1 _ _ ____ _ 2 ___| | | | _ \| | 3 / __| | | | |_) | | 4 | (__| |_| | _ <| |___ 5 \___|\___/|_| \_\_____| 6 7 Things that could be nice to do in the future 8 9 Things to do in project curl. Please tell us what you think, contribute and 10 send us patches that improve things. 11 12 Be aware that these are things that we could do, or have once been considered 13 things we could do. If you want to work on any of these areas, please 14 consider bringing it up for discussions first on the mailing list so that we 15 all agree it is still a good idea for the project. 16 17 All bugs documented in the KNOWN_BUGS document are subject for fixing. 18 19 1. libcurl 20 1.1 TFO support on Windows 21 1.2 Consult %APPDATA% also for .netrc 22 1.3 struct lifreq 23 1.4 alt-svc sharing 24 1.5 get rid of PATH_MAX 25 1.6 thread-safe sharing 26 1.8 CURLOPT_RESOLVE for any port number 27 1.9 Cache negative name resolves 28 1.10 auto-detect proxy 29 1.11 minimize dependencies with dynamically loaded modules 30 1.12 updated DNS server while running 31 1.13 c-ares and CURLOPT_OPENSOCKETFUNCTION 32 1.14 connect to multiple IPs in parallel 33 1.15 Monitor connections in the connection pool 34 1.16 Try to URL encode given URL 35 1.17 Add support for IRIs 36 1.18 try next proxy if one does not work 37 1.19 provide timing info for each redirect 38 1.20 SRV and URI DNS records 39 1.21 netrc caching and sharing 40 1.22 CURLINFO_PAUSE_STATE 41 1.23 Offer API to flush the connection pool 42 1.25 Expose tried IP addresses that failed 43 1.28 FD_CLOEXEC 44 1.29 WebSocket read callback 45 1.30 config file parsing 46 1.31 erase secrets from heap/stack after use 47 1.32 add asynch getaddrinfo support 48 1.33 make DoH inherit more transfer properties 49 50 2. libcurl - multi interface 51 2.1 More non-blocking 52 2.2 Better support for same name resolves 53 2.3 Non-blocking curl_multi_remove_handle() 54 2.4 Split connect and authentication process 55 2.5 Edge-triggered sockets should work 56 2.6 multi upkeep 57 2.7 Virtual external sockets 58 2.8 dynamically decide to use socketpair 59 60 3. Documentation 61 3.1 Improve documentation about fork safety 62 63 4. FTP 64 4.1 HOST 65 4.4 Support CURLOPT_PREQUOTE for directories listings 66 4.6 GSSAPI via Windows SSPI 67 4.7 STAT for LIST without data connection 68 4.8 Passive transfer could try other IP addresses 69 70 5. HTTP 71 5.1 Provide the error body from a CONNECT response 72 5.2 Obey Retry-After in redirects 73 5.3 Rearrange request header order 74 5.4 Allow SAN names in HTTP/2 server push 75 5.5 auth= in URLs 76 5.6 alt-svc should fallback if alt-svc does not work 77 5.7 Require HTTP version X or higher 78 79 6. TELNET 80 6.1 ditch stdin 81 6.2 ditch telnet-specific select 82 6.3 feature negotiation debug data 83 6.4 exit immediately upon connection if stdin is /dev/null 84 85 7. SMTP 86 7.1 Passing NOTIFY option to CURLOPT_MAIL_RCPT 87 7.2 Enhanced capability support 88 7.3 Add CURLOPT_MAIL_CLIENT option 89 90 8. POP3 91 8.2 Enhanced capability support 92 93 9. IMAP 94 9.1 Enhanced capability support 95 9.2 upload unread 96 97 10. LDAP 98 10.1 SASL based authentication mechanisms 99 10.2 CURLOPT_SSL_CTX_FUNCTION for LDAPS 100 10.3 Paged searches on LDAP server 101 10.4 Certificate-Based Authentication 102 103 11. SMB 104 11.1 File listing support 105 11.2 Honor file timestamps 106 11.3 Use NTLMv2 107 11.4 Create remote directories 108 109 12. FILE 110 12.1 Directory listing on non-POSIX 111 112 13. TLS 113 13.1 TLS-PSK with OpenSSL 114 13.2 TLS channel binding 115 13.3 Defeat TLS fingerprinting 116 13.5 Export session ids 117 13.6 Provide callback for cert verification 118 13.7 Less memory massaging with Schannel 119 13.8 Support DANE 120 13.9 TLS record padding 121 13.10 Support Authority Information Access certificate extension (AIA) 122 13.11 Some TLS options are not offered for HTTPS proxies 123 13.13 Make sure we forbid TLS 1.3 post-handshake authentication 124 13.14 Support the clienthello extension 125 13.15 Select signature algorithms 126 13.16 Share the CA cache 127 13.17 Add missing features to TLS backends 128 129 15. Schannel 130 15.1 Extend support for client certificate authentication 131 15.2 Extend support for the --ciphers option 132 15.4 Add option to allow abrupt server closure 133 134 16. SASL 135 16.1 Other authentication mechanisms 136 16.2 Add QOP support to GSSAPI authentication 137 138 17. SSH protocols 139 17.1 Multiplexing 140 17.2 Handle growing SFTP files 141 17.3 Read keys from ~/.ssh/id_ecdsa, id_ed25519 142 17.4 Support CURLOPT_PREQUOTE 143 17.5 SSH over HTTPS proxy with more backends 144 17.6 SFTP with SCP:// 145 146 18. Command line tool 147 18.1 sync 148 18.2 glob posts 149 18.4 --proxycommand 150 18.5 UTF-8 filenames in Content-Disposition 151 18.6 Option to make -Z merge lined based outputs on stdout 152 18.7 specify which response codes that make -f/--fail return error 153 18.9 Choose the name of file in braces for complex URLs 154 18.10 improve how curl works in a Windows console window 155 18.11 Windows: set attribute 'archive' for completed downloads 156 18.12 keep running, read instructions from pipe/socket 157 18.13 Acknowledge Ratelimit headers 158 18.14 --dry-run 159 18.15 --retry should resume 160 18.16 send only part of --data 161 18.17 consider filename from the redirected URL with -O ? 162 18.18 retry on network is unreachable 163 18.19 expand ~/ in config files 164 18.20 hostname sections in config files 165 18.21 retry on the redirected-to URL 166 18.23 Set the modification date on an uploaded file 167 18.24 Use multiple parallel transfers for a single download 168 18.25 Prevent terminal injection when writing to terminal 169 18.26 Custom progress meter update interval 170 18.27 -J and -O with %-encoded filenames 171 18.28 -J with -C - 172 18.29 --retry and transfer timeouts 173 174 19. Build 175 19.2 Enable PIE and RELRO by default 176 19.3 Do not use GNU libtool on OpenBSD 177 19.4 Package curl for Windows in a signed installer 178 19.5 make configure use --cache-file more and better 179 180 20. Test suite 181 20.1 SSL tunnel 182 20.2 nicer lacking perl message 183 20.3 more protocols supported 184 20.4 more platforms supported 185 20.6 Use the RFC 6265 test suite 186 20.8 Run web-platform-tests URL tests 187 188 21. MQTT 189 21.1 Support rate-limiting 190 21.2 Support MQTTS 191 21.3 Handle network blocks 192 193 22. TFTP 194 22.1 TFTP does not convert LF to CRLF for mode=netascii 195 196 23. Gopher 197 23.1 Handle network blocks 198 199============================================================================== 200 2011. libcurl 202 2031.1 TFO support on Windows 204 205 libcurl supports the CURLOPT_TCP_FASTOPEN option since 7.49.0 for Linux and 206 macOS. Windows supports TCP Fast Open starting with Windows 10, version 1607 207 and we should add support for it. 208 209 TCP Fast Open is supported on several platforms but not on Windows. Work on 210 this was once started but never finished. 