                                  _   _ ____  _
                              ___| | | |  _ \| |
                             / __| | | | |_) | |
                            | (__| |_| |  _ <| |___
                             \___|\___/|_| \_\_____|

                                  Changelog

Version 7.87.0 (21 Dec 2022)

Daniel Stenberg (21 Dec 2022)

- RELEASE-NOTES: synced

  The curl 7.87.0 release

- THANKS: 40 new contributors from 7.87.0

- http: fix the ::1 comparison for IPv6 localhost for cookies

  When checking if there is a "secure context", which it is if the
  connection is to localhost even if the protocol is HTTP, the comparison
  for ::1 was done incorrectly and included brackets.

  Reported-by: BratSinot on github

  Fixes #10120
  Closes #10121

Philip Heiduck (19 Dec 2022)

- CI/spell: actions/checkout@v2 > actions/checkout@v3

Daniel Stenberg (19 Dec 2022)

- smb/telnet: do not free the protocol struct in *_done()

  It is managed by the generic layer.

  Reported-by: Trail of Bits

  Closes #10112

- http: use the IDN decoded name in HSTS checks

  Otherwise it stores the info HSTS into the persistent cache for the IDN
  name which will not match when the HSTS status is later checked for
  using the decoded name.

  Reported-by: Hiroki Kurosawa

  Closes #10111

- CURLOPT_DEBUGFUNCTION.3: emphasize that incoming data is "raw"

  Closes #10106

Xì Gà (16 Dec 2022)

- socks: fix username max size is 255 (0xFF)

  Closes #10105

  Reviewed-by: Daniel Gustafsson

Daniel Stenberg (16 Dec 2022)

- limit-rate.d: see also --rate

- lib1560: add some basic IDN host name tests

  Closes #10094

- idn: rename the files to idn.[ch] and hold all IDN functions

  Closes #10094

- idn: remove Curl_win32_ascii_to_idn

  It was not used. Introduce a new IDN header for the prototype(s).

  Closes #10094

- RELEASE-NOTES: synced

- curl_url_get.3: remove spurious backtick

  Put there by mistake.

  Follow-up from 9a8564a92

  Closes #10101

- socks: fix infof() flag for outputing a char

  It used to be a 'long', %lu is no longer correct.

  Follow-up to 57d2d9b6bed33d
  Detected by Coverity CID 1517663

  Closes #10100

- ssl-reqd.d: clarify that this is for upgrading connections only

  Closes #10093

- curl_url_set.3: document CURLU_DISALLOW_USER

  Closes #10099

- cmake: set the soname on the shared library

  Set SONAME and VERSION for platforms we think this works on. Remove
  issue from KNOWN_BUGS.

  Assisted-by: Jakub Zakrzewski

  Closes #10023

- tool_paramhlp: free the proto strings on exit

  And also make sure that repeated use of the options free the previous
  string before it stores a new.

  Follow-up from e6f8445edef8e7996d

  Closes #10098

- tool_cfgable: free the ssl_ec_curves on exit

  Follow-up to ede125b7b

  Closes #10097

- urlapi: reject more bad letters from the host name: &+()

  Follow-up from eb0167ff7d31d3a5

  Extend test 1560 to verify

  Closes #10096

- altsvc: fix rejection of negative port numbers

  Follow-up to ac612dfeee95

  strtoul() accepts a leading minus so better make sure there is none

  Extended test 356 somewhat to use a huge negative 64 bit number that
  otherwise becomes a low positive number.

  Closes #10095

- lib: use size_t or int etc instead of longs

  Since long is not using a consistent data size in curl builds, making it
  often "waste" 32 bits.

  Closes #10088

- azure: use "unversioned" clang and clang-tools for scanbuild job

  To make it less fragile

  Closes #10092

Daniel Gustafsson (14 Dec 2022)

- x509asn1: avoid freeing unallocated pointers

  When utf8asn1str fails there is no allocation returned, so freeing
  the return pointer in **to is at best a no-op and at worst a double-
  free bug waiting to happen. The current coding isn't hiding any such
  bugs but to future proof, avoid freeing the return value pointer iff
  the function failed.

