Remove CHANGES from curl

ref:1e8497e3de108dc50a13b25f42f3cdbe913fda5d

contrib/libs/curl/CHANGES

@@ -1,7732 +0,0 @@
-                                  _   _ ____  _
-                              ___| | | |  _ \| |
-                             / __| | | | |_) | |
-                            | (__| |_| |  _ <| |___
-                             \___|\___/|_| \_\_____|
-
-                                  Changelog
-
-Version 7.82.0 (5 Mar 2022)
-
-Daniel Stenberg (5 Mar 2022)
-- RELEASE-NOTES: synced
-  
-  The 7.82.0 release
-
-- THANKS: updates from the 7.82.0 release notes
-
-- misc: update copyright year ranges
-
-Jay Satiro (5 Mar 2022)
-- unit1610: init SSL library before calling SHA256 functions
-  
-  The SSL library must be initialized (via global initialization) because
-  libcurl's SHA256 functions may call SHA256 functions in the SSL library.
-  
-  Reported-by: Gisle Vanem
-  
-  Fixes https://github.com/curl/curl/issues/8538
-  Closes https://github.com/curl/curl/pull/8540
-
-- examples/curlx: support building with OpenSSL 1.1.0+
-  
-  - Access members of X509_STORE_CTX in OpenSSL 1.1.0+ by using API
-    functions.
-  
-  The X509_STORE_CTX struct has been opaque since OpenSSL 1.1.0.
-  
-  Ref: https://curl.se/mail/lib-2022-03/0004.html
-  
-  Closes https://github.com/curl/curl/pull/8529
-
-- h2h3: fix typo
-  
-  Bug: https://github.com/curl/curl/issues/8381#issuecomment-1055440241
-  Reported-by: Michael Kaufmann
-
-- [Farzin brought this change]
-
-  CURLOPT_XFERINFOFUNCTION.3: fix example struct assignment
-  
-  Closes https://github.com/curl/curl/pull/8519
-
-Daniel Stenberg (26 Feb 2022)
-- azure-pipelines: add a build on Windows with libssh
-  
-  Closes #8511
-
-- runtests: make 'oldlibssh' be before 0.9.5
-  
-  Closes #8511
-
-- libssh: fix include files and defines use for Windows builds
-  
-  Reported-by: 梦终无痕
-  Bug: https://curl.se/mail/lib-2022-02/0131.html
-  Closes #8511
-
-- RELEASE-NOTES: synced
-
-- [illusory-dream brought this change]
-
-  winbuild: add parameter WITH_SSH
-  
-  For building with libssh
-  Closes #8514
-
-- configure: change output for cross-compiled alt-svc support
-  
-  It said 'no', while it actually is 'yes'
-  
-  Closes #8512
-
-- gha: add a macOS CI job with libssh
-  
-  Closes #8513
-
-- TODO: remove "Bring back libssh tests on Travis"
-  
-  The job was added to Circle CI in d8ddd0e7536
-
-- TODO: remove "better persistency for HTTP/1.0"
-  
-  Let's not bother.
-
-- TODO: remove "Option to ignore private IP"
-  
-  ... as curl ignores the IP entirely by default these days.
-
-- TODO: remove "hardcode the "localhost" addresses"
-  
-  This is implmented since 1a0ebf6632f88
-
-- TODO: 1.24 was a dupe of 1.1
-
-- TODO: remove "Typesafe curl_easy_setopt()"
-  
-  I don't consider this a serious TODO item
-
-- KNOWN_BUGS: remove "Uploading HTTP/3 files gets interrupted"
-  
-  This works now
-
-- KNOWN_BUGS: remove "HTTP/3 multipart POST with quiche fails"
-  
-  It works now
-
-- quiche: remove two leftover debug infof() outputs
-
-- [Tatsuhiro Tsujikawa brought this change]
-
-  ngtcp2: Reset dynbuf when it is fully drained
-  
-  Reported-by: vl409 on github
-  Fixes #7351
-  Closes #8504
-
-- [Stewart Gebbie brought this change]
-
-  hostip: avoid unused parameter error in Curl_resolv_check
-  
-  When built without DNS-over-HTTP and without asynchronous resolvers,
-  neither the dns nor the data parameters are used.
-  
-  That is Curl_resolv_check appears to call
-  Curl_resolver_is_resolved(data, dns). But,
-  with CURL_DISABLE_DOH without CURLRES_ASYNCH, the call is actually
-  elided via a macro definition.
-  
-  This fix resolves the resultant: "unused parameter 'data'" error.
-  
-  Closes #8505
-
-- http2: move two infof calls to debug-h2-only
-  
-  and remove a superflous one
-  
-  Ref: https://github.com/curl/curl/discussions/8498
-  Closes #8502
-
-- [Jean-Philippe Menil brought this change]
-
-  quiche: fix upload for bigger content-length
-  
-  Signed-off-by: Jean-Philippe Menil <jpmenil@gmail.com>
-  Closes #8421
-
-Jay Satiro (23 Feb 2022)
-- [Farzin brought this change]
-
-  CURLOPT_PROGRESSFUNCTION.3: fix example struct assignment
-  
-  Closes https://github.com/curl/curl/pull/8500
-
-Daniel Stenberg (22 Feb 2022)
-- [Rob Boeckermann brought this change]
-
-  OS400/README: clarify compilation steps
-  
-  Closes #8494
-
-- [Rob Boeckermann brought this change]
-
-  OS400: fix typos in rpg include file
-  
-  This resolves issues compiling rpg code that includes the curl header
-  file.
-  
-  Closes #8494
-
-- [Michał Antoniak brought this change]
-
-  vtls: fix socket check conditions
-  
-  fix condition to check the second socket during associate and
-  disassociate connection
-  
-  Closes #8493
-
-- libssh2: don't typecast socket to int for libssh2_session_handshake
-  
-  Since libssh2_socket_t uses SOCKET on windows which can be larger than
-  int.
-  
-  Closes #8492
-
-- RELEASE-NOTES: fix typo and make one desc shorter
-
-- RELEASE-NOTES: synced
-
-- CURLOPT_XFERINFOFUNCTION.3: fix typo in example
-  
-  Reported-by: coralw on github
-  Fixes #8487
-  Closes #8488
-
-- README: disable linkchecks for the sponsor links
-  
-  Closes #8489
-
-Jay Satiro (21 Feb 2022)
-- openssl: check if sessionid flag is enabled before retrieving session
-  
-  Ideally, Curl_ssl_getsessionid should not be called unless sessionid
-  caching is enabled. There is a debug assertion in the function to help
-  ensure that. Therefore, the pattern in all vtls is basically:
-  
-    if(primary.sessionid) {lock(); Curl_ssl_getsessionid(...); unlock();}
-  
-  There was one instance in openssl.c where sessionid was not checked
-  beforehand and this change fixes that.
-  
-  Prior to this change an assertion would occur in openssl debug builds
-  during connection stage if session caching was disabled.
-  
-  Reported-by: Jim Beveridge
-  
-  Fixes https://github.com/curl/curl/issues/8472
-  Closes https://github.com/curl/curl/pull/8484
-
-- multi: allow user callbacks to call curl_multi_assign
-  
-  Several years ago a change was made to block user callbacks from calling
-  back into the API when not supported (recursive calls). One of the calls
-  blocked was curl_multi_assign. Recently the blocking was extended to the
-  multi interface API, however curl_multi_assign may need to be called
-  from within those user callbacks (eg CURLMOPT_SOCKETFUNCTION).
-  
-  I can't think of any callback where it would be unsafe to call
-  curl_multi_assign so I removed the restriction entirely.
-  
-  Reported-by: Michael Wallner
-  
-  Ref: https://github.com/curl/curl/commit/b46cfbc
-  Ref: https://github.com/curl/curl/commit/340bb19
-  
-  Fixes https://github.com/curl/curl/issues/8480
-  Closes https://github.com/curl/curl/pull/8483
-
-Daniel Stenberg (21 Feb 2022)
-- [Michał Antoniak brought this change]
-
-  ssl: reduce allocated space for ssl backend when FTP is disabled
-  
-  Add assert() for the backend pointer in many places
-  
-  Closes #8471
-
-- [Michał Antoniak brought this change]
-
-  checkprefix: remove strlen calls
-  
-  Closes #8481
-
-Jay Satiro (20 Feb 2022)
-- [1337vt brought this change]
-
-  curl.h: fix typo
-  
-  Closes https://github.com/curl/curl/pull/8482
-
-- [Jan Venekamp brought this change]
-
-  sectransp: mark a 3DES cipher as weak
-  
-  - Change TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA strength to weak.
-  
-  All other 3DES ciphers are already marked as weak.
-  
-  Closes https://github.com/curl/curl/pull/8479
-
-- [Jan Venekamp brought this change]
-
-  bearssl: fix EXC_BAD_ACCESS on incomplete CA cert
-  
-  - Do not create trust anchor object for a CA certificate until after it
-    is processed.
-  
-  Prior to this change the object was created at state BR_PEM_BEGIN_OBJ
-  (certificate processing begin state). An incomplete certificate (for
-  example missing a newline at the end) never reaches BR_PEM_END_OBJ
-  (certificate processing end state) and therefore the trust anchor data
-  was not set in those objects, which caused EXC_BAD_ACCESS.
-  
-  Ref: https://github.com/curl/curl/pull/8106
-  
-  Closes https://github.com/curl/curl/pull/8476
-
-- [Jan Venekamp brought this change]
-
-  bearssl: fix connect error on expired cert and no verify
-  
-  - When peer verification is disabled use the x509_decode engine instead
-    of the x509_minimal engine to parse and extract the public key from
-    the first cert of the chain.
-  
-  Prior to this change in such a case no key was extracted and that caused
-  CURLE_SSL_CONNECT_ERROR. The x509_minimal engine will stop parsing if
-  any validity check fails but the x509_decode won't.
-  
-  Ref: https://github.com/curl/curl/pull/8106
-  
-  Closes https://github.com/curl/curl/pull/8475
-
-- [Jan Venekamp brought this change]
-
-  bearssl: fix session resumption (session id)
-  
-  Prior to this change br_ssl_client_reset was mistakenly called with
-  resume_session param set to 0, which disabled session resumption.
-  
-  Ref: https://github.com/curl/curl/pull/8106
-  
-  Closes https://github.com/curl/curl/pull/8474
-
-Daniel Stenberg (18 Feb 2022)
-- [Michał Antoniak brought this change]
-
-  openssl: fix build for version < 1.1.0
-  
-  Closes #8470
-
-- [Joel Depooter brought this change]
-
-  schannel: move the algIds array out of schannel.h
-  
-  This array is only used by the SCHANNEL_CRED struct in the
-  schannel_acquire_credential_handle function. It can therefore be kept as
-  a local variable. This is a minor update to
-  bbb71507b7bab52002f9b1e0880bed6a32834511.
-  
-  This change also updates the NUM_CIPHERS value to accurately count the
-  number of ciphers options listed in schannel.c, which is 47 instead of
-  45. It is unlikely that anyone tries to set all 47 values, but if they
-  had tried, the last two would not have been set.
-  
-  Closes #8469
-
-- [Alejandro R. Sedeño brought this change]
-
-  configure.ac: use user-specified gssapi dir when using pkg-config
-  
-  Using the system pkg-config path in the face of a user-specified
-  library path is asking to link the wrong library.
-  
-  Reported-by: Michael Kaufmann
-  Fixes #8289
-  Closes #8456
-
-- [Kevin Adler brought this change]
-
-  os400: Add link to QADRT devkit to README.OS400
-  
-  Closes #8455
-
-- [Kevin Adler brought this change]
-
-  os400: Add function wrapper for system command
-  
-  The wrapper will exit if the system command failed instead of blindly
-  continuing on.
-  
-  In addition, only copy docs which exist, since now the copy failure will
-  cause the build to stop.
-  
-  Closes #8455
-
-- [Kevin Adler brought this change]
-
-  os400: Default build to target current release
-  
-  V6R1M0 is not available as a target release since IBM i 7.2. To keep
-  from having to keep this up to date in git, default to the current
-  release. Users can configure this to whatever release they want to
-  actually build for.
-  
-  Closes #8455
-
-- docs/INTERNALS.md: clean up, refer to the book
-  
-  The explanatory parts are now in the everything curl book (which can
-  also use images etc). This document now refers to that resource and only
-  leaves listings of supported versions of libs, tools and operating
-  systems. See https://everything.curl.dev/internals
-  
-  Closes #8467
-
-Marcel Raad (17 Feb 2022)
-- des: fix compile break for OpenSSL without DES
-  
-  When `USE_OPENSSL` was defined but OpenSSL had no DES support and a
-  different crypto library was used for that, `Curl_des_set_odd_parity`
-  was called but not defined. This could for example happen on Windows
-  and macOS when using OpenSSL v3 with deprecated features disabled.
-  
-  Use the same condition for the function definition as used at the
-  caller side, but leaving out the OpenSSL part to avoid including
-  OpenSSL headers.
-  
-  Closes https://github.com/curl/curl/pull/8459
-
-Daniel Stenberg (17 Feb 2022)
-- RELEASE-NOTES: synced
-
-- docs/DEPRECATE: remove NPN support in August 2022
-  
-  Closes #8458
-
-- ftp: provide error message for control bytes in path
-  
-  Closes #8460
-
-- http: fix "unused parameter ‘conn’" warning
-  
-  Follow-up from 7d600ad1c395
-  
-  Spotted on appveyor
-  
-  Closes #8465
-
-Jay Satiro (17 Feb 2022)
-- [Alejandro R. Sedeño brought this change]
-
-  sha256: Fix minimum OpenSSL version
-  
-  - Change the minimum OpenSSL version for using their SHA256
-    implementation from 0.9.7 to 0.9.8.
-  
-  EVP_sha256() does not appear in the OpenSSL source before 0.9.7h, and
-  does not get built by default until 0.9.8, so trying to use it for all
-  0.9.7 is wrong, and before 0.9.8 is unreliable.
-  
-  Closes https://github.com/curl/curl/pull/8464
-
-Daniel Stenberg (16 Feb 2022)
-- KNOWN_BUGS: remove "slow connect to localhost on Windows"
-  
-  localhost is not resolved anymore since 1a0ebf6632f88
-
-- KNOWN_BUGS: remove "HTTP/3 download is 5x times slower than HTTP/2"
-  
-  It's not actually a bug. More like room for improvement.
-
-- KNOWN_BUGS: remove "HTTP/3 download with quiche halts after a while"
-  
-  Follow-up to 96f85a0fef694
-
-- KNOWN_BUGS: remove "pulseUI vpn" as a problem
-  
-  We haven't heard about this for a long time and rumours have it they
-  might have fixed it.
-
-- urldata: remove conn->bits.user_passwd
-  
-  The authentication status should be told by the transfer and not the
-  connection.
-  
-  Reported-by: John H. Ayad
-  Fixes #8449
-  Closes #8451
-
-- [Kevin Adler brought this change]
-
-  gskit: Convert to using Curl_poll
-  
-  As mentioned in 32766cb, gskit was the last user of Curl_select which is
-  now gone. Convert to using Curl_poll to allow build to work on IBM i.
-  
-  Closes #8454
-
-- [Kevin Adler brought this change]
-
-  gskit: Fix initialization of Curl_ssl_gskit struct
-  
-  In c30bf22, Curl_ssl_getsock was factored out in to a member of
-  struct Curl_ssl but the gskit initialization was not updated to reflect
-  this new member.
-  
-  Closes #8454
-
-- [Kevin Adler brought this change]
-
-  gskit: Fix errors from Curl_strerror refactor
-  
-  2f0bb864c1 replaced sterror with Curl_strerror, but the strerror buffer
-  shadows the set_buffer "buffer" parameter. To keep consistency with the
-  other functions that use Curl_strerror, rename the parameter.
-  
-  In addition, strerror.h is needed for the definition of STRERROR_LEN.
-  
-  Closes #8454
-
-Marcel Raad (15 Feb 2022)
-- ntlm: remove unused feature defines
-  
-  They're not used anymore and always supported.
-  
-  Closes https://github.com/curl/curl/pull/8453
-
-Daniel Stenberg (15 Feb 2022)
-- [Kantanat Wannapaka brought this change]
-
-  README.md: fix link and layout
-  
-  replace <a></a> tags and <img></img> tags
-  
-  Closes #8448
-
-- KNOWN_BUGS: fix typo "libpsl"
-
-Jay Satiro (14 Feb 2022)
-- h2h3: fix compiler warning due to function prototype mismatch
-  
-  - Add missing const qualifier in Curl_pseudo_headers declaration.
-
-Daniel Stenberg (14 Feb 2022)
-- [Stefan Eissing brought this change]
-
-  urlapi: handle "redirects" smarter
-  
-    - avoid one malloc when setting a new url via curl_url_set()
-      and CURLUPART_URL.
-    - extract common pattern into a new static function.
-  
-  Closes #8450
-
-- cijobs: pick up circleci configure lines better
-
-- circleci: add a job using wolfSSH
-  
-  Build only, no tests.
-  
-  Closes #8445
-
-- scripts/ciconfig.pl: show used options not available
-
-- circleci: add a job using libssh
-  
-  Closes #8444
-
-- runtests: set 'oldlibssh' for libssh versions before 0.9.6
-  
-  ... and make test 1459 check for the different return code then.
-  
-  Closes #8444
-
-Jay Satiro (13 Feb 2022)
-- Makefile.am: Generate VS 2022 projects
-  
-  Follow-up to f13d4d0 which added VS 2022 project support.
-  
-  Ref: https://github.com/curl/curl/pull/8438
-
-- [Daniel Stenberg brought this change]
-
-  projects: remove support for MSVC before VC10 (Visual Studio 2010)
-  
-  - Remove Visual Studio project files for VC6, VC7, VC7.1, VC8 and VC9.
-  
-  Those versions are too old to be maintained any longer.
-  
-  Closes https://github.com/curl/curl/pull/8442
-
-- [Stav Nir brought this change]
-
-  projects: add support for Visual Studio 17 (2022)
-  
-  Closes https://github.com/curl/curl/pull/8438
-
-Daniel Stenberg (13 Feb 2022)
-- RELEASE-NOTES: synced
-
-- connect: follow-up fix the copyright year
-
-- [Michał Antoniak brought this change]
-
-  misc: remove unused data when IPv6 is not supported
-  
-  Closes #8430
-
-- scripts/ciconfig: show CI job config info
-  
-  Closes #8446
-
-- quiche: handle stream reset
-  
-  A stream reset now causes a CURLE_PARTIAL_FILE error. I'm not convinced
-  this is the right action nor the right error code.
-  
-  Reported-by: Lucas Pardue
-  Fixes #8437
-  Closes #8440
-
-- mime: use a define instead of the magic number 24
-  
-  MIME_BOUNDARY_DASHES is now the number of leading dashes in the
-  generated boundary string.
-  
-  Closes #8441
-
-- [Henrik Holst brought this change]
-
-  hostcheck: reduce strlen calls on chained certificates
-  
-  Closes #8428
-
-- [Patrick Monnerat brought this change]
-
-  mime: some more strlen() call removals.
-  
-  Closes #8423
-
-- scripts/cijobs.pl: detect zuul cmake jobs better
-
-- url: exclude zonefrom_url when no ipv6 is available
-  
-  Closes #8439
-
-- if2ip: make Curl_ipv6_scope a blank macro when IPv6-disabled
-  
-  Closes #8439
-
-- [Henrik Holst brought this change]
-
-  mprintf: remove strlen calls on empty strings in dprintf_formatf
-  
-  Turns out that in dprintf_formatf we did a strlen on empty strings, a
-  bit strange is how common this actually is, 24 alone when doing a simple
-  GET from https://curl.se
-  
-  Closes #8427
-
-- wolfssl: return CURLE_AGAIN for the SSL_ERROR_NONE case
-  
-  Closes #8431
-
-- wolfssl: when SSL_read() returns zero, check the error
-  
-  Returning zero indicates end of connection, so if there's no data read
-  but the connection is alive, it needs to return -1 with CURLE_AGAIN.
-  
-  Closes #8431
-
-- quiche: after leaving h3_recving state, poll again
-  
-  This could otherwise easily leave libcurl "hanging" after the entire
-  transfer is done but without noticing the end-of-transfer signal.
-  
-  Assisted-by: Lucas Pardue
-  Closes #8436
-
-- quiche: when *recv_body() returns data, drain it before polling again
-  
-  Assisted-by: Lucas Pardue
-  
-  Closes #8429
-
-- [gaoxingwang on github brought this change]
-
-  configure: fix '--enable-code-coverage' typo
-  
-  Fixes #8425
-  Closes #8426
-
-- lib/h2h3: #ifdef on ENABLE_QUIC, not the wrong define
-  
-  Otherwise the build fails when H3 is enabled but the build doesn't
-  include nghttp2.
-  
-  Closes #8424
-
-- hostcheck: pass in pattern length too, to avoid a strlen call
-  
-  Removes one strlen() call per SAN name in a cert-check.
-  
-  Closes #8418
-
-- [Henrik Holst brought this change]
-
-  misc: remove strlen for Curl_checkheaders + Curl_checkProxyheaders
-  
-  Closes #8409
-
-- configure: requires --with-nss-deprecated to build with NSS
-  
-  Add deprecation plans to docs/DEPRECATE.md
-  
-  Closes #8395
-
-- mqtt: free 'sendleftovers' in disconnect
-  
-  Fix a memory-leak
-  
-  Bug: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=43646
-  Closes #8415
-
-- [Patrick Monnerat brought this change]
-
-  openldap: pass string length arguments to client_write()
-  
-  This uses the new STRCONST() macro and saves 2 strlen() calls on short
-  string constants per LDIF output line.
-  
-  Closes #8404
-
-- [Henrik Holst brought this change]
-
-  misc: reduce strlen() calls with Curl_dyn_add()
-  
-  Use STRCONST() to switch from Curl_dyn_add() to Curl_dyn_addn() for
-  string literals.
-  
-  Closes #8398
-
-- http2: fix the array copy to nghttp2_nv
-  
-  Bug: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=44517
-  Follow-up to 9f985a11e794
-  Closes #8414
-
-- RELEASE-NOTES: synced
-
-- scripts/cijobs.pl: output data about all currect CI jobs
-  
-  This script parses the config files for all the CI services currently in
-  use and output the information in a uniform way. The idea is that the
-  output from this script should be possible to massage into informational
-  tables or graphs to help us visualize what they are all testing and NOT
-  testing.
-  
-  Closes #8408
-
-- maketgz: return error if 'make dist' fails
-  
-  To better detect this problem in CI jobs
-  
-  Reported-by: Marcel Raad
-  Bug: https://curl.se/mail/lib-2022-02/0070.html
-  Closes #8402
-
-- h2h3: pass correct argument types to infof()
-  
-  Detected by Coverity. CID 1497993
-  
-  Closes #8401
-
-- lib/Makefile: remove config-tpf.h from the dist
-  
-  Follow-up from da15443dddea2bfb. Missed before because the 'distcheck'
-  CI job was not working as intended.
-  
-  Reported-by: Marcel Raad
-  Bug: https://curl.se/mail/lib-2022-02/0070.html
-  Closes #8403
-
-- configure: remove support for "embedded ares"
-  
-  In March 2010 (commit 4259d2df7dd) we removed the embedded 'ares'
-  directory from the curl source tree but we have since supported
-  especially detecting and using that build directory. The time has come
-  to remove that kludge and ask users to specify the c-ares dir correctly
-  with --enable-ares.
-  
-  Closes #8397
-
-- [Sebastian Sterk brought this change]
-
-  github/workflows/mbedtls: fix indent & remove unnecessary line breaks
-  
-  Closes #8399
-
-- CI: move the NSS job from zuul to GHA
-  
-  Closes #8396
-
-- tests/unit/Makefile.am: add NSS_LIBS to build with NSS fine
-  
-  Closes #8396
-
-Marcel Raad (7 Feb 2022)
-- curl-openssl: fix SRP check for OpenSSL 3.0
-  
-  When OpenSSL 3.0 is built with `--api=3.0` and `no-deprecated`, the SRP
-  functions exist in the library, but are disabled for user code. Check
-  if they are actually usable instead of only if they exist. Also, check
-  for the functions actually required for TLS-SRP.
-  
-  TLS-SRP support is still enabled if OpenSSL is configured with just
-  `--api=3.0` or with `--api=1.1.1 no-deprecated`.
-  
-  Closes https://github.com/curl/curl/pull/8394
-
-Daniel Stenberg (7 Feb 2022)
-- [Henrik Holst brought this change]
-
-  http: make Curl_compareheader() take string length arguments too
-  
-  Also add STRCONST, a macro that returns a string literal and it's length
-  for functions that take "string,len"
-  
-  Removes unnecesary calls to strlen().
-  
-  Closes #8391
-
-- vquic/vquic.h: removed the unused H3 psuedo defines
-
-- ngtcp2: use Curl_pseudo_headers
-
-- quiche: use Curl_pseudo_headers
-
-- http2: use Curl_pseudo_headers
-
-- h2h3: added Curl_pseudo_headers()
-  
-  For use with both http2 and http3 requests.
-
-- ngtcp2/quiche: make :scheme possible to set
-
-- http2: allow CURLOPT_HTTPHEADER change ":scheme"
-  
-  The only h2 psuedo header that wasn't previously possible to change by a
-  user. This change also makes it impossible to send a HTTP/1 header that
-  starts with a colon, which I don't think anyone does anyway.
-  
-  The other pseudo headers are possible to change indirectly by doing the
-  rightly crafted request.
-  
-  Reported-by: siddharthchhabrap on github
-  Fixes #8381
-  Closes #8393
-
-- h2/h3: provide and refer to pseudo headers as defines
-  
-  ... and do sizeof() on the defines to use constants better.
-  
-  Closes #8389
-
-- [Michał Antoniak brought this change]
-
-  smb: passing a socket for writing and reading data instead of FIRSTSOCKET
-  
-  Closes #8383
-
-- x509asn1: toggle off functions not needed for diff tls backends
-  
-  ... and clean the header file from private defines/structs (move to C
-  file) and unused function prototypes.
-  
-  Closes #8386
-
-- lib: move hostcheck and x509sn1 sources to vtls/
-  
-  ... since they are used strictly by TLS code.
-  
-  Closes #8386
-
-Marcel Raad (4 Feb 2022)
-- version_win32: fix warning for `CURL_WINDOWS_APP`
-  
-  The build version is not supported by the UWP code.
-  
-  Closes https://github.com/curl/curl/pull/8385
-
-Daniel Stenberg (4 Feb 2022)
-- tests/disable-scan.pl: properly detect multiple symbols per line
-  
-  Test 1165 would fail on some systems because it didn't detect
-  CURL_DISABLE_* symbols that were used to the right of another one on the
-  same line! The script would only detect and extract the first one.
-  
-  Reported-by: Marcel Raad
-  Fixes #8384
-  Closes #8388
-
-Jay Satiro (4 Feb 2022)
-- config.d: Clarify _curlrc filename is still valid on Windows
-  
-  Recent changes added support for filename .curlrc on Windows, and
-  when it's not found curl falls back on the original Windows filename
-  _curlrc. _curlrc was removed from the doc, however it is still valid.
-  
-  Closes https://github.com/curl/curl/pull/8382
-
-Daniel Stenberg (4 Feb 2022)
-- lib: remove support for CURL_DOES_CONVERSIONS
-  
-  TPF was the only user and support for that was dropped.
-  
-  Closes #8378
-
-- TPF: drop support
-  
-  There has been no TPF related changes done since September 2010 (commit
-  7e1a45e224e57) and since this is a platform that is relatively different
-  than many others (== needs attention), I draw the conclusion that this
-  build is broken since a long time.
-  
-  Closes #8378
-
-- scripts/delta: check the file delta for current branch
-  
-  ... also polish the output style a little bit
-
-Jay Satiro (3 Feb 2022)
-- [Fabian Keil brought this change]
-
-  runtests.pl: tolerate test directories without Makefile.inc
-  
-  Silences the following warnings when using a Makefile.inc-free
-  TESTDIR using the "-o" argument:
-  
-     readline() on closed filehandle D at ./runtests.pl line 592.
-     Use of uninitialized value $disttests in pattern match (m//) at
-     ./runtests.pl line 3602.
-  
-  Closes https://github.com/curl/curl/pull/8379
-
-Daniel Stenberg (3 Feb 2022)
-- [Henrik Holst brought this change]
-
-  setopt: do bounds-check before strdup
-  
-  Curl_setstropt() allocated memory for the string before checking if the
-  string was within bounds. The bounds check should be done first.
-  
-  Closes #8377
-
-- [Michał Antoniak brought this change]
-
-  mbedtls: enable use of mbedtls without filesystem functions support
-  
-  Closes #8376
-
-- [Bernhard Walle brought this change]
-
-  configure: support specification of a nghttp2 library path
-  
-  This enables using --with-nghttp2=<dir> on systems without pkg-config.
-  
-  Closes #8375
-
-- scripts/release-notes.pl: remove leftover debug output
-
-- RELEASE-NOTES: synced
-
-- scripts/release-notes.pl: fix number extraction for full URLs
-
-- [Leah Neukirchen brought this change]
-
-  scripts/completion.pl: improve zsh completion
-  
-  - Detect all spellings of <file>, <file name> etc as well as <path>.
-  - Only complete directories for <dir>.
-  - Complete URLs for <URL>.
-  - Complete --request and --ftp-method.