211 212 See https://github.com/curl/curl/pull/3378 213 2141.2 Consult %APPDATA% also for .netrc 215 216 %APPDATA%\.netrc is not considered when running on Windows. should not it? 217 218 See https://github.com/curl/curl/issues/4016 219 2201.3 struct lifreq 221 222 Use 'struct lifreq' and SIOCGLIFADDR instead of 'struct ifreq' and 223 SIOCGIFADDR on newer Solaris versions as they claim the latter is obsolete. 224 To support IPv6 interface addresses for network interfaces properly. 225 2261.4 alt-svc sharing 227 228 The share interface could benefit from allowing the alt-svc cache to be 229 possible to share between easy handles. 230 231 See https://github.com/curl/curl/issues/4476 232 233 The share interface offers CURL_LOCK_DATA_CONNECT to have multiple easy 234 handle share a connection cache, but due to how connections are used they are 235 still not thread-safe when used shared. 236 237 See https://github.com/curl/curl/issues/4915 and lib1541.c 238 239 The share interface offers CURL_LOCK_DATA_HSTS to have multiple easy handle 240 share a HSTS cache, but this is not thread-safe. 241 2421.5 get rid of PATH_MAX 243 244 Having code use and rely on PATH_MAX is not nice: 245 https://insanecoding.blogspot.com/2007/11/pathmax-simply-isnt.html 246 247 Currently the libssh2 SSH based code uses it, but to remove PATH_MAX from 248 there we need libssh2 to properly tell us when we pass in a too small buffer 249 and its current API (as of libssh2 1.2.7) does not. 250 2511.6 thread-safe sharing 252 253 Using the share interface users can share some data between easy handles but 254 several of the sharing options are documented as not safe and supported to 255 share between multiple concurrent threads. Fixing this would enable more 256 users to share data in more powerful ways. 257 2581.8 CURLOPT_RESOLVE for any port number 259 260 This option allows applications to set a replacement IP address for a given 261 host + port pair. Consider making support for providing a replacement address 262 for the hostname on all port numbers. 263 264 See https://github.com/curl/curl/issues/1264 265 2661.9 Cache negative name resolves 267 268 A name resolve that has failed is likely to fail when made again within a 269 short period of time. Currently we only cache positive responses. 270 2711.10 auto-detect proxy 272 273 libcurl could be made to detect the system proxy setup automatically and use 274 that. On Windows, macOS and Linux desktops for example. 275 276 The pull-request to use libproxy for this was deferred due to doubts on the 277 reliability of the dependency and how to use it: 278 https://github.com/curl/curl/pull/977 279 280 libdetectproxy is a (C++) library for detecting the proxy on Windows 281 https://github.com/paulharris/libdetectproxy 282 2831.11 minimize dependencies with dynamically loaded modules 284 285 We can create a system with loadable modules/plug-ins, where these modules 286 would be the ones that link to 3rd party libs. That would allow us to avoid 287 having to load ALL dependencies since only the necessary ones for this 288 app/invoke/used protocols would be necessary to load. See 289 https://github.com/curl/curl/issues/349 290 2911.12 updated DNS server while running 292 293 If /etc/resolv.conf gets updated while a program using libcurl is running, it 294 is may cause name resolves to fail unless res_init() is called. We should 295 consider calling res_init() + retry once unconditionally on all name resolve 296 failures to mitigate against this. Firefox works like that. Note that Windows 297 does not have res_init() or an alternative. 298 299 https://github.com/curl/curl/issues/2251 300 3011.13 c-ares and CURLOPT_OPENSOCKETFUNCTION 302 303 curl creates most sockets via the CURLOPT_OPENSOCKETFUNCTION callback and 304 close them with the CURLOPT_CLOSESOCKETFUNCTION callback. However, c-ares 305 does not use those functions and instead opens and closes the sockets itself. 306 This means that when curl passes the c-ares socket to the 307 CURLMOPT_SOCKETFUNCTION it is not owned by the application like other 308 sockets. 309 310 See https://github.com/curl/curl/issues/2734 311 3121.14 connect to multiple IPs in parallel 313 314 curl currently implements the happy eyeball algorithm for connecting to the 315 IPv4 and IPv6 alternatives for a host in parallel, sticking with the 316 connection that "wins". We could implement a similar algorithm per individual 317 IP family as well when there are multiple available addresses: start with the 318 first address, then start a second attempt N milliseconds after and then a 319 third another N milliseconds later. That way there would be less waiting when 320 the first IP has problems. It also improves the connection timeout value 321 handling for multiple address situations. 322 3231.15 Monitor connections in the connection pool 324 325 libcurl's connection cache or pool holds a number of open connections for the 326 purpose of possible subsequent connection reuse. It may contain a few up to a 327 significant amount of connections. Currently, libcurl leaves all connections 328 as they are and first when a connection is iterated over for matching or 329 reuse purpose it is verified that it is still alive. 330 331 Those connections may get closed by the server side for idleness or they may 332 get an HTTP/2 ping from the peer to verify that they are still alive. By 333 adding monitoring of the connections while in the pool, libcurl can detect 334 dead connections (and close them) better and earlier, and it can handle 335 HTTP/2 pings to keep such ones alive even when not actively doing transfers 336 on them. 337 3381.16 Try to URL encode given URL 339 340 Given a URL that for example contains spaces, libcurl could have an option 341 that would try somewhat harder than it does now and convert spaces to %20 and 342 perhaps URL encoded byte values over 128 etc (basically do what the redirect 343 following code already does). 344 345 https://github.com/curl/curl/issues/514 346 3471.17 Add support for IRIs 348 349 IRIs (RFC 3987) allow localized, non-ASCII, names in the URL. To properly 350 support this, curl/libcurl would need to translate/encode the given input 351 from the input string encoding into percent encoded output "over the wire". 352 353 To make that work smoothly for curl users even on Windows, curl would 354 probably need to be able to convert from several input encodings. 