123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793794795796797798799800801802803804805806807808809810811812813814815816817818819820821822823824825826827828829830831832833834835836837838839840841842843844845846847848849850851852853854855856857858859860861862863864865866867868869870871872873874875876877878879880881882883884885886887888889890891892893894895896897898899900901902903904905906907908909910911912913914915916917918919920921922923924925926927928929930931932933934935936937938939940941942943944945946947948949950951952953954955956957958959960961962963964965966967968969970971972973974975976977978979980981982983984985986987988989990991992993994995996997998999100010011002100310041005100610071008100910101011101210131014101510161017101810191020102110221023102410251026102710281029103010311032103310341035103610371038103910401041104210431044104510461047104810491050105110521053105410551056105710581059106010611062106310641065106610671068106910701071107210731074107510761077107810791080108110821083108410851086108710881089109010911092109310941095109610971098109911001101110211031104110511061107110811091110111111121113111411151116111711181119112011211122112311241125112611271128112911301131113211331134113511361137113811391140114111421143114411451146114711481149115011511152115311541155115611571158115911601161116211631164116511661167116811691170117111721173117411751176117711781179118011811182118311841185118611871188118911901191119211931194119511961197119811991200120112021203120412051206120712081209121012111212121312141215121612171218121912201221122212231224122512261227122812291230123112321233123412351236123712381239124012411242124312441245124612471248124912501251125212531254125512561257125812591260126112621263126412651266126712681269127012711272127312741275127612771278127912801281128212831284128512861287128812891290129112921293129412951296129712981299130013011302130313041305130613071308130913101311131213131314131513161317131813191320132113221323132413251326132713281329133013311332133313341335133613371338133913401341134213431344134513461347134813491350135113521353135413551356135713581359136013611362136313641365136613671368136913701371137213731374137513761377137813791380138113821383138413851386138713881389139013911392139313941395139613971398139914001401140214031404140514061407140814091410141114121413141414151416141714181419142014211422142314241425142614271428142914301431143214331434143514361437143814391440144114421443144414451446144714481449145014511452145314541455145614571458145914601461146214631464146514661467146814691470147114721473147414751476147714781479148014811482148314841485148614871488148914901491149214931494149514961497149814991500150115021503150415051506150715081509151015111512151315141515151615171518151915201521152215231524152515261527152815291530153115321533153415351536153715381539154015411542154315441545154615471548154915501551155215531554155515561557155815591560156115621563156415651566156715681569157015711572157315741575157615771578157915801581158215831584158515861587158815891590159115921593159415951596159715981599160016011602160316041605160616071608160916101611161216131614161516161617161816191620162116221623162416251626162716281629163016311632163316341635163616371638163916401641164216431644164516461647164816491650165116521653165416551656165716581659166016611662166316641665166616671668166916701671167216731674167516761677167816791680168116821683168416851686168716881689169016911692169316941695169616971698169917001701170217031704170517061707170817091710171117121713171417151716171717181719172017211722172317241725172617271728172917301731173217331734173517361737173817391740174117421743174417451746174717481749175017511752175317541755175617571758175917601761176217631764176517661767176817691770177117721773177417751776177717781779178017811782178317841785178617871788178917901791179217931794179517961797179817991800180118021803180418051806180718081809181018111812181318141815181618171818181918201821182218231824182518261827182818291830183118321833183418351836183718381839184018411842184318441845184618471848184918501851185218531854185518561857185818591860186118621863186418651866186718681869187018711872187318741875187618771878187918801881188218831884188518861887188818891890189118921893189418951896189718981899190019011902190319041905190619071908190919101911191219131914191519161917191819191920192119221923192419251926192719281929193019311932193319341935193619371938193919401941194219431944194519461947194819491950195119521953195419551956195719581959196019611962196319641965196619671968196919701971197219731974197519761977197819791980198119821983198419851986198719881989199019911992199319941995199619971998199920002001200220032004200520062007200820092010201120122013201420152016201720182019202020212022202320242025202620272028202920302031203220332034203520362037203820392040204120422043204420452046204720482049205020512052205320542055205620572058205920602061206220632064206520662067206820692070207120722073207420752076207720782079208020812082208320842085208620872088208920902091209220932094209520962097209820992100210121022103210421052106210721082109211021112112211321142115211621172118211921202121212221232124212521262127212821292130213121322133213421352136213721382139214021412142214321442145214621472148214921502151215221532154215521562157215821592160216121622163216421652166216721682169217021712172217321742175217621772178217921802181218221832184218521862187218821892190219121922193219421952196219721982199220022012202220322042205220622072208220922102211221222132214221522162217221822192220222122222223222422252226222722282229223022312232223322342235223622372238223922402241224222432244224522462247224822492250225122522253225422552256225722582259226022612262226322642265226622672268226922702271227222732274227522762277227822792280228122822283228422852286228722882289229022912292229322942295229622972298229923002301230223032304230523062307230823092310231123122313231423152316231723182319232023212322232323242325232623272328232923302331233223332334233523362337233823392340234123422343234423452346234723482349235023512352235323542355235623572358235923602361236223632364236523662367236823692370237123722373237423752376237723782379238023812382238323842385238623872388238923902391239223932394239523962397239823992400240124022403240424052406240724082409241024112412241324142415241624172418241924202421242224232424242524262427242824292430243124322433243424352436243724382439244024412442244324442445244624472448244924502451245224532454245524562457245824592460246124622463246424652466246724682469247024712472247324742475247624772478247924802481248224832484248524862487248824892490249124922493249424952496249724982499250025012502250325042505250625072508250925102511251225132514251525162517251825192520252125222523252425252526252725282529253025312532253325342535253625372538253925402541254225432544254525462547254825492550255125522553255425552556255725582559256025612562256325642565256625672568256925702571257225732574257525762577257825792580258125822583258425852586258725882589259025912592259325942595259625972598259926002601260226032604260526062607260826092610261126122613261426152616261726182619262026212622262326242625262626272628262926302631263226332634263526362637263826392640264126422643264426452646264726482649265026512652265326542655265626572658265926602661266226632664266526662667266826692670267126722673267426752676267726782679268026812682268326842685268626872688268926902691269226932694269526962697269826992700270127022703270427052706270727082709271027112712271327142715271627172718271927202721272227232724272527262727272827292730273127322733273427352736273727382739274027412742274327442745274627472748274927502751275227532754275527562757275827592760276127622763276427652766276727682769277027712772277327742775277627772778277927802781278227832784278527862787278827892790279127922793279427952796279727982799280028012802280328042805280628072808280928102811281228132814281528162817281828192820282128222823282428252826282728282829283028312832283328342835283628372838283928402841284228432844284528462847284828492850285128522853285428552856285728582859286028612862286328642865286628672868286928702871287228732874287528762877287828792880288128822883288428852886288728882889289028912892289328942895289628972898289929002901290229032904290529062907290829092910291129122913291429152916291729182919292029212922292329242925292629272928292929302931293229332934293529362937293829392940294129422943294429452946294729482949295029512952295329542955295629572958295929602961296229632964296529662967296829692970297129722973297429752976297729782979298029812982298329842985298629872988298929902991299229932994299529962997299829993000300130023003300430053006300730083009301030113012301330143015301630173018301930203021302230233024302530263027302830293030303130323033303430353036303730383039304030413042304330443045304630473048304930503051305230533054305530563057305830593060306130623063306430653066306730683069307030713072307330743075307630773078307930803081308230833084308530863087308830893090309130923093309430953096309730983099310031013102310331043105310631073108310931103111311231133114311531163117311831193120312131223123312431253126312731283129313031313132313331343135313631373138313931403141314231433144314531463147314831493150315131523153315431553156315731583159316031613162316331643165316631673168316931703171317231733174317531763177317831793180318131823183318431853186318731883189319031913192319331943195319631973198319932003201320232033204320532063207320832093210321132123213321432153216321732183219322032213222322332243225322632273228322932303231323232333234323532363237323832393240324132423243324432453246324732483249325032513252325332543255325632573258325932603261326232633264326532663267326832693270327132723273327432753276327732783279328032813282328332843285328632873288328932903291329232933294329532963297329832993300330133023303330433053306330733083309331033113312331333143315331633173318331933203321332233233324332533263327332833293330333133323333333433353336333733383339334033413342334333443345334633473348334933503351335233533354335533563357335833593360336133623363336433653366336733683369337033713372337333743375337633773378337933803381338233833384338533863387338833893390339133923393339433953396339733983399340034013402340334043405340634073408340934103411341234133414341534163417341834193420342134223423342434253426342734283429343034313432343334343435343634373438343934403441344234433444344534463447344834493450345134523453345434553456345734583459346034613462346334643465346634673468346934703471347234733474347534763477347834793480348134823483348434853486348734883489349034913492349334943495349634973498349935003501350235033504350535063507350835093510351135123513351435153516351735183519352035213522352335243525352635273528352935303531353235333534353535363537353835393540354135423543354435453546354735483549355035513552355335543555355635573558355935603561356235633564356535663567356835693570357135723573357435753576357735783579358035813582358335843585358635873588358935903591359235933594359535963597359835993600360136023603360436053606360736083609361036113612361336143615361636173618361936203621362236233624362536263627362836293630363136323633363436353636363736383639364036413642364336443645364636473648364936503651365236533654365536563657365836593660366136623663366436653666366736683669367036713672367336743675367636773678367936803681368236833684368536863687368836893690369136923693369436953696369736983699370037013702370337043705370637073708370937103711371237133714371537163717371837193720372137223723372437253726372737283729373037313732373337343735373637373738373937403741374237433744374537463747374837493750375137523753375437553756375737583759376037613762376337643765376637673768376937703771377237733774377537763777377837793780378137823783378437853786378737883789379037913792379337943795379637973798379938003801380238033804380538063807380838093810381138123813381438153816381738183819382038213822382338243825382638273828382938303831383238333834383538363837383838393840384138423843384438453846384738483849385038513852385338543855385638573858385938603861386238633864386538663867386838693870387138723873387438753876387738783879388038813882388338843885388638873888388938903891389238933894389538963897389838993900390139023903390439053906390739083909391039113912391339143915391639173918391939203921392239233924392539263927392839293930393139323933393439353936393739383939394039413942394339443945394639473948394939503951395239533954395539563957395839593960396139623963396439653966396739683969397039713972397339743975397639773978397939803981398239833984398539863987398839893990399139923993399439953996399739983999400040014002400340044005400640074008400940104011401240134014401540164017401840194020402140224023402440254026402740284029403040314032403340344035403640374038403940404041404240434044404540464047404840494050405140524053405440554056405740584059406040614062406340644065406640674068406940704071407240734074407540764077407840794080408140824083408440854086408740884089409040914092409340944095409640974098409941004101410241034104410541064107410841094110411141124113411441154116411741184119412041214122412341244125412641274128412941304131413241334134413541364137413841394140414141424143414441454146414741484149415041514152415341544155415641574158415941604161416241634164416541664167416841694170417141724173417441754176417741784179418041814182418341844185418641874188418941904191419241934194419541964197419841994200420142024203420442054206420742084209421042114212421342144215421642174218421942204221422242234224422542264227422842294230423142324233423442354236423742384239424042414242424342444245424642474248424942504251425242534254425542564257425842594260426142624263426442654266426742684269427042714272427342744275427642774278427942804281428242834284428542864287428842894290429142924293429442954296429742984299430043014302430343044305430643074308430943104311431243134314431543164317431843194320432143224323432443254326432743284329433043314332433343344335433643374338433943404341434243434344434543464347434843494350435143524353435443554356435743584359436043614362436343644365436643674368436943704371437243734374437543764377437843794380438143824383438443854386438743884389439043914392439343944395439643974398439944004401440244034404440544064407440844094410441144124413441444154416441744184419442044214422442344244425442644274428442944304431443244334434443544364437443844394440444144424443444444454446444744484449445044514452445344544455445644574458445944604461446244634464446544664467446844694470447144724473447444754476447744784479448044814482448344844485448644874488448944904491449244934494449544964497449844994500450145024503450445054506450745084509451045114512451345144515451645174518451945204521452245234524452545264527452845294530453145324533453445354536453745384539454045414542454345444545454645474548454945504551455245534554455545564557455845594560456145624563456445654566456745684569457045714572457345744575457645774578457945804581458245834584458545864587458845894590459145924593459445954596459745984599460046014602460346044605460646074608460946104611461246134614461546164617461846194620462146224623462446254626462746284629463046314632463346344635463646374638463946404641464246434644464546464647464846494650465146524653465446554656465746584659466046614662466346644665466646674668466946704671467246734674467546764677467846794680468146824683468446854686468746884689469046914692469346944695469646974698469947004701470247034704470547064707470847094710471147124713471447154716471747184719472047214722472347244725472647274728472947304731473247334734473547364737473847394740474147424743474447454746474747484749475047514752475347544755475647574758475947604761476247634764476547664767476847694770477147724773477447754776477747784779478047814782478347844785478647874788478947904791479247934794479547964797479847994800480148024803480448054806480748084809481048114812481348144815481648174818481948204821482248234824482548264827482848294830483148324833483448354836483748384839484048414842484348444845484648474848484948504851485248534854485548564857485848594860486148624863486448654866486748684869487048714872487348744875487648774878487948804881488248834884488548864887488848894890489148924893489448954896489748984899490049014902490349044905490649074908490949104911491249134914491549164917491849194920492149224923492449254926492749284929493049314932493349344935493649374938493949404941494249434944494549464947494849494950495149524953495449554956495749584959496049614962496349644965496649674968496949704971497249734974497549764977497849794980498149824983498449854986498749884989499049914992499349944995499649974998499950005001500250035004500550065007500850095010501150125013501450155016501750185019502050215022502350245025502650275028502950305031503250335034503550365037503850395040504150425043504450455046504750485049505050515052505350545055505650575058505950605061506250635064506550665067506850695070507150725073507450755076507750785079508050815082508350845085508650875088508950905091509250935094509550965097509850995100510151025103510451055106510751085109511051115112511351145115511651175118511951205121512251235124512551265127512851295130513151325133513451355136513751385139514051415142514351445145514651475148514951505151515251535154515551565157515851595160516151625163516451655166516751685169517051715172517351745175517651775178517951805181518251835184518551865187518851895190519151925193519451955196519751985199520052015202520352045205520652075208520952105211521252135214521552165217521852195220522152225223522452255226522752285229523052315232523352345235523652375238523952405241524252435244524552465247524852495250525152525253525452555256525752585259526052615262526352645265526652675268526952705271527252735274527552765277527852795280528152825283528452855286528752885289529052915292529352945295529652975298529953005301530253035304530553065307530853095310531153125313531453155316531753185319532053215322532353245325532653275328532953305331533253335334533553365337533853395340534153425343534453455346534753485349535053515352535353545355535653575358535953605361536253635364536553665367536853695370537153725373537453755376537753785379538053815382538353845385538653875388538953905391539253935394539553965397539853995400540154025403540454055406540754085409541054115412541354145415541654175418541954205421542254235424542554265427542854295430543154325433543454355436543754385439544054415442544354445445544654475448544954505451545254535454545554565457545854595460546154625463546454655466546754685469547054715472547354745475547654775478547954805481548254835484548554865487548854895490549154925493549454955496549754985499550055015502550355045505550655075508550955105511551255135514551555165517551855195520552155225523552455255526552755285529553055315532553355345535553655375538553955405541554255435544554555465547554855495550555155525553555455555556555755585559556055615562556355645565556655675568556955705571557255735574557555765577557855795580558155825583558455855586558755885589559055915592559355945595559655975598559956005601560256035604560556065607560856095610561156125613561456155616561756185619562056215622562356245625562656275628562956305631563256335634563556365637563856395640564156425643564456455646564756485649565056515652565356545655565656575658565956605661566256635664566556665667566856695670567156725673567456755676567756785679568056815682568356845685568656875688568956905691569256935694569556965697569856995700570157025703570457055706570757085709571057115712571357145715571657175718571957205721572257235724572557265727572857295730573157325733573457355736573757385739574057415742574357445745574657475748574957505751575257535754575557565757575857595760576157625763576457655766576757685769577057715772577357745775577657775778577957805781578257835784578557865787578857895790579157925793579457955796579757985799580058015802580358045805580658075808580958105811581258135814581558165817581858195820582158225823582458255826582758285829583058315832583358345835583658375838583958405841584258435844584558465847584858495850585158525853585458555856585758585859586058615862586358645865586658675868586958705871587258735874587558765877587858795880588158825883588458855886588758885889589058915892589358945895589658975898589959005901590259035904590559065907590859095910591159125913591459155916591759185919592059215922592359245925592659275928592959305931593259335934593559365937593859395940594159425943594459455946594759485949595059515952595359545955595659575958595959605961596259635964596559665967596859695970597159725973597459755976597759785979598059815982598359845985598659875988598959905991599259935994599559965997599859996000600160026003600460056006600760086009601060116012601360146015601660176018601960206021602260236024602560266027602860296030603160326033603460356036603760386039604060416042604360446045604660476048604960506051605260536054605560566057605860596060606160626063606460656066606760686069607060716072607360746075607660776078607960806081608260836084608560866087608860896090609160926093609460956096609760986099610061016102610361046105610661076108610961106111611261136114611561166117611861196120612161226123612461256126612761286129613061316132613361346135613661376138613961406141614261436144614561466147614861496150615161526153615461556156615761586159616061616162616361646165616661676168616961706171617261736174617561766177617861796180618161826183618461856186618761886189619061916192619361946195619661976198619962006201620262036204620562066207620862096210621162126213621462156216621762186219622062216222622362246225622662276228622962306231623262336234623562366237623862396240624162426243624462456246624762486249625062516252625362546255625662576258625962606261626262636264626562666267626862696270627162726273627462756276627762786279628062816282628362846285628662876288628962906291629262936294629562966297629862996300630163026303630463056306630763086309631063116312631363146315631663176318631963206321632263236324632563266327632863296330633163326333633463356336633763386339634063416342634363446345634663476348634963506351635263536354635563566357635863596360636163626363636463656366636763686369637063716372637363746375637663776378637963806381638263836384638563866387638863896390639163926393639463956396639763986399640064016402640364046405640664076408640964106411641264136414641564166417641864196420642164226423642464256426642764286429643064316432643364346435643664376438643964406441644264436444644564466447644864496450645164526453645464556456645764586459646064616462646364646465646664676468646964706471647264736474647564766477647864796480648164826483648464856486648764886489649064916492649364946495649664976498649965006501650265036504650565066507650865096510651165126513651465156516651765186519652065216522652365246525652665276528652965306531653265336534653565366537653865396540654165426543654465456546654765486549655065516552655365546555655665576558655965606561656265636564656565666567656865696570657165726573657465756576657765786579658065816582658365846585658665876588658965906591659265936594659565966597659865996600660166026603660466056606660766086609661066116612661366146615661666176618661966206621662266236624662566266627662866296630663166326633663466356636663766386639664066416642664366446645664666476648664966506651665266536654665566566657665866596660666166626663666466656666666766686669667066716672667366746675667666776678667966806681668266836684668566866687668866896690669166926693669466956696669766986699670067016702670367046705670667076708670967106711671267136714671567166717671867196720672167226723672467256726672767286729673067316732673367346735673667376738673967406741674267436744674567466747674867496750675167526753675467556756675767586759676067616762676367646765676667676768676967706771677267736774677567766777677867796780678167826783678467856786678767886789679067916792679367946795679667976798679968006801680268036804680568066807680868096810681168126813681468156816681768186819682068216822682368246825682668276828682968306831683268336834683568366837683868396840684168426843684468456846684768486849685068516852685368546855685668576858685968606861686268636864686568666867686868696870687168726873687468756876687768786879688068816882688368846885688668876888688968906891689268936894689568966897689868996900690169026903690469056906690769086909691069116912691369146915691669176918691969206921692269236924692569266927692869296930693169326933693469356936693769386939694069416942694369446945694669476948694969506951695269536954695569566957695869596960696169626963696469656966696769686969697069716972697369746975697669776978697969806981698269836984698569866987698869896990699169926993699469956996699769986999700070017002700370047005700670077008700970107011701270137014701570167017701870197020702170227023702470257026702770287029703070317032703370347035703670377038703970407041704270437044704570467047704870497050705170527053705470557056705770587059706070617062706370647065706670677068706970707071707270737074707570767077707870797080708170827083708470857086708770887089709070917092709370947095709670977098709971007101710271037104710571067107710871097110711171127113711471157116711771187119712071217122712371247125712671277128712971307131713271337134713571367137713871397140714171427143714471457146714771487149715071517152715371547155715671577158715971607161716271637164716571667167716871697170717171727173717471757176717771787179718071817182718371847185718671877188718971907191719271937194719571967197719871997200720172027203720472057206720772087209721072117212721372147215721672177218721972207221722272237224722572267227722872297230723172327233723472357236723772387239724072417242724372447245724672477248724972507251725272537254725572567257725872597260726172627263726472657266726772687269727072717272727372747275727672777278727972807281728272837284728572867287728872897290729172927293729472957296729772987299730073017302730373047305730673077308730973107311731273137314731573167317731873197320732173227323732473257326732773287329733073317332733373347335733673377338733973407341734273437344734573467347734873497350735173527353735473557356735773587359736073617362736373647365736673677368736973707371737273737374737573767377737873797380738173827383738473857386738773887389739073917392739373947395739673977398739974007401740274037404740574067407740874097410741174127413741474157416741774187419742074217422742374247425742674277428742974307431743274337434743574367437743874397440744174427443744474457446744774487449745074517452745374547455745674577458745974607461746274637464746574667467746874697470747174727473747474757476747774787479748074817482748374847485748674877488748974907491749274937494749574967497749874997500750175027503750475057506750775087509751075117512751375147515751675177518751975207521752275237524752575267527752875297530753175327533753475357536753775387539754075417542754375447545754675477548754975507551755275537554755575567557755875597560756175627563756475657566756775687569757075717572757375747575757675777578757975807581758275837584758575867587758875897590759175927593759475957596759775987599760076017602760376047605760676077608760976107611761276137614761576167617761876197620762176227623762476257626762776287629763076317632763376347635763676377638763976407641764276437644764576467647764876497650765176527653765476557656765776587659766076617662766376647665766676677668766976707671767276737674767576767677767876797680768176827683768476857686768776887689769076917692769376947695769676977698769977007701770277037704770577067707770877097710771177127713771477157716771777187719772077217722772377247725772677277728772977307731773277337734773577367737773877397740774177427743774477457746774777487749775077517752775377547755775677577758775977607761776277637764776577667767776877697770777177727773777477757776777777787779778077817782778377847785778677877788778977907791779277937794779577967797779877997800780178027803780478057806780778087809781078117812781378147815781678177818781978207821782278237824782578267827782878297830783178327833783478357836783778387839784078417842784378447845784678477848784978507851785278537854785578567857785878597860786178627863786478657866786778687869787078717872787378747875787678777878787978807881788278837884788578867887788878897890789178927893789478957896789778987899790079017902790379047905790679077908790979107911791279137914791579167917791879197920792179227923792479257926792779287929793079317932793379347935793679377938793979407941794279437944794579467947794879497950795179527953795479557956795779587959796079617962796379647965796679677968796979707971797279737974797579767977797879797980798179827983798479857986798779887989799079917992799379947995799679977998799980008001800280038004800580068007800880098010801180128013801480158016801780188019802080218022802380248025802680278028802980308031803280338034803580368037803880398040804180428043804480458046804780488049805080518052805380548055805680578058805980608061806280638064806580668067806880698070807180728073807480758076807780788079808080818082808380848085808680878088808980908091809280938094809580968097809880998100810181028103810481058106810781088109811081118112811381148115811681178118811981208121812281238124812581268127812881298130813181328133813481358136813781388139814081418142814381448145814681478148814981508151815281538154815581568157815881598160816181628163816481658166816781688169817081718172817381748175817681778178817981808181818281838184818581868187818881898190819181928193819481958196819781988199820082018202820382048205820682078208820982108211821282138214821582168217821882198220822182228223822482258226822782288229823082318232823382348235823682378238823982408241824282438244824582468247824882498250825182528253825482558256825782588259826082618262826382648265826682678268826982708271827282738274827582768277827882798280828182828283828482858286828782888289829082918292829382948295829682978298829983008301830283038304830583068307830883098310831183128313831483158316831783188319832083218322832383248325832683278328832983308331833283338334833583368337833883398340834183428343834483458346834783488349835083518352835383548355835683578358835983608361836283638364836583668367836883698370837183728373837483758376837783788379838083818382838383848385838683878388838983908391839283938394839583968397839883998400840184028403840484058406840784088409841084118412841384148415841684178418841984208421842284238424842584268427842884298430843184328433843484358436843784388439844084418442844384448445844684478448844984508451845284538454845584568457845884598460846184628463846484658466846784688469847084718472847384748475847684778478847984808481848284838484848584868487848884898490849184928493849484958496849784988499850085018502850385048505850685078508850985108511851285138514851585168517851885198520852185228523852485258526852785288529853085318532853385348535853685378538853985408541854285438544854585468547854885498550855185528553855485558556855785588559856085618562856385648565856685678568856985708571857285738574857585768577857885798580858185828583858485858586858785888589859085918592859385948595859685978598859986008601860286038604860586068607860886098610861186128613861486158616861786188619862086218622862386248625862686278628862986308631863286338634863586368637863886398640864186428643864486458646864786488649865086518652865386548655865686578658865986608661866286638664866586668667866886698670867186728673867486758676867786788679868086818682868386848685868686878688868986908691869286938694869586968697869886998700870187028703870487058706870787088709871087118712871387148715871687178718871987208721872287238724872587268727872887298730873187328733873487358736873787388739874087418742874387448745874687478748874987508751875287538754875587568757875887598760876187628763876487658766876787688769877087718772877387748775877687778778877987808781878287838784878587868787878887898790879187928793879487958796879787988799880088018802880388048805880688078808880988108811881288138814881588168817881888198820882188228823882488258826882788288829883088318832883388348835883688378838883988408841884288438844884588468847884888498850885188528853885488558856885788588859886088618862886388648865886688678868886988708871887288738874887588768877887888798880888188828883888488858886888788888889889088918892889388948895889688978898889989008901890289038904890589068907890889098910891189128913891489158916891789188919892089218922892389248925892689278928892989308931893289338934893589368937893889398940894189428943894489458946894789488949895089518952895389548955895689578958895989608961896289638964896589668967896889698970897189728973897489758976897789788979898089818982898389848985898689878988898989908991899289938994899589968997899889999000900190029003900490059006900790089009901090119012901390149015901690179018901990209021902290239024902590269027902890299030903190329033903490359036903790389039904090419042904390449045904690479048904990509051905290539054905590569057905890599060906190629063906490659066906790689069907090719072907390749075907690779078907990809081908290839084908590869087908890899090909190929093909490959096909790989099910091019102910391049105910691079108910991109111911291139114911591169117911891199120912191229123912491259126912791289129913091319132913391349135913691379138913991409141914291439144914591469147914891499150915191529153915491559156915791589159916091619162916391649165916691679168916991709171917291739174917591769177917891799180918191829183918491859186918791889189919091919192919391949195919691979198919992009201920292039204920592069207920892099210921192129213921492159216921792189219922092219222922392249225922692279228922992309231923292339234923592369237923892399240924192429243924492459246924792489249925092519252925392549255925692579258925992609261926292639264926592669267926892699270927192729273927492759276927792789279928092819282928392849285928692879288928992909291929292939294929592969297929892999300930193029303930493059306930793089309931093119312931393149315931693179318931993209321932293239324932593269327932893299330933193329333933493359336933793389339934093419342934393449345934693479348934993509351935293539354935593569357935893599360936193629363936493659366936793689369937093719372937393749375937693779378937993809381938293839384938593869387938893899390939193929393939493959396939793989399940094019402940394049405940694079408940994109411941294139414941594169417941894199420942194229423942494259426942794289429943094319432943394349435943694379438943994409441944294439444944594469447944894499450945194529453945494559456945794589459946094619462946394649465946694679468946994709471947294739474947594769477947894799480948194829483948494859486948794889489949094919492949394949495949694979498949995009501950295039504950595069507950895099510951195129513951495159516951795189519952095219522952395249525952695279528952995309531953295339534953595369537953895399540954195429543954495459546954795489549955095519552955395549555955695579558955995609561956295639564956595669567956895699570957195729573957495759576957795789579958095819582958395849585958695879588958995909591959295939594959595969597959895999600960196029603960496059606960796089609961096119612961396149615961696179618961996209621962296239624962596269627962896299630963196329633963496359636963796389639964096419642964396449645964696479648964996509651965296539654965596569657965896599660966196629663966496659666966796689669967096719672967396749675967696779678967996809681968296839684968596869687968896899690969196929693969496959696969796989699970097019702970397049705970697079708970997109711971297139714971597169717971897199720972197229723972497259726972797289729973097319732973397349735973697379738973997409741974297439744974597469747974897499750975197529753975497559756975797589759976097619762976397649765976697679768976997709771977297739774977597769777977897799780978197829783978497859786978797889789979097919792979397949795979697979798979998009801980298039804980598069807980898099810981198129813981498159816981798189819982098219822982398249825982698279828982998309831983298339834983598369837983898399840984198429843984498459846984798489849985098519852985398549855985698579858985998609861986298639864986598669867986898699870987198729873987498759876987798789879988098819882988398849885988698879888988998909891989298939894989598969897989898999900990199029903990499059906990799089909991099119912991399149915991699179918991999209921992299239924992599269927992899299930993199329933993499359936993799389939994099419942994399449945994699479948994999509951995299539954995599569957995899599960996199629963996499659966996799689969997099719972997399749975997699779978997999809981998299839984998599869987998899899990999199929993999499959996999799989999100001000110002100031000410005100061000710008100091001010011100121001310014100151001610017100181001910020100211002210023100241002510026100271002810029100301003110032100331003410035100361003710038100391004010041100421004310044100451004610047100481004910050100511005210053100541005510056100571005810059100601006110062100631006410065100661006710068100691007010071100721007310074100751007610077100781007910080100811008210083100841008510086100871008810089100901009110092100931009410095100961009710098100991010010101101021010310104101051010610107101081010910110101111011210113101141011510116101171011810119101201012110122101231012410125101261012710128101291013010131101321013310134101351013610137101381013910140101411014210143101441014510146101471014810149101501015110152101531015410155101561015710158101591016010161101621016310164101651016610167101681016910170101711017210173101741017510176101771017810179101801018110182101831018410185101861018710188101891019010191101921019310194101951019610197101981019910200102011020210203102041020510206102071020810209102101021110212102131021410215102161021710218102191022010221102221022310224102251022610227102281022910230102311023210233102341023510236102371023810239102401024110242102431024410245102461024710248102491025010251102521025310254102551025610257102581025910260102611026210263102641026510266102671026810269102701027110272102731027410275102761027710278102791028010281102821028310284102851028610287102881028910290102911029210293102941029510296102971029810299103001030110302103031030410305103061030710308103091031010311103121031310314103151031610317103181031910320103211032210323103241032510326103271032810329103301033110332103331033410335103361033710338103391034010341103421034310344103451034610347103481034910350103511035210353103541035510356103571035810359103601036110362103631036410365103661036710368103691037010371103721037310374103751037610377103781037910380103811038210383103841038510386103871038810389103901039110392103931039410395103961039710398103991040010401104021040310404104051040610407104081040910410104111041210413104141041510416104171041810419104201042110422104231042410425104261042710428104291043010431104321043310434104351043610437104381043910440104411044210443104441044510446104471044810449104501045110452104531045410455104561045710458104591046010461104621046310464104651046610467104681046910470104711047210473104741047510476104771047810479104801048110482104831048410485104861048710488104891049010491104921049310494104951049610497104981049910500105011050210503105041050510506105071050810509105101051110512105131051410515105161051710518105191052010521105221052310524105251052610527105281052910530105311053210533105341053510536105371053810539105401054110542105431054410545105461054710548105491055010551105521055310554105551055610557105581055910560105611056210563105641056510566105671056810569105701057110572105731057410575105761057710578105791058010581105821058310584105851058610587105881058910590105911059210593105941059510596105971059810599106001060110602106031060410605106061060710608106091061010611106121061310614106151061610617106181061910620106211062210623106241062510626106271062810629106301063110632106331063410635106361063710638106391064010641106421064310644106451064610647106481064910650106511065210653106541065510656106571065810659106601066110662106631066410665106661066710668106691067010671106721067310674106751067610677106781067910680106811068210683106841068510686106871068810689106901069110692106931069410695106961069710698106991070010701107021070310704107051070610707107081070910710107111071210713107141071510716107171071810719107201072110722107231072410725107261072710728107291073010731107321073310734107351073610737107381073910740107411074210743107441074510746107471074810749107501075110752107531075410755107561075710758107591076010761107621076310764107651076610767107681076910770107711077210773107741077510776107771077810779107801078110782107831078410785107861078710788107891079010791107921079310794107951079610797107981079910800108011080210803108041080510806108071080810809108101081110812108131081410815108161081710818108191082010821108221082310824108251082610827108281082910830108311083210833108341083510836108371083810839108401084110842108431084410845108461084710848108491085010851108521085310854108551085610857108581085910860108611086210863108641086510866108671086810869108701087110872108731087410875108761087710878108791088010881108821088310884108851088610887108881088910890108911089210893108941089510896108971089810899109001090110902109031090410905109061090710908109091091010911109121091310914109151091610917109181091910920109211092210923109241092510926109271092810929109301093110932109331093410935109361093710938109391094010941109421094310944109451094610947109481094910950109511095210953109541095510956109571095810959109601096110962109631096410965109661096710968109691097010971109721097310974109751097610977109781097910980109811098210983109841098510986109871098810989109901099110992109931099410995109961099710998109991100011001110021100311004110051100611007110081100911010110111101211013110141101511016110171101811019110201102111022110231102411025110261102711028110291103011031110321103311034110351103611037110381103911040110411104211043110441104511046110471104811049110501105111052110531105411055110561105711058110591106011061110621106311064110651106611067110681106911070110711107211073110741107511076110771107811079110801108111082110831108411085110861108711088110891109011091110921109311094110951109611097110981109911100111011110211103111041110511106111071110811109111101111111112111131111411115111161111711118111191112011121111221112311124111251112611127111281112911130111311113211133111341113511136111371113811139111401114111142111431114411145111461114711148111491115011151111521115311154111551115611157111581115911160111611116211163111641116511166111671116811169111701117111172111731117411175111761117711178111791118011181111821118311184111851118611187111881118911190111911119211193111941119511196111971119811199112001120111202112031120411205112061120711208112091121011211112121121311214112151121611217112181121911220112211122211223112241122511226112271122811229112301123111232112331123411235112361123711238112391124011241112421124311244112451124611247112481124911250112511125211253112541125511256112571125811259112601126111262112631126411265112661126711268112691127011271112721127311274112751127611277112781127911280112811128211283112841128511286112871128811289112901129111292112931129411295112961129711298112991130011301113021130311304113051130611307113081130911310113111131211313113141131511316113171131811319113201132111322113231132411325113261132711328113291133011331113321133311334113351133611337113381133911340113411134211343113441134511346113471134811349113501135111352113531135411355113561135711358113591136011361113621136311364113651136611367113681136911370113711137211373113741137511376113771137811379113801138111382113831138411385113861138711388113891139011391113921139311394113951139611397113981139911400114011140211403114041140511406114071140811409114101141111412114131141411415114161141711418114191142011421114221142311424114251142611427114281142911430114311143211433114341143511436114371143811439114401144111442114431144411445114461144711448114491145011451114521145311454114551145611457114581145911460114611146211463114641146511466114671146811469114701147111472114731147411475114761147711478114791148011481114821148311484114851148611487114881148911490114911149211493114941149511496114971149811499115001150111502115031150411505115061150711508115091151011511115121151311514115151151611517115181151911520115211152211523115241152511526115271152811529115301153111532115331153411535115361153711538115391154011541115421154311544115451154611547115481154911550115511155211553115541155511556115571155811559115601156111562115631156411565115661156711568115691157011571115721157311574115751157611577115781157911580115811158211583115841158511586115871158811589115901159111592115931159411595115961159711598115991160011601116021160311604116051160611607116081160911610116111161211613116141161511616116171161811619116201162111622116231162411625116261162711628116291163011631116321163311634116351163611637116381163911640116411164211643116441164511646116471164811649116501165111652116531165411655116561165711658116591166011661116621166311664116651166611667116681166911670116711167211673116741167511676116771167811679116801168111682116831168411685116861168711688116891169011691116921169311694116951169611697116981169911700117011170211703117041170511706117071170811709117101171111712117131171411715117161171711718117191172011721117221172311724117251172611727117281172911730117311173211733117341173511736117371173811739117401174111742117431174411745117461174711748117491175011751117521175311754117551175611757117581175911760117611176211763117641176511766117671176811769117701177111772117731177411775117761177711778117791178011781117821178311784117851178611787117881178911790117911179211793117941179511796117971179811799118001180111802118031180411805118061180711808118091181011811118121181311814118151181611817118181181911820118211182211823118241182511826118271182811829118301183111832118331183411835118361183711838118391184011841118421184311844118451184611847118481184911850118511185211853118541185511856118571185811859118601186111862118631186411865118661186711868118691187011871118721187311874118751187611877118781187911880118811188211883118841188511886118871188811889118901189111892118931189411895118961189711898118991190011901119021190311904119051190611907119081190911910119111191211913119141191511916119171191811919119201192111922119231192411925119261192711928119291193011931119321193311934119351193611937119381193911940119411194211943119441194511946119471194811949119501195111952119531195411955119561195711958119591196011961119621196311964119651196611967119681196911970119711197211973119741197511976119771197811979119801198111982119831198411985119861198711988119891199011991119921199311994119951199611997119981199912000120011200212003120041200512006120071200812009120101201112012120131201412015120161201712018120191202012021120221202312024120251202612027120281202912030120311203212033120341203512036120371203812039120401204112042120431204412045120461204712048120491205012051120521205312054120551205612057120581205912060120611206212063120641206512066120671206812069120701207112072120731207412075120761207712078120791208012081120821208312084120851208612087120881208912090120911209212093120941209512096120971209812099121001210112102121031210412105121061210712108121091211012111121121211312114121151211612117121181211912120121211212212123121241212512126121271212812129121301213112132121331213412135121361213712138121391214012141121421214312144121451214612147121481214912150121511215212153121541215512156121571215812159121601216112162121631216412165121661216712168121691217012171121721217312174121751217612177121781217912180121811218212183121841218512186121871218812189121901219112192121931219412195121961219712198121991220012201122021220312204122051220612207122081220912210122111221212213122141221512216122171221812219122201222112222122231222412225122261222712228122291223012231122321223312234122351223612237122381223912240122411224212243122441224512246122471224812249122501225112252122531225412255122561225712258122591226012261122621226312264122651226612267122681226912270122711227212273122741227512276122771227812279122801228112282122831228412285122861228712288122891229012291122921229312294122951229612297122981229912300123011230212303123041230512306123071230812309123101231112312123131231412315123161231712318123191232012321123221232312324123251232612327123281232912330123311233212333123341233512336123371233812339123401234112342123431234412345123461234712348123491235012351123521235312354123551235612357123581235912360123611236212363123641236512366123671236812369123701237112372123731237412375123761237712378123791238012381123821238312384123851238612387123881238912390123911239212393123941239512396123971239812399124001240112402124031240412405124061240712408124091241012411124121241312414124151241612417124181241912420124211242212423124241242512426124271242812429124301243112432124331243412435124361243712438124391244012441124421244312444124451244612447124481244912450124511245212453124541245512456124571245812459124601246112462124631246412465124661246712468124691247012471124721247312474124751247612477124781247912480124811248212483124841248512486124871248812489124901249112492124931249412495124961249712498124991250012501125021250312504125051250612507125081250912510125111251212513125141251512516125171251812519125201252112522125231252412525125261252712528125291253012531125321253312534125351253612537125381253912540125411254212543125441254512546125471254812549125501255112552125531255412555125561255712558125591256012561125621256312564125651256612567125681256912570125711257212573125741257512576125771257812579125801258112582125831258412585125861258712588125891259012591125921259312594125951259612597125981259912600126011260212603126041260512606126071260812609126101261112612126131261412615126161261712618126191262012621126221262312624126251262612627126281262912630126311263212633126341263512636126371263812639126401264112642126431264412645126461264712648126491265012651126521265312654126551265612657126581265912660126611266212663126641266512666126671266812669126701267112672126731267412675126761267712678126791268012681126821268312684126851268612687126881268912690126911269212693126941269512696126971269812699127001270112702127031270412705127061270712708127091271012711127121271312714127151271612717127181271912720127211272212723127241272512726127271272812729127301273112732127331273412735127361273712738127391274012741127421274312744127451274612747127481274912750127511275212753127541275512756127571275812759127601276112762127631276412765127661276712768127691277012771127721277312774127751277612777127781277912780127811278212783127841278512786127871278812789127901279112792127931279412795127961279712798127991280012801128021280312804128051280612807128081280912810128111281212813128141281512816128171281812819128201282112822128231282412825128261282712828128291283012831128321283312834128351283612837128381283912840128411284212843128441284512846128471284812849128501285112852128531285412855128561285712858128591286012861128621286312864128651286612867128681286912870128711287212873128741287512876128771287812879128801288112882128831288412885128861288712888128891289012891128921289312894128951289612897128981289912900129011290212903129041290512906129071290812909129101291112912129131291412915129161291712918129191292012921129221292312924129251292612927129281292912930129311293212933129341293512936129371293812939129401294112942129431294412945129461294712948129491295012951129521295312954129551295612957129581295912960129611296212963129641296512966129671296812969129701297112972129731297412975129761297712978129791298012981129821298312984129851298612987129881298912990129911299212993129941299512996129971299812999130001300113002130031300413005130061300713008130091301013011130121301313014130151301613017130181301913020130211302213023130241302513026130271302813029130301303113032130331303413035130361303713038130391304013041130421304313044130451304613047130481304913050130511305213053130541305513056130571305813059130601306113062130631306413065130661306713068130691307013071130721307313074130751307613077130781307913080130811308213083130841308513086130871308813089130901309113092130931309413095130961309713098130991310013101131021310313104131051310613107131081310913110131111311213113131141311513116131171311813119131201312113122131231312413125131261312713128131291313013131131321313313134131351313613137131381313913140131411314213143131441314513146131471314813149131501315113152131531315413155131561315713158131591316013161131621316313164131651316613167131681316913170131711317213173131741317513176131771317813179131801318113182131831318413185131861318713188131891319013191131921319313194131951319613197131981319913200132011320213203132041320513206132071320813209132101321113212132131321413215132161321713218132191322013221132221322313224132251322613227132281322913230132311323213233132341323513236132371323813239132401324113242132431324413245132461324713248132491325013251132521325313254132551325613257132581325913260132611326213263132641326513266132671326813269132701327113272132731327413275132761327713278132791328013281132821328313284132851328613287132881328913290132911329213293132941329513296132971329813299133001330113302133031330413305133061330713308133091331013311133121331313314133151331613317133181331913320133211332213323133241332513326133271332813329133301333113332133331333413335133361333713338133391334013341133421334313344133451334613347133481334913350133511335213353133541335513356133571335813359133601336113362133631336413365133661336713368133691337013371133721337313374133751337613377133781337913380133811338213383133841338513386133871338813389133901339113392133931339413395133961339713398133991340013401134021340313404134051340613407134081340913410134111341213413134141341513416134171341813419134201342113422134231342413425134261342713428134291343013431134321343313434134351343613437134381343913440134411344213443134441344513446134471344813449134501345113452134531345413455134561345713458134591346013461134621346313464134651346613467134681346913470134711347213473134741347513476134771347813479134801348113482134831348413485134861348713488134891349013491134921349313494134951349613497134981349913500135011350213503135041350513506135071350813509135101351113512135131351413515135161351713518135191352013521135221352313524135251352613527135281352913530135311353213533135341353513536135371353813539135401354113542135431354413545135461354713548135491355013551135521355313554135551355613557135581355913560135611356213563135641356513566135671356813569135701357113572135731357413575135761357713578135791358013581135821358313584135851358613587135881358913590135911359213593135941359513596135971359813599136001360113602136031360413605136061360713608136091361013611136121361313614136151361613617136181361913620136211362213623136241362513626136271362813629136301363113632136331363413635136361363713638136391364013641136421364313644136451364613647136481364913650136511365213653136541365513656136571365813659136601366113662136631366413665136661366713668136691367013671136721367313674136751367613677136781367913680136811368213683136841368513686136871368813689136901369113692136931369413695136961369713698136991370013701137021370313704137051370613707137081370913710137111371213713137141371513716137171371813719137201372113722137231372413725137261372713728137291373013731137321373313734137351373613737137381373913740137411374213743137441374513746137471374813749137501375113752137531375413755137561375713758137591376013761137621376313764137651376613767137681376913770137711377213773137741377513776137771377813779137801378113782137831378413785137861378713788137891379013791137921379313794137951379613797137981379913800138011380213803138041380513806138071380813809138101381113812138131381413815138161381713818138191382013821138221382313824138251382613827138281382913830138311383213833138341383513836138371383813839138401384113842138431384413845138461384713848138491385013851138521385313854138551385613857138581385913860138611386213863138641386513866138671386813869138701387113872138731387413875138761387713878138791388013881138821388313884138851388613887138881388913890138911389213893138941389513896138971389813899139001390113902139031390413905139061390713908139091391013911139121391313914139151391613917139181391913920139211392213923139241392513926139271392813929139301393113932139331393413935139361393713938139391394013941139421394313944139451394613947139481394913950139511395213953139541395513956139571395813959139601396113962139631396413965139661396713968139691397013971139721397313974139751397613977139781397913980139811398213983139841398513986139871398813989139901399113992139931399413995139961399713998139991400014001140021400314004140051400614007140081400914010140111401214013140141401514016140171401814019140201402114022140231402414025140261402714028140291403014031140321403314034140351403614037140381403914040140411404214043140441404514046140471404814049140501405114052140531405414055140561405714058140591406014061140621406314064140651406614067140681406914070140711407214073140741407514076140771407814079140801408114082140831408414085140861408714088140891409014091140921409314094140951409614097140981409914100141011410214103141041410514106141071410814109141101411114112141131411414115141161411714118141191412014121141221412314124141251412614127141281412914130141311413214133141341413514136141371413814139141401414114142141431414414145141461414714148141491415014151141521415314154141551415614157141581415914160141611416214163141641416514166141671416814169141701417114172141731417414175141761417714178141791418014181141821418314184141851418614187141881418914190141911419214193141941419514196141971419814199142001420114202142031420414205142061420714208142091421014211142121421314214142151421614217142181421914220142211422214223142241422514226142271422814229142301423114232142331423414235142361423714238142391424014241142421424314244142451424614247142481424914250142511425214253142541425514256142571425814259142601426114262142631426414265142661426714268142691427014271142721427314274142751427614277142781427914280142811428214283142841428514286142871428814289142901429114292142931429414295142961429714298142991430014301143021430314304143051430614307143081430914310143111431214313143141431514316143171431814319143201432114322143231432414325143261432714328143291433014331143321433314334143351433614337143381433914340143411434214343143441434514346143471434814349143501435114352143531435414355143561435714358143591436014361143621436314364143651436614367143681436914370143711437214373143741437514376143771437814379143801438114382143831438414385143861438714388143891439014391143921439314394143951439614397143981439914400144011440214403144041440514406144071440814409144101441114412144131441414415144161441714418144191442014421144221442314424144251442614427144281442914430144311443214433144341443514436144371443814439144401444114442144431444414445144461444714448144491445014451144521445314454144551445614457144581445914460144611446214463144641446514466144671446814469144701447114472144731447414475144761447714478144791448014481144821448314484144851448614487144881448914490144911449214493144941449514496144971449814499145001450114502145031450414505145061450714508145091451014511145121451314514145151451614517145181451914520145211452214523145241452514526145271452814529145301453114532145331453414535145361453714538145391454014541145421454314544145451454614547145481454914550145511455214553145541455514556145571455814559145601456114562145631456414565145661456714568145691457014571145721457314574145751457614577145781457914580145811458214583145841458514586145871458814589145901459114592145931459414595145961459714598145991460014601146021460314604146051460614607146081460914610146111461214613146141461514616146171461814619146201462114622146231462414625146261462714628146291463014631146321463314634146351463614637146381463914640146411464214643146441464514646146471464814649146501465114652146531465414655146561465714658146591466014661146621466314664146651466614667146681466914670146711467214673146741467514676146771467814679146801468114682146831468414685146861468714688146891469014691146921469314694146951469614697146981469914700147011470214703147041470514706147071470814709147101471114712147131471414715147161471714718147191472014721147221472314724147251472614727147281472914730147311473214733147341473514736147371473814739147401474114742147431474414745147461474714748147491475014751147521475314754147551475614757147581475914760147611476214763147641476514766147671476814769147701477114772147731477414775147761477714778147791478014781147821478314784147851478614787147881478914790147911479214793147941479514796147971479814799148001480114802148031480414805148061480714808148091481014811148121481314814148151481614817148181481914820148211482214823148241482514826148271482814829148301483114832148331483414835148361483714838148391484014841148421484314844148451484614847148481484914850148511485214853148541485514856148571485814859148601486114862148631486414865148661486714868148691487014871148721487314874148751487614877148781487914880148811488214883148841488514886148871488814889148901489114892148931489414895148961489714898148991490014901149021490314904149051490614907149081490914910149111491214913149141491514916149171491814919149201492114922149231492414925149261492714928149291493014931149321493314934149351493614937149381493914940149411494214943149441494514946149471494814949149501495114952149531495414955149561495714958149591496014961149621496314964149651496614967149681496914970149711497214973149741497514976149771497814979149801498114982149831498414985149861498714988149891499014991149921499314994149951499614997149981499915000150011500215003150041500515006150071500815009150101501115012150131501415015150161501715018150191502015021150221502315024150251502615027150281502915030150311503215033150341503515036150371503815039150401504115042150431504415045150461504715048150491505015051150521505315054150551505615057150581505915060150611506215063150641506515066150671506815069150701507115072150731507415075150761507715078150791508015081150821508315084150851508615087150881508915090150911509215093150941509515096150971509815099151001510115102151031510415105151061510715108151091511015111151121511315114151151511615117151181511915120151211512215123151241512515126151271512815129151301513115132151331513415135151361513715138151391514015141151421514315144151451514615147151481514915150151511515215153151541515515156151571515815159151601516115162151631516415165151661516715168151691517015171151721517315174151751517615177151781517915180151811518215183151841518515186151871518815189151901519115192151931519415195151961519715198151991520015201152021520315204152051520615207152081520915210152111521215213152141521515216152171521815219152201522115222152231522415225152261522715228152291523015231152321523315234152351523615237152381523915240152411524215243152441524515246152471524815249152501525115252152531525415255152561525715258152591526015261152621526315264152651526615267152681526915270152711527215273152741527515276152771527815279152801528115282152831528415285152861528715288152891529015291152921529315294152951529615297152981529915300153011530215303153041530515306153071530815309153101531115312153131531415315153161531715318153191532015321153221532315324153251532615327153281532915330153311533215333153341533515336153371533815339153401534115342153431534415345153461534715348153491535015351153521535315354153551535615357153581535915360153611536215363153641536515366153671536815369153701537115372153731537415375153761537715378153791538015381153821538315384153851538615387153881538915390153911539215393153941539515396153971539815399154001540115402154031540415405154061540715408154091541015411154121541315414154151541615417154181541915420154211542215423154241542515426154271542815429154301543115432154331543415435154361543715438154391544015441154421544315444154451544615447154481544915450154511545215453154541545515456154571545815459154601546115462154631546415465154661546715468154691547015471154721547315474154751547615477154781547915480154811548215483154841548515486154871548815489154901549115492154931549415495154961549715498154991550015501155021550315504155051550615507155081550915510155111551215513155141551515516155171551815519155201552115522155231552415525155261552715528155291553015531155321553315534155351553615537155381553915540155411554215543155441554515546155471554815549155501555115552155531555415555155561555715558155591556015561155621556315564155651556615567155681556915570155711557215573155741557515576155771557815579155801558115582155831558415585155861558715588155891559015591155921559315594155951559615597155981559915600156011560215603156041560515606156071560815609156101561115612156131561415615156161561715618156191562015621156221562315624156251562615627 |
- _ _ ____ _
- ___| | | | _ \| |
- / __| | | | |_) | |
- | (__| |_| | _ <| |___
- \___|\___/|_| \_\_____|
- Old Changelog
- Changes done to curl and libcurl from 1997 to 2008. The most recent changes are
- always kept in the CHANGES file.
