's own tftp.h
- tool_getparam: accept variable expansion on file names too
- upload-file.d: describe the file name slash/backslash handling
- url: fall back to http/https proxy env-variable if ws/wss not set
- url: fix netrc info message
- wolfssh: do cleanup in Curl_ssh_cleanup
- wolfssl: allow capath with CURLOPT_CAINFO_BLOB
- wolfssl: if CURLOPT_CAINFO_BLOB is set, ignore the CA files
- wolfssl: ignore errors in CA path
* Rebase libcurl-ocloexec.patch
* Wed Sep 13 2023 Pedro Monreal <pmonreal@suse.com>
- Update to 8.3.0: [bsc#1215026, CVE-2023-38039]
* Changes:
- curl: make %output{} in -w specify a file to write to
- gskit: remove
- lib: --disable-bindlocal builds curl without local binding support
- nss: remove support for this TLS library
- tool: add "variable" support
- trace: make tracing available in non-debug builds
- url: change default value for CURLOPT_MAXREDIRS to 30
- urlapi: CURLU_PUNY2IDN - convert from punycode to IDN name
* Bugfixes:
- altsvc: accept and parse IPv6 addresses in response headers
- asyn-ares: reduce timeout to 2000ms
- aws-sigv4: canonicalize the query
- aws-sigv4: fix having date header twice in some cases
- aws-sigv4: handle no-value user header entries
- c-hyper: adjust the hyper to curlcode conversion
- c-hyper: fix memory leaks in `Curl_http`
- cf-haproxy: make CURLOPT_HAPROXY_CLIENT_IP set the *source* IP
- cf-socket: log successful interface bind
- cmake: add GnuTLS option
- cmake: add support for `CURL_DEFAULT_SSL_BACKEND`
- cmake: detect `SSL_set0_wbio` in OpenSSL
- configure: trust pkg-config when it's used for zlib
- configure: use the pkg-config --libs-only-l flag for libssh2
- connect: stop halving the remaining timeout when less than 600 ms left
- crypto: ensure crypto initialization works
- digest: Use hostname to generate spn instead of realm
- ftp: fix temp write of ipv6 address
- headers: accept leading whitespaces on first response header
- http2: fix in h2 proxy tunnel: progress in ingress on sending
- http3/ngtcp2: shorten handshake, trace cleanup
- http3: quiche, handshake optimization, trace cleanup
- http: close the connection after a late 417 is received
- http: fix sending of large requests
- http: return error when receiving too large header set
- lib: fix null ptr derefs and uninitialized vars (h2/h3)
- lib: move mimepost data from ->req.p.http to ->state
- list-only.d: mention SFTP as supported protocol
- ngtcp2: fix handling of large requests
- openssl: auto-detect `SSL_R_TLSV13_ALERT_CERTIFICATE_REQUIRED`
- openssl: clear error queue after SSL_shutdown
- openssl: make aws-lc version support OCSP
- openssl: Support async cert verify callback
- openssl: switch to modern init for LibreSSL 2.7.0+
- openssl: when CURLOPT_SSL_CTX_FUNCTION is registered, init x509 store before
- quic: don't set SNI if hostname is an IP address
- quiche: adjust quiche `QUIC_IDLE_TIMEOUT` to 60s
- quiche: enable quiche to handle timeout events
- resolve: use PF_INET6 family lookups when CURL_IPRESOLVE_V6 is set
- schannel: verify hostname independent of verify cert
- tool_filetime: make -z work with file dates before 1970
- tool_operate: allow both SSL_CERT_FILE and SSL_CERT_DIR
- tool_operate: make aws-sigv4 not require TLS to be used
- transfer: also stop the sending on closed connection
- urlapi: fix heap buffer overflow
- urlapi: setting a blank URL ("") is not an ok URL
* Fri Jul 28 2023 Pedro Monreal <pmonreal@suse.com>
- Update to 8.2.1:
* Bugfixes:
- cfilters: rename close/connect functions to avoid clashes
- ciphers.d: put URL in first column
- cmake: add 'libcurlu'/'libcurltool' for unit tests
- cmake: update ngtcp2 detection
- configure: check for nghttp2_session_get_stream_local_window_size
- docs: mark two TLS options for TLS, not SSL
- docs: provide more see also for cipher options
- hostip: return IPv6 first for localhost resolves
- http2: fix regression on upload EOF handling
- http: VLH, very large header test and fixes
- libcurl-errors.3: add CURLUE_OK
- os400: correct EXPECTED_STRING_LASTZEROTERMINATED
- quiche: fix lookup of transfer at multi
- quiche: fix segfault and other things
- rustls: update rustls-ffi 0.10.0
- socks: print ipv6 address within brackets
- src/mkhelp: strip off escape sequences
- tool: fix tool_seek_cb build when SIZEOF_CURL_OFF_T > SIZEOF_OFF_T
- transfer: do not clear the credentials on redirect to absolute URL
- unittest: remove unneeded *_LDADD
- websocket: rename arguments/variables to match docs
* Wed Jul 19 2023 Pedro Monreal <pmonreal@suse.com>
- Update to 8.2.0 [bsc#1213237, CVE-2023-32001]
* Security fix:
- CVE-2023-32001: fopen race condition
* Changes:
- curl: add --ca-native and --proxy-ca-native
- curl: add --trace-ids
- CURLOPT_MAIL_RCPT_ALLOWFAILS: replace CURLOPT_MAIL_RCPT_ALLLOWFAILS
- haproxy: add --haproxy-clientip flag to set client IPs