355 3561.18 try next proxy if one does not work 357 358 Allow an application to specify a list of proxies to try, and failing to 359 connect to the first go on and try the next instead until the list is 360 exhausted. Browsers support this feature at least when they specify proxies 361 using PACs. 362 363 https://github.com/curl/curl/issues/896 364 3651.19 provide timing info for each redirect 366 367 curl and libcurl provide timing information via a set of different 368 time-stamps (CURLINFO_*_TIME). When curl is following redirects, those 369 returned time value are the accumulated sums. An improvement could be to 370 offer separate timings for each redirect. 371 372 https://github.com/curl/curl/issues/6743 373 3741.20 SRV and URI DNS records 375 376 Offer support for resolving SRV and URI DNS records for libcurl to know which 377 server to connect to for various protocols (including HTTP). 378 3791.21 netrc caching and sharing 380 381 The netrc file is read and parsed each time a connection is setup, which 382 means that if a transfer needs multiple connections for authentication or 383 redirects, the file might be reread (and parsed) multiple times. This makes 384 it impossible to provide the file as a pipe. 385 3861.22 CURLINFO_PAUSE_STATE 387 388 Return information about the transfer's current pause state, in both 389 directions. https://github.com/curl/curl/issues/2588 390 3911.23 Offer API to flush the connection pool 392 393 Sometimes applications want to flush all the existing connections kept alive. 394 An API could allow a forced flush or just a forced loop that would properly 395 close all connections that have been closed by the server already. 396 3971.25 Expose tried IP addresses that failed 398 399 When libcurl fails to connect to a host, it could offer the application the 400 addresses that were used in the attempt. Source + dest IP, source + dest port 401 and protocol (UDP or TCP) for each failure. Possibly as a callback. Perhaps 402 also provide "reason". 403 404 https://github.com/curl/curl/issues/2126 405 4061.28 FD_CLOEXEC 407 408 It sets the close-on-exec flag for the file descriptor, which causes the file 409 descriptor to be automatically (and atomically) closed when any of the 410 exec-family functions succeed. Should probably be set by default? 411 412 https://github.com/curl/curl/issues/2252 413 4141.29 WebSocket read callback 415 416 Call the read callback once the connection is established to allow sending 417 the first message in the connection. 418 419 https://github.com/curl/curl/issues/11402 420 4211.30 config file parsing 422 423 Consider providing an API, possibly in a separate companion library, for 424 parsing a config file like curl's -K/--config option to allow applications to 425 get the same ability to read curl options from files. 426 427 See https://github.com/curl/curl/issues/3698 428 4291.31 erase secrets from heap/stack after use 430 431 Introducing a concept and system to erase secrets from memory after use, it 432 could help mitigate and lessen the impact of (future) security problems etc. 433 However: most secrets are passed to libcurl as clear text from the 434 application and then clearing them within the library adds nothing... 435 436 https://github.com/curl/curl/issues/7268 437 4381.32 add asynch getaddrinfo support 439 440 Use getaddrinfo_a() to provide an asynch name resolver backend to libcurl 441 that does not use threads and does not depend on c-ares. The getaddrinfo_a 442 function is (probably?) glibc specific but that is a widely used libc among 443 our users. 444 445 https://github.com/curl/curl/pull/6746 446 4471.33 make DoH inherit more transfer properties 448 449 Some options are not inherited because they are not relevant for the DoH SSL 450 connections, or inheriting the option may result in unexpected behavior. For 451 example the user's debug function callback is not inherited because it would 452 be unexpected for internal handles (ie DoH handles) to be passed to that 453 callback. 454 455 If an option is not inherited then it is not possible to set it separately 456 for DoH without a DoH-specific option. For example: 457 CURLOPT_DOH_SSL_VERIFYHOST, CURLOPT_DOH_SSL_VERIFYPEER and 458 CURLOPT_DOH_SSL_VERIFYSTATUS. 459 460 See https://github.com/curl/curl/issues/6605 461 4622. libcurl - multi interface 463 4642.1 More non-blocking 465 466 Make sure we do not ever loop because of non-blocking sockets returning 467 EWOULDBLOCK or similar. Blocking cases include: 468 469 - Name resolves on non-Windows unless c-ares or the threaded resolver is used. 470 471 - The threaded resolver may block on cleanup: 472 https://github.com/curl/curl/issues/4852 473 474 - file:// transfers 475 476 - TELNET transfers 477 478 - GSSAPI authentication for FTP transfers 479 480 - The "DONE" operation (post transfer protocol-specific actions) for the 481 protocols SFTP, SMTP, FTP. Fixing multi_done() for this is a worthy task. 482 483 - curl_multi_remove_handle for any of the above. See section 2.3. 484 485 - Calling curl_ws_send() from a callback 486 4872.2 Better support for same name resolves 488 489 If a name resolve has been initiated for name NN and a second easy handle 490 wants to resolve that name as well, make it wait for the first resolve to end 491 up in the cache instead of doing a second separate resolve. This is 492 especially needed when adding many simultaneous handles using the same host 493 name when the DNS resolver can get flooded. 494 4952.3 Non-blocking curl_multi_remove_handle() 496 497 The multi interface has a few API calls that assume a blocking behavior, like 498 add_handle() and remove_handle() which limits what we can do internally. The 499 multi API need to be moved even more into a single function that "drives" 500 everything in a non-blocking manner and signals when something is done. A 501 remove or add would then only ask for the action to get started and then 502 multi_perform() etc still be called until the add/remove is completed. 503 5042.4 Split connect and authentication process 505 506 The multi interface treats the authentication process as part of the connect 507 phase. As such any failures during authentication does not trigger the 508 relevant QUIT or LOGOFF for protocols such as IMAP, POP3 and SMTP. 509 5102.5 Edge-triggered sockets should work 511 512 The multi_socket API should work with edge-triggered socket events. One of 513 the internal actions that need to be improved for this to work perfectly is 514 the 'maxloops' handling in transfer.c:readwrite_data(). 