- Version 7.19.2 (13 November 2008)
- Michal Marek (13 Nov 2008)
- - Fixed a potential data loss in Curl_client_write() when the transfer is
- paused.
- Daniel Stenberg (11 Nov 2008)
- - Rainer Canavan filed bug #2255627
- (http://curl.haxx.se/bug/view.cgi?id=2255627) which pointed out that a
- program using libcurl's multi interface to download a HTTPS page with a
- libcurl built powered by OpenSSL, would easily get silly and instead hand
- over SSL details as data instead of the actual HTTP headers and body. This
- happened because libcurl would consider the connection handshake done too
- early. This problem was introduced at September 22nd 2008 with my fix of the
- bug #2107377
- The correct fix is now instead done within the GnuTLS-handling code, as both
- the OpenSSL and the NSS code already deal with this situation in similar
- fashion. I added test case 560 in an attempt to verify this fix, but
- unfortunately it didn't trigger it even before this fix!
- Yang Tse (11 Nov 2008)
- - Related with bug #2230535 (http://curl.haxx.se/bug/view.cgi?id=2230535)
- Daniel Fandrich noticed that curl_addrinfo was also missing in the build
- process of other four non-configure platforms. Added now.
- Daniel Fandrich (7 Nov 2008)
- - The getifaddrs() version of Curl_if2ip() crashed when used on a Linux
- system with a TEQL load-balancing device configured, which doesn't
- have an address. Thanks to Adam Sampson for spotting this (bug #2234923).
- Yang Tse (6 Nov 2008)
- - Merged existing IPv4 and IPv6 Curl_ip2addr functions into a single one
- which now also takes a protocol address family argument.
- - Bug #2230535 (http://curl.haxx.se/bug/view.cgi?id=2230535) pointed out a
- problem with MSVC 6 makefile that caused a build failure. It was noted that
- the curl_addrinfo.obj reference was missing. I took the opportunity to sort
- the list in which this was missing. Issue submitted by John Wilkinson.
- Version 7.19.1 (5 November 2008)
- Daniel Stenberg (4 Nov 2008)
- - CURLINFO_FILETIME now works for file:// transfers as well
- Daniel Stenberg (3 Nov 2008)
- - Bug #2218480 (http://curl.haxx.se/bug/view.cgi?id=2218480) pointed out a
- problem with my CURLINFO_PRIMARY_IP fix from October 7th that caused a NULL
- pointer read. I also took the opportunity to clean up this logic (storing of
- the connection's IP address) somewhat as we had it stored in two different
- places and ways previously and they are now unified.
- Yang Tse (3 Nov 2008)
- - Fix undersized IPv6 address internal buffer. IPv6 address strings longer
- than 35 characters would be truncated.
- Daniel Stenberg (2 Nov 2008)
- - Daniel Johnson reported and fixed:
- When c-ares isn't enabled, libcurl by default calls getaddrinfo with family
- set to PF_UNSPEC which causes getaddrinfo to return all available addresses,
- both IPv4 and IPv6. Libcurl then tries each one until it can connect. If the
- net connection doesn't support IPv6, libcurl can still fall back to IPv4.
- However, since c-ares doesn't support PF_UNSPEC, when it's used it defaults
- to using family=PF_INET6 and therefore only returns IPv6 addresses when AAAA
- records are available, even if IPv4 addresses are also available. The effect
- is that since my ISP doesn't do IPv6, libcurl can't connect at all to a site
- that has AAAA records. It will work if I explicitly use CURL_IPRESOLVE_V4 or
- --ipv4 with the curl tool. I discovered this when curl would fail to connect
- to seemingly random sites. It turns out they weren't random, they were sites
- with AAAA records.
- So now libcurl defaults to PF_INET... until c-ares has been tought to offer
- both.
- Yang Tse (31 Oct 2008)
- - Tests 558 and 559 are stabilized. These two tests were initially introduced
- to aid in the location of a seg-fault which was only triggered on non-debug
- builds done with the icc 9.1 Intel compiler. Test 558 does not trigger the
- problem, but test 559 does trigger it. As of today, it isn't yet absolutely
- clear if it is a compiler optimizer issue or a memory corruption one.
- Yang Tse (30 Oct 2008)
- - Use our Curl_addrinfo structure definition to handle address info data even
- when a system addrinfo struct is available. Provide and use a wrapper around
- systems getaddrinfo function, Curl_getaddrinfo_ex which returns a pointer to
- a list of dynamically allocated Curl_addrinfo structs.
- Configure will check freeaddrinfo and getaddrinfo functions and define
- preprocessor symbols HAVE_FREEADDRINFO and HAVE_GETADDRINFO when appropriate.
- Daniel Fandrich (29 Oct 2008)
- - Fixed a bug that caused a few bytes of garbage to be sent after a
- curl_easy_pause() during a chunky upload. Reported by Steve Roskowski.
- Daniel Fandrich (28 Oct 2008)
- - Changed the "resolve" test precheck program to verify that an IPv6 socket
- can be created before resolving the IPv6 name. In the context of running
- a test, it doesn't make sense to run an IPv6 test when a host is resolvable
- but IPv6 isn't usable. This should fix failures of test 1085 on hosts with
- library and DNS support for IPv6 but where actual use of IPv6 has been
- administratively disabled.
- Daniel Fandrich (24 Oct 2008)
- - Added experimental support for zlib and OpenSSL on Symbian OS.
- Daniel Fandrich (21 Oct 2008)
- - Fixed some problems with SFTP range support to fix test cases 634 through
- 637.
- Daniel Fandrich (17 Oct 2008)
- - Fixed a compile error reported by Albert Chin on AIX and IRIX when using
- GTLS.
- Daniel Stenberg (16 Oct 2008)
- - Igor Novoseltsev added CURLOPT_PROXYUSER and CURLOPT_PROXYPASSWORD that then
- make CURLOPT_PROXYUSERPWD sort of deprecated. The primary motive for adding
- these new options is that they have no problems with the colon separator
- that the CURLOPT_PROXYUSERPWD option does.
- Daniel Stenberg (15 Oct 2008)
- - Pascal Terjan filed bug #2154627
- (http://curl.haxx.se/bug/view.cgi?id=2154627) which pointed out that libcurl
- uses strcasecmp() in multiple places where it causes failures when the
- Turkish locale is used. This is because 'i' and 'I' isn't the same letter so
- strcasecmp() on those letters are different in Turkish than in English (or
- just about all other languages). I thus introduced a totally new internal
- function in libcurl (called Curl_raw_equal) for doing case insentive
- comparisons for english-(ascii?) style strings that thus will make "file"
- and "FILE" match even if the Turkish locale is selected.
- Daniel Fandrich (15 Oct 2008)
- - A <precheck> command is considered to have failed if it returns a non-zero
- return code. This way, if the precheck command can't be run at all for
- whatever reason, it's treated as a precheck failure which causes the
- test to be skipped.
- Daniel Stenberg (15 Oct 2008)
- - John Wilkinson filed bug #2155496
- (http://curl.haxx.se/bug/view.cgi?id=2155496) pointing out an error case
- without a proper human-readable error message. When a read callback returns
- a too large value (like when trying to return a negative number) it would
- trigger and the generic error message then makes the proplem slightly
- different to track down. I've added an error message for this now.
- Daniel Fandrich (9 Oct 2008)
- - Fixed the --interface option to work with IPv6 connections on glibc
- systems supporting getifaddrs(). Also fixed a problem where an IPv6
- address could be chosen instead of an IPv4 one for --interface when it
- involved a name lookup.
- Daniel Fandrich (8 Oct 2008)
- - Added tests 1082 through 1085 to test symbolic --interface parameters
- - Added tests 633 through 637 to test the new file range support for SFTP.
- All but the first test cause an infinite loop or other failure and so
- are added to DISABLED.
- Daniel Stenberg (8 Oct 2008)
- - John Wilkinson filed bug #2152270
- (http://curl.haxx.se/bug/view.cgi?id=2152270) which identified and fixed a
- CURLINFO_REDIRECT_URL memory leak and an additional wrong-doing:
- Any subsequent transfer with a redirect leaks memory, eventually crashing
- the process potentially.
- Any subsequent transfer WITHOUT a redirect causes the most recent redirect
- that DID occur on some previous transfer to still be reported.
- - Igor Novoseltsev filed bug #2111613
- (http://curl.haxx.se/bug/view.cgi?id=2111613) that eventually identified a
- flaw in how the multi_socket interface in some cases missed to call the
- timeout callback when easy interfaces are removed and added within the same
- millisecond.
- - Igor Novoseltsev brought a patch that introduced two new options to
- curl_easy_setopt: CURLOPT_USERNAME and CURLOPT_PASSWORD that sort of
- deprecates the good old CURLOPT_USERPWD since they allow applications to set
- the user name and password independently and perhaps more importantly allow
- both to contain colon(s) which CURLOPT_USERPWD doesn't fully support.
- Daniel Fandrich (7 Oct 2008)
- - Changed the handling of read/write errors in Curl_perform() to allow a
- a fresh connection to be made in such cases and the request retransmitted.
- This should fix test case 160. Added test case 1079 in an attempt to
- test a similar connection dropping scenario, but as a race condition, it's
- hard to test reliably.
- - Created test cases 1080 and 1081 to reproduce a problem of
- CURLINFO_REDIRECT_URL leaking memory and returning incorrect results when
- two URLs are requested. Reported by vmpdemo in bug #2152270
- Daniel Stenberg (7 Oct 2008)
- - Fixed CURLINFO_PRIMARY_IP: When libcurl created a connection to host A then
- the app re-used the handle to do a connection to host B and then again
- re-used the handle to host A, it would not update the info with host A's IP
- address (due to the connection being re-used) but it would instead report
- the info from host B.
- Yang Tse (7 Oct 2008)
- - Added --enable-optimize configure option to enable and disable compiler
- optimizations to allow decoupled setting from --enable-debug.
- Yang Tse (2 Oct 2008)
- - Added --enable-warnings configure option to enable and disable strict
- compiler warnings to allow decoupled setting from --enable-debug.
- runtests.pl will now run with picky compiler warnings enabled unless
- explicitly disabled.
- Daniel Fandrich (1 Oct 2008)
- - "make clean" now cleans out the docs and tests directories, too.
- Daniel Stenberg (30 Sep 2008)
- - The libcurl FTP code now returns CURLE_REMOTE_FILE_NOT_FOUND error when SIZE
- gets a 550 response back for the cases where a download (or NOBODY) is
- wanted. It still allows a 550 as response if the SIZE is used as part of an
- upload process (like if resuming an upload is requested and the file isn't
- there before the upload). I also modified the FTP test server and a few test
- cases accordingly to match this modified behavior.
- Daniel Stenberg (29 Sep 2008)
- - Daniel Egger provided a patch that allows you to disable proxy support in
- libcurl to somewhat reduce the size of the binary. Run configure
- --disable-proxy.
- Daniel Fandrich (29 Sep 2008)
- - Moved all signal-based name resolution timeout handling into a single new
- Curl_resolv_timeout function to reduce coupling.
- Daniel Stenberg (29 Sep 2008)
- - Ian Lynagh provided a patch that now makes CURLOPT_RANGE work fine for SFTP
- downloads!
- - Maxim Ivanov filed bug report #2107803
- (http://curl.haxx.se/bug/view.cgi?id=2107803) "no CURLINFO_REDIRECT_URL in
- multi mode" together with a patch that fixed the problem.
- Daniel Stenberg (25 Sep 2008)
- - Emanuele Bovisio submitted bug report #2126435. We fixed the HTTP Digest
- auth code to not behave badly when getting a blank realm with
- realm="". http://curl.haxx.se/bug/view.cgi?id=2126435
- Daniel Fandrich (23 Sep 2008)
- - Make sure not to dereference the wrong UrlState proto union member when
- switching from one protocol to another in a single request (e.g.
- redirecting from HTTP to FTP as in test 1055) by resetting
- state.expect100header before every request.
- Daniel Stenberg (23 Sep 2008)
- - Introducing Jamie Lokier's function for date to epoch conversion used in the
- date parser function. This makes our function less dependent on system-
- provided functions and instead we do all the magic ourselves. We also no
- longer depend on the TZ environment variable. Switching to our own converter
- has some side-effect and they are noted here for future reference (taken
- from a mail by mr Lokier):
- time_t is not measured in seconds in the ANSI C standard - or even counted
- uniformly - weird platforms can use other numeric representations of dates
- in time_t - hence the difftime() function.
- On POSIX time_t is measured in UTC seconds, which means not including leap
- seconds. But it's mentioned in a few places that some old POSIX-ish
- environments include leap seconds in their time_t counts...
- I'm pretty sure [the new implementation is] correct on anything truly POSIX.
- And it's obviously a lot less dependent on platform quirks and corner cases
- in many ways than the mktime() version.
- - Rob Crittenden brought a patch to "add some locking for thread-safety to NSS
- implementation".
- Daniel Stenberg (22 Sep 2008)
- - Made the SOCKS code use the new Curl_read_plain() function to fix the bug
- Markus Moeller reported: http://curl.haxx.se/mail/archive-2008-09/0016.html
- - recv() errors other than those equal to EAGAIN now cause proper
- CURLE_RECV_ERROR to get returned. This made test case 160 fail so I've now
- disabled it until we can figure out another way to exercise that logic.
- - Michael Goffioul filed bug report #2107377 "Problem with multi + GnuTLS +
- proxy" (http://curl.haxx.se/bug/view.cgi?id=2107377) that showed how a multi
- interface using program didn't work when built with GnuTLS and a CONNECT
- request was done over a proxy (basically test 502 over a proxy to a HTTPS
- site). It turned out the ssl connect function would get called twice which
- caused the second call to fail.
- Daniel Fandrich (22 Sep 2008)
- - Fixed test 539 to handle an out of memory condition that shows up now
- that memdebug.h is included in the test programs.
- Yang Tse (20 Sep 2008)
- - Fix regression in configure script which affected OpenSSL builds on MSYS.
- Yang Tse (19 Sep 2008)
- - configure script now checks availability of the alarm() function.
- Daniel Fandrich (18 Sep 2008)
- - Don't bother to install a SIGALRM handler unless alarm() is available.
- Also, leave the existing SIGALRM handler alone if the timeout is too small
- to handle.
- Daniel Fandrich (17 Sep 2008)
- - Removed reference to curl-ca-bundle.crt in the host verification failure
- error message.
- Yang Tse (17 Sep 2008)
- - Improve configure detection of gethostname(), localtime_r(), strstr(),
- getservbyport_r(), gethostbyaddr_r() and gethostbyname_r().
- Yang Tse (14 Sep 2008)
- - Improve configure detection of strcasecmp(), strcasestr(), strcmpi(),
- stricmp(), strlcat(), strncasecmp(), strncmpi() and strnicmp().
- Yang Tse (13 Sep 2008)
- - Disable tracking of fdopen() calls in the low-level memory leak tracking
- code when fdopen() is not available, to avoid compiler error.
- Yang Tse (12 Sep 2008)
- - Further adjust detection of strerror_r() in the configure process, and
- ensure that errno is not modified inside Curl_strerror().
- Yang Tse (10 Sep 2008)
- - Improve detection of gmtime_r(), strtoll(), sigaction(), strtok_r(),
- strdup() and ftruncate() in the configure process.
- Daniel Fandrich (9 Sep 2008)
- - Mike Revi discovered some swapped speed switches documented in the curl man
- page.
- - Checked in some documentation and code improvements and fixes that I
- discovered in the FreeBSD ports system.
- Daniel Stenberg (8 Sep 2008)
- - Dmitry Kurochkin patched a problem: I have found bug in pipelining through
- proxy. I have a transparent proxy. When running with http_proxy environment
- variable not set my test completes fine (it goes through transparent
- proxy). When I set http_proxy variable my test hangs after the first
- downloaded is complete. Looks like the second handle never gets out from
- WAITDO state.
- The fix: It makes checkPendPipeline move 1 handler from pend pipe to send
- pipe if pipelining is not supported by server but there are no handles in
- send and recv pipes.
- - Stefan Krause pointed out that libcurl would wrongly send away cookies to
- sites in cases where the cookie clearly has a very old expiry date. The
- condition was simply that libcurl's date parser would fail to convert the
- date and it would then count as a (timed-based) match. Starting now, a
- missed date due to an unsupported date format or date range will now cause
- the cookie to not match.
- Daniel Fandrich (5 Sep 2008)
- - Improved the logic that decides whether to use HTTP 1.1 features or not in a
- request. Setting a specific version with CURLOPT_HTTP_VERSION overrides
- all other checks, but otherwise, a 1.0 request will be made if the server
- is known to support only 1.0 because it previously responded so and the
- connection was kept alive, or a response to a previous request on this handle
- came back as 1.0. The latter could take place in cases like redirection or
- authentication where several requests have to be made before the operation
- is complete. If any one of the servers in a redirection chain supports only
- 1.0, then remaining requests will be sent in 1.0 mode.
- - Detect cases where an upload must be sent chunked and the server supports
- only HTTP 1.0 and return CURLE_UPLOAD_FAILED.
- Daniel Stenberg (5 Sep 2008)
- - Martin Drasar provided the CURLOPT_POSTREDIR patch. It renames
- CURLOPT_POST301 (but adds a define for backwards compatibility for you who
- don't define CURL_NO_OLDIES). This option allows you to now also change the
- libcurl behavior for a HTTP response 302 after a POST to not use GET in the
- subsequent request (when CURLOPT_FOLLOWLOCATION is enabled). I edited the
- patch somewhat before commit. The curl tool got a matching --post302
- option. Test case 1076 was added to verify this.
- - Introducing CURLOPT_CERTINFO and the corresponding CURLINFO_CERTINFO. By
- enabling this feature with CURLOPT_CERTINFO for a request using SSL (HTTPS
- or FTPS), libcurl will gather lots of server certificate info and that info
- can then get extracted by a client after the request has completed with
- curl_easy_getinfo()'s CURLINFO_CERTINFO option. Linus Nielsen Feltzing
- helped me test and smoothen out this feature.
- Unfortunately, this feature currently only works with libcurl built to use
- OpenSSL.
- This feature was sponsored by networking4all.com - thanks!
- - Dmitriy Sergeyev pointed out that curl_easy_pause() didn't unpause properly
- during certain conditions. I also changed this code to use realloc() based
- on Daniel Fandrich's suggestion.
- Guenter Knauf (4 Sep 2008)
- - MingW32 non-configure builds are now largefile feature enabled by default.
- NetWare LIBC builds are also now largefile feature enabled by default.
- Yang Tse (4 Sep 2008)
- - Several fixes related with print formatting string directives.
- Daniel Fandrich (3 Sep 2008)
- - Search for the FreeBSD CA cert file /usr/local/share/certs/ca-root.crt
- Daniel Fandrich (2 Sep 2008)
- - Fixed an out of memory problem that caused torture test failures in tests
- 706 and 707.
- Daniel Stenberg (2 Sep 2008)
- - Keith Mok added supported_protocols and supported_features to the pkg-config
- file for libcurl, and while doing that fix he unified with curl-config.in
- how the supported protocols and features are extracted and used, so both those
- tools should now always be synced.
- Version 7.19.0 (1 September 2008)
- Daniel Fandrich (29 Aug 2008)
- - Added tests 1071 through 1074 to test automatic downgrading from HTTP 1.1
- to HTTP 1.0 upon receiving a response from the HTTP server. Tests 1072
- and 1073 are similar to test 1069 in that they involve the impossible
- scenario of sending chunked data to a HTTP 1.0 server. All these fail
- and are added to DISABLED.
- - Added test 1075 to test --anyauth with Basic authentication.
- Daniel Stenberg (29 Aug 2008)
- - When libcurl was doing a HTTP POST and the server would respond with
- "Connection: close" and actually close the connection after the
- response-body, libcurl could still have outstanding data to send and it
- would not properly notice this and stop sending. This caused weirdness and
- sad faces. http://curl.haxx.se/bug/view.cgi?id=2080222
- Note that there are still reasons to consider libcurl's behavior when
- getting a >= 400 response code while sending data, as Craig Perras' note
- "http upload: how to stop on error" specifies:
- http://curl.haxx.se/mail/archive-2008-08/0138.html
- Daniel Stenberg (28 Aug 2008)
- - Dengminwen reported that libcurl would lock a (cookie) share twice (without
- an unlock in between) for a certain case and that in fact works when using
- regular windows mutexes but not with pthreads'! Locks should of course not
- get locked again so this is now fixed.
- http://curl.haxx.se/mail/lib-2008-08/0422.html
- - I'm abandoning the system with the web site mirrors (but keeping download
- files bing mirrored) and thus I've changed the URL in the cookiejar header
- to no longer use curlm.haxx.se but instead use the main site curl.haxx.se
- Daniel Fandrich (27 Aug 2008)
- - Fixed test case 1065 by changing the handling of CURLOPT_UPLOAD to set
- the HTTP method to GET (or HEAD) when given a value of 0.
- - Added test cases 1068 and 1069 to test a simple HTTP PUT from stdin. Test
- case 1069 fails in a similar manner to test 1065 so is added to DISABLED.
- Yang Tse (27 Aug 2008)
- - Fix generation of MS VC6 .dsp file to make it support compilation of either
- dynamic (DLL) or static (LIB) libcurl libraries in debug and release modes.
- Daniel Fandrich (26 Aug 2008)
- - Fixed out of memory problems that caused torture test failures in tests
- 1021 and 1067.
- Yang Tse (26 Aug 2008)
- - Added check and symbol definition for WIN32 file API usage in configure,
- supporting configure's --disable-largefile option for WIN32 targets also.
- - Non-configure systems which do not use config-win32.h configuration file,
- and want to use the WIN32 file API, must define USE_WIN32_LARGE_FILES or
- USE_WIN32_SMALL_FILES as appropriate in their own configuration files.
- Daniel Stenberg (23 Aug 2008)
- - Running 'make ca-firefox' in the root build dir will now run the new
- firefox-db2pem.sh conversion script that converts a local Firefox db of ca
- certs into PEM format, suitable for use with a OpenSSL or GnuTLS built
- libcurl.
- - Constantine Sapuntzakis fixed a bug when doing proxy CONNECT with the multi
- interface, and the proxy would send Connection: close during the
- authentication phase. http://curl.haxx.se/bug/view.cgi?id=2069047
- Daniel Fandrich (22 Aug 2008)
- - Fixed a problem when --dump-header - was given with more than one URL,
- which caused an error when the second header was dumped due to stdout
- being closed. Added test case 1066 to verify. Also fixed a potential
- problem where a closed file descriptor might be used for an upload
- when more than one URL is given.
- Yang Tse (22 Aug 2008)
- - Improved libcurl's internal curl_m*printf() functions integral data type
- size and signedness handling.
- - Internal adjustments to better select/differentiate when large/small file
- support is provided using WIN32 functions directly.
- Daniel Fandrich (20 Aug 2008)
- - Added an edited version of Vincent Le Normand's documentation of SFTP quote
- commands to the man pages.
- Daniel Stenberg (20 Aug 2008)
- - Phil Pellouchoud pointed out that the windows version of libcurl had a
- memory leak because it never called the OpenSSL function
- CRYPTO_cleanup_all_ex_data() as it was supposed to. This was because of a
- missing define in config-win32.h!
- Gisle Vanem (18 Aug 2008)
- - Updated lib/Makefile.Watcom with the option to use c-ares (USE_ARES=1).
- Yang Tse (18 Aug 2008)
- - Added test case 557 to verify libcurl's internal curl_m*printf() functions
- formatting functionality when handling signed and unsigned longs, as well as
- our curl_off_t data type.
- Yang Tse (17 Aug 2008)
- - OpenSSl enabled NetWare builds are changed to use the 'openssl' subdirectory
- when including the OpenSSL header files. This is the recommended setting, this
- prevents the undesired inclusion of header files with the same name as those
- of OpenSSL but which do not belong to the OpenSSL package. The visible change
- from previously released libcurl versions is that now OpenSSl enabled NetWare
- builds also define USE_OPENSSL in config files, and that OpenSSL header files
- must be located in a subdirectory named 'openssl'.
- Yang Tse (16 Aug 2008)
- - Library internal only C preprocessor macros FORMAT_OFF_T and FORMAT_OFF_TU
- remain in use as internal curl_off_t print formatting strings for the internal
- *printf functions which still cannot handle print formatting string directives
- such as "I64d", "I64u", and others available on MSVC, MinGW, Intel's ICC, and
- other DOS/Windows compilers.
- Daniel Fandrich (15 Aug 2008)
- - Added test case 1063 to test invalid long file ranges with file: URLs and
- 1064 to test multiple http PUTs.
- - Added test case 1065 to test a PUT with a single file but two URLs. This
- was discovered to be problematic while investigating an incident reported by
- Von back in May. curl in this case doesn't include a Content-Length: or
- Transfer-Encoding: chunked header which is illegal. This test case is
- added to DISABLED until a solution is found.
- Yang Tse (15 Aug 2008)
- - C preprocessor macros used internally and equally available externally which
- aid in the use of the curl_off_t data type are named: CURL_FORMAT_CURL_OFF_T,
- CURL_FORMAT_CURL_OFF_TU, CURL_SIZEOF_CURL_OFF_T, CURL_SUFFIX_CURL_OFF_T,
- CURL_SUFFIX_CURL_OFF_TU, CURL_OFF_T_C and CURL_OFF_TU_C.
- Yang Tse (13 Aug 2008)
- - The size of long is a build time characteristic and as such it is now recorded
- in curlbuild.h as CURL_SIZEOF_LONG. Definition now done from configure process
- and in CVS curlbuild.h.dist for non-configure systems.
- Daniel Fandrich (12 Aug 2008)
- - Fixed a buffer overflow problem in Curl_proxyCONNECT that could occur
- when a server responded with long headers and data. Luckily, the buffer
- overflowed into another unused buffer, so no actual harm was done.
- Added test cases 1060 and 1061 to verify.
- Daniel Stenberg (12 Aug 2008)
- - Andy Tsouladze fixed runtests.pl to not attempt to execute the stunnel
- _directory_ if that happened to appear in the path!
- Yang Tse (12 Aug 2008)
- - Added macros for minimum-width signed and unsigned curl_off_t integer
- constants CURL_OFF_T_C and CURL_OFF_TU_C. The clever double helper macro
- used internally to provide its functionality is thanks to Lars Nilsson.
- Daniel Fandrich (11 Aug 2008)
- - Fixed a boundary condition error in ftp_readresp() whereby a non-terminal
- line of a multiline FTP response whose last byte landed exactly at the end
- of the BUFSIZE-length buffer would be treated as the terminal response
- line. The following response code read in would then actually be the
- end of the previous response line, and all responses from then on would
- correspond to the wrong command. Test case 1062 verifies this.
- - Stop closing a never-opened ftp socket.
- Daniel Stenberg (11 Aug 2008)
- - Constantine Sapuntzakis filed bug report #2042430
- (http://curl.haxx.se/bug/view.cgi?id=2042430) with a patch. "NTLM Windows
- SSPI code is not thread safe". This was due to libcurl using static
- variables to tell wether to load the necessary SSPI DLL, but now the loading
- has been moved to the more suitable curl_global_init() call.
- - Constantine Sapuntzakis filed bug report #2042440
- (http://curl.haxx.se/bug/view.cgi?id=2042440) with a patch. He identified a
- problem when using NTLM over a proxy but the end-point does Basic, and then
- libcurl would do wrong when the host sent "Connection: close" as the proxy's
- NTLM state was erroneously cleared.
- Yang Tse (11 Aug 2008)
- - Added missing signed and unsigned curl_off_t integer constant suffixes for
- internal and external use. CURL_SUFFIX_CURL_OFF_T, CURL_SUFFIX_CURL_OFF_TU.
- Daniel Fandrich (7 Aug 2008)
- - Fixed an uninitialized variable in multi_runsingle() that could cause a
- request to prematurely end.
- - Added test1059 to test the FTP proxy tunnel problem fixed July 11.
- Yang Tse (7 Aug 2008)
- - Added curlbuild.h and curlrules.h header files to libcurl's public headers.
- File curlbuild.h is a generated file on configure-capable systems. This is
- a first step towards configure-based info in public headers. Currently only
- used to provide support for a curl_off_t data type which is not gated to
- off_t. Further details are documented inside these mentioned header files.
- - Fix CURL_CHECK_DEF so that when the expansion of the preprocessor symbol
- results in a set of double-quoted strings, this macro will now return an
- expansion which consists of a single double-quoted string as the result of
- concatenating all of them.
- - Skip data type check in DO_CURL_OFF_T_CHECK macro when argument is empty.
- - Adjusted testcurl.pl to copy checked out curlbuild.h.dist as curlbuild.h
- for non-configure targets when the host system doesn't run buildconf.bat.
- - Prevent buildconf from removing 'Makefile' and 'missing' files. This would
- blow away our CVS checked files 'missing' and 'hiper/Makefile'.
- - Remove adjustment done to testcurl.pl to verify if change introduced by
- Guenter Knauf in lib/Makefile.netware is enough to get the netware autobuilds
- going again.
- Yang Tse (5 Aug 2008)
- - Changes done to buildconf script. Validate that autom4te and autoconf, as
- well as aclocal and automake, versions match. Improve removal of previous
- run generated files. Remove verbose debug logging of aclocal on Solaris.
- Daniel Stenberg (5 Aug 2008)
- - Yehoshua Hershberg found a problem that would make libcurl re-use a
- connection with the multi interface even if a previous use of it caused a
- CURLE_PEER_FAILED_VERIFICATION to get returned. I now make sure that failed
- SSL connections properly close the connections.
- Daniel Stenberg (4 Aug 2008)
- - Test cases 1051, 1052 and 1055 were added by Daniel Fandrich on July 30 and
- proved how PUT and POST with a redirect could lead to a "hang" due to the
- data stream not being rewound properly when it had to in order to get sent
- properly (again) to the subsequent URL. This is now fixed and these test
- cases are no longer disabled.
- Yang Tse (4 Aug 2008)
- - Autoconf 2.62 has changed the behaviour of the AC_AIX macro which we use.
- Prior versions of autoconf defined _ALL_SOURCE if _AIX was defined. 2.62
- version of AC_AIX defines _ALL_SOURCE and other four preprocessor symbols
- no matter if the system is AIX or not. To keep the traditional behaviour,
- and an uniform one across autoconf versions AC_AIX is replaced with our
- own internal macro CURL_CHECK_AIX_ALL_SOURCE.
- Daniel Stenberg (4 Aug 2008)
- - Test case 1041 (added by Daniel Fandrich July 14th) proved a bug where PUT
- with -C - sent garbage in the Content-Range: header. I fixed this problem by
- making sure libcurl always sets the size of the _entire_ upload if an app
- attemps to do resumed uploads since libcurl simply cannot know the size of
- what is currently at the server end. Test 1041 is no longer disabled.
- Yang Tse (2 Aug 2008)
- - No longer test availability of the gdi32 library, nor use it for linking, even
- when we have been doing this since revision 1.47 of configure.ac 4 years and
- 5 months ago when cross-compiling a Windows target. We actually don't use any
- function from the Windows GDI (Graphics Device Interface) related with drawing
- or graphics-related operations.
- Daniel Fandrich (1 Aug 2008)
- - Added support for --append on SFTP uploads. Unfortunately, OpenSSH doesn't
- support this so it goes untested.
- Yang Tse (1 Aug 2008)
- - Configure process now checks if the preprocessor _REENTRANT symbol is already
- defined. If it isn't currently defined a set of checks are performed to test
- if its definition is required to make visible to the compiler a set of *_r
- functions. Finally, if _REENTRANT is already defined or needed it takes care
- of making adjustments necessary to ensure that it is defined equally for the
- configure process tests and generated config file.
- - Removed definition of CURL_CHECK_WORKING_RESOLVER from acinclude.m4 it has
- not been in use since revision 1.81 of configure.in 6 years, 9 months ago.
- Daniel Fandrich (31 Jul 2008)
- - Fixed parsing of an IPv6 proxy address to support a scope identifier,
- as well as IPv4 addresses in IPv6 format. Also, better handle the case
- of a malformatted IPv6 address (avoid empty and NULL strings).
- - Fixed a problem with any FTP URL or any URLs containing an IPv6 address
- being mangled when passed to proxies when CURLOPT_PORT is also set
- (reported by Pramod Sharma).
- - User names embedded in proxy URLs without a password were parsed
- incorrectly--the host name is treated as part of the user name and the
- port number becomes the password. This can be observed in test 279
- (was KNOWN_ISSUE #54).
- Daniel Stenberg (30 Jul 2008)
- - Phil Blundell added the CURLOPT_ADDRESS_SCOPE option, as well as adjusted
- the URL parser to allow numerical IPv6-addresses to be specified with the
- scope given, as per RFC4007 - with a percent letter that itself needs to be
- URL escaped. For example, for an address of fe80::1234%1 the HTTP URL is:
- "http://[fe80::1234%251]/"
- - PHP's bug report #43158 (http://bugs.php.net/bug.php?id=43158) identifies a
- true bug in libcurl built with OpenSSL. It made curl_easy_getinfo() more or
- less always return 0 for CURLINFO_SSL_VERIFYRESULT because the function that
- would set it to something non-zero would return before the assign in almost
- all error cases. The internal variable is now set to non-zero from the start
- of the function only to get cleared later on if things work out fine.
- - Made the curl tool's -w option support the %{ssl_verify_result} variable
- Daniel Fandrich (30 Jul 2008)
- - Added test cases 1052 through 1055 to test uploading data from files
- during redirects. Test cases 1052 and 1055 show problems (maybe the same
- root cause as 1051) and are disabled.
- - Fixed a couple of buffer overflows in the MS-DOS port of the curl tool.
- Daniel Fandrich (29 Jul 2008)
- - Fixed --use-ascii to properly convert text files on Symbian OS, MS-DOS
- and OS/2.
- - Added test case 1051 to test Location: following with PUT, as reported
- by Ben Sutcliffe. The test when run manually shows a problem in curl
- so it's disabled.
- Daniel Fandrich (28 Jul 2008)
- - Fixed display of the interface bind address in the trace output when it's
- an IPv6 address.
- - Added test cases 1045 through 1049 as simple tests of --interface using the
- localhost interface.
- - Added test case 1050 to test --ftp-port with an IPv6 address
- Daniel Stenberg (26 Jul 2008)
- - David Bau filed bug report #2026240 "CURL_READFUNC_PAUSE leads to buffer
- overrun" (http://curl.haxx.se/bug/view.cgi?id=2026240) identifying two
- problems, and providing the fix for them:
- - CURL_READFUNC_PAUSE did in fact not pause the _sending_ of data that it is
- designed for but paused _receiving_ of data!
- - libcurl didn't internally set the read counter to zero when this return
- code was detected, which would potentially lead to junk getting sent to
- the server.
- Daniel Fandrich (26 Jul 2008)
- - Added test 1044 to test large file support in ftp with -I.
- - Eliminate a unnecessary socket creation in Curl_getaddrinfo for an IPv4
- address in an IPv6 capable libcurl.
- - Added feature in runtests.pl to select tests based on key word.
- Daniel Fandrich (23 Jul 2008)
- - Changed the long logfile elision code in runtests.pl to properly handle
- lines ending in \r.
- - Changed references to TRUE and FALSE in the curl_easy_setopt man page to
- 1 and zero, respectively, since TRUE and FALSE aren't part of the
- libcurl API.
- Daniel Stenberg (23 Jul 2008)
- - I went over the curl_easy_setopt man page and replaced most references to
- non-zero with the fixed value of 1. We should strive at making options
- support '1' for enabling them mentioned explicitly, as that then will allow
- us for to extend them in the future without breaking older programs.
- Possibly we should even introduce a fancy define to use instead of '1' all
- over...
