Brave Browser (64-bit)

What's new in this version:

Changed:
- curl_url_set: reject spaces in URLs w/o CURLU_ALLOW_SPACE
- CURLE_SETOPT_OPTION_SYNTAX: new error name for wrong setopt syntax
- hostip: make 'localhost' return fixed values
- mbedtls: add support for cert and key blob options
- metalink: remove all support for it
- mqtt: add support for username and password

Fixed:
- --socks4[a]: clarify where the host name is resolved
- ares: always store IPv6 addresses first
- asyn-ares: remove check for 'data' in Curl_resolver_cancel
- bearssl: explicitly initialize all fields of Curl_ssl
- bearssl: remove incorrect const on variable that is modified
- build: fix compiler warnings when CURL_DISABLE_VERBOSE_STRINGS
- c-hyper: abort CONNECT response reading early on non 2xx responses
- c-hyper: add support for transfer-encoding in the request
- c-hyper: bail on too long response headers
- c-hyper: clear NTLM auth buffer when request is issued
- c-hyper: convert HYPERE_INVALID_PEER_MESSAGE to CURLE_UNSUPPORTED_PROTOCOL
- c-hyper: fix NTLM on closed connection tested with test159
- c-hyper: fix the uploaded field in progress callbacks
- c-hyper: handle NULL from hyper_buf_copy()
- c-hyper: support CURLINFO_STARTTRANSFER_TIME
- c-hyper: support CURLOPT_HEADER
- ccsidcurl: fix the compile errors
- CI/cirrus: install impacket from PyPI instead of FreeBSD packages
- CI: add bearssl build
- CI: add Circle CI
- CI: add jobs using Zuul
- CI: delete --enable-hsts option (it is the default now)
- CI: remove travis details
- cleanup: spell DoH with a lowercase o
- cmake: add CURL_DISABLE_NTLM option
- cmake: avoid leaking absolute paths into exported config
- cmake: fix IoctlSocket FIONBIO check
- cmake: fix support for UnixSockets feature on Win32
- cmake: remove libssh2 feature checks
- cmake: try well-known send/recv signature for Apple
- configure.ac: make non-executable
- configure/cmake: remove checks for many unused functions
- configure: add --disable-ntlm option
- configure: disable RTSP when hyper is selected
- configure: do not strip out debug flags
- configure: fix nghttp2 library name for static builds
- configure: inhibit the implicit-fallthrough warning on gcc-12
- configure: rename get-easy-option configure option to get-easy-options
- conn_shutdown: if closed during CONNECT cleanup properly
- conncache: lowercase the hash key for better match
- cookies: track expiration in jar to optimize removals
- copyright: add boiler-plate headers to CI config files
- crustls: bump crustls version and use new URL
- curl.h: <sys/select.h> is supported by VxWorks7
- curl.h: include sys/select.h for NuttX RTOS
- curl: ignore blank --output-dir
- curl_endian: remove the unused Curl_write64_le function
- curl_multibyte: Remove local encoding fallbacks
- Curl_ntlm_core_mk_nt_hash: fix OOM in error path
- Curl_ssl_getsessionid: fail if no session cache exists
- CURLOPT_WRITEFUNCTION.3: minor update of the example
- docs/BINDINGS: fix outdated links
- docs/examples: use curl_multi_poll() in multi examples
- docs/INSTALL: remove mentions of configure --with-darwin-ssl
- docs: document missing arguments to commands
- docs: fix inconsistencies in EGDSOCKET documentation
- docs: fix incorrect argument name reference
- docs: Fix typos
- docs: make docs for --etag-save match the program behaviour
- docs: use --max-redirs instead of --max-redir
- doh: (void)-prefix call to curl_easy_setopt
- doh: fix wrong DEBUGASSERT for doh private_data
- easy: during upkeep, attach Curl_easy to connections in the cache
- examples/multi-single: fix scan-build warning
- examples: length-limit two sscanf() uses of %s
- examples: safer and more proper read callback logic
- filecheck: quietly remove test-place/*~
- formdata: avoid "Argument cannot be negative" warning
- formdata: correct typecast in curl_mime_data call
- GHA: add a linux-hyper job
- GHA: add several libcurl tests to the hyper job
- GHA: run the newly fixed tests with hyper
- github: timeout jobs on macOS after 90 minutes
- glob: pass an 'int' as len when using printf's %*s
- gnutls: set the preferred TLS versions in correct order
- GOVERNANCE: add 'user', 'committer' and 'contributor'
- hostip: (macOS) free returned memory of SCDynamicStoreCopyProxies
- hostip: bad CURLOPT_RESOLVE syntax now returns error
- hsts: ignore numberical IP address hosts
- HSTS: not experimental anymore
- http2: clarify 'Using HTTP2' verbose message
- http2: init recvbuf struct for pushed streams
- http2_connisdead: handle trailing GOAWAY better
- http: fix crash in rate-limited upload
- http: make the haproxy support work with unix domain sockets