515 5162.6 multi upkeep 517 518 In libcurl 7.62.0 we introduced curl_easy_upkeep. It unfortunately only works 519 on easy handles. We should introduces a version of that for the multi handle, 520 and also consider doing "upkeep" automatically on connections in the 521 connection pool when the multi handle is in used. 522 523 See https://github.com/curl/curl/issues/3199 524 5252.7 Virtual external sockets 526 527 libcurl performs operations on the given file descriptor that presumes it is 528 a socket and an application cannot replace them at the moment. Allowing an 529 application to fully replace those would allow a larger degree of freedom and 530 flexibility. 531 532 See https://github.com/curl/curl/issues/5835 533 5342.8 dynamically decide to use socketpair 535 536 For users who do not use curl_multi_wait() or do not care for 537 curl_multi_wakeup(), we could introduce a way to make libcurl NOT 538 create a socketpair in the multi handle. 539 540 See https://github.com/curl/curl/issues/4829 541 5423. Documentation 543 5443.1 Improve documentation about fork safety 545 546 See https://github.com/curl/curl/issues/6968 547 5484. FTP 549 5504.1 HOST 551 552 HOST is a command for a client to tell which hostname to use, to offer FTP 553 servers named-based virtual hosting: 554 555 https://datatracker.ietf.org/doc/html/rfc7151 556 5574.4 Support CURLOPT_PREQUOTE for directions listings 558 559 The lack of support is mostly an oversight and requires the FTP state machine 560 to get updated to get fixed. 561 562 https://github.com/curl/curl/issues/8602 563 5644.6 GSSAPI via Windows SSPI 565 566 In addition to currently supporting the SASL GSSAPI mechanism (Kerberos V5) 567 via third-party GSS-API libraries, such as Heimdal or MIT Kerberos, also add 568 support for GSSAPI authentication via Windows SSPI. 569 5704.7 STAT for LIST without data connection 571 572 Some FTP servers allow STAT for listing directories instead of using LIST, 573 and the response is then sent over the control connection instead of as the 574 otherwise usedw data connection: https://www.nsftools.com/tips/RawFTP.htm#STAT 575 576 This is not detailed in any FTP specification. 577 5784.8 Passive transfer could try other IP addresses 579 580 When doing FTP operations through a proxy at localhost, the reported spotted 581 that curl only tried to connect once to the proxy, while it had multiple 582 addresses and a failed connect on one address should make it try the next. 583 584 After switching to passive mode (EPSV), curl could try all IP addresses for 585 "localhost". Currently it tries ::1, but it should also try 127.0.0.1. 586 587 See https://github.com/curl/curl/issues/1508 588 5895. HTTP 590 5915.1 Provide the error body from a CONNECT response 592 593 When curl receives a body response from a CONNECT request to a proxy, it 594 always just reads and ignores it. It would make some users happy if curl 595 instead optionally would be able to make that responsible available. Via a 596 new callback? Through some other means? 597 598 See https://github.com/curl/curl/issues/9513 599 6005.2 Obey Retry-After in redirects 601 602 The Retry-After is said to dicate "the minimum time that the user agent is 603 asked to wait before issuing the redirected request" and libcurl does not 604 obey this. 605 606 See https://github.com/curl/curl/issues/11447 607 6085.3 Rearrange request header order 609 610 Server implementers often make an effort to detect browser and to reject 611 clients it can detect to not match. One of the last details we cannot yet 612 control in libcurl's HTTP requests, which also can be exploited to detect 613 that libcurl is in fact used even when it tries to impersonate a browser, is 614 the order of the request headers. I propose that we introduce a new option in 615 which you give headers a value, and then when the HTTP request is built it 616 sorts the headers based on that number. We could then have internally created 617 headers use a default value so only headers that need to be moved have to be 618 specified. 619 6205.4 Allow SAN names in HTTP/2 server push 621 622 curl only allows HTTP/2 push promise if the provided :authority header value 623 exactly matches the hostname given in the URL. It could be extended to allow 624 any name that would match the Subject Alternative Names in the server's TLS 625 certificate. 626 627 See https://github.com/curl/curl/pull/3581 628 6295.5 auth= in URLs 630 631 Add the ability to specify the preferred authentication mechanism to use by 632 using ;auth=<mech> in the login part of the URL. 633 634 For example: 635 636 http://test:pass;auth=NTLM@example.com would be equivalent to specifying 637 --user test:pass;auth=NTLM or --user test:pass --ntlm from the command line. 638 639 Additionally this should be implemented for proxy base URLs as well. 640 6415.6 alt-svc should fallback if alt-svc does not work 642 643 The alt-svc: header provides a set of alternative services for curl to use 644 instead of the original. If the first attempted one fails, it should try the 645 next etc and if all alternatives fail go back to the original. 646 647 See https://github.com/curl/curl/issues/4908 648 6495.7 Require HTTP version X or higher 650 651 curl and libcurl provide options for trying higher HTTP versions (for example 652 HTTP/2) but then still allows the server to pick version 1.1. We could 653 consider adding a way to require a minimum version. 654 655 See https://github.com/curl/curl/issues/7980 656 6576. TELNET 658 6596.1 ditch stdin 660 661 Reading input (to send to the remote server) on stdin is a crappy solution 662 for library purposes. We need to invent a good way for the application to be 663 able to provide the data to send. 664 6656.2 ditch telnet-specific select 666 667 Move the telnet support's network select() loop go away and merge the code 668 into the main transfer loop. Until this is done, the multi interface does not 669 work for telnet. 670 6716.3 feature negotiation debug data 672 673 Add telnet feature negotiation data to the debug callback as header data. 674 6756.4 exit immediately upon connection if stdin is /dev/null 676 677 If it did, curl could be used to probe if there is an server there listening 678 on a specific port. That is, the following command would exit immediately 679 after the connection is established with exit code 0: 680 681 curl -s --connect-timeout 2 telnet://example.com:80 </dev/null 682 6837. SMTP 684 6857.1 Passing NOTIFY option to CURLOPT_MAIL_RCPT 686 687 Is there a way to pass the NOTIFY option to the CURLOPT_MAIL_RCPT option ? I 688 set a string that already contains a bracket. For instance something like 689 that: curl_slist_append( recipients, "<foo@bar> NOTIFY=SUCCESS,FAILURE" ); 690 691 https://github.com/curl/curl/issues/8232 692 6937.2 Enhanced capability support 694 695 Add the ability, for an application that uses libcurl, to obtain the list of 696 capabilities returned from the EHLO command. 