-  
-  Closes #8363
-
-- [Davide Cassioli brought this change]
-
-  configure: use correct CFLAGS for threaded resolver with xlC on AIX
-  
-  Fixes #8276
-  Closes #8374
-
-- mailmap: Henrik Holst
-
-Jay Satiro (2 Feb 2022)
-- build: fix ngtcp2 crypto library detection
-  
-  - Change library link check for ngtcp2_crypto_{gnutls,openssl} to
-    to use function ngtcp2_crypto_recv_client_initial_cb instead of
-    ngtcp2_crypto_ctx_initial.
-  
-  The latter function is no longer external since two days ago in
-  ngtcp2/ngtcp2@533451f. curl HTTP/3 CI builds have been failing since
-  then because they would not link to the ngtcp2 crypto library.
-  
-  Ref: https://github.com/ngtcp2/ngtcp2/pull/356
-  
-  Closes https://github.com/curl/curl/pull/8372
-
-- [Henrik Holst brought this change]
-
-  urlapi: remove an unnecessary call to strlen
-  
-  - Use strcpy instead of strlen+memcpy to copy the url path.
-  
-  Ref: https://curl.se/mail/lib-2022-02/0006.html
-  
-  Closes https://github.com/curl/curl/pull/8370
-
-Daniel Stenberg (1 Feb 2022)
-- scripts/copyright.pl: fix for handling removed files better
-
-- vxworks: drop support
-  
-  No changes or fixes in vxworks related code since 2009 leads me to
-  believe that this doesn't work anymore.
-  
-  Closes #8362
-
-- [Henrik Holst brought this change]
-
-  base64: remove an unnecessary call to strlen
-  
-  Closes #8369
-
-- tool_getparam: initial --json support
-  
-  Adds these test cases:
-  
-   383 - simple single command line option
-   384 - reading it from stdin
-   385 - getting two --json options on command line
-   386 - --next works after --json
-  
-  Closes #8314
-
-- [Bjarni Ingi Gislason brought this change]
-
-  curl_getdate.3: remove pointless .PP line
-  
-  mandoc: WARNING: skipping paragraph macro: PP empty
-  
-  Reported-by: Samuel Henrique
-  Closes #8365
-
-- [Sebastian Sterk brought this change]
-
-  multi: grammar fix in comment
-  
-  After 'must', the verb is used without 'to'. Correct: "must" or "have
-  to"
-  
-  Closes #8368
-
-- openldap: fix compiler warning when built without SSL support
-  
-  openldap.c:841:52: error: unused parameter ‘data’ [-Werror=unused-parameter]
-  
-  Closes #8367
-
-- [Samuel Henrique brought this change]
-
-  CURLSHOPT_LOCKFUNC.3: fix typo "relased" -> "released"
-  
-  Found when packaging 7.81.0 for Debian.
-  
-  Closes #8364
-
-- netware: remove support
-  
-  There are no current users and no Netware related changes done in the
-  code for over 13 years is a clear sign this is abandoned.
-  
-  Closes #8358
-
-- CI: move two jobs from Zuul to Circle CI
-  
-   - openssl-no-verbose
-   - openssl-no-proxy
-  
-  Closes #8359
-
-- cirlceci: also run a c-ares job on arm with debug enabled
-  
-  Closes #8357
-
-- ci: move the OpenSSL + c-ares job from Zuul to Circle CI
-  
-  Closes #8357
-
-- mailmap: Jan-Piet Mens
-
-- [luminixinc on github brought this change]
-
-  multi: remember connection_id before returning connection to pool
-  
-  Fix a bug that does not require a new CVE as discussed on hackerone.com.
-  Previously `connection_id` was accessed after returning connection to
-  the shared pool.
-  
-  Bug: https://hackerone.com/reports/1463013
-  Closes #8355
-
-Jay Satiro (31 Jan 2022)
-- write-out.d: Fix num_headers formatting
-
-- [Jan-Piet Mens brought this change]
-
-  docs: capitalize the name 'Netscape'
-  
-  Closes https://github.com/curl/curl/pull/8354
-
-Daniel Stenberg (30 Jan 2022)
-- RELEASE-NOTES: synced
-
-- [Antoine Pietri brought this change]
-
-  docs: grammar proofread, typo fixes
-  
-  (Partially automated) proofread of most of the documentation, leading to
-  various typo fixes.
-  
-  Closes #8353
-
-- urldata: CONN_IS_PROXIED replaces bits.close when proxy can be disabled
-  
-  To remove run-time checks for such builds.
-  
-  Closes #8350
-
-- setopt: fix the TLSAUTH #ifdefs for proxy-disabled builds
-  
-  Closes #8350
-
-- conncache: make conncache_add_bundle return the pointer
-  
-  Simplifies the logic a little and avoids a ternary operator.
-  
-  Ref: #8346
-  Closes #8349
-
-- mailmap: neutric on github
-
-Jay Satiro (30 Jan 2022)
-- [neutric on github brought this change]
-
-  docs/TheArtOfHttpScripting: fix example POST URL
-  
-  Closes https://github.com/curl/curl/pull/8352
-
-Daniel Stenberg (28 Jan 2022)
-- nss: handshake callback during shutdown has no conn->bundle
-  
-  The callback gets called because of the call to PR_Recv() done to
-  attempt to avoid RST on the TCP connection. The conn->bundle pointer is
-  already cleared at this point so avoid dereferencing it.
-  
-  Reported-by: Eric Musser
-  Fixes #8341
-  Closes #8342
-
-- [Michał Antoniak brought this change]
-
-  mbedtls: remove #include <mbedtls/certs.h>
-  
-  mbedtls/certs.h file contains only certificates example (all definitions
-  is beginning by mbedtls_test_*). None of them is used so we can avoid
-  include the file.
-  
-  Closes #8343
-
-- [Michał Antoniak brought this change]
-
-  mbedtls: enable use of mbedtls without CRL support
-  
-  Closes #8344
-
-- [Bernhard Walle brought this change]
-
-  configure: set CURL_LIBRARY_PATH for nghttp2
-  
-  To execute the test program, we might need the library path so that the
-  lib is found at runtime.
-  
-  Closes #8340
-
-Jay Satiro (28 Jan 2022)
-- schannel: restore debug message in schannel_connect_step2
-  
-  This is a follow-up to recent commit 2218c3a which removed the debug
-  message to avoid an unused variable warning. The message has been
-  reworked to avoid the warning.
-  
-  Ref: https://github.com/curl/curl/pull/8320#issuecomment-1022957904
-  
-  Closes https://github.com/curl/curl/pull/8336
-
-- test3021: disable all msys2 path transformation
-  
-  - Disable all MSYS2 path transformation in test3021 and test3022.
-  
-  Prior to this change path transformation in those tests was disabled
-  only for arguments that start with forward slashes. However arguments
-  that are in base64 contain forward slashes at any position and caused
-  unwanted translations.
-  
-  == Info: Denied establishing ssh session: mismatch sha256 fingerprint.
-  Remote +/EYG2YDzDGm6yiwepEMSuExgRRMoTi8Di1UN3kixZw= is not equal to
-  +C:/msys64/EYG2YDzDGm6yiwepEMSuExgRRMoTi8Di1UN3kixZw
-  
-  In the above example an argument containing a base64 sha256 fingerprint
-  was passed to curl after MSYS2 translated +/ into +C:/msys64/, and then
-  the fingerprint didn't match what was expected.
-  
-  Ref: https://www.msys2.org/wiki/Porting/
-  
-  Fixes https://github.com/curl/curl/issues/8084
-  Closes https://github.com/curl/curl/pull/8325
-
-Daniel Stenberg (27 Jan 2022)
-- CI: move scan-build job from Zuul to Azure Pipelines
-  
-  Closes #8338
-
-Marcel Raad (27 Jan 2022)
-- openssl: fix `ctx_option_t` for OpenSSL v3+
-  
-  The options have been changed to `uint64_t` in
-  https://github.com/openssl/openssl/commit/56bd17830f2d5855b533d923d4e0649d3ed61d11.
-  
-  Closes https://github.com/curl/curl/pull/8331
-
-Daniel Stenberg (27 Jan 2022)
-- CI: move 'distcheck' job from zuul to azure pipelines
-  
-  Assisted-by: Kushal Das
-  
-  Closes #8334
-
-- vtls: pass on the right SNI name
-  
-  The TLS backends convert the host name to SNI name and need to use that.
-  This involves cutting off any trailing dot and lowercasing.
-  
-  Co-authored-by: Jay Satiro
-  Closes #8320
-
-- url: revert the removal of trailing dot from host name
-  
-  Reverts 5de8d84098db1bd24e (May 2014, shipped in 7.37.0) and the
-  follow-up changes done afterward.
-  
-  Keep the dot in names for everything except the SNI to make curl behave
-  more similar to current browsers. This means 'name' and 'name.' send the
-  same SNI for different 'Host:' headers.
-  
-  Updated test 1322 accordingly
-  
-  Fixes #8290
-  Reported-by: Charles Cazabon
-  Closes #8320
-
-- [neutric on github brought this change]
-
-  docs/TheArtOfHttpScripting: fix capitalization
-  
-  Closes #8333
-
-- tests/memanalyze.pl: also count and show "total allocations"
-  
-  This is the total number of bytes allocated, increasing for new
-  allocations and never reduced when freed. The existing "Maximum
-  allocated" is the high water mark.
-  
-  Closes #8330
-
-- mailmap: spellfix githuh => github
-
-- RELEASE-NOTES: synced
-
-- hostcheck: fixed to not touch used input strings
-  
-  Avoids the need to clone the strings before check, thus avoiding
-  mallocs, which for cases where there are many SAN names in a cert could
-  end up numerous.
-  
-  Closes #8321
-
-- ngtcp2: adapt to changed end of headers callback proto
-  
-  Closes #8322
-
-- [Xiaoke Wang brought this change]
-
-  openssl: check SSL_get_ex_data to prevent potential NULL dereference
-  
-  Closes #8268
-
-Jay Satiro (23 Jan 2022)
-- md5: check md5_init_func return value
-  
-  Prior to this change the md5_init_func (my_md5_init) return value was
-  ignored.
-  
-  Closes https://github.com/curl/curl/pull/8319
-
-- md5: refactor for standard compliance
-  
-  - Wrap OpenSSL / wolfSSL MD5 functions instead of taking their function
-    addresses during static initialization.
-  
-  Depending on how curl was built the old way may have used a dllimport
-  function address during static initialization, which is not standard
-  compliant, resulting in Visual Studio warning C4232 (nonstandard
-  extension). Instead the function pointers now point to the wrappers
-  which call the MD5 functions.
-  
-  This change only affects OpenSSL and wolfSSL because calls to other SSL
-  libraries' md5 functions were already wrapped. Also sha256.c already
-  does this for all SSL libraries.
-  
-  Ref: https://github.com/curl/curl/pull/8298
-  
-  Closes https://github.com/curl/curl/pull/8318
-
-Daniel Stenberg (21 Jan 2022)
-- [Lucas Pardue brought this change]
-
-  docs: update IETF links to use datatracker
-  
-  The tools.ietf.org domain has been deprecated a while now, with the
-  links being redirected to datatracker.ietf.org.
-  
-  Rather than make people eat that redirect time, this change switches the
-  URL to a more canonical source.
-  
-  Closes #8317
-
-- [Harry Sarson brought this change]
-
-  CI: test building wolfssl with --enable-opensslextra
-  
-  Closes #8315
-
-- [Harry Sarson brought this change]
-
-  misc: allow curl to build with wolfssl --enable-opensslextra
-  
-  put all #include of openssl files behind wolfssl ifdefs so that we can
-  use the wolfssl/ prefixed include paths. Without these curl only builds
-  when wolfssl is built with enable-all.
-  
-  Fixes #8292
-  Closes #8315
-
-- [Lucas Pardue brought this change]
-
-  quiche: change qlog file extension to `.sqlog`
-  
-  quiche has just switched it's qlog serialization format to JSON-SEQ by
-  default . The spec says this SHOULD use `.sqlog` extension.
-  
-  I believe ngtcp2 also supports JSON-SEQ by default as of
-  https://github.com/ngtcp2/ngtcp2/commit/9baf06fc3f352a1d062b6953ae1de22cae30639d
-  
-  Let's update curl so that tools know what format we are using!
-  
-  Closes #8316
-
-Jay Satiro (21 Jan 2022)
-- projects: Fix Visual Studio wolfSSL configurations
-  
-  - Change build-wolfssl.bat to disable SSLv3, enable TLSv1.3, enable
-    wolfSSL_DES_ecb_encrypt (needed by NTLM) and enable alt cert chains.
-  
-  - Disable warning C4214 'bit field types other than int'.
-  
-  - Add include directory wolfssl\wolfssl.
-  
-  wolfSSL offers OpenSSL API compatibility that libcurl uses, and some
-  recent change in libcurl included an include file for wolfSSL like
-  openssl/foo.h, which has a path like wolfssl\wolfssl\openssl\foo.h.
-  
-  The include directory issue was reported in #8292 but it's currently
-  unclear whether this type of change is needed for other build systems.
-  
-  Bug: https://github.com/curl/curl/issues/8292
-  Reported-by: Harry Sarson
-  
-  Closes https://github.com/curl/curl/pull/8298
-
-Daniel Stenberg (21 Jan 2022)
-- openssl: return error if TLS 1.3 is requested when not supported
-  
-  Previously curl would just silently ignore it if the necessary defines
-  are not present at build-time.
-  
-  Reported-by: Stefan Eissing
-  Fixes #8309
-  Closes #8310
-
-- TODO: Passing NOTIFY option to CURLOPT_MAIL_RCPT
-  
-  Closes #8232
-
-- [pheiduck on github brought this change]
-
-  workflows/wolfssl: install impacket
-  
-  needed Python Package for SMB tests
-  
-  Closes #8307
-
-- url: make Curl_disconnect return void
-  
-   1. The function would only ever return CURLE_OK anyway
-   2. Only one caller actually used the return code
-   3. Most callers did (void)Curl_disconnect()
-  
-  Closes #8303
-
-- docs: document HTTP/2 not insisting on TLS 1.2
-  
-  Both for --http2 and CURLOPT_HTTP_VERSION.
-  
-  Reported-by: jhoyla on github
-  Fixes #8235
-  Closes #8300
-
-- cmdline-opts/gen.pl: fix option matching to improve references
-  
-  Previously it could mistakenly match partial names when there are
-  options that start with the same prefix, leading to the wrong references
-  used.
-  
-  Closes #8299
-
-- TODO: Less memory massaging with Schannel
-
-- [Patrick Monnerat brought this change]
-
-  runtests.pl: disable debuginfod
-  
-  Valgrind and gdb implement this feature: as this highly slows down tests,
-  disable it.
-  
-  Closes #8291
-
-- RELEASE-NOTES: synced
-
-- CURLMOPT_TIMERFUNCTION/DATA.3: fix the examples
-  
-  ... to not call libcurl recursively back.
-  
-  Closes #8286
-
-- multi: set in_callback for multi interface callbacks
-  
-  This makes most libcurl functions return error if called from within a
-  callback using the same multi handle. For example timer or socket
-  callbacks calling curl_multi_socket_action.
-  
-  Reported-by: updatede on github
-  Fixes #8282
-  Closes #8286
-
-- docs/HISTORY.md: mention alt-svc and HSTS
-
-- misc: remove the final watcom references
-  
-  Follow-up to bbf8cae44dedc495e6
-  
-  We removed support for the watcom builds files back in September
-  2020. This removes all remaining watcom references and ifdefs.
-  
-  Closes #8287
-
-- misc: remove BeOS code and references
-  
-  There has not been a mention of this OS in any commit since December
-  2004 (58f4af7973e3d2). The OS is also long gone.
-  
-  Closes #8288
-
-- tool_getparam: DNS options that need c-ares now fail without it
-  
-  Just silently accepting the options and then not having any effect is
-  not good.
-  
-  Ref: #8283
-  Closes #8285
-
-- curl: remove "separators" (when using globbed URLs)
-  
-  Unless muted (with -s) When doing globbing, curl would output mime-like
-  separators between the separate transfers. This is not documented
-  anywhere, surprises users and clobbers the output. Gone now.
-  
-  Updated test 18 and 1235
-  
-  Reported-by: jonny112 on github
-  Bug: https://github.com/curl/curl/discussions/8257
-  Closes #8278
-
-Jay Satiro (15 Jan 2022)
-- [Niels Martignène brought this change]
-
-  mbedtls: fix CURLOPT_SSLCERT_BLOB (again)
-  
-  - Increase the buffer length passed to mbedtls_x509_crt_parse to account
-    for the null byte appended to the temporary blob.
-  
-  Follow-up to 867ad1c which uses a null terminated copy of the
-  certificate blob, because mbedtls_x509_crt_parse requires PEM data
-  to be null terminated.
-  
-  Ref: https://github.com/curl/curl/commit/867ad1c#r63439893
-  Ref: https://github.com/curl/curl/pull/8146
-  
-  Closes https://github.com/curl/curl/pull/8260
-
-Daniel Stenberg (15 Jan 2022)
-- [Alessandro Ghedini brought this change]
-
-  quiche: verify the server cert on connect
-  
-  Similarly to c148f0f551f9bea0e3d0, make quiche correctly acknowledge
-  `CURLOPT_SSL_VERIFYPEER` and `CURLOPT_SSL_VERIFYHOST`.
-  
-  Fixes #8173
-  Closes #8275
-
-- [Ikko Ashimine brought this change]
-
-  checksrc: fix typo in comment
-  
-  enfore -> enforce
-  
-  Closes #8281
-
-- curl-openssl: remove the OpenSSL headers and library versions check
-  
-  It is more work to maintain that check than the (any?) benefit it
-  brings.
-  
-  Fixes #8279
-  Reported-by: Satadru Pramanik
-  Closes #8280
-
-- mqtt: free any leftover when done
-  
-  Oss-fuzz found an issue when the "sendleftovers" pointer could leak memory.
-  Fix this by always freeing it (if still assigned) in the done function.
-  
-  Bug: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=43515
-  Closes #8274
-
-- formdata: avoid size_t => long typecast overflows
-  
-  Typically a problem for platforms with 32 bit long and 64 bit size_t
-  
-  Reported-by: Fabian Yamaguchi
-  Bug: https://hackerone.com/reports/1444539
-  Closes #8272
-
-- RELEASE-NOTES: synced
-  
-  bump next release to become 7.82.0
-
-Marcel Raad (13 Jan 2022)
-- build: enable -Warith-conversion
-  
-  This makes the behavior consistent between GCC 10 and earlier versions.
-  
-  Closes https://github.com/curl/curl/pull/8271
-
-- build: fix -Wenum-conversion handling
-  
-  Don't enable that warning when warnings are disabled.
-  Also add it to CMake.
-  
-  Closes https://github.com/curl/curl/pull/8271
-
-- appveyor: use VS 2017 image for the autotools builds
-  
-  The newer images don't have all required MSYS2 packages.
-  
-  Fixes https://github.com/curl/curl/issues/8248
-  Closes https://github.com/curl/curl/pull/8265
-
-- appveyor: update images from VS 2019 to 2022
-  
-  Closes https://github.com/curl/curl/pull/8265
-
-Daniel Stenberg (12 Jan 2022)
-- [Michał Antoniak brought this change]
-
-  mbedtls: return CURLcode result instead of a mbedtls error code
-  
-  ... when a certificate fails to be loaded from a blob
-  
-  Closes #8266
-
-- curl_multi_socket.3: remove callback and typical usage descriptions
-  
-  1. The callback is better described in the option for setting it. Having
-  it in a single place reduces the risk that one of them is wrong.
-  
-  2. The "typical usage" is wrong since the functions described in this
-  man page are both deprecated so they cannot be used in any "typical" way
-  anymore.
-  
-  Closes #8262
-
-- curl-functions.m4: revert DYLD_LIBRARY_PATH tricks in CURL_RUN_IFELSE
-  
-  Mostly reverts ba0657c343f, but now instead just run the plain macro on
-  darwin. The approach as used on other platforms is simply not necessary
-  on macOS.
-  
-  Fixes #8229
-  Reported-by: Ryan Schmidt
-  Closes #8247
-
-- [Patrick Monnerat brought this change]
-
-  openldap: implement SASL authentication
-  
-  As credentials can be quite different depending on the mechanism used,
-  there are no default mechanisms for LDAP and simple bind with a DN is
-  then used.
-  
-  The caller has to provide mechanism(s) using CURLOPT_LOGIN_OPTIONS to
-  enable SASL authentication and disable simple bind.
-  
-  Closes #8152
-
-Jay Satiro (10 Jan 2022)
-- [Cameron Will brought this change]
-
-  CURLOPT_RESOLVE.3: change example port to 443
-  
-  83cc966 changed documentation from using http to https. However,
-  CURLOPT_RESOLVE being set to port 80 in the documentation means that it
-  isn't valid for the new URL. Update to 443.
-  
-  Closes https://github.com/curl/curl/pull/8258
-
-Daniel Stenberg (10 Jan 2022)
-- [Fabian Keil brought this change]
-
-  test374: gif data without new line at the end
-  
-  Closes #8239
-
-- [Fabian Keil brought this change]
-
-  runtests.pl: support the nonewline attribute for the data part
-  
-  Added to FILEFORMAT
-  
-  Closes #8239
-
-- [Patrick Monnerat brought this change]
-
-  curl tool: erase some more sensitive command line arguments
-  
-  As the ps command may reveal sensitive command line info, obfuscate
-  options --tlsuser, --tlspasswd, --proxy-tlsuser, --proxy-tlspassword and
-  --oauth2-bearer arguments.
-  
-  Reported-by: Stephen Boost <s.booth@epcc.ed.ac.uk>
-  
-  Closes #7964
-
-- mesalink: remove support
-  
-  Mesalink has ceased development. We can no longer encourage use of it.
-  It seems to be continued under the name TabbySSL, but no attempts have
-  (yet) been to make curl support it.
-  
-  Fixes #8188
-  Closes #8191
-
-- ldap: return CURLE_URL_MALFORMAT for bad URL
-  
-  For consistency, use the same return code for URL malformats,
-  independently of what scheme that is used. Previously this would return
-  CURLE_LDAP_INVALID_URL, but starting now that error cannot be returned.
-  
-  Closes #8170
-
-- docs/cmdline-opts: add "mutexed" options for more http versions
-  
-  Update four http version man page sections.
-  
-  Closes #8254
-
-- [Stephen M. Coakley brought this change]
-
-  rustls: add CURLOPT_CAINFO_BLOB support
-  
-  Add support for `CURLOPT_CAINFO_BLOB` `CURLOPT_PROXY_CAINFO_BLOB` to the
-  rustls TLS backend. Multiple certificates in a single PEM string are
-  supported just like OpenSSL does with this option.
-  
-  This is compatible at least with rustls-ffi 0.8+ which is our new
-  minimum version anyway.
-  
-  I was able to build and run this on Windows, pulling trusted certs from
-  the system and then add them to rustls by setting
-  `CURLOPT_CAINFO_BLOB`. Handy!
-  
-  Closes #8255
-
-- scripts/copyright.pl: ignore missing files
-
-- RELEASE-NOTES: synced
-
-- data/DISABLED: disable test 313 for wolfssl builds
-  
-  It was previously disabled only in the CI jobs yaml
-  
-  Closes #8252
-
-- runtests: make 'wolfssl' a testable feature
-  
-  Closes #8252
-
-- GHA: install stunnel in the medbtls + wolfssl CI jobs
-  
-  Closes #8252
-
-- CI: move the rustls CI job to GHA from Zuul
-  
-  Closes #8251
-
-- DISABLE: disable a dozen tests in the rustls build
-  
-  Disables tests that don't yet work with the rustls backend.
-  
-  Fixes #8004
-  Closes #8250
-
-- runtests: make 'rustls' a testable feature
-
-- remote-header-name.d: clarify
-  
-  - it strips off the path from the server provided name
-  - it saves in current directory or --output-dir
-  
-  Ref: https://curl.se/mail/archive-2022-01/0032.html
-  Closes #8249
-
-- url: given a user in the URL, find pwd for that user in netrc
-  
-  Add test 380 and 381 to verify, edited test 133
-  
-  Reported-by: Manfred Schwarb
-  Fixes #8241
-  Closes #8243
-
-- [Niels Martignène brought this change]
-
-  mbedtls: Fix ssl_init error with mbedTLS 3.1.0+
-  
-  Since mbedTLS 3.1.0, mbedtls_ssl_setup() fails if the provided
-  config struct is not valid.
-  
-  mbedtls_ssl_config_defaults() needs to be called before the config
-  struct is passed to mbedtls_ssl_setup().
-  
-  Closes #8238
-
-- [Filip Lundgren brought this change]
-
-  cmake: fix iOS CMake project generation error
-  
-  Closes #8244
-
-- ngtcp2: fix declaration of ‘result’ shadows a previous local
-  
-  Follow-up to 8fbd6feddfa587cfd3
-  
-  Closes #8245
-
-- openssl.h: avoid including OpenSSL headers here
-  
-  ... by instead using the struct version of the typedef'ed pointer. To
-  fix build errors when both Schannel and OpenSSL are enabled.
-  
-  Fixes #8240
-  Reported-by: Jan Ehrhardt
-  Closes #8246
-
-- curl_url_set.3: mention when CURLU_ALLOW_SPACE was added
-
-- tool_findfile: free mem properly
-  
-  Follow-up to 764e4f066d5
-  
-  Closes #8242
-
-- tool_findfile: check ~/.config/curlrc too
-  
-  ... after the initial checks for .curlrc and if XDG_CONFIG_HOME is not
-  set, use $HOME and $CURL_HOME to check if ~/.config/curlrc is present.
-  
-  Add test 436 to verify
-  
-  Reported-by: Sandro Jaeckel
-  Fixes #8208
-  Closes #8213
-
-- runtests: allow client/file to specify multiple directories
-  
-  ... and make sure to mkdir them all
-
-- scripts/copyright.pl: support many provided file names on the cmdline
-
-- [Fabian Keil brought this change]
-
-  tests/FILEFORMAT.md: fix typo
-
-- [Fabian Keil brought this change]
-
-  Add test373: multiple chunks with binary zeros
-
-- [Fabian Keil brought this change]
-
-  Add test372: binary zero in data element
-
-- [Fabian Keil brought this change]
-
-  tests/server/getpart.c: properly deal with binary data containing NUL bytes
-
-- [Fabian Keil brought this change]
-
-  runtests.pl: properly print the test if it contains binary zeros
-
-- mailmap: Xiaoke Wang
-
-- openssl: copyright year update
-  
-  Follow-up to 30aea2b1ede
-
-- scripts/copyright.pl: hush unless -v (for verbose) is used
-
-- [Xiaoke Wang brought this change]
-
-  openssl: check the return value of BIO_new_mem_buf()
-  
-  Closes #8233
-
-- examples/multi-app.c: call curl_multi_remove_handle as well
-  
-  Fixes #8234
-  Reported-by: Melroy van den Berg
-  Closes #8236
-
-- COPYING: bump copyright year range
-
-- RELEASE-NOTES: synced
-  
-  and bump curlver after release
-
-- docs: fix mandoc -T lint formatting complaints
-  
-  Closes #8228
-
-- next.d. remove .fi/.nf as they are handled by gen.pl
-  
-  Closes #8228
-
-- gen.pl: terminate "example" sections better
-  
-  If the example (section that is prefixed with spaces) ends the
-  description gen.pl would previously miss to output the terminating .fi
-  
-  Closes #8228
-
-- [Satadru Pramanik brought this change]
-
-  curl-functions.m4: fix LIBRARY_PATH adjustment to avoid eval
-  
-  $$ usage in a m4 file introduces the PID in linux.
-  Instead, just duplicate previous working code with a case switch.
-  
-  Fixes #8229
-  Closes #8230
-
-Version 7.81.0 (5 Jan 2022)
-
-Daniel Stenberg (5 Jan 2022)
-- RELEASE-NOTES: synced
-  
-  curl 7.81.0 release
-
-- THANKS: add names from 7.81.0 release
-
-- curl_multi_init.3: fix the copyright year range
-
-- test719-721: require "proxy" feature present to run
-  
-  Bug: https://github.com/curl/curl/pull/8223#issuecomment-1005188696
-  Reported-by: Marc Hörsken
-  
-  Closes #8226
-
-- test719: require ipv6 support to run
-  
-  Follow-up to effd2bd7ba2a5fd244
-  Reported-by: Marc Hörsken
-  Bug: https://github.com/curl/curl/pull/8217#issuecomment-1004681145
-  
-  Closes #8223
-
-- test719-721: verify SOCKS details
-  
-  Using the new verify/socks details
-
-- runtests: add verify/socks check
-  
-  If used, this data is compared with the data in log/socksd-request.log
-  which the socksd server logs.
-  
-  Added to FILEFORMAT.md
-
-- server/socksd: log atyp + address in a separate log
-  
-  To allow the test suite to verify that the right data arrived
-
-- socks5: use appropriate ATYP for numerical IP address host names
-  
-  When not resolving the address locallly (known as socks5h).
-  
-  Add test 719 and 720 to verify.
-  
-  Reported-by: Peter Piekarski
-  Fixes #8216
-  Closes #8217
-
-Jay Satiro (3 Jan 2022)
-- curl_multi_init.3: fix EXAMPLE formatting
-
-Daniel Stenberg (3 Jan 2022)
-- RELEASE-NOTES: synced
-
-- libtest: avoid "assignment within conditional expression"
-  
-  In lib530, lib540 and lib582
-  
-  Closes #8218
-
-- ftp: disable warning 4706 in MSVC
-  
-  Follow-up to 21248e052d
-  
-  Disabling "assignment within conditional expression" for MSVC needs to
-  be done before the function starts, for it to take effect.