  Closes: #10087
  Reviewed-by: Daniel Stenberg <daniel@haxx.se>

Emil Engler (13 Dec 2022)

- curl_url_set.3: fix typo

  Closes: #10089
  Reviewed-by: Daniel Gustafsson <daniel@yesql.se>

Daniel Stenberg (13 Dec 2022)

- test2304: verify websocket handling when connection is closed

- server/sws: if asked to close connection, skip the websocket handling

- ws: if no connection is around, return error

  - curl_ws_send returns CURLE_SEND_ERROR if data->conn is gone

  - curl_ws_recv returns CURLE_GOT_NOTHING on connection close

  - curl_ws_recv.3: mention new return code for connection close + example
    embryo

  Closes #10084

Emil Engler (13 Dec 2022)

- docs: extend the dump-header documentation

  This commit extends the documentation of the --dump-header command-line
  option to reflect the behavior introduced in 8b1e5df7.

  See #10079
  Closes #10085

Daniel Stenberg (12 Dec 2022)

- RELEASE-NOTES: synced

- styled-output.d: this option does not work on Windows

  Reported-by: u20221022 on github

  Fixes #10082
  Closes #10083

Emil Engler (12 Dec 2022)

- tool: determine the correct fopen option for -D

  This commit fixes a bug in the dump-header feature regarding the
  determination of the second fopen(3) option.

  Reported-by: u20221022 on github

  See #4753
  See #4762
  Fixes #10074
  Closes #10079

Christian Schmitz (11 Dec 2022)

- docs/curl_ws_send: Fixed typo in websocket docs

  Replace as with is in relevant sentences.

  Closes: #10081
  Reviewed-by: Daniel Gustafsson <daniel@yesql.se>

Prithvi MK (11 Dec 2022)

- c-hyper: fix multi-request mechanism

  It makes test 565 run fine.

  Fixes #8896
  Closes #10080
  Assisted-by: Daniel Stenberg

Andy Alt (11 Dec 2022)

- page-header: grammar improvement (display transfer rate)

  Closes #10068

- docs/DEPRECATE.md: grammar improvement and sp correction

  The main thing I wanted to do was fix the spelling of "spent", but I
  think this rewording improves the flow of the paragraph.

  Closes #10067

Boris Verkhovskiy (11 Dec 2022)

- tool_cfgable: make socks5_gssapi_nec a boolean

  Closes #10078

Frank Gevaerts (9 Dec 2022)

- contributors.sh: actually use $CURLWWW instead of just setting it.

  The script was all set up for flexibility where curl-www is elsewhere in
  the filesystem, but then hard-coded ../curl-www anyway...

  Closes #10064

Daniel Stenberg (9 Dec 2022)

- KNOWN_BUGS: remove items not considered bugs any more

  - CURL_GLOBAL_SSL

  This option was changed in libcurl 7.57.0 and clearly it has not caused
  too many issues and a lot of time has passed.

  - Store TLS context per transfer instead of per connection

  This is a possible future optimization. One that is much less important
  and interesting since the added support for CA caching.

  - Microsoft telnet server

  This bug was filed in May 2007 against curl 7.16.1 and we have not
  received further reports.

  - active FTP over a SOCKS

  Actually, proxies in general is not working with active FTP mode. This
  is now added in proxy documentation.

  - DICT responses show the underlying protocol

  curl still does this, but since this is now an established behavior
  since forever we cannot change it easily and adding an option for it
  seems crazy as this protocol is not so little its not worth it. Let's
  just live with it.

  - Secure Transport disabling hostname validation also disables SNI

  This is an already documented restriction in Secure Transport.

  - CURLOPT_SEEKFUNCTION not called with CURLFORM_STREAM

  The curl_formadd() function is marked and documented as deprecated. No
  point in collecting bugs for it. It should not be used further.