- Yang Tse (21 Jul 2008)
- - Use the sreadfrom() wrapper to replace recvfrom() in our code.
- Yang Tse (20 Jul 2008)
- - when recvfrom prototype uses a void pointer for arguments 2, 5 or 6 this will
- now cause the definition, as appropriate, of RECVFROM_TYPE_ARG2_IS_VOID,
- RECVFROM_TYPE_ARG5_IS_VOID or RECVFROM_TYPE_ARG6_IS_VOID.
- Yang Tse (17 Jul 2008)
- - RECVFROM_TYPE_ARG2, RECVFROM_TYPE_ARG5 and RECVFROM_TYPE_ARG6 are now defined
- to the data type pointed by its respective argument and not the pointer type.
- Yang Tse (16 Jul 2008)
- - Configure process now checks availability of recvfrom() socket function and
- finds out its return type and the types of its arguments. Added definitions
- for non-configure systems config files, and introduced macro sreadfrom which
- will be used on udp sockets as a recvfrom() wrapper.
- Yang Tse (15 Jul 2008)
- - Added description/comment to include paths used in several Makefile.am files.
- Added automake option nostdinc to test servers makefile and modified libcurl
- external headers include path for libtest programs.
- Daniel Fandrich (14 Jul 2008)
- - Added test1040 through test1043 to test -C - on HTTP. Test 1041 failed so
- it's added to DISABLED.
- Yang Tse (14 Jul 2008)
- - HTTP_ONLY definition check in lib/setup.h is now done once that configuration
- file has been included. In this way if symbol is defined in the config file
- it will no longer be ignored. Removed inclusion of remaining system header
- files from configuration files. Moved _REENTRANT definition up/earlier in
- lib/setup.h
- Yang Tse (11 Jul 2008)
- - Added missing multiple header inclusion prevention definition for header
- file content_encoding.h
- Daniel Fandrich (11 Jul 2008)
- - Fixed test 553 to pass the torture test.
- Daniel Stenberg (11 Jul 2008)
- - Daniel Fandrich found out we didn't pass on the user-agent properly when
- doing "proxy-tunnels" with non-HTTP prototols and that was simply because
- the code assumed the user-agent was only needed for HTTP.
- Daniel Fandrich (10 Jul 2008)
- - Changed slightly the SFTP quote commands chmod, chown and chgrp to only
- set the attribute that has changed instead of all possible ones. Hopefully,
- this will solve the "Permission denied" problem that Nagarajan Sreenivasan
- reported when setting some modes, but regardless, it saves a protocol
- round trip in the chmod case.
- - Added test cases 1038 and 1039 to test Adrian Kreher's report that ftp
- uploads with -C - didn't resume properly, but the tests pass.
- Yang Tse (10 Jul 2008)
- - Peter Lamberg filed bug report #2015126: "poll gives WSAEINVAL when POLLPRI
- is set in fdset.events" (http://curl.haxx.se/bug/view.cgi?id=2015126) which
- exactly pinpointed the problem only triggered on Windows Vista, provided
- reference to docs and also a fix. There is much work behind Peter Lamberg's
- excellent bug report. Thank You!
- Daniel Fandrich (9 Jul 2008)
- - Added tests 1036 and 1037 to verify resumed ftp downloads with -C -
- Daniel Stenberg (9 Jul 2008)
- - Andreas Schuldei improved Phil Blundell's patch for IPv6 using c-ares, and I
- edited it slightly. Now you should be able to use IPv6 addresses fine even
- with libcurl built to use c-ares.
- Daniel Fandrich (9 Jul 2008)
- - Fixed an OOM handling problem that cause test 11 to fail the torture test.
- Daniel Fandrich (8 Jul 2008)
- - Fixed test 554 to pass the torture test.
- Daniel Fandrich (7 Jul 2008)
- - Added test cases 1034 & 1035 to test IDN name conversion failures.
- Daniel Stenberg (7 Jul 2008)
- - Scott Barrett provided a test case for a segfault in the FTP code and the
- fix for it. It occured when you did a FTP transfer using
- CURLFTPMETHOD_SINGLECWD and then did another one on the same easy handle but
- switched to CURLFTPMETHOD_NOCWD. Due to the "dir depth" variable not being
- cleared properly. Scott's test case is now known as test 539 and it
- verifies the fix.
- Daniel Stenberg (3 Jul 2008)
- - Phil Blundell provided a fix for libcurl's treatment of unexpected 1xx
- response codes. Previously libcurl would hang on such occurances. I added
- test case 1033 to verify.
- - Introcuding a new timestamp for curl_easy_getinfo():
- CURLINFO_APPCONNECT_TIME. This is set with the "application layer"
- handshake/connection is completed. Which typically is SSL, TLS or SSH and by
- using this you can figure out the application layer's own connect time. You
- can extract the time stamp using curl's -w option and the new variable named
- 'time_appconnect'. This feature was sponsored by Lenny Rachitsky at NeuStar.
- Daniel Fandrich (2 Jul 2008)
- - Support Open Watcom C on Linux (as well as Windows).
- Yang Tse (2 Jul 2008)
- - The previously committed fix for bug report #1999181 prevented using the
- monotonic clock on any system without an always supported POSIX compliant
- implementation. Now the POSIX compliant configuration check is removed and
- will fallback to gettimeofday when the monotonic clock is unavailable at
- run-time.
- - The configure process will now halt when sed, grep, egrep or ar programs
- can not be found among the directories in PATH variable.
- Daniel Stenberg (1 Jul 2008)
- - Rolland Dudemaine provided fixes to get libcurl to build for the INTEGRITY
- operating system.
- Daniel Stenberg (30 Jun 2008)
- - Made the internal printf() support %llu properly to print unsigned long longs.
- - Stephen Collyer and Tor Arntsen helped identify a flaw in the range code
- which output the range using a signed variable where it should rather use
- unsigned.
- Yang Tse (29 Jun 2008)
- - John Lightsey filed bug report #1999181: "CLOCK_MONOTONIC always fails on
- some systems" (http://curl.haxx.se/bug/view.cgi?id=1999181). The problem was
- that the configure script did not use the _POSIX_MONOTONIC_CLOCK feature test
- macro when checking monotonic clock availability. This is now fixed and the
- monotonic clock will not be used unless the feature test macro is defined
- with a value greater than zero indicating always supported.
- Daniel Fandrich (25 Jun 2008)
- - Honour --stderr with the -v option.
- - Fixed a file handle leak in the command line client if more than one
- --stderr option was given.
- Daniel Stenberg (22 Jun 2008)
- - Eduard Bloch filed the debian bug report #487567
- (http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=487567) pointing out that
- libcurl used Content-Range: instead of Range when doing a range request with
- --head (CURLOPT_NOBODY). This is now fixed and test case 1032 was added to
- verify.
- Daniel Fandrich (21 Jun 2008)
- - Stopped using ranges in scanf character sequences (e.g. %[a-z]) since that
- is not ANSI C, just a common extension. This caused problems on
- at least Open Watcom C.
- Yang Tse (20 Jun 2008)
- - Modified configuration script to actually verify if the compiler is good
- enough at detecting compilation errors or at least it has been properly
- configured to do so. Configuration heavily depends on this capability, so
- if this compiler sanity check fails the configuration process will now fail.
- Daniel Stenberg (20 Jun 2008)
- - Phil Pellouchoud found a case where libcurl built with NSS failed to
- handshake with a SSLv2 server, and it turned out to be because it didn't
- recognize the cipher named "rc4-md5". In our list that cipher was named
- plainly "rc4". I've now added rc4-md5 to work as an alias as Phil reported
- that it made things work for him again.
- - Hans-Jurgen May pointed out that trying SCP or SFTP over a SOCKS proxy
- crashed libcurl. This is now addressed by making sure we use "plain send"
- internally when doing the socks handshake instead of the Curl_write()
- function which is designed to use the "target" protocol. That's then SCP or
- SFTP in this case. I also took the opportunity and cleaned up some ssh-
- related #ifdefs in the code for readability.
- Daniel Stenberg (19 Jun 2008)
- - Christopher Palow fixed a curl_multi_socket() issue which previously caused
- libcurl to not tell the app properly when a socket was closed (when the name
- resolve done by c-ares is completed) and then immediately re-created and put
- to use again (for the actual connection). Since the closure will make the
- "watch status" get lost in several event-based systems libcurl will need to
- tell the app about this close/re-create case.
- - Dengminwen found a bug in the connection re-use function when using the
- multi interface with pipelining enabled as it would wrongly check for,
- detect and close "dead connections" even though that connection was already
- in use!
- Daniel Fandrich (18 Jun 2008)
- - Added SSH failure test cases 628-632
- - Fixed a memory leak in the command-line tool that caused a valgrind error.
- Daniel Stenberg (18 Jun 2008)
- - Rob Crittenden brought a fix for the NSS layer that makes libcurl no longer
- always fire up a new connection rather than using the existing one when the
- multi interface is used. Original bug report:
- https://bugzilla.redhat.com/show_bug.cgi?id=450140
- Yang Tse (18 Jun 2008)
- - Internal configure script improvement. No longer break out of shell "for"
- statements from inside AC_FOO_IFELSE macros, otherwise temporary macro files
- are not properly removed.
- Daniel Fandrich (12 Jun 2008)
- - Fixed curl-config --ca which wasn't being exported by configure.
- Daniel Stenberg (11 Jun 2008)
- - I did a cleanup of the internal generic SSL layer and how the various SSL
- libraries are supported. Starting now, each underlying SSL library support
- code does a set of defines for the 16 functions the generic layer (sslgen.c)
- uses (all these new function defines use the prefix "curlssl_"). This
- greatly simplified the generic layer in readability by involving much less
- #ifdefs and other preprocessor stuff and should make it easier for people to
- make libcurl work with new SSL libraries.
- Hopefully I can later on document these 16 functions somewhat as well.
- I also made most of the internal SSL-dependent functions (using Curl_ssl_
- prefix) #defined to nothing when no SSL support is requested - previously
- they would unnecessarily call mostly empty functions.
- I've built libcurl with OpenSSL and GnuTLS and without SSL to test this and
- I've also tried building with NSS but the NSS support is a mystery to me and
- I failed to build libcurl with the NSS libraries I have installed. We really
- should A) improve our configure script to detect unsuitable NSS versions
- already at configure time and B) document our requirements better for the
- SSL libraries.
- Daniel Stenberg (10 Jun 2008)
- - I made the OpenSSL code build again with OpenSSL 0.9.6. The CRLFILE
- functionality killed it due to its unconditional use of
- X509_STORE_set_flags...
- Daniel Stenberg (8 Jun 2008)
- - Due to the three new libcurl changes and the massive command line option
- change I decided we'll mark it by bumping the next release number to 7.19.0!
- - curl the tool now deals with its command line options somewhat differently!
- All boolean options (such as -O, -I, -v etc), both short and long versions,
- now always switch on/enable the option named. Using the same option multiple
- times thus make no difference. To switch off one of those options, you need
- to use the long version of the option and type --no-OPTION. Like to disable
- verbose mode you use --no-verbose!
- - Added --remote-name-all to curl, which if used changes the default for all
- given URLs to be dealt with as if -O is used. So if you want to disable that
- for a specific URL after --remote-name-all has been used, you muse use -o -
- or --no-remote-name.
- Daniel Stenberg (6 Jun 2008)
- - Axel Tillequin and Arnaud Ebalard added support for CURLOPT_ISSUERCERT, for
- OpenSSL, NSS and GnuTLS-built libcurls.
- - Axel Tillequin and Arnaud Ebalard added support for CURLOPT_CRLFILE, for
- OpenSSL, NSS and GnuTLS-built libcurls.
- - Added CURLINFO_PRIMARY_IP as a new information retrievable with
- curl_easy_getinfo. It returns a pointer to a string with the most recently
- used IP address. Modified test case 500 to also verify this feature. The
- implementing of this feature was sponsored by Lenny Rachitsky at NeuStar.
- Version 7.18.2 (4 June 2008)
- Daniel Fandrich (3 Jun 2008)
- - Fixed a problem where telnet data would be lost if an EWOULDBLOCK
- condition were encountered.
- Marty Kuhrt (1 Jun 2008)
- - Updated main.c to return CURLE_OK if PARAM_HELP_REQUESTED was returned
- from getparameter instead of CURLE_FAILED_INIT. No point in returning
- an error if --help or --version were requested.
- Daniel Stenberg (28 May 2008)
- - Emil Romanus found a problem and helped me repeat it. It occured when using
- the curl_multi_socket() API with HTTP pipelining enabled and could lead to
- the pipeline basically stalling for a very long period of time until it took
- off again.
- - Jeff Weber reported memory leaks with aborted SCP and SFTP transfers and
- provided excellent repeat recipes. I fixed the cases I managed to reproduce
- but Jeff still got some (SCP) problems even after these fixes:
- http://curl.haxx.se/mail/lib-2008-05/0342.html
- Daniel Stenberg (26 May 2008)
- - Bug report #1973352 (http://curl.haxx.se/bug/view.cgi?id=1973352) identified
- how the HTTP redirect following code didn't properly follow to a new URL if
- the new url was but a query string such as "Location: ?moo=foo". Test case
- 1031 was added to verify this fix.
- - Andreas Faerber and Scott McCreary made (lib)curl build for the Haiku OS.
- Yang Tse (26 May 2008)
- - David Rosenstrauch reported that header files spnegohelp.h and
- openssl/objects.h were needed to compile SPNEGO support.
- Daniel Fandrich (22 May 2008)
- - Made sure to pass longs in to curl_easy_setopt where necessary in the
- example programs and libtest code.
- Daniel Stenberg (19 May 2008)
- - When trying to repeat a multi interface problem I fell over a few multi
- interface problems:
- o with pipelining disabled, the state should never be set to WAITDO but
- rather go straight to DO
- o we had multiple states for which the internal function returned no socket
- at all to wait for, with the effect that libcurl calls the socket callback
- (when curl_multi_socket() is used) with REMOVE prematurely (as it would be
- added again within very shortly)
- o when in DO and DOING states, the HTTP and HTTPS protocol handler functions
- didn't return that the socket should be waited for writing, but instead it
- was treated as if no socket was needing monitoring so again REMOVE was
- called prematurely.
- Daniel Stenberg (13 May 2008)
- - Added test case 556 that uses curl_easy_send() and curl_easy_recv()
- Daniel Stenberg (9 May 2008)
- - Introducing curl_easy_send() and curl_easy_recv(). They can be used to send
- and receive data over a connection previously setup with curl_easy_perform()
- and its CURLOPT_CONNECT_ONLY option. The sendrecv.c example was added to
- show how they can be used.
- Yang Tse (9 May 2008)
- - Internal time differences now use monotonic time source if available.
- This also implies the removal of the winmm.lib dependency for WIN32.
- Daniel Stenberg (9 May 2008)
- - Stefan Krause reported a busy-looping case when using the multi interface
- and doing CONNECT to a proxy. The app would then busy-loop until the proxy
- completed its response.
- Michal Marek (9 May 2008)
- - Make Curl_write and it's callees accept a const pointer, in preparation
- of tetetest's patch for curl_easy_send()
- Daniel Stenberg (7 May 2008)
- - Liam Healy filed the debian bug report #480044
- (http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=480044) identifying a
- segfault when using krb5 ftp, but the krb4 code had the same problem.
- Yang Tse (7 May 2008)
- - Christopher Palow provided the patch (edited by me) that introduces the
- use of microsecond resolution keys for internal splay trees.
- Daniel Stenberg (4 May 2008)
- - Yuriy Sosov pointed out a configure fix for detecting c-ares when that is
- built debug-enabled.
- Daniel Stenberg (3 May 2008)
- - Ben Van Hof filed bug report #1945240: "libcurl sometimes sends body twice
- when using CURL_AUTH_ANY" (http://curl.haxx.se/bug/view.cgi?id=1945240).
- The problem was that when libcurl rewound a stream meant for upload when it
- would prepare for a second request, it could accidentally continue the
- sending of the rewound data on the first request instead of on the second.
- Ben also provided test case 1030 that verifies this fix.
- Daniel Stenberg (3 May 2008)
- - Jean-Francois Bertrand reported a libcurl crash with CURLOPT_TCP_NODELAY
- since libcurl used getprotobyname() and that isn't thread-safe. We now
- switched to use IPPROTO_TCP unconditionally, but perhaps the proper fix is
- to detect the thread-safe version of the function and use that.
- http://curl.haxx.se/mail/lib-2008-05/0011.html
- Daniel Stenberg (1 May 2008)
- - Bart Whiteley provided a patch that made libcurl work properly when an app
- uses the CURLOPT_OPENSOCKETFUNCTION callback to create a unix domain socket
- to a http server.
- Daniel Stenberg (29 Apr 2008)
- - To make it easier for applications that want lots of magic stuff done on
- redirections and thus cannot use CURLOPT_FOLLOWLOCATION easily, we now
- introduce the new CURLINFO_REDIRECT_URL option that lets applications
- extract the URL libcurl would've redirected to if it had been told to. This
- then enables the application to continue to that URL as it thinks is
- suitable, without having to re-implement the magic of creating the new URL
- from the Location: header etc. Test 1029 verifies it.
- Yang Tse (29 Apr 2008)
- - Improved easy interface resolving timeout handling in c-ares enabled builds
- Daniel Fandrich (28 Apr 2008)
- - Added test 1028 to test an HTTP redirect to a FTP URL.
- Daniel Stenberg (28 Apr 2008)
- - Norbert Frese filed bug report #1951588: "Problem with curlftpfs and
- libcurl" (http://curl.haxx.se/bug/view.cgi?id=1951588) which seems to be an
- identical report to what Denis Golovan reported in
- http://curl.haxx.se/mail/lib-2008-02/0108.html The FTP code didn't reset the
- user/password pointers properly even though there might've been a new
- struct/cconnection getting used.
- Daniel Stenberg (26 Apr 2008)
- - Reverted back to use automake 1.9.6 in the next release (from automake
- 1.10.1) since it *still* suffers from Solaris-related bugs. Our previous
- automake 1.10 problem was reported in bug #1701360
- (http://curl.haxx.se/bug/view.cgi?id=1701360) and this recent problem was
- bug #1944825 (http://curl.haxx.se/bug/view.cgi?id=1944825). I have not
- personally approached the automake team about either one of these but I
- figure we need a Solaris 10 guy to do it!
- Yang Tse (25 Apr 2008)
- - Added 'timeout' and 'delay' attributes support for the test harness
- <command> subsection.
- Daniel Fandrich (24 Apr 2008)
- - Made --stderr able to redirect all stderr messages.
- Yang Tse (23 Apr 2008)
- - Improve synchronization between test harness runtests.pl script
- and test harness servers to minimize risk of false test failures.
- Daniel Fandrich (22 Apr 2008)
- - Added support for running on Symbian OS.
- Daniel Fandrich (18 Apr 2008)
- - Added test cases 1026 and 1027 to do some rudimentary tests on the --manual
- and --help options.
- Michal Marek (14 Apr 2008)
- - allow disabling the typechecker by defining CURL_DISABLE_TYPECHECK, as
- discussed in http://curl.haxx.se/mail/lib-2008-04/0291.html
- Daniel Stenberg (14 Apr 2008)
- - Stefan Krause reported a case where the OpenSSL handshake phase wasn't
- properly acknowledging the timeout values, like if you pulled the network
- plug in the midst of it.
- - Andre Guibert de Bruet fixed a second case of not checking the malloc()
- return code in the Negotiate code.
- - Sandor Feldi reported bug #1942022
- (http://curl.haxx.se/bug/view.cgi?id=1942022) pointing out a mistake in the
- lib/Makefile.vc[68] makefiles' release-ssl-dll target.
- - Brock Noland reported that curl behaved differently depending on which order
- you used -i and -I.
- Daniel Stenberg (12 Apr 2008)
- - Andre Guibert de Bruet found and fixed a case where malloc() was called but
- was not checked for a NULL return, in the Negotiate code.
- Daniel Fandrich (9 Apr 2008)
- - Added test cases 1024 & 1025 to test a scenario similar to the one reported
- by Ben Combee where libcurl would send the wrong cookie to a redirected
- server. libcurl was doing the right thing in these test cases.
- Michal Marek (7 Apr 2008)
- - Fix the MIT / Heimdal check for good:
- Define HAVE_GSSMIT if <gssapi/{gssapi.h,gssapi_generic.h,gssapi_krb5.h}> are
- available, otherwise define HAVE_GSSHEIMDAL if <gssapi.h> is available.
- Only define GSS_C_NT_HOSTBASED_SERVICE to gss_nt_service_name if
- GSS_C_NT_HOSTBASED_SERVICE isn't declared by the gssapi headers. This should
- avoid breakage in case we wrongly recognize Heimdal as MIT again.
- Daniel Stenberg (5 Apr 2008)
- - Alexey Simak fixed curl_easy_reset() to reset the max redirect limit properly
- - Based on the Debian bug report #474224 that complained about the FTP error
- message when libcurl doesn't get a 220 back immediately on connect, I now
- changed it to be more specific on what the problem is. Also worth noticing:
- while the bug report contains an example where the response is:
- 421 There are too many connected users, please try again later
- we cannot assume that the error message will always be this readable nor
- that it fits within a particular boundary etc.
- Daniel Fandrich (3 Apr 2008)
- - Added test627 to test SFTP with CURLOPT_NOBODY
- Daniel Stenberg (3 Apr 2008)
- - Setting CURLOPT_NOBODY to FALSE will now switch the HTTP request method to
- GET simply because previously when you set CURLOPT_NOBODY to TRUE first and
- then FALSE you'd end up in a broken state where a HTTP request would do a
- HEAD by still act a lot like for a GET and hang waiting for the content etc.
- - Scott Barrett added support for CURLOPT_NOBODY over SFTP
- Daniel Fandrich (3 Apr 2008)
- - Made sure that curl_global_init is called in all the multithreaded
- example programs.
- Michal Marek (31 Mar 2008)
- - Removed the generated ca-bundle.h file. The verbatim value of $ca and
- $capath is known to configure, so it can be defined in config.h instead.
- Daniel Stenberg (31 Mar 2008)
- - Added CURLFORM_STREAM as a supported option to curl_formadd() to allow an
- application to provide data for a multipart with the read callback. Note
- that the size needs to be provided with CURLFORM_CONTENTSLENGTH when the
- stream option is used. This feature is verified by the new test case
- 554. This feature was sponsored by Xponaut.
- Daniel Fandrich (30 Mar 2008)
- - Changed the makefile so the doc/examples/ programs are never built in a
- normal build/install (only with the 'make check' target), so that a
- build failure in the examples isn't fatal.
- Version 7.18.1 (30 March 2008)
- Daniel Stenberg (28 Mar 2008)
- - Stephen Collyer pointed out that configure --with-libssh2 without a given
- path didn't work properly.
- Daniel Stenberg (27 Mar 2008)
- - As found out and reported by Dan Petitt, libcurl didn't show progress/call
- the progress callback for the first (potentially huge) piece of body data
- sent together with the POST request headers in the initial send().
- Daniel Stenberg (25 Mar 2008)
- - Made setting the CURLOPT_SSL_CTX_FUNCTION option return a failure in case
- libcurl wasn't built to use OpenSSL as that is a prerequisite for this
- option to function!
- Daniel Stenberg (22 Mar 2008)
- - Fixed the problem with doing a zero byte SCP transfer, verified with test
- case 617 (which was added by Daniel Fandrich 5 Mar 2008).
- Daniel Fandrich (20 Mar 2008)
- - Fixed a problem where curl-config --protocols could erroneously show LDAPS
- support when curl didn't even have regular LDAP support. It looks like
- this could happen when the --enable-ldaps configure switch is given but
- configure couldn't find the LDAP headers or libraries.
- Michal Marek (20 Mar 2008)
- - Added --with-ca-path=DIRECTORY configure option to use an openSSL CApath by
- default instead of a ca bundle. The configure script will also look for a
- ca path if no ca bundle is found and no option given.
- - Fixed detection of previously installed curl-ca-bundle.crt
- Daniel Fandrich (18 Mar 2008)
- - Added test 626 to reproduce an infinite loop when given an invalid
- SFTP quote command reported by Vincent Le Normand, and fixed it.
- Michal Marek (18 Mar 2008)
- - Added curl_easy_getinfo typechecker.
- - Added macros for curl_share_setopt and curl_multi_setopt to check at least
- the correct number of arguments.
- Daniel Fandrich (13 Mar 2008)
- - Added tests 622-625 to test SFTP/SCP uploads. Test 625 was an attempt to
- reproduce the --ftp-create-dirs problem reported by Brian Ulm, but that
- seems to need a call curl_easy_reset() which this test case doesn't do.
- Daniel Stenberg (13 Mar 2008)
- - Brian Ulm figured out that if you did an SFTP upload with
- CURLOPT_FTP_CREATE_MISSING_DIRS to create a directory, and then re-used the
- handle and uploaded another file to another directory that needed to be
- created, the second upload would fail. Another case of a state variable that
- wasn't properly reset between requests.
- - I rewrote the 100-continue code to use a single state variable instead of
- the previous two ones. I think it made the logic somewhat clearer.
- Daniel Stenberg (11 Mar 2008)
- - Dmitry Popov filed bug report #1911069
- (http://curl.haxx.se/bug/view.cgi?id=1911069) that identified a race
- condition in the name resolver code when the DNS cache is shared between
- multiple easy handles, each running in simultaneous threads that could cause
- crashes.
- - Added a macro for curl_easy_setopt() that accepts three arguments and simply
- does nothing with them, just to make sure libcurl users always use three
- arguments to this function. Due to its use of ... for the third argument, it
- is otherwise hard to detect abuse.
- Michal Marek (11 Mar 2008)
- - Added a type checking macro for curl_easy_setopt(), needs gcc-4.3 and only
- works in C mode atm (http://curl.haxx.se/mail/lib-2008-02/0267.html ,
- http://curl.haxx.se/mail/lib-2008-02/0292.html )
- Daniel Fandrich (10 Mar 2008)
- - Added tests 618-621 to test SFTP/SCP transfers of more than one file
- (test 620 tests the just-fixed problem reported by Brian Ulm).
- Daniel Stenberg (9 Mar 2008)
- - Brian Ulm reported a crash when doing a second SFTP transfer on a re-used
- easy handle if curl_easy_reset() was used between them. I fixed it and Brian
- verified that it cured his problem.
- - Brian Ulm reported that if you first tried to download a non-existing SFTP
- file and then fetched an existing one and re-used the handle, libcurl would
- still report the second one as non-existing as well! I fixed it and Brian
- verified that it cured his problem.
- Michal Marek (6 Mar 2008)
- - Fix the gssapi configure check to detect newer MIT Kerberos (patch by
- Michael Calmer)
- Yang Tse (6 Mar 2008)
- - Fix regression on Curl_socket_ready() and Curl_poll() so that these will
- again fail on select/poll errors different than EINTR.
- Daniel Fandrich (5 Mar 2008)
- - Fixed the test harness so it will write out zero-length data files.
- - Added tests 616 and 617 to see how SFTP and SCP cope with zero-length
- files, as questioned by Mike Protts. SFTP does for me but SCP doesn't
- so test 617 is disabled for now.
- Daniel S (4 Mar 2008)
- - Mike Protts brought a patch that makes resumed transfers work with SFTP.
- Daniel S (1 Mar 2008)
- - Anatoli Tubman found and fixed a crash with Negotiate authentication used on
- a re-used connection where both requests used Negotiate.
- Guenter Knauf (26 Feb 2008)
- - Kaspar Brand provided a patch to support server name indication (RFC 4366).
- Daniel S (25 Feb 2008)
- - Kaspar Brand made GnuTLS-built libcurl properly acknowledge the option that
- forces it to prefer SSLv3.
- Daniel S (23 Feb 2008)
- - Sam Listopad provided a patch in feature-request #1900014
- http://curl.haxx.se/bug/feature.cgi?id=1900014 that makes libcurl (built to
- use OpenSSL) support a full chain of certificates in a given PKCS12
- certificate.
- Daniel S (22 Feb 2008)
- - Georg Lippitsch made the src/Makefile.vc6 makefile use the same memory model
- options as the lib/Makefile.vc6 already did.
- Daniel S (21 Feb 2008)
- - Zmey Petroff found a crash when libcurl accessed a NULL pointer, which
- happened if you set the connection cache size to 1 and for example failed to
- login to an FTP site. Bug report #1896698
- (http://curl.haxx.se/bug/view.cgi?id=1896698)
- Daniel S (20 Feb 2008)
- - Fixed test case 405 to not fail when libcurl is built with GnuTLS
- - Based on initial work done by Gautam Kachroo to address a bug, we now keep
- better control at the exact state of the connection's SSL status so that we
- know exactly when it has completed the SSL negotiation or not so that there
- won't be accidental re-uses of connections that are wrongly believed to be
- in SSL-completed-negotiate state.
- - We no longer support setting the CURLOPT_URL option from inside a callback
- such as the CURLOPT_SSL_CTX_FUNCTION one treat that as if it was a Location:
- following. The patch that introduced this feature was done for 7.11.0, but
- this code and functionality has been broken since about 7.15.4 (March 2006)
- with the introduction of non-blocking OpenSSL "connects".
- It was a hack to begin with and since it doesn't work and hasn't worked
- correctly for a long time and nobody has even noticed, I consider it a very
- suitable subject for plain removal. And so it was done.
- Guenter Knauf (19 Feb 2008)
- - We do no longer support SSLv2 by default since it has known flaws.
- Kaspar Brand provided a patch for all supported SSL toolkits.
- Daniel Fandrich (19 Feb 2008)
- - Added test309 to test HTTP redirect to HTTPS URL
- Daniel S (18 Feb 2008)
- - We're no longer providing a very old ca-bundle in the curl tarball. You can
- get a fresh one downloaded and created with 'make ca-bundle' or you can get
- one from here => http://curl.haxx.se/docs/caextract.html if you want a fresh
- new one extracted from Mozilla's recent list of ca certs.
- The configure option --with-ca-bundle now lets you specify what file to use
- as default ca bundle for your build. If not specified, the configure script
- will check a few known standard places for a global ca cert to use.
- Daniel S (17 Feb 2008)
- - Jerome Muffat-Meridol helped me fix Curl_done() to close the current
- connection by force when it was called before the entire request is
- completed, simply because we can't know if the connection really can be
- re-used safely at that point.
- - Based on the same debugging logic, I've also made Curl_http_done() not
- return CURLE_GOT_NOTHING if called "prematurely". This should have no real
- effect to anything but the code makes more sense like this.
- Daniel S (15 Feb 2008)
- - Made the gnutls code path not even try to get the server cert if no peer
- verification is requested. Previously it would even return failure if gnutls
- failed to get the server cert even though no verification was asked for.
- Public server showing the problem: https://www.net222.caisse-epargne.fr
- - Fix my Curl_timeleft() leftover mistake in the gnutls code
- - Pooyan McSporran found and fixed a flaw where you first would do a normal
- http request and then you'd reuse the handle and replace the Accept: header,
- as then libcurl would send two Accept: headers!
- Daniel S (11 Feb 2008)
- - Yang Tse pointed out a few remaining quirks from my timeout refactoring from
- Feb 7 that didn't abort properly on timeouts. These are actually old
- problems but now they should be fixed.
- Yang Tse (10 Feb 2008)
- - Bug report #1888932 (http://curl.haxx.se/bug/view.cgi?id=1888932) points out
- and provides test program that demonstrates that libcurl might not set error
- description message for error CURLE_COULDNT_RESOLVE_HOST for Windows threaded
- name resolver builds. Fixed now.
- Daniel Fandrich (8 Feb 2008)
- - Added key words to all SSL-using tests so they can be skipped if necessary.
- Removed a few unnecessary requires SSL statements.
- Daniel S (8 Feb 2008)
- - Mike Hommey filed and fixed bug report #1889856
- (http://curl.haxx.se/bug/view.cgi?id=1889856): When using the gnutls ssl
- layer, cleaning-up and reinitializing curl ends up with https requests
- failing with "ASN1 parser: Element was not found" errors. Obviously a
- regression added in 7.16.3.
- Yang Tse (8 Feb 2008)
- - Improved test harness SCP/SFTP start up server verification, doing a real
- connection to the sftp server, authenticating and running a simple sftp
- pwd command using the test harness generated configuration and key files.
- Daniel S (8 Feb 2008)
- - Günter Knauf added lib/mk-ca-bundle.pl which gets the Firefox ca bundle and
- creates a suitable ca-bundle.crt file in PEM format for use with curl. The
- recommended way to run it is to use 'make ca-bundle' in the build tree root.
- Daniel Fandrich (7 Feb 2008)
- - Added tests 1022 and 1023 to validate output of curl-config --version and
- --vernum
- Daniel S (7 Feb 2008)
- - Refactored a lot of timeout code into a few functions in an attempt to make
- them all use the same (hopefully correct) logic to make it less error-prone
- and easier to introduce library-wide where it should be used.
- Yang Tse (6 Feb 2008)
- - Fix an issue in strdup replacement function when dealing with absolutely
- huge strings. Only systems without a standard strdup would be affected.
- Daniel S (3 Feb 2008)
- - Dmitry Kurochkin cleaned up the pipelining code and removed the need for and
- use of the "is_in_pipeline" struct field.
- - I wrote up and added the threaded-ssl.c example source code that shows how
- to do multi-threaded downloads of HTTPS files with a libcurl that is built
- with OpenSSL. It uses pthreads for the threading.
- Daniel S (31 Jan 2008)
- - Niklas Angebrand made the cookie support in libcurl properly deal with the
- "HttpOnly" feature introduced by Microsoft and apparently also supported by
- Firefox: http://msdn2.microsoft.com/en-us/library/ms533046.aspx . HttpOnly
- is now supported when received from servers in HTTP headers, when written to
- cookie jars and when read from existing cookie jars.
- I modified test case 31 and 46 to also do some basic HttpOnly testing.
- - Dmitry Kurochkin moved several struct fields from the connectdata struct to
- the SingleRequest one to make pipelining better. It is a bit tricky to keep
- them in the right place, to keep things related to the actual request or to
- the actual connection in the right place.
- Daniel S (29 Jan 2008)
- - Dmitry Kurochkin fixed Curl_done() for pipelining, as it could previously
- crash!
- - Michal Marek fixed minor mistake in test case 553 that prevented it from
- working on other IP-addresses or port numbers.
- Version 7.18.0 (28 January 2008)
- Daniel S (27 Jan 2008)
- - Dmitry Kurochkin: In "real world" testing I found more bugs in
- pipelining. Broken connection is not restored and we get into infinite
- loop. It happens because of wrong is_in_pipeline values.
- Daniel S (26 Jan 2008)
- - Kevin Reed filed bug report #1879375
- (http://curl.haxx.se/bug/view.cgi?id=1879375) which describes how libcurl
- got lost in this scenario: proxy tunnel (or HTTPS over proxy), ask to do any
- proxy authentication and the proxy replies with an auth (like NTLM) and then
- closes the connection after that initial informational response.
- libcurl would not properly re-initialize the connection to the proxy and
- continue the auth negotiation like supposed. It does now however, as it will
- now detect if one or more authentication methods were available and asked
- for, and will thus retry the connection and continue from there.
- - I made the progress callback get called properly during proxy CONNECT.
- Daniel S (23 Jan 2008)
- - Igor Franchuk pointed out that CURLOPT_COOKIELIST set to "ALL" leaked
- memory, and so did "SESS". Fixed now.
- Yang Tse (22 Jan 2008)
- - Check poll.h at configuration time, and use it when sys/poll.h unavailable
- Daniel S (22 Jan 2008)
- - Dmitry Kurochkin removed the cancelled state for pipelining, as we agreed
- that it is bad anyway. Starting now, removing a handle that is in used in a
- pipeline will break the pipeline - it'll be set back up again but still...
- Yang Tse (21 Jan 2008)
- - Disable ldap support for cygwin builds, since it breaks whole build process.
- Fixing it will affect other platforms, so it is postponed for another release.
- Daniel S (18 Jan 2008)
- - Lau Hang Kin found and fixed a problem with the multi interface when doing
- CONNECT over a proxy. curl_multi_fdset() didn't report back the socket
- properly during that state, due to a missing case in the switch in the
- multi_getsock() function.
- Yang Tse (17 Jan 2008)
- - Don't abort tests 518 and 537 when unable to raise the open-file soft limit.
- Daniel S (16 Jan 2008)
- - Nathan Coulter's patch that makes runtests.pl respect the PATH when figuring
- out what valgrind to run.
- Yang Tse (16 Jan 2008)
- - Improved handling of out of memory in the command line tool that afected
- data url encoded HTTP POSTs when reading it from a file.
- Daniel S (16 Jan 2008)
- - Dmitry Kurochkin worked a lot on improving the HTTP Pipelining support that
- previously had a number of flaws, perhaps most notably when an application
- fired up N transfers at once as then they wouldn't pipeline at all that
- nicely as anyone would think... Test case 530 was also updated to take the
- improved functionality into account.
- - Calls to Curl_failf() are not supposed to provide a trailing newline as the
- function itself adds that. Fixed on 50 or something strings!
- Daniel S (15 Jan 2008)
- - I made the torture test on test 530 go through. This was actually due to
- silly code left from when we switched to let the multi handle "hold" the dns
- cache when using the multi interface... Of course this only triggered when a
- certain function call returned error at the correct moment.
- Daniel S (14 Jan 2008)
- - Joe Malicki filed bug report #1871269
- (http://curl.haxx.se/bug/view.cgi?id=1871269) and we could fix his hang-
- problem that occurred when doing a large HTTP POST request with the
- response-body read from a callback.
- Daniel S (12 Jan 2008)
- - I re-arranged the curl --help output. All the options are now sorted on
- their long option names and all descriptions are one-liners.
- - Eric Landes provided the patch (edited by me) that introduces the
- --keepalive-time to curl to set the keepalive probe interval. I also took
- the opportunity to rename the recently added no-keep-alive option to
- no-keepalive to keep a consistent naming and to avoid getting two dashes in
- these option names. Eric also provided an update to the man page for the new
- option.
- Daniel S (11 Jan 2008)
- - Daniel Egger made CURLOPT_RANGE work on file:// URLs the very same way it
- already worked for FTP:// URLs.
- - I made the curl tool switch from using CURLOPT_IOCTLFUNCTION to now use the
- spanking new CURLOPT_SEEKFUNCTION simply to take advantage of the improved
- performance for the upload resume cases where you want to upload the last
- few bytes of a very large file. To implement this decently, I had to switch
- the client code for uploading from fopen()/fread() to plain open()/read() so
- that we can use lseek() to do >32bit seeks (as fseek() doesn't allow that)
- on systems that offer support for that.
- Daniel S (10 Jan 2008)
- - Michal Marek made curl-config --libs not include /usr/lib64 in the output
- (it already before skipped /usr/lib). /usr/lib64 is the default library
- directory on many 64bit systems and it's unlikely that anyone would use the
- path privately on systems where it's not.
- - Georg Lippitsch brought CURLOPT_SEEKFUNCTION and CURLOPT_SEEKDATA to allow
- libcurl to seek in a given input stream. This is particularly important when
- doing upload resumes when there's already a huge part of the file present
- remotely. Before, and still if this callback isn't used, libcurl will read
- and through away the entire file up to the point to where the resuming
- begins (which of course can be a slow opereration depending on file size,
- I/O bandwidth and more). This new function will also be preferred to get
- used instead of the CURLOPT_IOCTLFUNCTION for seeking back in a stream when
- doing multi-stage HTTP auth with POST/PUT.
- - Nikitinskit Dmitriy filed bug report #1868255
- (http://curl.haxx.se/bug/view.cgi?id=1868255) with a patch. It identifies
- and fixes a problem with parsing WWW-Authenticate: headers with additional
- spaces in the line that the parser wasn't written to deal with.
- Daniel S (8 Jan 2008)
- - Introducing curl_easy_pause() and new magic return codes for both the read
- and the write callbacks that now can make a connection's reading and/or
- writing get paused.
- Daniel S (6 Jan 2008)
- - Jeff Johnson filed bug report #1863171
- (http://curl.haxx.se/bug/view.cgi?id=1863171) where he pointed out that
- libcurl's date parser didn't accept a +1300 time zone which actually is used
- fairly often (like New Zealand's Dailight Savings Time), so I modified the
- parser to now accept up to and including -1400 to +1400.
- Daniel S (5 Jan 2008)
- - Based on further discussion on curl-library, I reverted yesterday's SOCKS5
- code to instead introduce support for a new proxy type called
- CURLPROXY_SOCKS5_HOSTNAME that is used to send the host name to the proxy
- instead of IP address and there's thus no longer any need for a new
- curl_easy_setopt() option.
- The default SOCKS5 proxy is again back to sending the IP address to the
- proxy. The new curl command line option for enabling sending host name to a
- SOCKS5 proxy is now --socks5-hostname.
- Daniel S (4 Jan 2008)
- - Based on Maxim Perenesenko's patch, we now do SOCKS5 operations and let the
- proxy do the host name resolving and only if --socks5ip (or
- CURLOPT_SOCKS5_RESOLVE_LOCAL) is used we resolve the host name locally and
- pass on the IP address only to the proxy.
- Yang Tse (3 Jan 2008)
- - Modified test harness to allow SCP, SFTP and SOCKS4 tests to run with
- OpenSSH 2.9.9, SunSSH 1.0 or later versions. SOCKS5 tests need OpenSSH
- 3.7, SunSSH 1.0 or later.
- Daniel S (2 Jan 2008)
- - I fixed two cases of missing return code checks when handling chunked
- decoding where a write error (or abort return from a callback) didn't stop
- libcurl's processing.
- - I removed the socklen_t use from the public curl/curl.h header and instead
- made it an unsigned int. The type was only used in the curl_sockaddr struct
- definition (only used by the curl_opensocket_callback). On all platforms I
- could find information about, socklen_t is 32 unsigned bits large so I don't
- think this will break the API or ABI. The main reason for this change is of
- course for all the platforms that don't have a socklen_t definition in their
- headers to build fine again. Providing our own configure magic and custom
- definition of socklen_t on those systems proved to work but was a lot of
- cruft, code and extra magic needed - when this very small change of type
- seems harmless and still solves the missing socklen_t problem.
- - Richard Atterer brought a patch that added support for SOCKS4a proxies,
- which is an inofficial PROXY4 variant that sends the hostname to the proxy
- instead of the resolved address (which is already supported by SOCKS5).
- --socks4a is the curl command line option for it and CURLOPT_PROXYTYPE can
- now be set to CURLPROXY_SOCKS4A as well.
- Daniel S (1 Jan 2008)
- - Mohun Biswas pointed out that --libcurl generated a source code with an int
- function but without a return statement. While fixing that, I also took care
- about adding some better comments for the generated code.
- Daniel S (27 Dec 2007)
- - Dmitry Kurochkin mentioned a flaw
- (http://curl.haxx.se/mail/lib-2007-12/0252.html) in detect_proxy() which
- failed to set the bits.proxy variable properly when an environment variable
- told libcurl to use a http proxy.
- Daniel S (26 Dec 2007)
- - In an attempt to repeat the problem in bug report #1850730
- (http://curl.haxx.se/bug/view.cgi?id=1850730) I wrote up test case 552. The
- test is doing a 70K POST with a read callback and an ioctl callback over a
- proxy requiring Digest auth. The test case code is more or less identical to
- the test recipe code provided by Spacen Jasset (who submitted the bug
- report).
- Daniel S (25 Dec 2007)
- - Gary Maxwell filed bug report #1856628
- (http://curl.haxx.se/bug/view.cgi?id=1856628) and provided a fix for the
- (small) memory leak in the SSL session ID caching code. It happened when a
- previous entry in the cache was re-used.
- Daniel Fandrich (19 Dec 2007)
- - Ensure that nroff doesn't put anything but ASCII characters into the
- --manual text.
- Yang Tse (18 Dec 2007)
- - MSVC 9.0 (VS2008) does not support Windows build targets prior to WinXP,
- and makes wrong asumptions of build target when it isn't specified. So,
- if no build target has been defined we will target WinXP when building
- curl/libcurl with MSVC 9.0 (VS2008).