697 6987.3 Add CURLOPT_MAIL_CLIENT option 699 700 Rather than use the URL to specify the mail client string to present in the 701 HELO and EHLO commands, libcurl should support a new CURLOPT specifically for 702 specifying this data as the URL is non-standard and to be honest a bit of a 703 hack ;-) 704 705 Please see the following thread for more information: 706 https://curl.se/mail/lib-2012-05/0178.html 707 708 7098. POP3 710 7118.2 Enhanced capability support 712 713 Add the ability, for an application that uses libcurl, to obtain the list of 714 capabilities returned from the CAPA command. 715 7169. IMAP 717 7189.1 Enhanced capability support 719 720 Add the ability, for an application that uses libcurl, to obtain the list of 721 capabilities returned from the CAPABILITY command. 722 7239.2 upload unread 724 725 Uploads over IMAP currently always set the email as "read" (or "seen"). It 726 would be good to offer a way for users to select for uploads to remain 727 unread. 728 72910. LDAP 730 73110.1 SASL based authentication mechanisms 732 733 Currently the LDAP module only supports ldap_simple_bind_s() in order to bind 734 to an LDAP server. However, this function sends username and password details 735 using the simple authentication mechanism (as clear text). However, it should 736 be possible to use ldap_bind_s() instead specifying the security context 737 information ourselves. 738 73910.2 CURLOPT_SSL_CTX_FUNCTION for LDAPS 740 741 CURLOPT_SSL_CTX_FUNCTION works perfectly for HTTPS and email protocols, but 742 it has no effect for LDAPS connections. 743 744 https://github.com/curl/curl/issues/4108 745 74610.3 Paged searches on LDAP server 747 748 https://github.com/curl/curl/issues/4452 749 75010.4 Certificate-Based Authentication 751 752 LDAPS not possible with macOS and Windows with Certificate-Based Authentication 753 754 https://github.com/curl/curl/issues/9641 755 75611. SMB 757 75811.1 File listing support 759 760 Add support for listing the contents of a SMB share. The output should 761 probably be the same as/similar to FTP. 762 76311.2 Honor file timestamps 764 765 The timestamp of the transferred file should reflect that of the original 766 file. 767 76811.3 Use NTLMv2 769 770 Currently the SMB authentication uses NTLMv1. 771 77211.4 Create remote directories 773 774 Support for creating remote directories when uploading a file to a directory 775 that does not exist on the server, just like --ftp-create-dirs. 776 777 77812. FILE 779 78012.1 Directory listing on non-POSIX 781 782 Listing the contents of a directory accessed with FILE only works on 783 platforms with opendir. Support could be added for more systems, like 784 Windows. 785 78613. TLS 787 78813.1 TLS-PSK with OpenSSL 789 790 Transport Layer Security pre-shared key ciphersuites (TLS-PSK) is a set of 791 cryptographic protocols that provide secure communication based on pre-shared 792 keys (PSKs). These pre-shared keys are symmetric keys shared in advance among 793 the communicating parties. 794 795 https://github.com/curl/curl/issues/5081 796 79713.2 TLS channel binding 798 799 TLS 1.2 and 1.3 provide the ability to extract some secret data from the TLS 800 connection and use it in the client request (usually in some sort of 801 authentication) to ensure that the data sent is bound to the specific TLS 802 connection and cannot be successfully intercepted by a proxy. This 803 functionality can be used in a standard authentication mechanism such as 804 GSS-API or SCRAM, or in custom approaches like custom HTTP Authentication 805 headers. 806 807 For TLS 1.2, the binding type is usually tls-unique, and for TLS 1.3 it is 808 tls-exporter. 809 810 https://datatracker.ietf.org/doc/html/rfc5929 811 https://datatracker.ietf.org/doc/html/rfc9266 812 https://github.com/curl/curl/issues/9226 813 81413.3 Defeat TLS fingerprinting 815 816 By changing the order of TLS extensions provided in the TLS handshake, it is 817 sometimes possible to circumvent TLS fingerprinting by servers. The TLS 818 extension order is of course not the only way to fingerprint a client. 819 82013.5 Export session ids 821 822 Add an interface to libcurl that enables "session IDs" to get 823 exported/imported. Cris Bailiff said: "OpenSSL has functions which can 824 serialise the current SSL state to a buffer of your choice, and recover/reset 825 the state from such a buffer at a later date - this is used by mod_ssl for 826 apache to implement and SSL session ID cache". 827 82813.6 Provide callback for cert verification 829 830 OpenSSL supports a callback for customised verification of the peer 831 certificate, but this does not seem to be exposed in the libcurl APIs. Could 832 it be? There is so much that could be done if it were. 833 83413.7 Less memory massaging with Schannel 835 836 The Schannel backend does a lot of custom memory management we would rather 837 avoid: the repeated alloc + free in sends and the custom memory + realloc 838 system for encrypted and decrypted data. That should be avoided and reduced 839 for 1) efficiency and 2) safety. 840 84113.8 Support DANE 842 843 DNS-Based Authentication of Named Entities (DANE) is a way to provide SSL 844 keys and certs over DNS using DNSSEC as an alternative to the CA model. 845 https://www.rfc-editor.org/rfc/rfc6698.txt 846 847 An initial patch was posted by Suresh Krishnaswamy on March 7th 2013 848 (https://curl.se/mail/lib-2013-03/0075.html) but it was a too simple 849 approach. See Daniel's comments: 850 https://curl.se/mail/lib-2013-03/0103.html . libunbound may be the 851 correct library to base this development on. 852 853 Björn Stenberg wrote a separate initial take on DANE that was never 854 completed. 855 85613.9 TLS record padding 857 858 TLS (1.3) offers optional record padding and OpenSSL provides an API for it. 859 I could make sense for libcurl to offer this ability to applications to make 860 traffic patterns harder to figure out by network traffic observers. 861 862 See https://github.com/curl/curl/issues/5398 863 86413.10 Support Authority Information Access certificate extension (AIA) 865 866 AIA can provide various things like CRLs but more importantly information 867 about intermediate CA certificates that can allow validation path to be 868 fulfilled when the HTTPS server does not itself provide them. 869 870 Since AIA is about downloading certs on demand to complete a TLS handshake, 871 it is probably a bit tricky to get done right. 