  - STARTTRANSFER time is wrong for HTTP POSTs

  After close source code inspection I cannot see how this is true or that
  there is any special treatment for different HTTP methods. We also have
  not received many further reports on this, making me strongly suspect
  that this is no (longer an) issue.

  - multipart formposts file name encoding

  The once proposed RFC 5987-encoding is since RFC 7578 documented as MUST
  NOT be used. The since then implemented MIME API allows the user to set
  the name on their own and can thus provide it encoded as it wants.

  - DoH is not used for all name resolves when enabled

  It is questionable if users actually want to use DoH for interface and
  FTP port name resolving. This restriction is now documented and we
  advice users against using name resolving at all for these functions.

  Closes #10043

- CURLOPT_COOKIEFILE.3: advice => advise

  Closes #10063

  Reviewed-by: Daniel Gustafsson

Daniel Gustafsson (9 Dec 2022)

- curl.h: reword comment to not use deprecated option

  CURLOPT_INFILE was replaced by CURLOPT_READDATA in 7.9.7,  reword the
  comment mentioning it to make code grepping easier as well as improve
  the documentation.

  Closes: #10062
  Reviewed-by: Daniel Stenberg <daniel@haxx.se>

Ryan Schmidt (9 Dec 2022)

- system.h: fix socklen_t, curl_off_t, long long for Classic Mac OS

  Change "__MWERKS__" to "macintosh". When this block was originally added
  in 3ac6929 it was probably intended to handle classic Mac OS since the
  previous classic Mac OS build procedure for curl (which was removed in
  bf327a9) used Metrowerks CodeWarrior.

  But there are other classic Mac OS compilers, such as the MPW compilers,
  that were not handled by this case. For classic Mac OS,
  CURL_TYPEOF_CURL_SOCKLEN_T needs to match what's provided by the
  third-party GUSI library, which does not vary by compiler.

  Meanwhile CodeWarrior works on platforms other than classic Mac OS, and
  they may need different definitions. Separate blocks could be added
  later for any of those platforms that curl doesn't already support.

  Closes #10049

- vms: remove SIZEOF_SHORT

  The rest of SIZEOF_SHORT was removed in d48dd15.

  See #9291
  Closes #10061

Daniel Gustafsson (8 Dec 2022)

- tool_formparse: avoid clobbering on function params

  While perfectly legal to do, clobbering function parameters and using
  them as local variables is confusing at best and rarely improves code
  readability.  Fix by using a local variable instead, no functionality
  is changed.

  This also renames the parameter from data to mime_data since the term
  data is (soft) reserved for the easy handle struct.

  Closes: #10046
  Reviewed-by: Daniel Stenberg <daniel@haxx.se>

- noproxy: guard against empty hostnames in noproxy check

  When checking for a noproxy setting we need to ensure that we get
  a hostname passed in. If there is no hostname then there cannot be
  a matching noproxy rule for it by definition.

  Closes: #10057
  Reported-by: Geeknik Labs
  Reviewed-by: Daniel Stenberg <daniel@haxx.se>

Daniel Stenberg (8 Dec 2022)

- c-hyper: CONNECT respones are not server responses

  Together with d31915a8dbbd it makes test 265 run fine.

  Fixes #8853
  Assisted-by: Prithvi MK
  Assisted-by: Sean McArthur
  Closes #10060

- test265: Use "connection: keep-alive" response header

  When it answers as HTTP/1.0, so that clients (hyper) knows properly that
  the connection remains intact.

- RELEASE-NOTES: synced

Stefan Eissing (8 Dec 2022)

- cfilter: improve SSL connection checks

  - fixes `Curl_ssl_cf_get_ssl()` to detect also the first filter instance
    as ssl (refs #10053)

  - replaces `Curl_ssl_use()` with the correct `Curl_conn_is_ssl()`

  Closes #10054
  Fixes #10053

  Reported-by: Patrick Monnerat

Daniel Stenberg (8 Dec 2022)

- runtests: silence nghttpx errors

  Also, move the output of the nghttpx_h3 info to the general "Env:" line
  in the test output header.