-  
-  Closes #8218
-
-- tool_operate: warn if too many output arguments were found
-  
-  More output instructions than URLs is likely a user error.
-  
-  Add test case 371 to verify
-  
-  Closes #8210
-
-- .github/workflows/mbedtls.yml: bump to mbedtls 3.1.0
-  
-  Closes #8215
-
-- zuul: remove the mbedtls jobs
-  
-  Now running as github workflows
-  
-  Closes #8215
-
-- github/workflows: add mbedtls and mbedtls-clang
-  
-  Closes #8215
-
-- [Valentin Richter brought this change]
-
-  mbedtls: fix private member designations for v3.1.0
-  
-  "As a last resort, you can access the field foo of a structure bar by
-  writing bar.MBEDTLS_PRIVATE(foo). Note that you do so at your own risk,
-  since such code is likely to break in a future minor version of Mbed
-  TLS." -
-  https://github.com/ARMmbed/mbedtls/blob/f2d1199edc5834df4297f247f213e614f7782d1d/docs/3.0-migration-guide.md
-  
-  That future minor version is v3.1.0. I set the >= to == for the version
-  checks because v3.1.0 is a release, and I am not sure when the private
-  designation was reverted after v3.0.0.
-  
-  Closes #8214
-
-- [Valentin Richter brought this change]
-
-  cmake: prevent dev warning due to mismatched arg
-  
-  -- curl version=[7.81.0-DEV]
-  CMake Warning (dev) at /usr/share/cmake-3.22.1/Modules/FindPackageHandleStandardArgs.cmake:438 (message):
-    The package name passed to `find_package_handle_standard_args` (MBEDTLS)
-    does not match the name of the calling package (MbedTLS).  This can lead to
-    problems in calling code that expects `find_package` result variables
-    (e.g., `_FOUND`) to follow a certain pattern.
-  Call Stack (most recent call first):
-    deps/curl/CMake/FindMbedTLS.cmake:31 (find_package_handle_standard_args)
-    deps/curl/CMakeLists.txt:473 (find_package)
-  This warning is for project developers.  Use -Wno-dev to suppress it.
-  
-  Closes #8207
-
-- urlapi: if possible, shorten given numerical IPv6 addresses
-  
-  Extended test 1560 to verify
-  
-  Closes #8206
-
-- [Michał Antoniak brought this change]
-
-  url: reduce ssl backend count for CURL_DISABLE_PROXY builds
-  
-  Closes #8212
-
-- KNOWN_BUGS: "Trying local ports fails on Windows"
-  
-  Reported-by: gclinch on github
-  Closes #8112
-
-- misc: update copyright year range
-
-- zuul: remove the wolfssl even more
-  
-  Follow-up to 1914465cf180d32b3d
-
-- examples/multi-single.c: remove WAITMS()
-  
-  As it isn't used.
-  
-  Reported-by: Melroy van den Berg
-  Fixes #8200
-  Closes #8201
-
-- gtls: add gnutls include for the session type
-  
-  Follow-up to 8fbd6feddfa5 to make it build more universally
-
-- m4/curl-compilers: tell clang -Wno-pointer-bool-conversion
-  
-  To hush compiler warnings we don't care for: error: address of function
-  'X' will always evaluate to 'true'
-  
-  Fixes #8197
-  Closes #8198
-
-- http_proxy: don't close the socket (too early)
-  
-  ... and double-check in the OpenSSL shutdown that the socket is actually
-  still there before it is used.
-  
-  Fixes #8193
-  Closes #8195
-  
-  Reported-by: Leszek Kubik
-
-- ngtcp2: verify the server certificate for the gnutls case
-  
-  Closes #8178
-
-- ngtcp2: verify the server cert on connect (quictls)
-  
-  Make ngtcp2+quictls correctly acknowledge `CURLOPT_SSL_VERIFYPEER` and
-  `CURLOPT_SSL_VERIFYHOST`.
-  
-  The name check now uses a function from lib/vtls/openssl.c which will
-  need attention for when TLS is not done by OpenSSL or is disabled while
-  QUIC is enabled.
-  
-  Possibly the servercert() function in openssl.c should be adjusted to be
-  able to use for both regular TLS and QUIC.
-  
-  Ref: #8173
-  Closes #8178
-
-- zuul: remove the wolfssl build
-
-- github workflow: add wolfssl
-  
-  Closes #8196
-
-- [Nicolas Sterchele brought this change]
-
-  zuul: fix quiche build pointing to wrong Cargo
-  
-  Fixes #8184
-  Closes #8189
-
-- checksrc: detect more kinds of NULL comparisons we avoid
-  
-  Co-authored-by: Jay Satiro
-  Closes #8180
-
-- RELEASE-NOTES: synced
-
-- mesalink: remove the BACKEND define kludge
-  
-  Closes #8183
-
-- schannel: remove the BACKEND define kludge
-  
-  Closes #8182
-
-- gtls: check return code for gnutls_alpn_set_protocols
-  
-  Closes #8181
-
-- [Stefan Huber brought this change]
-
-  README: label the link to the support document
-  
-  Closes #8185
-
-- docs/HTTP3: describe how to setup a h3 reverse-proxy for testing
-  
-  Assisted-by: Matt Holt
-  
-  Closes #8177
-
-- libcurl-multi.3: "SOCKS proxy handshakes" are not blocking
-  
-  Since 4a4b63daaa0
-
-- [Vladimir Panteleev brought this change]
-
-  tests: Add test for CURLOPT_HTTP200ALIASES
-
-- [Vladimir Panteleev brought this change]
-
-  http: Fix CURLOPT_HTTP200ALIASES
-  
-  The httpcode < 100 check was also triggered when none of the fields were
-  parsed, thus making the if(!nc) block unreachable.
-  
-  Closes #8171
-
-- RELEASE-NOTES: synced
-
-- language: "email"
-  
-  Missed three occurrences.
-  
-  Follow-up to 7a92f86
-
-- nss:set_cipher don't clobber the cipher list
-  
-  The string is set by the user and needs to remain intact for proper
-  connection reuse etc.
-  
-  Reported-by: Eric Musser
-  Fixes #8160
-  Closes #8161
-
-- misc: s/e-mail/email
-  
-  Consistency is king. Following the lead in everything curl.
-  
-  Closes #8159
-
-- [Tobias Nießen brought this change]
-
-  docs: fix typo in OpenSSL 3 build instructions
-  
-  Closes #8162
-
-- linkcheck.yml: add CI job that checks markdown links
-  
-  Closes #8158
-
-- RELEASE-PROCEDURE.md: remove ICAL link and old release dates
-
-- BINDINGS.md: "markdown-link-check-disable"
-  
-  It feels a bit unfortunate to litter an ugly tag for this functionality,
-  but if we get link scans of all markdown files, this might be worth the
-  price.
-
-- docs: fix dead links, remove ECH.md
-
-Jay Satiro (16 Dec 2021)
-- openssl: define HAVE_OPENSSL_VERSION for OpenSSL 1.1.0+
-  
-  Prior to this change OpenSSL_version was only detected in configure
-  builds. For other builds the old version parsing code was used which
-  would result in incorrect versioning for OpenSSL 3:
-  
-  Before:
-  
-  curl 7.80.0 (i386-pc-win32) libcurl/7.80.0 OpenSSL/3.0.0a zlib/1.2.11
-  WinIDN libssh2/1.9.0
-  
-  After:
-  
-  curl 7.80.0 (i386-pc-win32) libcurl/7.80.0 OpenSSL/3.0.1 zlib/1.2.11
-  WinIDN libssh2/1.9.0
-  
-  Reported-by: lllaffer@users.noreply.github.com
-  
-  Fixes https://github.com/curl/curl/issues/8154
-  Closes https://github.com/curl/curl/pull/8155
-
-Daniel Stenberg (16 Dec 2021)
-- [James Fuller brought this change]
-
-  docs: add known bugs list to HTTP3.md
-  
-  Closes #8156
-
-Dan Fandrich (15 Dec 2021)
-- BINDINGS: add one from Everything curl and update a link
-
-- libcurl-security.3: mention address and URL mitigations
-  
-  The new CURLOPT_PREREQFUNCTION callback is another way to sanitize
-  addresses.
-  Using the curl_url API is a way to mitigate against attacks relying on
-  URL parsing differences.
-
-Daniel Stenberg (15 Dec 2021)
-- RELEASE-NOTES: synced
-
-- x509asn1: return early on errors
-  
-  Overhaul to make sure functions that detect errors bail out early with
-  error rather than trying to continue and risk hiding the problem.
-  
-  Closes #8147
-
-- [Patrick Monnerat brought this change]
-
-  openldap: several minor improvements
-  
-  - Early check proper LDAP URL syntax. Reject URLs with a userinfo part.
-  - Use dynamic memory for ldap_init_fd() URL rather than a
-    stack-allocated buffer.
-  - Never chase referrals: supporting it would require additional parallel
-    connections and alternate authentication credentials.
-  - Do not wait 1 microsecond while polling/reading query response data.
-  - Store last received server code for retrieval with CURLINFO_RESPONSE_CODE.
-  
-  Closes #8140
-
-- [Michał Antoniak brought this change]
-
-  misc: remove unused doh flags when CURL_DISABLE_DOH is defined
-  
-  Closes #8148
-
-- mbedtls: fix CURLOPT_SSLCERT_BLOB
-  
-  The memory passed to mbedTLS for this needs to be null terminated.
-  
-  Reported-by: Florian Van Heghe
-  Closes #8146
-
-- asyn-ares: ares_getaddrinfo needs no happy eyeballs timer
-  
-  Closes #8142
-
-- mailmap: add Yongkang Huang
-  
-  From #8141
-
-- [Yongkang Huang brought this change]
-
-  check ssl_config when re-use proxy connection
-
-- mbedtls: do a separate malloc for ca_info_blob
-  
-  Since the mbedTLS API requires the data to the null terminated.
-  
-  Follow-up to 456c53730d21b1fad0c7f72c1817
-  
-  Fixes #8139
-  Closes #8145
-
-Marc Hoersken (14 Dec 2021)
-- CI: build examples for additional code verification
-  
-  Some CIs already build them, let's do it on more of them.
-  
-  Reviewed-by: Daniel Stenberg
-  
-  Follow up to #7690 and 77311f420a541a0de5b3014e0e40ff8b4205d4af
-  Replaces #7591
-  Closes #7922
-
-- docs/examples: workaround broken -Wno-pedantic-ms-format
-  
-  Avoid CURL_FORMAT_CURL_OFF_T by using unsigned long instead.
-  Improve size_t to long conversion in imap-append.c example.
-  
-  Ref: https://github.com/curl/curl/issues/6079
-  Ref: https://github.com/curl/curl/pull/6082
-  Assisted-by: Jay Satiro
-  Reviewed-by: Daniel Stenberg
-  
-  Preparation of #7922
-
-- tests/data/test302[12]: fix MSYS2 path conversion of hostpubsha256
-  
-  Ref: https://www.msys2.org/wiki/Porting/#filesystem-namespaces
-  
-  Reviewed-by: Marcel Raad
-  Reviewed-by: Jay Satiro
-  
-  Fixes #8084
-  Closes #8138
-
-Daniel Stenberg (13 Dec 2021)
-- [Patrick Monnerat brought this change]
-
-  openldap: simplify ldif generation code
-  
-  and take care of zero-length values, avoiding conversion to base64
-  and/or trailing spaces.
-  
-  Closes #8136
-
-- example/progressfunc: remove code for old libcurls
-  
-  7.61.0 is over three years old now, remove all #ifdefs for handling
-  ancient libcurl versions so that the example gets easier to read and
-  understand
-  
-  Closes #8137
-
-- [Xiaoke Wang brought this change]
-
-  sha256/md5: return errors when init fails
-  
-  Closes #8133
-
-- TODO: 13.3 Defeat TLS fingerprinting
-  
-  Closes #8119
-
-- RELEASE-NOTES: synced
-
-- [Patrick Monnerat brought this change]
-
-  openldap: process search query response messages one by one
-  
-  Upon receiving large result sets, this reduces memory consumption and
-  allows starting to output results while the transfer is still in
-  progress.
-  
-  Closes #8101
-
-- hash: lazy-alloc the table in Curl_hash_add()
-  
-  This makes Curl_hash_init() infallible which saves error paths.
-  
-  Closes #8132
-
-- multi: cleanup the socket hash when destroying it
-  
-  Since each socket hash entry may themselves have a hash table in them,
-  the destroying of the socket hash needs to make sure all the subhashes
-  are also correctly destroyed to avoid leaking memory.
-  
-  Fixes #8129
-  Closes #8131
-
-- test1156: fixup the stdout check for Windows
-  
-  It is not text mode.
-  
-  Follow-up to 6f73e68d182
-  
-  Closes #8134
-
-- test1528: enable for hyper
-  
-  Closes #8128
-
-- test1527: enable for hyper
-  
-  Closes #8128
-
-- test1526: enable for hyper
-  
-  Closes #8128
-
-- test1525: slightly tweaked for hyper
-  
-  Closes #8128
-
-- test1156: enable for hyper
-  
-  Minor reorg of the lib1156 code and it works fine for hyper.
-  
-  Closes #8127
-
-- test661: enable for hyper
-  
-  Closes #8126
-
-- docs: fix proselint nits
-  
-  - remove a lot of exclamation marks
-  - use consistent spaces (1, not 2)
-  - use better words at some places
-  
-  Closes #8123
-
-- [RekGRpth brought this change]
-
-  BINDINGS.md: add cURL client for PostgreSQL
-  
-  Closes #8125
-
-- [RekGRpth brought this change]
-
-  CURLSHOPT_USERDATA.3: fix copy-paste mistake
-  
-  Closes #8124
-
-- docs: fix minor nroff format nits
-  
-  Repairs test 1140
-  
-  Follow-up to 436cdf82041
-
-- docs/URL-SYNTAX.md: space is not fine in a given URL
-
-- curl_multi_perform/socket_action.3: clarify what errors mean
-  
-  An error returned from one of these funtions mean that ALL still ongoing
-  transfers are to be considered failed.
-  
-  Ref: #8114
-  Closes #8120
-
-- libcurl-errors.3: add CURLM_ABORTED_BY_CALLBACK
-  
-  Follow-up to #8089 (2b3dd01)
-  
-  Closes #8116
-
-- hash: add asserts to help detect bad usage
-  
-  For example trying to add entries after the hash has been "cleaned up"
-  
-  Closes #8115
-
-- lib530: abort on curl_multi errors
-  
-  This makes torture tests run more proper.
-  
-  Also add an assert to trap situations where it would end up with no
-  sockets to wait for.
-  
-  Closes #8121
-
-- FAQ: we never pronounced it "see URL", we say "kurl"
-
-- RELEASE-NOTES: synced
-
-- CURLOPT_RESOLVE.3: minor polish
-  
-  Minor rephrasing for some explanations.
-  
-  Put the format strings in stand-alone lines with .nf/.fi to be easier to spot.
-  
-  Move "added in" to AVAILABILITY
-  
-  Closed #8110
-
-- test1556: adjust for hyper
-  
-  Closes #8105
-
-- test1554: adjust for hyper
-  
-  Closes #8104
-
-- retry-all-errors.d: make the example complete
-  
-  ... as it needs --retry too to work
-
-- TODO: 5.7 Require HTTP version X or higher
-  
-  Closes #7980
-
-- CURLOPT_STDERR.3: does not work with libcurl as a win32 DLL
-  
-  This is the exact same limitation already documented for
-  CURLOPT_WRITEDATA but should be clarified here. It also has a different
-  work-around.
-  
-  Reported-by: Stephane Pellegrino
-  Bug: https://github.com/curl/curl/issues/8102
-  Closes #8103
-
-- multi: handle errors returned from socket/timer callbacks
-  
-  The callbacks were partially documented to support this. Now the
-  behavior is documented and returning error from either of these
-  callbacks will effectively kill all currently ongoing transfers.
-  
-  Added test 530 to verify
-  
-  Reported-by: Marcelo Juchem
-  Fixes #8083
-  Closes #8089
-
-- http2:set_transfer_url() return early on OOM
-  
-  If curl_url() returns NULL this should return early to avoid mistakes -
-  even if right now the subsequent function invokes are all OK.
-  
-  Coverity (wrongly) pointed out this as a NULL deref.
-  
-  Closes #8100
-
-- tool_parsecfg: use correct free() call to free memory
-  
-  Detected by Coverity. CID 1494642.
-  Follow-up from 2be1aa619bca
-  
-  Closes #8099
-
-- tool_operate: fix potential memory-leak
-  
-  A 'CURLU *' would leak if url_proto() is called with no URL.
-  
-  Detected by Coverity. CID 1494643.
-  Follow-up to 18270893abdb19
-  Closes #8098
-
-- [Patrick Monnerat brought this change]
-
-  openldap: implement STARTTLS
-  
-  As this introduces use of CURLOPT_USE_SSL option for LDAP, also check
-  this option in ldap.c as it is not supported by this backend.
-  
-  Closes #8065
-
-- [Jun Tseng brought this change]
-
-  curl_easy_unescape.3: call curl_easy_cleanup in example
-  
-  Closes #8097
-
-- [Jun Tseng brought this change]
-
-  curl_easy_escape.3: call curl_easy_cleanup in example
-  
-  Closes #8097
-
-- tool_listhelp: sync
-  
-  Follow-up to 172068b76f
-
-- [Damien Walsh brought this change]
-
-  request.d: refer to 'method' rather than 'command'
-  
-  Closes #8094
-
-- RELEASE-NOTES: synced
-
-- writeout: fix %{http_version} for HTTP/3
-  
-  Output "3" properly when HTTP/3 was used.
-  
-  Reported-by: Bernat Mut
-  Fixes #8072
-  Closes #8092
-
-- urlapi: accept port number zero
-  
-  This is a regression since 7.62.0 (fb30ac5a2d).
-  
-  Updated test 1560 accordingly
-  
-  Reported-by: Brad Fitzpatrick
-  Fixes #8090
-  Closes #8091
-
-- [Mark Dodgson brought this change]
-
-  lift: ignore is a deprecated config option, use ignoreRules
-  
-  Closes #8082
-
-- [Alessandro Ghedini brought this change]
-
-  HTTP3: update quiche build instructions
-  
-  The repo repo was re-organized a bit, so the build instructions need to
-  be updated.
-  
-  Closes #8076
-
-- CURLMOPT_TIMERFUNCTION.3: call it expire time, not interval
-  
-  Since we say it is a non-repating timer
-
-- [Florian Van Heghe brought this change]
-
-  mbedTLS: include NULL byte in blob data length for CURLOPT_CAINFO_BLOB
-  
-  Fixes #8079
-  Closes #8081
-
-Jay Satiro (2 Dec 2021)
-- [Wyatt O'Day brought this change]
-
-  version_win32: Check build number and platform id
-  
-  Prior to this change the build number was not checked during version
-  comparison, and the platform id was supposed to be checked but wasn't.
-  
-  Checking the build number is required for enabling "evergreen"
-  Windows 10/11 features (like TLS 1.3).
-  
-  Ref: https://github.com/curl/curl/pull/7784
-  
-  Closes https://github.com/curl/curl/pull/7824
-  Closes https://github.com/curl/curl/pull/7867
-
-- libssh2: fix error message for sha256 mismatch
-  
-  - On mismatch error show sha256 fingerprint in base64 format.
-  
-  Prior to this change the fingerprint was mistakenly printed in binary.
-
-Daniel Stenberg (1 Dec 2021)
-- [Xiaoke Wang brought this change]
-
-  openssl: check the return value of BIO_new()
-  
-  Closes #8078
-
-Dan Fandrich (30 Nov 2021)
-- docs: Update the Reducing Size section
-  
-  Add many more options that can reduce the size of the binary that were
-  added since the last update. Update the sample minimal binary size for
-  version 7.80.0.
-
-- tests: Add some missing keywords to tests
-  
-  These are needed to skip some tests when configure options have disabled
-  certain features.
-
-Daniel Stenberg (30 Nov 2021)
-- [Florian Van Heghe brought this change]
-
-  mbedTLS: add support for CURLOPT_CAINFO_BLOB
-  
-  Closes #8071
-
-- [Glenn Strauss brought this change]
-
-  digest: compute user:realm:pass digest w/o userhash
-  
-  https://datatracker.ietf.org/doc/html/rfc7616#section-3.4.4
-    ... the client MUST calculate a hash of the username after
-        any other hash calculation ...
-  
-  Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
-  Closes #8066
-
-- config.d: update documentation to match the path search
-  
-  Assisted-by: Jay Satiro
-
-- tool_findfile: search for a file in the homedir
-  
-  The homedir() function is now renamed into findfile() and iterates over
-  all the environment variables trying to access the file in question
-  until it finds it. Last resort is then getpwuid() if
-  available. Previously it would first try to find a home directory and if
-  that was set, insist on checking only that directory for the file. This
-  now returns the full file name it finds.
-  
-  The Windows specific checks are now done differently too and in this
-  order:
-  
-  1 - %USERPROFILE%
-  2 - %APPDATA%
-  3 - %USERPROFILE%\\Application Data
-  
-  The windows order is modified to match how the Windows 10 ssh tool works
-  when it searches for .ssh/known_hosts.
-  
-  Reported-by: jeffrson on github
-  Co-authored-by: Jay Satiro
-  Fixes #8033
-  Closes #8035
-
-- docs: consistent manpage SYNOPSIS
-  
-  Make all libcurl related options use .nf (no fill) for the SYNOPSIS
-  section - for consistent look. roffit then renders that section using
-  <pre> (monospace font) in html for the website.
-  
-  Extended manpage-syntax (test 1173) with a basic check for it.
-  
-  Closes #8062
-
-- RELEASE-NOTES: synced
-
-- [Patrick Monnerat brought this change]
-
-  openldap: handle connect phase with a state machine
-  
-  Closes #8054
-
-- docs: address proselint nits
-  
-  - avoid exclamation marks
-  - use consistent number of spaces after periods: one
-  - avoid clichés
-  - avoid using 'very'
-  
-  Closes #8060
-
-- [Bruno Baguette brought this change]
-
-  FAQ: typo fix : "yout" ➤ "your"
-  
-  Closes #8059
-
-- [Bruno Baguette brought this change]
-
-  docs/INSTALL.md: typo fix : added missing "get" verb
-  
-  Closes #8058
-
-- insecure.d: detail its use for SFTP and SCP as well
-  
-  Closes #8056
-
-Viktor Szakats (25 Nov 2021)
-- Makefile.m32: rename -winssl option to -schannel and tidy up
-  
-  - accept `-schannel` as an alternative to `CFG` option `-winssl`
-    (latter still accepted, but deprecated)
-  - rename internal variable `WINSSL` to `SCHANNEL`
-  - make the `CFG` option evaluation shorter, without repeating the option
-    name
-  
-  Reviewed-by: Marcel Raad
-  Reviewed-by: Daniel Stenberg
-  Closes #8053
-
-Daniel Stenberg (25 Nov 2021)
-- KNOWN_BUGS: 5.6 make distclean loops forever
-  
-  Reported-by: David Bohman
-  Closes #7716
-
-- KNOWN_BUGS: add one, remove one
-  
-  - 5.10 SMB tests fail with Python 2
-  
-  Just use python 3.
-  
-  + 5.10 curl hangs on SMB upload over stdin
-  
-  Closes #7896
-
-- urlapi: provide more detailed return codes
-  
-  Previously, the return code CURLUE_MALFORMED_INPUT was used for almost
-  30 different URL format violations. This made it hard for users to
-  understand why a particular URL was not acceptable. Since the API cannot
-  point out a specific position within the URL for the problem, this now
-  instead introduces a number of additional and more fine-grained error
-  codes to allow the API to return more exactly in what "part" or section
-  of the URL a problem was detected.
-  
-  Also bug-fixes curl_url_get() with CURLUPART_ZONEID, which previously
-  returned CURLUE_OK even if no zoneid existed.
-  
-  Test cases in 1560 have been adjusted and extended. Tests 1538 and 1559
-  have been updated.
-  
-  Updated libcurl-errors.3 and curl_url_strerror() accordingly.
-  
-  Closes #8049
-
-- urlapi: make Curl_is_absolute_url always use MAX_SCHEME_LEN
-  
-  Instad of having all callers pass in the maximum length, always use
-  it. The passed in length is instead used only as the length of the
-  target buffer for to storing the scheme name in, if used.
-  
-  Added the scheme max length restriction to the curl_url_set.3 man page.
-  
-  Follow-up to 45bcb2eaa78c79
-  
-  Closes #8047
-
-- [Jay Satiro brought this change]
-
-  cmake: warn on use of the now deprecated symbols
-  
-  Follow-up to 9108da2c26d
-  
-  Closes #8052
-
-- [Kevin Burke brought this change]
-
-  tests/CI.md: add more information on CI environments
-  
-  Fixes #8012
-  Closes #8022
-
-- cmake: private identifiers use CURL_ instead of CMAKE_ prefix
-  
-  Since the 'CMAKE_' prefix is reserved for cmake's own private use.
-  Ref: https://cmake.org/cmake/help/latest/manual/cmake-variables.7.html
-  
-  Reported-by: Boris Rasin
-  Fixes #7988
-  Closes #8044
-
-- urlapi: reject short file URLs
-  
-  file URLs that are 6 bytes or shorter are not complete. Return
-  CURLUE_MALFORMED_INPUT for those. Extended test 1560 to verify.
-  
-  Triggered by #8041
-  Closes #8042
-
-- curl: improve error message for --head with -J
-  
-  ... it now focuses on the "output of headers" combined with the
-  --remote-header-name option, as that is actually the problem. Both
-  --head and --include can output headers.
-  
-  Reported-by: nimaje on github
-  Fixes #7987
-  Closes #8045
-
-- RELEASE-NOTES: synced
-
-- [Stefan Eissing brought this change]
-
-  urlapi: cleanup scheme parsing
-  
-  Makea Curl_is_absolute_url() always leave a defined 'buf' and avoids
-  copying on urls that do not start with a scheme.
-  
-  Closes #8043
-
-- tool_operate: only set SSH related libcurl options for SSH URLs
-  
-  For example, this avoids trying to find and set the known_hosts file (or
-  warn for its absence) if SFTP or SCP are not used.
-  
-  Closes #8040
-
-- [Jacob Hoffman-Andrews brought this change]
-
-  rustls: remove comment about checking handshaking
-  
-  The comment is incorrect in two ways:
-   - It says the check needs to be last, but the check is actually first.
-   - is_handshaking actually starts out true.
-  
-  Closes #8038
-
-Marcel Raad (20 Nov 2021)
-- openssl: use non-deprecated API to read key parameters
-  
-  With OpenSSL 3.0, the parameters are read directly from the `EVP_PKEY`
-  using `EVP_PKEY_get_bn_param`.
-  
-  Closes https://github.com/curl/curl/pull/7893
-
-- openssl: reduce code duplication
-  
-  `BN_print`'s `BIGNUM` parameter has been `const` since OpenSSL 0.9.4.
-  
-  Closes https://github.com/curl/curl/pull/7893
-
-- openssl: remove `RSA_METHOD_FLAG_NO_CHECK` handling if unavailable
-  
-  The flag has been deprecated without replacement in OpenSSL 3.0.
-  
-  Closes https://github.com/curl/curl/pull/7893
-
-- openssl: remove usage of deprecated `SSL_get_peer_certificate`
-  
-  The function name was changed to `SSL_get1_peer_certificate` in OpenSSL
-  3.0.
-  
-  Closes https://github.com/curl/curl/pull/7893
-
-Daniel Stenberg (19 Nov 2021)
-- page-footer: fix typo
-  
-  Closes #8036
-
-- http: enable haproxy support for hyper backend
-  
-  This is done by having native code do the haproxy header output before
-  hyper issues its request. The little downside with this approach is that
-  we need the entire Curl_buffer_send() function built, which is otherwise
-  not used for hyper builds.
-  
-  If hyper ends up getting native support for the haproxy protocols we can
-  backpedal on this.
-  
-  Enables test 1455 and 1456
-  
-  Closes #8034
-
-- [Bernhard Walle brought this change]
-
-  configure: fix runtime-lib detection on macOS
-  
-  With a non-standard installation of openssl we get this error:
-  
-      checking run-time libs availability... failed
-      configure: error: one or more libs available at link-time are not available run-time. Libs used at link-time: -lnghttp2 -lssl -lcrypto -lssl -lcrypto -lz
-  
-  There's already code to set LD_LIBRARY_PATH on Linux, so set
-  DYLD_LIBRARY_PATH equivalent on macOS.
-  
-  Closes #8028
-
-- [Don J Olmstead brought this change]
-
-  cmake: don't set _USRDLL on a static Windows build
-  
-  Closes #8030
-
-- page-footer: document more environment variables
-  
-  ... that curl might use.
-  
-  Closes #8027
-
-- netrc.d: edit the .netrc example to look nicer
-  
-  Works nicely thanks to d1828b470f43d
-  
-  Closes #8025
-
-- tftp: mark protocol as not possible to do over CONNECT
-  
-  ... and make connect_init() refusing trying to tunnel protocols marked
-  as not working. Avoids a double-free.
-  
-  Reported-by: Even Rouault
-  Fixes #8018
-  Closes #8020
-
-- docs/cmdline-opts: do not say "protocols: all"
-  
-  Remove the lines saying "protocols: all". It makes the output in the
-  manpage look funny, and the expectation is probably by default that if
-  not anything is mentioned about protocols the option apply to them all.