- lib: add CURLINFO_CONN_ID and CURLINFO_XFER_ID
* Bugfixes:
- cf-socket: don't bypass fclosesocket callback if cancelled before connect
- cf-socket: skip getpeername()/getsockname for TFTP
- curl: count uploaded data to stop at the originally given size
- curl: return error when asked to use an unsupported HTTP version
- http2: fix crash in handling stream weights
- http2: send HEADER & DATA together if possible
- http3/ngtcp2: upload EAGAIN handling
- http: rectify the outgoing Cookie: header field size check
- hyper: fix EOF handling on input
- imap: Provide method to disable SASL if it is advertised
- libssh2: provide error message when setting host key type fails
- libssh2: use custom memory functions
- ngtcp2: assigning timeout, but value is overwritten before used
- quiche: avoid NULL deref in debug logging
- sectransp: fix EOF handling
- system.h: remove __IBMC__/__IBMCPP__ guards and apply to all z/OS compiles
- timeval: use CLOCK_MONOTONIC_RAW if available
- tls13-ciphers.d: include Schannel
- tool_easysrc.h: correct `easysrc_perform` for `CURL_DISABLE_LIBCURL_OPTION`
- tool_operate: allow cookie lines up to 8200 bytes
- tool_parsecfg: accept line lengths up to 10M
- tool_writeout_json: fix encoding of control characters
- transfer: clear credentials when redirecting to absolute URL
- urlapi: have *set(PATH) prepend a slash if one is missing
- urlapi: scheme must start with alpha
- vtls: avoid memory leak if sha256 call fails
- websocket-cb: example doing WebSocket download using callback
- ws: make the curl_ws_meta() return pointer a const
* Tue May 30 2023 Pedro Monreal <pmonreal@suse.com>
- Update to 8.1.2:
* Bugfixes:
- configure: quote the assignments for run-compiler
- configure: without pkg-config and no custom path, use -lnghttp2
- curl: cache the --trace-time value for a second
- http2: fix EOF handling on uploads with auth negotiation
- http3: send EOF indicator early as possible
- lib1560: verify more scheme guessing
- lib: remove unused functions, make single-use static
- libcurl.m4: remove trailing 'dnl' that causes this to break autoconf
- libssh: when keyboard-interactive auth fails, try password
- misc: fix spelling mistakes
- page-header: mention curl version and how to figure out current release
- page-header: minor wording polish in the URL segment
- scripts/singleuse.pl: add more API calls
- urlapi: remove superfluous host name check
* Tue May 23 2023 Pedro Monreal <pmonreal@suse.com>
- Update to 8.1.1:
* Bugfixes:
- cf-socket: completely remove the disabled
USE_RECV_BEFORE_SEND_WORKAROUND
- checksrc: disallow spaces before labels
- curl_easy_getinfo: clarify on return data types
- docs: document that curl_url_cleanup(NULL) is a safe no-op
- hostip: move easy_lock.h include above curl_memory.h
- http2: double http request parser max line length
- http2: increase stream window size to 10 MB
- lib: rename struct 'http_req' to 'httpreq'
- ngtcp2: proper handling of uint64_t when adjusting send buffer
- sectransp.c: make the code c89 compatible
- select: avoid returning an error on EINTR from select() or poll()
- url: provide better error message when URLs fail to parse
- urlapi: allow numerical parts in the host name
* Wed May 17 2023 David Anes <david.anes@suse.com>
- Update to 8.1.0:
* Security fixes:
- UAF in SSH sha256 fingerprint [bsc#1211230, CVE-2023-28319]
- siglongjmp race condition [bsc#1211231, CVE-2023-28320]
- IDN wildcard match [bsc#1211232, CVE-2023-28321]
- POST-after-PUT confusion [bsc#1211233, CVE-2023-28322]
- See also: https://curl.se/docs/security.html
* Changes:
- curl: add --proxy-http2
- CURLPROXY_HTTPS2: for HTTPS proxy that may speak HTTP/2
- hostip: refuse to resolve the .onion TLD
- tool_writeout: add URL component variables
* Bugfixes:
- See full changelog here: https://curl.se/changes.html#8_1_0
* Tue Mar 21 2023 Pedro Monreal <pmonreal@suse.com>
- Update to 8.0.1:
* Bugfixes:
- fix crash in curl_easy_cleanup
* Mon Mar 20 2023 Pedro Monreal <pmonreal@suse.com>
- Update to 8.0.0:
* Security fixes:
- TELNET option IAC injection [bsc#1209209, CVE-2023-27533]
- SFTP path ~ resolving discrepancy [bsc#1209210, CVE-2023-27534]
- FTP too eager connection reuse [bsc#1209211, CVE-2023-27535]
- GSS delegation too eager connection re-use [bsc#1209212, CVE-2023-27536]
- HSTS double-free [bsc#1209213, CVE-2023-27537]
- SSH connection too eager reuse still [bsc#1209214, CVE-2023-27538]
* Changes:
- build: remove support for curl_off_t < 8 bytes
* Bugfixes:
- aws_sigv4: fall back to UNSIGNED-PAYLOAD for sign_as_s3
- BINDINGS: add Fortran binding
- cf-socket: use port 80 when resolving name for local bind
- cookie: don't load cookies again when flushing
- curl_path: create the new path with dynbuf
- CURLSHOPT_SHARE.3: HSTS sharing is not thread-safe