  Reported-by: Marcel Raad
  Ref: https://github.com/curl/curl/commit/ca15b7512e8d1199e55fbaa206ef01e64b8f
  147d#commitcomment-92015094
  Closes #10044

Ryan Schmidt (7 Dec 2022)

- config-mac: define HAVE_SYS_IOCTL_H

  This is needed to compile nonblock.c on classic Mac OS with Grand
  Unified Socket Interface (GUSI) because nonblock.c uses FIONBIO which is
  defined in <sys/filio.h> which is included by <sys/ioctl.h>.

  Ref: https://sourceforge.net/projects/gusi/

  Closes https://github.com/curl/curl/pull/10042

Philip Heiduck (7 Dec 2022)

- CI: Change FreeBSD image from 12.3 to 12.4

  Ref: https://www.phoronix.com/news/FreeBSD-12.4-Released

  Closes https://github.com/curl/curl/pull/10051

Ryan Schmidt (7 Dec 2022)

- test1421: fix typo

  Closes https://github.com/curl/curl/pull/10055

Jay Satiro (7 Dec 2022)

- build: assume errno.h is always available

  - Remove errno.h detection from all build configurations.

  errno.h is a standard header according to C89.

  Closes https://github.com/curl/curl/pull/9986

- build: assume assert.h is always available

  - Remove assert.h detection from all build configurations.

  assert.h is a standard header according to C89.

  I had proposed this several years ago as part of a larger change that
  was abandoned.

  Ref: https://github.com/curl/curl/issues/1237#issuecomment-277500720

  Closes https://github.com/curl/curl/pull/9985

Philip Heiduck (7 Dec 2022)

- CI: LGTM.com will be shut down in December 2022

  Closes #10052

Daniel Stenberg (6 Dec 2022)

- mailmap: Andy Alt

Andy Alt (6 Dec 2022)

- misc: Fix incorrect spelling

  Fix various uses of connnect by replacing them with connect.

  Closes: #10045
  Reviewed-by: Daniel Stenberg <daniel@haxx.se>
  Reviewed-by: Daniel Gustafsson <daniel@yesql.se>

Stefan Eissing (6 Dec 2022)

- wolfssl: remove special BIO return code handling

  - rely solely on the retry flag in BIO, similar to OpenSSL vtls
    implementation.

  Ref: https://github.com/curl/curl/pull/10021#issuecomment-1336147053

  Closes #10033

Daniel Stenberg (6 Dec 2022)

- openssl: return -1 on error in the BIO callbacks

  BIO_read and BIO_write return negative numbers on error, including
  retryable ones. A regression from 55807e6. Both branches should be
  returning -1.

  The APIs are patterned after POSIX read and write which, similarly,
  return -1 on errors, not zero, with EAGAIN treated as an error.

  Bug: https://github.com/curl/curl/issues/10013#issuecomment-1335308146
  Reported-by: David Benjamin
  Closes #10021

Ryan Schmidt (6 Dec 2022)

- config-mac: remove HAVE_SYS_SELECT_H

  When compiling for classic Mac OS with GUSI, there is no sys/select.h.
  GUSI provides the "select" function prototype in sys/time.h.

  Closes #10039

- setup: do not require __MRC__ defined for Mac OS 9 builds

  Partially reverts "somewhat protect Mac OS X users from using Mac OS 9
  config file", commit 62519bfe059251af2914199f284c736553ff0489.

  Do things that are specific to classic Mac OS (i.e. include config-mac.h
  in curl_setup.h and rename "main" to "curl_main" in tool_setup.h) when
  only "macintosh" is defined. Remove the additional condition that
  "__MRC__" should be defined since that would only be true with the MPW
  MrC compiler which prevents the use of other reasonable compilers like
  the MPW SC compiler and especially the Metrowerks CodeWarrior compilers.
  "macintosh" is only defined by classic Mac OS compilers so this change
  should not affect users of Mac OS X / OS X / macOS / any other OS.