-  
-  Closes #8021
-
-- curl.1: require "see also" for every documented option
-  
-  gen.pl now generates a warning if the "See Also" field is not filled in for a
-  command line option
-  
-  All command line options now provide one or more related options. 167
-  "See alsos" added!
-  
-  Closes #8019
-
-- insecure.d: expand and clarify
-  
-  Closes #8017
-
-- gen.pl: improve example output format
-  
-  Treat consecutive lines that start with a space to be "examples". They
-  are output enclosed by .nf and .fi
-  
-  Updated form.d to use this new fanciness
-  
-  Closes #8016
-
-- Revert "form-escape.d: double the back-slashes for proper man page output"
-  
-  This reverts commit a2d8eac04a4eb1d5a98cf24b4e5cec5cec565d27.
-  
-  silly me, it was intended to be one backslash!
-
-- form-escape.d: double the back-slashes for proper man page output
-
-- page-footer: add a mention of how to report bugs to the man page
-
-- RELEASE-NOTES: synced
-  
-  and bump to 7.81.0-DEV
-
-- [Patrick Monnerat brought this change]
-
-  mime: use percent-escaping for multipart form field and file names
-  
-  Until now, form field and file names where escaped using the
-  backslash-escaping algorithm defined for multipart mails. This commit
-  replaces this with the percent-escaping method for URLs.
-  
-  As this may introduce incompatibilities with server-side applications, a
-  new libcurl option CURLOPT_MIME_OPTIONS with bitmask
-  CURLMIMEOPT_FORMESCAPE is introduced to revert to legacy use of
-  backslash-escaping. This is controlled by new cli tool option
-  --form-escape.
-  
-  New tests and documentation are provided for this feature.
-  
-  Reported by: Ryan Sleevi
-  Fixes #7789
-  Closes #7805
-
-- [Kevin Burke brought this change]
-
-  zuul.d: update rustls-ffi to version 0.8.2
-  
-  This version fixes errors with ALPN negotiation in rustls, which is
-  necessary for HTTP/2 support. For more information see the rustls-ffi
-  changelog.
-  
-  Closes #8013
-
-- configure: better diagnostics if hyper is built wrong
-  
-  If hyper is indeed present in the specified directory but couldn't be
-  used to find the correct symbol, then offer a different error message to
-  better help the user understand the issue.
-  
-  Suggested-by: Jacob Hoffman-Andrews
-  Fixes #8001
-  Closes #8005
-
-- test1939: require proxy support to run
-  
-  Follow-up to f0b7099a10d1a
-  
-  Closes #8011
-
-- test302[12]: run only with the libssh2 backend
-  
-  ... as the others don't support --hostpubsha256
-  
-  Reported-by: Paul Howarth
-  Fixes #8009
-  Closes #8010
-
-- runtests: make the SSH library a testable feature
-  
-  libssh2, libssh and wolfssh
-
-- [Jacob Hoffman-Andrews brought this change]
-
-  rustls: read of zero bytes might be okay
-  
-  When we're reading out plaintext from rustls' internal buffers, we might
-  get a read of zero bytes (meaning a clean TCP close, including
-  close_notify). However, we shouldn't return immediately when that
-  happens, since we may have already copied out some plaintext bytes.
-  Break out of the loop when we get a read of zero bytes, and figure out
-  which path we're dealing with.
-  
-  Acked-by: Kevin Burke
-  
-  Closes #8003
-
-- [Jacob Hoffman-Andrews brought this change]
-
-  rustls: remove incorrect EOF check
-  
-  The update to rustls-ffi 0.8.0 changed handling of EOF and close_notify.
-  From the CHANGELOG:
-  
-  > Handling of unclean close and the close_notify TLS alert. Mirroring
-  > upstream changes, a rustls_connection now tracks TCP closed state like
-  > so: rustls_connection_read_tls considers a 0-length read from its
-  > callback to mean "TCP stream was closed by peer."  If that happens
-  > before the peer sent close_notify, rustls_connection_read will return
-  > RUSTLS_RESULT_UNEXPECTED_EOF once the available plaintext bytes are
-  > exhausted. This is useful to protect against truncation attacks. Note:
-  > some TLS implementations don't send close_notify. If you are already
-  > getting length information from your protocol (e.g. Content-Length in
-  > HTTP) you may choose to ignore UNEXPECTED_EOF so long as the number of
-  > plaintext bytes was as expected.
-  
-  That means we don't need to check for unclean EOF in `cr_recv()`,
-  because `process_new_packets()` will give us an error if appropriate.
-  
-  Closes #8003
-
-- lib1939: make it endure torture tests
-  
-  Follow-up to f0b7099a10d1a
-  
-  Closes #8007
-
-- azure: make the "w/o HTTP/SMTP/IMAP" build disable SSL proper
-  
-  The configure line would previously depend on a configure mistake using
-  --without-openssl that is fixed and now this configure line needs
-  adjusting to use --without-ssl.
-  
-  Follow-up to b589696f0312d
-  
-  Closes #8006
-
-- [Jacob Hoffman-Andrews brought this change]
-
-  configure: add -lm to configure for rustls build.
-  
-  Note: The list of libraries that rustc tells us we need to include is
-  longer, but also includes some more platform-specific libraries that I
-  am not sure how to effectively incorporate. Adding just -lm seems to
-  solve an immediate problem, so I'm adding just that.
-  
-  Closes #8002
-
-- curl_share_setopt.3: refer to CURLSHOPT_USERDATA(3) properly
-
-- curl_share_setopt.3: split out options into their own manpages
-  
-  CURLSHOPT_LOCKFUNC.3
-  CURLSHOPT_SHARE.3
-  CURLSHOPT_UNLOCKFUNC.3
-  CURLSHOPT_UNSHARE.3
-  CURLSHOPT_USERDATA.3
-  
-  Closes #7998
-
-- http_proxy: make Curl_connect_done() work for proxy disabled builds
-  
-  ... by making it an empty macro then.
-  
-  Follow-up to f0b7099a10d1a
-  Reported-by: Vincent Grande
-  Fixes #7995
-  Closes #7996
-
-- Curl_connect_done: handle being called twice
-  
-  Follow-up to f0b7099a10d1a7c
-  
-  When torture testing 1021, it turns out the Curl_connect_done function
-  might be called twice and that previously then wrongly cleared the HTTP
-  pointer in the second invoke.
-  
-  Closes #7999
-
-- [Stan Hu brought this change]
-
-  configure: don't enable TLS when --without-* flags are used
-  
-  Previously specifying `--without-gnutls` would unexpectedly attempt to
-  compile with GnuTLS, effectively interpreting this as
-  `--with-gnutls`. This caused a significant amount of confusion when
-  `libcurl` was built with SSL disabled since GnuTLS wasn't present.
-  
-  68d89f24 dropped the `--without-*` options from the configure help, but
-  `AC_ARG_WITH` still defines these flags automatically. As
-  https://www.gnu.org/software/autoconf/manual/autoconf-2.60/html_node/External-Software.html
-  describes, the `action-if-given` is called when the user specifies
-  `--with-*` or `--without-*` options.
-  
-  To prevent this confusion, we make the `--without` flag do the right
-  thing by ignoring the value if it set to "no".
-  
-  Closes #7994
-
-- [Rikard Falkeborn brought this change]
-
-  docs/checksrc: Add documentation for STRERROR
-  
-  Closes #7991
-
-- vtls/rustls: adapt to the updated rustls_version proto
-  
-  Closes #7956
-
-- [Kevin Burke brought this change]
-
-  vtls/rustls: handle RUSTLS_RESULT_PLAINTEXT_EMPTY
-  
-  Previously we'd return CURLE_READ_ERROR if we received this, instead
-  of triggering the error handling logic that's present in the next if
-  block down.
-  
-  After this change, curl requests to https://go.googlesource.com using
-  HTTP/2 complete successfully.
-  
-  Fixes #7949
-  Closes #7948
-
-- [Kevin Burke brought this change]
-
-  zuul: update build environment for rustls-ffi 0.8.0
-
-- [Kevin Burke brought this change]
-
-  vtls/rustls: update to compile with rustls-ffi v0.8.0
-  
-  Some method names, as well as the generated library name, were changed
-  in a recent refactoring.
-  
-  Further, change the default configuration instructions to check for
-  Hyper in either "target/debug" or "target/release" - the latter
-  contains an optimized build configuration.
-  
-  Fixes #7947
-  Closes #7948
-
-- RELEASE-NOTES: synced
-  
-  and bump the version to 7.80.1
-
-- multi: shut down CONNECT in Curl_detach_connnection
-  
-  ... to prevent a lingering pointer that would lead to a double-free.
-  
-  Added test 1939 to verify.
-  
-  Reported-by: Stephen M. Coakley
-  Fixes #7982
-  Closes #7986
-
-- curl_easy_cleanup.3: remove from multi handle first
-  
-  Easy handles that are used by the multi interface should be removed from
-  the multi handle before they are cleaned up.
-  
-  Reported-by: Stephen M. Coakley
-  Ref: #7982
-  Closes #7983
-
-- url.c: fix the SIGPIPE comment for Curl_close
-  
-  Closes #7984
-
-Version 7.80.0 (10 Nov 2021)
-
-Daniel Stenberg (10 Nov 2021)
-- RELEASE-NOTES: synced
-  
-  for curl 7.80.0
-
-- THANKS: add contributors from the 7.80.0 cycle
-
-- [Tatsuhiro Tsujikawa brought this change]
-
-  ngtcp2: advertise h3 as well as h3-29
-  
-  Advertise h3 as well as h3-29 since some servers out there require h3
-  for QUIC v1.
-  
-  Closes #7979
-
-- [Tatsuhiro Tsujikawa brought this change]
-
-  ngtcp2: use QUIC v1 consistently
-  
-  Since we switched to v1 quic_transport_parameters codepoint in #7960
-  with quictls, lets use QUIC v1 consistently.
-  
-  Closes #7979
-
-- [Tatsuhiro Tsujikawa brought this change]
-
-  ngtcp2: compile with the latest nghttp3
-  
-  Closes #7978
-
-Marc Hoersken (9 Nov 2021)
-- tests: add Schannel-specific tests and disable unsupported ones
-  
-  Adds Schannel variants of SSLpinning tests that include the option
-  --ssl-revoke-best-effort to ignore certificate revocation check
-  failures which is required due to our custom test CA certificate.
-  
-  Disable the original variants if the Schannel backend is enabled.
-  
-  Also skip all IDN tests which are broken while using an msys shell.
-  
-  This is a step to simplify test exclusions for Windows and MinGW.
-  
-  Reviewed-by: Jay Satiro
-  Reviewed-by: Marcel Raad
-  Reviewed-by: Daniel Stenberg
-  Closes #7968
-
-Daniel Stenberg (8 Nov 2021)
-- docs: NAME fixes in easy option man pages
-  
-  Closes #7975
-
-- [Roger Young brought this change]
-
-  ftp: make the MKD retry to retry once per directory
-  
-  Reported-by: Roger Young
-  Fixes #7967
-  Closes #7976
-
-- tool_operate: reorder code to avoid compiler warning
-  
-  tool_operate.c(889) : warning C4701: potentially uninitialized local
-  variable 'per' use
-  
-  Follow-up to cc71d352651a0d95
-  Reported-by: Marc Hörsken
-  Bug: https://github.com/curl/curl/pull/7922#issuecomment-963042676
-  Closes #7971
-
-- curl_easy_perform.3: add a para about recv and send data
-  
-  Reported-by: Godwin Stewart
-  Fixes #7973
-  Closes #7974
-
-- tool_operate: fclose stream only if fopened
-  
-  Fixes torture test failures
-  Follow-up to cc71d352651
-  
-  Closes #7972
-
-- libcurl-easy.3: language polish
-
-- limit-rate.d: this is average over several seconds
-  
-  Closes #7970
-
-- docs: reduce/avoid English contractions
-  
-  You're => You are
-  Hasn't => Has not
-  Doesn't => Does not
-  Don't => Do not
-  You'll => You will
-  etc
-  
-  Closes #7930
-
-- tool_operate: fix torture leaks with etags
-  
-  Spotted by torture testing 343 344 345 347.
-  
-  Follow-up from cc71d352651a0
-  Pointed-out-by: Dan Fandrich
-  
-  Closes #7969
-
-- [Amaury Denoyelle brought this change]
-
-  ngtcp2: support latest QUIC TLS RFC9001
-  
-  QUIC Transport Parameters Extension has been changed between draft-29
-  and latest RFC9001. Most notably, its identifier has been updated from
-  0xffa5 to 0x0039. The version is selected through the QUIC TLS library
-  via the legacy codepoint.
-  
-  Disable the usage of legacy codepoint in curl to switch to latest
-  RFC9001. This is required to be able to keep up with latest QUIC
-  implementations.
-  
-  Acked-by: Tatsuhiro Tsujikawa
-  Closes #7960
-
-- test1173: make manpage-syntax.pl spot \n errors in examples
-
-- man pages: fix backslash-n in examples
-  
-  ... to be proper backslash-backslash-n sequences to render nicely in man
-  and on website.
-  
-  Follow-up to 24155569d8a
-  Reported-by: Sergey Markelov
-  
-  Fixes https://github.com/curl/curl-www/issues/163
-  Closes #7962
-
-- scripts/release-notes.pl: use out of repo links verbatim in refs
-
-- tool_operate: a failed etag save now only fails that transfer
-  
-  When failing to create the output file for saving an etag, only fail
-  that particular single transfer and allow others to follow.
-  
-  In a serial transfer setup, if no transfer at all is done due to them
-  all being skipped because of this error, curl will output an error
-  message and return exit code 26.
-  
-  Added test 369 and 370 to verify.
-  
-  Reported-by: Earnestly on github
-  Ref: #7942
-  Closes #7945
-
-- [Kevin Burke brought this change]
-
-  .github: retry macos "brew install" command on failure
-  
-  Previously we saw errors attempting to run "brew install", see
-  https://github.com/curl/curl/runs/4095721123?check_suite_focus=true for
-  an example, since this command is idempotent, it is safe to run again.
-  
-  Closes #7955
-
-- CURLOPT_ALTSVC_CTRL.3: mention conn reuse is preferred
-  
-  Ref: https://github.com/curl/curl/discussions/7954
-  
-  Closes #7957
-
-- RELEASE-NOTES: synced
-
-- zuul: pin the quiche build to use an older cmake-rs
-  
-  The latest cmake-rs assumes cmake's --parallel works. That was added in
-  cmake 3.12, but a lot of our CI builds run on Ubuntu Bionic which only
-  has cmake 3.10.
-  
-  Fixes #7927
-  Closes #7952
-
-- [Marc Hoersken brought this change]
-
-  Revert "src/tool_filetime: disable -Wformat on mingw for this file"
-  
-  This reverts commit 7c88fe375b15c44d77bccc9ab733b8069d228e6f.
-  
-  Follow up to #6535 as the pragma is obsolete with warnf
-  
-  Closes #7941
-
-Jay Satiro (2 Nov 2021)
-- schannel: fix memory leak due to failed SSL connection
-  
-  - Call schannel_shutdown if the SSL connection fails.
-  
-  Prior to this change schannel_shutdown (which shuts down the SSL
-  connection as well as memory cleanup) was not called when the SSL
-  connection failed (eg due to failed handshake).
-  
-  Co-authored-by: Gisle Vanem
-  
-  Fixes https://github.com/curl/curl/issues/7877
-  Closes https://github.com/curl/curl/pull/7878
-
-Daniel Stenberg (2 Nov 2021)
-- Curl_updateconninfo: store addresses for QUIC connections too
-  
-  So that CURLINFO_PRIMARY_IP etc work for HTTP/3 like for other HTTP
-  versions.
-  
-  Reported-by: Jerome Mao
-  Fixes #7939
-  Closes #7944
-
-- [Sergio Durigan Junior brought this change]
-
-  curl.1: fix typos in the manpage
-  
-  s/transfering/transferring/
-  s/transfered/transferred/
-  
-  Signed-off-by: Sergio Durigan Junior <sergiodj@sergiodj.net>
-  Closes #7937
-
-Marc Hoersken (1 Nov 2021)
-- tests/smbserver.py: fix compatibility with impacket 0.9.23+
-  
-  impacket now performs sanity checks if the requested and to
-  be served file path actually is inside the real share path.
-  
-  Ref: https://github.com/SecureAuthCorp/impacket/pull/1066
-  
-  Fixes #7924
-  Closes #7935
-
-Daniel Stenberg (1 Nov 2021)
-- docs: reduce use of "very"
-  
-  "Very" should be avoided in most texts. If intensifiers are needed, try
-  find better words instead.
-  
-  Closes #7936
-
-- [Tatsuhiro Tsujikawa brought this change]
-
-  ngtcp2: specify the missing required callback functions
-  
-  Closes #7929
-
-- CURLOPT_[PROXY]_SSL_CIPHER_LIST.3: bold instead of quote
-  
-  Bold the example ciphers instead of using single quotes, which then also
-  avoids the problem of how to use single quotes when first in a line.
-  
-  Also rephrased the pages a little.
-  
-  Reported-by: Sergio Durigan Junior
-  Ref: #7928
-  Closes #7934
-
-- gen.pl: replace leading single quotes with \(aq
-  
-  ... and allow single quotes to be used "normally" in the .d files.
-  
-  Makes the output curl.1 use better nroff.
-  
-  Reported-by: Sergio Durigan Junior
-  Ref: #7928
-  Closes #7933
-
-Marc Hoersken (1 Nov 2021)
-- tests: kill some test servers afterwards to avoid locked logfiles
-  
-  Reviewed-by: Daniel Stenberg
-  Closes #7925
-
-Daniel Stenberg (1 Nov 2021)
-- smooth-gtk-thread.c: enhance the mutex lock use
-  
-  Reported-by: ryancaicse on github
-  Fixes #7926
-  Closes #7931
-
-Marc Hoersken (31 Oct 2021)
-- CI/runtests.pl: restore -u flag, but remove it from CI runs
-  
-  This makes it possible to use -u again for local testing,
-  but removes the flag from CI config files and make targets.
-  
-  Reviewed-by: Daniel Stenberg
-  
-  Partially reverts #7841
-  Closes #7921
-
-Daniel Stenberg (29 Oct 2021)
-- [Jonathan Cardoso Machado brought this change]
-
-  CURLOPT_HSTSWRITEFUNCTION.3: using CURLOPT_HSTS_CTRL is required
-  
-  Closes #7923
-
-- [Axel Morawietz brought this change]
-
-  imap: display quota information
-  
-  Show response to "GETQUOTAROOT INBOX" command.
-  
-  Closes #6973
-
-- RELEASE-NOTES: synced
-
-- [Boris Rasin brought this change]
-
-  cmake: fix error getting LOCATION property on non-imported target
-  
-  Closes #7885
-
-- [Xiaoke Wang brought this change]
-
-  url: check the return value of curl_url()
-  
-  Closes #7917
-
-- [Roy Li brought this change]
-
-  configure.ac: replace krb5-config with pkg-config
-  
-  The rationale is that custom *-config tools don't work well when
-  cross-compiling or using sysroots (such as when using Yocto project) and
-  require custom fixing for each of them; pkg-config on the other hand
-  works similarly everywhere.
-  
-  Signed-off-by: Roy Li <rongqing.li@windriver.com>
-  Signed-off-by: Alexander Kanavin <alex@linutronix.de>
-  
-  Closes #7916
-
-- test1160: edited to work with hyper
-  
-  Closes #7912
-
-- data/DISABLED: enable tests that now work with hyper
-  
-  Closes #7911
-
-- test559: add 'HTTP' in keywords
-  
-  Makes it run fine with hyper
-  
-  Closes #7911
-
-- test552: updated to work with hyper
-  
-  Closes #7911
-
-Marc Hoersken (27 Oct 2021)
-- github: fix incomplete permission to label PRs for Hacktoberfest
-  
-  Unfortunately the GitHub API requires a token with write permission
-  for both issues and pull-requests to edit labels on even just PRs.
-  
-  Follow up to #7897
-
-Daniel Stenberg (27 Oct 2021)
-- opt-manpages: use 'Added in' instead of 'Since'
-  
-  Closes #7913
-
-Marc Hoersken (27 Oct 2021)
-- github: fix missing permission to label PRs for Hacktoberfest
-  
-  Follow up to #7897
-  
-  Test references to see if permissions are now sufficient:
-  
-  Closes #7832
-  Closes #7897
-
-- CI: more use of test-ci make target and verbose output
-  
-  Replace test-nonflaky with test-ci and enable verbose output
-  in all remaining CIs except Zuul which is customized a lot.
-  
-  Reviewed-by: Daniel Stenberg
-  Reviewed-by: Jay Satiro
-  
-  Follow up to #7785
-  Closes #7832
-
-- github: add support for Hacktoberfest using labels
-  
-  Automatically add hacktoberfest-accepted label to PRs opened between
-  September 30th and November 1st once a commit with a close reference
-  to it is pushed onto the master branch.
-  
-  With this workflow we can participate in Hacktoberfest while not
-  relying on GitHub to identify PRs as merged due to our rebasing.
-  
-  Requires hacktoberfest-accepted labels to exist for PRs on the
-  participating repository. Also requires hacktoberfest topic on
-  the participating repository to avoid applying to forked repos.
-  
-  Reviewed-by: Daniel Stenberg
-  
-  Fixes #7865
-  Closes #7897
-
-Daniel Stenberg (27 Oct 2021)
-- http: reject HTTP response codes < 100
-  
-  ... which then also includes negative ones as test 1430 uses.
-  
-  This makes native + hyper backend act identically on this and therefore
-  test 1430 can now be enabled when building with hyper. Adjust test 1431
-  as well.
-  
-  Closes #7909
-
-- [Kerem Kat brought this change]
-
-  docs: fix typo in CURLOPT_TRAILERFUNCTION example
-  
-  Closes #7910
-
-- docs/HYPER: remove some remaining issues, add HTTP/0.9 limitation
-
-- configure: when hyper is selected, deselect nghttp2
-  
-  Closes #7908
-
-- [Patrick Monnerat brought this change]
-
-  sendf: accept zero-length data in Curl_client_write()
-  
-  Historically, Curl_client_write() used a length value of 0 as a marker
-  for a null-terminated data string. This feature has been removed in
-  commit f4b85d2. To detect leftover uses of the feature, a DEBUGASSERT
-  statement rejecting a length with value 0 was introduced, effectively
-  precluding use of this function with zero-length data.
-  
-  The current commit removes the DEBUGASSERT and makes the function to
-  return immediately if length is 0.
-  
-  A direct effect is to fix trying to output a zero-length distinguished
-  name in openldap.
-  
-  Another DEBUGASSERT statement is also rephrased for better readability.
-  
-  Closes #7898
-
-- hyper: disable test 1294 since hyper doesn't allow such crazy headers
-  
-  Closes #7905
-
-- c-hyper: make CURLOPT_SUPPRESS_CONNECT_HEADERS work
-  
-  Verified by the enabled test 1288
-  
-  Closes #7905
-
-- test1287: make work on hyper
-  
-  Closes #7905
-
-- test1266/1267: disabled on hyper: no HTTP/0.9 support
-  
-  Closes #7905
-
-Viktor Szakats (25 Oct 2021)
-- Makefile.m32: fix to not require OpenSSL with -libssh2 or -rtmp options
-  
-  Previously, -libssh2/-rtmp options assumed that OpenSSL is also enabled
-  (and then failed with an error when not finding expected OpenSSL headers),
-  but this isn't necessarly true, e.g. when building both libssh2 and curl
-  against Schannel. This patch makes sure to only enable the OpenSSL backend
-  with -libssh2/-rtmp, when there was no SSL option explicitly selected.
-  
-  - Re-implement the logic as a single block of script.
-  - Also fix an indentation while there.
-  
-  Assisted-by: Jay Satiro
-  
-  Closes #7895
-
-Daniel Stenberg (25 Oct 2021)
-- docs: consistent use of "Added in"
-  
-  Make them all say "Added in [version]" without using 'curl' or 'libcurl'
-  in that phrase.
-
-- man pages: require all to use the same section header order
-  
-  This is the same order we already enforce among the options' man pages:
-  consistency is good. Add lots of previously missing examples.
-  
-  Adjust the manpage-syntax script for this purpose, used in test 1173.
-  
-  Closes #7904
-
-- [David Hu brought this change]
-
-  docs/HTTP3: improve build instructions
-  
-  1. If writing to a system path if the command is not prefixed with
-  `sudo` it will cause a permission denied error
-  
-  2. The patched OpenSSL branch has been updated to `openssl-3.0.0+quic`
-  to match upstream OpenSSL version.
-  
-  3. We should not disable GnuTLS docs.
-  
-  Updated some commands about `make install`
-  
-  Closes #7842
-
-- [Ricardo Martins brought this change]
-
-  CMake: restore support for SecureTransport on iOS
-  
-  Restore support for building curl for iOS with SecureTransport enabled.
-  
-  Closes #7501
-
-- tests: enable more tests with hyper
-  
-  Adjusted 1144, 1164 and 1176.
-  
-  Closes #7900
-
-- docs: provide "RETURN VALUE" section for more func manpages
-  
-  Three were missing, one used a non-standard name for the header.
-  
-  Closes #7902
-
-Jay Satiro (25 Oct 2021)
-- curl_multi_socket_action.3: add a "RETURN VALUE" section
-  
-  .. because it may not be immediately clear to the user what
-  curl_multi_socket_action returns.
-  
-  Ref: https://curl.se/mail/lib-2021-10/0035.html
-  
-  Closes https://github.com/curl/curl/pull/7901
-
-Daniel Stenberg (24 Oct 2021)
-- RELEASE-NOTES: synced
-
-- [Samuel Henrique brought this change]
-
-  tests: use python3 in test 1451
-  
-  This is a continuation of commit ec91b5a69000bea0794bbb3 in which
-  changing this test was missed.  There are no other python2 leftovers
-  now.
-  
-  Based on a Debian patch originally written by Alessandro Ghedini
-  <ghedo@debian.org>
-  
-  Closes #7899
-
-- [Eddie Lumpkin brought this change]
-
-  lib: fixing comment spelling typos in lib files
-  
-  Closes #7894
-  Signed-off-by: ewlumpkin <ewlumpkin@gmail.com>
-
-- openssl: if verifypeer is not requested, skip the CA loading
-  
-  It was previously done mostly to show a match/non-match in the verbose
-  output even when verification was not asked for. This change skips the
-  loading of the CA certs unless verifypeer is set to save memory and CPU.
-  
-  Closes #7892
-
-- curl-confopts.m4:  remove --enable/disable-hidden-symbols
-  
-  These configure options have been saying "deprecated" since 9e24b9c7af
-  (April 2012). It was about time we remove them.
-  
-  Closes #7891
-
-- c-hyper: don't abort CONNECT responses early when auth-in-progress
-  
-  ... and make sure to stop ignoring the body once the CONNECT is done.
-  
-  This should make test 206 work proper again and not be flaky.
-  
-  Closes #7889
-
-- hyper: does not support disabling CURLOPT_HTTP_TRANSFER_DECODING
-  
-  Simply because hyper doesn't have this ability. Mentioned in docs now.
-  
-  Skip test 326 then
-  
-  Closes #7889
-
-- test262: don't attempt with hyper
-  
-  This test verifies that curl works with binary zeroes in HTTP response
-  headers and hyper refuses such. They're not kosher http.
-  
-  Closes #7889
-
-- c-hyper: make test 217 run
-  
-  Closes #7889
-
-- DISABLED: enable test 209+213 for hyper
-  
-  Follow-up to 823d3ab855c
-  
-  Closes #7889
-
-- test207: accept a different error code for hyper
-  
-  It returns HYPERE_UNEXPECTED_EOF for this case which we convert to the
-  somewhat generic CURLE_RECV_ERROR.
-  
-  Closes #7889
-
-- [Érico Nogueira brought this change]
-
-  INSTALL: update symbol hiding option
-  
-  --enable-hidden-symbols was deprecated in
-  9e24b9c7afbcb81120af4cf3f6cdee49a06d8224.
-  
-  Closes #7890
-
-- http_proxy: multiple CONNECT with hyper done better
-  
-  Enabled test 206
-  
-  Closes #7888
-
-- hyper: pass the CONNECT line to the debug callback
-  
-  Closes #7887
-
-- mailmap: Malik Idrees Hasan Khan
-
-Jay Satiro (21 Oct 2021)
-- [Malik Idrees Hasan Khan brought this change]
-
-  build: fix typos
-  
-  Closes https://github.com/curl/curl/pull/7886
-
-- URL-SYNTAX: add IMAP UID SEARCH example
-  
-  - Explain the difference between IMAP search via URL (which returns
-    message sequence numbers) and IMAP search via custom request (which
-    can return UID numbers if prefixed with UID, eg "UID SEARCH ...").
-  
-  Bug: https://github.com/curl/curl/issues/7626
-  Reported-by: orycho@users.noreply.github.com
-  
-  Ref: https://github.com/curl/curl/issues/2789
-  
-  Closes https://github.com/curl/curl/pull/7881
-
-Daniel Stenberg (20 Oct 2021)
-- manpage: adjust the asterisk in some SYNOPSIS sections
-  
-  Closes #7884
-
-- curl_multi_perform.3: polish wording
-  
-   - simplify the example by using curl_multi_poll
-  
-   - mention curl_multi_add_handle in the text
-  
-   - cut out the description of pre-7.20.0 return code behavior - that version
-     is now more than eleven years old and is basically no longer out there
-  
-   - adjust the "typical usage" to mention curl_multi_poll
-  
-  Closes #7883
-
-- docs/THANKS: removed on request
-
-- FAQ: polish the explanation of libcurl
-
-- curl_easy_perform.3: minor wording tweak
-
-- [Erik Stenlund brought this change]
-
-  mime: mention CURL_DISABLE_MIME in comment
-  
-  CURL_DISABLE_MIME is not mentioned in the comment describing the if else
-  preprocessor directive.