- - (http://curl.haxx.se/mail/archive-2007-12/0039.html) reported and fixed
- a file truncation problem on Windows build targets triggered when retrying
- a download with curl.
- Daniel S (17 Dec 2007)
- - Mateusz Loskot pointed out that MSVC 9.0 (VS2008) has the pollfd struct and
- defines in winsock2.h somehow differently than previous versions and that
- curl 7.17.1 would fail to compile out of the box.
- Daniel S (13 Dec 2007)
- - David Wright filed bug report #1849764
- (http://curl.haxx.se/bug/view.cgi?id=1849764) with an included fix. He
- identified a problem for re-used connections that previously had sent
- Expect: 100-continue and in some situations the subsequent POST (that didn't
- use Expect:) still had the internal flag set for its use. David's fix (that
- makes the setting of the flag in every single request unconditionally) is
- fine and is now used!
- Daniel S (12 Dec 2007)
- - Gilles Blanc made the curl tool enable SO_KEEPALIVE for the connections and
- added the --no-keep-alive option that can disable that on demand.
- Daniel S (9 Dec 2007)
- - Andrew Moise filed bug report #1847501
- (http://curl.haxx.se/bug/view.cgi?id=1847501) and pointed out a memcpy()
- that should be memmove() in the convert_lineends() function.
- Daniel S (8 Dec 2007)
- - Renamed all internal static functions that had Curl_ prefixes to no longer
- have them. The Curl_ prefix is exclusively used for library internal global
- symbols. Static functions can be named anything, except for using Curl_ or
- curl_ prefixes. This is for consistency and for easier maintainance and
- overview.
- - Cleaned up and reformatted the TODO document to look like the FAQ and
- CONTRIBUTE, which makes nicer web pages
- - Added test cases 549 and 550 that test CURLOPT_PROXY_TRANSFER_MODE.
- - Added keywords on a bunch of test cases
- - Fixed an OOM problem in the curl code that would lead to fclose on a bad
- handle and crash
- Daniel S (5 Dec 2007)
- - Spacen Jasset reported a problem with doing POST (with data read with a
- callback) over a proxy when NTLM is used as auth with the proxy. The bug
- also concerned Digest and was limited to using callback only. Spacen worked
- with us to provide a useful patch. I added the test case 547 and 548 to
- verify two variations of POST over proxy with NTLM.
- Daniel S (3 Dec 2007)
- - Ray Pekowski filed bug report #1842029
- (http://curl.haxx.se/bug/view.cgi?id=1842029) in which he identified a
- problem with SSL session caching that prevent it from working, and provided
- the associated fix!
- - Now libcurl (built with OpenSSL) doesn't return error anymore if the remote
- SSL-based server doesn't present a certificate when the request is told to
- ignore certificate verification anyway.
- - Michal Marek introduced CURLOPT_PROXY_TRANSFER_MODE which is used to control
- the appending of the "type=" thing on FTP URLs when they are passed to a
- HTTP proxy. Some proxies just don't like that appending (which is done
- unconditionally in 7.17.1), and some proxies treat binary/ascii transfers
- better with the appending done!
- Daniel S (29 Nov 2007)
- - A bug report on the curl-library list showed a HTTP Digest session going on
- with a 700+ letter nonce. Previously libcurl only support 127 letter ones
- and now I bumped it to 1023.
- - Fixed the resumed FTP upload loop to not require that the read callback
- returns a full buffer on each invoke.
- Daniel S (25 Nov 2007)
- - Added test case 1015 that tests --data-urlencode in multiple ways
- - Fixed --data-urlencode for when no @ or = are used
- - Extended the user-agent buffer curl uses, since we can hit the 128 byte
- border with plenty development libraries used. Like my current set: "curl
- 7.17.2-CVS (i686-pc-linux-gnu) libcurl/7.17.2-CVS OpenSSL/0.9.8g
- zlib/1.2.3.3 c-ares/1.5.2-CVS libidn/1.1 libssh2/0.19.0-CVS"
- Daniel S (24 Nov 2007)
- - Internal rearrangements, so that the previous struct HandleData is no more.
- It is now known as SingleRequest and the Curl_transfer_keeper struct within
- that was remove entirely. This has the upside that there are less duplicate
- struct members that made it hard to see and remember what struct that was
- used to store what data. The transfer_keeper thing was once stored on a
- per-connection basis and then it made sense to have the duplicate info but
- since it was moved to the SessionHandle (in 7.16.0) it just added weirdness.
- The SingleRequest struct is used by data that only is valid for this single
- request.
- Yang Tse (22 Nov 2007)
- - Provide a socklen_t definition in curl.h for Win32 API build targets
- which don't have one.
- Daniel S (22 Nov 2007)
- - Alessandro Vesely helped me improve the --data-urlencode's syntax, parser
- and documentation.
- Daniel S (21 Nov 2007)
- - While inspecting the Negotiate code, I noticed how the proxy auth was using
- the same state struct as the host auth, so both could never be used at the
- same time! I fixed it (without being able to check) to use two separate
- structs to allow authentication using Negotiate on host and proxy
- simultaneously.
- Daniel S (20 Nov 2007)
- - Emil Romanus pointed out a bug that made an easy handle get the cookie
- engine activated when set to use a share (even if the share doesn't share
- cookies). I fixed it.
- - Fixed a very long-lasting mprintf() bug that occurred when we did "%.*s%s",
- since the second %s would then wrongly used the numerical precision argument
- instead and crash.
- - Introduced --data-urlencode to the curl tool for easier url encoding of the
- data sent in a post.
- Daniel S (18 Nov 2007)
- - Rob Crittenden fixed SSL connections with NSS done with the multi-interface
- Daniel S (17 Nov 2007)
- - Michal Marek made the test suite remember what test servers that fail to
- start so that subsequent tries are simply skipped.
- - Andres Garcia made the examples build fine on Windows (mingw + msys) when
- the lib was built staticly.
- Daniel S (16 Nov 2007)
- - Ates Goral identified a problem in http.c:add_buffer_send() when a debug
- callback was used, as it could wrongly pass on a bad size for the outgoing
- HTTP header. The bad size would be a very large value as it was a wrapped
- size_t content. This happened when the whole HTTP request failed to get sent
- in one single send. http://curl.haxx.se/mail/lib-2007-11/0165.html
- Daniel S (15 Nov 2007)
- - Fixed yet another remaining problem with doing SFTP directory listings on a
- re-used persistent connection. Mentioned by Immanuel Gregoire on the mailing
- list.
- - Michal Marek fixed the test suite to better deal with the case when the HTTP
- ipv6 server can't run.
- Yang Tse (14 Nov 2007)
- - Fix a variable potential wrapping in add_buffer() when using absolutely
- huge send buffer sizes.
- Daniel S (13 Nov 2007)
- - Fixed a remaining problem with doing SFTP directory listings on a re-used
- persistent connection. Mentioned by Immanuel Gregoire on the mailing list.
- Daniel S (12 Nov 2007)
- - Bug report #1830637 (http://curl.haxx.se/bug/view.cgi?id=1830637), which was
- forwarded from the Gentoo bug tracker by Daniel Black and was originally
- submitted by Robin Johnson, pointed out that libcurl would do bad memory
- references when it failed and bailed out before the handler thing was
- setup. My fix is not done like the provided patch does it, but instead I
- make sure that there's never any chance for a NULL pointer in that struct
- member.
- Yang Tse (10 Nov 2007)
- - Vikram Saxena (http://curl.haxx.se/mail/lib-2007-11/0096.html) pointed out
- that the pollfd struct was being multi defined when using VS2008. This is
- now fixed in /curl/lib/select.h
- Daniel S (8 Nov 2007)
- - Bug report #1823487 (http://curl.haxx.se/bug/view.cgi?id=1823487) pointed
- out that SFTP requests didn't use persistent connections. Neither did SCP
- ones. I gave the SSH code a good beating and now both SCP and SFTP should
- use persistent connections fine. I also did a bunch of indent changes as
- well as a bug fix for the "keyboard interactive" auth.
- Dan F (6 Nov 2007)
- - Improved telnet support by drastically reducing the number of write
- callbacks needed to pass a buffer to the user. Instead one per byte it
- is now as little as one per segment.
- Yang Tse (6 Nov 2007)
- - Bug report #1824894 (http://curl.haxx.se/bug/view.cgi?id=1824894) pointed
- out a problem in curl.h when building C++ apps with MSVC. To fix it, the
- inclusion of header files in curl.h is moved outside of the C++ extern "C"
- linkage block.
- Daniel S (1 Nov 2007)
- - Toby Peterson patched a memory problem in the command line tool that
- happened when a user had a home dir as an empty string. curl would then do
- free() on a wrong area.
- Dan F (1 Nov 2007)
- - Fixed curl-config --features to not display libz when it wasn't used
- due to a missing header file.
- Dan F (31 October 2007)
- - Fixed the output of curl-config --protocols which showed SCP and SFTP
- always, except when --without-libssh2 was given
- - Added test cases 1013 and 1014 to check that curl-config --protocols and
- curl-config --features matches the output of curl --version
- Dan F (30 October 2007)
- - Fixed an OOM problem with file: URLs
- - Moved Curl_file_connect into the protocol handler struct
- Dan F (29 October 2007)
- - Added test case 546 to check that subsequent FTP transfers work after a
- failed one using the multi interface
- Daniel S (29 October 2007)
- - Based on one of those bug reports that are intercepted by a distro's bug
- tracker (https://bugzilla.redhat.com/show_bug.cgi?id=316191), I now made
- curl-config --features and --protocols show the correct output when built
- with NSS.
- Version 7.17.1 (29 October 2007)
- Dan F (25 October 2007)
- - Added the --static-libs option to curl-config
- Daniel S (25 October 2007)
- - Made libcurl built with NSS possible to ignore the peer verification.
- Previously it would fail if the ca bundle wasn't present, even if the code
- ignored the verification results.
- Patrick M (25 October 2007)
- - Fixed test server to allow null bytes in binary posts.
- _ Added tests 35, 544 & 545 to check binary data posts, both static (in place)
- and dynamic (copied).
- Daniel S (25 October 2007)
- - Michal Marek fixed the test script to be able to use valgrind even when the
- lib is built shared with libtool.
- - Fixed a few memory leaks when the same easy handle is re-used to request
- URLs with different protocols. FTP and TFTP related leaks. Caught thanks to
- Dan F's new test cases.
- Dan F (24 October 2007)
- - Fixed the test FTP and TFTP servers to support the >10000 test number
- notation
- - Added test cases 2000 through 2003 which test multiple protocols using the
- same easy handle
- - Fixed the filecheck: make target to work outside the source tree
- Daniel S (24 October 2007)
- - Vladimir Lazarenko pointed out that we should do some 'mt' magic when
- building with VC8 to get the "manifest" embedded to make fine stand-alone
- binaries. The maketgz and the src/Makefile.vc6 files were adjusted
- accordingly.
- Daniel S (23 October 2007)
- - Bug report #1812190 (http://curl.haxx.se/bug/view.cgi?id=1812190) points out
- that libcurl tried to re-use connections a bit too much when using non-SSL
- protocols tunneled over a HTTP proxy.
- Daniel S (22 October 2007)
- - Michal Marek forwarded the bug report
- https://bugzilla.novell.com/show_bug.cgi?id=332917 about a HTTP redirect to
- FTP that caused memory havoc. His work together with my efforts created two
- fixes:
- #1 - FTP::file was moved to struct ftp_conn, because is has to be dealt with
- at connection cleanup, at which time the struct HandleData could be
- used by another connection.
- Also, the unused char *urlpath member is removed from struct FTP.
-
- #2 - provide a Curl_reset_reqproto() function that frees
- data->reqdata.proto.* on connection setup if needed (that is if the
- SessionHandle was used by a different connection).
- A long-term goal is of course to somehow get rid of how the reqdata struct
- is used, as it is too error-prone.
-
- - Bug report #1815530 (http://curl.haxx.se/bug/view.cgi?id=1815530) points out
- that specifying a proxy with a trailing slash didn't work (unless it also
- contained a port number).
- Patrick M (15 October 2007)
- - Fixed the dynamic CURLOPT_POSTFIELDS problem: this option is now static again
- and option CURLOPT_COPYPOSTFIELDS has been added to support dynamic mode.
- Patrick M (12 October 2007)
- - Added per-protocol callback static tables, replacing callback ptr storage
- in the connectdata structure by a single handler table ptr.
- Dan F (11 October 2007)
- - Fixed the -l option of runtests.pl
- - Added support for skipping tests based on key words.
- Daniel S (9 October 2007)
- - Michal Marek removed the no longer existing return codes from the curl.1
- man page.
- Daniel S (7 October 2007)
- - Known bug #47, which confused libcurl if doing NTLM auth over a proxy with
- a response that was larger than 16KB is now improved slightly so that now
- the restriction at 16KB is for the headers only and it should be a rare
- situation where the response-headers exceed 16KB. Thus, I consider #47 fixed
- and the header limitation is now known as known bug #48.
- Daniel S (5 October 2007)
- - Michael Wallner made the CULROPT_COOKIELIST option support a new magic
- string: "FLUSH". Using that will cause libcurl to flush its cookies to the
- CURLOPT_COOKIEJAR file.
- - The new file docs/libcurl/ABI describes how we view ABI breakages, soname
- bumps and what the version number's significance to all that is.
- Daniel S (4 October 2007)
- - I enabled test 1009 and made the --local-port use a wide range to reduce the
- risk of failures.
- - Kim Rinnewitz reported that --local-port didn't work with TFTP transfers.
- This happened because the tftp code always uncondionally did a bind()
- without caring if one already had been done and then it failed. I wrote a
- test case (1009) to verify this, but it is a bit error-prone since it will
- have to pick a fixed local port number and since the tests are run on so
- many different hosts in different situations I'll add it in disabled state.
- Yang Tse (3 October 2007)
- - Fixed issue related with the use of ares_timeout() result.
- Daniel S (3 October 2007)
- - Alexey Pesternikov introduced CURLOPT_OPENSOCKETFUNCTION and
- CURLOPT_OPENSOCKETDATA to set a callback that allows an application to
- replace the socket() call used by libcurl. It basically allows the app to
- change address, protocol or whatever of the socket.
- - I renamed the CURLE_SSL_PEER_CERTIFICATE error code to
- CURLE_PEER_FAILED_VERIFICATION (standard CURL_NO_OLDIES style), and made
- this return code get used by the previous SSH MD5 fingerprint check in case
- it fails.
- - Based on a patch brought by Johnny Luong, libcurl now offers
- CURLOPT_SSH_HOST_PUBLIC_KEY_MD5 and the curl tool --hostpubmd5. They both
- make the SCP or SFTP connection verify the remote host's md5 checksum of the
- public key before doing a connect, to reduce the risk of a man-in-the-middle
- attack.
- Daniel S (2 October 2007)
- - libcurl now handles chunked-encoded CONNECT responses
- Daniel S (1 October 2007)
- - Alex Fishman reported a curl_easy_escape() problem that was made the
- function do wrong on all input bytes that are >= 0x80 (decimal 128) due to a
- signed / unsigned mistake in the code. I fixed it and added test case 543 to
- verify.
- Daniel S (29 September 2007)
- - Immanuel Gregoire fixed a problem with persistent transfers over SFTP.
- Daniel S (28 September 2007)
- - Adapted the c-ares code to the API change c-ares 1.5.0 brings in the
- notifier callback(s).
- Dan F (26 September 2007)
- - Enabled a few more gcc warnings with --enable-debug. Renamed a few
- variables to avoid shadowing global declarations.
- Daniel S (26 September 2007)
- - Philip Langdale provided the new CURLOPT_POST301 option for
- curl_easy_setopt() that alters how libcurl functions when following
- redirects. It makes libcurl obey the RFC2616 when a 301 response is received
- after a non-GET request is made. Default libcurl behaviour is to change
- method to GET in the subsequent request (like it does for response code 302
- - because that's what many/most browsers do), but with this CURLOPT_POST301
- option enabled it will do what the spec says and do the next request using
- the same method again. I.e keep POST after 301.
- The curl tool got this option as --post301
- Test case 1011 and 1012 were added to verify.
- - Max Katsev reported that when doing a libcurl FTP request with
- CURLOPT_NOBODY enabled but not CURLOPT_HEADER, libcurl wouldn't do TYPE
- before it does SIZE which makes it less useful. I walked over the code and
- made it do this properly, and added test case 542 to verify it.
- Daniel S (24 September 2007)
- - Immanuel Gregoire fixed KNOWN_BUGS #44: --ftp-method nocwd did not handle
- URLs ending with a slash properly (it should list the contents of that
- directory). Test case 351 brought back and also test 1010 was added.
- Daniel S (21 September 2007)
- - Mark Davies fixed Negotiate authentication over proxy, and also introduced
- the --proxy-negotiate command line option to allow a user to explicitly
- select it.
- Daniel S (19 September 2007)
- - Rob Crittenden provided an NSS update with the following highlights:
- o It looks for the NSS database first in the environment variable SSL_DIR,
- then in /etc/pki/nssdb, then it initializes with no database if neither of
- those exist.
- o If the NSS PKCS#11 libnspsem.so driver is available then PEM files may be
- loaded, including the ca-bundle. If it is not available then only
- certificates already in the NSS database are used.
- o Tries to detect whether a file or nickname is being passed in so the right
- thing is done
- o Added a bit of code to make the output more like the OpenSSL module,
- including displaying the certificate information when connecting in
- verbose mode
- o Improved handling of certificate errors (expired, untrusted, etc)
- The libnsspem.so PKCS#11 module is currently only available in Fedora
- 8/rawhide. Work will be done soon to upstream it. The NSS module will work
- with or without it, all that changes is the source of the certificates and
- keys.
- Daniel S (18 September 2007)
- - Immanuel Gregoire pointed out that public key SSH auth failed if no
- public/private key was specified and there was no HOME environment variable,
- and then it didn't continue to try the other auth methods. Now it will
- instead try to get the files id_dsa.pub and id_dsa from the current
- directory if none of the two conditions were met.
- Dan F (17 September 2007)
- - Added hooks to the test suite to make it possible to test a curl running
- on a remote host.
- - Changed some FTP tests to validate the format of the PORT and EPRT commands
- sent by curl, if not the addresses themselves.
- Daniel S (15 September 2007)
- - Michal Marek made libcurl automatically append ";type=<a|i>" when using HTTP
- proxies for FTP urls.
- - Günter Knauf fixed LDAP builds in the Windows makefiles and fixed LDAPv3
- support on Windows.
- Dan F (13 September 2007)
- - Added LDAPS, SCP and SFTP to curl-config --protocols. Removed and
- fixed some AC_SUBST configure entries.
- Version 7.17.0 (13 September 2007)
- Daniel S (12 September 2007)
- - Bug report #1792649 (http://curl.haxx.se/bug/view.cgi?id=1792649) pointed
- out a problem with doing an empty upload over FTP on a re-used connection.
- I added test case 541 to reproduce it and to verify the fix.
- - I noticed while writing test 541 that the FTP code wrongly did a CWD on the
- second transfer as it didn't store and remember the "" path from the
- previous transfer so it would instead CWD to the entry path as stored. This
- worked, but did a superfluous command. Thus, test case 541 now also verifies
- this fix.
- Dan F (5 September 2007)
- - Added test case 1007 to test permission problem when uploading with TFTP
- (to validate bug #1790403).
- - TFTP now reports the "not defined" TFTP error code 0 as an error,
- not success.
- Daniel S (5 September 2007)
- - Continued the work on a fix for #1779054
- (http://curl.haxx.se/bug/view.cgi?id=1779054). My previous fix from August
- 24 was not complete (either) but could accidentally "forget" parts of a
- server response which led to faulty server response time-out errors.
- Dan F (5 September 2007)
- - Minix doesn't support getsockopt on UDP sockets or send/recv on TCP
- sockets.
- Dan F (31 August 2007)
- - Made some of the error strings returned by the *strerror functions more
- generic, and more consistent with each other.
- - Renamed the curl_ftpssl enum to curl_usessl and its enumerated constants,
- creating macros for backward compatibility:
- CURLFTPSSL_NONE => CURLUSESSL_NONE
- CURLFTPSSL_TRY => CURLUSESSL_TRY
- CURLFTPSSL_CONTROL => CURLUSESSL_CONTROL
- CURLFTPSSL_ALL => CURLUSESSL_ALL
- CURLFTPSSL_LAST => CURLUSESSL_LAST
- Dan F (30 August 2007)
- - Renamed several libcurl error codes and options to make them more general
- and allow reuse by multiple protocols. Several unused error codes were
- removed. In all cases, macros were added to preserve source (and binary)
- compatibility with the old names. These macros are subject to removal at
- a future date, but probably not before 2009. An application can be
- tested to see if it is using any obsolete code by compiling it with the
- CURL_NO_OLDIES macro defined.
- The following unused error codes were removed:
- CURLE_BAD_CALLING_ORDER
- CURLE_BAD_PASSWORD_ENTERED
- CURLE_FTP_CANT_RECONNECT
- CURLE_FTP_COULDNT_GET_SIZE
- CURLE_FTP_COULDNT_SET_ASCII
- CURLE_FTP_USER_PASSWORD_INCORRECT
- CURLE_FTP_WEIRD_USER_REPLY
- CURLE_FTP_WRITE_ERROR
- CURLE_LIBRARY_NOT_FOUND
- CURLE_MALFORMAT_USER
- CURLE_OBSOLETE
- CURLE_SHARE_IN_USE
- CURLE_URL_MALFORMAT_USER
- The following error codes were renamed:
- CURLE_FTP_ACCESS_DENIED => CURLE_REMOTE_ACCESS_DENIED
- CURLE_FTP_COULDNT_SET_BINARY => CURLE_FTP_COULDNT_SET_TYPE
- CURLE_FTP_SSL_FAILED => CURLE_USE_SSL_FAILED
- CURLE_FTP_QUOTE_ERROR => CURLE_QUOTE_ERROR
- CURLE_TFTP_DISKFULL => CURLE_REMOTE_DISK_FULL
- CURLE_TFTP_EXISTS => CURLE_REMOTE_FILE_EXISTS
- CURLE_HTTP_RANGE_ERROR => CURLE_RANGE_ERROR
- The following options were renamed:
- CURLOPT_SSLKEYPASSWD => CURLOPT_KEYPASSWD
- CURLOPT_FTPAPPEND => CURLOPT_APPEND
- CURLOPT_FTPLISTONLY => CURLOPT_DIRLISTONLY
- CURLOPT_FTP_SSL => CURLOPT_USE_SSL
- A few more changes will take place with the next SONAME bump of the
- library. These are documented in docs/TODO
- - Documented some newer error codes in libcurl-error(3)
- - Added more accurate error code returns from SFTP operations. Added test
- case 615 to test an SFTP upload failure.
- Dan F (28 August 2007)
- - Some minor internal type and const changes based on a splint scan.
- Daniel S (24 August 2007)
- - Bug report #1779054 (http://curl.haxx.se/bug/view.cgi?id=1779054) pointed
- out that libcurl didn't deal with large responses from server commands, when
- the single response was consisting of multiple lines but of a total size of
- 16KB or more. Dan Fandrich improved the ftp test script and provided test
- case 1006 to repeat the problem, and I fixed the code to make sure this new
- test case runs fine.
- Patrick M (23 August 2007)
- - OS/400 port: new files lib/config-os400.h lib/setup-os400.h packages/OS400/*.
- See packages/OS400/README.OS400.
- Daniel S (23 August 2007)
- - Bug report #1779751 (http://curl.haxx.se/bug/view.cgi?id=1779751) pointed
- out that doing first a file:// upload and then an FTP upload crashed libcurl
- or at best caused furious valgrind complaints. Fixed now!
- Daniel S (22 August 2007)
- - Bug report #1779054 (http://curl.haxx.se/bug/view.cgi?id=1779054) pointed
- out that libcurl didn't deal with very long (>16K) FTP server response lines
- properly. Starting now, libcurl will chop them off (thus the client app will
- not get the full line) but survive and deal with them fine otherwise. Test
- case 1003 was added to verify this.
- Daniel S (20 August 2007)
- - Based on a patch by Christian Vogt, the FTP code now sets the upcoming
- download transfer size much earlier to be possible to get read with
- CURLINFO_CONTENT_LENGTH_DOWNLOAD as soon as possible. This is very much in a
- similar spirit to the HTTP size change from August 11 2007.
- Daniel S (18 August 2007)
- - Robson Braga Araujo filed bug report #1776232
- (http://curl.haxx.se/bug/view.cgi?id=1776232) about libcurl calling
- Curl_client_write(), passing on a const string that the caller may not
- modify and yet it does (on some platforms).
- - Robson Braga Araujo filed bug report #1776235
- (http://curl.haxx.se/bug/view.cgi?id=1776235) about ftp requests with NOBODY
- on a directory would do a "SIZE (null)" request. This is now fixed and test
- case 1000 was added to verify.
- Daniel S (17 August 2007)
- - Song Ma provided a patch that cures a problem libcurl has when doing resume
- HTTP PUT using Digest authentication. Test case 5320 and 5322 were also
- added to verify the functionality.
- Daniel S (14 August 2007)
- - Andrew Wansink provided an NTLM bugfix: in the case the server sets the flag
- NTLMFLAG_NEGOTIATE_UNICODE, we need to filter it off because libcurl doesn't
- UNICODE encode the strings it packs into the NTLM authenticate packet.
- Daniel S (11 August 2007)
- - Allen Pulsifer provided a patch that makes libcurl set the expected download
- size earlier when doing HTTP downloads, so that applications and the
- progress meter etc know get the info earlier in the flow than before.
- - Patrick Monnerat modified the LDAP code and approach in curl. Starting now,
- the configure script checks for openldap and friends and we link with those
- libs just like we link all other third party libraries, and we no longer
- dlopen() those libraries. Our private header file lib/ldap.h was renamed to
- lib/curl_ldap.h due to this. I set a tag in CVS (curl-7_17_0-preldapfix)
- just before this commit, just in case.
- Dan F (8 August 2007)
- - Song Ma noted a zlib memory leak in the illegal compressed header
- countermeasures code path.
- Daniel S (4 August 2007)
- - Patrick Monnerat fixed curl_easy_escape() and curlx_strtoll() to work on
- non-ASCII systems.
- Daniel S (3 August 2007)
- - I cut out support for libssh2 versions older than 0.16 to make our code a
- lot simpler, and to avoid getting trouble with the LIBSSH2_APINO define
- that 1) didn't work properly since it was >32 bits and 2) is removed in
- libssh2 0.16...
- Daniel S (2 August 2007)
- - Scott Cantor filed bug report #1766320
- (http://curl.haxx.se/bug/view.cgi?id=1766320) pointing out that the libcurl
- code accessed two curl_easy_setopt() options (CURLOPT_DNS_CACHE_TIMEOUT and
- CURLOPT_DNS_USE_GLOBAL_CACHE) as ints even though they're documented to be
- passed in as longs, and that makes a difference on 64 bit architectures.
- - Dmitriy Sergeyev reported a regression: resumed file:// transfers broke
- after 7.16.2. This is much due to the different treatment file:// gets
- internally, but now I added test 231 to make it less likely to happen again
- without us noticing!
- Daniel S (1 August 2007)
- - Patrick Monnerat and I modified libcurl so that now it *copies* all strings
- passed to it with curl_easy_setopt()! Previously it has always just refered
- to the data, forcing the user to keep the data around until libcurl is done
- with it. That is now history and libcurl will instead clone the given
- strings and keep private copies. This is also part of Patrick Monnerat's
- OS/400 port.
- Due to this being a somewhat interesting change API wise, I've decided to
- bump the version of the upcoming release to 7.17.0. Older applications will
- of course not notice this change nor do they have to care, but new
- applications can be written to take advantage of this.
- - Greg Morse reported a problem with POSTing using ANYAUTH to a server
- requiring NTLM, and he provided test code and a test server and we worked
- out a bug fix. We failed to count sent body data at times, which then caused
- internal confusions when libcurl tried to send the rest of the data in order
- to maintain the same connection alive.
- Daniel S (31 July 2007)
- - Peter O'Gorman pointed out (and fixed) that the non-blocking check in
- configure made libcurl use blocking sockets on AIX 4 and 5, while that
- wasn't the intention.
- Daniel S (29 July 2007)
- - Jayesh A Shah filed bug report #1759542
- (http://curl.haxx.se/bug/view.cgi?id=1759542) identifying a rather serious
- problem with FTPS: libcurl closed the data connection socket and then later
- in the flow it would call the SSL layer to do SSL shutdown which then would
- use a socket that had already been closed - so if the application had opened
- a new one in the mean time, libcurl could send gibberish that way! I worked
- with Greg Zavertnik to properly diagnose and fix this. The fix affects code
- for all SSL libraries we support, but it has only been truly verified to
- work fine for the OpenSSL version. The others have only been code reviewed.
- Daniel S (23 July 2007)
- - Implemented the parts of Patrick Monnerat's OS/400 patch that introduces
- support for the OS/400 Secure Sockets Layer library.
- Dan F (23 July 2007)
- - Implemented only the parts of Patrick Monnerat's OS/400 patch that renamed
- some few internal identifiers to avoid conflicts, which could be useful on
- other platforms.
- Daniel S (22 July 2007)
- - HTTP Digest bug fix by Chris Flerackers:
- Scenario
- - Perfoming a POST request with body
- - With authentication (only Digest)
- - Re-using a connection
- libcurl would send a HTTP POST with an Authorization header but without
- body. Our server would return 400 Bad Request in that case (because
- authentication passed, but the body was empty).
- Cause
- 1) http_digest.c -> Curl_output_digest
- - Updates allocptr.userpwd/allocptr.proxyuserpwd *only* if d->nonce is
- filled in (and no errors)
- - authp->done = TRUE if d->nonce is filled in
- 2) http.c -> Curl_http
- - *Always* uses allocptr.userpwd/allocptr.proxyuserpwd if not NULL
- 3) http.c -> Curl_http, Curl_http_output_auth
- So what happens is that Curl_output_digest cannot yet update the
- Authorization header (allocptr.userpwd) which results in authhost->done=0 ->
- authhost->multi=1 -> conn->bits.authneg = TRUE. The body is not
- added. *However*, allocptr.userpwd is still used when building the request
- - Added test case 354 that makes a simple FTP retrieval without password, which
- verifies the bug fix in #1757328.
- Daniel S (21 July 2007)
- - To allow more flexibility in FTP test cases, I've removed the enforced states
- from the test server code as they served no real purpose. The test server
- is here to serve for the test cases, not to attempt to function as a real
- server! While at it, I modified test case 141 to better test and verify
- curl -I on a single FTP file.
- Daniel S (20 July 2007)
- - James Housley fixed the SFTP PWD command to work.
- - Ralf S. Engelschall filed bug report #1757328
- (http://curl.haxx.se/bug/view.cgi?id=1757328) and submitted a patch. It
- turns out we broke login to FTP servers that don't require (nor understand)
- PASS after the USER command. The breakage was done as part of the krb5
- commit so a krb-using person needs to verify that the current version now
- works or if we need to fix it (in a different way of course).
- Dan F (17 July 2007)
- - Fixed test cases 613 and 614 by improving the log postprocessor to handle
- a new directory listing format that newer libssh2's can provide. This
- is probably NOT sufficient to handle all directory listing formats that
- server's can provide, and should be revisited.
- Daniel S (17 July 2007)
- - Daniel Johnson fixed a bug in how libssh2_session_last_error() was used, in
- two places.
- - Jofell Gallardo posted a libcurl log using FTP that exposed a bug which made
- a control connection that was deemed "dead" to yet be re-used in a following
- request.
- Daniel S (13 July 2007)
- - Colin Hogben filed bug report #1750274
- (http://curl.haxx.se/bug/view.cgi?id=1750274) and submitted a patch for the
- case where libcurl did a connect attempt to a non-listening port and didn't
- provide a human readable error string back.
- - Daniel Cater fixes:
- 1 - made 'make vc8' work on windows.
- 2 - made libcurl itself built with CURL_NO_OLDIES defined (which doesn't
- define the symbols for backwards source compatibility)
- 3 - updated libcurl-errors.3
- 4 - added CURL_DISABLE_TFTP to docs/INSTALL
- Daniel S (12 July 2007)
- - Made the krb5 code build with Heimdal's GSSAPI lib.
- Dan F (12 July 2007)
- - Compile most of the example apps in docs/examples when doing a 'make check'.
- Fixed some compile warnings and errors in those examples.
- - Removed the example program ftp3rdparty.c since libcurl doesn't support
- 3rd party FTP transfers any longer.
- Daniel S (12 July 2007)
- - Shmulik Regev found an (albeit rare) case where the proxy CONNECT operation
- could in fact get stuck in an endless loop.
- - Made CURLOPT_SSL_VERIFYHOST set to 1 acts as described in the documentation:
- fail to connect if there is no Common Name field found in the remote cert.
- We should deprecate the support for this set to 1 anyway soon, since the
- feature is pointless and most likely never really used by anyone.
- Daniel S (11 July 2007)
- - Shmulik Regev fixed a bug with transfer-encoding skipping during the 407
- error pages for proxy authentication.
- - Giancarlo Formicuccia reported and fixed a problem with a closed connection
- to a proxy during CONNECT auth negotiation.
- Dan F (10 July 2007)
- - Fixed a curl memory leak reported by Song Ma with a modified version
- of the patch he suggested. Added his test case as test289 to verify.
- - Force the time zone to GMT in the cookie tests in case the user is
- using one of the so-called 'right' time zones that take into account
- leap seconds, which causes the tests to fail (as reported by
- Daniel Black in bug report #1745964).
- Version 7.16.4 (10 July 2007)
- Daniel S (10 July 2007)
- - Kees Cook notified us about a security flaw
- (http://curl.haxx.se/docs/adv_20070710.html) in which libcurl failed to
- properly reject some outdated or not yet valid server certificates when
- built with GnuTLS. Kees also provided the patch.
- James H (5 July 2007)
- - Gavrie Philipson provided a patch that will use a more specific error
- message for an scp:// upload failure. If libssh2 has his matching
- patch, then the error message return by the server will be used instead
- of a more generic error.
- Daniel S (1 July 2007)
- - Thomas J. Moore provided a patch that introduces Kerberos5 support in
- libcurl. This also makes the options change name to --krb (from --krb4) and
- CURLOPT_KRBLEVEL (from CURLOPT_KRB4LEVEL) but the old names are still
- - Song Ma helped me verify and extend a fix for doing FTP over a SOCKS4/5
- proxy.
- Daniel S (27 June 2007)
- - James Housley: Add two new options for the SFTP/SCP/FILE protocols:
- CURLOPT_NEW_FILE_PERMS and CURLOPT_NEW_DIRECTORY_PERMS. These control the
- premissions for files and directories created on the remote
- server. CURLOPT_NEW_FILE_PERMS defaults to 0644 and
- CURLOPT_NEW_DIRECTORY_PERMS defaults to 0755
- - I corrected the 10-at-a-time.c example and applied a patch for it by James
- Bursa.
- Daniel S (26 June 2007)
- - Robert Iakobashvili re-arranged the internal hash code to work with a custom
- hash function for different hashes, and also expanded the default size for
- the socket hash table used in multi handles to greatly enhance speed when
- very many connections are added and the socket API is used.
- - James Housley made the CURLOPT_FTPLISTONLY mode work for SFTP directory
- listings as well
- Daniel S (25 June 2007)
- - Adjusted how libcurl treats HTTP 1.1 responses without content-lenth or
- chunked encoding (that also lacks "Connection: close"). It now simply
- assumes that the connection WILL be closed to signal the end, as that is how
- RFC2616 section 4.4 point #5 says we should behave.
-
- Version 7.16.3 (25 June 2007)
- Daniel S (23 June 2007)
- - As reported by "Tro" in http://curl.haxx.se/mail/lib-2007-06/0161.html and
- http://curl.haxx.se/mail/lib-2007-06/0238.html, libcurl didn't properly do
- no-body requests on FTP files on re-used connections properly, or at least
- it didn't provide the info back in the header callback properly in the
- subsequent requests.
- Daniel S (21 June 2007)
- - Gerrit Bruchhäuser pointed out a warning that the Intel(R) Thread Checker
- tool reports and it was indeed a legitimate one and it is one fixed. It was
- a use of a share without doing the proper locking first.
-
- Daniel S (20 June 2007)
- - Adam Piggott filed bug report #1740263
- (http://curl.haxx.se/bug/view.cgi?id=1740263). Adam discovered that when
- getting a large amount of URLs with curl, they were fetched slower and
- slower... which turned out to be because the --libcurl data collecting which
- wrongly always was enabled, but no longer is...
- Daniel S (18 June 2007)
- - Robson Braga Araujo filed bug report #1739100
- (http://curl.haxx.se/bug/view.cgi?id=1739100) that mentioned that libcurl
- could not actually list the contents of the root directory of a given FTP
- server if the login directory isn't root. I fixed the problem and added
- three test cases (one is disabled for now since I identified KNOWN_BUGS #44,
- we cannot use --ftp-method nocwd and list ftp directories).
- Daniel S (14 June 2007)
- - Shmulik Regev:
- I've encountered (and hopefully fixed) a problem involving proxy CONNECT
- requests and easy handles state management. The problem isn't simple to
- reproduce since it depends on socket state. It only manifests itself when
- working with non-blocking sockets.
- Here is the scenario:
- 1. in multi_runsingle the easy handle is in the CURLM_STATE_WAITCONNECT and
- calls Curl_protocol_connect
- 2. in Curl_proxyCONNECT, line 1247, if the socket isn't ready the function
- returns and conn->bits.tunnel_connecting is TRUE
- 3. when the call to Curl_protocol_connect returns the protocol_connect flag
- is false and the easy state is changed to CURLM_STATE_PROTOCONNECT which
- isn't correct if a proxy is used. Rather CURLM_STATE_WAITPROXYCONNECT
- should be used.
- I discovered this while performing an HTTPS request through a proxy (squid)
- on my local network. The problem caused openssl to fail as it read the proxy
- response to the CONNECT call ('HTTP/1.0 Established') rather than the SSL
- handshake (the exact openssl error was 'wrong ssl version' but this isn't
- very important)
- - Dave Vasilevsky filed bug report #1736875
- (http://curl.haxx.se/bug/view.cgi?id=1736875) almost simultanouesly as Dan
- Fandrich mentioned a related build problem on the libcurl mailing list:
- http://curl.haxx.se/mail/lib-2007-06/0131.html. Both problems had the same
- reason: the definitions of the POLL* defines and the pollfd struct in the
- libcurl code was depending on HAVE_POLL instead of HAVE_SYS_POLL_H.
- Daniel S (13 June 2007)
- - Tom Regner provided a patch and worked together with James Housley, so now
- CURLOPT_FTP_CREATE_MISSING_DIRS works for SFTP connections as well as FTP
- ones.
- - Rich Rauenzahn filed bug report #1733119
- (http://curl.haxx.se/bug/view.cgi?id=1733119) and we collaborated on the
- fix. The problem is that for 64bit HPUX builds, several socket-related
- functions would still assume int (32 bit) arguments and not socklen_t (64
- bit) ones.
- Daniel S (12 June 2007)
- - James Housley brought his revamped SSH code that is state-machine driven to
- really take advantage of the now totally non-blocking libssh2 (in CVS).
- Dan F (8 June 2007)
- - Incorporated Daniel Black's test706 and test707 SOCKS test cases.
- - Fixed a few problems when starting the SOCKS server.
- - Reverted some recent changes to runtests.pl that weren't compatible with
- perl 5.0.
- - Fixed the test harness so that it actually kills the ssh being used as
- the SOCKS server.
- Daniel S (6 June 2007)
- - -s/--silent can now be used to toggle off the silence again if used a second
- time.
- Daniel S (5 June 2007)
- - Added Daniel Black's work that adds the first few SOCKS test cases. I also
- fixed two minor SOCKS problems to make the test cases run fine.
- Daniel S (31 May 2007)
- - Feng Tu made (lib)curl support "upload" resuming work for file:// URLs.
- Daniel S (30 May 2007)
- - I modified the 10-at-a-time.c example to transfer 500 downloads in parallel
- with a c-ares enabled build only to find that it crashed miserably, and this
- was due to some select()isms left in the code. This was due to API
- restrictions in c-ares 1.3.x, but with the upcoming c-ares 1.4.0 this is no
- longer the case so now libcurl runs much better with c-ares and the multi
- interface with > 1024 file descriptors in use.
- Extra note: starting now we require c-ares 1.4.0 for asynchronous name
- resolves.
- - Added CURLMOPT_MAXCONNECTS which is a curl_multi_setopt() option for setting
- the maximum size of the connection cache maximum size of the multi handle.
- Daniel S (27 May 2007)
- - When working with a problem Stefan Becker had, I found an off-by-one buffer
- overwrite in Curl_select(). While fixing it, I also improved its performance
- somewhat by changing calloc to malloc and breaking out of a loop earlier
- (when possible).
- Daniel S (25 May 2007)
- - Rob Crittenden fixed bug #1705802
- (http://curl.haxx.se/bug/view.cgi?id=1705802), which was filed by Daniel
- Black identifying several FTP-SSL test cases fail when we build libcurl with
- NSS for TLS/SSL. Listed as #42 in KNOWN_BUGS.
- Daniel S (24 May 2007)
- - Song Ma filed bug report #1724016
- (http://curl.haxx.se/bug/view.cgi?id=1724016) noticing that downloading
- glob-ranges for TFTP was broken in CVS. Fixed now.
-
- - 'mytx' in bug report #1723194 (http://curl.haxx.se/bug/view.cgi?id=1723194)
- pointed out that the warnf() function in the curl tool didn't properly deal
- with the cases when excessively long words were used in the string to chop
- up.
- Daniel S (22 May 2007)
- - Andre Guibert de Bruet fixed a memory leak in the function that verifies the
- peer's name in the SSL certificate when built for OpenSSL. The leak happens
- for libcurls with CURL_DOES_CONVERSIONS enabled that fail to convert the CN
- name from UTF8. He also fixed a leak when PKCS #12 parsing failed.
- Daniel S (18 May 2007)
- - Feng Tu reported that curl -w did wrong on TFTP transfers in bug report
- #1715394 (http://curl.haxx.se/bug/view.cgi?id=1715394), and the
- transfer-related info "variables" were indeed overwritten with zeroes
- wrongly and have now been adjusted. The upload size still isn't accurate.
- Daniel S (17 May 2007)
- - Feng Tu pointed out a division by zero error in the TFTP connect timeout
- code for timeouts less than five seconds, and also provided a fix for it.
- Bug report #1715392 (http://curl.haxx.se/bug/view.cgi?id=1715392)
- Dan F (16 May 2007)
- - Added support for compiling under Minix 3.1.3 using ACK.
- Dan F (14 May 2007)
- - Added SFTP directory listing test case 613.
- - Added support for quote commands before a transfer using SFTP and test
- case 614.
- - Changed the post-quote commands to occur after the transferred file is
- closed.
- - Allow SFTP quote commands chmod, chown, chgrp to set a value of 0.
- Dan F (9 May 2007)
- - Kristian Gunstone fixed a problem where overwriting an uploaded file with
- sftp didn't truncate it first, which would corrupt the file if the new
- file was shorter than the old.
- Dan F (8 May 2007)
- - Added FTPS test cases 406 and 407
- Daniel S (8 May 2007)
- - CURLE_FTP_COULDNT_STOR_FILE is now known as CURLE_UPLOAD_FAILED. This is
- because I just made SCP uploads return this value if the file size of
- the upload file isn't given with CURLOPT_INFILESIZE*. Docs updated to
- reflect this news, and a define for the old name was added to the public
- header file.
- Daniel S (7 May 2007)
- - James Bursa fixed a bug in the multi handle code that made the connection
- cache grow a bit too much, beyond the normal 4 * easy_handles.
- Daniel S (2 May 2007)
- - Anders Gustafsson remarked that requiring CURLOPT_HTTP_VERSION set to 1.0
- when CURLOPT_HTTP200ALIASES is used to avoid the problem mentioned below is
- not very nice if the client wants to be able to use _either_ a HTTP 1.1
- server or one within the aliases list... so starting now, libcurl will
- simply consider 200-alias matches the to be HTTP 1.0 compliant.