  Closes #10037

- curl.h: name all public function parameters

  Most public function parameters already have names; this adds those
  that were missing.

  Closes #10036

Andy Alt (6 Dec 2022)

- docs/examples: spell correction ('Retrieve')

  Closes #10040

Daniel Stenberg (6 Dec 2022)

- unit1302: slightly extended

  To test more base64 decoding

- base64: faster base64 decoding

  - by using a lookup table instead of strchr()
  - by doing full quantums first, then padding

  Closes #10032

Michael Musset (6 Dec 2022)

- libssh2: return error when ssh_hostkeyfunc returns error

  return CURLE_PEER_FAILED_VERIFICATION if verification with the callback
  return a result different than CURLKHMATCH_OK

  Closes #10034

Viktor Szakats (5 Dec 2022)

- Makefile.mk: improve a GNU Make hack [ci skip]

  Replace the hack of using `$() ` to represent a single space. The new
  method silences the `--warn-undefined-variables` debug warning and it's
  also a better-known form of solving this problem.

  Reviewed-by: Jay Satiro
  Closes #10031

Daniel Stenberg (5 Dec 2022)

- tests/unit/.gitignore: ignore all unit + 4 digits files

- base64: encode without using snprintf

  For speed. In some tests, this approch is 29 times faster!

  Closes #10026

- base64: better alloc size

  The previous algorithm allocated more bytes than necessary.

  Suggested-by: xtonik on github
  Fixes #10024
  Closes #10025

Ryan Schmidt (5 Dec 2022)

- config-mac: fix typo: size_T -> size_t

  Both MPW and CodeWarrior compilers complained about this.

  Closes #10029

Daniel Stenberg (3 Dec 2022)

- RELEASE-NOTES: synced

Jakub Zakrzewski (2 Dec 2022)

- CMake: fix build with `CURL_USE_GSSAPI`

  CMAKE_*_LINKER_FLAGS must be a string but GSS_LINKER_FLAGS is a list, so
  we need to replace semicolons with spaces when setting those.

  Fixes #9017
  Closes #1022

Max Dymond (2 Dec 2022)

- ci: Reuse fuzzing snippet from curl-fuzzer project

Diogo Teles Sant'Anna (2 Dec 2022)

- GHA: clarify workflows permissions, set least possible privilege

  Set top-level permissions to None on all workflows, setting per-job
  permissions. This avoids that new jobs inherit unwanted permissions.

  Discussion: https://curl.se/mail/lib-2022-11/0028.html

  Signed-off-by: Diogo Teles Sant'Anna <diogoteles@google.com>

  Closes #9928

Viktor Szakats (2 Dec 2022)

- Makefile.mk: address minor issues

  - Fix `NROFF` auto-detection with certain shell/make-build combinations:

    When a non-MSYS2 GNU Make runs inside an MSYS2 shell, Make executes
    the detection command as-is via `CreateProcess()`. It fails because
    `command` is an `sh` built-in. Ensure to explicitly invoke the shell.

  - Initialize user-customizable variables:

    Silences a list of warnings when running GNU Make with the option
    `--warn-undefined-variables`. Another benefit is that it's now easy
    to look up all user-customizable `Makefile.mk` variables by grepping
    for ` ?=` in the curl source tree.

    Suggested-by: Gisle Vanem
    Ref: https://github.com/curl/curl/pull/9764#issuecomment-1330674433

  - Fix `MKDIR` invocation:

    Avoid a warning and potential issue in envs without forward-slash
    support.