-  
-  Closes #7882
-
-- tls: remove newline from three infof() calls
-  
-  Follow-up to e7416cf
-  
-  Reported-by: billionai on github
-  Fixes #7879
-  Closes #7880
-
-- RELEASE-NOTES: synced
-
-- curl_gssapi: fix build warnings by removing const
-  
-  Follow-up to 20e980f85b0ea6
-  
-  In #7875 these inits were modified but I get two warnings that these new
-  typecasts are necessary for.
-  
-  Closes #7876
-
-- [Bo Anderson brought this change]
-
-  curl_gssapi: fix link error on macOS Monterey
-  
-  Fixes #7657
-  Closes #7875
-
-- test1185: verify checksrc
-  
-  Closes #7866
-
-- checksrc: improve the SPACESEMICOLON error message
-  
-  and adjust the MULTISPACE one to use plural
-  
-  Closes #7866
-
-- url: set "k->size" -1 at start of request
-  
-  The size of the transfer is unknown at that point.
-  
-  Fixes #7871
-  Closes #7872
-
-Daniel Gustafsson (18 Oct 2021)
-- doh: remove experimental code for DoH with GET
-  
-  The code for sending DoH requests with GET was never enabled in a way
-  such that it could be used or tested. As there haven't been requests
-  for this feature, and since it at this is effectively dead, remove it
-  and favor reimplementing the feature in case anyone is interested.
-  
-  Closes #7870
-  Reviewed-by: Daniel Stenberg <daniel@haxx.se>
-
-Daniel Stenberg (18 Oct 2021)
-- cirrus: remove FreeBSD 11.4 from the matrix
-  
-  It has reached End-Of-Life and causes some LDAP CI issues.
-  
-  Closes #7869
-
-- cirrus: switch to openldap24-client
-  
-  ... as it seems openldap-client doesn't exist anymore.
-  
-  Reported-by: Jay Satiro
-  Fixes #7868
-  Closes #7869
-
-- checksrc: ignore preprocessor lines
-  
-  In order to check the actual code better, checksrc now ignores
-  everything that look like preprocessor instructions. It also means
-  that code in macros are now longer checked.
-  
-  Note that some rules then still don't need to be followed when code is
-  exactly below a cpp instruction.
-  
-  Removes two checksrc exceptions we needed previously because of
-  preprocessor lines being checked.
-  
-  Reported-by: Marcel Raad
-  Fixes #7863
-  Closes #7864
-
-- urlapi: skip a strlen(), pass in zero
-  
-  ... to let curl_easy_escape() itself do the strlen. This avoids a (false
-  positive) Coverity warning and it avoids us having to store the strlen()
-  return value in an int variable.
-  
-  Reviewed-by: Daniel Gustafsson
-  Closes #7862
-
-- misc: update copyright years
-
-- examples/htmltidy: correct wrong printf() use
-  
-  ... and update the includes to match how current htmltidy wants them
-  used.
-  
-  Reported-by: Stathis Kapnidis
-  Fixes #7860
-  Closes #7861
-
-Jay Satiro (15 Oct 2021)
-- http: set content length earlier
-  
-  - Make content length (ie download size) accessible to the user in the
-    header callback, but only after all headers have been processed (ie
-    only in the final call to the header callback).
-  
-  Background:
-  
-  For a long time the content length could be retrieved in the header
-  callback via CURLINFO_CONTENT_LENGTH_DOWNLOAD_T as soon as it was parsed
-  by curl.
-  
-  Changes were made in 8a16e54 (precedes 7.79.0) to ignore content length
-  if any transfer encoding is used. A side effect of that was that
-  content length was not set by libcurl until after the header callback
-  was called the final time, because until all headers are processed it
-  cannot be determined if content length is valid.
-  
-  This change keeps the same intention --all headers must be processed--
-  but now the content length is available before the final call to the
-  header function that indicates all headers have been processed (ie
-  a blank header).
-  
-  Bug: https://github.com/curl/curl/commit/8a16e54#r57374914
-  Reported-by: sergio-nsk@users.noreply.github.com
-  
-  Co-authored-by: Daniel Stenberg
-  
-  Fixes https://github.com/curl/curl/issues/7804
-  Closes https://github.com/curl/curl/pull/7803
-
-Daniel Stenberg (15 Oct 2021)
-- [Abhinav Singh brought this change]
-
-  aws-sigv4: make signature work when post data is binary
-  
-  User sets the post fields size for binary data.  Hence, we should not be
-  using strlen on it.
-  
-  Added test 1937 and 1938 to verify.
-  
-  Closes #7844
-
-- [a1346054 brought this change]
-
-  MacOSX-Framework: remove redundant ';'
-  
-  Closes #7859
-
-- RELEASE-NOTES: synced
-
-- openssl: with OpenSSL 1.1.0+ a failed RAND_status means goaway
-  
-  One reason we know it can fail is if a provider is used that doesn't do
-  a proper job or is wrongly configured.
-  
-  Reported-by: Michael Baentsch
-  Fixes #7840
-  Closes #7856
-
-Marcel Raad (14 Oct 2021)
-- [Ryan Mast brought this change]
-
-  cmake: add CURL_ENABLE_SSL option and make CMAKE_USE_* SSL backend options depend on it
-  
-  Closes https://github.com/curl/curl/pull/7822
-
-Daniel Stenberg (14 Oct 2021)
-- http: remove assert that breaks hyper
-  
-  Reported-by: Jay Satiro
-  Fixes #7852
-  Closes #7855
-
-- http_proxy: fix one more result assign for hyper
-  
-  and remove the bad assert again, since it was run even with no error!
-  
-  Closes #7854
-
-Jay Satiro (14 Oct 2021)
-- sws: fix memory leak on exit
-  
-  - Free the allocated http request struct on cleanup.
-  
-  Prior to this change if sws was built with leak sanitizer it would
-  report a memory leak error during testing.
-  
-  Closes https://github.com/curl/curl/pull/7849
-
-Daniel Stenberg (14 Oct 2021)
-- c-hyper: make Curl_http propagate errors better
-  
-  Pass on better return codes when errors occur within Curl_http instead
-  of insisting that CURLE_OUT_OF_MEMORY is the only possible one.
-  
-  Pointed-out-by: Jay Satiro
-  Closes #7851
-
-- http_proxy: make hyper CONNECT() return the correct error code
-  
-  For every 'goto error', make sure the result variable holds the error
-  code for what went wrong.
-  
-  Reported-by: Rafał Mikrut
-  Fixes #7825
-  Closes #7846
-
-- docs/Makefile.am: repair 'make html'
-  
-  by removing index.html which isn't around anymore
-  
-  Closes #7853
-
-- [Борис Верховский brought this change]
-
-  curl: correct grammar in generated libcurl code
-  
-  Closes #7802
-
-- tests: disable test 2043
-  
-  It uses revoked.badssl.com which now is expired and therefor this now
-  permafails. We should not use external sites for tests, this test should
-  be converted to use our own infra.
-  
-  Closes #7845
-
-- runtests: split out ignored tests
-  
-  Report ignore tests separately from the actual fails.
-  
-  Don't exit non-zero if test servers couldn't get killed.
-  
-  Assisted-by: Jay Satiro
-  
-  Fixes #7818
-  Closes #7841
-
-- http2: make getsock not wait for write if there's no remote window
-  
-  While uploading, check for remote window availability in the getsock
-  function so that we don't wait for a writable socket if no data can be
-  sent.
-  
-  Reported-by: Steini2000 on github
-  Fixes #7821
-  Closes #7839
-
-- test368: verify dash is appended for "-r [num]"
-  
-  Follow-up to 8758a26f8878
-
-- [Борис Верховский brought this change]
-
-  curl: actually append "-" to --range without number only
-  
-  Closes #7837
-
-- RELEASE-NOTES: synced
-
-- urlapi: URL decode percent-encoded host names
-  
-  The host name is stored decoded and can be encoded when used to extract
-  the full URL. By default when extracting the URL, the host name will not
-  be URL encoded to work as similar as possible as before. When not URL
-  encoding the host name, the '%' character will however still be encoded.
-  
-  Getting the URL with the CURLU_URLENCODE flag set will percent encode
-  the host name part.
-  
-  As a bonus, setting the host name part with curl_url_set() no longer
-  accepts a name that contains space, CR or LF.
-  
-  Test 1560 has been extended to verify percent encodings.
-  
-  Reported-by: Noam Moshe
-  Reported-by: Sharon Brizinov
-  Reported-by: Raul Onitza-Klugman
-  Reported-by: Kirill Efimov
-  Fixes #7830
-  Closes #7834
-
-Marc Hoersken (8 Oct 2021)
-- CI/makefiles: introduce dedicated test target
-  
-  Make it easy to use the same set of test flags
-  throughout all current and future CI builds.
-  
-  Reviewed-by: Jay Satiro
-  
-  Follow up to #7690
-  Closes #7785
-
-Daniel Stenberg (8 Oct 2021)
-- maketgz: redirect updatemanpages.pl output to /dev/null
-
-- CURLOPT_HTTPHEADER.3: add descripion for specific headers
-  
-  Settting Host: or Transfer-Encoding: chunked actually have special
-  meanings to libcurl. This change tries to document them
-  
-  Closes #7829
-
-- c-hyper: use hyper_request_set_uri_parts to make h2 better
-  
-  and make sure to not send Host: over h2.
-  
-  Fixes #7679
-  Reported-by: David Cook
-  Closes #7827
-
-- [Michael Afanasiev brought this change]
-
-  curl-openssl.m4: modify library order for openssl linking
-  
-  lcrypto may depend on lz, and configure corrently fails with when
-  statically linking as the order is "-lz -lcrypto". This commit switches
-  the order to "-lcrypto -lz".
-  
-  Closes #7826
-
-Marcel Raad (7 Oct 2021)
-- sha256: use high-level EVP interface for OpenSSL
-  
-  Available since OpenSSL 0.9.7. The low-level SHA256 interface is
-  deprecated in OpenSSL v3, and its usage was discouraged even before.
-  
-  Closes https://github.com/curl/curl/pull/7808
-
-- curl_ntlm_core: use OpenSSL only if DES is available
-  
-  This selects another SSL backend then if available, or otherwise at
-  least gives a meaningful error message.
-  
-  Closes https://github.com/curl/curl/pull/7808
-
-- md5: fix compilation with OpenSSL 3.0 API
-  
-  Only use OpenSSL's MD5 code if it's available.
-  
-  Also fix wolfSSL build with `NO_MD5`, in which case neither the
-  wolfSSL/OpenSSL implementation nor the fallback implementation was
-  used.
-  
-  Closes https://github.com/curl/curl/pull/7808
-
-Daniel Stenberg (7 Oct 2021)
-- print_category: printf %*s needs an int argument
-  
-  ... not a size_t!
-  
-  Detected by Coverity: CID 1492331.
-  Closes #7823
-
-Jay Satiro (7 Oct 2021)
-- version_win32: use actual version instead of manifested version
-  
-  - Use RtlVerifyVersionInfo instead of VerifyVersionInfo, when possible.
-  
-  Later versions of Windows have normal version functions that compare and
-  return versions based on the way the application is manifested, instead
-  of the actual version of Windows the application is running on. We
-  prefer the actual version of Windows so we'll now call the Rtl variant
-  of version functions (RtlVerifyVersionInfo) which does a proper
-  comparison of the actual version.
-  
-  Reported-by: Wyatt O'Day
-  
-  Ref: https://github.com/curl/curl/pull/7727
-  
-  Fixes https://github.com/curl/curl/issues/7742
-  Closes https://github.com/curl/curl/pull/7810
-
-Daniel Stenberg (6 Oct 2021)
-- RELEASE-NOTES: synced
-
-- http: fix Basic auth with empty name field in URL
-  
-  Add test 367 to verify.
-  
-  Reported-by: Rick Lane
-  Fixes #7819
-  Closes #7820
-
-- [Jeffrey Tolar brought this change]
-
-  CURLOPT_MAXLIFETIME_CONN: maximum allowed lifetime for conn reuse
-  
-  ... and close connections that are too old instead of reusing them.
-  
-  By default, this behavior is disabled.
-  
-  Bug: https://curl.se/mail/lib-2021-09/0058.html
-  Closes #7751
-
-Daniel Gustafsson (6 Oct 2021)
-- docs/examples: add missing binaries to gitignore
-  
-  Commit f65d7889b added getreferrer, and commit ae8e11ed5 multi-legacy,
-  both of which missed adding .gitignore clauses for the built binaries.
-  
-  Closes #7817
-  Reviewed-by: Daniel Stenberg <daniel@haxx.se>
-
-Daniel Stenberg (5 Oct 2021)
-- [Josip Medved brought this change]
-
-  HTTP3: fix the HTTP/3 Explained book link
-  
-  Closes #7813
-
-- [Lucas Holt brought this change]
-
-  misc: fix a few issues on MidnightBSD
-  
-  Closes #7812
-
-Daniel Gustafsson (4 Oct 2021)
-- [8U61ife brought this change]
-
-  tool_main: fix typo in comment
-  
-  Closes: #7811
-  Reviewed-by: Daniel Gustafsson <daniel@yesql.se>
-
-Daniel Stenberg (4 Oct 2021)
-- [Ryan Mast brought this change]
-
-  BINDINGS: URL updates
-  
-  For cpr, BBHTTP, Eiffel, Harbour, Haskell, Mono, and Rust
-  
-  Closes #7809
-
-- scripts/delta: hide a git error message we don't care about
-  
-  fatal: path 'src/tool_listhelp.c' exists on disk, but not in [tag]
-
-- [Patrick Monnerat brought this change]
-
-  sasl: binary messages
-  
-  Capabilities of sasl module are extended to exchange messages in binary
-  as an alternative to base64.
-  
-  If http authentication flags have been set, those are used as sasl
-  default preferred mechanisms.
-  
-  Closes #6930
-
-- [Hayden Roche brought this change]
-
-  wolfssl: use for SHA256, MD4, MD5, and setting DES odd parity
-  
-  Prior to this commit, OpenSSL could be used for all these functions, but
-  not wolfSSL. This commit makes it so wolfSSL will be used if USE_WOLFSSL
-  is defined.
-  
-  Closes #7806
-
-- scripts/delta: count command line options in the new file
-  
-  ... which makes the shown delta number wrong until next release.
-
-- RELEASE-NOTES: synced
-
-- print_category: print help descriptions aligned
-  
-  Adjust the description position to make an aligned column when doing
-  help listings, which is more pleasing to the eye.
-  
-  Suggested-by: Gisle Vanem
-  Closes #7792
-
-- lib/mk-ca-bundle.pl: skip certs passed Not Valid After date
-  
-  With this change applied, the now expired 'DST Root CA X3' cert will no
-  longer be included in the output.
-  
-  Details: https://letsencrypt.org/docs/dst-root-ca-x3-expiration-september-2021/
-  
-  Closes #7801
-
-- tool_listhelp: easier to generate with gen.pl
-  
-  tool_listhelp.c is now a separate file with only the command line --help
-  output, exactly as generated by gen.pl. This makes it easier to generate
-  updates according to what's in the docs/cmdline-opts docs.
-  
-    cd $srcroot/docs/cmdline-opts
-    ./gen.pl listhelp *.d > $srcroot/src/tool_listhelp.c
-  
-  With a configure build, this also works:
-  
-    make -C src listhelp
-  
-  Closes #7787
-
-- [Anthony Hu brought this change]
-
-  wolfssl: allow setting of groups/curves
-  
-  In particular, the quantum safe KEM and hybrid curves if wolfSSL is
-  built to support them.
-  
-  Closes #7728
-
-- [Jan Mazur brought this change]
-
-  connnect: use sysaddr_un fron sys/un.h or custom-defined for windows
-  
-  Closes #7737
-
-Jay Satiro (30 Sep 2021)
-- [Rikard Falkeborn brought this change]
-
-  hostip: Move allocation to clarify there is no memleak
-  
-  By just glancing at the code, it looks like there is a memleak if the
-  call to Curl_inet_pton() fails. Looking closer, it is clear that the
-  call to Curl_inet_pton() can not fail, so the code will never leak
-  memory. However, we can make this obvious by moving the allocation
-  after the if-statement.
-  
-  Closes https://github.com/curl/curl/pull/7796
-
-Daniel Stenberg (30 Sep 2021)
-- gen.pl: make the output date format work better
-  
-  Follow-up to 15910dfd143dd
-  
-  The previous strftime format used didn't work correctly on Windows, so
-  change to %B %d %Y which today looks like "September 29 2021".
-  
-  Reported-by: Gisle Vanem
-  Bug: #7782
-  Closes #7793
-
-- typecheck-gcc.h: add CURLOPT_PREREQDATA awareness
-  
-  Follow-up to a517378de58358a
-  
-  To make test 1912 happy again
-  
-  Closes #7799
-
-Marcel Raad (29 Sep 2021)
-- configure: remove `HAVE_WINSOCK_H` definition
-  
-  It's not used anymore.
-  
-  Closes https://github.com/curl/curl/pull/7795
-
-- CMake: remove `HAVE_WINSOCK_H` definition
-  
-  It's not used anymore.
-  
-  Closes https://github.com/curl/curl/pull/7795
-
-- config: remove `HAVE_WINSOCK_H` definition
-  
-  It's not used anymore.
-  
-  Closes https://github.com/curl/curl/pull/7795
-
-- lib: remove `HAVE_WINSOCK_H` usage
-  
-  WinSock v1 is not supported anymore. Exclusively use `HAVE_WINSOCK2_H`
-  instead.
-  
-  Closes https://github.com/curl/curl/pull/7795
-
-Daniel Stenberg (29 Sep 2021)
-- easyoptions: add the two new PRE* options
-  
-  Follow-up to a517378de58358a
-  
-  Also fix optiontable.pl to do the correct remainder on the entry.
-  
-  Reported-by: Gisle Vanem
-  Bug: https://github.com/curl/curl/commit/a517378de58358a85b7cfe9efecb56051268f629#commitcomment-57224830
-  Closes #7791
-
-- Revert "build: remove checks for WinSock 1"
-  
-  Due to CI issues
-  
-  This reverts commit c2ea04f92b00b6271627cb218647527b5a50f2fc.
-  
-  Closes #7790
-
-Daniel Gustafsson (29 Sep 2021)
-- lib: avoid fallthrough cases in switch statements
-  
-  Commit b5a434f7f0ee4d64857f8592eced5b9007d83620 inhibits the warning
-  on implicit fallthrough cases, since the current coding of indicating
-  fallthrough with comments is falling out of fashion with new compilers.
-  This attempts to make the issue smaller by rewriting fallthroughs to no
-  longer fallthrough, via either breaking the cases or turning switch
-  statements into if statements.
-  
-    lib/content_encoding.c: the fallthrough codepath is simply copied
-      into the case as it's a single line.
-    lib/http_ntlm.c: the fallthrough case skips a state in the state-
-      machine and fast-forwards to NTLMSTATE_LAST. Do this before the
-      switch statement instead to set up the states that we actually
-      want.
-    lib/http_proxy.c: the fallthrough is just falling into exiting the
-      switch statement which can be done easily enough in the case.
-    lib/mime.c: switch statement rewritten as if statement.
-    lib/pop3.c: the fallthrough case skips to the next state in the
-      statemachine, do this explicitly instead.
-    lib/urlapi.c: switch statement rewritten as if statement.
-    lib/vssh/wolfssh.c: the fallthrough cases fast-forwards the state
-      machine, do this by running another iteration of the switch
-      statement instead.
-    lib/vtls/gtls.c: switch statement rewritten as if statement.
-    lib/vtls/nss.c: the fallthrough codepath is simply copied into the
-      case as it's a single line. Also twiddle a comment to not be
-      inside a non-brace if statement.
-  
-  Closes: #7322
-  See-also: #7295
-  Reviewed-by: Daniel Stenberg <daniel@haxx.se>
-
-Marcel Raad (28 Sep 2021)
-- config-win32ce: enable WinSock 2
-  
-  WinSock 2.2 is supported by Windows CE .NET 4.1 (from 2002, out of
-  support since 2013).
-  
-  Ref: https://docs.microsoft.com/en-us/previous-versions/windows/embedded/ms899586(v=msdn.10)
-  
-  Closes https://github.com/curl/curl/pull/7778
-
-- externalsocket: use WinSock 2.2
-  
-  That's the only version we support.
-  
-  Closes https://github.com/curl/curl/pull/7778
-
-- build: remove checks for WinSock 1
-  
-  It's not supported anymore.
-  
-  Closes https://github.com/curl/curl/pull/7778
-
-Daniel Stenberg (28 Sep 2021)
-- scripts/copyright: .muse is .lift now
-  
-  And update 5 files with old copyright year range
-
-- cmdline-opts: made the 'Added:' field mandatory
-  
-  Since "too old" versions are no longer included in the generated man
-  page, this field is now mandatory so that it won't be forgotten and then
-  not included in the documentation.
-  
-  Closes #7786
-
-- curl.1: remove mentions of really old version changes
-  
-  To make the man page more readable, this change removes all references
-  to changes in support/versions etc that happened before 7.30.0 from the
-  curl.1 output file. 7.30.0 was released on Apr 12 2013. This particular
-  limit is a bit arbitrary but was fairly easy to grep for.
-  
-  It is handled like this: the 'Added' keyword is only used in output if
-  it refers to 7.30.0 or later. All occurances of "(Added in $VERSION)" in
-  description will be stripped out if the mentioned $VERSION is from
-  before 7.30.0. It is therefore important that the "Added in..."
-  references are always written exactly like that - and on a single line,
-  not split over two.
-  
-  This change removes about 80 version number references from curl.1, down
-  to 138 from 218.
-  
-  Closes #7786
-
-- RELEASE-NOTES: synced
-
-- tool_cb_prg: make resumed upload progress bar show better
-  
-  This is a regression that was *probably* injected in the larger progress
-  bar overhaul in 2018.
-  
-  Reported-by: beslick5 on github
-  Fixes #7760
-  Closes #7777
-
-- gen.pl: insert the current date and version in generated man page
-  
-  Reported-by: Gisle Vanem
-  Ref: #7780
-  Closes #7782
-
-- NTLM: use DES_set_key_unchecked with OpenSSL
-  
-  ... as the previously used function DES_set_key() will in some cases
-  reject using a key that it deems "weak" which will cause curl to
-  continue using the unitialized buffer content as key instead.
-  
-  Assisted-by: Harry Sintonen
-  Fixes #7779
-  Closes #7781
-
-Marc Hoersken (27 Sep 2021)
-- CI: align make and test flags in various config files
-  
-  1. Use Makefile target to run tests in autotools builds on AppVeyor.
-  2. Disable testing of SCP protocol on native Windows environments.
-  3. Remove redundant parameters -a -p from target test-nonflaky.
-  4. Don't use -vc parameter which is reserved for debugging.
-  
-  Replaces #7591
-  Closes #7690
-
-Daniel Stenberg (27 Sep 2021)
-- mailmap: unify Max!
-
-- [Max Dymond brought this change]
-
-  CURLOPT_PREREQFUNCTION: add new callback
-  
-  Triggered before a request is made but after a connection is set up
-  
-  Changes:
-  
-  - callback: Update docs and callback for pre-request callback
-  - Add documentation for CURLOPT_PREREQDATA and CURLOPT_PREREQFUNCTION,
-  - Add redirect test and callback failure test
-  - Note that the function may be called multiple times on a redirection
-  - Disable new 2086 test due to Windows weirdness
-  
-  Closes #7477
-
-- KNOWN_BUGS: HTTP/2 connections through HTTPS proxy frequently stall
-  
-  Closes #6936
-
-- TODO: make configure use --cache-file more and better
-  
-  Closes #7753
-
-- [Sergey Markelov brought this change]
-
-  urlapi: support UNC paths in file: URLs on Windows
-  
-  - file://host.name/path/file.txt is a valid UNC path
-    \\host.name\path\files.txt to a non-local file transformed into URI
-    (RFC 8089 Appendix E.3)
-  
-  - UNC paths on other OSs must be smb: URLs
-  
-  Closes #7366
-
-- [Gleb Ivanovsky brought this change]
-
-  urlapi: add curl_url_strerror()
-  
-  Add curl_url_strerror() to convert CURLUcode into readable string and
-  facilitate easier troubleshooting in programs using URL API.
-  Extend CURLUcode with CURLU_LAST for iteration in unit tests.
-  Update man pages with a mention of new function.
-  Update example code and tests with new functionality where it fits.
-  
-  Closes #7605
-
-- RELEASE-NOTES: synced
-
-- [Mats Lindestam brought this change]
-
-  libssh2: add SHA256 fingerprint support
-  
-  Added support for SHA256 fingerprint in command line curl and in
-  libcurl.
-  
-  Closes #7646
-
-- libcurl.rc: switch out the copyright symbol for plain ASCII
-  
-  Reported-by: Vitaly Varyvdin
-  Assisted-by: Viktor Szakats
-  Fixes #7765
-  Closes #7776
-
-- [Jun-ya Kato brought this change]
-
-  ngtcp2: fix QUIC transport parameter version
-  
-  fix inappropriate version setting for QUIC transport parameters.
-  this patch keeps curl with ngtcp2 uses QUIC draft version (h3-29).
-  
-  Closes #7771
-
-- examples/imap-append: fix end-of-data check
-  
-  Reported-by: Alexander Chuykov
-  Fixes #7774
-  Closes #7775
-
-Michael Kaufmann (24 Sep 2021)
-- vtls: Fix a memory leak if an SSL session cannot be added to the cache
-  
-  On connection shutdown, a new TLS session ticket may arrive after the
-  SSL session cache has already been destructed. In this case, the new
-  SSL session cannot be added to the SSL session cache.
-  
-  The callers of Curl_ssl_addsessionid() need to know whether the SSL
-  session has been added to the cache. If it has not been added, the
-  reference counter of the SSL session must not be incremented, or memory
-  used by the SSL session must be freed. This is now possible with the new
-  output parameter "added" of Curl_ssl_addsessionid().
-  
-  Fixes #7683
-  Closes #7752
-
-Daniel Stenberg (24 Sep 2021)
-- [Momoka Yamamoto brought this change]
-
-  HTTP3.md: use 'autoreconf -fi' instead of buildconf
-  
-  buildconf is not used since #5853
-  
-  Closes #7746
-
-- GIT-INFO: rephrase to adapt to s/buildconf/autoreconf
-
-- [h1zzz brought this change]
-
-  llist: remove redundant code, branch will not be executed
-  
-  Closes #7770
-
-- [tlahn brought this change]
-
-  HTTP-COOKIES.md: remove duplicate 'each'
-  
-  Closes #7772
-
-Jay Satiro (24 Sep 2021)
-- [Joel Depooter brought this change]
-
-  libssh2: Get the version at runtime if possible
-  
-  Previously this code used a compile time constant, meaning that libcurl
-  always reported the libssh2 version that libcurl was built with. This
-  could differ from the libssh2 version actually being used. The new code
-  uses the CURL_LIBSSH2_VERSION macro, which is defined in ssh.h. The
-  macro calls the libssh2_version function if it is available, otherwise
-  it falls back to the compile time version.
-  
-  Closes https://github.com/curl/curl/pull/7768
-
-- [Joel Depooter brought this change]
-
-  schannel: fix typo
-  
-  Closes https://github.com/curl/curl/pull/7769
-
-Daniel Stenberg (23 Sep 2021)
-- cmake: with OpenSSL, define OPENSSL_SUPPRESS_DEPRECATED
-  
-  To avoid the "... is deprecated" warnings brought by OpenSSL v3.
-  (We need to address the underlying code at some point of course.)
-  
-  Assisted-by: Jakub Zakrzewski
-  Closes #7767
-
-- curl-openssl: pass argument to sed single-quoted
-  
-  ... instead of using an escaped double-quote. This is an attempt to make
-  this work better with ksh that otherwise would insist on a double
-  escape!
-  
-  Reported-by: Randall S. Becker
-  Fixes #7758
-  Closes #7764
-
-- RELEASE-NOTES: synced
-  
-  Bumped curlver to 7.80.0-dev
-
-- [a1346054 brought this change]
-
-  misc: fix typos in docs and comments
-  
-  No user facing output from curl/libcurl is changed by this, just
-  comments.
-  
-  Closes #7747
-
-- [Thomas M. DuBuisson brought this change]
-
-  ci: update Lift config to match requirements of curl build
-  
-  Also renamed Muse -> Lift, the new tool name.
-  
-  Closes #7761
-
-- [Rikard Falkeborn brought this change]
-
-  cleanup: constify unmodified static structs
-  
-  Constify a number of static structs that are never modified. Make them
-  const to show this.
-  
-  Closes #7759
-
-Version 7.79.1 (22 Sep 2021)
-
-Daniel Stenberg (22 Sep 2021)
-- RELEASE-NOTES: synced
-  
-  curl 7.79.1 release
-
-- THANKS: added names from the 7.79.1 release
-
-- test897: verify delivery of IMAP post-body header content
-  
-  The "content" is delivered as "body" by curl, but the envelope continues
-  after the body and the rest of it should be delivered as header.