- - Tobias Rundström reported a problem they experienced with xmms2 and recent
- libcurls, which turned out to be the 25-nov-2006 change which treats HTTP
- responses without Content-Length or chunked encoding as without bodies. We
- now added the conditional that the above mentioned response is only without
- body if the response is HTTP 1.1.
- - Jeff Pohlmeyer improved the hiperfifo.c example to use the
- CURLMOPT_TIMERFUNCTION callback option.
- - Set the timeout for easy handles to expire really soon after addition or
- when CURLM_CALL_MULTI_PERFORM is returned from curl_multi_socket*/perform,
- to make applications using only curl_multi_socket() to properly function
- when adding easy handles "on the fly". Bug report and test app provided by
- Michael Wallner.
- Dan F (30 April 2007)
- - Improved the test harness to allow running test servers on other than
- the default port numbers, allowing more than one test suite to run
- simultaneously on the same host.
- Daniel S (28 April 2007)
- - Peter O'Gorman fixed libcurl to not init GnuTLS as early as we did before,
- since it then inits libgcrypt and libgcrypt is being evil and EXITS the
- application if it fails to get a fine random seed. That's really not a nice
- thing to do by a library.
- - Frank Hempel fixed a curl_easy_duphandle() crash on a handle that had
- been removed from a multi handle, and then fixed another flaw that prevented
- curl_easy_duphandle() to work even after the first fix - the handle was
- still marked as using the multi interface.
- Daniel S (26 April 2007)
- - Peter O'Gorman found a problem with SCP downloads when the downloaded file
- was 16385 bytes (16K+1) and it turned out we didn't properly always "suck
- out" all data from libssh2. The effect being that libcurl would hang on the
- socket waiting for data when libssh2 had in fact already read it all...
- Dan F (25 April 2007)
- - Added support in runtests.pl for "!n" test numbers to disable individual
- tests. Changed -t to only keep log files around when -k is specified,
- to have the same behaviour as without -t.
- Daniel S (25 April 2007)
- - Sonia Subramanian brought our attention to a problem that happens if you set
- the CURLOPT_RESUME_FROM or CURLOPT_RANGE options and an existing connection
- in the connection cache is closed to make room for the new one when you call
- curl_easy_perform(). It would then wrongly free range-related data in the
- connection close funtion.
- Yang Tse (25 April 2007)
- - Steve Little fixed compilation on VMS 64-bit mode
- Daniel S (24 April 2007)
- - Robert Iakobashvili made the 'master_buffer' get allocated first once it is
- can/will be used as it then makes the common cases save 16KB of data for each
- easy handle that isn't used for pipelining.
- Dan F (23 April 2007)
- - Added <postcheck> support to the test harness.
- - Added tests 610-612 to test more SFTP post-quote commands.
- Daniel S (22 April 2007)
- - Song Ma's warning if -r/--range is given with a "bad" range, also noted in
- the man page now.
- - Daniel Black filed bug #1705177
- (http://curl.haxx.se/bug/view.cgi?id=1705177) where --without-ssl
- --with-gnutl outputs a warning about SSL not being enabled even though GnuTLS
- was found and used.
- Daniel S (21 April 2007)
- - Daniel Black filed bug #1704675
- (http://curl.haxx.se/bug/view.cgi?id=1704675) identifying a double-free
- problem in the SSL-dealing layer, telling GnuTLS to free NULL credentials on
- closedown after a failure and a bad #ifdef for NSS when closing down SSL.
- Yang Tse (20 April 2007)
- - Save one call to curlx_tvnow(), which calls gettimeofday(), in each of
- Curl_socket_ready(), Curl_poll() and Curl_select() when these are called
- with a zero timeout or a timeout value indicating a blocking call should
- be performed.
- Daniel S (18 April 2007)
- - James Housley made SFTP uploads use libssh2's non-blocking API
- - Prevent the internal progress meter from updating more frequently than once
- per second.
- Dan F (17 April 2007)
- - Added test cases 296, 297 and 298 to test --ftp-method handling
- Daniel S (16 April 2007)
- - Robert Iakobashvil added curl_multi_socket_action() to libcurl, which is a
- function that deprecates the curl_multi_socket() function. Using the new
- function the application tell libcurl what action that was found in the
- socket that it passes in. This gives a significant performance boost as it
- allows libcurl to avoid a call to poll()/select() for every call to
- curl_multi_socket*().
- I added a define in the public curl/multi.h header file that will make your
- existing application automatically use curl_multi_socket_action() instead of
- curl_multi_socket() when you recompile. But of course you'll get better
- performance if you adjust your code manually and actually pass in the
- correct action bitmask to this function.
- Daniel S (14 April 2007)
- - Jay Austin added "DH PARAMETERS" to the stunnel.pem certificate for the test
- suite to make stunnel run better in some (most?) environments.
- Dan F (13 April 2007)
- - Added test cases 294 and 295 to test --ftp-account handling
- - Improved handling of out of memory in ftp.
- Yang Tse (13 April 2007)
- - Fix test case 534 which started to fail 2007-04-13 due to the existance
- of a new host on the net with the same silly domain the test was using
- for a host which was supposed not to exist.
- Daniel S (12 April 2007)
- - Song Ma found a memory leak in the if2ip code if you pass in an interface
- name longer than the name field of the ifreq struct (typically 6 bytes), as
- then it wouldn't close the used dummy socket. Bug #1698974
- (http://curl.haxx.se/bug/view.cgi?id=1698974)
- Version 7.16.2 (11 April 2007)
- Yang Tse (10 April 2007)
- - Ravi Pratap provided some fixes for HTTP pipelining
- - configure script will ignore --enable-sspi option for non-native Windows.
- Daniel S (9 April 2007)
- - Nick Zitzmann did ssh.c cleanups
- Daniel S (3 April 2007)
- - Rob Jones fixed better #ifdef'ing for a bunch of #include lines.
- Daniel S (2 April 2007)
- - Nick Zitzmann made the CURLOPT_POSTQUOTE option work for SFTP as well. The
- accepted commands are as follows:
- chgrp (gid) (path)
- Changes the group ID of the file or directory at (path) to (gid). (gid)
- must be a number.
- chmod (perms) (path)
- Changes the permissions of the file or directory at (path) to
- (perms). (perms) must be a number in the format used by the chmod Unix
- command.
- chown (uid) (path)
- Changes the user ID of the file or directory at (path) to (uid). (uid)
- must be a number.
- ln (source) (dest)
- Creates a symbolic link at (dest) that points to the file located at
- (source).
- mkdir (path)
- Creates a new directory at (path).
- rename (source) (dest)
- Moves the file or directory at (source) to (dest).
- rm (path)
- Deletes the file located at (path).
- rmdir (path)
- Deletes the directory located at (path). This command will raise an error
- if the directory is not empty.
- symlink (source) (dest)
- Same as ln.
- Daniel S (1 April 2007)
- - Robert Iakobashvili made curl_multi_remove_handle() a lot faster when many
- easy handles are added to a multi handle, by avoiding the looping over all
- the handles to find which one to remove.
- - Matt Kraai provided a patch that makes curl build on QNX 6 fine again.
- Daniel S (31 March 2007)
- - Fixed several minor issues detected by the coverity.com scanner.
- - "Pixel" fixed a problem that appeared when you used -f with user+password
- embedded in the URL.
- Dan F (29 March 2007)
- - Don't tear down the ftp connection if the maximum filesize was exceeded
- and added tests 290 and 291 to check.
- - Added ftps upload and SSL required tests 401 and 402.
- - Send an EOF message before closing an SCP channel, as recommended by
- RFC4254. Enable libssh2 tracing when ssh debugging is turned on.
- Yang Tse (27 March 2007)
- - Internal function Curl_select() renamed to Curl_socket_ready()
- New Internal wrapper function Curl_select() around select (2), it
- uses poll() when a fine poll() is available, so now libcurl can be
- built without select() support at all if a fine poll() is available.
- Daniel S (25 March 2007)
- - Daniel Johnson fixed multi code to traverse the easy handle list properly.
- A left-over bug from the February 21 fix.
- Dan F (23 March 2007)
- - Added --pubkey option to curl and made --key also work for SCP/SFTP,
- plus made --pass work on an SSH private key as well.
- - Changed the test harness to attempt to gracefully shut down servers
- before resorting to the kill -9 hammer.
- - Added test harness infrastructure to support scp/sftp tests, using
- OpenSSH as the server.
- - Fixed a memory leak when specifying a proxy with a file: URL.
- Yang Tse (20 March 2007)
- - Fixed: When a signal was caught awaiting for an event using Curl_select()
- or Curl_poll() with a non-zero timeout both functions would restart the
- specified timeout. This could even lead to the extreme case that if a
- signal arrived with a frecuency lower to the specified timeout neither
- function would ever exit.
- Added experimental symbol definition check CURL_ACKNOWLEDGE_EINTR in
- Curl_select() and Curl_poll(). When compiled with CURL_ACKNOWLEDGE_EINTR
- defined both functions will return as soon as a signal is caught. Use it
- at your own risk, all calls to these functions in the library should be
- revisited and checked before fully supporting this feature.
- Yang Tse (19 March 2007)
- - Bryan Henderson fixed the progress function so that it can get called more
- frequently allowing same calling frecuency for the client progress callback.
-
- Dan F (15 March 2007)
- - Various memory leaks plugged and NULL pointer fixes made in the ssh code.
- Daniel (15 March 2007)
- - Nick made the curl tool accept globbing ranges that only is one number, i.e
- you can now use [1-1] without curl complaining.
- Daniel (10 March 2007)
- - Eygene Ryabinkin:
- The problem is the following: when we're calling Curl_done and it decides to
- keep the connection opened ('left intact'), then the caller is not notified
- that the connection was done via the NULLifying of the pointer, so some easy
- handle is keeping the pointer to this connection.
- Later ConnectionExists can select such connection for reuse even if we're
- not pipelining: pipeLen is zero, so the (pipeLen > 0 && !canPipeline) is
- false and we can reuse this connection for another easy handle. But thus the
- connection will be shared between two easy handles if the handle that wants
- to take the ownership is not the same as was not notified of the connection
- was done in Curl_done. And when some of these easy handles will get their
- connection really freed the another one will still keep the pointer.
- My fix was rather trivial: I just added the NULLification to the 'else'
- branch in the Curl_done. My tests with Git and ElectricFence showed no
- problems both for HTTP pulling and cloning. Repository size is about 250 Mb,
- so it was a considerable amount of Curl's work.
- Dan F (9 March 2007)
- - Updated the test harness to add a new "crypto" feature check and updated the
- appropriate test case to use it. For now, this is treated the same as the
- "SSL" feature because curl doesn't list it separately.
- Daniel (9 March 2007)
- - Robert Iakobashvili fixed CURLOPT_INTERFACE for IPv6.
- - Robert A. Monat improved the maketgz and VC6/8 generating to set the correct
- machine type too.
- - Justin Fletcher fixed a file descriptor leak in the curl tool when trying to
- upload a file it couldn't open. Bug #1676581
- (http://curl.haxx.se/bug/view.cgi?id=1676581)
- Dan F (9 March 2007)
- - Updated the test harness to check for protocol support before running each
- test, fixing KNOWN_BUGS #11.
- Dan F (7 March 2007)
- - Reintroduced (after a 3 year hiatus) an FTPS test case (400) into the test
- harness. It is very limited as it supports only ftps:// URLs with
- --ftp-ssl-control specified, which implicitly encrypts the control
- channel but not the data channels. That allows stunnel to be used with
- an unmodified ftp server in exactly the same way that the test https
- server is set up.
- Dan F (7 March 2007)
- - Honour --ftp-ssl-control on ftps:// URLs to allow encrypted control and
- unencrypted data connections.
- Dan F (6 March 2007)
- - Fixed a couple of improper pointer uses detected by valgrind in test
- cases 181 & 216.
- Daniel (2 March 2007)
- - Robert A. Monat and Shmulik Regev helped out to fix the new */Makefile.vc8
- makefiles that are included in the source release archives, generated from
- the Makefile.vc6 files by the maketgz script. I also modified the root
- Makefile to have a VC variable that defaults to vc6 but can be overridden to
- allow it to be used for vc8 as well. Like this:
- nmake VC=vc8 vc
- Daniel (27 February 2007)
- - Hang Kin Lau found and fixed: When I use libcurl to connect to an https
- server through a proxy and have the remote https server port set using the
- CURLOPT_PORT option, protocol gets reset to http from https after the first
- request.
-
- User defined URL was modified internally by libcurl and subsequent reuse of
- the easy handle may lead to connection using a different protocol (if not
- originally http).
-
- I found that libcurl hardcoded the protocol to "http" when it tries to
- regenerate the URL if CURLOPT_PORT is set. I tried to fix the problem as
- follows and it's working fine so far
- Daniel (25 February 2007)
- - Adam D. Moss made the HTTP CONNECT procedure less blocking when used from
- the multi interface. Note that it still does a part of the connection in a
- blocking manner.
- Daniel (23 February 2007)
- - Added warning outputs if the command line uses more than one of the options
- -v, --trace and --trace-ascii, since it could really confuse the user.
- Clarified this fact in the man page.
- Daniel (21 February 2007)
- - Ravi Pratap provided work on libcurl making pipelining more robust and
- fixing some bugs:
- o Don't mix GET and POST requests in a pipeline
- o Fix the order in which requests are dispatched from the pipeline
- o Fixed several curl bugs with pipelining when the server is returning
- chunked encoding:
- * Added states to chunked parsing for final CRLF
- * Rewind buffer after parsing chunk with data remaining
- * Moved chunked header initializing to a spot just before receiving
- headers
- Daniel (20 February 2007)
- - Linus Nielsen Feltzing changed the CURLOPT_FTP_SSL_CCC option to handle
- active and passive CCC shutdown and added the --ftp-ssl-ccc-mode command
- line option.
- Daniel (19 February 2007)
- - Ian Turner fixed the libcurl.m4 macro's support for --with-libcurl.
- - Shmulik Regev found a memory leak in re-used HTTPS connections, at least
- when the multi interface was used.
- - Robson Braga Araujo made passive FTP transfers work with SOCKS (both 4 and
- 5).
- Daniel (18 February 2007)
- - Jeff Pohlmeyer identified two problems: first a rather obscure problem with
- the multi interface and connection re-use that could make a
- curl_multi_remove_handle() ruin a pointer in another handle.
- The second problem was less of an actual problem but more of minor quirk:
- the re-using of connections wasn't properly checking if the connection was
- marked for closure.
- Daniel (16 February 2007)
- - Duncan Mac-Vicar Prett and Michal Marek reported problems with resetting
- CURLOPT_RANGE back to no range on an easy handle when using FTP.
- Dan F (14 February 2007)
- - Fixed curl-config --libs so it doesn't list unnecessary libraries (and
- therefore introduce unnecessary dependencies) when it's not needed.
- Also, don't bother adding a library path of /usr/lib
- Daniel (13 February 2007)
- - The default password for anonymous FTP connections is now changed to be
- "ftp@example.com".
- - Robert A. Monat made libcurl build fine with VC2005 - it doesn't have
- gmtime_r() like the older VC versions. He also made use of some machine-
- specific defines to differentiate the "OS" define.
- Daniel (12 February 2007)
- - Rob Crittenden added support for NSS (Network Security Service) for the
- SSL/TLS layer. http://www.mozilla.org/projects/security/pki/nss/
- This is the fourth supported library for TLS/SSL that libcurl supports!
- - Shmulik Regev fixed so that the final CRLF of HTTP response headers are sent
- to the debug callback.
- - Shmulik Regev added CURLOPT_HTTP_CONTENT_DECODING and
- CURLOPT_HTTP_TRANSFER_DECODING that if set to zero will disable libcurl's
- internal decoding of content or transfer encoded content. This may be
- preferable in cases where you use libcurl for proxy purposes or similar. The
- command line tool got a --raw option to disable both at once.
- - release tarballs made with maketgz will from now on have a LIBCURL_TIMESTAMP
- define set to hold the exact date and time of when the tarball was built, as
- a human readable string using the UTC time zone.
-
- - Jeff Pohlmeyer fixed a flaw in curl_multi_add_handle() when adding a handle
- that has an easy handle present in the "closure" list pending closure.
- Daniel (6 February 2007)
- - Regular file downloads wiht SFTP and SCP are now done using the non-blocking
- API of libssh2, if the libssh2 headers seem to support them. This will make
- SCP and SFTP much more responsive and better libcurl citizens when used with
- the multi interface etc.
- Daniel (5 February 2007)
- - Michael Wallner added support for CURLOPT_TIMEOUT_MS and
- CURLOPT_CONNECTTIMEOUT_MS that, as their names suggest, do the timeouts with
- millisecond resolution. The only restriction to that is the alarm()
- (sometimes) used to abort name resolves as that uses full seconds. I fixed
- the FTP response timeout part of the patch.
- Internally we now count and keep the timeouts in milliseconds but it also
- means we multiply set timeouts with 1000. The effect of this is that no
- timeout can be set to more than 2^31 milliseconds (on 32 bit systems), which
- equals 24.86 days. We probably couldn't before either since the code did
- *1000 on the timeout values on several places already.
- Daniel (3 February 2007)
- - Yang Tse fixed the cookie expiry date in several test cases that started to
- fail since they used "1 feb 2007"...
- - Manfred Schwarb reported that socks5 support was broken and help us pinpoint
- the problem. The code now tries harder to use httproxy and proxy where
- apppropriate, as not all proxies are HTTP...
- Version 7.16.1 (29 January 2007)
- Daniel (29 January 2007)
- - Michael Wallner reported that when doing a CONNECT with a custom User-Agent
- header, you got _two_ User-Agent headers in the CONNECT request...! Added
- test case 287 to verify the fix.
- Daniel (28 January 2007)
- - curl_easy_reset() now resets the CA bundle path correctly.
- - David McCreedy fixed the Curl command line tool for HTTP on non-ASCII
- platforms.
- Daniel (25 January 2007)
- - Added the --libcurl [file] option to curl. Append this option to any
- ordinary curl command line, and you will get a libcurl-using source code
- written to the file that does the equivalent operation of what your command
- line operation does!
- Dan F (24 January 2007)
- - Fixed a dangling pointer problem that prevented the http_proxy environment
- variable from being properly used in many cases (and caused test case 63
- to fail).
- Daniel (23 January 2007)
- - David McCreedy did NTLM changes mainly for non-ASCII platforms:
- #1
- There's a compilation error in http_ntlm.c if USE_NTLM2SESSION is NOT
- defined. I noticed this while testing various configurations. Line 867 of
- the current http_ntlm.c is a closing bracket for an if/else pair that only
- gets compiled in if USE_NTLM2SESSION is defined. But this closing bracket
- wasn't in an #ifdef so the code fails to compile unless USE_NTLM2SESSION was
- defined. Lines 198 and 140 of my patch wraps that closing bracket in an
- #ifdef USE_NTLM2SESSION.
- #2
- I noticed several picky compiler warnings when DEBUG_ME is defined. I've
- fixed them with casting. By the way, DEBUG_ME was a huge help in
- understanding this code.
- #3
- Hopefully the last non-ASCII conversion patch for libcurl in a while. I
- changed the "NTLMSSP" literal to hex since this signature must always be in
- ASCII.
- Conversion code was strategically added where necessary. And the
- Curl_base64_encode calls were changed so the binary "blobs" http_ntlm.c
- creates are NOT translated on non-ASCII platforms.
- Dan F (22 January 2007)
- - Converted (most of) the test data files into genuine XML. A handful still
- are not, due mainly to the lack of support for XML character entities
- (e.g. & => & ). This will make it easier to validate test files using
- tools like xmllint, as well as to edit and view them using XML tools.
- Daniel (16 January 2007)
- - Armel Asselin improved libcurl to behave a lot better when an easy handle
- doing an FTP transfer is removed from a multi handle before completion. The
- fix also fixed the "alive counter" to be correct on "premature removal" for
- all protocols.
- Dan F (16 January 2007)
- - Fixed a small memory leak in tftp uploads discovered by curl's memory leak
- detector. Also changed tftp downloads to URL-unescape the downloaded
- file name.
- Daniel (14 January 2007)
- - David McCreedy provided libcurl changes for doing HTTP communication on
- non-ASCII platforms. It does add some complexity, most notably with more
- #ifdefs, but I want to see this supported added and I can't see how we can
- add it without the extra stuff added.
- - Setting CURLOPT_COOKIELIST to "ALL" when no cookies at all was present,
- libcurl would crash when trying to read a NULL pointer.
- Daniel (12 January 2007)
- - Toby Peterson found a nasty bug that prevented (lib)curl from properly
- downloading (most) things that were larger than 4GB on 32 bit systems. Matt
- Witherspoon helped as narrow down the problem.
- Daniel (5 January 2007)
- - Linus Nielsen Feltzing introduced the --ftp-ssl-ccc command line option to
- curl that uses the new CURLOPT_FTP_SSL_CCC option in libcurl. If enabled, it
- will make libcurl shutdown SSL/TLS after the authentication is done on a
- FTP-SSL operation.
- Daniel (4 January 2007)
- - David McCreedy made changes to allow base64 encoding/decoding to work on
- non-ASCII platforms.
- Daniel (3 January 2007)
- - Matt Witherspoon fixed the flaw which made libcurl 7.16.0 always store
- downloaded data in two buffers, just to be able to deal with a special HTTP
- pipelining case. That is now only activated for pipelined transfers. In
- Matt's case, it showed as a considerable performance difference,
- Daniel (2 January 2007)
- - Victor Snezhko helped us fix bug report #1603712
- (http://curl.haxx.se/bug/view.cgi?id=1603712) (known bug #36) --limit-rate
- (CURLOPT_MAX_SEND_SPEED_LARGE and CURLOPT_MAX_RECV_SPEED_LARGE) are broken
- on Windows (since 7.16.0, but that's when they were introduced as previous
- to that the limiting logic was made in the application only and not in the
- library). It was actually also broken on select()-based systems (as apposed
- to poll()) but we haven't had any such reports. We now use select(), Sleep()
- or delay() properly to sleep a while without waiting for anything input or
- output when the rate limiting is activated with the easy interface.
- - Modified libcurl.pc.in to use Libs.private for the libs libcurl itself needs
- to get built static. It has been mentioned before and was again brought to
- our attention by Nathanael Nerode who filed debian bug report #405226
- (http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=405226).
- Daniel (29 December 2006)
- - Make curl_easy_duphandle() set the magic number in the new handle.
- Daniel (22 December 2006)
- - Robert Foreman provided a prime example snippet showing how libcurl would
- get confused and not acknowledge the 'no_proxy' variable properly once it
- had used the proxy and you re-used the same easy handle. I made sure the
- proxy name is properly stored in the connect struct rather than the
- sessionhandle/easy struct.
- - David McCreedy fixed a bad call to getsockname() that wrongly used a size_t
- variable to point to when it should be a socklen_t.
- - When setting a proxy with environment variables and (for example) running
- 'curl [URL]' with a URL without a protocol prefix, curl would not send a
- correct request as it failed to add the protocol prefix.
- Daniel (21 December 2006)
- - Robson Braga Araujo reported bug #1618359
- (http://curl.haxx.se/bug/view.cgi?id=1618359) and subsequently provided a
- patch for it: when downloading 2 zero byte files in a row, curl 7.16.0
- enters an infinite loop, while curl 7.16.1-20061218 does one additional
- unnecessary request.
- Fix: During the "Major overhaul introducing http pipelining support and
- shared connection cache within the multi handle." change, headerbytecount
- was moved to live in the Curl_transfer_keeper structure. But that structure
- is reset in the Transfer method, losing the information that we had about
- the header size. This patch moves it back to the connectdata struct.
- Daniel (16 December 2006)
- - Brendan Jurd provided a fix that now prevents libcurl from getting a SIGPIPE
- during certain conditions when GnuTLS is used.
- Daniel (11 December 2006)
- - Alexey Simak found out that when doing FTP with the multi interface and
- something went wrong like it got a bad response code back from the server,
- libcurl would leak memory. Added test case 538 to verify the fix.
- I also noted that the connection would get cached in that case, which
- doesn't make sense since it cannot be re-use when the authentication has
- failed. I fixed that issue too at the same time, and also that the path
- would be "remembered" in vain for cases where the connection was about to
- get closed.
- Daniel (6 December 2006)
- - Sebastien Willemijns reported bug #1603712
- (http://curl.haxx.se/bug/view.cgi?id=1603712) which is about connections
- getting cut off prematurely when --limit-rate is used. While I found no such
- problems in my tests nor in my reading of the code, I found that the
- --limit-rate code was severly flawed (since it was moved into the lib, since
- 7.15.5) when used with the easy interface and it didn't work as documented
- so I reworked it somewhat and now it works for my tests.
- Daniel (5 December 2006)
- - Stefan Krause pointed out a compiler warning with a picky MSCV compiler when
- passing a curl_off_t argument to the Curl_read_rewind() function which takes
- an size_t argument. Curl_read_rewind() also had debug code left in it and it
- was put in a different source file with no good reason when only used from
- one single spot.
- - Sh Diao reported that CURLOPT_CLOSEPOLICY doesn't work, and indeed, there is
- no code present in the library that receives the option. Since it was not
- possible to use, we know that no current users exist and thus we simply
- removed it from the docs and made the code always use the default path of
- the code.
- - Jared Lundell filed bug report #1604956
- (http://curl.haxx.se/bug/view.cgi?id=1604956) which identified setting
- CURLOPT_MAXCONNECTS to zero caused libcurl to SIGSEGV. Starting now, libcurl
- will always internally use no less than 1 entry in the connection cache.
- - Sh Diao reported that CURLOPT_FORBID_REUSE no works, and indeed it broke in
- the 7.16.0 release.
- - Martin Skinner brought back bug report #1230118 to haunt us once again.
- (http://curl.haxx.se/bug/view.cgi?id=1230118) curl_getdate() did not work
- properly for all input dates on Windows. It was mostly seen on some TZ time
- zones using DST. Luckily, Martin also provided a fix.
- - Alexey Simak filed bug report #1600447
- (http://curl.haxx.se/bug/view.cgi?id=1600447) in which he noted that active
- FTP connections don't work with the multi interface. The problem is here
- that the multi interface state machine has a state during which it can wait
- for the data connection to connect, but the active connection is not done in
- the same step in the sequence as the passive one is so it doesn't quite work
- for active. The active FTP code still use a blocking function to allow the
- remote server to connect.
- The fix (work-around is a better word) for this problem is to set the
- boolean prematurely that the data connection is completed, so that the "wait
- for connect" phase ends at once.
- The proper fix, left for the future, is of course to make the active FTP
- case to act in a non-blocking way too.
- - Matt Witherspoon fixed a problem case when the CPU load went to 100% when a
- HTTP upload was disconnected:
- "What appears to be happening is that my system (Linux 2.6.17 and 2.6.13) is
- setting *only* POLLHUP on poll() when the conditions in my previous mail
- occur. As you can see, select.c:Curl_select() does not check for POLLHUP. So
- basically what was happening, is poll() was returning immediately (with
- POLLHUP set), but when Curl_select() looked at the bits, neither POLLERR or
- POLLOUT was set. This still caused Curl_readwrite() to be called, which
- quickly returned. Then the transfer() loop kept continuing at full speed
- forever."
- Daniel (1 December 2006)
- - Toon Verwaest reported that there are servers that send the Content-Range:
- header in a third, not suppported by libcurl, format and we agreed that we
- could make the parser more forgiving to accept all the three found
- variations.
- Daniel (25 November 2006)
- - Venkat Akella found out that libcurl did not like HTTP responses that simply
- responded with a single status line and no headers nor body. Starting now, a
- HTTP response on a persistent connection (i.e not set to be closed after the
- response has been taken care of) must have Content-Length or chunked
- encoding set, or libcurl will simply assume that there is no body.
- To my horror I learned that we had no less than 57(!) test cases that did bad
- HTTP responses like this, and even the test http server (sws) responded badly
- when queried by the test system if it is the test system. So although the
- actual fix for the problem was tiny, going through all the newly failing test
- cases got really painful and boring.
- Daniel (24 November 2006)
- - James Housley did lots of work and introduced SFTP downloads.
- Daniel (13 November 2006)
- - Ron in bug #1595348 (http://curl.haxx.se/bug/view.cgi?id=1595348) pointed
- out a stack overwrite (and the corresponding fix) on 64bit Windows when
- dealing with HTTP chunked encoding.
- Daniel (9 November 2006)
- - Nir Soffer updated libcurl.framework.make:
- o fix symlinks, should link to Versions, not to ./Versions
- o indentation improvments
- - Dmitriy Sergeyev found a SIGSEGV with his test04.c example posted on 7 Nov
- 2006. It turned out we wrongly assumed that the connection cache was present
- when tearing down a connection.
- - Ciprian Badescu found a SIGSEGV when doing multiple TFTP transfers using the
- multi interface, but I could also repeat it doing multiple sequential ones
- with the easy interface. Using Ciprian's test case, I could fix it.
- Daniel (8 November 2006)
- - Bradford Bruce reported that when setting CURLOPT_DEBUGFUNCTION without
- CURLOPT_VERBOSE set to non-zero, you still got a few debug messages from the
- SSL handshake. This is now stopped.
- Daniel (7 November 2006)
- - Olaf fixed a leftover problem with the CONNECT fix of his that would leave a
- wrong error message in the error message buffer.
- Daniel (3 November 2006)
- - Olaf Stueben provided a patch that I edited slightly. It fixes the notorious
- KNOWN_BUGS #25, which happens when a proxy closes the connection when
- libcurl has sent CONNECT, as part of an authentication negotiation. Starting
- now, libcurl will re-connect accordingly and continue the authentication as
- it should.
- Daniel (2 November 2006)
- - James Housley brought support for SCP transfers, based on the libssh2 library
- for the actual network protocol stuff.
- Added these new curl_easy_setopt() options:
- CURLOPT_SSH_AUTH_TYPES
- CURLOPT_SSH_PUBLIC_KEYFILE
- CURLOPT_SSH_PRIVATE_KEYFILE
- Version 7.16.0 (30 October 2006)
- Daniel (25 October 2006)
- - Fixed CURLOPT_FAILONERROR to return CURLE_HTTP_RETURNED_ERROR even for the
- case when 401 or 407 are returned, *IF* no auth credentials have been given.
- The CURLOPT_FAILONERROR option is not possible to make fool-proof for 401
- and 407 cases when auth credentials is given, but we've now covered this
- somewhat more.
- You might get some amounts of headers transferred before this situation is
- detected, like for when a "100-continue" is received as a response to a
- POST/PUT and a 401 or 407 is received immediately afterwards.
- Added test 281 to verify this change.
- Daniel (23 October 2006)
- - Ravi Pratap provided a major update with pipelining fixes. We also no longer
- re-use connections (for pipelining) before the name resolving is done.
- Daniel (21 October 2006)
- - Nir Soffer made the tests/libtest/Makefile.am use a proper variable for all
- the single test applications' link and dependences, so that you easier can
- override those from the command line when using make.
- - Armel Asselin separated CA cert verification problems from problems with
- reading the (local) CA cert file to let users easier pinpoint the actual
- problem. CURLE_SSL_CACERT_BADFILE (77) is the new libcurl error code.
- Daniel (18 October 2006)
- - Removed the "protocol-guessing" for URLs with host names starting with FTPS
- or TELNET since they are practically non-existant. This leaves us with only
- three different prefixes that would assume the protocol is anything but
- HTTP, and they are host names starting with "ftp.", "dict." or "ldap.".
- Daniel (17 October 2006)
- - Bug report #1579171 pointed out code flaws detected with "prefast", and they
- were 1 - a too small memory clear with memset() in the threaded resolver and
- 2 - a range of potentially bad uses of the ctype family of is*() functions
- such as isdigit(), isalnum(), isprint() and more. The latter made me switch
- to using our own set of these functions/macros using uppercase letters, and
- with some extra set of crazy typecasts to avoid mistakingly passing in
- negative numbers to the underlying is*() functions.
- - With Jeff Pohlmeyer's help, I fixed the expire timer when using
- curl_multi_socket() during name resolves with c-ares and the LOW_SPEED
- options now work fine with curl_multi_socket() as well.
- Daniel (16 October 2006)
- - Added a check in configure that simply tries to run a program (not when
- cross-compiling) in order to detect problems with run-time libraries that
- otherwise would occur when the sizeof tests for curl_off_t would run and
- thus be much more confusing to users. The check of course should run after
- all lib-checks are done and before any other test is used that would run an
- executable built for testing-purposes.
- Dan F (13 October 2006)
- - The tagging of application/x-www-form-urlencoded POST body data sent
- to the CURLOPT_DEBUGFUNCTION callback has been fixed (it was erroneously
- included as part of the header). A message was also added to the
- command line tool to show when data is being sent, enabled when
- --verbose is used.
- Daniel (12 October 2006)
- - Starting now, adding an easy handle to a multi stack that was already added
- to a multi stack will cause CURLM_BAD_EASY_HANDLE to get returned.
- - Jeff Pohlmeyer has been working with the hiperfifo.c example source code,
- and while doing so it became apparent that the current timeout system for
- the socket API really was a bit awkward since it become quite some work to
- be sure we have the correct timeout set.
- Jeff then provided the new CURLMOPT_TIMERFUNCTION that is yet another
- callback the app can set to get to know when the general timeout time
- changes and thus for an application like hiperfifo.c it makes everything a
- lot easier and nicer. There's a CURLMOPT_TIMERDATA option too of course in
- good old libcurl tradition.
- Jeff has also updated the hiperfifo.c example code to use this news.
- Daniel (9 October 2006)
- - Bogdan Nicula's second test case (posted Sun, 08 Oct 2006) converted to test
- case 535 and it now runs fine. Again a problem with the pipelining code not
- taking all possible (error) conditions into account.
- Daniel (6 October 2006)
- - Bogdan Nicula's hanging test case (posted Wed, 04 Oct 2006) was converted to
- test case 533 and the test now runs fine.
- Daniel (4 October 2006)
- - Dmitriy Sergeyev provided an example source code that crashed CVS libcurl
- but that worked nicely in 7.15.5. I converted it into test case 532 and
- fixed the problem.
- Daniel (29 September 2006)
- - Removed a few other no-longer present options from the header file.
- - Support for FTP third party transfers was removed. Here's why:
- o The recent multi interface changes broke it and the design of the 3rd party
- transfers made it very hard to fix the problems
- o It was still blocking and thus nasty for the multi interface
- o It was a lot of extra code for a very rarely used feature
- o It didn't use the same code as for "plain" FTP transfers, so it didn't work
- fine for IPv6 and it didn't properly re-use connections and more
- o There's nobody around who's willing to work on and improve the existing
- code
- This does not mean that third party transfers are banned forever, only that
- they need to be done better if they are to be re-added in the future.
- The CURLOPT_SOURCE_* options are removed from the lib and so are the --3p*
- options from the command line tool. For this reason, I also bumped the
- version info for the lib.
- Daniel (28 September 2006)
- - Reported in #1561470 (http://curl.haxx.se/bug/view.cgi?id=1561470), libcurl
- would crash if a bad function sequence was used when shutting down after
- using the multi interface (i.e using easy_cleanup after multi_cleanup) so
- precautions have been added to make sure it doesn't any more - test case 529
- was added to verify.
- Daniel (27 September 2006)
- - The URL in the cookie jar file is now changed since it was giving a 404.
- Reported by Timothy Stone. The new URL will take the visitor to a curl web
- site mirror with the document.
- Daniel (24 September 2006)
- - Bernard Leak fixed configure --with-gssapi-libs.
- - Cory Nelson made libcurl use the WSAPoll() function if built for Windows
- Vista (_WIN32_WINNT >= 0x0600)
- Daniel (23 September 2006)
- - Mike Protts added --ftp-ssl-control to make curl use FTP-SSL, but only
- encrypt the control connection and use the data connection "plain".
- - Dmitriy Sergeyev provided a patch that made the SOCKS[45] code work better
- as it now will read the full data sent from servers. The SOCKS-related code
- was also moved to the new lib/socks.c source file.
- Daniel (21 September 2006)
- - Added test case 531 in an attempt to repeat bug report #1561470
- (http://curl.haxx.se/bug/view.cgi?id=1561470) that is said to crash when an
- FTP upload fails with the multi interface. It did not, but I made a failed
- upload still assume the control connection to be fine.
- Daniel (20 September 2006)
- - Armel Asselin fixed problems when you gave a proxy URL with user name and
- empty password or no password at all. Test case 278 and 279 were added to
- verify.
- Daniel (12 September 2006)
- - Added docs/examples/10-at-a-time.c by Michael Wallner
- - Added docs/examples/hiperfifo.c by Jeff Pohlmeyer
- Daniel (11 September 2006)
- - Fixed my breakage from earlier today so that doing curl_easy_cleanup() on a
- handle that is part of a multi handle first removes the handle from the
- stack.
- - Added CURLOPT_SSL_SESSIONID_CACHE and --no-sessionid to disable SSL
- session-ID re-use on demand since there obviously are broken servers out
- there that misbehave with session-IDs used.
- - Jeff Pohlmeyer presented a *multi_socket()-using program that exposed a
- problem with it (SIGSEGV-style). It clearly showed that the existing
- socket-state and state-difference function wasn't good enough so I rewrote
- it and could then re-run Jeff's program without any crash. The previous
- version clearly could miss to tell the application when a handle changed
- from using one socket to using another.
- While I was at it (as I could use this as a means to track this problem
- down), I've now added a 'magic' number to the easy handle struct that is
- inited at curl_easy_init() time and cleared at curl_easy_cleanup() time that
- we can use internally to detect that an easy handle seems to be fine, or at
- least not closed or freed (freeing in debug builds fill the area with 0x13
- bytes but in normal builds we can of course not assume any particular data
- in the freed areas).
- Daniel (9 September 2006)
- - Michele Bini fixed how the hostname is put in NTLM packages. As servers
- don't expect fully qualified names we need to cut them off at the first dot.
- - Peter Sylvester cleaned up and fixed the getsockname() uses in ftp.c. Some
- of them can be completetly removed though...
- Daniel (6 September 2006)
- - Ravi Pratap and I have implemented HTTP Pipelining support. Enable it for a
- multi handle using CURLMOPT_PIPELINING and all HTTP connections done on that
- handle will be attempted to get pipelined instead of done in parallell as
- they are performed otherwise.
- As a side-effect from this work, connections are now shared between all easy
- handles within a multi handle, so if you use N easy handles for transfers,
- each of them can pick up and re-use a connection that was previously used by
- any of the handles, be it the same or one of the others.
- This separation of the tight relationship between connections and easy
- handles is most noticable when you close easy handles that have been used in
- a multi handle and check amount of used memory or watch the debug output, as
- there are times when libcurl will keep the easy handle around for a while
- longer to be able to close it properly. Like for sending QUIT to close down
- an FTP connection.
- This is a major change.
-
- Daniel (4 September 2006)
- - Dmitry Rechkin (http://curl.haxx.se/bug/view.cgi?id=1551412) provided a
- patch that while not fixing things very nicely, it does make the SOCKS5
- proxy connection slightly better as it now acknowledges the timeout for
- connection and it no longer segfaults in the case when SOCKS requires
- authentication and you did not specify username:password.
- Daniel (31 August 2006)
- - Dmitriy Sergeyev found and fixed a multi interface flaw when using asynch
- name resolves. It could get stuck in the wrong state.
- Gisle (29 August 2006)
- - Added support for other MS-DOS compilers (desides djgpp). All MS-DOS
- compiler now uses the same config.dos file (renamed to config.h by
- make). libcurl now builds fine using Watcom and Metaware's High-C
- using the Watt-32 tcp/ip-stack.
- Daniel (29 August 2006)
- - David McCreedy added CURLOPT_SOCKOPTFUNCTION and CURLOPT_SOCKOPTDATA to
- allow applications to set their own socket options.
- Daniel (25 August 2006)
- - Armel Asselin reported that the 'running_handles' counter wasn't updated
- properly if you removed a "live" handle from a multi handle with
- curl_multi_remove_handle().
- Daniel (22 August 2006)
- - David McCreedy fixed a remaining mistake from the August 19 TYPE change.
- - Peter Sylvester pointed out a flaw in the AllowServerConnect() in the FTP
- code when doing pure ipv6 EPRT connections.
- Daniel (19 August 2006)
- - Based on a patch by Armel Asselin, the FTP code no longer re-issues the TYPE
- command on subsequent requests on a re-used connection unless it has to.
- - Armel Asselin fixed a crash in the FTP code when using SINGLECWD mode and
- files in the root directory.
- - Andrew Biggs pointed out a "Expect: 100-continue" flaw where libcurl didn't
- send the whole request at once, even though the Expect: header was disabled
- by the application. An effect of this change is also that small (< 1024
- bytes) POSTs are now always sent without Expect: header since we deem it
- more costly to bother about that than the risk that we send the data in
- vain.
- Daniel (9 August 2006)
- - Armel Asselin made the CURLOPT_PREQUOTE option work fine even when
- CURLOPT_NOBODY is set true. PREQUOTE is then run roughly at the same place
- in the command sequence as it would have run if there would've been a
- transfer.
- Daniel (8 August 2006)
- - Fixed a flaw in the "Expect: 100-continue" treatment. If you did two POSTs
- on a persistent connection and allowed the first to use that header, you
- could not disable it for the second request.
- Daniel (7 August 2006)
- - Domenico Andreolfound a quick build error which happened because
- src/config.h.in was not a proper duplcate of lib/config.h.in which it
- should've been and this was due to the maketgz script not doing the cp
- properly.
- Version 7.15.5 (7 August 2006)
- Daniel (2 August 2006)
- - Mark Lentczner fixed how libcurl was not properly doing chunked encoding
- if the header "Transfer-Encoding: chunked" was set by the application.
- http://curl.haxx.se/bug/view.cgi?id=1531838
- Daniel (1 August 2006)
- - Maciej Karpiuk fixed a crash that would occur if we passed Curl_strerror()
- an unknown error number on glibc systems.
- http://curl.haxx.se/bug/view.cgi?id=1532289
- Daniel (31 July 2006)
- - *ALERT* curl_multi_socket() and curl_multi_socket_all() got modified
- prototypes: they both now provide the number of running handles back to the
- calling function. It makes the functions resemble the good old
- curl_multi_perform() more and provides a nice way to know when the multi
- handle goes empty.
- ALERT2: don't use the curl_multi_socket*() functionality in anything
- production-like until I say it's somewhat settled, as I suspect there might
- be some further API changes before I'm done...
- Daniel (28 July 2006)
- - Yves Lejeune fixed so that replacing Content-Type: when doing multipart
- formposts work exactly the way you want it (and the way you'd assume it
- works).
- Daniel (27 July 2006)
- - David McCreedy added --ftp-ssl-reqd which makes curl *require* SSL for both
- control and data connection, as the existing --ftp-ssl option only requests
- it.
- - [Hiper-related work] Added a function called curl_multi_assign() that will
- set a private pointer added to the internal libcurl hash table for the
- particular socket passed in to this function:
- CURLMcode curl_multi_assign(CURLM *multi_handle,
- curl_socket_t sockfd,
- void *sockp);
- 'sockp' being a custom pointer set by the application to be associated with
- this socket. The socket has to be already existing and in-use by libcurl,
- like having already called the callback telling about its existance.
- The set hashp pointer will then be passed on to the callback in upcoming
- calls when this same socket is used (in the brand new 'socketp' argument).
- Daniel (26 July 2006)
- - Dan Nelson added the CURLOPT_FTP_ALTERNATIVE_TO_USER libcurl option and curl
- tool option named --ftp-alternative-to-user. It provides a mean to send a
- particular command if the normal USER/PASS approach fails.
- - Michael Jerris added magic that builds lib/curllib.vcproj automatically for
- newer MSVC.
- Daniel (25 July 2006)
- - Georg Horn made the transfer timeout error message include more details.
- Daniel (20 July 2006)
- - David McCreedy fixed a build error when building libcurl with HTTP disabled,
- problem added with the curl_formget() patch.