  Closes #10000

Rob de Wit (2 Dec 2022)

- curl_get_line: allow last line without newline char

  improve backwards compatibility

  Test 3200 verifies

  Closes #9973

Daniel Stenberg (2 Dec 2022)

- cookie: open cookie jar as a binary file

  On Windows there is a difference and for text files, ^Z means end of
  file which is not desirable.

  Ref: #9973
  Closes #10017

- runtests: only do CRLF replacements for hyper if it is HTTP

  Closes #10016

Stefan Eissing (1 Dec 2022)

- openssl: fix for BoringSSL BIO result interpretation mixups

  Reported-by: Robin Marx
  Fixes #10013
  Closes #10015

Max Dymond (1 Dec 2022)

- ci: Remove zuul fuzzing job as it's superseded by CIFuzz

Daniel Stenberg (1 Dec 2022)

- runtests: do CRLF replacements per section only

  The `crlf="yes"` attribute and "hyper mode" are now only applied on a
  subset of dedicated sections: data, datacheck, stdout and protocol.

  Updated test 2500 accordingly.

  Also made test1 use crlf="yes" for <protocol>, mostly because it is
  often used as a template test case. Going forward, using this attribute
  we should be able to write test cases using linefeeds only and avoid
  mixed line ending encodings.

  Follow-up to ca15b7512e8d11

  Fixes #10009
  Closes #10010

Stefan Eissing (1 Dec 2022)

- gnutls: use common gnutls init and verify code for ngtcp2

  Closes #10007

Baitinq on github (1 Dec 2022)

- aws_sigv4: fix typos in aws_sigv4.c

  Closes #10008

Kenneth Myhra (30 Nov 2022)

- curl.h: include <sys/select.h> on SerenityOS

  Closes #10006

Daniel Stenberg (30 Nov 2022)

- openssl: prefix errors with '[lib]/[version]: '

  To help users understand where this (cryptic) error message comes from.

  Suggested-by: Philip Sanetra
  Ref: #10002
  Closes #10004

Stefan Eissing (30 Nov 2022)

- tests: add HTTP/3 test case, custom location for proper nghttpx

  - adding support for HTTP/3 test cases via a nghttpx server that is
    build with ngtcp2 and nghttp3.
  - test2500 is the first test case, performing a simple GET.
  - nghttpx is checked for support and the 'feature' nghttpx-h3
    is set accordingly. test2500 will only run, when supported.
  - a specific nghttpx location can be given in the environment
    variable NGHTTPX or via the configure option
      --with-test-nghttpx=<path>

  Extend NGHTTPX config to H2 tests as well

  * use $ENV{NGHTTPX} and the configured default also in http2 server starts
  * always provide the empty test/nghttpx.conf to nghttpx. as it defaults to
    reading /etc/nghttpx/nghttpx.conf otherwise.

  Added nghttpx to CI ngtcp2 jobs to run h3 tests.

  Closes #9031

Daniel Stenberg (30 Nov 2022)

- RELEASE-NOTES: synced

  Removed duplicate after contributors.sh fix: 9967c10b6daa1

- scripts/contributors.sh: strip one OR MORE leading spaces

  From names found credited in commit logs

- RELEASE-NOTES: synced

- openssl/mbedtls: use %d for outputing port with failf (int)

  Coverity CID 1517100

  Also, remove some int typecasts in vtls.c for the port number

  Closes #10001

- KNOWN_BUGS: remove "Multi perform hangs waiting for threaded resolver"

  We now offer a way to avoid that hang, using CURLOPT_QUICK_EXIT.

  Follow-up to 49798cac832ab1 fixed via #9147

  Closes #9999

- KNOWN_BUGS: remove "--interface for ipv6 binds to unusable IP address"

  Since years back the "if2ip" function verifies that it binds to a local IPv6
  address that uses the same scope as the remote address.

  This is not a bug.

  Fixes #686
  Closes #9998

- test1276: verify lib/optiontable.pl

  Checks that it generates an output identical to the file.