-  
-  The IMAP server can now get 'POSTFETCH' set to include more data to
-  include after the body and test 897 is done to verify that such "extra"
-  header data is in fact delivered by curl as header.
-  
-  Ref: #7284 but fails to reproduce the issue
-  
-  Closes #7748
-
-- KNOWN_BUGS: connection migration doesn't work
-  
-  Closes #7695
-
-- RELEASE-NOTES: synced
-
-- http: fix the broken >3 digit response code detection
-  
-  When the "reason phrase" in the HTTP status line starts with a digit,
-  that was treated as the forth response code digit and curl would claim
-  the response to be non-compliant.
-  
-  Added test 1466 to verify this case.
-  
-  Regression brought by 5dc594e44f73b17
-  Reported-by: Glenn de boer
-  Fixes #7738
-  Closes #7739
-
-Jay Satiro (17 Sep 2021)
-- strerror: use sys_errlist instead of strerror on Windows
-  
-  - Change Curl_strerror to use sys_errlist[errnum] instead of strerror to
-    retrieve the error message on Windows.
-  
-  Windows' strerror writes to a static buffer and is not thread-safe.
-  
-  Follow-up to 2f0bb86 which removed most instances of strerror in favor
-  of calling Curl_strerror (which calls strerror_r for other platforms).
-  
-  Ref: https://github.com/curl/curl/pull/7685
-  Ref: https://github.com/curl/curl/commit/2f0bb86
-  
-  Closes https://github.com/curl/curl/pull/7735
-
-Daniel Stenberg (16 Sep 2021)
-- dist: provide lib/.checksrc in the tarball
-  
-  So that debug builds work (checksrc really)
-  
-  Reported-by: Marcel Raad
-  Reported-by: tawmoto on github
-  Fixes #7733
-  Closes #7734
-
-- TODO: Improve documentation about fork safety
-  
-  Closes #6968
-
-- hsts: CURLSTS_FAIL from hsts read callback should fail transfer
-  
-  ... and have CURLE_ABORTED_BY_CALLBACK returned.
-  
-  Extended test 1915 to verify.
-  
-  Reported-by: Jonathan Cardoso
-  Fixes #7726
-  Closes #7729
-
-- test1184: disable
-  
-  The test should be fine and it works for me repeated when run manually,
-  but clearly it causes CI failures and it needs more research.
-  
-  Reported-by: RiderALT on github
-  Fixes #7725
-  Closes #7732
-
-- Curl_http2_setup: don't change connection data on repeat invokes
-  
-  Regression from 3cb8a748670ab88c (releasde in 7.79.0). That change moved
-  transfer oriented inits to before the check but also erroneously moved a
-  few connection oriented ones, which causes problems.
-  
-  Reported-by: Evangelos Foutras
-  Fixes #7730
-  Closes #7731
-
-- RELEASE-NOTES: synced
-  
-  and bump to 7.79.1
-
-Kamil Dudka (16 Sep 2021)
-- tests/sshserver.pl: make it work with openssh-8.7p1
-  
-  ... by not using options with no argument where an argument is required:
-  
-  === Start of file tests/log/ssh_server.log
-  curl_sshd_config line 6: no argument after keyword "DenyGroups"
-  curl_sshd_config line 7: no argument after keyword "AllowGroups"
-  curl_sshd_config line 10: Deprecated option AuthorizedKeysFile2
-  curl_sshd_config line 29: Deprecated option KeyRegenerationInterval
-  curl_sshd_config line 39: Deprecated option RhostsRSAAuthentication
-  curl_sshd_config line 40: Deprecated option RSAAuthentication
-  curl_sshd_config line 41: Deprecated option ServerKeyBits
-  curl_sshd_config line 45: Deprecated option UseLogin
-  curl_sshd_config line 56: no argument after keyword "AcceptEnv"
-  curl_sshd_config: terminating, 3 bad configuration options
-  === End of file tests/log/ssh_server.log
-  
-  === Start of file log/sftp_server.log
-  curl_sftp_config line 33: Unsupported option "rhostsrsaauthentication"
-  curl_sftp_config line 34: Unsupported option "rsaauthentication"
-  curl_sftp_config line 52: no argument after keyword "sendenv"
-  curl_sftp_config: terminating, 1 bad configuration options
-  Connection closed.
-  Connection closed
-  === End of file log/sftp_server.log
-  
-  Closes #7724
-
-Daniel Stenberg (15 Sep 2021)
-- hsts: handle unlimited expiry
-  
-  When setting a blank expire string, meaning unlimited, curl would pass
-  TIME_T_MAX to getime_r() when creating the output, while on 64 bit
-  systems such a large value cannot be convetered to a tm struct making
-  curl to exit the loop with an error instead. It can't be converted
-  because the year it would represent doesn't fit in the 'int tm_year'
-  field!
-  
-  Starting now, unlimited expiry is instead handled differently by using a
-  human readable expiry date spelled out as "unlimited" instead of trying
-  to use a distant actual date.
-  
-  Test 1660 and 1915 have been updated to help verify this change.
-  
-  Reported-by: Jonathan Cardoso
-  Fixes #7720
-  Closes #7721
-
-- curl_multi_fdset: make FD_SET() not operate on sockets out of range
-  
-  The VALID_SOCK() macro was made to only check for FD_SETSIZE if curl was
-  built to use select(), even though the curl_multi_fdset() function
-  always and unconditionally uses FD_SET and needs the check.
-  
-  Reported-by: 0xee on github
-  Fixes #7718
-  Closes #7719
-
-- FAQ: add GOPHERS + curl works on data, not files
-
-Version 7.79.0 (14 Sep 2021)
-
-Daniel Stenberg (14 Sep 2021)
-- RELEASE-NOTES: synced
-  
-  For the 7.79.0 release
-
-- THANKS: add contributors from 7.79.0 release cycle
-
-- FAQ: add two dev related questions
-  
-    8.1 Why does curl use C89?
-    8.2 Will curl be rewritten?
-  
-  Spell-checked-by: Paul Johnson
-  Closes #7715
-
-- zuul.d/jobs: disable three tests for *-openssl-disable-proxy
-  
-  ... as they mysteriously seem to permfail without being related to
-  proxy.
-  
-  Closes #7714
-
-- [Patrick Monnerat brought this change]
-
-  ftp,imap,pop3,smtp: reject STARTTLS server response pipelining
-  
-  If a server pipelines future responses within the STARTTLS response, the
-  former are preserved in the pingpong cache across TLS negotiation and
-  used as responses to the encrypted commands.
-  
-  This fix detects pipelined STARTTLS responses and rejects them with an
-  error.
-  
-  CVE-2021-22947
-  
-  Bug: https://curl.se/docs/CVE-2021-22947.html
-
-- [Patrick Monnerat brought this change]
-
-  ftp,imap,pop3: do not ignore --ssl-reqd
-  
-  In imap and pop3, check if TLS is required even when capabilities
-  request has failed.
-  
-  In ftp, ignore preauthentication (230 status of server greeting) if TLS
-  is required.
-  
-  Bug: https://curl.se/docs/CVE-2021-22946.html
-  
-  CVE-2021-22946
-
-- [z2_ on hackerone brought this change]
-
-  mqtt: clear the leftovers pointer when sending succeeds
-  
-  CVE-2021-22945
-  
-  Bug: https://curl.se/docs/CVE-2021-22945.html
-
-- zuul: bump the rustls job to use v0.7.2
-  
-  ... and add -lm when using a rust library.
-  
-  Closes #7701
-
-- RELEASE-PROCEDURE: add release dates from now to 8.0.0 in 2023
-
-- SECURITY-PROCESS: tweak a little to match current practices
-  
-  Closes #7713
-
-- http_proxy: fix the User-Agent inclusion in CONNECT
-  
-  It should not refer to the uagent string that is allocated and created
-  for the end server http request, as that pointer may be cleared on
-  subsequent CONNECT requests.
-  
-  Added test case 1184 to verify.
-  
-  Reported-by: T200proX7 on github
-  Fixes #7705
-  Closes #7707
-
-- Curl_hsts_loadcb: don't attempt to load if hsts wasn't inited
-  
-  Reported-by: Jonathan Cardoso
-  Fixes #7710
-  Closes #7711
-
-- [Tatsuhiro Tsujikawa brought this change]
-
-  ngtcp2: fix build with ngtcp2 and nghttp3
-  
-  ngtcp2_conn_client_new and nghttp3_conn_client_new are now macros.
-  Check the wrapped functions instead.
-  
-  ngtcp2_stream_close callback now takes flags parameter.
-  
-  Closes #7709
-
-- write-out.d: clarify size_download/upload
-  
-  They show the number of "body" bytes transfered.
-  Fixes #7702
-  Closes #7706
-
-- http2: Curl_http2_setup needs to init stream data in all invokes
-  
-  Thus function was written to avoid doing multiple connection data
-  initializations, which is fine, but since it also initiates stream
-  related data it is crucial that it doesn't skip those even if called
-  again for the same connection. Solved by moving the stream
-  initializations before the "doing-it-again" check.
-  
-  Reported-by: Inho Oh
-  Fixes #7630
-  Closes #7692
-
-- url: fix compiler warning in no-verbose builds
-  
-  Follow-up from 2f0bb864c12
-  
-  Closes #7700
-
-- non-ascii: fix build errors from strerror fix
-  
-  Follow-up to 2f0bb864c12
-  
-  Closes #7697
-
-- parse_args: redo the warnings for --remote-header-name combos
-  
-  ... to avoid the memory leak risk pointed out by scan-build.
-  
-  Follow-up from 7a3e981781d6c18a
-  
-  Closes #7698
-
-- ngtcp2: adapt to new size defintions upstream
-  
-  Reviewed-by: Tatsuhiro Tsujikawa
-  Closes #7699
-
-- rustls: add strerror.h include
-  
-  Follow-up to 2f0bb864c12
-
-- docs: the security list is reached at security at curl.se now
-  
-  Also update the FAQ section a bit to encourage users to rather submit
-  security issues on hackerone than sending email.
-  
-  Closes #7689
-
-Marc Hoersken (9 Sep 2021)
-- runtests: add option -u to error on server unexpectedly alive
-  
-  Let's try to actually handle the server unexpectedly alive
-  case by first making them visible on CI builds as failures.
-  
-  This is needed to detect issues with killing of the test
-  servers completely including nested process chains with
-  multiple PIDs per test server (including bash and perl).
-  
-  On Windows/cygwin platforms this is especially helpful with
-  debugging PID mixups due to cygwin using its own PID space.
-  
-  Reviewed-by: Daniel Stenberg
-  Closes #7180
-
-Daniel Stenberg (9 Sep 2021)
-- opts docs: unify phrasing in NAME header
-  
-  - avoid writing "set ..." or "enable/disable ..." or "specify ..."
-    *All* options for curl_easy_setopt() are about setting or enabling
-    things and most of the existing options didn't use that way of
-    description.
-  
-  - start with lowercase letter, unless abbreviation. For consistency.
-  
-  - Some additional touch-ups
-  
-  Closes #7688
-
-- strerror.h: remove the #include from files not using it
-
-- lib: don't use strerror()
-  
-  We have and provide Curl_strerror() internally for a reason: strerror()
-  is not necessarily thread-safe so we should always try to avoid it.
-  
-  Extended checksrc to warn for this, but feature the check disabled by
-  default and only enable it in lib/
-  
-  Closes #7685
-
-Daniel Gustafsson (8 Sep 2021)
-- cirrus: Add FreeBSD 13.0 job and disable sanitizer build
-  
-  As alluded to the in the now removed comment, a 13.0 image became
-  available and is now ready to be used.
-  
-  The sanitizer builds were running on the 12.1 image which since has
-  been removed from the config, leaving the builds not running at all.
-  When enabled it turns out that they don't actually work due to very
-  long timeouts in executing the tests, so keep the disabled for now
-  but a bit more controlled.
-  
-  Closes #7592
-
-Daniel Stenberg (8 Sep 2021)
-- copyrights: update copyright year ranges
-
-- RELEASE-NOTES: synced
-
-- INTERNALS: c-ares has a new home: c-ares.org
-
-- docs: remove experimental mentions from HSTS and MQTT
-  
-  Reported-by: Jonathan Cardoso
-  Bug: https://github.com/curl/curl/pull/6700#issuecomment-913792863
-  Closes #7681
-
-- [Cao ZhenXiang brought this change]
-
-  curl: add warning for incompatible parameters usage
-  
-  --continue-at - and --remote-header-name are known incompatible parameters
-  
-  Closes #7674
-
-- [git-bruh brought this change]
-
-  examples/*hiperfifo.c: fix calloc arguments to match function proto
-  
-  Closes #7678
-
-- INTERNALS: bump c-ares requirement to 1.16.0
-  
-  Since ba904db0705c93 we use ares_getaddrinfo, added in c-ares 1.16.0
-
-- curl: stop retry if Retry-After: is longer than allowed
-  
-  If Retry-After: specifies a period that is longer than what fits within
-  --retry-max-time, then stop retrying immediately.
-  
-  Added test 366 to verify.
-  
-  Reported-by: Kari Pahula
-  Fixes #7675
-  Closes #7676
-
-- [Michał Antoniak brought this change]
-
-  mbedtls: avoid using a large buffer on the stack
-  
-  Use dynamic memory allocation for the buffer used in checking "pinned
-  public key". The PUB_DER_MAX_BYTES parameter with default settings is
-  set to a value greater than 2kB.
-  
-  Co-authored-by: Daniel Stenberg
-  Closes #7586
-
-- configure: make --disable-hsts work
-  
-  The AC_ARG_ENABLE() macro itself uses a variable called
-  'enable_[option]', so when our script also used a variable with that
-  name for the purpose of storing what the user wants, it also
-  accidentally made it impossible to switch off the feature with
-  --disable-hsts. Fix this by renaming our variable.
-  
-  Reported-by: Michał Antoniak
-  Fixes #7669
-  Closes #7672
-
-Jay Satiro (5 Sep 2021)
-- config.d: note that curlrc is used even when --config
-  
-  Bug: https://github.com/curl/curl/pull/7666#issuecomment-912214751
-  Reported-by: Viktor Szakats
-  
-  Closes https://github.com/curl/curl/pull/7667
-
-Daniel Stenberg (4 Sep 2021)
-- RELEASE-NOTES: synced
-
-- test1173: check references to libcurl options
-  
-  ... that they refer to actual existing libcurl options.
-  
-  Reviewed-by: Daniel Gustafsson
-  Closes #7656
-
-- CURLOPT_UNIX_SOCKET_PATH.3: remove nginx reference, add see also
-  
-  Closes #7656
-
-- opt-docs: verify man page sections + order
-  
-  In every libcurl option man page there are now 8 mandatory sections that
-  must use the right name in the correct order and test 1173 verifies
-  this. Only 14 man pages needed adjustments.
-  
-  The sections and the order is as follows:
-  
-   - NAME
-   - SYNOPSIS
-   - DESCRIPTION
-   - PROTOCOLS
-   - EXAMPLE
-   - AVAILABILITY
-   - RETURN VALUE
-   - SEE ALSO
-  
-  Reviewed-by: Daniel Gustafsson
-  Closes #7656
-
-- opt-docs: make sure all man pages have examples
-  
-  Extended manpage-syntax.pl (run by test 1173) to check that every man
-  page for a libcurl option has an EXAMPLE section that is more than two
-  lines. Then fixed all errors it found and added examples.
-  
-  Reviewed-by: Daniel Gustafsson
-  Closes #7656
-
-- get.d: provide more useful examples
-  
-  Closes #7668
-
-- page-header: add GOPHERS, simplify wording in the 1st para
-  
-  Closes #7665
-
-- connect: get local port + ip also when reusing connections
-  
-  Regression. In d6a37c23a3c (7.75.0) we removed the duplicated storage
-  (connection + easy handle), so this info needs be extracted again even
-  for re-used connections.
-  
-  Add test 435 to verify
-  
-  Reported-by: Max Dymond
-  Fixes #7660
-  Closes #7662
-
-Marcel Raad (2 Sep 2021)
-- multi: fix compiler warning with `CURL_DISABLE_WAKEUP`
-  
-  `use_wakeup` is unused in this case.
-  
-  Closes https://github.com/curl/curl/pull/7661
-
-Daniel Stenberg (1 Sep 2021)
-- tests: adjust the tftpd output to work with hyper mode
-  
-  By making them look less like http headers, the hyper mode "tweak"
-  doesn't interfere.
-  
-  Enable test 2002 and 2003 in hyper builds (and 1280 which is unrelated
-  but should be enabled).
-  
-  Closes #7658
-
-Daniel Gustafsson (1 Sep 2021)
-- [Gisle Vanem brought this change]
-
-  openssl: annotate SSL3_MT_SUPPLEMENTAL_DATA
-  
-  This adds support for the previously unhandled supplemental data which
-  in -v output was printed like:
-  
-      TLSv1.2 (IN), TLS header, Unknown (23):
-  
-  These will now be printed with proper annotation:
-  
-      TLSv1.2 (OUT), TLS header, Supplemental data (23):
-  
-  Closes #7652
-  Reviewed-by: Daniel Stenberg <daniel@haxx.se>
-
-Daniel Stenberg (1 Sep 2021)
-- curl.1: provide examples for each option
-  
-  The file format for each option now features a "Example:" header that
-  can provide one or more examples that get rendered appropriately in the
-  output. All options MUST have at least one example or gen.pl complains
-  at build-time.
-  
-  This fix also does a few other minor format and consistency cleanups.
-  
-  Closes #7654
-
-- progress: make trspeed avoid floats
-  
-  and compiler warnings for data conversions.
-  
-  Reported-by: Michał Antoniak
-  Fixes #7645
-  Closes #7653
-
-- test365: verify response with chunked AND Content-Length headers
-
-- http: ignore content-length if any transfer-encoding is used
-  
-  Fixes #7643
-  Closes #7649
-
-- RELEASE-NOTES: synced
-
-- Revert "http2: skip immediate parsing of payload following protocol switch"
-  
-  This reverts commit 455a63c66f188598275e87d32de2c4e8e26b80cb.
-  
-  Reported-by: Tk Xiong
-  Fixes #7633
-  Closes #7648
-
-- KNOWN_BUGS: HTTP/3 doesn't support client certs
-  
-  Closes #7625
-
-- mailing lists: move from cool.haxx.se to lists.haxx.se
-
-- http_proxy: only wait for writable socket while sending request
-  
-  Otherwise it would wait socket writability even after the entire CONNECT
-  request has sent and make curl basically busy-loop while waiting for a
-  response to come back.
-  
-  The previous fix attempt in #7484 (c27a70a591a4) was inadequate.
-  
-  Reported-by: zloi-user on github
-  Reported-by: Oleguer Llopart
-  Fixes #7589
-  Closes #7647
-
-- http: disallow >3-digit response codes
-  
-  Make the built-in HTTP parser behave similar to hyper and reject any
-  HTTP response using more than 3 digits for the response code.
-  
-  Updated test 1432 accordingly.
-  Enabled test 1432 in the hyper builds.
-  
-  Closes #7641
-
-- [Tatsuhiro Tsujikawa brought this change]
-
-  ngtcp2: stop buffering crypto data
-  
-  Stop buffering crypto data because libngtcp2 now buffers submitted
-  crypto data.
-  
-  Closes #7637
-
-- test1280: CRLFify the response to please hyper
-  
-  Closes #7639
-
-- tests: enable test 1129 for hyper builds
-  
-  Closes #7638
-
-- curl: better error message when -O fails to get a good name
-  
-  Due to how this currently works internally, it needs a working initial
-  file name to store contents in, so it may still fail even with -J is
-  used (and thus accepting a name from content-disposition:) if the file
-  name part of the URL isn't "good enough".
-  
-  Fixes #7628
-  Closes #7635
-
-- curl_easy_setopt: tweak the string copy wording
-  
-  Reported-by: Yaobin Wen
-  Fixes #7632
-  Closes #7634
-
-- RELEASE-NOTES: synced
-
-- [Don J Olmstead brought this change]
-
-  cmake: sync CURL_DISABLE options
-  
-  Adds the full listing of CURL_DISABLE options to the CMake build. Moves
-  all option code, except for CURL_DISABLE_OPENSSL_AUTO_LOA_CONFIG which
-  resides near OpenSSL configuration, to the same block of code. Also
-  sorts the options here and in the cmake config header.
-  
-  Additionally sorted the CURL-DISABLE listing and fixed the
-  CURL_DISABLE_POP3 option.
-  
-  Closes #7624
-
-Jay Satiro (25 Aug 2021)
-- KNOWN_BUGS: FTPS upload data loss with TLS 1.3
-  
-  Bug: https://github.com/curl/curl/issues/6149
-  Reported-by: Bylon2@users.noreply.github.com
-  
-  Closes https://github.com/curl/curl/pull/7623
-
-Daniel Stenberg (24 Aug 2021)
-- cmake: avoid poll() on macOS
-  
-  ... like we do in configure builds. Since poll() on macOS is not
-  reliable enough.
-  
-  Reported-by: marc-groundctl
-  Fixes #7595
-  Closes #7619
-
-- c-hyper: handle HTTP/1.1 => HTTP/1.0 downgrade on reused connection
-  
-  Enable test 1074
-  
-  Closes #7617
-
-- c-hyper: deal with Expect: 100-continue combined with POSTFIELDS
-  
-  Enable test 1130 and 1131
-  
-  Closes #7616
-
-- [a1346054 brought this change]
-
-  tests: be explicit about using 'python3' instead of 'python'
-  
-  This fixes running tests in virtualenvs (or on distros) that no longer
-  have a symlink from python to python2 or python3.
-  
-  Closes #7602
-
-- [a1346054 brought this change]
-
-  scripts: invoke interpreters through /usr/bin/env
-  
-  Closes #7602
-
-- DISABLED: enable 11 more tests for hyper builds
-  
-  Closes #7612
-
-- setopt: enable CURLOPT_IGNORE_CONTENT_LENGTH for hyper
-  
-  Since this option is also used for FTP, it needs to work to set for
-  applications even if hyper doesn't support it for HTTP. Verified by test
-  1137.
-  
-  Updated docs to specify that the option doesn't work for HTTP when using
-  the hyper backend.
-  
-  Closes #7614
-
-- test1138: remove trailing space to make work with hyper
-  
-  Closes #7613
-
-- libcurl-errors.3: clarify two CURLUcode errors
-  
-  CURLUE_BAD_HANDLE and CURLUE_BAD_PARTPOINTER should be for "bad" or
-  wrong pointers in a generic sense, not just for NULL pointers.
-  
-  Reviewed-by: Jay Satiro
-  
-  Ref: #7605
-  Closes #7611
-
-Jay Satiro (23 Aug 2021)
-- symbols-in-versions: fix CURLSSLBACKEND_QSOSSL last used version
-  
-  ... and also change the 'Removed' column name to 'Last' since that
-  column is for the last version to contain the symbol.
-  
-  Closes https://github.com/curl/curl/pull/7609
-
-Daniel Stenberg (23 Aug 2021)
-- urlapi.c:seturl: assert URL instead of using if-check
-  
-  There's no code flow possible where this can happen. The assert makes
-  sure it also won't be introduced undetected in the future.
-  
-  Closes #7610
-
-- curl-openssl.m4: show correct output for OpenSSL v3
-  
-  Using 3.0.0 versions configure should now show this:
-  
-  checking for OpenSSL headers version... 3.0.0 - 0x300
-  checking for OpenSSL library version... 3.0.0
-  checking for OpenSSL headers and library versions matching... yes
-  
-  This output doesn't actually change what configure generates but is only
-  "cosmetic".
-  
-  Reported-by: Randall S. Becker
-  Fixes #7606
-  Closes #7608
-
-Jay Satiro (22 Aug 2021)
-- mksymbolsmanpage.pl: Fix showing symbol's last used version
-  
-  Prior to this change the symbol's deprecated version was erroneously
-  shown as its last used version.
-  
-  Bug: https://github.com/curl/curl/commit/4e53b94#commitcomment-55239509
-  Reported-by: i-ky@users.noreply.github.com
-
-Daniel Stenberg (21 Aug 2021)
-- mksymbolsmanpage.pl: match symbols case insenitively
-  
-  Follow-up to 4e53b9430c750 which made this bug show.
-  
-  Reported-by: i-ky
-  Bug: https://github.com/curl/curl/commit/4e53b9430c7504de8984796e2a2091ec16f27136#commitcomment-55239253
-  Closes #7607
-
-- asyn-ares: call ares_freeaddrinfo() to clean up addrinfo results
-  
-  As this leaks memory otherwise
-  
-  Follow-up to ba904db0705c931
-  
-  Closes #7599
-
-- [Ehren Bendler brought this change]
-
-  wolfssl: clean up wolfcrypt error queue
-  
-  If wolfSSL is built in certain ways (OPENSSL_EXTRA or Debug), the error
-  queue gets added on to for each session and never freed. Fix it by
-  calling ERR_clear_error() like in vtls/openssl when needed. This func is
-  a no-op in wolfcrypt if the error queue is not enabled.
-  
-  Closes #7594
-
-- man pages: remove trailing whitespaces
-  
-  Extended test 1173 (via the manpage-syntax.pl script) to detect and warn
-  for them.
-  
-  Ref: #7602
-  Reported-by: a1346054 on github
-  Closes #7604
-
-- mailmap: add Gleb Ivanovsky
-
-- config.d: escape the backslash properly
-  
-  Closes #7603
-
-- [Don J Olmstead brought this change]
-
-  curl_setup.h: sync values for HTTP_ONLY
-  
-  The values for HTTP_ONLY differed between CMakeLists.txt and
-  curl_setup.h. Sync them and sort the values in curl_setup.h to make it
-  easier to spot differences.
-  
-  Closes #7601
-
-Jay Satiro (21 Aug 2021)
-- configure: set classic mingw minimum OS version to XP
-  
-  - If the user has not specified a minimum OS version (via WINVER or
-    _WIN32_WINNT macros) then set it to Windows XP.
-  
-  Prior to this change classic MinGW defaulted the minimum OS version
-  to Windows NT 4.0 which is way too old. At least Windows XP is needed
-  for getaddrinfo (which resolves hostnames to IPv6 addresses).
-  
-  Ref: https://github.com/curl/curl/issues/7483#issuecomment-891597034
-  
-  Closes https://github.com/curl/curl/pull/7581
-
-- schannel: Work around typo in classic mingw macro
-  
-  - Define ALG_CLASS_DHASH (the typo from the include) to ALG_CLASS_HASH.
-  
-  Prior to this change there was an incomplete fix to ignore the
-  CALG_TLS1PRF macro on those versions of MinGW where it uses the
-  ALG_CLASS_DHASH typoed macro.
-  
-  Ref: 48cf45c
-  Ref: https://osdn.net/projects/mingw/ticket/38391
-  Ref: https://github.com/curl/curl/issues/2924
-  
-  Closes https://github.com/curl/curl/pull/7580
-
-Daniel Stenberg (20 Aug 2021)
-- RELEASE-NOTES: synced
-
-- http_proxy: fix user-agent and custom headers for CONNECT with hyper
-  
-  Enable test 287
-  
-  Closes #7598
-
-- c-hyper: initial support for "dumping" 1xx HTTP responses
-  
-  With the use hyper_request_on_informational()
-  
-  Enable test 155 and 158
-  
-  Closes #7597
-
-Marc Hoersken (18 Aug 2021)
-- tests/*server.pl: flush output before executing subprocess
-  
-  Also avoid shell processes staying around by using exec.
-  This is necessary to avoid output data being buffering
-  inside the process chain of Perl, Bash/Shell and our
-  test server binaries. On non-Windows systems the exec
-  will also make the subprocess replace the intermediate
-  shell, but on Windows it will at least bind the processes
-  together since there is no real fork or exec available.
-  
-  See: https://cygwin.com/cygwin-ug-net/highlights.html
-  and: https://docs.microsoft.com/cpp/c-runtime-library/exec-wexec-functions
-  Ref: https://github.com/curl/curl/pull/7530#issuecomment-900949010
-  
-  Reviewed-by: Daniel Stenberg
-  Reviewed-by: Jay Satiro
-  Closes #7530
-
-- CI: use GitHub Container Registry instead of Docker Hub
-  
-  Avoid limits on Docker Hub and improve image pull/download speed.
-  
-  Closes #7587
-
-Daniel Stenberg (18 Aug 2021)
-- openssl: when creating a new context, there cannot be an old one
-  
-  Remove the previous handling that would call SSL_CTX_free(), and instead
-  add an assert that halts a debug build if there ever is a context
-  already set at this point.
-  
-  Closes #7585
-
-Jay Satiro (18 Aug 2021)
-- KNOWN_BUGS: Renegotiate from server may cause hang for OpenSSL backend
-  
-  Closes https://github.com/curl/curl/issues/6785
-
-Viktor Szakats (17 Aug 2021)
-- docs/BINDINGS: URL update
-
-Marc Hoersken (17 Aug 2021)
-- tests/server/*.c: align handling of portfile argument and file
-  
-  1. Call the internal variable portname (like pidname) everywhere.
-  2. Have a variable wroteportfile (like wrotepidfile) everywhere.
-  3. Make sure the file is cleaned up on exit (like pidfile).
-  4. Add parameter --portfile to usage outputs everywhere.
-  
-  Reviewed-by: Daniel Stenberg
-  
-  Replaces #7523
-  Closes #7574
-
-Daniel Gustafsson (17 Aug 2021)
-- KNOWN_BUGS: Fix a number of typos in KNOWN_BUGS
-  
-  Fixes a set of typos found in section 11.3.