872 873 See https://github.com/curl/curl/issues/2793 874 87513.11 Some TLS options are not offered for HTTPS proxies 876 877 Some TLS related options to the command line tool and libcurl are only 878 provided for the server and not for HTTPS proxies. --proxy-tls-max, 879 --proxy-tlsv1.3, --proxy-curves and a few more. 880 For more Documentation on this see: 881 https://curl.se/libcurl/c/tls-options.html 882 883 https://github.com/curl/curl/issues/12286 884 88513.13 Make sure we forbid TLS 1.3 post-handshake authentication 886 887 RFC 8740 explains how using HTTP/2 must forbid the use of TLS 1.3 888 post-handshake authentication. We should make sure to live up to that. 889 890 See https://github.com/curl/curl/issues/5396 891 89213.14 Support the clienthello extension 893 894 Certain stupid networks and middle boxes have a problem with SSL handshake 895 packets that are within a certain size range because how that sets some bits 896 that previously (in older TLS version) were not set. The clienthello 897 extension adds padding to avoid that size range. 898 899 https://datatracker.ietf.org/doc/html/rfc7685 900 https://github.com/curl/curl/issues/2299 901 90213.15 Select signature algorithms 903 904 Consider adding an option or a way for users to select TLS signature 905 algorithm. The signature algorithms set by a client are used directly in the 906 supported signature algorithm in the client hello message. 907 908 https://github.com/curl/curl/issues/12982 909 91013.16 Share the CA cache 911 912 For TLS backends that supports CA caching, it makes sense to allow the share 913 object to be used to store the CA cache as well via the share API. Would 914 allow multiple easy handles to reuse the CA cache and save themselves from a 915 lot of extra processing overhead. 916 91713.17 Add missing features to TLS backends 918 919 The feature matrix at https://curl.se/libcurl/c/tls-options.html shows which 920 features are supported by which TLS backends, and thus also where there are 921 feature gaps. 922 92315. Schannel 924 92515.1 Extend support for client certificate authentication 926 927 The existing support for the -E/--cert and --key options could be 928 extended by supplying a custom certificate and key in PEM format, see: 929 - Getting a Certificate for Schannel 930 https://msdn.microsoft.com/en-us/library/windows/desktop/aa375447.aspx 931 93215.2 Extend support for the --ciphers option 933 934 The existing support for the --ciphers option could be extended 935 by mapping the OpenSSL/GnuTLS cipher suites to the Schannel APIs, see 936 - Specifying Schannel Ciphers and Cipher Strengths 937 https://msdn.microsoft.com/en-us/library/windows/desktop/aa380161.aspx 938 93915.4 Add option to allow abrupt server closure 940 941 libcurl with Schannel errors without a known termination point from the server 942 (such as length of transfer, or SSL "close notify" alert) to prevent against 943 a truncation attack. Really old servers may neglect to send any termination 944 point. An option could be added to ignore such abrupt closures. 945 946 https://github.com/curl/curl/issues/4427 947 94816. SASL 949 95016.1 Other authentication mechanisms 951 952 Add support for other authentication mechanisms such as OLP, 953 GSS-SPNEGO and others. 954 95516.2 Add QOP support to GSSAPI authentication 956 957 Currently the GSSAPI authentication only supports the default QOP of auth 958 (Authentication), whilst Kerberos V5 supports both auth-int (Authentication 959 with integrity protection) and auth-conf (Authentication with integrity and 960 privacy protection). 961 962 96317. SSH protocols 964 96517.1 Multiplexing 966 967 SSH is a perfectly fine multiplexed protocols which would allow libcurl to do 968 multiple parallel transfers from the same host using the same connection, 969 much in the same spirit as HTTP/2 does. libcurl however does not take 970 advantage of that ability but does instead always create a new connection for 971 new transfers even if an existing connection already exists to the host. 972 973 To fix this, libcurl would have to detect an existing connection and "attach" 974 the new transfer to the existing one. 975 97617.2 Handle growing SFTP files 977 978 The SFTP code in libcurl checks the file size *before* a transfer starts and 979 then proceeds to transfer exactly that amount of data. If the remote file 980 grows while the transfer is in progress libcurl does not notice and does not 981 adapt. The OpenSSH SFTP command line tool does and libcurl could also just 982 attempt to download more to see if there is more to get... 983 984 https://github.com/curl/curl/issues/4344 985 98617.3 Read keys from ~/.ssh/id_ecdsa, id_ed25519 987 988 The libssh2 backend in curl is limited to only reading keys from id_rsa and 989 id_dsa, which makes it fail connecting to servers that use more modern key 990 types. 991 992 https://github.com/curl/curl/issues/8586 993 99417.4 Support CURLOPT_PREQUOTE 995 996 The two other QUOTE options are supported for SFTP, but this was left out for 997 unknown reasons. 998 99917.5 SSH over HTTPS proxy with more backends 1000 1001 The SSH based protocols SFTP and SCP did not work over HTTPS proxy at 1002 all until PR https://github.com/curl/curl/pull/6021 brought the 1003 functionality with the libssh2 backend. Presumably, this support 1004 can/could be added for the other backends as well. 1005 100617.6 SFTP with SCP:// 1007 1008 OpenSSH 9 switched their 'scp' tool to speak SFTP under the hood. Going 1009 forward it might be worth having curl or libcurl attempt SFTP if SCP fails to 1010 follow suite. 1011 101218. Command line tool 1013 101418.1 sync 1015 1016 "curl --sync http://example.com/feed[1-100].rss" or 1017 "curl --sync http://example.net/{index,calendar,history}.html" 1018 1019 Downloads a range or set of URLs using the remote name, but only if the 1020 remote file is newer than the local file. A Last-Modified HTTP date header 1021 should also be used to set the mod date on the downloaded file. 1022 102318.2 glob posts 1024 1025 Globbing support for -d and -F, as in 'curl -d "name=foo[0-9]" URL'. 1026 This is easily scripted though. 1027 102818.4 --proxycommand 1029 1030 Allow the user to make curl run a command and use its stdio to make requests 1031 and not do any network connection by itself. Example: 1032 1033 curl --proxycommand 'ssh pi@raspberrypi.local -W 10.1.1.75 80' \ 1034 http://some/otherwise/unavailable/service.php 1035 1036 See https://github.com/curl/curl/issues/4941 1037 103818.5 UTF-8 filenames in Content-Disposition 1039 1040 RFC 6266 documents how UTF-8 names can be passed to a client in the 1041 Content-Disposition header, and curl does not support this. 1042 1043 https://github.com/curl/curl/issues/1888 1044 104518.6 Option to make -Z merge lined based outputs on stdout 1046 1047 When a user requests multiple lined based files using -Z and sends them to 1048 stdout, curl does not "merge" and send complete lines fine but may send 1049 partial lines from several sources. 