- DYNBUF.md: note Curl_dyn_add* calls Curl_dyn_free on failure
- ftp: active mode with SSL, add the filter
- hostip: avoid sscanf and extra buffer copies
- http2: fix for http2-prior-knowledge when reusing connections
- http2: fix handling of RST and GOAWAY to recognize partial transfers
- http: don't send 100-continue for short PUT requests
- http: fix unix domain socket use in https connects
- libssh: use dynbuf instead of realloc
- ngtcp2-gnutls.yml: bump to gnutls 3.8.0
- sectransp: make read_cert() use a dynbuf when loading
- telnet: only accept option arguments in ascii
- telnet: parse telnet options without sscanf
- url: fix the SSH connection reuse check
- url: only reuse connections with same GSS delegation
- urlapi: '%' is illegal in host names
- ws: keep the socket non-blocking
* Rebase libcurl-ocloexec.patch
* Mon Feb 20 2023 Guillaume GARDET <guillaume.gardet@opensuse.org>
- Update to 7.88.1:
* Bugfix release
- Drop upstreamed patch:
* curl-fix-uninitialized-value-in-tests.patch
* Wed Feb 15 2023 Pedro Monreal <pmonreal@suse.com>
- Update to 7.88.0: [bsc#1207990, CVE-2023-23914]
[bsc#1207991, CVE-2023-23915] [bsc#1207992, CVE-2023-23916]
* Security fixes:
- CVE-2023-23914: HSTS ignored on multiple requests
- CVE-2023-23915: HSTS amnesia with --parallel
- CVE-2023-23916: HTTP multi-header compression denial of service
* Changes:
- curl.h: add CURL_HTTP_VERSION_3ONLY
- share: add sharing of HSTS cache among handles
- src: add --http3-only
- tool_operate: share HSTS between handles
- urlapi: add CURLU_PUNYCODE
- writeout: add %{certs} and %{num_certs}
* Bugfixes:
- cf-socket: keep sockaddr local in the socket filters
- cfilters:Curl_conn_get_select_socks: use the first non-connected filter
- curl.h: allow up to 10M buffer size
- curl.h: mark CURLSSLBACKEND_MESALINK as deprecated
- curl/websockets.h: extend the websocket frame struct
- curl: output warning at --verbose output for debug-enabled version
- curl_free.3: fix return type of `curl_free`
- curl_log: for failf/infof and debug logging implementations
- dict: URL decode the entire path always
- docs/DEPRECATE.md: deprecate gskit
- easyoptions: fix header printing in generation script
- haxproxy: send before TLS handhshake
- hsts.d: explain hsts more
- hsts: handle adding the same host name again
- HTTP/[23]: continue upload when state.drain is set
- http: decode transfer encoding first
- http_aws_sigv4: remove typecasts from HMAC_SHA256 macro
- http_proxy: do not assign data->req.p.http use local copy
- lib: connect/h2/h3 refactor
- libssh2: try sha2 algos for hostkey methods
- md4: fix build with GnuTLS + OpenSSL v1
- ngtcp2: replace removed define and stop using removed function
- noproxy: support for space-separated names is deprecated
- nss: implement data_pending method
- openldap: fix missing sasl symbols at build in specific configs
- openssl: adapt to boringssl's error code type
- openssl: don't ignore CA paths when using Windows CA store (redux)
- openssl: don't log raw record headers
- openssl: make the BIO_METHOD a local variable in the connection filter
- openssl: only use CA_BLOB if verifying peer
- openssl: remove attached easy handles from SSL instances
- openssl: store the CA after first send (ClientHello)
- setopt: use >, not >=, when checking if uarg is larger than uint-max
- smb: return error on upload without size
- socketpair: allow localhost MITM sniffers
- strdup: name it Curl_strdup
- tool_getparam: fix hiding of command line secrets
- tool_operate: fix error codes on bad URL & OOM
- tool_operate: repair --rate
- transfer: break the read loop when RECV is cleared
- typecheck: accept expressions for option/info parameters
- urlapi: avoid Curl_dyn_addf() for hex outputs
- urlapi: skip path checks if path is just "/"
- urlapi: skip the extra dedotdot alloc if no dot in path
- urldata: cease storing TLS auth type
- urldata: make 'ftp_create_missing_dirs' depend on FTP || SFTP
- urldata: make set.http200aliases conditional on HTTP being present
- urldata: move the cookefilelist to the 'set' struct
- urldata: remove unused struct fields, made more conditional
- vquic: stabilization and improvements
- vtls: fix hostname handling in filters
- vtls: manage current easy handle in nested cfilter calls
- vtls: use ALPN HTTP/1.0 when HTTP/1.0 is used
* Rebase libcurl-ocloexec.patch
* Fix regression tests: f1d09231adfc695d15995b9ef2c8c6e568c28091
- runtests: fix "uninitialized value $port"
- Add curl-fix-uninitialized-value-in-tests.patch