-
-Daniel Stenberg (17 Aug 2021)
-- getparameter: fix the --local-port number parser
-  
-  It could previously get tricked into parsing the uninitialized stack
-  based buffer.
-  
-  Reported-by: Brian Carpenter
-  Closes #7582
-
-- KNOWN_BUGS: Can't use Secure Transport with Crypto Token Kit
-  
-  Closes #7048
-
-- [Jan Verbeek brought this change]
-
-  curl: add warning for ignored data after quoted form parameter
-  
-  In an argument like `-F 'x=@/etc/hostname;filename="foo"abc'` the `abc`
-  is ignored. This adds a warning if the ignored data isn't all
-  whitespace.
-  
-  Closes #7394
-
-Jay Satiro (17 Aug 2021)
-- codeql: fix error "Resource not accessible by integration"
-  
-  - Enable codeql writing security-events.
-  
-  GitHub set the default permissions to read, apparently since earlier
-  this year.
-  
-  Ref: https://github.com/github/codeql-action/issues/464
-  Ref: https://github.blog/changelog/2021-04-20-github-actions-control-permissions-for-github_token/
-  
-  Fixes https://github.com/curl/curl/issues/7575
-  Closes https://github.com/curl/curl/pull/7576
-
-- tool_operate: Fix --fail-early with parallel transfers
-  
-  - Abort via progress callback to fail early during parallel transfers.
-  
-  When a critical error occurs during a transfer (eg --fail-early
-  constraint) then other running transfers will be aborted via progress
-  callback and finish with error CURLE_ABORTED_BY_CALLBACK (42). In this
-  case, the callback error does not become the most recent error and a
-  custom error message is used for those transfers:
-  
-  curld --fail --fail-early --parallel
-  https://httpbin.org/status/404 https://httpbin.org/delay/10
-  
-  curl: (22) The requested URL returned error: 404
-  curl: (42) Transfer aborted due to critical error in another transfer
-  
-  > echo %ERRORLEVEL%
-  22
-  
-  Fixes https://github.com/curl/curl/issues/6939
-  Closes https://github.com/curl/curl/pull/6984
-
-Daniel Stenberg (17 Aug 2021)
-- [Sergey Markelov brought this change]
-
-  sectransp: support CURLINFO_CERTINFO
-  
-  Fixes #4130
-  Closes #7372
-
-- ngtcp2: remove the acked_crypto_offset struct field init
-  
-  ... as it is gone from the API upstream.
-  
-  Closes #7578
-
-- misc: update incorrect copyright year ranges
-  
-  Closes #7577
-
-- KNOWN_BUGS: HTTP/3 quiche upload large file fails
-  
-  Closes #7532
-
-- KNOWN_BUGS: CMake build with MIT Kerberos does not work
-  
-  Closes #6904
-
-- TODO: add asynch getaddrinfo support
-  
-  Closes #6746
-
-- RELEASE-NOTES: synced
-
-- [Artur Sinila brought this change]
-
-  http2: revert call the handle-closed function correctly on closed stream
-  
-  Reverts 252790c5335a221
-  
-  Assisted-by: Gergely Nagy
-  Fixes #7400
-  Closes #7525
-
-- [Patrick Monnerat brought this change]
-
-  auth: do not append zero-terminator to authorisation id in kerberos
-  
-  RFC4752 Section 3.1 states "The authorization identity is not terminated
-  with a zero-valued (%x00) octet". Although a comment in code said it may
-  be needed anyway, nothing confirms it. In addition, servers may consider
-  it as part of the identity, causing a failure.
-  
-  Closes #7008
-
-- [Patrick Monnerat brought this change]
-
-  auth: use sasl authzid option in kerberos
-  
-  ... instead of deriving it from active ticket.
-  Closes #7008
-
-- [Patrick Monnerat brought this change]
-
-  auth: we do not support a security layer after kerberos authentication
-  
-  Closes #7008
-
-- [Patrick Monnerat brought this change]
-
-  auth: properly handle byte order in kerberos security message
-  
-  Closes #7008
-
-- [z2_ brought this change]
-
-  x509asn1: fix heap over-read when parsing x509 certificates
-  
-  Assisted-by: Patrick Monnerat
-  Closes #7536
-
-- KNOWN_BUGS: Disconnects don't do verbose
-  
-  Closes #6995
-
-- mailmap: fixup Michał Antoniak
-
-- [Michał Antoniak brought this change]
-
-  build: fix compiler warnings
-  
-  For when CURL_DISABLE_VERBOSE_STRINGS and DEBUGBUILD flags are both
-  active.
-  
-  - socks.c : warning C4100: 'lineno': unreferenced formal parameter
-    (co-authored by Daniel Stenberg)
-  
-  - mbedtls.c: warning C4189: 'port': local variable is initialized but
-    not referenced
-  
-  - schannel.c: warning C4189: 'hostname': local variable is initialized
-    but not referenced
-  
-  Cloes #7528
-
-- [Gleb Ivanovsky brought this change]
-
-  CODE_STYLE-md: fix bold font style
-  
-  Markdown gets confused with abundance of asterisks, so use underscores
-  instead.
-  
-  Reviewed-by: Daniel Gustafsson
-  Closes #7569
-
-- [Gleb Ivanovsky brought this change]
-
-  CODE_STYLE-md: add missing comma
-  
-  Reviewed-by: Daniel Gustafsson
-  Closes #7570
-
-- [Daniel Gustafsson brought this change]
-
-  examples/ephiperfifo.c: simplify signal handler
-  
-  The signal handler registered for SIGINT is only handling SIGINT
-  so there isn't much need for inspecting the signo.  While there,
-  rename the handler to be more specific.
-  
-  g_should_exit should really be of sig_atomic_t type, but relying
-  on autoconf in the examples seems like a bad idea so keep that
-  for now.
-  
-  Reviewed-by: Daniel Stenberg
-  Closes #7310
-
-- c-hyper: initial step for 100-continue support
-  
-  Enabled test 154
-  
-  Closes #7568
-
-- [Ikko Ashimine brought this change]
-
-  vtls: fix typo in schannel_verify.c
-  
-  occurence -> occurrence
-  
-  Closes #7566
-
-- [Emil Engler brought this change]
-
-  curl_url_get.3: clarify about path and query
-  
-  The current man-page lacks some details regarding the obtained path and
-  query.
-  
-  Closes #7563
-
-- c-hyper: fix header value passed to debug callback
-  
-  Closes #7567
-
-Viktor Szakats (12 Aug 2021)
-- cleanup: URL updates
-  
-  - replace broken URL with the one it was most probably pointing to
-    when added (lib/tftp.c)
-  - replace broken URL with archive.org link (lib/curl_ntlm_wb.c)
-  - delete unnecessary protocol designator from archive.org URL
-    (docs/BINDINGS.md)
-  
-  Closes #7562
-
-Daniel Stenberg (12 Aug 2021)
-- [April King brought this change]
-
-  DEPRECATE.md: linkify curl-library mailing list
-  
-  Closes #7561
-
-- [Barry Pollard brought this change]
-
-  output.d: add method to suppress response bodies
-  
-  Closes #7560
-
-- TODO: remove 'c-ares deviates on http://1346569778'
-  
-  Fixed since 56a037cc0ad1b2 (7.77.0)
-
-- [Colin O'Dell brought this change]
-
-  BINDINGS.md: update links to use https where available
-  
-  Closes #7558
-
-- asyn-ares.c: move all version number checks to the top
-  
-  ... and use #ifdef [feature] in the code as per our guidelines.
-
-- ares: use ares_getaddrinfo()
-  
-  ares_getaddrinfo() is the getaddrinfo() cloned provided by c-ares, introduced
-  in version 1.16.0.
-  
-  With older c-ares versions, curl invokes ares_gethostbyname() twice - once for
-  IPv4 and once for IPv6 to resolve both addresses, and then combines the
-  returned results.
-  
-  Reported-by: jjandesmet
-  Fixes #7364
-  Closes #7552
-
-- [Tatsuhiro Tsujikawa brought this change]
-
-  ngtcp2: utilize crypto API functions to simplify
-  
-  Closes #7551
-
-- [megatronking brought this change]
-
-  ngtcp2: reset the oustanding send buffer again when drained
-  
-  Closes #7538
-
-Michael Kaufmann (10 Aug 2021)
-- progress: fix a compile warning on some systems
-  
-  lib/progress.c:380:40: warning: conversion to 'long double' from
-  'curl_off_t {aka long long int}' may alter its value [-Wconversion]
-  
-  Closes #7549
-
-Daniel Stenberg (10 Aug 2021)
-- RELEASE-NOTES: synced
-
-- http: consider cookies over localhost to be secure
-  
-  Updated test31.
-  Added test 392 to verify secure cookies used for http://localhost
-  
-  Reviewed-by: Daniel Gustafsson
-  Fixes #6733
-  Closes #7263
-
-- TODO: erase secrets from heap/stack after use
-  
-  Closes #7268
-
-Jay Satiro (10 Aug 2021)
-- hostip: Make Curl_ipv6works function independent of getaddrinfo
-  
-  - Do not assume IPv6 is not working when getaddrinfo is not present.
-  
-  The check to see if IPv6 actually works is now independent of whether
-  there is any resolver that can potentially resolve a hostname to IPv6.
-  
-  Prior to this change if getaddrinfo() was not found at compile time then
-  Curl_ipv6works() would be defined as a macro that returns FALSE.
-  
-  When getaddrinfo is not found then libcurl is built with CURLRES_IPV4
-  defined instead of CURLRES_IPV6, meaning that it cannot do IPv6 lookups
-  in the traditional way. With this commit if libcurl is built with IPv6
-  support (ENABLE_IPV6) but without getaddrinfo (CURLRES_IPV6), and the
-  IPv6 stack is actually working, then it is possible for libcurl to
-  resolve IPv6 addresses by using DoH.
-  
-  Ref: https://github.com/curl/curl/issues/7483#issuecomment-890765378
-  
-  Closes https://github.com/curl/curl/pull/7529
-
-- test1565: fix windows build errors
-  
-  - Use our wait_ms() instead of sleep() since Windows doesn't have the
-    latter.
-  
-  - Use a separate variable to keep track of whether the pthread_t thread
-    id is valid.
-  
-  On Windows pthread_t is not an integer type. pthread offers no macro for
-  invalid pthread_t thread id, so validity is kept track of separately.
-  
-  Closes https://github.com/curl/curl/pull/7527
-
-- [Jeremy Falcon brought this change]
-
-  winbuild/README.md: clarify GEN_PDB option
-  
-  - Document that GEN_PDB option creates an external database.
-  
-  Ref: https://github.com/curl/curl/issues/7502
-
-Daniel Stenberg (9 Aug 2021)
-- [Tatsuhiro Tsujikawa brought this change]
-
-  ngtcp2: replace deprecated functions with nghttp3_conn_shutdown_stream_read
-  
-  Closes #7546
-
-- [Tatsuhiro Tsujikawa brought this change]
-
-  ngtcp2: rework the return value handling of ngtcp2_conn_writev_stream
-  
-  Rework the return value handling of ngtcp2_conn_writev_stream and treat
-  NGTCP2_ERR_STREAM_SHUT_WR separately.
-  
-  Closes #7546
-
-- configure: error out if both ngtcp2 and quiche are specified
-  
-  Reported-by: Vincent Grande
-  See #7539
-  Closes #7545
-
-- [Jeff Mears brought this change]
-
-  easy: use a custom implementation of wcsdup on Windows
-  
-  ... so that malloc/free overrides from curl_global_init are used for
-  wcsdup correctly.
-  
-  Closes #7540
-
-- zuul: add an mbedtls3 CI job
-  
-  Closes #7544
-
-- [Benau brought this change]
-
-  mbedTLS: initial 3.0.0 support
-  
-  Closes #7428
-
-- RELEASE-NOTES: synced
-
-- configure.ac: revert bad nghttp2 library detection improvements
-  
-  This reverts commit b4b34db65f9f8, 673753344c5f and 29c7cf79e8b.
-  
-  The logic is now back to assuming that the nghttp2 lib is called nghttp2 and
-  nothing else.
-  
-  Reported-by: Rui Pinheiro
-  Reported-by: Alex Crichton
-  Fixes #7514
-  Closes #7515
-
-- happy-eyeballs-timeout-ms.d: polish the wording
-  
-  Reported-by: Josh Soref
-  Fixes #7433
-  Closes #7542
-
-- [modbw brought this change]
-
-  mbedtls_threadlock: fix unused variable warning
-  
-  Closes #7393
-
-- [Tatsuhiro Tsujikawa brought this change]
-
-  ngtcp2: compile with the latest ngtcp2 and nghttp3
-  
-  Closes #7541
-
-Marc Hoersken (31 Jul 2021)
-- CI/cirrus: reduce compile time with increased parallism
-  
-  Cirrus CI VMs have 2 CPUs, let's use them also for Windows builds.
-  
-  Reviewed-by: Daniel Stenberg
-  Closes #7505
-
-Daniel Stenberg (30 Jul 2021)
-- [Bin Lan brought this change]
-
-  tool/tests: fix potential year 2038 issues
-  
-  The length of 'long' in a 32-bit system is 32 bits, which cannot be used
-  to save timestamps after 2038. Most operating systems have extended
-  time_t to 64 bits.
-  
-  Remove the castings to long.
-  
-  Closes #7466
-
-- compressed.d: it's a request, not an order
-  
-  Clarified
-  
-  Reported-by: Dan Jacobson
-  Reviewed-by: Daniel Gustafsson
-  Fixes #7516
-  Closes #7517
-
-- [Bernhard M. Wiedemann brought this change]
-
-  tests: make three tests pass until 2037
-  
-  after 2038 something in test1915 fails on 32-bit OSes
-  
-  Closes #7512
-
-Daniel Gustafsson (30 Jul 2021)
-- connect: remove superfluous conditional
-  
-  Commit dbd16c3e2 cleaned up the logic for traversing the addrinfos,
-  but the move left a conditional on ai which no longer is needed as
-  the while loop reevaluation will cover it.
-  
-  Closes #7511
-  Reviewed-by: Carlo Marcelo Arenas Belón
-  Reviewed-by: Daniel Stenberg <daniel@haxx.se>
-
-Daniel Stenberg (29 Jul 2021)
-- RELEASE-NOTES: synced
-  
-  and bump curlver to 7.79.0 for next release
-
-Marc Hoersken (29 Jul 2021)
-- tests/*server.py: remove pidfile on server termination
-  
-  Avoid pidfile leaking/laying around after server already exited.
-  
-  Reviewed-by: Daniel Stenberg
-  Closes #7506
-
-Daniel Gustafsson (27 Jul 2021)
-- tool_main: fix typo in comment
-  
-  The referred to library is NSPR, so fix the switched around characters.
-
-Daniel Stenberg (28 Jul 2021)
-- [Aleksandr Krotov brought this change]
-
-  bearssl: support CURLOPT_CAINFO_BLOB
-  
-  Closes #7468
-
-- curl.1: mention "global" flags
-  
-  Mention options that are "global". A global command line option is one
-  that doesn't get reset at --next uses and therefore don't need to be
-  used again.
-  
-  Reported-by: Josh Soref
-  
-  Fixes #7457
-  Closes #7510
-
-- CURLOPT_DOH_URL.3: CURLOPT_OPENSOCKETFUNCTION is not inherited
-  
-  Reported-by: Daniel Woelfel
-  Fixes #7441
-  Closes #7509
-
-- KNOWN_BUGS: add more HTTP/3 problems
-  
-  Closes #7351
-  Closes #7339
-  Closes #7125
-
-Marc Hoersken (27 Jul 2021)
-- CI/azure: reduce compile time with increased parallism
-  
-  Azure Pipelines CI VMs have 2 CPUs, let's use them.
-  
-  Closes #7489
-
-Jay Satiro (27 Jul 2021)
-- [Josh Soref brought this change]
-
-  docs: fix grammar
-  
-  Fixes https://github.com/curl/curl/issues/7444
-  Fixes https://github.com/curl/curl/issues/7451
-  Fixes https://github.com/curl/curl/issues/7465
-  Closes https://github.com/curl/curl/pull/7495
-
-- mail-rcpt.d: fix grammar
-  
-  Remove confusing sentence that says to specify an e-mail address for
-  mail transfer, since that's implied.
-  
-  Reported-by: Josh Soref
-  
-  Fixes https://github.com/curl/curl/issues/7452
-  Closes https://github.com/curl/curl/pull/7495
-
-Daniel Stenberg (27 Jul 2021)
-- c-hyper: remove the hyper_executor_poll() loop from Curl_http
-  
-  1. it's superfluous
-  2. it didn't work identically to the Curl_hyper_stream one which could
-     cause problems like #7486
-  
-  Pointed-out-by: David Cook
-  Closes #7499
-
-- curl-openssl.m4: check lib64 for the pkg-config file
-  
-  OpenSSL recently started putting the libs in $prefix/lib64 on 'make
-  install', so we check that directory for pkg-config data if the 'lib'
-  check fails.
-  
-  Closes #7503
-
-- CURLOPT_SSL_CTX_*.3: tidy up the example
-  
-  Use the proper code style. Don't store return codes that aren't read.
-  Copy the same example into CURLOPT_SSL_CTX_FUNCTION.3 as well.
-  
-  Closes #7500
-
-- example/cookie_interface: fix scan-build printf warning
-  
-  Follow-up to 4b79c4fb565
-  
-  Fixes #7497
-  Closes #7498
-
-- [Josh Soref brought this change]
-
-  limit-rate.d: clarify base unit
-  
-  Fixes #7439
-  Closes #7494
-
-- [Carlo Marcelo Arenas Belón brought this change]
-
-  examples/cookie_interface: avoid printfing time_t directly
-  
-  time_t representation is undefined and varies on bitsize and signedness,
-  and as of C11 could be even non integer.
-  
-  instead of casting to unsigned long (which would truncate in systems
-  with a 32bit long after 2106) use difftime to get the elapsed time as a
-  double and print that (without decimals) instead.
-  
-  alternatively a cast to curl_off_t and its corresponding print
-  formatting could have been used (at least in POSIX) but portability and
-  curl agnostic code was prioritized.
-  
-  Closes #7490
-
-Marc Hoersken (25 Jul 2021)
-- tests/servers: remove obsolete pid variable
-  
-  Variable is not used since pidfile handling moved to util.[ch]
-  
-  Reviewed-by: Jay Satiro
-  Closes #7482
-
-- tests/servers: use our platform-aware pid for server verification
-  
-  The pid used for server verification is later stored as pid2 in
-  the hash of running test servers and therefore used for shutdown.
-  
-  The pid used for shutdown must be the platform-aware (Win32) pid
-  to avoid leaking test servers while running them using Cygwin/msys.
-  
-  Reviewed-by: Jay Satiro
-  Closes #7481
-
-- tests/runtests.pl: cleanup copy&paste mistakes and unused code
-  
-  Reviewed-by: Jay Satiro
-  Part of #7481
-
-Daniel Stenberg (25 Jul 2021)
-- RELEASE-NOTES: synced
-  
-  bumped to 7.78.1 for next release
-
-- http_proxy: clear 'sending' when the outgoing request is sent
-  
-  ... so that Curl_connect_getsock() will know how to wait for the socket
-  to become readable and not writable after the entire CONNECT request has
-  been issued.
-  
-  Regression added in 7.77.0
-  
-  Reported-by: zloi-user on github
-  Assisted-by: Jay Satiro
-  Fixes #7155
-  Closes #7484
-
-Jay Satiro (25 Jul 2021)
-- [Josh Soref brought this change]
-
-  openssl: fix grammar
-  
-  Closes https://github.com/curl/curl/pull/7480
-
-- configure.ac: tweak nghttp2 library name fix again
-  
-  - Change extraction to handle multiple library names returned by
-    pkg-config (eg a possible scenario with pkg-config --static).
-  
-  Ref: https://github.com/curl/curl/pull/7472
-  
-  Closes https://github.com/curl/curl/pull/7485
-
-Dan Fandrich (23 Jul 2021)
-- Get rid of the unused HAVE_SIG_ATOMIC_T et. al.
-  
-  It was added in 2006 but I see no evidence it was ever used.
-
-Jay Satiro (23 Jul 2021)
-- docs: change max-filesize caveat again
-  
-  - Add protocols field to max-filesize.d.
-  
-  - Revert wording on unknown file size caveat and do not discuss specific
-    protocols in that section.
-  
-  Partial revert of ecf0225. All max-filesize options now have the list of
-  protocols and it's clearer just to have that list without discussing
-  specific protocols in the caveat.
-  
-  Reported-by: Josh Soref
-  
-  Ref: https://github.com/curl/curl/issues/7453#issuecomment-884128762
-
-Daniel Stenberg (22 Jul 2021)
-- [Christian Weisgerber brought this change]
-
-  configure: tweak nghttp2 library name fix
-  
-  commit 29c7cf79e8b44cf (shipped in 7.78.0) introduced a problem by
-  assuming that LIB_H2 does not have any leading whitespace.  At least
-  OpenBSD's native pkg-config can produce such whitespace, though:
-  
-      $ pkg-config --libs-only-l libnghttp2
-       -lnghttp2
-  
-  As a result, the configure check for libnghttp2 will erroneously fail.
-  
-  Bug: https://curl.se/mail/lib-2021-07/0050.html
-  Closes #7472
-
-- [Bastian Krause brought this change]
-
-  docs/MQTT: update state of username/password support
-  
-  PR #7243 implemented username/password support for MQTT, so let's drop
-  these items from the caveats.
-  
-  Signed-off-by: Bastian Krause <bst@pengutronix.de>
-  
-  Closes #7474
-
-- [Oleg Pudeyev brought this change]
-
-  CURLMOPT_TIMERFUNCTION.3: remove misplaced "time"
-  
-  Closes #7470
-
-Version 7.78.0 (21 Jul 2021)
-
-Daniel Stenberg (21 Jul 2021)
-- RELEASE-NOTES: synced
-  
-  curl 7.78.0 release
-
-- winbuild/MakefileBuild.vc: bump copyright year
-
-Jay Satiro (21 Jul 2021)
-- docs: mention max-filesize options also apply to MQTT transfers
-  
-  Also make it clearer that the caveat 'if the file size is unknown it
-  the option will have no effect' may apply to protocols other than FTP
-  and HTTP.
-  
-  Reported-by: Josh Soref
-  
-  Fixes https://github.com/curl/curl/issues/7453
-
-- [Josh Soref brought this change]
-
-  docs/cmdline: fix grammar and typos
-
-- [Josh Soref brought this change]
-
-  dump-header.d: Drop suggestion to use for cookie storage
-  
-  Since --cookie-jar is the preferred way to store cookies, no longer
-  suggest using --dump-header to do so.
-  
-  Co-authored-by: Daniel Stenberg
-  
-  Closes https://github.com/curl/curl/issues/7414
-
-- [Josh Soref brought this change]
-
-  doc/cmdline: fix grammar and typos
-  
-  Closes https://github.com/curl/curl/pull/7454
-  Closes https://github.com/curl/curl/pull/7455
-  Closes https://github.com/curl/curl/pull/7456
-  Closes https://github.com/curl/curl/pull/7459
-  Closes https://github.com/curl/curl/pull/7460
-  Closes https://github.com/curl/curl/pull/7461
-  Closes https://github.com/curl/curl/pull/7462
-  Closes https://github.com/curl/curl/pull/7463
-
-Daniel Stenberg (20 Jul 2021)
-- vtls: fix connection reuse checks for issuer cert and case sensitivity
-  
-  CVE-2021-22924
-  
-  Reported-by: Harry Sintonen
-  Bug: https://curl.se/docs/CVE-2021-22924.html
-
-- sectransp: check for client certs by name first, then file
-  
-  CVE-2021-22926
-  
-  Bug: https://curl.se/docs/CVE-2021-22926.html
-  
-  Assisted-by: Daniel Gustafsson
-  Reported-by: Harry Sintonen
-
-- telnet: fix option parser to not send uninitialized contents
-  
-  CVS-2021-22925
-  
-  Reported-by: Red Hat Product Security
-  Bug: https://curl.se/docs/CVE-2021-22925.html
-
-Jay Satiro (20 Jul 2021)
-- connect: fix wrong format specifier in connect error string
-  
-  0842175 (not in any release) used the wrong format specifier (long int)
-  for timediff_t. On an OS such as Windows libcurl's timediff_t (usually
-  64-bit) is bigger than long int (32-bit). In 32-bit Windows builds the
-  upper 32-bits of the timediff_t were erroneously then used by the next
-  format specifier. Usually since the timeout isn't larger than 32-bits
-  this would result in null as a pointer to the string with the reason for
-  the connection failing. On other OSes or maybe other compilers it could
-  probably result in garbage values (ie crash on deref).
-  
-  Before:
-  Failed to connect to localhost port 12345 after 1201 ms: (nil)
-  
-  After:
-  Failed to connect to localhost port 12345 after 1203 ms: Connection refused
-  
-  Closes https://github.com/curl/curl/pull/7449
-
-- winbuild: support alternate nghttp2 static lib name
-  
-  - Support both nghttp2.lib and nghttp2_static.lib for static nghttp2.
-  
-  nghttp2 briefly changed its static lib name to nghttp2_static, but then
-  made the _static suffix optional.
-  
-  Ref: https://github.com/nghttp2/nghttp2/pull/1394
-  Ref: https://github.com/nghttp2/nghttp2/pull/1418
-  Ref: https://github.com/nghttp2/nghttp2/issues/1466
-  
-  Reported-by: Pierre Yager
-  
-  Fixes https://github.com/curl/curl/issues/7446
-  Closes https://github.com/curl/curl/pull/7447
-
-- [Josh Soref brought this change]
-
-  docs/cmdline: fix grammar and typos
-  
-  Closes https://github.com/curl/curl/pull/7432
-  Closes https://github.com/curl/curl/pull/7436
-  Closes https://github.com/curl/curl/pull/7438
-  Closes https://github.com/curl/curl/pull/7440
-  Closes https://github.com/curl/curl/pull/7445
-
-- [Josh Soref brought this change]
-
-  delegation.d: mention what happens when used multiple times
-  
-  Closes https://github.com/curl/curl/pull/7408
-
-- [Josh Soref brought this change]
-
-  create-file-mode.d: mention what happens when used multiple times
-  
-  Closes https://github.com/curl/curl/pull/7407
-
-- [Josh Soref brought this change]
-
-  config.d: split comments and option-per line
-  
-  Closes https://github.com/curl/curl/pull/7405
-
-Daniel Stenberg (19 Jul 2021)
-- misc: copyright year range updates
-
-- mailmap: add Tobias and Timur
-
-Daniel Gustafsson (18 Jul 2021)
-- [Josh Soref brought this change]
-
-  docs: spell out directories instead of dirs in create-dirs
-  
-  Write out directories rather than using the dirs abbrevation. Also
-  use plural form consistently, even if the code in the end might just
-  create a single directory.
-  
-  Closes #7406
-  Reviewed-by: Daniel Stenberg <daniel@haxx.se>
-  Reviewed-by: Daniel Gustafsson <daniel@yesql.se>
-
-- [Tobias Nyholm brought this change]
-
-  docs: correct spelling errors and a broken link
-  
-  Update grammar and spelling in docs and source code comments.
-  
-  Closes: #7427
-  Reviewed-by: Daniel Stenberg <daniel@haxx.se>
-
-Marc Hoersken (18 Jul 2021)
-- CI/cirrus: install impacket from PyPI instead of FreeBSD packages
-  
-  Availability of impacket as FreeBSD package is too flaky.
-  
-  Stick to legacy version of cryptography which still
-  supports OpenSSL version 1.0.2 due to FreeBSD 11.
-  
-  Reviewed-by: Daniel Stenberg
-  
-  Closes #7418
-
-Daniel Stenberg (18 Jul 2021)
-- [Josh Soref brought this change]
-
-  docs/cmdline: mention what happens when used multiple times
-  
-  For --dns-ipv4-addr, --dns-ipv6-addr and --dns-servers
-  
-  Closes #7410
-  Closes #7411
-  Closes #7412
-
-- [Michał Antoniak brought this change]
-
-  lib: fix compiler warnings with CURL_DISABLE_NETRC
-  
-  warning C4189: 'netrc_user_changed': local variable is initialized but
-  not referenced
-  
-  warning C4189: 'netrc_passwd_changed': local variable is initialized but
-  not referenced
-  
-  Closes #7423
-
-- disable-epsv.d: remove duplicate "(FTP)"
-  
-  ... since the tooling adds that to the output based on the "Protocols:"
-  tag.
-
-- [Max Zettlmeißl brought this change]
-
-  docs: make the documentation for --etag-save match the program behaviour
-  
-  When using curl with the option `--etag-save` I expected it to save the
-  ETag without its surrounding quotes, as stated by the documentation in
-  the repository and by the generated man pages.
-  
-  My first endeavour was to fix the program, but while investigating the
-  history of the relevant parts, I discovered that curl once saved the
-  ETag without the quotes.  This was undone by Daniel Stenberg in commit
-  `98c94596f5928840177b6bd3c7b0f0dd03a431af`, therefore I decided that in
-  this case the documentation should be adjusted to match the behaviour of
-  curl.
-  
-  The changed save behaviour also made parts of the `--etag-compare`
-  documentation wrong or superfluous, so I adjusted those accordingly.