- http_proxy: deal with non-200 CONNECT response with Hyper
- hyper: propagate errors back up from read callbacks
- HYPER: remove mentions of deprecated development branch
- idn: fix libidn2 with windows unicode builds
- infof: remove newline from format strings, always append it
- lib: don't compare fd to FD_SETSIZE when using poll
- lib: fix compiler warnings with CURL_DISABLE_NETRC
- lib: fix type of len passed to *printf's %*s
- lib: more %u for port and int for %*s fixes
- lib: use %u instead of %ld for port number printf
- libcurl-security.3: mention file descriptors and forks
- libssh2: limit time a disconnect can take to 1 second
- mbedtls: make mbedtls_strerror always work
- mbedtls: Remove unnecessary include
- mqtt: detect illegal and too large file size
- mqtt: extend the error message for no topic
- msnprintf: return number of printed characters excluding null byte
- multi: add scan-build-6 work-around in curl_multi_fdset
- multi: alter transfer timeout ordering
- multi: do not switch off connect_only flag when closing
- multi: fix crash in curl_multi_wait / curl_multi_poll
- netrc: skip 'macdef' definitions
- ngtcp2: disable TLSv1.3 compatible mode when using GnuTLS
- openssl: avoid static variable for seed flag
- openssl: don't remove session id entry in disassociate
- pinnedpubkey.d: fix formatting for version support lists
- proto.d: fix formatting for paragraphs after margin changes
- quiche: use send() instead of sendto() to avoid macOS issue
- Revert "c-hyper: handle body on HYPER_TASK_EMPTY"
- Revert "ftp: Expression 'ftpc->wait_data_conn' is always false"
- runtests: also find the last test in Makefile.inc
- runtests: enable 'hyper mode' only for HTTP tests
- runtests: init $VERSION to avoid warnings when using -l
- runtests: parse data/Makefile.inc instead of using make
- runtests: skip disabled tests unless -f is used
- rustls: remove native_roots fallback
- schannel: set ALPN length correctly for HTTP/2
- SChannel: Use '_tcsncmp()' instead
- sectransp: check for client certs by name first, then file
- setopt: fix incorrect comments
- socketpair: fix potential hangs
- socks4: scan for the IPv4 address in resolve results
- ssl: read pending close notify alert before closing the connection
- sws: malloc request struct instead of using stack
- telnet: fix option parser to not send uninitialized contents
- test1116: hyper doesn't pass through "surprise-trailers"
- test1147: hyper doesn't allow "crazy" request headers like built-in
- test1151: added missing CRLF to work with hyper
- test1216: adjusted for hyper mode
- test1218: adjusted for hyper mode
- test1230: adjust to work in hyper mode
- test1340/1341: adjusted for hyper mode
- test1438/1457: add HTTP keyword to make hyper mode work
- test1514: add a CRLF to the response to make it correct
- test1518: adjusted to work with hyper
- test1519: adjusted to work with hyper
- test1594/1595/1596: fix to work in hyper mode
- test269: disable for hyper
- test3010: work with hyper mode
- test328: avoid a header-looking body to make hyper mode work
- test339: CRLFify better to work in hyper mode
- test347: CRLFify to work in hyper mode
- test393: make Content-Length fit within 64 bit for hyper
- test394: hyper returns a different error
- test395: hyper cannot work around > 64 bit content-lengths like built-in
- test433: adjust for hyper mode
- test434: add HTTP keyword
- test500: adjust to work with hyper mode
- test566: adjust to work with hyper mode
- test599: adjusted to work in hyper mode
- test644: remove as duplicate of test 587
- tests: fix Accept-Encoding strips to work with Hyper builds
- TLS: prevent shutdown loops to get stuck
- tool: make _lseeki64() macro work with the PellesC compiler
- tool_help: document that --tlspassword takes a password
- tool_help: remove unused define
- url.c: remove two variable assigns that are never read
- url: (void)-prefix a curl_url_get() call
- url: bad CURLOPT_CONNECT_TO syntax now returns error
- version: turn version number functions into returning void
- vtls: exit addsessionid if no cache is inited
- vtls: fix connection reuse checks for issuer cert and case sensitivity
- vtls: only store TIMER_APPCONNECT for non-proxy connect
- vtls: use free() not curl_free()
- warnless: simplify type size handling
- Win32: fix build with Watt-32
- winbuild/README: VC should be set to 6 'or larger'
- winbuild: support alternate nghttp2 static lib name
- wolfssl: failing to set a session id is not reason to error out
- write-out.d: clarify urlnum is not unique for de-globbed URLs
- zuul: use the new rustls directory name