- lib/optiontable.pl: adapt to CURLOPTDEPRECATED()

  Follow-up from 6967571bf20624bc

  Reported-by: Gisle Vanem

  Fixes #9992
  Closes #9993

- docs/INSTALL.md: list OSes and CPUs quoted

  to make them skip spellcheck. Also added a new CPU.

  Follow-up to 4506cbf7f24a2a

  Closes #9997

Ikko Ashimine (28 Nov 2022)

- vtls: fix typo in vtls_int.h

  paramter -> parameter

  Closes: #9996
  Reviewed-by: Daniel Gustafsson <daniel@yesql.se>

Daniel Stenberg (28 Nov 2022)

- curl-openssl.m4: do not add $prefix/include/openssl to CPPFLAGS

  As OpenSSL's include files are all included using <openssl/*.h> in curl
  source code, we just risk that existing openssl files will "shadow"
  include files without path if that path is provided.

  Fixes #9989
  Closes #9988

- INSTALL: update operating systems and CPU archs

  Update after recent runs on Twitter/Mastodon and my blog

  Closes #9994

Stefan Eissing (28 Nov 2022)

- tls: backends use connection filters for IO, enabling HTTPS-proxy

   - OpenSSL (and compatible)
   - BearSSL
   - gnutls
   - mbedtls
   - rustls
   - schannel
   - secure-transport
   - wolfSSL (v5.0.0 and newer)

   This leaves only the following without HTTPS-proxy support:
   - gskit
   - nss
   - wolfSSL (versions earlier than v5.0.0)

  Closes #9962

Daniel Stenberg (28 Nov 2022)

- include/curl/curl.h: bump the deprecated requirements to gcc 6.1

  Reported-by: Michael Kaufmann
  Fixes #9917
  Closes #9987

Patrick Monnerat (28 Nov 2022)

- mime: relax easy/mime structures binding

  Deprecation and removal of codeset conversion support from the library
  have released the strict need for an early binding of mime structures to
  an easy handle (https://github.com/curl/curl/commit/2610142).

  This constraint currently forces to create the handle before the mime
  structure and the latter cannot be attached to another handle once
  created (see https://curl.se/mail/lib-2022-08/0027.html).

  This commit removes the handle pointers from the mime structures
  allowing more flexibility on their use.

  When an easy handle is duplicated, bound mime structures must however
  still be duplicated too as their components hold send-time dynamic
  information.

  Closes #9927

fractal-access (26 Nov 2022)

- test416: verify growing FTP file support

  Added setting: RETRSIZE [size] in the <servercmd> section. When set this
  will cause the test FTP server to return the size set (rather than the
  actual size) in the acknowledgement from a RETR request.

  Closes #9772

- ftp: support growing files with CURLOPT_IGNORE_CONTENT_LENGTH

  When using the option CURLOPT_IGNORE_CONTENT_LENGTH (set.ignorecl in
  code) to support growing files in FTP, the code should ignore the
  initial size it gets from the server as this will not be the final size
  of the file. This is done in ftp_state_quote() to prevent a size request
  being issued in the initial sequence. However, in a later call to
  ftp_state_get_resp() the code attempts to get the size of the content
  again if it doesn't already have it, by parsing the response from the
  RETR request. This fix prevents this parsing of the response to get the
  size when the set.ignorecl option is set. This should maintain the size
  value as -1, unknown, in this situation.

  Closes #9772

Stefan Eissing (26 Nov 2022)

- cfilter: re-add `conn` as parameter to cfilter setup methods

  - `Curl_ssl_get_config()` now returns the first config if no SSL proxy
    filter is active

  - socket filter starts connection only on first invocation of its
    connect method

  Fixes #9982
  Closes #9983

Daniel Stenberg (26 Nov 2022)

- KNOWN_BUGS: remove five FTP related issues

  - "FTP with CONNECT and slow server"

  I believe this is not a problem these days.

  - "FTP with NULs in URL parts"

  The FTP protocol does not support them properly anyway.

  - remove "FTP and empty path parts in the URL"