-  
-  Closes #7429
-
-- [Josh Soref brought this change]
-
-  write-out.d: add missing periods
-  
-  Closes #7404
-
-- [Josie Huddleston brought this change]
-
-  easy: during upkeep, attach Curl_easy to connections in the cache
-  
-  During the protocol-specific parts of connection upkeep, some code
-  assumes that the data->conn pointer already is set correctly.  However,
-  there's currently no guarantee of that in the code.
-  
-  This fix temporarily attaches each connection to the Curl_easy object
-  before performing the protocol-specific connection check on it, in a
-  similar manner to the connection checking in extract_if_dead().
-  
-  Fixes #7386
-  Closes #7387
-  Reported-by: Josie Huddleston
-
-- [Josh Soref brought this change]
-
-  cleanup: spell DoH with a lowercase o
-  
-  Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
-  
-  Closes #7413
-
-- [Josh Soref brought this change]
-
-  TheArtOfHttpScripting: polish
-  
-  - add missing backticks and comma
-  
-  - fix proxy description:
-  
-  * example proxy isn't local
-  * locally doesn't really make sense
-  
-  Closes #7416
-
-- [Josh Soref brought this change]
-
-  form.d: add examples of `,`/`;` for file[name]
-  
-  Fixes #7415
-  Closes #7417
-
-- [Michał Antoniak brought this change]
-
-  mbedtls: Remove unnecessary include
-  
-  - curl_setup.h: all references to mbedtls_md4* functions and structures
-    are in the md4.c. This file already includes the <mbedtls/md4.h> file
-    along with the file existence control (defined (MBEDTLS_MD4_C))
-  
-  - curl_ntlm_core.c: unnecessary include - repeated below
-  
-  Closes #7419
-
-- RELEASE-NOTES: synced
-
-Jay Satiro (16 Jul 2021)
-- [User Sg brought this change]
-
-  multi: fix crash in curl_multi_wait / curl_multi_poll
-  
-  Appears to have been caused by 51c0ebc (precedes 7.77.0) which added a
-  VALID_SOCK check to one of the loops through the sockets but not the
-  other.
-  
-  Reported-by: sylgal@users.noreply.github.com
-  Authored-by: sylgal@users.noreply.github.com
-  
-  Fixes https://github.com/curl/curl/issues/7379
-  Closes https://github.com/curl/curl/pull/7389
-
-- [Daniel Gustafsson brought this change]
-
-  tool_help: remove unused define
-  
-  The PRINT_LINES_PAUSE macro is no longer used, and has been mostly
-  cleaned out but one occurrence remained.
-  
-  Closes https://github.com/curl/curl/pull/7380
-
-- [Sergey Markelov brought this change]
-
-  build: fix compiler warnings when CURL_DISABLE_VERBOSE_STRINGS
-  
-  fix compiler warnings about unused variables and parameters when
-  built with --disable-verbose.
-  
-  Closes https://github.com/curl/curl/pull/7377
-
-- [Andrea Pappacoda brought this change]
-
-  build: fix IoctlSocket FIONBIO check
-  
-  Prior to this change HAVE_IOCTLSOCKET_CAMEL_FIONBIO mistakenly checked
-  for (lowercase) ioctlsocket when it should have checked for IoctlSocket.
-  
-  Closes https://github.com/curl/curl/pull/7375
-
-- [Timur Artikov brought this change]
-
-  configure: fix nghttp2 library name for static builds
-  
-  Don't hardcode the nghttp2 library name,
-  because it can vary, be "nghttp2_static" for example.
-  
-  Fixes https://github.com/curl/curl/issues/7367
-  Closes https://github.com/curl/curl/pull/7368
-
-Gisle Vanem (16 Jul 2021)
-- [PellesC] fix _lseeki64() macro
-
-- [SChannel] Use '_tcsncmp()' instead
-  
-  Revert previous change for PellesC.
-  
-  Instead replace all use of `_tcsnccmp()` with `_tcsncmp()`.
-
-- [PellesC] missing '_tcsnccmp'
-  
-  PellesC compiler does not have this macro in it's `<tchar.h>`
-
-Daniel Gustafsson (14 Jul 2021)
-- TODO: add mention of mbedTLS 3 incompatibilities
-  
-  Wyatt OʼDay reported in #7385 that mbedTLS isn't backwards compatible
-  and curl no longer builds with it. Document the need to fix our support
-  until so has been done.
-  
-  Closes #7390
-  Fixes #7385
-  Reported-by: Wyatt OʼDay
-  Reviewed-by: Jay Satiro <raysatiro@yahoo.com>
-
-- docs: fix inconsistencies in EGDSOCKET documentation
-  
-  Only the OpenSSL backend actually use the EGDSOCKET, and also use
-  TLS consistently rather than mixing SSL and TLS. While there, also
-  fix a minor spelling nit.
-  
-  Closes: #7391
-  Reviewed-by: Jay Satiro <raysatiro@yahoo.com>
-
-- [Борис Верховский brought this change]
-
-  docs: document missing arguments to commands
-  
-  This is a followup to commit f410b9e538129e77607fef1 fixing a few
-  more commands which takes arguments.
-  
-  Closes #7382
-  Reviewed-by: Daniel Gustafsson <daniel@yesql.se>
-
-- [Randolf J brought this change]
-
-  docs: fix incorrect argument name reference
-  
-  The documentation for the read callback was erroneously referencing
-  the nitems argument by nmemb.  The error was introduced in commit
-  ce0881edee3c7.
-  
-  Closes #7383
-  Reviewed-by: Daniel Gustafsson <daniel@yesql.se>
-
-- [Борис Верховский brought this change]
-
-  tool_help: Document that --tlspassword takes a password
-  
-  Closes #7378
-  Reviewed-by: Daniel Stenberg <daniel@haxx.se>
-
-- scripts: Fix typo in release-notes instructions
-  
-  The command to run had a typo in the pathname which prevented copy
-  pasting it to work, which has annoyed me enough to fix this now.
-
-- RELEASE-NOTES: synced
-
-Jay Satiro (10 Jul 2021)
-- write-out.d: Clarify urlnum is not unique for de-globbed URLs
-  
-  Reported-by: Коваленко Анатолий Викторович
-  
-  Fixes https://github.com/curl/curl/issues/7342
-  Closes https://github.com/curl/curl/pull/7369
-
-Daniel Gustafsson (3 Jul 2021)
-- [William Desportes brought this change]
-
-  docs: Fix typos
-  
-  Closes: #7370
-  Reviewed-by: Daniel Gustafsson <daniel@yesql.se>
-
-Daniel Stenberg (8 Jul 2021)
-- [Jonathan Wernberg brought this change]
-
-  Revert "ftp: Expression 'ftpc->wait_data_conn' is always false"
-  
-  The reverted commit introduced a logic error in code that was
-  correct.
-  
-  The client using libcurl would notice the error since FTP file
-  uploads in active transfer mode would somtimes complete with
-  success despite no transfer having been performed and the
-  "uploaded" file thus not being on the remote server afterwards.
-  
-  The FTP server would notice the error because it receives a
-  RST on the data connection it has established with the client
-  before any data was transferred at all.
-  
-  The logic error happens if the STOR response from the server have
-  arrived by the time ftp_multi_statemach() in the affected code path
-  is called, but the incoming data connection have not arrived yet.
-  In that case, the processing of the STOR response will cause
-  'ftpc->wait_data_conn' to be set to TRUE, contradicting the comment
-  in the code. Since 'complete' will also be set, later logic would
-  believe the transfer was done.
-  
-  In most cases, the STOR response will not have arrived yet when
-  the affected code path is executed, or the incoming connection will
-  also have arrived, and thus the error would not express itself.
-  But if the speed difference of the device using libcurl and the
-  FTP server is exactly right, the error may happen as often as in
-  one out of hundred file transfers.
-  
-  This reverts commit 49f3117a238b6eac0e22a32f50699a9eddcb66ab.
-  
-  Bug: https://curl.se/mail/lib-2021-07/0025.html
-  Closes #7362
-
-- msnprintf: return number of printed characters excluding null byte
-  
-  ... even when the output is "capped" by the maximum length argument.
-  
-  Clarified in the docs.
-  
-  Closes #7361
-
-- infof: remove newline from format strings, always append it
-  
-  - the data needs to be "line-based" anyway since it's also passed to the
-    debug callback/application
-  
-  - it makes infof() work like failf() and consistency is good
-  
-  - there's an assert that triggers on newlines in the format string
-  
-  - Also removes a few instances of "..."
-  
-  - Removes the code that would append "..." to the end of the data *iff*
-    it was truncated in infof()
-  
-  Closes #7357
-
-- examples/multi-single: fix scan-build warning
-  
-  warning: Value stored to 'mc' during its initialization is never read
-  
-  Follow-up to ae8e11ed5fd2ce
-  
-  Closes #7360
-
-- wolfssl: failing to set a session id is not reason to error out
-  
-  ... as it is *probably* just timed out.
-  
-  Reported-by: Francisco Munoz
-  
-  Closes #7358
-
-- docs/examples: use curl_multi_poll() in multi examples
-  
-  The API is soon two years old and deserves being shown as the primary
-  way to drive multi code as it makes it much easier to write code.
-  
-  multi-poll: removed
-  
-  multi-legacy: add to show how we did multi API use before
-  curl_multi_wait/poll.
-  
-  Closes #7352
-
-- KNOWN_BUGS: flaky Windows CI builds
-  
-  Closes #6972
-
-- RELEASE-NOTES: synced
-
-- test1147: hyper doesn't allow "crazy" request headers like built-in
-  
-  ... so strip that from the test.
-  
-  Closes #7349
-
-- c-hyper: bail on too long response headers
-  
-  To match with built-in behaviors. Makes test 1154 work.
-  
-  Closes #7350
-
-- test1151: added missing CRLF to work with hyper
-  
-  Closes #7350
-
-- c-hyper: add support for transfer-encoding in the request
-  
-  Closes #7348
-
-- [Andrea Pappacoda brought this change]
-
-  cmake: remove libssh2 feature checks
-  
-  libssh2 features are detected based on version since commit
-  9dbbba997608f7c3c5de1c627c77c8cd2aa85b73
-  
-  Closes #7343
-
-- test1116: hyper doesn't pass through "surprise-trailers"
-  
-  Closes #7344
-
-- socks4: scan for the IPv4 address in resolve results
-  
-  Follow-up to 84d2839740 which changed the resolving to always resolve
-  both address families, but since SOCKS4 only supports IPv4 it should
-  scan for and use the first available IPv4 address.
-  
-  Reported-by: shithappens2016 on github
-  Fixes #7345
-  Closes #7346
-
-Jay Satiro (5 Jul 2021)
-- proto.d: fix formatting for paragraphs after margin changes
-  
-  Closes https://github.com/curl/curl/pull/7341
-
-- pinnedpubkey.d: fix formatting for version support lists
-  
-  Closes https://github.com/curl/curl/pull/7340
-
-Daniel Stenberg (2 Jul 2021)
-- TODO: "Support in-memory certs/ca certs/keys" done
-  
-  Has been suppored for a while now with the *BLOB options.
-
-- examples: safer and more proper read callback logic
-  
-  The same callback code is used in:
-  
-   imap-append.c
-   smtp-authzid.c
-   smtp-mail.c
-   smtp-multi.c
-   smtp-ssl.c
-   smtp-tls.c
-  
-  It should not assume that it can copy full lines into the buffer as it
-  will encourage sloppy coding practices. Instead use byte-wise logic and
-  check/acknowledge the buffer size appropriately.
-  
-  Reported-by: Harry Sintonen
-  Fixes #7330
-  Closes #7331
-
-- test1519: adjusted to work with hyper
-  
-  Closes #7333
-
-- test1518: adjusted to work with hyper
-  
-  ... by making sure the stdout output doesn't look like HTTP headers.
-  
-  Closes #7333
-
-- test1514: add a CRLF to the response to make it correct
-  
-  Makes hyper accept it fine instead returning HYPERE_UNEXPECTED_EOF on
-  us.
-  
-  Closes #7334
-
-- formdata: avoid "Argument cannot be negative" warning
-  
-  ... when converting a curl_off_t to size_t, by using
-  CURL_ZERO_TERMINATED before passing the argument to the function.
-  
-  Detected by Coverity CID 1486590.
-  
-  Closes #7328
-  Assisted-by: Daniel Gustafsson
-
-- lib: more %u for port and int for %*s fixes
-  
-  Detected by Coverity
-  
-  Closes #7329
-
-- doh: (void)-prefix call to curl_easy_setopt
-
-- lib: fix type of len passed to *printf's %*s
-  
-  ... it needs to be 'int'. Detected by Coverity CID 1486611 (etc)
-  
-  Closes #7326
-
-- lib: use %u instead of %ld for port number printf
-  
-  Follow-up to 764c6bd3bf which changed the type of some port number
-  fields. Detected by Coverity (CID 1486624) etc.
-  
-  Closes #7325
-
-- version: turn version number functions into returning void
-  
-  ... as we never use the return codes from them.
-  
-  Reviewed-by: Daniel Gustafsson
-  Closes #7319
-
-- mqtt: extend the error message for no topic
-  
-  ... and mention that it needs URL encoding.
-  
-  Reported-by: Peter Körner
-  Fixes #7316
-  Closes #7317
-
-- formdata: correct typecast in curl_mime_data call
-  
-  Coverity pointed out it the mismatch. CID 1486590
-  
-  Closes #7327
-
-- url: (void)-prefix a curl_url_get() call
-  
-  Coverity (CID 1486645) pointed out a use of curl_url_get() in the
-  parse_proxy function where the return code wasn't checked. A
-  (void)-prefix makes the intention obvious.
-  
-  Closes #7320
-
-- glob: pass an 'int' as len when using printf's %*s
-  
-  Detected by Coverity CID 1486629.
-  
-  Closes #7324
-
-- vtls: use free() not curl_free()
-  
-  curl_free() is provided for users of the API to free returned data,
-  there's no need to use it internally.
-  
-  Closes #7318
-
-- zuul: use the new rustls directory name
-  
-  Follow-up to 6d972c8b1cbb3 which missed updating this directory name.
-  
-  Also no longer call it crustls in the docs and bump to rusttls-ffi 0.7.1
-  
-  Closes #7311
-
-Jay Satiro (29 Jun 2021)
-- http: fix crash in rate-limited upload
-  
-  - Don't set the size of the piece of data to send to the rate limit if
-    that limit is larger than the buffer size that will hold the piece.
-  
-  Prior to this change if CURLOPT_MAX_SEND_SPEED_LARGE
-  (curl tool: --limit-rate) was set then it was possible that a temporary
-  buffer used for uploading could be written to out of bounds. A likely
-  scenario for this would be a non-trivial amount of post data combined
-  with a rate limit larger than CURLOPT_UPLOAD_BUFFERSIZE (default 64k).
-  
-  The bug was introduced in 24e469f which is in releases since 7.76.0.
-  
-  perl -e "print '0' x 200000" > tmp
-  curl --limit-rate 128k -d @tmp httpbin.org/post
-  
-  Reported-by: Richard Marion
-  
-  Fixes https://github.com/curl/curl/issues/7308
-  Closes https://github.com/curl/curl/pull/7315
-
-Daniel Stenberg (29 Jun 2021)
-- copyright: add boiler-plate headers to CI config files
-  
-  And whitelist .zuul.ignore
-  
-  Closes #7314
-
-- CI: remove travis details
-  
-  Rename still used leftovers to "zuul" as that's now the CI using them.
-  
-  Closes #7313
-
-- RELEASE-NOTES: synced
-
-- openssl: avoid static variable for seed flag
-  
-  Avoid the race condition risk by instead storing the "seeded" flag in
-  the multi handle. Modern OpenSSL versions handle the seeding itself so
-  doing the seeding once per multi-handle instead of once per process is
-  less of an issue.
-  
-  Reported-by: Gerrit Renker
-  Fixes #7296
-  Closes #7306
-
-- configure: inhibit the implicit-fallthrough warning on gcc-12
-  
-  ... since it no longer acknowledges the comment markup we use for that
-  purpose.
-  
-  Reported-by: Younes El-karama
-  Fixes #7295
-  Closes #7307
-
-Daniel Gustafsson (28 Jun 2021)
-- [Andrei Rybak brought this change]
-
-  misc: fix typos in comments which repeat a word
-  
-  Fix typos in code comments which repeat various words.  In trivial
-  cases, just delete the repeated word.  Reword the affected sentence in
-  "lib/url.c" for it to make sense.
-  
-  Closes #7303
-  Reviewed-by: Daniel Gustafsson <daniel@yesql.se>
-
-Daniel Stenberg (27 Jun 2021)
-- lib677: make it survive torture testing
-  
-  Follow-up to a5ab72d5edd7
-  
-  Closes #7300
-
-- [Tommy Chiang brought this change]
-
-  docs/BINDINGS: fix outdated links
-  
-  * luacurl page is now not accessible, fix it with wayback machine page
-  * Scheme one seems not providing https now, change it back to http one
-  
-  Closes #7301
-
-- [Jacob Hoffman-Andrews brought this change]
-
-  curstls: bump crustls version and use new URL
-  
-  crustls moved to https://github.com/rustls/rustls-ffi. This also bumps
-  the expected version to 0.7.0.
-  
-  Closes #7297
-
-- RELEASE-NOTES: synced
-
-- examples: length-limit two sscanf() uses of %s
-  
-  Reported-by: Jishan Shaikh
-  Fixes #7293
-  Closes #7294
-
-- [Richard Whitehouse brought this change]
-
-  multi: alter transfer timeout ordering
-  
-  - Check whether a connection has succeded before checking whether it's
-    timed out.
-  
-    This means if we've connected quickly, but subsequently been
-    descheduled, we allow the connection to succeed. Note, if we timeout,
-    but between checking the timeout, and connecting to the server the
-    connection succeeds, we will allow it to go ahead. This is viewed as
-    an acceptable trade off.
-  
-  - Add additional failf logging around failed connection attempts to
-    propogate the cause up to the caller.
-  
-  Co-Authored-by: Martin Howarth
-  Closes #7178
-
-- test677: IMAP CONNECT_ONLY, custom command and then exit
-  
-  Adjusted ftpserver.pl to add support for the IMAP IDLE command
-  
-  Adjusted test 660 to sync with the fix
-
-- multi: do not switch off connect_only flag when closing
-  
-  ... as it made protocol specific disconnect commands wrongly get used.
-  
-  Bug: https://curl.se/mail/lib-2021-06/0024.html
-  Reported-by: Aleksander Mazur
-  Closes #7288
-
-- http: make the haproxy support work with unix domain sockets
-  
-  ... it should then pass on "PROXY UNKNOWN" since it doesn't know the
-  involved IP addresses.
-  
-  Reported-by: Valentín Gutiérrez
-  Fixes #7290
-  Closes #7291
-
-- [Xiang Xiao brought this change]
-
-  curl.h: include sys/select.h for NuttX RTOS
-  
-  Closes #7287
-
-- [Bin Meng brought this change]
-
-  curl.h: remove the execution bit
-  
-  The execution bit of curl.h file was wrongly added:
-  
-    commit 2621025d6f96 ("curl.h: <sys/select.h> is supported by VxWorks7")
-  
-  and should be removed.
-  
-  Follow-up to 2621025d6f96 ("curl.h: <sys/select.h> is supported by VxWorks7")
-  Signed-off-by: Bin Meng <bmeng.cn@gmail.com>
-  Closes #7286
-
-- [Bin Lan brought this change]
-
-  curl.h: <sys/select.h> is supported by VxWorks7
-  
-  Closes #7285
-
-- [Bachue Zhou brought this change]
-
-  quiche: use send() instead of sendto() to avoid macOS issue
-  
-  sendto() always returns "Socket is already connected" error on macos
-  
-  Closes #7260
-
-- [Li Xinwei brought this change]
-
-  cmake: fix support for UnixSockets feature on Win32
-  
-  Move the definition of sockaddr_un struct from config-win32.h to
-  curl_setup.h, so that it could be shared by all build systems.
-  
-  Add ADDRESS_FAMILY typedef for old mingw, now old mingw can also use
-  unix sockets.
-  
-  Also fix the build of tests/server/sws.c on Win32 when USE_UNIX_SOCKETS
-  is defined.
-  
-  Closes #7034
-
-- [Gregory Muchka brought this change]
-
-  hostip: (macOS) free returned memory of SCDynamicStoreCopyProxies
-  
-  From Apples documentation on SCDynamicStoreCopyProxies, "Return Value: A
-  dictionary of key-value pairs that represent the current internet proxy
-  settings, or NULL if no proxy settings have been defined or if an error
-  occurred. You must release the returned value."
-  
-  Failure to release the returned value of SCDynamicStoreCopyProxies can
-  result in a memory leak.
-  
-  Source: https://developer.apple.com/documentation/systemconfiguration/1517088-scdynamicstorecopyproxies
-  
-  Closes #7265
-
-- RELEASE-NOTES: synced
-
-Jay Satiro (21 Jun 2021)
-- vtls: fix warning due to function prototype mismatch
-  
-  b09c8ee changed the function prototype. Caught by Visual Studio.
-
-- curl_multibyte: Remove local encoding fallbacks
-  
-  - If the UTF-8 to UTF-16 conversion fails in Windows Unicode builds then
-    no longer fall back to assuming the string is in a local encoding.
-  
-  Background:
-  
-  Some functions in Windows Unicode builds must convert UTF-8 to UTF-16 to
-  pass to the Windows CRT API wide-character functions since in Windows
-  UTF-8 is not a valid locale (or at least 99% of the time right now).
-  
-  Prior to this change if the Unicode encoding conversion failed then
-  libcurl would assume, for backwards compatibility with applications that
-  may have written their code for non-Unicode builds, attempt to convert
-  the string from local encoding to UTF-16.
-  
-  That type of "best effort" could theoretically cause some type of
-  security or other problem if a string that was locally encoded was also
-  valid UTF-8, and therefore an unexpected UTF-8 to UTF-16 conversion
-  could occur.
-  
-  Ref: https://github.com/curl/curl/pull/7246
-  
-  Closes https://github.com/curl/curl/pull/7257
-
-Daniel Stenberg (20 Jun 2021)
-- curl_endian: remove the unused Curl_write64_le function
-  
-  The last usage was removed in cca455a36
-  
-  Closes #7280
-
-- vtls: only store TIMER_APPCONNECT for non-proxy connect
-  
-  Introducing a 'isproxy' argument to the connect function so that it
-  knows wether to store the time stamp or not.
-  
-  Reported-by: Yongkang Huang
-  Fixes #7274
-  Closes #7274
-
-- gnutls: set the preferred TLS versions in correct order
-  
-  Regression since 781864bedbc57 (curl 7.77.0)
-  
-  Reported-by: civodul on github
-  Assisted-by: Nikos Mavrogiannopoulos
-  Fixes #7277
-  Closes #7278
-
-- [Gergely Nagy brought this change]
-
-  configure/cmake: remove checks for unused gethostbyaddr and gethostbyaddr_r
-  
-  Closes #7276
-
-- [Gergely Nagy brought this change]
-
-  configure/cmake: remove checks for unused inet_ntoa and inet_ntoa_r
-  
-  Closes #7276
-
-- [Gergely Nagy brought this change]
-
-  configure/cmake: remove unused define HAVE_PERROR
-  
-  Closes #7276
-
-- [Gergely Nagy brought this change]
-
-  configure: remove unused check for gai_strerror
-  
-  Closes #7276
-
-- [Gergely Nagy brought this change]
-
-  configure/cmake: remove unused define HAVE_FREEIFADDRS
-  
-  Closes #7276
-
-- [Gergely Nagy brought this change]
-
-  configure/cmake: remove unused define HAVE_FORK
-  
-  Closes #7276
-
-- [Gergely Nagy brought this change]
-
-  configure/cmake: remove unused define HAVE_FDOPEN
-  
-  Closes #7276
-
-- [Gergely Nagy brought this change]
-
-  configure/cmake: remove checks for unused sgtty.h
-  
-  Closes #7276
-
-- [Gergely Nagy brought this change]
-
-  configure/cmake: remove remaining checks for rsa.h
-  
-  Closes #7276
-
-- [Gergely Nagy brought this change]
-
-  configure/cmake: remove remaining checks for err.h
-  
-  Closes #7276
-
-- [Gergely Nagy brought this change]
-
-  configure/cmake: remove remaining checks for crypto.h
-  
-  Closes #7276
-
-- [Gergely Nagy brought this change]
-
-  configure/cmake: remove checks for unused getservbyport_r
-  
-  Closes #7276
-
-- --socks4[a]: clarify where the host name is resolved
-  
-  Closes #7273
-
-- libcurl-security.3: mention file descriptors and forks
-  
-  ... and move the security report section last.
-  
-  Reported-by: Harry Sintonen
-  Closes #7270
-
-- [Alex Xu (Hello71) brought this change]
-
-  configure.ac: make non-executable
-  
-  it needs to be processed by autoconf or autoreconf, and doesn't have a
-  suitable shebang to be directly executed. other projects normally set
-  configure.ac -x.
-  
-  Closes #7272
-
-- configure: do not strip out debug flags
-  
-  To allow users to set them when invoking configure without using
-  --with-debug.
-  
-  Reported-by: Alex Xu
-  Fixes #7216
-  Closes #7267
-
-- libssh2: limit time a disconnect can take to 1 second
-  
-  Closes #7271
-
-- TLS: prevent shutdown loops to get stuck
-  
-  ... by making sure the loops are only allowed to read the shutdown
-  traffic a limited number of times.
-  
-  Reported-by: Harry Sintonen
-  Closes #7271
-
-- hyper: propagate errors back up from read callbacks
-  
-  Makes test 513 work with hyper
-  
-  Closes #7266
-
-- KNOWN_BUGS: Negotiate on Windows fails
-  
-  Closes #5881
-
-- KNOWN_BUGS: renames instead of locking for atomic operations
-  
-  Closes #6882
-  Closes #6884
-
-- zuul: add two missing CI jobs
-  
-  ... that were configured, just not run
-  
-  Closes #7261
-
-Viktor Szakats (15 Jun 2021)
-- idn: fix libidn2 with windows unicode builds
-  
-  Unicode Windows builds use UTF-8 strings internally in libcurl,
-  so make sure to call the UTF-8 flavour of the libidn2 API. Also
-  document that Windows builds with libidn2 and UNICODE do expect
-  CURLOPT_URL as an UTF-8 string.
-  
-  Reported-by: dEajL3kA on github
-  Assisted-by: Jay Satiro
-  Reviewed-by: Marcel Raad
-  Closes #7246
-  Fixes #7228
-
-Daniel Stenberg (15 Jun 2021)
-- curl_url_set: reject spaces in URLs w/o CURLU_ALLOW_SPACE
-  
-  They were never officially allowed and slipped in only due to sloppy
-  parsing. Spaces (ascii 32) should be correctly encoded (to %20) before
-  being part of a URL.
-  
-  The new flag bit CURLU_ALLOW_SPACE when a full URL is set, makes libcurl
-  allow spaces.
-  
-  Updated test 1560 to verify.
-  
-  Closes #7073
-
-- RELEASE-NOTES: synced
-  
-  ... and bump to version 7.78.0 for the next planned release.
-
-Jay Satiro (15 Jun 2021)
-- docs: Remove outdated curl tool limitation
-  
-  - Document that HTTP/2 multiplexing is supported by the curl tool when
-    parallel transfers are used.
-  
-  Supported since 7.66.0 via --parallel, but the doc wasn't updated.
-  
-  Closes https://github.com/curl/curl/pull/7259
-
-- http2: Clarify 'Using HTTP2' verbose message
-  
-  - Change phrasing from multi-use to multiplexing since the former may
-    not be as well understood.
-  
-  Before: * Using HTTP2, server supports multi-use
-  
-  After: * Using HTTP2, server supports multiplexing
-  
-  Bug: https://github.com/curl/curl/discussions/7255
-  Reported-by: David Hu
-  
-  Closes https://github.com/curl/curl/pull/7258
-
-Daniel Stenberg (14 Jun 2021)
-- winbuild/README: VC should be set to 6 'or larger'
-  
-  Previously it listed all versions up to 15 (missing 16) but this new
-  phrasing is more open ended.
-  
-  Reported-by: Hugh Macdonald
-  Fixes #7253
-  Closes #7254
-
-- [Jacob Hoffman-Andrews brought this change]
-
-  rustls: remove native_roots fallback
-  
-  For the commandline tool, we expect to be passed
-  SSL_CONN_CONFIG(CAfile); for library use, the use should pass a set of
-  trusted roots (like in other TLS backends).
-  
-  This also removes a dependency on Security.framework when building on
-  macOS.
-  
-  Closes #7250
-
-- [Albin Vass brought this change]
-
-  travis: remove jobs that have migrated to zuul
-  
-  Closes #7245
-
-- [Mohammed Naser brought this change]
-
-  CI: add jobs using Zuul
-  
-  It also includes a few changes to get the builds going:
-  - Added autoconf to common dependencies
-  - Added automake to common dependencies
-  - Added libtool to common dependencies
-  - Added libssl-dev to common dependencies
-  
-  Co-authored-by: Albin Vass
-  
-  Closes #7245
-
-- netrc: skip 'macdef' definitions
-  
-  Add test 494 to verify
-  
-  Reported-by: Harry Sintonen
-  Fixes #7238
-  Closes #7244
-
-- multi: add scan-build-6 work-around in curl_multi_fdset
-  
-  scan-build-6 otherwise warns, saying: warning: The left operand of '>='
-  is a garbage value otherwise, which is false.
-  
-  Later scan-builds don't claim this on the same code.
-  
-  Closes #7248