- Daniel (17 July 2006)
- - Jari Sundell did some excellent research and bug tracking, figured out that
- we did wrong and patched it: When nodes were removed from the splay tree,
- and we didn't properly remove it from the splay tree when an easy handle was
- removed from a multi stack and thus we could wrongly leave a node in the
- splay tree pointing to (bad) memory.
- Daniel (14 July 2006)
- - David McCreedy fixed a flaw where the CRLF counter wasn't properly cleared
- for FTP ASCII transfers.
- Daniel (8 July 2006)
- - Ates Goral pointed out that libcurl's cookie parser did case insensitive
- string comparisons on the path which is incorrect and provided a patch that
- fixes this. I edited test case 8 to include details that test for this.
- - Ingmar Runge provided a source snippet that caused a crash. The reason for
- the crash was that libcurl internally was a bit confused about who owned the
- DNS cache at all times so if you created an easy handle that uses a shared
- DNS cache and added that to a multi handle it would crash. Now we keep more
- careful internal track of exactly what kind of DNS cache each easy handle
- uses: None, Private (allocated for and used only by this single handle),
- Shared (points to a cache held by a shared object), Global (points to the
- global cache) or Multi (points to the cache within the multi handle that is
- automatically shared between all easy handles that are added with private
- caches).
- Daniel (4 July 2006)
- - Toshiyuki Maezawa fixed a problem where you couldn't override the
- Proxy-Connection: header when using a proxy and not doing CONNECT.
- Daniel (24 June 2006)
- - Michael Wallner added curl_formget(), which allows an application to extract
- (serialise) a previously built formpost (as with curl_formadd()).
- Daniel (23 June 2006)
- - Arve Knudsen found a flaw in curl_multi_fdset() for systems where
- curl_socket_t is unsigned (like Windows) that could cause it to wrongly
- return a max fd of -1.
- Daniel (20 June 2006)
- - Peter Silva introduced CURLOPT_MAX_SEND_SPEED_LARGE and
- CURLOPT_MAX_RECV_SPEED_LARGE that limit tha maximum rate libcurl is allowed
- to send or receive data. This kind of adds the the command line tool's
- option --limit-rate to the library.
- The rate limiting logic in the curl app is now removed and is instead
- provided by libcurl itself. Transfer rate limiting will now also work for -d
- and -F, which it didn't before.
- Daniel (19 June 2006)
- - Made -K on a file that couldn't be read cause a warning to be displayed.
- Daniel (13 June 2006)
- - Dan Fandrich implemented --enable-hidden-symbols configure option to enable
- -fvisibility=hidden on gcc >= 4.0. This reduces the size of the libcurl
- binary and speeds up dynamic linking by hiding all the internal symbols from
- the symbol table.
- Version 7.15.4 (12 June 2006)
- Daniel (8 June 2006)
- - Brian Dessent fixed the code for cygwin in three distinct ways:
- The first modifies {lib,src}/setup.h to not include the winsock headers
- under Cygwin. This fixes the reported build problem. Cygwin attempts as
- much as possible to emulate a posix environment under Windows. This means
- that WIN32 is *not* #defined and (to the extent possible) everything is done
- as it would be on a *ix type system. Thus <sys/socket.h> is the proper
- include, and even though winsock2.h is present, including it just introduces
- a whole bunch of incompatible socket API stuff.
- The second is a patch I've included in the Cygwin binary packages for a
- while. It skips two unnecessary library checks (-lwinmm and -lgdi32). The
- checks are innocuous and they do succeed, but they pollute LIBS with
- unnecessary stuff which gets recorded as such in the libcurl.la file, which
- brings them into the build of any libcurl-downstream. As far as I know
- these libs are really only necessary for mingw, so alternatively they could
- be designed to only run if $host matches *-*-mingw* but I took the safer
- route of skipping them for *-*-cygwin*.
- The third patch replaces all uses of the ancient and obsolete __CYGWIN32__
- with __CYGWIN__. Ref: <http://cygwin.com/ml/cygwin/2003-09/msg01520.html>.
- Daniel (7 June 2006)
- - Mikael Sennerholm provided a patch that added NTLM2 session response support
- to libcurl. The 21 NTLM test cases were again modified to comply...
- Daniel (27 May 2006)
- - Óscar Morales Vivó updated the libcurl.framework.make file.
- Daniel (26 May 2006)
- - Olaf Stüben fixed a bug that caused Digest authentication with md5-sess to
- fail. When using the md5-sess, the result was not Md5 encoded and Base64
- transformed.
- Daniel (25 May 2006)
- - Michael Wallner provided a patch that allows "SESS" to be set with
- CURLOPT_COOKIELIST, which then makes all session cookies get cleared.
- Daniel (24 May 2006)
- - Tor Arntsen made test 271 run fine again since the TFTP path fix.
- Daniel (23 May 2006)
- - Martin Michlmayr filed debian bug report #367954, but the same error also
- showed up in the autobuilds. It seems a rather long-since introduced shell
- script flaw in the configure script suddenly was detected by the bash
- version in Debian Unstable. It had previously passed undetected by all
- shells used so far...
- - David McCreedy updated lib/config-tpf.h
- Daniel (11 May 2006)
- - Fixed the configure's check for old-style SSLeay headers since I fell over a
- case with a duplicate file name (a krb4 implementation with an err.h
- file). I converted the check to manually make sure three of the headers are
- present before considering them fine.
- - David McCreedy provided a fix for CURLINFO_LASTSOCKET that does extended
- checks on the to-be-returned socket to make sure it truly seems to be alive
- and well. For SSL connection it (only) uses OpenSSL functions.
- Daniel (10 May 2006)
- - Fixed DICT in two aspects:
- 1 - allow properly URL-escaped words, like using %20 for spaces
- 2 - properly escape certain letters within a word to comply to the RFC2229
- Daniel (9 May 2006)
- - Andreas Ntaflos reported a bug in libcurl.m4: When configuring my GNU
- autotools project, which optionally (default=yes) uses libcurl on a system
- without a (usable) libcurl installation, but not specifying
- `--without-libcurl', configure determines correctly that no libcurl is
- available, however, the LIBCURL variable gets expanded to `LIBCURL = -lcurl'
- in the resulting Makefiles.
- David Shaw fixed the flaw.
- - Robson Braga Araujo fixed two problems in the recently added non-blocking SSL
- connects. The state machine was not reset properly so that subsequent
- connects using the same handle would fail, and there were two memory leaks.
- - Robson Braga Araujo fixed a memory leak when you added an easy handle to a
- multi stack and that easy handle had already been used to do one or more
- easy interface transfers, as then the code threw away the previously used
- DNS cache without properly freeing it.
- Daniel (8 May 2006)
- - Dan Fandrich went over the TFTP code and he pointed out and fixed numerous
- problems:
- * The received file is corrupted when a packet is lost and retransmitted
- (this is a serious problem!)
- * Transmitting a file aborts if a block is lost and retransmitted
- * Data is stored in the wrong location in the buffer for uploads, so uploads
- always fail (I don't see how it could have ever worked, but it did on x86
- at least)
- * A number of calls are made to strerror instead of Curl_strerror, making
- the code not thread safe
- * There are references to errno instead of Curl_sockerrno(), causing
- incorrect error messages on Windows
- * The file name includes a leading / which violates RFC3617. Doing something
- similar to ftp, where two slashes after the host name means an absolute
- reference seems a reasonable extension to fix this.
- * Failures in EBCDIC conversion are not propagated up to the caller but are
- silently ignored
- - Fixed known bug #28. The TFTP code no longer assumes a packed struct and
- thus works reliably on more platforms.
- Daniel (5 May 2006)
- - Roland Blom filed bug report #1481217
- (http://curl.haxx.se/bug/view.cgi?id=1481217), with follow-ups by Michele
- Bini and David Byron. libcurl previously wrongly used GetLastError() on
- windows to get error details after socket-related function calls, when it
- really should use WSAGetLastError() instead.
- When changing to this, the former function Curl_ourerrno() is now instead
- called Curl_sockerrno() as it is necessary to only use it to get errno from
- socket-related functions as otherwise it won't work as intended on Windows.
- Daniel (4 May 2006)
- - Mark Eichin submitted bug report #1480821
- (http://curl.haxx.se/bug/view.cgi?id=1480821) He found and identified a
- problem with how libcurl dealt with GnuTLS and a case where gnutls returned
- GNUTLS_E_AGAIN indicating it would block. It would then return an unexpected
- return code, making Curl_ssl_send() confuse the upper layer - causing random
- 28 bytes trash data to get inserted in the transfered stream.
- The proper fix was to make the Curl_gtls_send() function return the proper
- return codes that the callers would expect. The Curl_ossl_send() function
- already did this.
- Daniel (2 May 2006)
- - Added a --checkfor option to curl-config to allow users to easier
- write for example shell scripts that test for the presence of a
- new-enough libcurl version. If --checkfor is given a version string
- newer than what is currently installed, curl-config will return a
- non-zero exit code and output a string about the unfulfilled
- requirement.
- Daniel (26 April 2006)
- - David McCreedy brought initial line end conversions when doing FTP ASCII
- transfers. They are done on non-windows systems and translate CRLF to LF.
- I modified the 15 LIST-using test cases accordingly. The downside is that now
- we'll have even more trouble to get the tests to run on Windows since they
- should get CRLF newlines left intact which the *nix versions don't. I figure
- the only sane thing to do is to add some kind of [newline] macro for the test
- case files and have them expanded to the proper native line ending when the
- test cases are run. This is however left to implement.
- Daniel (25 April 2006)
- - Paul Querna fixed libcurl to better deal with deflate content encoding
- when the stream (wrongly) lacks a proper zlib header. This seems to be the
- case on too many actual server implementations.
- Daniel (21 April 2006)
- - Ale Vesely fixed CURLOPT_INTERFACE when using a hostname.
- Daniel (19 April 2006)
- - Based on previous info from Tor Arntsen, I made configure detect the Intel
- ICC compiler to add a compiler option for it, in order for configure to
- properly be able to detect function prototypes.
- - Robson Braga Araujo provided a patch that makes libcurl less eager to close
- the control connection when using FTP, for example when you remove an easy
- handle from a multi stack.
- - Applied a patch by Ates Goral and Katie Wang that corrected my bad fix
- attempt from April 10.
- Daniel (11 April 2006)
- - #1468330 (http://curl.haxx.se/bug/view.cgi?id=1468330) pointed out a bad
- typecast in the curl tool leading to a crash with (64bit?) VS2005 (at least)
- since the struct timeval field tv_sec is an int while time_t is 64bit.
- Daniel (10 April 2006)
- - Ates Goral found out that if you specified both CURLOPT_CONNECTTIMEOUT and
- CURLOPT_TIMEOUT, the _longer_ time would wrongly be used for the SSL
- connection time-out!
- - I merged my hiper patch (http://curl.haxx.se/libcurl/hiper/) into the main
- sources. See the lib/README.multi_socket for implementation story with
- details. Don't expect it to work fully yet. I don't intend to blow any
- whistles or ring any bells about it until I'm more convinced it works at
- least somewhat reliably.
- Daniel (7 April 2006)
- - David McCreedy's EBCDIC and TPF changes. Three new curl_easy_setopt()
- options (callbacks) were added:
- CONV_FROM_NETWORK_FUNCTION
- CONV_TO_NETWORK_FUNCTION
- CONV_FROM_UTF8_FUNCTION
- Daniel (5 April 2006)
- - Michele Bini modified the NTLM code to work for his "weird IIS case"
- (http://curl.haxx.se/mail/lib-2006-02/0154.html) by adding the NTLM hash
- function in addition to the LM one and making some other adjustments in the
- order the different parts of the data block are sent in the Type-2 reply.
- Inspiration for this work was taken from the Firefox NTLM implementation.
- I edited the existing 21(!) NTLM test cases to run fine with these news. Due
- to the fact that we now properly include the host name in the Type-2 message
- the test cases now only compare parts of that chunk.
- Daniel (28 March 2006)
- - #1451929 (http://curl.haxx.se/bug/view.cgi?id=1451929) detailed a bug that
- occurred when asking libcurl to follow HTTP redirects and the original URL
- had more than one question mark (?). Added test case 276 to verify.
- Daniel (27 March 2006)
- - David Byron found a problem multiple -d options when libcurl was built with
- --enable-debug, as then curl used free() on memory allocated both with
- normal malloc() and with libcurl-provided functions, when the latter MUST be
- freed with curl_free() in debug builds.
- Daniel (26 March 2006)
- - Tor Arntsen figured out that TFTP was broken on a lot of systems since we
- called bind() with a too big argument in the 3rd parameter and at least
- Tru64, AIX and IRIX seem to be very picky about it.
- Daniel (21 March 2006)
- - David McCreedy added CURLINFO_FTP_ENTRY_PATH.
- - Xavier Bouchoux made the SSL connection non-blocking for the multi interface
- (when using OpenSSL).
- - Tor Arntsen fixed the AIX Toolbox RPM spec
- Daniel (20 March 2006)
- - David McCreedy fixed libcurl to no longer ignore AUTH failures and now it
- reacts properly according to the CURLOPT_FTP_SSL setting.
- - Dan Fandrich fixed two TFTP problems: Fixed a bug whereby a received file
- whose length was a multiple of 512 bytes could have random garbage
- appended. Also, stop processing TFTP packets which are too short to be
- legal.
- - Ilja van Sprundel reported a possible crash in the curl tool when using
- "curl hostwithoutslash -d data -G"
- Version 7.15.3 (20 March 2006)
- Daniel (20 March 2006)
- - VULNERABILITY reported to us by Ulf Harnhammar.
- libcurl uses the given file part of a TFTP URL in a manner that allows a
- malicious user to overflow a heap-based memory buffer due to the lack of
- boundary check.
- This overflow happens if you pass in a URL with a TFTP protocol prefix
- ("tftp://"), using a valid host and a path part that is longer than 512
- bytes.
- The affected flaw can be triggered by a redirect, if curl/libcurl is told to
- follow redirects and an HTTP server points the client to a tftp URL with the
- characteristics described above.
- The Common Vulnerabilities and Exposures (CVE) project has assigned the name
- CVE-2006-1061 to this issue.
- Daniel (16 March 2006)
- - Tor Arntsen provided a RPM spec file for AIX Toolbox, that now is included
- in the release archive.
- Daniel (14 March 2006)
- - David McCreedy fixed:
- a bad SSL error message when OpenSSL certificates are verified fine.
- a missing return code assignment in the FTP code
- Daniel (7 March 2006)
- - Markus Koetter filed debian bug report #355715 which identified a problem
- with the multi interface and multi-part formposts. The fix from February
- 22nd could make the Curl_done() function get called twice on the same
- connection and it was not designed for that and thus tried to call free() on
- an already freed memory area!
- - Peter Heuchert made sure the CURLFTPSSL_CONTROL setting for CURLOPT_FTP_SSL
- is used properly.
- Daniel (6 March 2006)
- - Lots of users on Windows have reported getting the "SSL: couldn't set
- callback" error message so I've now made the setting of that callback not be
- as critical as before. The function is only used for additional loggging/
- trace anyway so a failure just means slightly less data. It should still be
- able to proceed and connect fine to the server.
- Daniel (4 March 2006)
- - Thomas Klausner provided a patch written by Todd Vierling in bug report
- #1442471 that fixes a build problem on Interix.
- Daniel (2 March 2006)
- - FTP upload without a file name part in the URL now causes
- curl_easy_perform() to return CURLE_URL_MALFORMAT. Previously it allowed the
- upload but named the file "(nil)" (without the quotes). Test case 524
- verifies.
- - Added a check for getprotobyname in configure so that it'll be used, thanks
- to Gisle Vanem's change the other day.
- Daniel (28 February 2006)
- - Dan Fandrich prevented curl from getting stuck in an endless loop in case we
- are out of file handles very early in curl's code where it makes sure that
- 0, 1 and 2 aren't gonna be used by the lib for transfers.
- Daniel (27 February 2006)
- - Marty Kuhrt pointed out that there were two VMS-specific files missing in
- the release archive.
- Version 7.15.2 (27 February 2006)
- Daniel (22 February 2006)
- - Lots of work and analysis by "xbx___" in bug #1431750
- (http://curl.haxx.se/bug/view.cgi?id=1431750) helped me identify and fix two
- different but related bugs:
- 1) Removing an easy handle from a multi handle before the transfer is done
- could leave a connection in the connection cache for that handle that is
- in a state that isn't suitable for re-use. A subsequent re-use could then
- read from a NULL pointer and segfault.
- 2) When an easy handle was removed from the multi handle, there could be an
- outstanding c-ares DNS name resolve request. When the response arrived,
- it caused havoc since the connection struct it "belonged" to could've
- been freed already.
- Now Curl_done() is called when an easy handle is removed from a multi handle
- pre-maturely (that is, before the transfer was complteted). Curl_done() also
- makes sure to cancel all (if any) outstanding c-ares requests.
- Daniel (21 February 2006)
- - Peter Su added support for SOCKS4 proxies. Enable this by setting the proxy
- type to the already provided type CURLPROXY_SOCKS4.
- I added a --socks4 option that works like the current --socks5 option but
- instead use the socks4 protocol.
- Daniel (20 February 2006)
- - Shmulik Regev fixed an issue with multi-pass authentication and compressed
- content when libcurl didn't honor the internal ignorebody flag.
- Daniel (18 February 2006)
- - Ulf Härnhammar fixed a format string (printf style) problem in the Negotiate
- code. It should however not be the cause of any troubles. He also fixed a
- few similar problems in the HTTP test server code.
- Daniel (17 February 2006)
- - Shmulik Regev provided a fix for the DNS cache when using short life times,
- as previously it could be holding on to old cached entries longer than
- requested.
- Daniel (11 February 2006)
- - Karl Moerder added the CURLOPT_CONNECT_ONLY and CURLINFO_LASTSOCKET options
- that an app can use to let libcurl only connect to a remote host and then
- extract the socket from libcurl. libcurl will then not attempt to do any
- transfer at all after the connect is done.
- - Kent Boortz improved the configure check for GnuTLS to properly set LIBS
- instead of LDFLAGS.
- Daniel (8 February 2006)
- - Philippe Vaucher provided a brilliant piece of test code that show a problem
- with re-used FTP connections. If the second request on the same connection
- was set not to fetch a "body", libcurl could get confused and consider it an
- attempt to use a dead connection and would go acting mighty strange.
- Daniel (2 February 2006)
- - Make --limit-rate [num] mean bytes. It used to be that but it broke in my
- change done in November 2005.
- Daniel (30 January 2006)
- - Added CURLOPT_LOCALPORT and CURLOPT_LOCALPORTRANGE to libcurl. Set with the
- curl tool with --local-port. Plain and simply set the range of ports to bind
- the local end of connections to. Implemented on to popular demand.
- - Based on an error report by Philippe Vaucher, we no longer count a retried
- connection setup as a follow-redirect. It turns out 1) this fails when a FTP
- connection is re-setup and 2) it does make the max-redirs counter behave
- wrong.
- Daniel (24 January 2006)
- - Michal Marek provided a patch for FTP that makes libcurl continue to try
- PASV even after EPSV returned a positive response code, if libcurl failed to
- connect to the port number the EPSV response said. Obviously some people are
- going through protocol-sensitive firewalls (or similar) that don't
- understand EPSV and then they don't allow the second connection unless PASV
- was used. This also called for a minor fix of test case 238.
- Daniel (20 January 2006)
- - Duane Cathey was one of our friends who reported that curl -P [IP]
- (CURLOPT_FTPPORT) didn't work for ipv6-enabed curls if the IP wasn't a
- "native" IP while it works fine for ipv6-disabled builds!
- In the process of fixing this, I removed the support for LPRT since I can't
- think of many reasons to keep doing it and asking on the mailing list didn't
- reveal anyone else that could either. The code that sends EPRT and PORT is
- now also a lot simpler than before (IMHO).
- Daniel (19 January 2006)
- - Jon Turner pointed out that doing -P [hostname] (CURLOPT_FTPPORT) with curl
- (built ipv4-only) didn't work.
- Daniel (18 January 2006)
- - As reported in bug #1408742 (http://curl.haxx.se/bug/view.cgi?id=1408742),
- the configure script complained about a missing "missing" script if you ran
- configure within a path whose name included one or more spaces. This is due
- to a flaw in automake (1.9.6 and earlier). I've now worked around it by
- including an "overloaded" version of the AM_MISSING_HAS_RUN script that'll
- be used instead of the one automake ships with. This kludge needs to be
- removed once we get an automake version with this problem corrected.
- Possibly we'll then need to convert this into a kludge depending on what
- automake version that is used and that is gonna be painful and I don't even
- want to think about that now...!
- Daniel (17 January 2006)
- - David Shaw: Here is the latest libcurl.m4 autoconf tests. It is updated with
- the latest features and protocols that libcurl supports and has a minor fix
- to better deal with the obscure case where someone has more than one libcurl
- installed at the same time.
- Daniel (16 January 2006)
- - David Shaw finally removed all traces of Gopher and we are now officially
- not supporting it. It hasn't been functioning for years anyway, so this is
- just finally stating what already was true. And a cleanup at the same time.
- - Bryan Henderson turned the 'initialized' variable for curl_global_init()
- into a counter, and thus you can now do multiple curl_global_init() and you
- are then supposed to do the same amount of calls to curl_global_cleanup().
- Bryan has also updated the docs accordingly.
- Daniel (13 January 2006)
- - Andrew Benham fixed a race condition in the test suite that could cause the
- test script to kill all processes in the current process group!
- Daniel (12 January 2006)
- - Michael Jahn:
- Fixed FTP_SKIP_PASV_IP and FTP_USE_EPSV to "do right" when used on FTP thru
- HTTP proxy.
- Fixed PROXYTUNNEL to work fine when you do ftp through a proxy. It would
- previously overwrite internal memory and cause unpredicted behaviour!
- Daniel (11 January 2006)
- - I decided to document the "secret option" here now, as I've received *NO*
- feedback at all on my mailing list requests from November 2005:
- I'm looking for feedback and comments. I added some experimental code the
- other day, that allows a libcurl user to select what method libcurl should
- use to reach a file on a FTP(S) server.
- This functionality is available in CVS code and in recent daily snapshots.
- Let me explain...
- The current name for the option is CURLOPT_FTP_FILEMETHOD (--ftp-method for
- the command line tool) and you set it to a long (there are currenly no
- defines for the argument values, just plain numericals). You can set three
- different "methods" that do this:
- 1 multicwd - like today, curl will do a single CWD operation for each path
- part in the given URL. For deep hierarchies this means very many
- commands. This is how RFC1738 says it should be done. This is the
- default.
- 2 nocwd - no CWD at all is done, curl will do SIZE, RETR, STOR etc and give
- a full path to the server.
- 3 singlecwd - make one CWD with the full target directory and then operate
- on the file "normally".
- (With the command line tool you do --ftp-method [METHOD], where [METHOD] is
- one of "multicwd", "nocwd" or "singlecwd".)
- What feedback I'm interested in:
- 1 - Do they work at all? Do you find servers where one of these don't work?
- 2 - What would proper names for the option and its arguments be, if we
- consider this feature good enough to get included and documented in
- upcoming releases?
- 3 - Should we make libcurl able to "walk through" these options in case of
- (path related) failures, or should it fail and let the user redo any
- possible retries?
- (This option is not documented in any man page just yet since I'm not sure
- these names will be used or if the functionality will end up exactly like
- this. And for the same reasons we have no test cases for these yet.)
- Daniel (10 January 2006)
- - When using a bad path over FTP, as in when libcurl couldn't CWD into all
- given subdirs, libcurl would still "remember" the full path as if it is the
- current directory libcurl is in so that the next curl_easy_perform() would
- get really confused if it tried the same path again - as it would not issue
- any CWD commands at all, assuming it is already in the "proper" dir.
- Starting now, a failed CWD command sets a flag that prevents the path to be
- "remembered" after returning.
- Daniel (7 January 2006)
- - Michael Jahn fixed so that the second CONNECT when doing FTP over a HTTP
- proxy actually used a new connection and not sent the second request on the
- first socket!
- Daniel (6 January 2006)
- - Alexander Lazic made the buildconf run the buildconf in the ares dir if that
- is present instead of trying to mimic that script in curl's buildconf
- script.
- Daniel (3 January 2006)
- - Andres Garcia made the TFTP test server build with mingw.
- Daniel (16 December 2005)
- - Jean Jacques Drouin pointed out that you could only have a user name or
- password of 127 bytes or less embedded in a URL, where actually the code
- uses a 255 byte buffer for it! Modified now to use the full buffer size.
- Daniel (12 December 2005)
- - Dov Murik corrected the HTTP_ONLY define to disable the TFTP support properly
- Version 7.15.1 (7 December 2005)
- Daniel (6 December 2005)
- - Full text here: http://curl.haxx.se/docs/adv_20051207.html Pointed out by
- Stefan Esser.
- VULNERABILITY
- libcurl's URL parser function can overflow a malloced buffer in two ways, if
- given a too long URL.
- These overflows happen if you
-
- 1 - pass in a URL with no protocol (like "http://") prefix, using no slash
- and the string is 256 bytes or longer. This leads to a single zero byte
- overflow of the malloced buffer.
- 2 - pass in a URL with only a question mark as separator (no slash) between
- the host and the query part of the URL. This leads to a single zero byte
- overflow of the malloced buffer.
- Both overflows can be made with the same input string, leading to two single
- zero byte overwrites.
- The affected flaw cannot be triggered by a redirect, but the long URL must
- be passed in "directly" to libcurl. It makes this a "local" problem. Of
- course, lots of programs may still pass in user-provided URLs to libcurl
- without doing much syntax checking of their own, allowing a user to exploit
- this vulnerability.
- There is no known exploit at the time of this writing.
- Daniel (2 December 2005)
- - Jamie Newton pointed out that libcurl's file:// code would close() a zero
- file descriptor if given a non-existing file.
- Daniel (24 November 2005)
- - Doug Kaufman provided a set of patches to make curl build fine on DJGPP
- again using configure.
- - Yang Tse provided a whole series of patches to clear up compiler warnings on
- MSVC 6.
- Daniel (17 November 2005)
- - I extended a patch from David Shaw to make libcurl _always_ provide an error
- string in the given error buffer to address the flaw mention on 21 sep 2005.
- Daniel (16 November 2005)
- - Applied Albert Chin's patch that makes the libcurl.pc pkgconfig file get
- installed on 'make install' time.
- Daniel (14 November 2005)
- - Quagmire reported that he needed to raise a NTLM buffer for SSPI to work
- properly for a case, and so we did. We raised it even for non-SSPI builds
- but it should not do any harm. http://curl.haxx.se/bug/view.cgi?id=1356715
- - Jan Kunder's debian bug report
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=338680 identified a weird
- error message for when you try to upload a file and the requested directory
- doesn't exist on the target server.
- - Yang Tse fixed compiler warnings in lib/ssluse.c with OpenSSL 0.9.8 and in
- lib/memdebug.h that showed up in his msvc builds.
- Daniel (13 November 2005)
- - Debian bug report 338681 by Jan Kunder: make curl better detect and report
- bad limit-rate units:
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=338681 Now curl will return
- error if a bad unit is used.
- - Thanks to this nice summary of poll() implementations:
- http://www.greenend.org.uk/rjk/2001/06/poll.html and further tests by Eugene
- Kotlyarov, we now know that cygwin's poll returns only POLLHUP on remote
- connectin closure so we check for that case (too) and re-enable poll for
- cygwin builds.
- Daniel (12 November 2005)
- - Eugene Kotlyarov found out that cygwin's poll() function isn't doing things
- right: http://curl.haxx.se/mail/archive-2005-11/0045.html so we now disable
- poll() and use select() on cygwin too (we already do the same choice on Mac
- OS X)
- - Dima Barsky patched problem #1348930: the GnuTLS code completely ignored
- client certificates! (http://curl.haxx.se/bug/view.cgi?id=1348930).
- Daniel (10 November 2005)
- - David Lang fixed IPv6 support for TFTP!
- - Introducing range stepping to the curl globbing support. Now you can specify
- step counter by adding :[num] within the brackets when specifying a range:
- [1-100:10]
- [a-z:2]
- If no step counter is set, it defaults to 1 as before:
- [1-100]
- [d-h]
- Daniel (8 November 2005)
- - Removed the use of AI_CANONNAME in the IPv6-enabled resolver functions since
- we really have no use for reverse lookups of the address.
- I truly hope these are the last reverse lookups we had lingering in the
- code!
- - Dmitry Bartsevich discovered some issues in compatibilty of SSPI-enabled
- version of libcurl with different Windows versions. Current version of
- libcurl imports SSPI functions from secur32.dll. However, under Windows NT
- 4.0 these functions are located in security.dll, under Windows 9x - in
- secur32.dll and Windows 2000 and XP contains both these DLLs (security.dll
- just forwards calls to secur32.dll).
- Dmitry's patch loads proper library dynamically depending on Windows
- version. Function InitSecurityInterface() is used to obtain pointers to all
- of SSPI function in one structure.
- Daniel (31 October 2005)
- - Vilmos Nebehaj improved libcurl's LDAP abilities:
- The LDAP code in libcurl can't handle LDAP servers of LDAPv3 nor binary
- attributes in LDAP objects. So, I made a quick patch to address these
- problems.
- The solution is simple: if we connect to an LDAP server, first try LDAPv3
- (which is the preferred protocol as of now) and then fall back to LDAPv2.
- In case of binary attributes, we first convert them to base64, just like the
- openldap client does. It uses ldap_get_values_len() instead of
- ldap_get_values() to be able to retrieve binary attributes correctly. I
- defined the necessary LDAP macros in lib/ldap.c to be able to compile
- libcurl without the presence of libldap
- Daniel (27 October 2005)
- - Nis Jorgensen filed bug report #1338648
- (http://curl.haxx.se/bug/view.cgi?id=1338648) which really is more of a
- feature request, but anyway. It pointed out that --max-redirs did not allow
- it to be set to 0, which then would return an error code on the first
- Location: found. Based on Nis' patch, now libcurl supports CURLOPT_MAXREDIRS
- set to 0, or -1 for infinity. Added test case 274 to verify.
- - tommink[at]post.pl reported in bug report #1337723
- (http://curl.haxx.se/bug/view.cgi?id=1337723) that curl could not upload
- binary data from stdin on Windows if the data contained control-Z (hex 1a)
- since that is treated as end-of-file when read in text mode. Gisle Vanem
- pointed out the fix, and I made both -T and --data-binary take advantage of
- it.
- - Jaz Fresh pointed out that if you used "-r [number]" as was wrongly described
- in the man page, curl would send an invalid HTTP Range: header. The correct
- way would be to use "-r [number]-" or even "-r -[number]". Starting now,
- curl will warn if this is discovered, and automatically append a dash to the
- range before passing it to libcurl.
- Daniel (25 October 2005)
- - Amol Pattekar reported a bug with great detail and a fine example in bug
- #1326306 (http://curl.haxx.se/bug/view.cgi?id=1326306). When using the multi
- interface and connecting to a host with multiple IP addresses, and one of
- the addresses fails to connect (the server must exist and respond, just not
- accept connections) libcurl leaks a socket descriptor. Thanks to the fine
- report, I could find and fix this.
- Daniel (22 October 2005)
- - Dima Barsky reported a problem with GnuTLS-enabled libcurl in bug report
- #1334338 (http://curl.haxx.se/bug/view.cgi?id=1334338). When reading an SSL
- stream from a server and the server requests a "rehandshake", the current
- code simply returns this as an error. I have no good way to test this, but
- I've added a crude attempt of dealing with this situation slightly better -
- it makes a blocking handshake if this happens. Done like this because fixing
- this the "proper" way (that would handshake asynchronously) will require
- quite some work and I really need a good way to test this to do such a
- change.
- Daniel (21 October 2005)
- - "Ofer" reported a problem when libcurl re-used a connection and failed to do
- it, it could then accidentally actually crash. Presumably, this concerns FTP
- connections. http://curl.haxx.se/bug/view.cgi?id=1330310
- - Temprimus improved the MSVC makefile so that the static debug SSL libs are
- linked to the executable and not to the libcurld.lib
- http://curl.haxx.se/bug/view.cgi?id=1326676
- - Bradford Bruce made the windows resolver code properly return
- CURLE_COULDNT_RESOLVE_PROXY and CURLE_COULDNT_RESOLVE_HOST on resolving
- errors (as documented).
- Daniel (20 October 2005)
- - Dave Dribin made libcurl understand and handle cases when the server
- (wrongly) sends *two* WWW-Authenticate headers for Digest. While this should
- never happen in a sane world, libcurl previously got into an infinite loop
- when this occurred. Dave added test 273 to verify this.
- - Temprimus improved the MSVC makefile: "makes a build option available so if
- you set rtlibcfg=static for the make, then it would build with /MT. The
- default behaviour is /MD (the original)."
- http://curl.haxx.se/bug/view.cgi?id=1326665
- Daniel (14 October 2005)
- - Reverted the LIBCURL_VERSION_NUM change from October 6. As Dave Dribin
- reported, the define is used by the configure script and is assumed to use
- the 0xYYXXZZ format. This made "curl-config --vernum" fail in the 7.15.0
- release version.
- Version 7.15.0 (13 October 2005)
- Daniel (12 October 2005)
- - Michael Sutton of iDEFENSE reported and I fixed a securitfy flaw in the NTLM
- code that would overflow a buffer if given a too long user name or domain
- name. This would happen if you enable NTLM authentication and either
- A - pass in a user name and domain name to libcurl that together are longer
- than 192 bytes
- B - allow (lib)curl to follow HTTP "redirects" (Location: and the
- appropriate HTTP 30x response code) and the new URL contains a URL with
- a user name and domain name that together are longer than 192 bytes
- See http://curl.haxx.se/docs/security.html for further details and updates
- Daniel (5 October 2005)
- - Darryl House reported a problem with using -z to download files from FTP.
- It turned out that if the given time stamp was exact the same as the remote
- time stamp, the file would still wrongly be downloaded. Added test case 272
- to verify.
- Daniel (4 October 2005)
- - Domenico Andreoli fixed a man page malformat and removed odd (0xa0) bytes
- from the configure script.
- - Michael Wallner reported that the date parser had wrong offset stored for
- the MEST and CEST time zones.
- Daniel (27 September 2005)
- - David Yan filed bug #1299181 (http://curl.haxx.se/bug/view.cgi?id=1299181)
- that identified a silly problem with Content-Range: headers with the 'bytes'
- keyword written in a different case than all lowercase! It would cause a
- segfault!
- - TJ Saunders of the proftpd project identified and pointed out problems with
- the modified FTPS negotiation change of August 19 2005. Thus, we revert the
- change back to pre-7.14.1 status.
- Daniel (21 September 2005)
- - Fixed "cut off" sentence in the libcurl-tutorial man page:
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=329305
- - Clarified in the curl_easy_setopt man page what the default
- CURLOPT_WRITEFUNCTION and CURLOPT_WRITEDATA mean:
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=329311
- - Clarified in the curl_easy_setopt man page that CURLOPT_ERRORBUFFER
- sometimes doesn't fill in the buffer even though it is supposed to:
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=329313
- - When CURLE_URL_MALFORMAT is returned due to a missing URL, it now has an
- error string set.
- Daniel (19 September 2005)
- - Dmitry Bartsevich made the SSPI support work on Windows 9x as well.
- Daniel (15 September 2005)
- - Added a TFTP server to the test suite and made the test suite capable of
- using it.
- Daniel (7 September 2005)
- - Ben Madsen's detailed reports that funnily enough only occurred with certain
- glibc versions turned out to be curl using an already closed file handle
- during certain conditions (like when saving FTP server "headers").
- - Scott Davis helped me track down a problem in the test HTTP server that made
- test case 56 wrongly fail at times. It turned out it was due to the server
- finding the end of a chunked-encoded POST too early.
- Daniel (6 September 2005)
- - Now curl warns if an unknown variable is used in the -w/--writeout argument.
- Daniel (4 September 2005)
- - I applied Nicolas François' man page patch he posted to the Debian bug
- tracker. It corrected two lines that started with apostrophes, which isn't
- legal nroff format. http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=326511
- - Added --ftp-skip-pasv-ip to the command line tool, that sets the new
- CURLOPT_FTP_SKIP_PASV_IP option. It makes libcurl re-use the control
- connection's IP address when setting up the data connection instead of
- extractting the IP address from the PASV response. It has turned out this
- feature is frequently needed by people to circumvent silly servers and silly
- firewalls, especially when FTPS is used and the PASV command-response is
- sent encrtyped.
- Sponsored by CU*Answers
- Daniel (1 September 2005)
- - John Kelly added TFTP support to libcurl. A bunch of new error codes was
- added. TODO: add them to docs. add TFTP server to test suite. add TFTP to
- list of protocols whereever those are mentioned.
- Version 7.14.1 (1 September 2005)
- Daniel (29 August 2005)
- - Kevin Lussier pointed out a problem with curllib.dsp and how to fix it.
- - Igor Polyakov fixed a rather nasty problem with the threaded name resolver
- for Windows, that could lead to an Access Violation when the multi interface
- was used due to an issue with how the resolver thread was and was not
- terminated.
- - Simon Josefsson brought a patch that allows curl to get built to use GNU GSS
- instead of MIT/Heimdal for GSS capabilities.
- Daniel (24 August 2005)
- - Toby Peterson added CURLOPT_IGNORE_CONTENT_LENGTH to the library, accessible
- from the command line tool with --ignore-content-length. This will make it
- easier to download files from Apache 1.x (and similar) servers that are
- still having problems serving files larger than 2 or 4 GB. When this option
- is enabled, curl will simply have to wait for the server to close the
- connection to signal end of transfer. I wrote test case 269 that runs a
- simple test to verify that this works.
- - (Trying hard to exclude emotions now.) valgrind version 3 suddenly renamed
- the --logfile command line option to --log-file, and thus the test script
- valgrind autodetection now has yet another version check to do and then it
- alters the valgrind command line accordingly.
- - Fixed CA cert verification using GnuTLS with the default bundle, which
- previously failed due to GnuTLS not allowing x509 v1 CA certs by default.
- Ralph Mitchell reported.
- Daniel (19 August 2005)
- - Norbert Novotny had problems with FTPS and he helped me work out a patch
- that made curl run fine in his end. The key was to make sure we do the
- SSL/TLS negotiation immediately after the TCP connect is done and not after
- a few other commands have been sent like we did previously. I don't consider
- this change necessary to obey the standards, I think this server is pickier
- than what the specs allow it to be, but I can't see how this modified
- libcurl code can add any problems to those who are interpreting the
- standards more liberally.
- Daniel (17 August 2005)
- - Jeff Pohlmeyer found out that if you ask libcurl to load a cookiefile (with
- CURLOPT_COOKIEFILE), add a cookie (with CURLOPT_COOKIELIST), tell it to
- write the result to a given cookie jar and then never actually call
- curl_easy_perform() - the given file(s) to read was never read but the
- output file was written and thus it caused a "funny" result.
- - While doing some tests for the bug above, I noticed that Firefox generates
- large numbers (for the expire time) in the cookies.txt file and libcurl
- didn't treat them properly. Now it does.
- Daniel (15 August 2005)
- - Added more verbose "warning" messages to the curl client for cases where it
- fails to open/read files etc to help users diagnose why it doesn't do what
- you'd expect it to. Converted lots of old messages to use the new generic
- function I wrote for this purpose.
- Daniel (13 August 2005)
- - James Bursa identified a libcurl HTTP bug and a good way to repeat it. If a
- site responds with bad HTTP response that doesn't contain any header at all,
- only a response body, and the write callback returns 0 to abort the
- transfer, it didn't have any real effect but the write callback would be
- called once more anyway.
- Daniel (12 August 2005)
- - Based on Richard Clayton's reports, I found out that using curl -d @filename
- when 'filename' was not possible to access made curl use a GET request
- instead.
- - The time condition illegal syntax warning is now inhibited if -s is used.
- Daniel (10 August 2005)
- - Mario Schroeder found out that one of the debug callbacks calls that regards
- SSL data with the CURLINFO_TEXT type claimed that the data was one byte
- larger than it actually is, thus falsely telling the application that the
- terminating zero was part of the data.
- Daniel (9 August 2005)
- - Christopher R. Palmer fixed the offsets used for date parsings when the time
- zone name of a daylight savings time was used. For example, PDT vs PDS. This
- flaw was introduced with the new date parser (11 sep 2004 - 7.12.2).
- Fortunately, no web server or cookie string etc should be using such time
- zone names thus limiting the effect of this bug.
- Daniel (8 August 2005)
- - Jon Grubbs filed bug report #1249962
- (http://curl.haxx.se/bug/view.cgi?id=1249962) which identified a problem
- with NTLM on a HTTP proxy if an FTP URL was given. libcurl now properly
- switches to pure HTTP internally when an HTTP proxy is used, even for FTP
- URLs. The problem would also occur with other multi-pass auth methods.
- Daniel (7 August 2005)
- - When curl is built with GnuTLS, curl-config didn't include "SSL" when
- --features was used.
- Daniel (28 July 2005)
- - If any of the options CURLOPT_HTTPGET, CURLOPT_POST and CURLOPT_HTTPPOST is
- set to 1, CURLOPT_NOBODY will now automatically be set to 0.
- Daniel (27 July 2005)
- - Dan Fandrich changes over the last week: fixed numerous minor configure
- option parsing flaws: --without-gnutls, --without-spnego --without-gssapi
- and --without-krb4. Spellfixed several error messages.
- - Peteris Krumins added CURLOPT_COOKIELIST and CURLINFO_COOKIELIST, which is a
- simple interface to extracting and setting cookies in libcurl's internal
- "cookie jar". See the new cookie_interface.c example code.
- Daniel (13 July 2005)
- - Diego Casorran provided patches to make curl build fine on Amiga again.
- Daniel (12 July 2005)
- - Adrian Schuur added trailer support in the chunked encoding stream. The
- trailer is then sent to the normal header callback/stream. I wrote up test
- case 266 to verify the basic functionality. Do note that test case 34
- contains a flawed chunked encoding stream that still works the same.
- Daniel (5 July 2005)
- - Gisle Vanem came up with a nice little work-around for bug #1230118
- (http://curl.haxx.se/bug/view.cgi?id=1230118). It seems the Windows (MSVC)
- libc time functions may return data one hour off if TZ is not set and
- automatic DST adjustment is enabled. This made curl_getdate() return wrong
- value, and it also concerned internal cookie expirations etc.
- Daniel (4 July 2005)
- - Andrew Bushnell provided enough info for me to tell that we badly needed to
- fix the CONNECT authentication code with multi-pass auth methods (such as
- NTLM) as it didn't previously properly ignore response-bodies - in fact it
- stopped reading after all response headers had been received. This could
- lead to libcurl sending the next request and reading the body from the first
- request as response to the second request. (I also renamed the function,
- which wasn't strictly necessary but...)
- The best fix would to once and for all make the CONNECT code use the
- ordinary request sending/receiving code, treating it as any ordinary request
- instead of the special-purpose function we have now. It should make it
- better for multi-interface too. And possibly lead to less code...
- Added test case 265 for this. It doesn't work as a _really_ good test case
- since the test proxy is too stupid, but the test case helps when running the
- debugger to verify.
- Daniel (30 June 2005)
- - Dan Fandrich improved the configure script's ability to figure out what kind
- of strerror_r() API that is used when cross-compiling. If __GLIB__ is
- defined, it assumes the glibc API. If not, it issues a notice as before that
- the user needs to manually edit lib/config.h for this.
- Daniel (23 June 2005)
- - David Shaw's fix that unifies proxy string treatment so that a proxy given
- with CURLOPT_PROXY can use a http:// prefix and user + password. The user
- and password fields are now also URL decoded properly. Test case 264 added
- to verify.
- Daniel (22 June 2005)
- - David Shaw updated libcurl.m4
- Daniel (14 June 2005)
- - Gisle Vanem fixed a potential thread handle leak. Bug report #1216500
- (http://curl.haxx.se/bug/view.cgi?id=1216500). Comment in
- http://curl.haxx.se/mail/lib-2005-06/0059.html
- Daniel (13 June 2005)
- - Made buildconf run libtoolize in the ares dir too (inspired by Tupone's
- reverted patch).