1050 1051 https://github.com/curl/curl/issues/5175 1052 105318.7 specify which response codes that make -f/--fail return error 1054 1055 Allows a user to better specify exactly which error code(s) that are fine 1056 and which are errors for their specific uses cases 1057 105818.9 Choose the name of file in braces for complex URLs 1059 1060 When using braces to download a list of URLs and you use complicated names 1061 in the list of alternatives, it could be handy to allow curl to use other 1062 names when saving. 1063 1064 Consider a way to offer that. Possibly like 1065 {partURL1:name1,partURL2:name2,partURL3:name3} where the name following the 1066 colon is the output name. 1067 1068 See https://github.com/curl/curl/issues/221 1069 107018.10 improve how curl works in a Windows console window 1071 1072 If you pull the scrollbar when transferring with curl in a Windows console 1073 window, the transfer is interrupted and can get disconnected. This can 1074 probably be improved. See https://github.com/curl/curl/issues/322 1075 107618.11 Windows: set attribute 'archive' for completed downloads 1077 1078 The archive bit (FILE_ATTRIBUTE_ARCHIVE, 0x20) separates files that shall be 1079 backed up from those that are either not ready or have not changed. 1080 1081 Downloads in progress are neither ready to be backed up, nor should they be 1082 opened by a different process. Only after a download has been completed it is 1083 sensible to include it in any integer snapshot or backup of the system. 1084 1085 See https://github.com/curl/curl/issues/3354 1086 108718.12 keep running, read instructions from pipe/socket 1088 1089 Provide an option that makes curl not exit after the last URL (or even work 1090 without a given URL), and then make it read instructions passed on a pipe or 1091 over a socket to make further instructions so that a second subsequent curl 1092 invoke can talk to the still running instance and ask for transfers to get 1093 done, and thus maintain its connection pool, DNS cache and more. 1094 109518.13 Acknowledge Ratelimit headers 1096 1097 Consider a command line option that can make curl do multiple serial requests 1098 while acknowledging server specified rate limits: 1099 https://datatracker.ietf.org/doc/draft-ietf-httpapi-ratelimit-headers/ 1100 1101 See https://github.com/curl/curl/issues/5406 1102 110318.14 --dry-run 1104 1105 A command line option that makes curl show exactly what it would do and send 1106 if it would run for real. 1107 1108 See https://github.com/curl/curl/issues/5426 1109 111018.15 --retry should resume 1111 1112 When --retry is used and curl actually retries transfer, it should use the 1113 already transferred data and do a resumed transfer for the rest (when 1114 possible) so that it does not have to transfer the same data again that was 1115 already transferred before the retry. 1116 1117 See https://github.com/curl/curl/issues/1084 1118 111918.16 send only part of --data 1120 1121 When the user only wants to send a small piece of the data provided with 1122 --data or --data-binary, like when that data is a huge file, consider a way 1123 to specify that curl should only send a piece of that. One suggested syntax 1124 would be: "--data-binary @largefile.zip!1073741823-2147483647". 1125 1126 See https://github.com/curl/curl/issues/1200 1127 112818.17 consider filename from the redirected URL with -O ? 1129 1130 When a user gives a URL and uses -O, and curl follows a redirect to a new 1131 URL, the filename is not extracted and used from the newly redirected-to URL 1132 even if the new URL may have a much more sensible filename. 1133 1134 This is clearly documented and helps for security since there is no surprise 1135 to users which filename that might get overwritten, but maybe a new option 1136 could allow for this or maybe -J should imply such a treatment as well as -J 1137 already allows for the server to decide what filename to use so it already 1138 provides the "may overwrite any file" risk. 1139 1140 This is extra tricky if the original URL has no filename part at all since 1141 then the current code path does error out with an error message, and we 1142 cannot *know* already at that point if curl is redirected to a URL that has a 1143 filename... 1144 1145 See https://github.com/curl/curl/issues/1241 1146 114718.18 retry on network is unreachable 1148 1149 The --retry option retries transfers on "transient failures". We later added 1150 --retry-connrefused to also retry for "connection refused" errors. 1151 1152 Suggestions have been brought to also allow retry on "network is unreachable" 1153 errors and while totally reasonable, maybe we should consider a way to make 1154 this more configurable than to add a new option for every new error people 1155 want to retry for? 1156 1157 https://github.com/curl/curl/issues/1603 1158 115918.19 expand ~/ in config files 1160 1161 For example .curlrc could benefit from being able to do this. 1162 1163 See https://github.com/curl/curl/issues/2317 1164 116518.20 hostname sections in config files 1166 1167 config files would be more powerful if they could set different 1168 configurations depending on used URLs, hostname or possibly origin. Then a 1169 default .curlrc could a specific user-agent only when doing requests against 1170 a certain site. 1171 117218.21 retry on the redirected-to URL 1173 1174 When curl is told to --retry a failed transfer and follows redirects, it 1175 might get an HTTP 429 response from the redirected-to URL and not the 1176 original one, which then could make curl decide to rather retry the transfer 1177 on that URL only instead of the original operation to the original URL. 1178 1179 Perhaps extra emphasized if the original transfer is a large POST that 1180 redirects to a separate GET, and that GET is what gets the 529 1181 1182 See https://github.com/curl/curl/issues/5462 1183 118418.23 Set the modification date on an uploaded file 1185 1186 For SFTP and possibly FTP, curl could offer an option to set the 1187 modification time for the uploaded file. 1188 1189 See https://github.com/curl/curl/issues/5768 1190 119118.24 Use multiple parallel transfers for a single download 1192 1193 To enhance transfer speed, downloading a single URL can be split up into 1194 multiple separate range downloads that get combined into a single final 1195 result. 1196 1197 An ideal implementation would not use a specified number of parallel 1198 transfers, but curl could: 1199 - First start getting the full file as transfer A 1200 - If after N seconds have passed and the transfer is expected to continue for 1201 M seconds or more, add a new transfer (B) that asks for the second half of 1202 A's content (and stop A at the middle). 1203 - If splitting up the work improves the transfer rate, it could then be done 1204 again. Then again, etc up to a limit. 