/usr/share/doc/packages/libcurl-devel-doc /usr/share/doc/packages/libcurl-devel-doc/symbols-in-versions /usr/share/licenses/libcurl-devel-doc /usr/share/licenses/libcurl-devel-doc/COPYING /usr/share/man/man1/curl-config.1.gz /usr/share/man/man3/CURLINFO_ACTIVESOCKET.3.gz /usr/share/man/man3/CURLINFO_APPCONNECT_TIME.3.gz /usr/share/man/man3/CURLINFO_APPCONNECT_TIME_T.3.gz /usr/share/man/man3/CURLINFO_CAINFO.3.gz /usr/share/man/man3/CURLINFO_CAPATH.3.gz /usr/share/man/man3/CURLINFO_CERTINFO.3.gz /usr/share/man/man3/CURLINFO_CONDITION_UNMET.3.gz /usr/share/man/man3/CURLINFO_CONNECT_TIME.3.gz /usr/share/man/man3/CURLINFO_CONNECT_TIME_T.3.gz /usr/share/man/man3/CURLINFO_CONN_ID.3.gz /usr/share/man/man3/CURLINFO_CONTENT_LENGTH_DOWNLOAD.3.gz /usr/share/man/man3/CURLINFO_CONTENT_LENGTH_DOWNLOAD_T.3.gz /usr/share/man/man3/CURLINFO_CONTENT_LENGTH_UPLOAD.3.gz /usr/share/man/man3/CURLINFO_CONTENT_LENGTH_UPLOAD_T.3.gz /usr/share/man/man3/CURLINFO_CONTENT_TYPE.3.gz /usr/share/man/man3/CURLINFO_COOKIELIST.3.gz /usr/share/man/man3/CURLINFO_EARLYDATA_SENT_T.3.gz /usr/share/man/man3/CURLINFO_EFFECTIVE_METHOD.3.gz /usr/share/man/man3/CURLINFO_EFFECTIVE_URL.3.gz /usr/share/man/man3/CURLINFO_FILETIME.3.gz /usr/share/man/man3/CURLINFO_FILETIME_T.3.gz /usr/share/man/man3/CURLINFO_FTP_ENTRY_PATH.3.gz /usr/share/man/man3/CURLINFO_HEADER_SIZE.3.gz /usr/share/man/man3/CURLINFO_HTTPAUTH_AVAIL.3.gz /usr/share/man/man3/CURLINFO_HTTPAUTH_USED.3.gz /usr/share/man/man3/CURLINFO_HTTP_CONNECTCODE.3.gz /usr/share/man/man3/CURLINFO_HTTP_VERSION.3.gz /usr/share/man/man3/CURLINFO_LASTSOCKET.3.gz /usr/share/man/man3/CURLINFO_LOCAL_IP.3.gz /usr/share/man/man3/CURLINFO_LOCAL_PORT.3.gz /usr/share/man/man3/CURLINFO_NAMELOOKUP_TIME.3.gz /usr/share/man/man3/CURLINFO_NAMELOOKUP_TIME_T.3.gz /usr/share/man/man3/CURLINFO_NUM_CONNECTS.3.gz /usr/share/man/man3/CURLINFO_OS_ERRNO.3.gz /usr/share/man/man3/CURLINFO_POSTTRANSFER_TIME_T.3.gz /usr/share/man/man3/CURLINFO_PRETRANSFER_TIME.3.gz /usr/share/man/man3/CURLINFO_PRETRANSFER_TIME_T.3.gz /usr/share/man/man3/CURLINFO_PRIMARY_IP.3.gz /usr/share/man/man3/CURLINFO_PRIMARY_PORT.3.gz /usr/share/man/man3/CURLINFO_PRIVATE.3.gz /usr/share/man/man3/CURLINFO_PROTOCOL.3.gz /usr/share/man/man3/CURLINFO_PROXYAUTH_AVAIL.3.gz /usr/share/man/man3/CURLINFO_PROXYAUTH_USED.3.gz /usr/share/man/man3/CURLINFO_PROXY_ERROR.3.gz /usr/share/man/man3/CURLINFO_PROXY_SSL_VERIFYRESULT.3.gz /usr/share/man/man3/CURLINFO_QUEUE_TIME_T.3.gz /usr/share/man/man3/CURLINFO_REDIRECT_COUNT.3.gz /usr/share/man/man3/CURLINFO_REDIRECT_TIME.3.gz /usr/share/man/man3/CURLINFO_REDIRECT_TIME_T.3.gz /usr/share/man/man3/CURLINFO_REDIRECT_URL.3.gz /usr/share/man/man3/CURLINFO_REFERER.3.gz /usr/share/man/man3/CURLINFO_REQUEST_SIZE.3.gz /usr/share/man/man3/CURLINFO_RESPONSE_CODE.3.gz /usr/share/man/man3/CURLINFO_RETRY_AFTER.3.gz /usr/share/man/man3/CURLINFO_RTSP_CLIENT_CSEQ.3.gz /usr/share/man/man3/CURLINFO_RTSP_CSEQ_RECV.3.gz /usr/share/man/man3/CURLINFO_RTSP_SERVER_CSEQ.3.gz /usr/share/man/man3/CURLINFO_RTSP_SESSION_ID.3.gz /usr/share/man/man3/CURLINFO_SCHEME.3.gz /usr/share/man/man3/CURLINFO_SIZE_DOWNLOAD.3.gz /usr/share/man/man3/CURLINFO_SIZE_DOWNLOAD_T.3.gz /usr/share/man/man3/CURLINFO_SIZE_UPLOAD.3.gz /usr/share/man/man3/CURLINFO_SIZE_UPLOAD_T.3.gz /usr/share/man/man3/CURLINFO_SPEED_DOWNLOAD.3.gz /usr/share/man/man3/CURLINFO_SPEED_DOWNLOAD_T.3.gz /usr/share/man/man3/CURLINFO_SPEED_UPLOAD.3.gz /usr/share/man/man3/CURLINFO_SPEED_UPLOAD_T.3.gz /usr/share/man/man3/CURLINFO_SSL_ENGINES.3.gz /usr/share/man/man3/CURLINFO_SSL_VERIFYRESULT.3.gz /usr/share/man/man3/CURLINFO_STARTTRANSFER_TIME.3.gz /usr/share/man/man3/CURLINFO_STARTTRANSFER_TIME_T.3.gz /usr/share/man/man3/CURLINFO_TLS_SESSION.3.gz /usr/share/man/man3/CURLINFO_TLS_SSL_PTR.3.gz /usr/share/man/man3/CURLINFO_TOTAL_TIME.3.gz /usr/share/man/man3/CURLINFO_TOTAL_TIME_T.3.gz /usr/share/man/man3/CURLINFO_USED_PROXY.3.gz /usr/share/man/man3/CURLINFO_XFER_ID.3.gz /usr/share/man/man3/CURLMINFO_XFERS_ADDED.3.gz /usr/share/man/man3/CURLMINFO_XFERS_CURRENT.3.gz /usr/share/man/man3/CURLMINFO_XFERS_DONE.3.gz /usr/share/man/man3/CURLMINFO_XFERS_PENDING.3.gz /usr/share/man/man3/CURLMINFO_XFERS_RUNNING.3.gz /usr/share/man/man3/CURLMOPT_CHUNK_LENGTH_PENALTY_SIZE.3.gz /usr/share/man/man3/CURLMOPT_CONTENT_LENGTH_PENALTY_SIZE.3.gz /usr/share/man/man3/CURLMOPT_MAXCONNECTS.3.gz /usr/share/man/man3/CURLMOPT_MAX_CONCURRENT_STREAMS.3.gz /usr/share/man/man3/CURLMOPT_MAX_HOST_CONNECTIONS.3.gz /usr/share/man/man3/CURLMOPT_MAX_PIPELINE_LENGTH.3.gz /usr/share/man/man3/CURLMOPT_MAX_TOTAL_CONNECTIONS.3.gz /usr/share/man/man3/CURLMOPT_NETWORK_CHANGED.3.gz /usr/share/man/man3/CURLMOPT_NOTIFYDATA.3.gz /usr/share/man/man3/CURLMOPT_NOTIFYFUNCTION.3.gz /usr/share/man/man3/CURLMOPT_PIPELINING.3.gz /usr/share/man/man3/CURLMOPT_PIPELINING_SERVER_BL.3.gz /usr/share/man/man3/CURLMOPT_PIPELINING_SITE_BL.3.gz /usr/share/man/man3/CURLMOPT_PUSHDATA.3.gz /usr/share/man/man3/CURLMOPT_PUSHFUNCTION.3.gz /usr/share/man/man3/CURLMOPT_SOCKETDATA.3.gz /usr/share/man/man3/CURLMOPT_SOCKETFUNCTION.3.gz /usr/share/man/man3/CURLMOPT_TIMERDATA.3.gz /usr/share/man/man3/CURLMOPT_TIMERFUNCTION.3.gz /usr/share/man/man3/CURLOPT_ABSTRACT_UNIX_SOCKET.3.gz /usr/share/man/man3/CURLOPT_ACCEPTTIMEOUT_MS.3.gz /usr/share/man/man3/CURLOPT_ACCEPT_ENCODING.3.gz /usr/share/man/man3/CURLOPT_ADDRESS_SCOPE.3.gz /usr/share/man/man3/CURLOPT_ALTSVC.3.gz /usr/share/man/man3/CURLOPT_ALTSVC_CTRL.3.gz /usr/share/man/man3/CURLOPT_APPEND.3.gz /usr/share/man/man3/CURLOPT_AUTOREFERER.3.gz /usr/share/man/man3/CURLOPT_AWS_SIGV4.3.gz /usr/share/man/man3/CURLOPT_BUFFERSIZE.3.gz /usr/share/man/man3/CURLOPT_CAINFO.3.gz /usr/share/man/man3/CURLOPT_CAINFO_BLOB.3.gz /usr/share/man/man3/CURLOPT_CAPATH.3.gz /usr/share/man/man3/CURLOPT_CA_CACHE_TIMEOUT.3.gz /usr/share/man/man3/CURLOPT_CERTINFO.3.gz /usr/share/man/man3/CURLOPT_CHUNK_BGN_FUNCTION.3.gz /usr/share/man/man3/CURLOPT_CHUNK_DATA.3.gz /usr/share/man/man3/CURLOPT_CHUNK_END_FUNCTION.3.gz /usr/share/man/man3/CURLOPT_CLOSESOCKETDATA.3.gz /usr/share/man/man3/CURLOPT_CLOSESOCKETFUNCTION.3.gz /usr/share/man/man3/CURLOPT_CONNECTTIMEOUT.3.gz /usr/share/man/man3/CURLOPT_CONNECTTIMEOUT_MS.3.gz /usr/share/man/man3/CURLOPT_CONNECT_ONLY.3.gz /usr/share/man/man3/CURLOPT_CONNECT_TO.3.gz /usr/share/man/man3/CURLOPT_CONV_FROM_NETWORK_FUNCTION.3.gz /usr/share/man/man3/CURLOPT_CONV_FROM_UTF8_FUNCTION.3.gz /usr/share/man/man3/CURLOPT_CONV_TO_NETWORK_FUNCTION.3.gz /usr/share/man/man3/CURLOPT_COOKIE.3.gz /usr/share/man/man3/CURLOPT_COOKIEFILE.3.gz /usr/share/man/man3/CURLOPT_COOKIEJAR.3.gz /usr/share/man/man3/CURLOPT_COOKIELIST.3.gz /usr/share/man/man3/CURLOPT_COOKIESESSION.3.gz /usr/share/man/man3/CURLOPT_COPYPOSTFIELDS.3.gz /usr/share/man/man3/CURLOPT_CRLF.3.gz /usr/share/man/man3/CURLOPT_CRLFILE.3.gz /usr/share/man/man3/CURLOPT_CURLU.3.gz /usr/share/man/man3/CURLOPT_CUSTOMREQUEST.3.gz /usr/share/man/man3/CURLOPT_DEBUGDATA.3.gz /usr/share/man/man3/CURLOPT_DEBUGFUNCTION.3.gz /usr/share/man/man3/CURLOPT_DEFAULT_PROTOCOL.3.gz /usr/share/man/man3/CURLOPT_DIRLISTONLY.3.gz /usr/share/man/man3/CURLOPT_DISALLOW_USERNAME_IN_URL.3.gz /usr/share/man/man3/CURLOPT_DNS_CACHE_TIMEOUT.3.gz /usr/share/man/man3/CURLOPT_DNS_INTERFACE.3.gz /usr/share/man/man3/CURLOPT_DNS_LOCAL_IP4.3.gz /usr/share/man/man3/CURLOPT_DNS_LOCAL_IP6.3.gz /usr/share/man/man3/CURLOPT_DNS_SERVERS.3.gz /usr/share/man/man3/CURLOPT_DNS_SHUFFLE_ADDRESSES.3.gz /usr/share/man/man3/CURLOPT_DNS_USE_GLOBAL_CACHE.3.gz /usr/share/man/man3/CURLOPT_DOH_SSL_VERIFYHOST.3.gz /usr/share/man/man3/CURLOPT_DOH_SSL_VERIFYPEER.3.gz /usr/share/man/man3/CURLOPT_DOH_SSL_VERIFYSTATUS.3.gz /usr/share/man/man3/CURLOPT_DOH_URL.3.gz /usr/share/man/man3/CURLOPT_ECH.3.gz /usr/share/man/man3/CURLOPT_EGDSOCKET.3.gz /usr/share/man/man3/CURLOPT_ERRORBUFFER.3.gz /usr/share/man/man3/CURLOPT_EXPECT_100_TIMEOUT_MS.3.gz /usr/share/man/man3/CURLOPT_FAILONERROR.3.gz /usr/share/man/man3/CURLOPT_FILETIME.3.gz /usr/share/man/man3/CURLOPT_FNMATCH_DATA.3.gz /usr/share/man/man3/CURLOPT_FNMATCH_FUNCTION.3.gz /usr/share/man/man3/CURLOPT_FOLLOWLOCATION.3.gz /usr/share/man/man3/CURLOPT_FORBID_REUSE.3.gz /usr/share/man/man3/CURLOPT_FRESH_CONNECT.3.gz /usr/share/man/man3/CURLOPT_FTPPORT.3.gz /usr/share/man/man3/CURLOPT_FTPSSLAUTH.3.gz /usr/share/man/man3/CURLOPT_FTP_ACCOUNT.3.gz /usr/share/man/man3/CURLOPT_FTP_ALTERNATIVE_TO_USER.3.gz /usr/share/man/man3/CURLOPT_FTP_CREATE_MISSING_DIRS.3.gz /usr/share/man/man3/CURLOPT_FTP_FILEMETHOD.3.gz /usr/share/man/man3/CURLOPT_FTP_SKIP_PASV_IP.3.gz /usr/share/man/man3/CURLOPT_FTP_SSL_CCC.3.gz /usr/share/man/man3/CURLOPT_FTP_USE_EPRT.3.gz /usr/share/man/man3/CURLOPT_FTP_USE_EPSV.3.gz /usr/share/man/man3/CURLOPT_FTP_USE_PRET.3.gz /usr/share/man/man3/CURLOPT_GSSAPI_DELEGATION.3.gz /usr/share/man/man3/CURLOPT_HAPPY_EYEBALLS_TIMEOUT_MS.3.gz /usr/share/man/man3/CURLOPT_HAPROXYPROTOCOL.3.gz /usr/share/man/man3/CURLOPT_HAPROXY_CLIENT_IP.3.gz /usr/share/man/man3/CURLOPT_HEADER.3.gz /usr/share/man/man3/CURLOPT_HEADERDATA.3.gz /usr/share/man/man3/CURLOPT_HEADERFUNCTION.3.gz /usr/share/man/man3/CURLOPT_HEADEROPT.3.gz /usr/share/man/man3/CURLOPT_HSTS.3.gz /usr/share/man/man3/CURLOPT_HSTSREADDATA.3.gz /usr/share/man/man3/CURLOPT_HSTSREADFUNCTION.3.gz /usr/share/man/man3/CURLOPT_HSTSWRITEDATA.3.gz /usr/share/man/man3/CURLOPT_HSTSWRITEFUNCTION.3.gz /usr/share/man/man3/CURLOPT_HSTS_CTRL.3.gz /usr/share/man/man3/CURLOPT_HTTP09_ALLOWED.3.gz /usr/share/man/man3/CURLOPT_HTTP200ALIASES.3.gz /usr/share/man/man3/CURLOPT_HTTPAUTH.3.gz /usr/share/man/man3/CURLOPT_HTTPGET.3.gz /usr/share/man/man3/CURLOPT_HTTPHEADER.3.gz /usr/share/man/man3/CURLOPT_HTTPPOST.3.gz /usr/share/man/man3/CURLOPT_HTTPPROXYTUNNEL.3.gz /usr/share/man/man3/CURLOPT_HTTP_CONTENT_DECODING.3.gz /usr/share/man/man3/CURLOPT_HTTP_TRANSFER_DECODING.3.gz /usr/share/man/man3/CURLOPT_HTTP_VERSION.3.gz /usr/share/man/man3/CURLOPT_IGNORE_CONTENT_LENGTH.3.gz /usr/share/man/man3/CURLOPT_INFILESIZE.3.gz /usr/share/man/man3/CURLOPT_INFILESIZE_LARGE.3.gz /usr/share/man/man3/CURLOPT_INTERFACE.3.gz /usr/share/man/man3/CURLOPT_INTERLEAVEDATA.3.gz /usr/share/man/man3/CURLOPT_INTERLEAVEFUNCTION.3.gz /usr/share/man/man3/CURLOPT_IOCTLDATA.3.gz /usr/share/man/man3/CURLOPT_IOCTLFUNCTION.3.gz /usr/share/man/man3/CURLOPT_IPRESOLVE.3.gz /usr/share/man/man3/CURLOPT_ISSUERCERT.3.gz /usr/share/man/man3/CURLOPT_ISSUERCERT_BLOB.3.gz /usr/share/man/man3/CURLOPT_KEEP_SENDING_ON_ERROR.3.gz /usr/share/man/man3/CURLOPT_KEYPASSWD.3.gz /usr/share/man/man3/CURLOPT_KRBLEVEL.3.gz /usr/share/man/man3/CURLOPT_LOCALPORT.3.gz /usr/share/man/man3/CURLOPT_LOCALPORTRANGE.3.gz /usr/share/man/man3/CURLOPT_LOGIN_OPTIONS.3.gz /usr/share/man/man3/CURLOPT_LOW_SPEED_LIMIT.3.gz /usr/share/man/man3/CURLOPT_LOW_SPEED_TIME.3.gz /usr/share/man/man3/CURLOPT_MAIL_AUTH.3.gz /usr/share/man/man3/CURLOPT_MAIL_FROM.3.gz /usr/share/man/man3/CURLOPT_MAIL_RCPT.3.gz /usr/share/man/man3/CURLOPT_MAIL_RCPT_ALLOWFAILS.3.gz /usr/share/man/man3/CURLOPT_MAXAGE_CONN.3.gz /usr/share/man/man3/CURLOPT_MAXCONNECTS.3.gz /usr/share/man/man3/CURLOPT_MAXFILESIZE.3.gz /usr/share/man/man3/CURLOPT_MAXFILESIZE_LARGE.3.gz /usr/share/man/man3/CURLOPT_MAXLIFETIME_CONN.3.gz /usr/share/man/man3/CURLOPT_MAXREDIRS.3.gz /usr/share/man/man3/CURLOPT_MAX_RECV_SPEED_LARGE.3.gz /usr/share/man/man3/CURLOPT_MAX_SEND_SPEED_LARGE.3.gz /usr/share/man/man3/CURLOPT_MIMEPOST.3.gz /usr/share/man/man3/CURLOPT_MIME_OPTIONS.3.gz /usr/share/man/man3/CURLOPT_NETRC.3.gz /usr/share/man/man3/CURLOPT_NETRC_FILE.3.gz /usr/share/man/man3/CURLOPT_NEW_DIRECTORY_PERMS.3.gz /usr/share/man/man3/CURLOPT_NEW_FILE_PERMS.3.gz /usr/share/man/man3/CURLOPT_NOBODY.3.gz /usr/share/man/man3/CURLOPT_NOPROGRESS.3.gz /usr/share/man/man3/CURLOPT_NOPROXY.3.gz /usr/share/man/man3/CURLOPT_NOSIGNAL.3.gz /usr/share/man/man3/CURLOPT_OPENSOCKETDATA.3.gz /usr/share/man/man3/CURLOPT_OPENSOCKETFUNCTION.3.gz /usr/share/man/man3/CURLOPT_PASSWORD.3.gz /usr/share/man/man3/CURLOPT_PATH_AS_IS.3.gz /usr/share/man/man3/CURLOPT_PINNEDPUBLICKEY.3.gz /usr/share/man/man3/CURLOPT_PIPEWAIT.3.gz /usr/share/man/man3/CURLOPT_PORT.3.gz /usr/share/man/man3/CURLOPT_POST.3.gz /usr/share/man/man3/CURLOPT_POSTFIELDS.3.gz /usr/share/man/man3/CURLOPT_POSTFIELDSIZE.3.gz /usr/share/man/man3/CURLOPT_POSTFIELDSIZE_LARGE.3.gz /usr/share/man/man3/CURLOPT_POSTQUOTE.3.gz /usr/share/man/man3/CURLOPT_POSTREDIR.3.gz /usr/share/man/man3/CURLOPT_PREQUOTE.3.gz /usr/share/man/man3/CURLOPT_PREREQDATA.3.gz /usr/share/man/man3/CURLOPT_PREREQFUNCTION.3.gz /usr/share/man/man3/CURLOPT_PRE_PROXY.3.gz /usr/share/man/man3/CURLOPT_PRIVATE.3.gz /usr/share/man/man3/CURLOPT_PROGRESSDATA.3.gz /usr/share/man/man3/CURLOPT_PROGRESSFUNCTION.3.gz /usr/share/man/man3/CURLOPT_PROTOCOLS.3.gz /usr/share/man/man3/CURLOPT_PROTOCOLS_STR.3.gz /usr/share/man/man3/CURLOPT_PROXY.3.gz /usr/share/man/man3/CURLOPT_PROXYAUTH.3.gz /usr/share/man/man3/CURLOPT_PROXYHEADER.3.gz /usr/share/man/man3/CURLOPT_PROXYPASSWORD.3.gz /usr/share/man/man3/CURLOPT_PROXYPORT.3.gz /usr/share/man/man3/CURLOPT_PROXYTYPE.3.gz /usr/share/man/man3/CURLOPT_PROXYUSERNAME.3.gz /usr/share/man/man3/CURLOPT_PROXYUSERPWD.3.gz /usr/share/man/man3/CURLOPT_PROXY_CAINFO.3.gz /usr/share/man/man3/CURLOPT_PROXY_CAINFO_BLOB.3.gz /usr/share/man/man3/CURLOPT_PROXY_CAPATH.3.gz /usr/share/man/man3/CURLOPT_PROXY_CRLFILE.3.gz /usr/share/man/man3/CURLOPT_PROXY_ISSUERCERT.3.gz /usr/share/man/man3/CURLOPT_PROXY_ISSUERCERT_BLOB.3.gz /usr/share/man/man3/CURLOPT_PROXY_KEYPASSWD.3.gz /usr/share/man/man3/CURLOPT_PROXY_PINNEDPUBLICKEY.3.gz /usr/share/man/man3/CURLOPT_PROXY_SERVICE_NAME.3.gz /usr/share/man/man3/CURLOPT_PROXY_SSLCERT.3.gz /usr/share/man/man3/CURLOPT_PROXY_SSLCERTTYPE.3.gz /usr/share/man/man3/CURLOPT_PROXY_SSLCERT_BLOB.3.gz /usr/share/man/man3/CURLOPT_PROXY_SSLKEY.3.gz /usr/share/man/man3/CURLOPT_PROXY_SSLKEYTYPE.3.gz /usr/share/man/man3/CURLOPT_PROXY_SSLKEY_BLOB.3.gz /usr/share/man/man3/CURLOPT_PROXY_SSLVERSION.3.gz /usr/share/man/man3/CURLOPT_PROXY_SSL_CIPHER_LIST.3.gz /usr/share/man/man3/CURLOPT_PROXY_SSL_OPTIONS.3.gz /usr/share/man/man3/CURLOPT_PROXY_SSL_VERIFYHOST.3.gz /usr/share/man/man3/CURLOPT_PROXY_SSL_VERIFYPEER.3.gz /usr/share/man/man3/CURLOPT_PROXY_TLS13_CIPHERS.3.gz /usr/share/man/man3/CURLOPT_PROXY_TLSAUTH_PASSWORD.3.gz /usr/share/man/man3/CURLOPT_PROXY_TLSAUTH_TYPE.3.gz /usr/share/man/man3/CURLOPT_PROXY_TLSAUTH_USERNAME.3.gz /usr/share/man/man3/CURLOPT_PROXY_TRANSFER_MODE.3.gz /usr/share/man/man3/CURLOPT_PUT.3.gz /usr/share/man/man3/CURLOPT_QUICK_EXIT.3.gz /usr/share/man/man3/CURLOPT_QUOTE.3.gz /usr/share/man/man3/CURLOPT_RANDOM_FILE.3.gz /usr/share/man/man3/CURLOPT_RANGE.3.gz /usr/share/man/man3/CURLOPT_READDATA.3.gz /usr/share/man/man3/CURLOPT_READFUNCTION.3.gz /usr/share/man/man3/CURLOPT_REDIR_PROTOCOLS.3.gz /usr/share/man/man3/CURLOPT_REDIR_PROTOCOLS_STR.3.gz /usr/share/man/man3/CURLOPT_REFERER.3.gz /usr/share/man/man3/CURLOPT_REQUEST_TARGET.3.gz /usr/share/man/man3/CURLOPT_RESOLVE.3.gz /usr/share/man/man3/CURLOPT_RESOLVER_START_DATA.3.gz /usr/share/man/man3/CURLOPT_RESOLVER_START_FUNCTION.3.gz /usr/share/man/man3/CURLOPT_RESUME_FROM.3.gz /usr/share/man/man3/CURLOPT_RESUME_FROM_LARGE.3.gz /usr/share/man/man3/CURLOPT_RTSP_CLIENT_CSEQ.3.gz /usr/share/man/man3/CURLOPT_RTSP_REQUEST.3.gz /usr/share/man/man3/CURLOPT_RTSP_SERVER_CSEQ.3.gz /usr/share/man/man3/CURLOPT_RTSP_SESSION_ID.3.gz /usr/share/man/man3/CURLOPT_RTSP_STREAM_URI.3.gz /usr/share/man/man3/CURLOPT_RTSP_TRANSPORT.3.gz /usr/share/man/man3/CURLOPT_SASL_AUTHZID.3.gz /usr/share/man/man3/CURLOPT_SASL_IR.3.gz /usr/share/man/man3/CURLOPT_SEEKDATA.3.gz /usr/share/man/man3/CURLOPT_SEEKFUNCTION.3.gz /usr/share/man/man3/CURLOPT_SERVER_RESPONSE_TIMEOUT.3.gz /usr/share/man/man3/CURLOPT_SERVER_RESPONSE_TIMEOUT_MS.3.gz /usr/share/man/man3/CURLOPT_SERVICE_NAME.3.gz /usr/share/man/man3/CURLOPT_SHARE.3.gz /usr/share/man/man3/CURLOPT_SOCKOPTDATA.3.gz /usr/share/man/man3/CURLOPT_SOCKOPTFUNCTION.3.gz /usr/share/man/man3/CURLOPT_SOCKS5_AUTH.3.gz /usr/share/man/man3/CURLOPT_SOCKS5_GSSAPI_NEC.3.gz /usr/share/man/man3/CURLOPT_SOCKS5_GSSAPI_SERVICE.3.gz /usr/share/man/man3/CURLOPT_SSH_AUTH_TYPES.3.gz /usr/share/man/man3/CURLOPT_SSH_COMPRESSION.3.gz /usr/share/man/man3/CURLOPT_SSH_HOSTKEYDATA.3.gz /usr/share/man/man3/CURLOPT_SSH_HOSTKEYFUNCTION.3.gz /usr/share/man/man3/CURLOPT_SSH_HOST_PUBLIC_KEY_MD5.3.gz /usr/share/man/man3/CURLOPT_SSH_HOST_PUBLIC_KEY_SHA256.3.gz /usr/share/man/man3/CURLOPT_SSH_KEYDATA.3.gz /usr/share/man/man3/CURLOPT_SSH_KEYFUNCTION.3.gz /usr/share/man/man3/CURLOPT_SSH_KNOWNHOSTS.3.gz /usr/share/man/man3/CURLOPT_SSH_PRIVATE_KEYFILE.3.gz /usr/share/man/man3/CURLOPT_SSH_PUBLIC_KEYFILE.3.gz /usr/share/man/man3/CURLOPT_SSLCERT.3.gz /usr/share/man/man3/CURLOPT_SSLCERTTYPE.3.gz /usr/share/man/man3/CURLOPT_SSLCERT_BLOB.3.gz /usr/share/man/man3/CURLOPT_SSLENGINE.3.gz /usr/share/man/man3/CURLOPT_SSLENGINE_DEFAULT.3.gz /usr/share/man/man3/CURLOPT_SSLKEY.3.gz /usr/share/man/man3/CURLOPT_SSLKEYTYPE.3.gz /usr/share/man/man3/CURLOPT_SSLKEY_BLOB.3.gz /usr/share/man/man3/CURLOPT_SSLVERSION.3.gz /usr/share/man/man3/CURLOPT_SSL_CIPHER_LIST.3.gz /usr/share/man/man3/CURLOPT_SSL_CTX_DATA.3.gz /usr/share/man/man3/CURLOPT_SSL_CTX_FUNCTION.3.gz /usr/share/man/man3/CURLOPT_SSL_EC_CURVES.3.gz /usr/share/man/man3/CURLOPT_SSL_ENABLE_ALPN.3.gz /usr/share/man/man3/CURLOPT_SSL_ENABLE_NPN.3.gz /usr/share/man/man3/CURLOPT_SSL_FALSESTART.3.gz /usr/share/man/man3/CURLOPT_SSL_OPTIONS.3.gz /usr/share/man/man3/CURLOPT_SSL_SESSIONID_CACHE.3.gz /usr/share/man/man3/CURLOPT_SSL_SIGNATURE_ALGORITHMS.3.gz /usr/share/man/man3/CURLOPT_SSL_VERIFYHOST.3.gz /usr/share/man/man3/CURLOPT_SSL_VERIFYPEER.3.gz /usr/share/man/man3/CURLOPT_SSL_VERIFYSTATUS.3.gz /usr/share/man/man3/CURLOPT_STDERR.3.gz /usr/share/man/man3/CURLOPT_STREAM_DEPENDS.3.gz /usr/share/man/man3/CURLOPT_STREAM_DEPENDS_E.3.gz /usr/share/man/man3/CURLOPT_STREAM_WEIGHT.3.gz /usr/share/man/man3/CURLOPT_SUPPRESS_CONNECT_HEADERS.3.gz /usr/share/man/man3/CURLOPT_TCP_FASTOPEN.3.gz /usr/share/man/man3/CURLOPT_TCP_KEEPALIVE.3.gz /usr/share/man/man3/CURLOPT_TCP_KEEPCNT.3.gz /usr/share/man/man3/CURLOPT_TCP_KEEPIDLE.3.gz /usr/share/man/man3/CURLOPT_TCP_KEEPINTVL.3.gz /usr/share/man/man3/CURLOPT_TCP_NODELAY.3.gz /usr/share/man/man3/CURLOPT_TELNETOPTIONS.3.gz /usr/share/man/man3/CURLOPT_TFTP_BLKSIZE.3.gz /usr/share/man/man3/CURLOPT_TFTP_NO_OPTIONS.3.gz /usr/share/man/man3/CURLOPT_TIMECONDITION.3.gz /usr/share/man/man3/CURLOPT_TIMEOUT.3.gz /usr/share/man/man3/CURLOPT_TIMEOUT_MS.3.gz /usr/share/man/man3/CURLOPT_TIMEVALUE.3.gz /usr/share/man/man3/CURLOPT_TIMEVALUE_LARGE.3.gz /usr/share/man/man3/CURLOPT_TLS13_CIPHERS.3.gz /usr/share/man/man3/CURLOPT_TLSAUTH_PASSWORD.3.gz /usr/share/man/man3/CURLOPT_TLSAUTH_TYPE.3.gz /usr/share/man/man3/CURLOPT_TLSAUTH_USERNAME.3.gz /usr/share/man/man3/CURLOPT_TRAILERDATA.3.gz /usr/share/man/man3/CURLOPT_TRAILERFUNCTION.3.gz /usr/share/man/man3/CURLOPT_TRANSFERTEXT.3.gz /usr/share/man/man3/CURLOPT_TRANSFER_ENCODING.3.gz /usr/share/man/man3/CURLOPT_UNIX_SOCKET_PATH.3.gz /usr/share/man/man3/CURLOPT_UNRESTRICTED_AUTH.3.gz /usr/share/man/man3/CURLOPT_UPKEEP_INTERVAL_MS.3.gz /usr/share/man/man3/CURLOPT_UPLOAD.3.gz /usr/share/man/man3/CURLOPT_UPLOAD_BUFFERSIZE.3.gz /usr/share/man/man3/CURLOPT_UPLOAD_FLAGS.3.gz /usr/share/man/man3/CURLOPT_URL.3.gz /usr/share/man/man3/CURLOPT_USERAGENT.3.gz /usr/share/man/man3/CURLOPT_USERNAME.3.gz /usr/share/man/man3/CURLOPT_USERPWD.3.gz /usr/share/man/man3/CURLOPT_USE_SSL.3.gz /usr/share/man/man3/CURLOPT_VERBOSE.3.gz /usr/share/man/man3/CURLOPT_WILDCARDMATCH.3.gz /usr/share/man/man3/CURLOPT_WRITEDATA.3.gz /usr/share/man/man3/CURLOPT_WRITEFUNCTION.3.gz /usr/share/man/man3/CURLOPT_WS_OPTIONS.3.gz /usr/share/man/man3/CURLOPT_XFERINFODATA.3.gz /usr/share/man/man3/CURLOPT_XFERINFOFUNCTION.3.gz /usr/share/man/man3/CURLOPT_XOAUTH2_BEARER.3.gz /usr/share/man/man3/CURLSHOPT_LOCKFUNC.3.gz /usr/share/man/man3/CURLSHOPT_SHARE.3.gz /usr/share/man/man3/CURLSHOPT_UNLOCKFUNC.3.gz /usr/share/man/man3/CURLSHOPT_UNSHARE.3.gz /usr/share/man/man3/CURLSHOPT_USERDATA.3.gz /usr/share/man/man3/curl_easy_cleanup.3.gz /usr/share/man/man3/curl_easy_duphandle.3.gz /usr/share/man/man3/curl_easy_escape.3.gz /usr/share/man/man3/curl_easy_getinfo.3.gz /usr/share/man/man3/curl_easy_header.3.gz /usr/share/man/man3/curl_easy_init.3.gz /usr/share/man/man3/curl_easy_nextheader.3.gz /usr/share/man/man3/curl_easy_option_by_id.3.gz /usr/share/man/man3/curl_easy_option_by_name.3.gz /usr/share/man/man3/curl_easy_option_next.3.gz /usr/share/man/man3/curl_easy_pause.3.gz /usr/share/man/man3/curl_easy_perform.3.gz /usr/share/man/man3/curl_easy_recv.3.gz /usr/share/man/man3/curl_easy_reset.3.gz /usr/share/man/man3/curl_easy_send.3.gz /usr/share/man/man3/curl_easy_setopt.3.gz /usr/share/man/man3/curl_easy_ssls_export.3.gz /usr/share/man/man3/curl_easy_ssls_import.3.gz /usr/share/man/man3/curl_easy_strerror.3.gz /usr/share/man/man3/curl_easy_unescape.3.gz /usr/share/man/man3/curl_easy_upkeep.3.gz /usr/share/man/man3/curl_escape.3.gz /usr/share/man/man3/curl_formadd.3.gz /usr/share/man/man3/curl_formfree.3.gz /usr/share/man/man3/curl_formget.3.gz /usr/share/man/man3/curl_free.3.gz /usr/share/man/man3/curl_getdate.3.gz /usr/share/man/man3/curl_getenv.3.gz /usr/share/man/man3/curl_global_cleanup.3.gz /usr/share/man/man3/curl_global_init.3.gz /usr/share/man/man3/curl_global_init_mem.3.gz /usr/share/man/man3/curl_global_sslset.3.gz /usr/share/man/man3/curl_global_trace.3.gz /usr/share/man/man3/curl_mime_addpart.3.gz /usr/share/man/man3/curl_mime_data.3.gz /usr/share/man/man3/curl_mime_data_cb.3.gz /usr/share/man/man3/curl_mime_encoder.3.gz /usr/share/man/man3/curl_mime_filedata.3.gz /usr/share/man/man3/curl_mime_filename.3.gz /usr/share/man/man3/curl_mime_free.3.gz /usr/share/man/man3/curl_mime_headers.3.gz /usr/share/man/man3/curl_mime_init.3.gz /usr/share/man/man3/curl_mime_name.3.gz /usr/share/man/man3/curl_mime_subparts.3.gz /usr/share/man/man3/curl_mime_type.3.gz /usr/share/man/man3/curl_mprintf.3.gz /usr/share/man/man3/curl_multi_add_handle.3.gz /usr/share/man/man3/curl_multi_assign.3.gz /usr/share/man/man3/curl_multi_cleanup.3.gz /usr/share/man/man3/curl_multi_fdset.3.gz /usr/share/man/man3/curl_multi_get_handles.3.gz /usr/share/man/man3/curl_multi_get_offt.3.gz /usr/share/man/man3/curl_multi_info_read.3.gz /usr/share/man/man3/curl_multi_init.3.gz /usr/share/man/man3/curl_multi_notify_disable.3.gz /usr/share/man/man3/curl_multi_notify_enable.3.gz /usr/share/man/man3/curl_multi_perform.3.gz /usr/share/man/man3/curl_multi_poll.3.gz /usr/share/man/man3/curl_multi_remove_handle.3.gz /usr/share/man/man3/curl_multi_setopt.3.gz /usr/share/man/man3/curl_multi_socket.3.gz /usr/share/man/man3/curl_multi_socket_action.3.gz /usr/share/man/man3/curl_multi_socket_all.3.gz /usr/share/man/man3/curl_multi_strerror.3.gz /usr/share/man/man3/curl_multi_timeout.3.gz /usr/share/man/man3/curl_multi_wait.3.gz /usr/share/man/man3/curl_multi_waitfds.3.gz /usr/share/man/man3/curl_multi_wakeup.3.gz /usr/share/man/man3/curl_pushheader_byname.3.gz /usr/share/man/man3/curl_pushheader_bynum.3.gz /usr/share/man/man3/curl_share_cleanup.3.gz /usr/share/man/man3/curl_share_init.3.gz /usr/share/man/man3/curl_share_setopt.3.gz /usr/share/man/man3/curl_share_strerror.3.gz /usr/share/man/man3/curl_slist_append.3.gz /usr/share/man/man3/curl_slist_free_all.3.gz /usr/share/man/man3/curl_strequal.3.gz /usr/share/man/man3/curl_strnequal.3.gz /usr/share/man/man3/curl_unescape.3.gz /usr/share/man/man3/curl_url.3.gz /usr/share/man/man3/curl_url_cleanup.3.gz /usr/share/man/man3/curl_url_dup.3.gz /usr/share/man/man3/curl_url_get.3.gz /usr/share/man/man3/curl_url_set.3.gz /usr/share/man/man3/curl_url_strerror.3.gz /usr/share/man/man3/curl_version.3.gz /usr/share/man/man3/curl_version_info.3.gz /usr/share/man/man3/curl_ws_meta.3.gz /usr/share/man/man3/curl_ws_recv.3.gz /usr/share/man/man3/curl_ws_send.3.gz /usr/share/man/man3/curl_ws_start_frame.3.gz /usr/share/man/man3/libcurl-easy.3.gz /usr/share/man/man3/libcurl-env-dbg.3.gz /usr/share/man/man3/libcurl-env.3.gz /usr/share/man/man3/libcurl-errors.3.gz /usr/share/man/man3/libcurl-multi.3.gz /usr/share/man/man3/libcurl-security.3.gz /usr/share/man/man3/libcurl-share.3.gz /usr/share/man/man3/libcurl-symbols.3.gz /usr/share/man/man3/libcurl-thread.3.gz /usr/share/man/man3/libcurl-tutorial.3.gz /usr/share/man/man3/libcurl-url.3.gz /usr/share/man/man3/libcurl-ws.3.gz /usr/share/man/man3/libcurl.3.gz
Generated by rpm2html 1.8.1
Fabrice Bellet, Tue Apr 21 22:23:10 2026