- Daniel (9 June 2005)
- - Incorporated Tupone's findtool fix in buildconf (slightly edited)
- - Incorporated Tupone's head -n fix in buildconf.
- Daniel (8 June 2005)
- - Reverted Tupone's patch again, it broke numerous autobuilds. Let's apply it
- in pieces, one by one and see what we need to adjust to work all over.
- Daniel (6 June 2005)
- - Tupone Alfredo fixed three problems in buildconf:
- 1) findtool does look per tool in PATH and think ./perl is the perl
- executable, while is just a local directory (I have . in the PATH)
- 2) I got several warning for head -1 deprecated in favour of head -n 1
-
- 3) ares directory is missing some file (missing is missing :-) ) because
- automake and friends is not run.
- Daniel (3 June 2005)
- - Added docs/libcurl/getinfo-times, based on feedback from 'Edi':
- http://curl.haxx.se/feedback/display.cgi?id=11178325798299&support=yes
- - Andres Garcia provided yet another text mode patch for several test cases so
- that they do text comparisions better on Windows (newline-wise).
- Daniel (1 June 2005)
- - The configure check for c-ares now adds the cares lib before the other libs,
- to make it build fine with mingw. Inspired by Tupone Alfredo's bug report
- and patch: http://curl.haxx.se/bug/view.cgi?id=1212940
- Daniel (31 May 2005)
- - Todd Kulesza reported a flaw in the proxy option, since a numerical IPv6
- address was not possible to use. It is now, but requires it written
- RFC2732-style, within brackets - which incidently is how you enter numerical
- IPv6 addresses in URLs. Test case 263 added to verify.
- Daniel (30 May 2005)
- - Eric Cooper reported about a problem with HTTP servers that responds with
- binary zeroes within the headers. They confused libcurl to do wrong so the
- downloaded headers become incomplete. The fix is now verified with test case
- 262. http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=310948
- Daniel (25 May 2005)
- - Fixed problems with the test suite, and in particular the FTP test cases
- since it previously was failing every now and then in a nonsense manner.
- - --trace-time now outputs the full microsecond, all 6 digits.
- Daniel (24 May 2005)
- - Andres Garcia provided a text mode patch for several test cases so that they
- do text comparisions better on Windows (newline-wise).
- - Any 2xx response (and not just 200) is now considered a fine response to
- TYPE, as some servers obviously sends a 226 there. Added test case 261 to
- verify. Based on a question/report by Georg Wicherski.
- Daniel (20 May 2005)
- - Improved runtests.pl to allow stdout tests to be mode=text as well, just
- as file comparisons already supports. Added this info to the FILEFORMAT
- docs.
- Daniel (18 May 2005)
- - John McGowan identified a problem in bug report #1204435
- (http://curl.haxx.se/bug/view.cgi?id=1204435) with malformed URLs like
- "http://somehost?data" as it added a slash too much in the request ("GET
- /?data/"...). Added test case 260 to verify.
- - The configure check for strerror_r() failed to detect the proper API at
- times, like on HP-UX 10.20. Then lib/strerror.c badly assumed the glibc
- version if the posix define wasn't set (since it _had_ found a strerror_r).
- Daniel (16 May 2005)
- - The gmtime_r() function in HP-UX 10.20 is broken. About 13 test cases fail
- due to this. There's now a configure check that attempts to detect the bad
- function and not use it on such systems.
- Version 7.14.0 (16 May 2005)
- Daniel (13 May 2005)
- - Grigory Entin reported that curl's configure detects a fine poll() for Mac
- OS X 10.4 (while 10.3 or later detected a "bad" one), but the executable
- doesn't work as good as if built without poll(). I've adjusted the configure
- to always skip the fine-poll() test on Mac OS X (darwin).
- Daniel (12 May 2005)
- - When doing a second request (after a disconnect) using the same easy handle,
- over a proxy that uses NTLM authentication, libcurl failed to use NTLM again
- properly (the auth method was accidentally reset to the same as had been set
- for host auth, which defaults to Basic). Bug report #1200661
- (http://curl.haxx.se/bug/view.cgi?id=1200661) identified the the problem and
- the fix.
- - If -z/--time-cond is used with an invalid date syntax, this is no longer
- silently discarded. Instead a proper warning message is diplayed that
- informs about it. But it still continues without the condition.
- Version 7.14.0-pre2 (11 May 2005)
- Daniel (11 May 2005)
- - Starting now, libcurl sends a little different set of headers in its default
- HTTP requests:
-
- A) Normal non-proxy HTTP:
- - no more "Pragma: no-cache" (this only makes sense to proxies)
- B) Non-CONNECT HTTP request over proxy:
- - "Pragma: no-cache" is used (like before)
- - "Proxy-Connection: Keep-alive" (for older style 1.0-proxies)
- C) CONNECT HTTP request over proxy:
- - "Host: [name]:[port]"
- - "Proxy-Connection: Keep-alive"
- The A) case is mostly to reduce the default header size and remove a
- pointless header.
- The B) is to address (rare) problems with HTTP 1.0 proxies
- The C) headers are both to address (rare) problems with some proxies. The
- code in libcurl that deals with CONNECT requests need a rewrite, but it
- feels like a too big a job for me to do now. Details are added in the code
- comments for now.
- Updated a large amount of test cases to reflect the news.
- Daniel (10 May 2005)
- - Half-baked attempt to bail out if select() returns _only_ errorfds when the
- transfer is in progress. An attempt to fix Allan's problem. See
- http://curl.haxx.se/mail/lib-2005-05/0073.html and the rest of that thread
- for details.
- I'm still not sure this is the right fix, but...
- Version 7.14.0-pre1 (9 May 2005)
- Daniel (2 May 2005)
- - Sort of "fixed" KNOWN_BUGS #4: curl now builds IPv6 enabled on AIX 4.3. At
- least it should no longer cause a compiler error. However, it does not have
- AI_NUMERICHOST so we cannot getaddrinfo() any numerical addresses with it
- (we use that for FTP PORT/EPRT)! So, I modified the configure check that
- checks if the getaddrinfo() is working, to use AI_NUMERICHOST since then
- it'll fail on AIX 4.3 and it will automatically build with IPv6 support
- disabled.
- - Added --trace-time that when used adds a time stamp to each trace line that
- --trace, --trace-ascii and --verbose output. I also made the '>' display
- separate each line on the linefeed so that HTTP requests etc look nicer in
- the -v output.
- - Made curl recognize the environment variables Lynx (and others?) support for
- pointing out the CA cert path/file: SSL_CERT_DIR and SSL_CERT_FILE. If
- CURL_CA_BUNDLE is not set, they are checked afterwards.
- Like before: on windows if none of these are set, it checks for the ca cert
- file like this:
- 1. application's directory
- 2. current working directory
- 3. Windows System directory (e.g. C:\windows\system32)
- 4. Windows Directory (e.g. C:\windows)
- 5. all directories along %PATH%
- Daniel (1 May 2005)
- - The runtests.pl script now starts test servers by doing fork() and exec()
- instead of the previous approach. This is less complicated and should
- hopefully lead to less "leaked" servers (servers that aren't stopped
- properly when the tests are stopped).
- - Alexander Zhuravlev found a case when you did "curl -I [URL]" and it
- complained on the chunked encoding, even though a HEAD should never return a
- body and thus it cannot be a chunked-encoding problem!
- Daniel (30 April 2005)
- - Alexander Zhuravlev found out that (lib)curl SIGSEGVed when using
- --interface on an address that can't be bound.
- Daniel (28 April 2005)
- - Working on fixing up test cases to mark sections as 'mode=text' for things
- that curl writes as text files, since then they can get different line
- endings depending on OS. Andrés García helps me work this out.
- Did lots of other minor tweaks on the test scripts to work better and more
- reliably find test servers and also kill test servers.
- - Dan Fandrich pointed out how the runtests.pl script killed the HTTP server
- instead of the HTTPS server when closing it down.
- Daniel (27 April 2005)
- - Paul Moore made curl check for the .curlrc file (_curlrc on windows) on two
- more places. First, CURL_HOME is a new environment variable that is used
- instead of HOME if it is set, to point out where the default config file
- lives. If there's no config file in the dir pointed out by one of the
- environment variables, the Windows version will instead check the same
- directory the executable curl is located in.
- Daniel (26 April 2005)
- - Cory Nelson's work on nuking compiler warnings when building on x64 with
- VS2005.
- Daniel (25 April 2005)
- - Fred New reported a bug where we used Basic auth and user name and password
- in .netrc, and when following a Location: the subsequent requests didn't
- properly use the auth as found in the netrc file. Added test case 257 to
- verify my fix.
- - Based on feedback from Cory Nelson, I added some preprocessor magic in
- */setup.h and */config-win32.h to build fine with VS2005 on x64.
- Daniel (23 April 2005)
- - Alex Suykov made the curl tool now assume that uploads using HTTP:// or
- HTTPS:// are the only ones that show output and thus motivates a switched
- off progress meter if the output is sent to the terminal. This makes FTP
- uploads without '>', -o or -O show the progress meter.
- Daniel (22 April 2005)
- - Dave Dribin's MSVC makefile fix: set CURL_STATICLIB when it builds static
- library variants.
- - Andres Garcia fixed configure to set the proper define when building static
- libcurl on windows.
- - --retry-delay didn't work.
- Daniel (18 April 2005)
- - Olivier reported that even though he used CURLOPT_PORT, libcurl clearly
- still used the default port. He was right. I fixed the problem and added the
- test cases 521, 522 and 523 to verify the fix.
- - Toshiyuki Maezawa reported that when doing a POST with a read callback,
- libcurl didn't properly send an Expect: 100-continue header. It does now.
- - I committed by mig change in the test suite's FTP server that moves out all
- socket/TCP code to a separate C program named sockfilt. And added 4 new
- test cases for FTP over IPv6.
- Daniel (8 April 2005)
- - Cory Nelson reported a problem with a HTTP server that responded with a 304
- response containing an "illegal" Content-Length: header, which was not
- properly ignored by libcurl. Now it is. Test case 249 verifies.
- Daniel (7 April 2005)
- - Added ability to build and run with GnuTLS as an alternative to OpenSSL for
- the secure layer. configure --with-gnutls enables with. Note that the
- previous OpenSSL check still has preference and if it first detects OpenSSL,
- it will not check for GnuTLS. You may need to explictly diable OpenSSL with
- --without-ssl.
- This work has been sponsored by The Written Word.
- Daniel (5 April 2005)
- - Christophe Legry fixed the post-upload check for FTP to not complain if the
- upload was skipped due to a time-condition as set with
- CURLOPT_TIMECONDITION. I added test case 247 and 248 to verify.
- Version 7.13.2 (5 April 2005)
- Daniel (4 April 2005)
- - Marcelo Juchem fixed the MSVC makefile for libcurl
- - Gisle Vanem fixed a crash in libcurl, that could happen if the easy handle
- was killed before the threading resolver (windows only) still hadn't
- completed.
- - Hardeep Singh reported a problem doing HTTP POST with Digest. (It was
- actually also affecting NTLM and Negotiate.) It turned out that if the
- server responded with 100 Continue before the initial 401 response, libcurl
- didn't take care of the response properly. Test case 245 and 246 added to
- verify this.
- Daniel (30 March 2005)
- - Andres Garcia modified the configure script to check for libgdi32 before
- libcrypto, to make the SSL check work fine on msys/mingw.
- Daniel (29 March 2005)
- - Tom Moers identified a flaw when you sent a POST with Digest authentication,
- as in the first request when curl sends a POST with Content-Length: 0, it
- still forcibly closed the connection before doing the next step in the auth
- negotiation.
- - Jesper Jensen found out that FTP-SSL didn't work since my FTP
- rewrite. Fixing that was easy, but it also revealed a much worse problem:
- the FTP server response reader function didn't properly deal with reading
- responses in multiple tiny chunks properly! I modified the FTP server to
- allow it to produce such split-up responses to make sure curl deals with
- them as it should.
- - Based on Augustus Saunders' comments and findings, the HTTP output auth
- function was fixed to use the proper proxy authentication when multiple ones
- are accepted. test 239 and test 243 were added to repeat the problems and
- verify the fixes.
- --proxy-anyauth was added to the curl tool
- Daniel (16 March 2005)
- - Tru64 and some IRIX boxes seem to not like test 237 as it is. Their
- inet_addr() functions seems to use &255 on all numericals in a ipv4 dotted
- address which makes a different failure... Now I've modified the ipv4
- resolve code to use inet_pton() instead in an attempt to make these systems
- better detect this as a bad IP address rather than creating a toally bogus
- address that is then passed on and used.
- Daniel (15 March 2005)
- - Dan Fandrich made the code properly use the uClibc's version of
- inet_ntoa_r() when built with it.
- - Added test 237 and 238: test EPSV and PASV response handling when they get
- well- formated data back but using illegal values. In 237 PASV gets an IP
- address that is way bad. In 238 EPSV gets a port that is way out of range.
- Daniel (14 March 2005)
- - Added a few missing features to the curl-config --features list
- - Modified testcurl.pl to now offer
- 1 - command line options for all info it previously only read from
- file: --name, --email, --desc and --configure
- 2 - --nocvsup makes it not attempt to do cvs update
- 3 - --crosscompile informs it and makes it not attempt things it can't do
- - Fixed numerous win32 compiler warnings.
- - Removed the lib/security.h file since it shadowed the mingw/win32 header
- with the same name which is needed for SSPI builds. The contents of the
- former security.h is now i krb4.h
- - configure --enable-sspi now enables SSPI in the build. It only works for
- windows builds (including cross-compiles for windows).
- Daniel (12 March 2005)
- - David Houlder added --form-string that adds that string to a multipart
- formpost part, without special characters having special meanings etc like
- --form features.
- Daniel (11 March 2005)
- - curl_version_info() returns the feature bit CURL_VERSION_SSPI if it was
- built with SSPI support.
- - Christopher R. Palmer made it possible to build libcurl with the
- USE_WINDOWS_SSPI on Windows, and then libcurl will be built to use the
- native way to do NTLM. SSPI also allows libcurl to pass on the current user
- and its password in the request.
- Daniel (9 March 2005)
- - Dan F improved the SSL lib setup in configure.
- - Nodak Sodak reported a crash when using a SOCKS4 proxy.
- - Jean-Marc Ranger pointed out an embarassing debug printf() leftover in the
- multi interface code.
- - Adjusted the man page for the curl_getdate() return value for dates after
- year 2038. For 32 bit time_t it returns 0x7fffffff but for 64bit time_t it
- returns either the correct value or even -1 on some systems that still seem
- to not deal with this properly. Tor Arntsen found a 64bit AIX system for us
- that did the latter. Gwenole Beauchesne's Mandrake patch put the lights on
- this problem in the first place.
- Daniel (8 March 2005)
- - Dominick Meglio reported that using CURLOPT_FILETIME when transferring a FTP
- file got a Last-Modified: header written to the data stream, corrupting the
- actual data. This was because some conditions from the previous FTP code was
- not properly brought into the new FTP code. I fixed and I added test case
- 520 to verify. (This bug was introduced in 7.13.1)
- - Dan Fandrich fixed the configure --with-zlib option to always consider the
- given path before any standard paths.
- Daniel (6 March 2005)
- - Randy McMurchy was the first to report that valgrind.pm was missing from the
- release archive and thus 'make test' fails.
- Daniel (5 March 2005)
- - Dan Fandrich added HAVE_FTRUNCATE to several config-*.h files.
- - Added test case 235 that makes a resumed upload of a file that isn't present
- on the remote side. This then converts the operation to an ordinary STOR
- upload. This was requested/pointed out by Ignacio Vazquez-Abrams.
- It also proved (and I fixed) a bug in the newly rewritten ftp code (and
- present in the 7.13.1 release) when trying to resume an upload and the
- servers returns an error to the SIZE command. libcurl then loops and sends
- SIZE commands infinitely.
- - Dan Fandrich fixed a SSL problem introduced on February 9th that made
- libcurl attempt to load the whole random file to seed the PRNG. This is
- really bad since this turns out to be using /dev/urandom at times...
- Version 7.13.1 (4 March 2005)
- Daniel (4 March 2005)
- - Dave Dribin made it possible to set CURLOPT_COOKIEFILE to "" to activate
- the cookie "engine" without having to provide an empty or non-existing file.
- - Rene Rebe fixed a -# crash when more data than expected was retrieved.
- Daniel (22 February 2005)
- - NTLM and ftp-krb4 buffer overflow fixed, as reported here:
- http://www.securityfocus.com/archive/1/391042 and the CAN report here:
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0490
- If these security guys were serious, we'd been notified in advance and we
- could've saved a few of you a little surprise, but now we weren't.
- Daniel (19 February 2005)
- - Ralph Mitchell reported a flaw when you used a proxy with auth, and you
- requested data from a host and then followed a redirect to another
- host. libcurl then didn't use the proxy-auth properly in the second request,
- due to the host-only check for original host name wrongly being extended to
- the proxy auth as well. Added test case 233 to verify the flaw and that the
- fix removed the problem.
- Daniel (18 February 2005)
- - Mike Dobbs reported a mingw build failure due to the lack of
- BUILDING_LIBCURL being defined when libcurl is built. Now this is defined by
- configure when mingw is used.
- Daniel (17 February 2005)
- - David in bug report #1124588 found and fixed a socket leak when libcurl
- didn't close the socket properly when returning error due to failing
- localbind
- Daniel (16 February 2005)
- - Christopher R. Palmer reported a problem with HTTP-POSTing using "anyauth"
- that picks NTLM. Thanks to David Byron letting me test NTLM against his
- servers, I could quickly repeat and fix the problem. It turned out to be:
- When libcurl POSTs without knowing/using an authentication and it gets back
- a list of types from which it picks NTLM, it needs to either continue
- sending its data if it keeps the connection alive, or not send the data but
- close the connection. Then do the first step in the NTLM auth. libcurl
- didn't send the data nor close the connection but simply read the
- response-body and then sent the first negotiation step. Which then failed
- miserably of course. The fixed version forces a connection if there is more
- than 2000 bytes left to send.
- Daniel (14 February 2005)
- - The configure script didn't check for ENGINE_load_builtin_engines() so it
- was never used.
- Daniel (11 February 2005)
- - Removed all uses of strftime() since it uses the localised version of the
- week day names and month names and servers don't like that.
- Daniel (10 February 2005)
- - Now the test script disables valgrind-testing when the test suite runs if
- libcurl is built shared. Otherwise valgrind only tests the shell that runs
- the wrapper-script named 'curl' that is a front-end to curl in this case.
- This should also fix the huge amount of reports of false positives when
- valgrind has identified leaks in (ba)sh and not in curl and people report
- that as curl bugs. Bug report #1116672 is one example.
- Also, the valgrind report parser has been adapted to check that at least one
- of the sources in a stack strace is one of (lib)curl's source files or
- otherwise it will not consider the problem to concern (lib)curl.
- - Marty Kuhrt streamlined the VMS build.
- Daniel (9 February 2005)
- - David Byron fixed his SSL problems, initially mentioned here:
- http://curl.haxx.se/mail/lib-2005-01/0240.html. It turned out we didn't use
- SSL_pending() as we should.
- - Converted lots of FTP code to a statemachine, so that the multi interface
- doesn't block while communicating commands-responses with an FTP server.
- I've added a comment like BLOCKING in the code on all spots I could find
- where we still have blocking operations. When we change curl_easy_perform()
- to use the multi interface, we'll also be able to simplify the code since
- there will only be one "internal interface".
- While doing this, I've now made CURLE_FTP_ACCESS_DENIED separate from the
- new CURLE_LOGIN_DENIED. The first one is now access denied to a function,
- like changing directory or retrieving a file, while the second means that we
- were denied login.
- The CVS tag 'before_ftp_statemachine' was set just before this went in, in
- case of future need.
- - Gisle made the DICT code send CRLF and not just LF as the spec says so.
- Daniel (8 February 2005)
- - Gisle fixed problems when libcurl runs out of memory, and worked on making
- sure the proper error code is returned for those occations.
- Daniel (7 February 2005)
- - Maruko pointed out a problem with inflate decompressing exactly 64K
- contents.
- Daniel (5 February 2005)
- - Eric Vergnaud found a use of an uninitialised variable in the ftp when doing
- PORT on ipv6-enabled hosts.
- - David Byron pointed out we could use BUFSIZE to read data (in
- lib/transfer.c) instead of using BUFSIZE -1.
- Version 7.13.0 (1 February 2005)
- Daniel (31 January 2005)
- - Added Lars Nilsson's htmltitle.cc example
- Daniel (30 January 2005)
- - Fixed a memory leak when using the multi interface and the DO operation
- failed (as in test case 205).
- - Fixed a valgrind warning for file:// operations.
- - Fixed a valgrind report in the url globbing code for the curl command line
- tool.
- - Bugfixed the parser that scans the valgrind report outputs (in runtests.pl).
- I noticed that it previously didn't detect and report the "Conditional jump
- or move depends on uninitialised value(s)" error. When I fixed this, I
- caught a few curl bugs with it. And then I had to spend time to make the
- test suite IGNORE these errors when OpenSSL is used since it produce massive
- amounts of valgrind warnings (but only of the "Conditional..." kind it
- seems). So, if a test that requires SSL is run, it ignores the
- "Conditional..." errors, and you'll get a "valgrind PARTIAL" output instead
- of "valgrind OK".
- Daniel (29 January 2005)
- - Using the multi interface, and doing a requsted a re-used connection that
- gets closed just after the request has been sent failed and did not re-issue
- a request on a fresh reconnect like the easy interface did. Now it does!
- - Define CURL_MULTIEASY when building libcurl (lib/easy.c to be exact), to use
- my new curl_easy_perform() that uses the multi interface to run the
- request. It is a great testbed for the multi interface and I believe we
- shall do it this way for real in the future when we have a successor to
- curl_multi_fdset(). I've used this approach to detect and fix several of the
- recent multi-interfaces issues.
- - Adjusted the KNOWN_BUGS #17 fix a bit more since the FTP code also did some
- bad assumptions.
- - multi interface: when a request is denied due to "Maximum redirects
- followed" libcurl leaked the last Location: URL.
- - Connect failures with the multi interface was often returned as "connect()
- timed out" even though the reason was different.
- Daniel (28 January 2005)
- - KNOWN_BUGS #17 fixed. A DNS cache entry may not remain locked between two
- curl_easy_perform() invokes. It was previously unlocked at disconnect, which
- could mean that it remained locked between multiple transfers. The DNS cache
- may not live as long as the connection cache does, as they are separate.
- To deal with the lack of DNS (host address) data availability in re-used
- connections, libcurl now keeps a copy of the IP adress as a string, to be
- able to show it even on subsequent requests on the same connection.
- The problem could be made to appear with this stunt:
- 1. create a multi handle
- 2. add an easy handle
- 3. fetch a URL that is persistent (leaves the connection alive)
- 4. remove the easy handle from the multi
- 5. kill the multi handle
- 6. create a multi handle
- 7. add the same easy handle to the new multi handle
- 8. fetch a URL from the same server as before (re-using the connection)
- - Stephen More pointed out that CURLOPT_FTPPORT and the -P option didn't work
- when built ipv6-enabled. I've now made a fix for it. Writing test cases for
- custom port hosts turned too tricky so unfortunately there's none.
- Daniel (25 January 2005)
- - Ian Ford asked about support for the FTP command ACCT, and I discovered it
- is present in RFC959... so now (lib)curl supports it as well. --ftp-account
- and CURLOPT_FTP_ACCOUNT set the account string. (The server may ask for an
- account string after PASS have been sent away. The client responds
- with "ACCT [account string]".) Added test case 228 and 229 to verify the
- functionality. Updated the test FTP server to support ACCT somewhat.
- - David Shaw contributed a fairly complete and detailed autoconf test you can
- use to detect libcurl and setup variables for the protocols the installed
- libcurl supports: docs/libcurl/libcurl.m4
- Daniel (21 January 2005)
- - Major FTP third party transfer overhaul.
- These four options are now obsolete: CURLOPT_SOURCE_HOST,
- CURLOPT_SOURCE_PATH, CURLOPT_SOURCE_PORT (this option didn't work before)
- and CURLOPT_PASV_HOST.
- These two options are added: CURLOPT_SOURCE_URL and CURLOPT_SOURCE_QUOTE.
- The target-side didn't use the proper path with RETR, and thus this only
- worked correctly in the login path (i.e without doing any CWD). The source-
- side still uses a wrong path, but the fix for this will need to wait. Verify
- the flaw by using a source URL with included %XX-codes.
- Made CURLOPT_FTPPORT control weather the target operation should use PORT
- (or not). The other side thus uses passive (PASV) mode.
- Updated the ftp3rdparty.c example source to use the updated options.
- Added support for a second FTP server in the test suite. Named... ftp2.
- Added test cases 230, 231 and 232 as a few first basic tests of very simple
- 3rd party transfers.
- Changed the debug output to include 'target' and 'source' when a 3rd party
- is being made, to make it clearer what commands/responses came on what
- connection.
- Added three new command line options: --3p-url, --3p-user and --3p-quote.
- Documented the command line options and the curl_easy_setopt options related
- to third party transfers.
- (Temporarily) disabled the ability to re-use an existing connection for the
- source connection. This is because it needs to force a new in case the
- source and target is the same host, and the host name check is trickier now
- when the source is identified with a full URL instead of a plain host name
- like before.
- TODO (short-term) for 3rd party transfers: quote support. The options are
- there, we need to add test cases to verify their functionality.
- TODO (long-term) for 3rd party transfers: IPv6 support (EPRT and EPSV etc)
- and SSL/TSL support.
- Daniel (20 January 2005)
- - Philippe Hameau found out that -Q "+[command]" didn't work, although some
- code was written for it. I fixed and added test case 227 to verify it.
- The curl.1 man page didn't mention the '+' so I added it.
- Daniel (19 January 2005)
- - Stephan Bergmann made libcurl return CURLE_URL_MALFORMAT if an FTP URL
- contains %0a or %0d in the user, password or CWD parts. (A future fix would
- include doing it for %00 as well - see KNOWN_BUGS for details.) Test case
- 225 and 226 were added to verify this
- - Stephan Bergmann pointed out two flaws in libcurl built with HTTP disabled:
- 1) the proxy environment variables are still read and used to set HTTP proxy
- 2) you couldn't disable http proxy with CURLOPT_PROXY (since the option was
- disabled). This is important since apps may want to disable HTTP proxy
- without actually knowing if libcurl was built to disable HTTP or not.
- Based on Stephan's patch, both these issues should now be fixed.
- Daniel (18 January 2005)
- - Cody Jones' enhanced version of Samuel Díaz García's MSVC makefile patch was
- applied.
- Daniel (16 January 2005)
- - Alex aka WindEagle pointed out that when doing "curl -v dictionary.com", curl
- assumed this used the DICT protocol. While guessing protocols will remain
- fuzzy, I've now made sure that the host names must start with "[protocol]."
- for them to be a valid guessable name. I also removed "https" as a prefix
- that indicates HTTPS, since we hardly ever see any host names using that.
- Daniel (13 January 2005)
- - Inspired by Martijn Koster's patch and example source at
- http://www.greenhills.co.uk/mak/gentoo/curl-eintr-bug.c, I now made the
- select() and poll() calls properly loop if they return -1 and errno is
- EINTR. glibc docs for this is found here:
- http://www.gnu.org/software/libc/manual/html_node/Interrupted-Primitives.html
- This last link says BSD doesn't have this "effect". Will there be a problem
- if we do this unconditionally?
- Daniel (11 January 2005)
- - Dan Torop cleaned up a few no longer used variables from David Phillips'
- select() overhaul fix.
- - Cyrill Osterwalder posted a detailed analysis about a bug that occurs when
- using a custom Host: header and curl fails to send a request on a re-used
- persistent connection and thus creates a new connection and resends it. It
- then sent two Host: headers. Cyrill's analysis was posted here:
- http://curl.haxx.se/mail/archive-2005-01/0022.html
- - Bruce Mitchener identified (bug report #1099640) the never-ending SOCKS5
- problem with the version byte and the check for bad versions. Bruce has lots
- of clues on this, and based on his suggestion I've now removed the check of
- that byte since it seems to be able to contain 1 or 5.
- Daniel (10 January 2005)
- - Pavel Orehov reported memory problems with the multi interface in bug report
- #1098843. In short, a shared DNS cache was setup for a multi handle and when
- the shared cache was deleted before the individual easy handles, the latter
- cleanups caused read/writes to already freed memory.
- - Hzhijun reported a memory leak in the SSL certificate code, that leaked the
- remote certificate name when it didn't match the used host name.
- Gisle (8 January 2005)
- - Added Makefile.Watcom files (src/lib). Updated Makefile.dist.
- Daniel (7 January 2005)
- - Improved the test script's valgrind log parser to actually work! Also added
- the ability to disable the log scanner for specific test cases. Test case
- 509 results in numerous problems and leaks in OpenSSL and has to get it
- disabled.
- Daniel (6 January 2005)
- - Fixed a single-byte read out of bounds in test case 39 in the curl tool code
- (i.e not in the library).
- - Bug report #1097019 identified a problem when doing -d "data" with -G and
- sending it to two URLs with {}. Added test 199 to verify the fix.
- Daniel (4 January 2005)
- - Marty Kuhrt adjusted a VMS build script slightly
- - Kai Sommerfeld and Gisle Vanem fixed libcurl to build with IPv6 support on
- Win2000.
- Daniel (2 January 2005)
- - Alex Neblett updated the MSVC makefiles slightly.
- Daniel (25 December 2004)
- - Removed src/config.h.in from CVS, it is now copied from the (generated)
- lib/config.h.in instead, as they can very well be the same. This removes a
- "manual hassle". You may want to re-run buildconf now.
- - Werner Koch filed Debian bug report #286794, mentioning that curl contained
- non-free (by Debian's view) source code. This was Angus Mackay's
- src/getpass.c source code. I tried to contact him about it to quickly solve
- this issue, but his email addresses bounce and I got some time "over" and
- reimplemented the functionality once brought by Angus. We no longer use any
- of Angus' original code and the new function is much simpler (IMO). Issue
- solved.
- Daniel (24 December 2004)
- - David Shaw added --protocols to curl-config, so that it now lists all
- protocols libcurl was built to support. --feature no longer lists disabled
- protocols.
- Daniel (23 December 2004)
- - David Shaw fixed the configure --disable-[protocol] variables so that
- curl-config --feature now works correctly!
- Daniel (22 December 2004)
- - Rune Kleveland fixed a minor memory leak for received cookies with the
- (rare) version attribute set.
- - Marcin Konicki provided two configure fixes and a source fix to make curl
- build out-of-the-box on BeOS.
- Daniel (21 December 2004)
- - Added test case 217 that verified CURLINFO_HTTP_CONNECTCODE, and I made the
- -w option support 'http_connect' to make it easier to verify!
- - Fixed lib/select.c include order to build fine on FreeBSD
- - Fixed failf()'s reuse of the va_list variable that crashed on FreeBSD.
- Pointed out by Peter Pentchev.
- Version 7.12.3 (20 December 2004)
- Daniel (19 December 2004)
- - I investigated our PKCS12 build problem on Solaris 2.7 with OpenSSL 0.9.7e,
- and it turned out to be the fault of the zlib 1.1.4 headers doing a typedef
- named 'free_func' and the OpenSSL headers have a prototype that uses
- 'free_func' in one of its arguments. This is why the compile errors out.
- In other words, we need to include the openssl/pkcs12.h header before the
- zlib.h header and it builds fine. The configure script now checks for this
- file and it then gets included early in lib/urldata.h.
- Daniel (18 December 2004)
- - Samuel Listopad added support for PKCS12 formatted certificates.
- - Samuel Listopad fixed -E to support "C:/path" (with forward slash) as well.
- Daniel (16 December 2004)
- - Gisle found and fixed a problem in the directory re-use for FTP.
- I added test case 215 and 216 to better verify the functionality.
- - Dinar in bug report #1086121, found a file handle leak when a multipart
- formpost (including a file upload part) was aborted before the whole file
- was sent.
- Daniel (15 December 2004)
- - Tom Lee found out that globbing of strings with backslashes didn't work as
- you'd expect. Backslashes are such a central part of windows file names that
- forcing backslashes to have to be escaped with backslashes is a bit too
- awkward to users. Starting now, you only need to escape globbing characters
- such as the five letters: "[]{},". Added test case 214 to verify this.
- Daniel (14 December 2004)
- - Harshal Pradhan patched a HTTP persistent connection flaw: if the user name
- and/or password were modified between two requests on a persistent
- connection, the second request were still made with the first setup!
- I added test case 519 to verify the fix.
- Daniel (13 December 2004)
- - Gisle added CURLINFO_SSL_ENGINES to curl_easy_getinfo() to allow an app
- to list all available crypto ENGINES.
- - Gisle fixed bug report #1083542, which pointed out a problem with resuming
- large file (>4GB) file:// transfers on windows.
- Daniel (11 December 2004)
- - Made the test suite HTTP server (sws) capable of using IPv6, and then
- extended the test environment to support that and also added three test
- cases (240, 241, 242) that run tests using IPv6. Test 242 uses a URL that
- didn't work before the 10 dec fix by Kai Sommerfeld.
- - Made a failed file:// resume output an error message
- - Corrected the CURLE_BAD_DOWNLOAD_RESUME error message in lib/strerror.c
- - Dan Fandrich:
- simplified and consolidated the SSL checks in configure and the usage of the
- defines in lib/setup.h
- provided a first libcurl.pc.in file for pkg-config (but the result is not
- installed anywhere at this point)
- extended the cross compile section in the docs/INSTALL file
- Daniel (10 December 2004)
- - When providing user name in the URL and a IPv6-style IP-address (like in
- "ftp://user@[::1]/tmp"), the URL parser didn't get the host extracted
- properly. Reported and fixed by Kai Sommerfeld.
- Daniel (9 December 2004)
- - Ton Voon provided a configure fix that should fix the notorious (mostly
- reported on Solaris) problem where the size_t check fails due to the SSL
- libs being found in a dir not searched through by the run-time linker.
- patch-tracker entry #1081707.
- - Bryan Henderson pointed out in bug report #1081788 that the curl-config
- --vernum output wasn't zero prefixed properly (as claimed in documentation).
- This is fixed in maketgz now.
- Daniel (8 December 2004)
- - Matt Veenstra updated the mach-O framework files for Mac OS X.
- - Rene Bernhardt found and fixed a buffer overrun in the NTLM code, where
- libcurl always and unconditionally overwrote a stack-based array with 3 zero
- bytes. This is not an exploitable buffer overflow. No need to get alarmed.
- Daniel (7 December 2004)
- - Fixed so that the final error message is sent to the verbose info "stream"
- even if no errorbuffer is set.
- Daniel (6 December 2004)
- - Dan Fandrich added the --disable-cookies option to configure to build
- libcurl without cookie support. This is mainly useful if you want to build a
- minimalistic libcurl with no cookies support at all. Like for embedded
- systems or similar.
- - Richard Atterer fixed libcurl's way of dealing with the EPSV
- response. Previously, libcurl would re-resolve the host name with the new
- port number and attempt to connect to that, while it should use the IP from
- the control channel. This bug made it hard to EPSV from an FTP server with
- multiple IP addresses!
- Daniel (3 December 2004)
- - Bug report #1078066: when a chunked transfer was pre-maturely closed exactly
- at a chunk boundary it was not considered an error and thus went unnoticed.
- Fixed by Maurice Barnum.
- Added test case 207 to verify.
- Daniel (2 December 2004)
- - Fixed the CONNECT loop to default timeout to 3600 seconds.
- Added test case 206 that makes CONNECT with Digest.
- Fixed a flaw that prepended "(nil)" to the initial CONNECT rqeuest's user-
- agent field.
- Daniel (30 November 2004)
- - Dan Fandrich's fix for libz 1.1 and "extra field" usage in a gzip stream
- - Dan also helped me with input data to create three more test cases for the
- --compressed option.
- Daniel (29 November 2004)
- - I improved the test suite to enable binary contents in the tests (by proving
- it base64 encoded), like for testing decompress etc. Added test 220 and 221
- for this purpose. Tests can now also depend on libz to run.
- - As reported by Reinout van Schouwen in Mandrake's bug tracker bug 12285
- (http://qa.mandrakesoft.com/show_bug.cgi?id=12285), when connecting to an
- IPv6 host with FTP, --disable-epsv (or --disable-eprt) effectively disables
- the ability to transfer a file. Now, when connected to an FTP server with
- IPv6, these FTP commands can't be disabled even if asked to with the
- available libcurl options.
- Daniel (26 November 2004)
- - As reported in Mandrake's bug tracker bug 12289
- (http://qa.mandrakesoft.com/show_bug.cgi?id=12289), curl would print a
- newline to "finish" the progress meter after each redirect and not only
- after a completed transfer.
- Daniel (25 November 2004)
- - FTP improvements:
- If EPSV, EPRT or LPRT is tried and doesn't work, it will not be retried on
- the same server again even if a following request is made using a persistent
- connection.
- If a second request is made to a server, requesting a file from the same
- directory as the previous request operated on, libcurl will no longer make
- that long series of CWD commands just to end up on the same spot. Note that
- this is only for *exactly* the same dir. There is still room for improvements
- to optimize the CWD-sending when the dirs are only slightly different.
- Added test 210, 211 and 212 to verify these changes. Had to improve the
- test script too and added a new primitive to the test file format.
- Daniel (24 November 2004)
- - Andrés García fixed the configure script to detect select properly when run
- with Msys/Mingw on Windows.
- Daniel (22 November 2004)
- - Made HTTP PUT and POST requests no longer use HEAD when doing multi-pass
- auth negotiation (NTLM, Digest and Negotiate), but instead use the request
- keyword "properly". Details in lib/README.httpauth. This also introduces
- CURLOPT_IOCTLFUNCTION and CURLOPT_IOCTLDATA, to be used by apps that use the
- "any" auth alternative as then libcurl may need to send the PUT/POST data
- more than once and thus may need to ask the app to "rewind" the read data
- stream to start.
- See also the new example using this: docs/examples/anyauthput.c
- - David Phillips enhanced test 518. I made it depend on a "feature" so that
- systems without getrlimit() won't attempt to test 518. configure now checks
- for getrlimit() and setrlimit() for this test case.
- Daniel (18 November 2004)
- - David Phillips fixed libcurl to not crash anymore when more than FD_SETSIZE
- file descriptors are in use. Test case 518 added to verify.
- Daniel (15 November 2004)
- - To test my fix for the CURLINFO_REDIRECT_TIME bug, I added time_redirect and
- num_redirects support to the -w writeout option for the command line tool.
- - Wojciech Zwiefka found out that CURLINFO_REDIRECT_TIME didn't work as
- documented.
- Daniel (12 November 2004)
- - Gisle Vanem modigied the MSVC and Netware makefiles to build without
- libcurl.def
- - Dan Fandrich added the --disable-crypto-auth option to configure to allow
- libcurl to build without Digest support. (I figure it should also explicitly
- disable Negotiate and NTLM.)
- - *** Modified Behaviour Alert ***
- Setting CURLOPT_POSTFIELDS to NULL will no longer do a GET.
- Setting CURLOPT_POSTFIELDS to "" will send a zero byte POST and setting
- CURLOPT_POSTFIELDS to NULL and CURLOPT_POSTFIELDSIZE to zero will also make
- a zero byte POST. Added test case 515 to verify this.
- Setting CURLOPT_HTTPPOST to NULL makes a zero byte post. Added test case 516
- to verify this.
- CURLOPT_POSTFIELDSIZE must now be set to -1 to signal "we don't know".
- Setting it to zero simply says this is a zero byte POST.
- When providing POST data with a read callback, setting the size up front
- is now made with CURLOPT_POSTFIELDSIZE and not with CURLOPT_INFILESIZE.
- Daniel (11 November 2004)
- - Dan Fandrich added --disable-verbose to the configure script to allow builds
- without verbose strings in the code, to save some 12KB space. Makes sense
- only for systems with very little memory resources.
- - Jeff Phillips found out that a date string with a year beyond 2038 could
- crash the new date parser on systems with 32bit time_t. We now check for
- this case and deal with it.
- Daniel (10 November 2004)
- - I installed Heimdal on my Debian box (using the debian package) and noticed
- that configure --with-gssapi failed to create a nice build. Fixed now.
- Daniel (9 November 2004)
- - Gisle Vanem marked all external function calls with CURL_EXTERN so that now
- the Windows, Netware and other builds no longer need libcurl.def or similar
- files.
- Daniel (8 November 2004)
- - Made the configure script check for tld.h if libidn was detected, since
- libidn 0.3.X didn't have such a header and we don't work with anything
- before libidn 0.4.1 anyway! Suse 9.1 apparently ships with a 0.3.X version
- of libidn which makes the curl 7.12.2 build fail. Jean-Philippe
- Barrette-LaPierre helped pointing this out.
- - Ian Gulliver reported in debian bug report #278691: if curl is invoked in an
- environment where stderr is closed the -v output will still be sent to file
- descriptor 2 which then might be the network socket handle! Now we have a
- weird hack instead that attempts to make sure that file descriptor 2 is
- opened (with a call to pipe()) before libcurl is called to do the transfer.
- configure now checks for pipe() and systems without pipe don't get the weird
- hack done.
- Daniel (5 November 2004)
- - Tim Sneddon made libcurl send no more than 64K in a single first chunk when
- doing a huge POST on VMS, as this is a system limitation. Default on general
- systems is 100K.
- Daniel (4 November 2004)
- - Andres Garcia made it build on mingw againa, my --retry code broke the build.
- Daniel (2 November 2004)
- - Added --retry-max-time that allows a maximum time that may not have been
- reached for a retry to be made. If not set there is no maximum time, only
- the amount of retries set with --retry.
- - Paul Nolan provided a patch to make libcurl build nicely on Windows CE.
- Daniel (1 November 2004)
- - When cross-compiling, the configure script no longer attempts to use
- pkg-config on the build host in order to detect OpenSSL compiler options.
- Daniel (27 October 2004)
- - Dan Fandrich:
- An improvement to the gzip handling of libcurl. There were two problems with
- the old version: it was possible for a malicious gzip file to cause libcurl
- to leak memory, as a buffer was malloced to hold the header and never freed
- if the header ended with no file contents. The second problem is that the
- 64 KiB decompression buffer was allocated on the stack, which caused
- unexpectedly high stack usage and overflowed the stack on some systems
- (someone complained about that in the mailing list about a year ago).
- Both problems are fixed by this patch. The first one is fixed when a recent
- (1.2) version of zlib is used, as it takes care of gzip header parsing
- itself. A check for the version number is done at run-time and libcurl uses
- that feature if it's present. I've created a define OLD_ZLIB_SUPPORT that
- can be commented out to save some code space if libcurl is guaranteed to be
- using a 1.2 version of zlib.
- The second problem is solved by dynamically allocating the memory buffer
- instead of storing it on the stack. The allocation/free is done for every
- incoming packet, which is suboptimal, but should be dwarfed by the actual
- decompression computation.
- I've also factored out some common code between deflate and gzip to reduce
- the code footprint somewhat. I've tested the gzip code on a few test files
- and I tried deflate using the freshmeat.net server, and it all looks OK. I
- didn't try running it with valgrind, however.
- - Added a --retry option to curl that takes a numerical option for the number
- of times the operation should be retried. It is retried if a transient error
- is detected or if a timeout occurred. By default, it will first wait one
- second between the retries and then double the delay time between each retry
- until the delay time is ten minutes which then will be the delay time
- between all forthcoming retries. You can set a static delay time with
- "--retry-delay [num]" where [num] is the number of seconds to wait between
- each retry.
- Daniel (25 October 2004)
- - Tomas Pospisek filed bug report #1053287 that proved -C - and --fail on a
- file that was already completely downloaded caused an error, while it
- doesn't if you don't use --fail! I added test case 194 to verify the fix.
- Grrr. CURLOPT_FAILONERROR is now added to the list stuff to remove in
- libcurl v8 due to all the kludges needed to support it.
- - Mohun Biswas found out that formposting a zero-byte file didn't work very
- good. I fixed.
- Daniel (19 October 2004)
- - Alexander Krasnostavsky made it possible to make FTP 3rd party transfers
- with both source and destination being the same host. It can be useful if
- you want to move a file on a server or similar.