1205 1206 This way, if transfer B fails (because Range: is not supported) it lets 1207 transfer A remain the single one. N and M could be set to some sensible 1208 defaults. 1209 1210 See https://github.com/curl/curl/issues/5774 1211 121218.25 Prevent terminal injection when writing to terminal 1213 1214 curl could offer an option to make escape sequence either non-functional or 1215 avoid cursor moves or similar to reduce the risk of a user getting tricked by 1216 clever tricks. 1217 1218 See https://github.com/curl/curl/issues/6150 1219 122018.26 Custom progress meter update interval 1221 1222 Users who are for example doing large downloads in CI or remote setups might 1223 want the occasional progress meter update to see that the transfer is 1224 progressing and has not stuck, but they may not appreciate the 1225 many-times-a-second frequency curl can end up doing it with now. 1226 122718.27 -J and -O with %-encoded filenames 1228 1229 -J/--remote-header-name does not decode %-encoded filenames. RFC 6266 details 1230 how it should be done. The can of worm is basically that we have no charset 1231 handling in curl and ASCII >=128 is a challenge for us. Not to mention that 1232 decoding also means that we need to check for nastiness that is attempted, 1233 like "../" sequences and the like. Probably everything to the left of any 1234 embedded slashes should be cut off. 1235 https://curl.se/bug/view.cgi?id=1294 1236 1237 -O also does not decode %-encoded names, and while it has even less 1238 information about the charset involved the process is similar to the -J case. 1239 1240 Note that we do not decode -O without the user asking for it with some other 1241 means, since -O has always been documented to use the name exactly as 1242 specified in the URL. 1243 124418.28 -J with -C - 1245 1246 When using -J (with -O), automatically resumed downloading together with "-C 1247 -" fails. Without -J the same command line works. This happens because the 1248 resume logic is worked out before the target filename (and thus its 1249 pre-transfer size) has been figured out. This can be improved. 1250 1251 https://curl.se/bug/view.cgi?id=1169 1252 125318.29 --retry and transfer timeouts 1254 1255 If using --retry and the transfer timeouts (possibly due to using -m or 1256 -y/-Y) the next attempt does not resume the transfer properly from what was 1257 downloaded in the previous attempt but truncates and restarts at the original 1258 position where it was at before the previous failed attempt. See 1259 https://curl.se/mail/lib-2008-01/0080.html and Mandriva bug report 1260 https://qa.mandriva.com/show_bug.cgi?id=22565 1261 1262 126319. Build 1264 126519.2 Enable PIE and RELRO by default 1266 1267 Especially when having programs that execute curl via the command line, PIE 1268 renders the exploitation of memory corruption vulnerabilities a lot more 1269 difficult. This can be attributed to the additional information leaks being 1270 required to conduct a successful attack. RELRO, on the other hand, masks 1271 different binary sections like the GOT as read-only and thus kills a handful 1272 of techniques that come in handy when attackers are able to arbitrarily 1273 overwrite memory. A few tests showed that enabling these features had close 1274 to no impact, neither on the performance nor on the general functionality of 1275 curl. 1276 127719.3 Do not use GNU libtool on OpenBSD 1278 1279 When compiling curl on OpenBSD with "--enable-debug" it gives linking errors 1280 when you use GNU libtool. This can be fixed by using the libtool provided by 1281 OpenBSD itself. However for this the user always needs to invoke make with 1282 "LIBTOOL=/usr/bin/libtool". It would be nice if the script could have some 1283 magic to detect if this system is an OpenBSD host and then use the OpenBSD 1284 libtool instead. 1285 1286 See https://github.com/curl/curl/issues/5862 1287 128819.4 Package curl for Windows in a signed installer 1289 1290 See https://github.com/curl/curl/issues/5424 1291 129219.5 make configure use --cache-file more and better 1293 1294 The configure script can be improved to cache more values so that repeated 1295 invokes run much faster. 1296 1297 See https://github.com/curl/curl/issues/7753 1298 129920. Test suite 1300 130120.1 SSL tunnel 1302 1303 Make our own version of stunnel for simple port forwarding to enable HTTPS 1304 and FTP-SSL tests without the stunnel dependency, and it could allow us to 1305 provide test tools built with either OpenSSL or GnuTLS 1306 130720.2 nicer lacking perl message 1308 1309 If perl was not found by the configure script, do not attempt to run the tests 1310 but explain something nice why it does not. 1311 131220.3 more protocols supported 1313 1314 Extend the test suite to include more protocols. The telnet could just do FTP 1315 or http operations (for which we have test servers). 1316 131720.4 more platforms supported 1318 1319 Make the test suite work on more platforms. OpenBSD and macOS. Remove 1320 fork()s and it should become even more portable. 1321 132220.6 Use the RFC 6265 test suite 1323 1324 A test suite made for HTTP cookies (RFC 6265) by Adam Barth is available at 1325 https://github.com/abarth/http-state/tree/master/tests 1326 1327 It would be good if someone would write a script/setup that would run curl 1328 with that test suite and detect deviances. Ideally, that would even be 1329 incorporated into our regular test suite. 1330 133120.8 Run web-platform-tests URL tests 1332 1333 Run web-platform-tests URL tests and compare results with browsers on wpt.fyi 1334 1335 It would help us find issues to fix and help us document where our parser 1336 differs from the WHATWG URL spec parsers. 1337 1338 See https://github.com/curl/curl/issues/4477 1339 134021. MQTT 1341 134221.1 Support rate-limiting 1343 1344 The rate-limiting logic is done in the PERFORMING state in multi.c but MQTT 1345 is not (yet) implemented to use that. 1346 134721.2 Support MQTTS 1348 134921.3 Handle network blocks 1350 1351 Running test suite with 1352 `CURL_DBG_SOCK_WBLOCK=90 ./runtests.pl -a mqtt` makes several 1353 MQTT test cases fail where they should not. 1354 135522. TFTP 1356 135722.1 TFTP does not convert LF to CRLF for mode=netascii 1358 1359 RFC 3617 defines that an TFTP transfer can be done using "netascii" 1360 mode. curl does not support extracting that mode from the URL nor does it treat 1361 such transfers specifically. It should probably do LF to CRLF translations 1362 for them. 1363 1364 See https://github.com/curl/curl/issues/12655 1365 136623. Gopher 1367 136823.1 Handle network blocks 1369 1370 Running test suite with 1371 `CURL_DBG_SOCK_WBLOCK=90 ./runtests.pl -a 1200 to 1300` makes several 1372 Gopher test cases fail where they should not. 1373