- - Guillaume Arluison added CURLINFO_NUM_CONNECTS to allow an app to figure
- out how many new connects a previous transfer required.
- I added %{num_connects} to the curl tool and added test case 192 and 193
- to verify the new code.
- Daniel (18 October 2004)
- - Peter Wullinger pointed out that curl should call setlocale() properly to
- initiate the specific language operations, to make the IDN stuff work
- better.
- Version 7.12.2 (18 October 2004)
- Daniel (16 October 2004)
- - Alexander Krasnostavsky made the CURLOPT_FTP_CREATE_MISSING_DIRS option work
- fine even for third party transfers.
- - runekl at opoint.com found out (and provided a fix) that libcurl leaked
- memory for cookies with the "max-age" field set.
- Gisle (16 October 2004)
- - Issue 50 in TODO-RELEASE; Added Traian Nicolescu's patches for threaded
- resolver on Windows. Plugged some potential handle and memory leaks.
- Daniel (14 October 2004)
- - Eric Vergnaud pointed out that libcurl didn't treat ?-letters in the user
- name and password fields properly in URLs, like
- ftp://us?er:pass?word@site.com/. Added test 191 to verify the fix.
- Daniel (11 October 2004)
- - libcurl now uses SO_NOSIGPIPE for systems that support it (Mac OS X 10.2 or
- later is one) to inhibit the SIGPIPE signal when writing to a socket while
- the peer dies. The same effect is provide by the MSG_NOSIGNAL parameter to
- send() on other systems. Alan Pinstein verified the fix.
- Daniel (10 October 2004)
- - Systems with 64bit longs no longer use strtoll() or our strtoll- replacement
- to parse 64 bit numbers. strtol() works fine. Added a configure check to
- detect if [constant]LL works and if so, use that in the strtoll replacement
- code to work around compiler warnings reported by Andy Cedilnik.
- Gisle (6 October 2004)
- - For USE_LIBIDN builds: Added Top-Level-Domain (TLD) check of host-name
- used in fix_hostname(). Checks if characters in 'host->name' (indirectly
- via 'ace_hostname') are legal according to the TLD tables in libidn.
- Daniel (6 October 2004)
- - Chih-Chung Chang reported that if you use CURLOPT_RESUME_FROM and enabled
- CURLOPT_FOLLOWLOCATION, libcurl reported error if a redirect happened even
- if the new URL would provide the resumed file. Test case 188 added to verify
- the fix (together with existing test 99).
- - Dan Fandrich fixed a configure flaw for systems that need both nsl and socket
- libs to use gethostbyname().
- - Removed tabs and trailing whitespace from lots of source files.
- Daniel (5 October 2004)
- - Made configure --with-libidn=PATH try the given PATH before the default
- paths to make it possible to override.
- - If idna_strerror() is present in libidn, we can use that instead of our
- internal replacement. This function was added by Simon in libidn 0.5.6 and
- is detected by configure.
- - It seems basename() on IRIX is in the libgen library and since we don't use
- that, configure finds libgen.h but not basename and then we get a compiler
- error because our basename() replacement doesn't match the proto in
- libgen.h. Starting now, we don't include the file if basename wasn't found
- as well.
- Daniel (4 October 2004)
- - Chris found a race condition resulting in CURLE_COULDNT_RESOLVE_HOST and
- potential crash, in the windows threaded name resolver code.
- Daniel (3 October 2004)
- - Replaced the use of isspace() in cookie.c with our own version instead since
- we have most data as 'char *' and that makes us pass in negative values if
- there is 8bit data in the string. Changing to unsigned causes too much
- warnings or too many required typecasts to the normal string functions.
- Harshal Pradhan identified this problem.
- Daniel (2 October 2004)
- - Bertrand Demiddelaer found a case where libcurl could read already freed
- data when CURLOPT_VERBOSE is used and a (very) persistent connection. It
- happened when the dns cache entry for the connection was pruned while the
- connection was still alive and then again re-used. We worked together on
- this fix.
- - Gisle Vanem provided code that displays an error message when the (libidn
- based) IDN conversion fails. This is really due to a missing suitable
- function in the libidn API that I hope we can remove once libidn gets a
- function like this.
- Daniel (1 October 2004)
- - Aleksandar Milivojevic reported a problem in the Redhat bugzilla (see
- https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=134133) and not to
- anyone involved in the curl project! This happens when you try to curl a
- file from a proftpd site using SSL. It seems proftpd sends a somewhat
- unorthodox response code (232 instead of 230). I relaxed the response code
- check to deal with this and similar cases.
- - Based on Fedor Karpelevitch's formpost path basename patch, file parts in
- formposts no longer include the path part. If you _really_ want them, you
- must provide your preferred full file name with CURLFORM_FILENAME.
- Added detection for libgen.h and basename() to configure. My custom
- basename() replacement function for systems without it, might be a bit too
- naive...
- Updated 6 test cases to make them work with the stripped paths.
- Daniel (30 September 2004)
- - Larry Campbell added CURLINFO_OS_ERRNO to curl_easy_getinfo() that allows an
- app to retrieve the errno variable after a (connect) failure. It will make
- sense to provide this for more failures in a more generic way, but let's
- start like this.
- - Günter Knauf and Casey O'Donnell worked out an extra #if condition for the
- curl/multi.h header to work better in winsock-using apps.
- - Jean-Philippe Barrette-LaPierre made buildconf run better on Mac OS X by
- properly using glibtoolize instead of plain libtoolize. (This is made if
- glibtool was found and used instead of plain libtool.)
- Daniel (29 September 2004)
- - Bertrand Demiddelaer fixed curl_easy_reset() so that it doesn't mistakingly
- enable the progress meter.
- Daniel (28 September 2004)
- - "Mekonikum" found out that if you built curl without SSL support, although
- your current SSL installation supports Engine, the compile fails.
- Daniel (27 September 2004)
- - When --with-ssl=PATH is used to the configure script, it no longer uses
- pkg-config to figure out extra details. That is now only done if no PATH is
- included or if SSL is checked for by default without the --with-ssl option.
- Daniel (25 September 2004)
- - Peter Sylvester pointed out that CURLOPT_SSLENGINE couldn't even be set to
- NULL when no engine was supported. It can now.
- Daniel (22 September 2004)
- - Dan Fandrich fixed three test cases to no longer use "localhost" but instead
- use "127.0.0.1" to avoid requiring that localhost resolves nicely.
- - Jean-Claude Chauve fixed an LDAP crash when more than one record was
- retrieved.
- Daniel (19 September 2004)
- - Andreas Rieke pointed out that when attempting to connect to a host without
- a service on the specified port, curl_easy_perform() didn't properly provide
- an error message in the CURLOPT_ERRORBUFFER buffer.
- Daniel (16 September 2004)
- - Daniel at touchtunes uses the FTP+SSL server "BSDFTPD-SSL from
- http://bsdftpd-ssl.sc.ru/" which accordingly doesn't properly work with curl
- when "AUTH SSL" is issued (although the server responds fine and everything)
- but requires that curl issues "AUTH TLS" instead. See
- http://curl.haxx.se/feedback/display.cgi?id=10951944937603&support=yes
- Introducing CURLOPT_FTPSSLAUTH that allows the application to select which
- of the AUTH strings to attempt first.
- - Anonymous filed bug report #1029478 which identified a bug when you 1) used
- a URL without properly seperating the host name and the parameters with a
- slash. 2) the URL had parameters to the right of a ? that contains a slash
- 3) curl was told to follow Location:s 4) the request got a response that
- contained a Location: to redirect to "/dir". curl then appended the new path
- on the wrong position of the original URL.
- Test case 187 was added to verify that this was fixed properly.
- Daniel (11 September 2004)
- - Added parsedate.c that contains a rewrite of the date parser currently
- provided by getdate.y. The new one is MUCH smaller and will allow us to run
- away from the yacc/bison jungle. It is also slightly lacking in features
- compared to the old one, but it supports parsing of all date formats HTTP
- involves (and a fair bunch of others).
- Daniel (10 September 2004)
- - As found out by Jonas Forsman, curl didn't allow -F to set Content-Type on
- text-parts. Starting now, we can do -F "name=daniel;type=text/extra". Added
- test case 186 to verify.
- - Bug report #1025986. When following a Location: with a custom Host: header
- replacement, curl only replaced the Host: header on the initial request
- and didn't replace it on the following ones. This resulted in requests with
- two Host: headers.
- Now, curl checks if the location is on the same host as the initial request
- and then continues to replace the Host: header. And when it moves to another
- host, it doesn't replace the Host: header but it also doesn't make the
- second Host: header get used in the request.
- This change is verified by the two new test cases 184 and 185.
- Daniel (8 September 2004)
- - Modified the test suite to be able to use and run with customized port
- numbers. This was always intended but never before possible. Now a simple
- change in the runtests.pl script can make all tests use different ports.
- The default ports in use from now on are 8990 to 8993.
- Daniel (2 September 2004)
- - Minor modification of an SSL-related error message.
- Daniel (31 August 2004)
- - David Tarendash found out that curl_multi_add_handle() returned
- CURLM_CALL_MULTI_PERFORM instead of CURLM_OK.
- Daniel (30 August 2004)
- - Make "Proxy-Connection: close" close the current proxy connection, as Roman
- Koifman found out.
- Daniel (24 August 2004)
- - Fixed a getdate problem by post-replacing the getdate.c file after the
- bison/yacc process to add the fix Harshal Pradhan suggested. The problem
- caused a crash on Windows when parsing some dates.
- Daniel (23 August 2004)
- - Roman Koifman pointed out that libcurl send Expect: 100-continue on POSTs
- even when told to use HTTP 1.0, which is not correct. Test case 180 and
- 181 verify this.
- - Added test case 182 to verify that zero byte transfers call the callback
- properly.
- Daniel (20 August 2004)
- - Alexander Krasnostavsky made the write callback get called even when a zero
- byte file is downloaded.
- Daniel (18 August 2004)
- - Ling Thio pointed out that when libcurl is built ipv6-enabled, it still did
- reverse DNS lookups when fed with a numerical IP-address (like
- http://127.0.0.1/), although it doesn't when built ipv6-disabled. libcurl
- should never do reverse lookups.
- Daniel (17 August 2004)
- - Kjetil Jacobsen noticed that when transferring a file:// URL pointing to an
- empty file, libcurl would return with the file still open.
- - Alexander Krasnostavsky pointed out that the configure script needs to define
- _THREAD_SAFE for AIX systems to make libcurl built really thread-safe.
- Also added a check for the xlc compiler on AIX, and if that is detect we use
- the -qthreaded compiler option
- Daniel (16 August 2004)
- - libcurl now allows a custom "Accept-Encoding:" header override the
- internally set one that gets set with CURLOPT_ENCODING. Pointed out by Alex.
- - Roland Krikava found and fixed a cookie problem when using a proxy (the
- path matching was wrong). I added test case 179 to verify that we now do
- right.
- Daniel (15 August 2004)
- - Casey O'Donnell fixed some MSVC makefile targets to link properly.
- Daniel (11 August 2004)
- - configure now defines _XOPEN_SOURCE to 500 on systems that need it to build
- warning-free (the only known one so far is non-gcc builds on 64bit SGI
- IRIX). (Reverted this change later as it caused compiler errors.)
- - the FTP code now includes the server response in the error message when the
- server gives back a 530 after the password is provided, as it isn't
- necessary because of a bad user name or password.
- Version 7.12.1 (10 August 2004)
- Daniel (10 August 2004)
- - In OpenSSL 0.9.7d and earlier, ASN1_STRING_to_UTF8 fails if the input is
- already UTF-8 encoded. This made the certificate verification fail if the
- remote server used a certificate with the name UTF-8 encoded.
- Work-around brought by Alexis S. L. Carvalho.
- Daniel (9 August 2004)
- - I fixed the configure script for krb4 to use -lcom_err as well, as I started
- to get link problems with it unless I did that on my Solaris 2.7 box. I
- don't understand why I started to get problems with this now!
- Daniel (5 August 2004)
- - Enrico Scholz fixed the HTTP-Negotiate service name to be uppercase as
- reported in bug report #1004105
- Daniel (4 August 2004)
- - Gisle Vanem provided a fix for the multi interface and connecting to a host
- using multiple IP (bad) addresses.
- - Dylan Salisbury made libcurl no longer accept cookies set to a TLD only (it
- previously allowed that on the seven three-letter domains).
- Daniel (31 July 2004)
- - Joel Chen reported that the digest code assumed quotes around the contents a
- bit too much.
- Daniel (28 July 2004)
- - Bertrand Demiddelaer fixed the host name to get setup properly even when a
- connection is re-used, when a proxy is in use. Previously the wrong Host:
- header could get sent when re-using a proxy connection to a different target
- host.
- - Fixed Brian Akins' reported problems with duplicate Host: headers on re-used
- connections. If you attempted to replace the Host: header in the second
- request, you got two such headers!
- - src/Makefile.am now includes the Makefile.inc file to get info about files
- Daniel (26 July 2004)
- - Made "curl [URL] -o name#2" work as expected. If there's no globbing for the
- #-number, it will simply be used as #2 in the file name.
- - Bertrand Demiddelaer fixed testing with valgrind 2.1.x and added two missing
- newlines in the cookie informationals.
- Daniel (24 July 2004)
- - I fixed the autobuilds with ares, since they now need to have buildconf run
- in the ares dir before the configure script is run.
- - Added Casey O'Donnell's curl_easy_reset() function. It has a proto in
- curl/curl.h but we have no man page yet.
- Daniel (20 July 2004)
- - Added buildconf and buildconf.bat to the release archives, since they are
- handy for rebuilding curl when using a daily snapshot (and not a pure CVS
- checkout).
- Daniel (16 July 2004)
- - As suggested by Toby Peterson, libcurl now ignores Content-Length data if the
- given size is a negative number. Test case 178 verifies this.
- Daniel (14 July 2004)
- - Günter Knauf has made the Netware builds do without the config-netware.h
- files, so they are now removed from the dist packages.
- - Günter Knauf made curl and libcurl build with Borland again.
- - Andres Garcia fixed the common test 505 failures on windows.
- Daniel (6 July 2004)
- - Andrés García found out why the windows tests failed on file:// "uploads".
- Daniel (2 July 2004)
- - Andrés García reported a curl_share_cleanup() crash that occurs when no
- lock/unlock callbacks have been set and the share is cleaned up.
- Daniel (1 July 2004)
- - When using curl --trace or --trace-ascii, no trace messages that were sent
- by curl_easy_cleanup() were included in the trace file. This made the
- message "Closing connection #0" never appear in trace dumps.
- Daniel (30 June 2004)
- - Niels van Tongeren found that setting CURLOPT_NOBODY to TRUE doesn't disable
- a previously set POST request, making a very odd request get sent (unless
- you disabled the POST) a HEAD request with a POST request-body. I've now
- made CURLOPT_NOBODY enforce a proper HEAD. Added test case 514 for this.
- Daniel (29 June 2004)
- - Günter Knauf made the testcurl.pl script capable of using a custom setup
- file to easier run multiple autobuilds on the same source tree.
- - Gisle fixed the djgpp build and fixed a memory problem in some of the
- reorged name resolved code.
- - Fixed code to allow connects done using the multi interface to attempt the
- next IP when connecting to a host that resolves to multiple IPs and a
- connect attempt fails.
- Daniel (27 June 2004)
- - Based on Rob Stanzel's bug report #979480, I wrote a configure check that
- checks if poll() can be used to wait on NULL as otherwise select() should be
- used to do it. The select() usage was also fixed according to his report.
- Mac OS X 10.3 says "poll() functionality for Mac OS X is implemented via an
- emulation layer on top of select(), not in the kernel directly. It is
- recommended that programs running under OS X 10.3 prefer select() over
- poll(). Configure scripts should look for the _POLL_EMUL_H_ define (instead
- of _POLL_H_ or _SYS_POLL_H_) and avoid implementations where poll is not
- implemented in the kernel."
- Yes, we can probably use select() on most platforms but today I prefered to
- leave the code unaltered.
- Daniel (24 June 2004)
- - The standard curl_version() string now only includes version info about
- involved libraries and not about particular features. Thus it will no longer
- include info about ipv6 nor GSS. That info is of course still available in
- the feature bitmask curl_version_info() offers.
- - Replaced all occurances of sprintf() with snprintf(). This is mostly because
- it is "A Good Thing" rather than actually fixing any known problem. This
- will help preventing future possible mistakes to cause buffer overflows.
- - Major reorganization in the host resolve code (again). This time, I've
- modified the code to now always use a linked list of Curl_addrinfo structs
- to return resolved info in, no matter what resolver method or support that
- is available on the platform. It makes it a lot easier to write code that
- uses or depends on resolved data.
- Internally, this means amongst other things that we can stop doing the weird
- "increase buffer size until it works" trick when resolving hosts on
- ipv4-only with gethostbyname_r(), we support socks even on libcurls built
- with ipv6 enabled (but only to socks servers that resolve to an ipv4
- address) and we no longer deep-copy or relocate hostent structs (we create
- Curl_addrinfo chains instead).
- The new "hostent to Curl_addrinfo" converter function is named Curl_he2ai()
- and is slightly naive and simple, yet I believe it is functional enough to
- work for libcurl.
- Daniel (22 June 2004)
- - David Cohen pointed out that RFC2109 says clients should allow cookies to
- contain least 4096 bytes while libcurl only allowed 2047. I raised the limit
- to 4999 now and made the used buffer get malloc()ed instead of simply
- allocated on stack as before. Extended test case 46 to include a cookie with
- very huge content to verify the fix.
- - Günter Knauf fixed getdate.y to remove a few warnings. I removed the
- ifdef'ed test we never ever use anyway.
- - Gisle Vanem fixed the certificate wildcard checks to support a '*'-letter
- anywhere in the wildcard string, support multiple '*'-letters in the
- wildcard and to allow the '*'-letter to match a string that includes a dot.
- Daniel (21 June 2004)
- - testcurl.sh is now removed completely, tests/testcurl.pl is the script to
- use when autobuilding curl!
- - Kjetil Jacobsen brought my attention to the fact that you cannot properly
- abort an upload with the readfunction callback, since returning 0 or -1 only
- stops the upload and libcurl will continue waiting for downloaded data and
- the server often waits for the rest of the upload data to arrive.
- Thus, I've now added the ability for read callbacks to return
- CURL_READFUNC_ABORT to abort an upload from a read callback. This will stop
- the transfer immediately with a CURLE_ABORTED_BY_CALLBACK return code.
- Test case 513 was added to verify that it works. I had to improve the test
- HTTP server too to dump the request to a file even when the client
- disconnects prematurely.
- Daniel (19 June 2004)
- - Luca Alteas provided a test case with a failing curl operation: when we POST
- to a site with --digest (or similar) set, and the server responded with a 302
- Location: to the "authprobe" request, it was not treated correctly. We still
- will behave badly if FOLLOWLOCATION is enabled for this case, but I'm not
- in the mood to dive into this right now and will leave it as-is for now.
- Verified my fix with test case 177.
- Daniel (18 June 2004)
- - Gisle Vanem's patch that provides more details from the SSL layers (if you
- use an OpenSSL version that supports it). It also introduces two new types
- of data that can be sent to the debug callback: CURLINFO_SSL_DATA_IN and
- CURLINFO_SSL_DATA_OUT.
- - With David Byron's test server I could repeat his problem and make sure that
- POSTing over HTTPS:// with NTLM works fine now. There was a general problem
- with multi-pass authentication with non-GET operations with CONNECT.
- Daniel (16 June 2004)
- - Modified to keep the upload byte counter in an curl_off_t, not an int as
- before. 32bits is not enough. This is most likely the bug Jean-Louis Lemaire
- reported that makes 2GB FTP uploads to report error ("unaligned file sizes")
- when completed.
- Daniel (15 June 2004)
- - Luca Alteas reported a problem that I fixed: if you did a POST with
- CURLAUTH_DIGEST set but the server didn't require any authentication,
- libcurl would repeatedly send HEAD lots of times until it gives up. This was
- actually the case for all multi-pass authentications. Added test case 174,
- 175 and 176 to verify this.
- Daniel (14 June 2004)
- - Multipart formposts uploading files no longer inserts the files themselves
- into the huge prebuilt chunk. This enables libcurl to formpost files that is
- larger than the amount of system memory. When the file given is passed on
- stdin, libcurl still uses the old method of reading the full fill before the
- upload takes place. This approach was selected in order to not alter the
- behavior for existing applications, as when using stdin libcurl can't know
- the size of the upload and chunked transfer-encoding can only be used on
- HTTP 1.1 servers.
- Daniel (13 June 2004)
- - Gisle found out that we did wildcard cert name checks wrong, so that parts
- of the check wrongly was case sensitive.
- Daniel (11 June 2004)
- - Tim Sneddon brought a minor VMS fix to make curl build properly on his VMS
- machine. He also had some interesting libcurl patches... they might be able
- to do in a slightly nicer way. Discussions are in progress.
- Daniel (10 June 2004)
- - Gisle Vanem brought code cleanupsm better verbose output and better connect
- timeout handling when attempting to connect to a host that resolves to
- multiple IP addresses.
- - Steven Bazyl and Seshubabu Pasam pointed out a bug on win32 when freeing the
- path after a file:// transfer.
- Daniel (9 June 2004)
- - Alexander Krasnostavsky made 'configure --disable-http' work to build libcurl
- without HTTP support. I added a new return code for curl_formadd() in case
- libcurl is built with HTTP disable: CURL_FORMADD_DISABLED.
- - Alexander Krasnostavsky pointed out a missing file in the generated
- curllib.dsp file, and now people building with this should get a libcurl.lib
- file generated as it used to do before we generated this file.
- Daniel (8 June 2004)
- - Marty Kuhrt fixed a minor build problem for VMS.
- Daniel (7 June 2004)
- - Reverted the configure check from the 4th since it obviously didn't work.
- Remade it in a different manner that hopefully works better.
- Daniel (4 June 2004)
- - Günter Knauf brought patches to make curl build fine on NetWare again.
- - Made the configure checks for strerror_r() not exit the configure script
- when built for cross-compiling.
- Daniel (3 June 2004)
- - Chris Gaukroger pointed out that 'make test' attempts to run the tests even
- if curl is built cross-compiled. I've now made it output a short message
- instead, saying it isn't possible to do.
- - Alexander Krasnostavsky brought FTP 3rd party transfer support to libcurl.
- You can now use libcurl to transfer files between two remote hosts using
- FTP. There are a bunch of new options to control this with:
- CURLOPT_SOURCE_HOST
- CURLOPT_SOURCE_USERPWD
- CURLOPT_SOURCE_PATH
- CURLOPT_SOURCE_PORT
- CURLOPT_PASV_HOST
- CURLOPT_SOURCE_PREQUOTE
- CURLOPT_SOURCE_POSTQUOTE
- (They still remain to be documented properly in the curl_easy_setopt man
- page.)
- When using this, the ordinary CURLOPT_URL specifies the target URL, and you
- specify the source data with these additional options. ftp3rdparty.c is a
- new example source code showing how to use this.
- - Vincent Bronner fixed the HTTP Digest code to use the proxy user name and
- password when doing proxy authentication, it previously always used the host
- user name and password!
- Daniel (2 June 2004)
- - CURLOPT_UPLOAD and CURLOPT_PUT now do the exact same thing internally, which
- fixes some old confusions on when which of these should be used and what the
- differences are.
- - Applied Gisle's fixes to make curl build fine with lcc-win32
- Version 7.12.0 (2 June 2004)
- Daniel (1 June 2004)
- - I clarified the --create-dirs option somewhat in the curl man page.
- - Renaud Duhaut corrected the curl_unescape man page.
- - David Byron modified one of Massimiliano Ziccardi's recent MSVC makefile
- changes to now again use the mm lib by default.
- Daniel (26 May 2004)
- - Mohun Biswas added release-zlib and debug-zlib targets to the MSVC libcurl
- Makefile
- - David Byron reported a problem with proxy authentication when doing CONNECT,
- like when accessing HTTPS sites wiht a proxy. This probably broke when I
- rewrote the auth stuff recently.
- - I added fileupload.c in the examples directory, showing how an upload to a
- file:// URL is made.
- Daniel (25 May 2004)
- - Massimiliano Ziccardi updated the MSVC makefiles.
- Daniel (24 May 2004)
- - libcurl now supports "uploading" to file:// URLs. Test 204 and 205 were
- added to verify.
- - Simon Josefsson added a idn_free() function in libidn 0.4.5 as a reaction to
- Gisle's previous mail. We now use this function, and thus we require libidn
- 0.4.5 or later. No earlier version will do.
- - Robert D. Young reported that CURLOPT_COOKIEFILE and CURLOPT_COOKIE could
- not be used both in one request. Fixed it and added test case 172 to verify.
- Daniel (21 May 2004)
- - While talking to host a.b.c, libcurl did wrongly not accept cookies that
- were set to the domain .a.b.c (that is with a dot prefix). This is now fixed
- and test case 171 verifies it.
- Daniel (20 May 2004)
- - Jesse Noller reported that the upload speed info reported by libcurl was
- wrong. The same was true for the download speed. Fixed now.
- Daniel (19 May 2004)
- - David Byron added test case 170 - this used to crash the previous version of
- curl.
- Daniel (17 May 2004)
- - Peter Sylvester's patch that addresses two flaws in the peer certificate
- name verification:
- o when multiple common names are used (as in the curl tests), the last name
- needs to be selected.
- o allow comparing with encoded values, at least with BMP and ISO latin1
- encoded T61strings.
- - All 191 test cases run through the torture test OK! 'make test-torture' is
- now available in the root makefile (on configure-based environments).
- Daniel (14 May 2004)
- - With a slightly modified ftpserver.pl I've now run almost all tests through
- with runtests.pl -t. This is goodness!
- - Since I have been unable to contact the CVS admins for several months, I've
- decided that the current CVS hosting was not good enough. I've now moved the
- CVS repo once again, see README for updated cvs checkout instructions.
- Daniel (13 May 2004)
- - runtests.pl -t now runs fine all the way to test 100. I believe test case
- 100 fails because of an FTP server problem.
- Daniel (12 May 2004)
- - General cleanups all over to make libcurl survive and do well when a memory
- function returns NULL. runtests.pl -t now works fine for the first 26 test
- cases.
- Daniel (11 May 2004)
- - Seshubabu Pasam provided a patch that introduces curl_global_init_mem() -
- like normal curl_global_init() but allows the app to replace all memory
- functions with its own set. I modified it slightly.
- - Based on Luca Alteas' comments, I modified the curllib.dsp generation code.
- Daniel (10 May 2004)
- - Gisle mailed Simon Josefsson (of libidn fame) about the benefits of a
- separate free()-function by that lib to make sure the memory is freed by the
- same memory subsystem that allocated it. He responded positively and this
- will likely cause us to require a newer version of libidn as soon as Simon
- releases one with such a libidn_free() function.
- - James Bursa made runtests.pl's -t option work for any given test case, and I
- edited to allow -g too. Not even test case 1 worked...
- - Luca Altea made the nc= field not use quotes in outgoing HTTP Digest headers.
- - Andrés García fixed a problem in the test script that made it fail to
- recognize our own running HTTP server.
- Daniel (7 May 2004)
- - James Bursa fixed the memanalyze.pl script to conder malloc(0) areas OK to
- free() and he made two failed-resolve error messages use the new display-
- name instead of the internally-used name.
- - Gisle Vanem tried curl with
- www.etdomenenavnkanmaksimaltinneholdesekstitrebokstaversliksomdette.com
- which caused problems, and I fixed the single zero byte buffer overwrite
- that occurred (due to a stupid protocol buffer size and parser).
- - Made the lib/curllib.dsp file get generated automaticly when a distribution
- package is made, with the msvcproj.* files as templates and all
- win32-sources added. I think this can be made to work better than the always
- lagging-behind previous approach. I'm not sure this builds a working project
- file right now though!
- Daniel (6 May 2004)
- - Michael Benedict brought a fix that fills in the errorbuffer properly when
- ares fails to resolve a name for a case not previously dealt with like this.
- Daniel (5 May 2004)
- - Joe Halpin fixed the annoying typecast warning in lib/ldap.c
- - Gisle Vanem fixes:
- o memdebug to not access NULL on several places
- o libcurl.def; curl_formparse is gone.
- o progress.c; fixed the percent values being trunced to 0.
- o if2ip.*; constified the 'interface' argument.
- - Tor Arntsen reported that many of his autobuilds froze and I found and fixed
- a problem introduced with the HTTP auth overhaul that could lead to a
- never-ending internal request-loop due to un-initialized variables!
- - Removed several compiler warnings on various compilers/platforms.
- Daniel (4 May 2004)
- - curl_formparse() has been removed from the library. It has been marked and
- mentioned as deprecated for several years.
- Daniel (3 May 2004)
- - Rewritten HTTP authentication code. The previous code could not properly
- deal with the added test cases 167, 168 and 169. I've now rewritten the code
- to better separate host and proxy authentication and not re-use the same
- variables as much as before as it proved non working in the more involved
- cases. All the current tests run OK now, and so do the new ones. The curl
- tool got a new option named --proxy-digest to enable HTTP Digest
- authentication with the proxy. I also made the library support it.
- - Gisle Vanem made the LDAP code work with wldap32.dll as supplied with
- Win-98/ME/2000/XP, so no extra .dlls are required when curl/libcurl is used
- on these Windows versions.
- Daniel (30 April 2004)
- - runtests.pl now scans the valgrind log for valgrind-detected memory leaks
- after each test case if valgrind was found and used.
- - I modified the app-code in curl to include the new lib/curlx.h and only
- access those functions using the curlx_-prefix in preparation for the future
- removal of several curl_-functions from the public libcurl API.
- - Introduced lib/curlx.h as a single header to provide the curlx_-functions
- to apps.
- - Added notices in the man pages for curl_getenv, curl_mprintf, curl_strequal
- and curl_strnequal that they are subject for removal in a future release.
- STOP USING THESE FUNCTIONS.
- - Mihai Ionescu noticed he couldn't do formposts with whitespace in the file
- names and yes, I broke that on April 23. Sigh. I fixed it now and added
- test case 166 to verify it.
- - Luca Altea pointed out a mistake left from the Digest patch of yesterday.
- Daniel (29 April 2004)
- - Made IDN domains work when sending requsts over HTTP proxy as well. Added
- test case 165 to verify the functionality.
- - Fixed a bug in the new internal host name setup when re-using connections.
- - James Bursa found out that curl_easy_duphandle() with ares-built libcurl
- created a bad handle that would crash in the first name resolve attempt. This
- is now fixed and test case 512 was added to verify it.
- - Luca Altea provided a major HTTP Digest code fix and cleanup. We now follow
- the Digest RFC a lot better.
- - Gisle Vanem made the SSL code use ERR_error_string_n() where applicable.
- Daniel (27 April 2004)
- - I remodeled Gisle's IDN code slightly and now we convert both the host name
- and proxy name to the ACE encoded version to use internally for resolves and
- cookies etc. They are now using one 'struct hostname' each that keep both
- the original name and the possibly encoded name. IDN resolves work for me
- now using ipv6, ipv4 and ares resolving. Even cookies on IDN sites seem to
- do right. I got some failures at first when CHARSET wasn't set at all which
- confused libidn completely and it decided by encoding of choice was
- 'ANSI_X3.4-1968'...
- - made 'configure --without-libidn' work
- Daniel (25 April 2004)
- - Fixed the src/hugehelp.c file to include "setup.h" instead of "config.h" to
- make the problems with USE_MANUAL on windows go away.
- - configure --without-ssl could still wrongly include some OpenSSL info in the
- Makefiles if pkg-config had info about OpenSSL. Bug #941762 reported by
- Martin.
- - Since we can now build and use quite a large set of 3rd party libraries, I
- decided I would make configure produce a summary at the end showing what
- libraries it uses and if not, what option to use to make it use that. I also
- added some other random info that is nice in a "configure summary" output.
- - Applied TommyTam's patch that now make curl work with telnet and stdin
- properly on Windows.
- - The changes for today below were made by me and Gisle Vanem.
- The file previously known as hostip.c has now undergone a huge cleanup and
- split:
- hostip.c explained
- ==================
- The main COMPILE-TIME DEFINES to keep in mind when reading the host*.c
- source file are these:
- CURLRES_IPV6 - this host has getaddrinfo() and family, and thus we use
- that. The host may not be able to resolve IPv6, but we don't really have to
- take that into account. Hosts that aren't IPv6-enabled have CURLRES_IPV4
- defined.
- CURLRES_ARES - is defined if libcurl is built to use c-ares for asynchronous
- name resolves. It cannot have ENABLE_IPV6 defined at the same time, as
- c-ares has no ipv6 support. This can be Windows or *nix.
- CURLRES_THREADED - is defined if libcurl is built to run under (native)
- Windows, and then the name resolve will be done in a new thread, and the
- supported asynch API will be the same as for ares-builds.
- If any of the two previous are defined, CURLRES_ASYNCH is defined too. If
- libcurl is not built to use an asynchronous resolver, CURLRES_SYNCH is
- defined.
- The host*.c sources files are split up like this:
- hostip.c - method-independent resolver functions and utility functions
- hostasyn.c - functions for asynchronous name resolves
- hostsyn.c - functions for synchronous name resolves
- hostares.c - functions for ares-using name resolves
- hostthre.c - functions for threaded name resolves
- hostip4.c - ipv4-specific functions
- hostip6.c - ipv6-specific functions
- The hostip.h is the single united header file for all this. It defines the
- CURLRES_* defines based on the config*.h and setup.h defines.
- - Added function header comments to many functions in an attempt to better
- explain the purpose of them all.
- - configure --with-libidn is now supported. It makes the configure script
- check for libidn libs and include files in the prefix path given. If you
- say --with-libidn=/usr/local, it will check for the lib in /usr/local/lib
- and the includes in /usr/local/include etc.
- - curl_version_info() now returns a struct aged CURLVERSION_THIRD including
- libidn version info. The string curl_version() returns also includes libidn
- version info, if available.
- Version 7.11.2 (26 April 2004)
- Daniel (25 April 2004)
- - Erwin Authried pointed out that configure --disable-manual didn't do right
- if you already had a src/hugehelp.c source file present (which most people
- do I guess). It now uses the USE_MANUAL define properly.
- Daniel (23 April 2004)
- - Gisle Vanem found and fixed a memory leak when doing (failing) Windows
- threaded name resolves.
- - I also added test case 163 just to make sure -F "var=<file" works fine and
- can pass on characters such as newlines, carriage-return and tabs.
- - When we added test case 162 without adding the necessary requirement field
- in the test meta data we could see that curl didn't complain if you used
- --proxy-ntlm even if the underlying libcurl it uses has no NTLM support! I
- now made it check this first, and it now exists with a "the installed
- libcurl version doesn't support this" message if it happens again.
- Daniel (22 April 2004)
- - David Byron found and fixed a small bug with the --fail and authentication
- stuff added a few weeks ago. Turns out that if you specify --proxy-ntlm and
- communicate with a proxy that requires basic authentication, the proxy
- properly returns a 407, but the failure detection code doesn't realize it
- should give up, so curl returns with exit code 0. Test case 162 added to
- verify the functionality.
- - allow newlines in the contents when doing -F "var=[contents]"
- Robert Marlow reported.
- - If a transfer is found out to be only partial, libcurl will now treat that
- as a problem serious enough to skip the final QUIT command before closing
- the control connection. To avoid the risk that it will "hang" waiting for
- the QUIT response. Added test case 161 to verify this.
- Daniel (21 April 2004)
- - Modified the heuristics for dealing with the test 160 scenario. When a
- connection is re-used and nothing at all is received from it (because the
- server closes the connection), we will now retry the request on a fresh new
- connection. The previous ECONNRESET stuff from January 30 was removed again
- as it didn't detect the situation good enough.
- Daniel (20 April 2004)
- - Added test case 160 to verify that curl works correctly when it gets a
- connection reset when trying to re-use a connection. It should then simply
- create a new connection and resend the request.
- Daniel (19 April 2004)
- - No more 512 byte limit for host name (inclusing name + password) in libcurl.
- An added bonus is that we use less memory for the typical (shorter URL)
- case.
- - Cleaned up the sources to better use the terms 'hostname' and 'path'
- internally when referring to that data. The buffers used for keep that info
- is called 'namebuffer' and 'pathbuffer'. Much easier to read and understand
- than the previous mess.
- Daniel (15 April 2004)
- - Modified runtests.pl again to remove all log files in the log/ dir between
- each test, and then made -p display all non-zero byte files in the log dir.
- It should make that data more usable and contain less rubbish.
- - ftpserver.pl now produces log files more similar to how the sws ones look
- and they now also contains a bit more details to help debugging ftp
- problems.
- - Removed the fixed maximum amount of dir levels the FTP code supported.
- Previously we had a fixed array for 100 levels, now we save space in each
- handle by allocating only for a few level by default and then enlarging that
- in case of need (with no maximum depth). Adjusted test case 142 to verify
- that 150 dir levels work fine. An added bonus is that we use less memory
- for the typical (not very deep) case.
- Daniel (14 April 2004)
- - Asking for CURL_IPRESOLVE_V6 when ipv6 addresses can't be resolved will
- now cause the resolve function to return NULL immediately. This flaw was
- pointed out by Gisle Vanem.
- - Gisle Vanem made curl -4/-6 actually set the desired option to libcurl.
- - runtests.pl now has a new option (-p) that will display "interesting" log
- files to stdout in case of a test failure. This is primarily intended to be
- used in the 'full-test' make target that is used by the autobuild tests, as
- we then get a much better chance to understand (remote) test failures based
- on autobuild logs alone.
- Daniel (13 April 2004)
- - Gisle Vanem made the multi interface work again on Windows even when built
- without ares. Before this, select() would return -1 during the name resolve
- phase since curl_multi_fdset() didn't return any fd_set at all which wasn't
- appreciated!
- - curl_easy_duphandle() now duplicates the tcp_nodelay info as well.
- Daniel (11 April 2004)
- - Applied David Byron's patch for the MSVC libcurl makefile for builds with
- zlib.
- Daniel (9 April 2004)
- - Dirk Manske improved the timer resolution for CURLINFO_*_TIME, it can now
- be down to usec if the system sypports it.
- Daniel (7 April 2004)
- - A request that sends "Expect: 100-continue" and gets nothing but a single
- 100 response back will now return a CURLE_GOT_NOTHING. Test 158 verifies.
- - The strtoofft() macro is now named curlx_strtoofft() to use the curlx_*
- approach fully.
- Daniel (6 April 2004)
- - Gisle Vanem's fixed bug #927979 reported by Nathan O'Sullivan. The problem
- made libcurl on Windows leak a small amount of memory in each name resolve
- when not used as a DLL.
- - New authentication code added, particularly noticable when doing POST or PUT
- with Digest or NTLM. libcurl will now use HEAD to negotiate the
- authentication and when done perform the requested POST. Previously libcurl
- sent POST immediately and expected the server to reply a final status code
- with an error and then libcurl would not send the request-body but instead
- send then next request in the sequence.
- The reason for this change is due to IIS6 barfing on libcurl when we attempt
- to POST with NTLM authentication. The reason for the problems is found in
- RFC2616 section 8.2.3 regarding how servers should deal with the 100
- continue request-header:
- If it responds with a final status code, it MAY close the transport
- connection or it MAY continue to read and discard the rest of the
- request.
- Previous versions of IIS clearly did close the connection in this case,
- while this newer version decided it should "read and discard". That would've
- forced us to send the whole POST (or PUT) data only to have it discarded and
- then be forced to send it again. To avoid that huge penality, we switch to
- using HEAD until we are authenticated and then send the POST.
- The only actual drawback I can think of (except for the odd sites that might
- treat HEAD differently than they would treat POST/PUT when given the same
- URL) is that if you do POST with CURLAUTH_ANY set and the site requires NO
- authentication, libcurl will still use a HEAD in a first round and then do a
- POST.
- If you do a HEAD or a GET on a site using CURLAUTH_ANY, libcurl will send
- an un-authenticated request at once, which then is the only request if the
- site requires no auth.
- Alan Pinstein helped me work out the protocol details by figuring out why
- libcurl failed and what IIS6 expects.
- - The --limit-rate logic was corrected and now it works a lot better for
- higher speeds, such as '10m' or similar. Reported in bug report #930249.
- - Introducing curlx_tvnow() and curlx_tvdiff() using the new curlx_* fashion.
- #include "timeval.h" from the lib dir to get the protos etc. Note that
- these are NOT part of the libcurl API. The curl app simply uses the same
- source files as the library does and therefore the file needs to be compiled
- and linked with curl too, not just when creating libcurl.
- - lib/strerror.c no longer uses sys_nerr on non-windows platforms since it
- isn't portable enough
- Daniel (2 April 2004)
- - In the curl_strnqual.3 man page, we now prepend the man3 dir to the file
- name to work better. As pointed out by Robin Kay.
- - Andrés García updated the mingw makefiles.
- - Dirk Manske fixed a problem I recently added in the progress meter code that
- broke subsecond resolution for CURLINFO_TOTAL_TIME. He also pointed out a
- mistake in the code that produces the final update of the progress meter
- that would often prevent it from actually being updated that final time.
- Daniel (1 April 2004)
- - Dirk Manske fixed a memory leak that happened when we use ares for name
- resolves and decides to time-out before ares does it. This fix uses the
- brand new ares_cancel() function which is not present in c-ares 1.1.0.
- When told to enable ares, the configure script now checks for presence of
- the ares_cancel function to alert users if they attempt to use a too old
- c-ares library.
- Daniel (31 March 2004)
- - Roy Shan fixed a flaw that prevented ares name resolve timeouts to occur!
- - Dirk Manske found out that libcurl timed out waiting for resolves far too
- easy when libcurl was built to use (c-)ares for name resolving.
- - Further Digest fixing and a successful test case 153 now makes me believe
- Mitz Wark's problems are fixed.
- - Andres Garcia figured out that test case 63, while working, only proved a
- flaw in libcurl's 'http_proxy' parser when a user name and password is
- provided. The user name was not extracted properly (and 'http' was always
- used as user name).
- - Andrés García fixed compiler warnings in our ioctlsocket() usage.
- Daniel (30 March 2004)
- - Joe Halpin faced problems with the getnameinfo() argument ai_flags and the
- particular bit named 'NI_WITHSCOPEID' on Solaris 9 for Intel. I've now
- written a configure test that checks for a working NI_WITHSCOPEID
- implemenation. No code uses the result from this test yet, it is still
- experimental. James Carlson wrote in comp.unix.solaris: "It's a bug
- (5006623) -- it's not supported and shouldn't be in the header file."
- - I provided Mitz Wark with a first patch in order to fix libcurl's problems
- to re-negotiate Digest authentication (when 'stale=true' is included in the
- response header).
- - Roy Shan discovered that the multi interface didn't properly timeout name
- lookups which could make handles get stuck in that state and thus never get
- completed. I've produced a first test patch that attempts to correct this.
- - David Byron's patch was appplied to make CURLOPT_FAILONERROR work nicely
- even with authentcations such as NTLM or Digest enabled. Test cases 150, 151
- and 152 were added to verify the functionality.
- Daniel (29 March 2004)
- - Gisle Vanem updated files for the djgpp/MS-DOS build.
- - Andrés García helped me work out a fix for the runtests.pl script to make
- the file:// tests run fine when tested with the mingw-built version of curl.
- - Fixed an include issue with netinet/tcp.h on AIX, based on input by Tor.
- This also required a minor fix of the configure script.
- - The postit2.c source example used the wrong struct name for the post data.
- Daniel (26 March 2004)
- - Gisle Vanem improved ipv6 support on windows by making the curl build to use
- the correct getaddrinfo() function.
- Daniel (25 March 2004)
- - It turned out that AIX, despite having a "thread-safe libc", doesn't offer
- all traditional functions thread-safe. This URL is informative on this
- subject:
- http://publibn.boulder.ibm.com/doc_link/en_US/a_doc_lib/aixprggd/ \
- genprogc/thread_quick_ref.htm
- As a result of this, we now check for three *_r() functions on recent AIX
- versions as well that the URL mentions aren't thread-safe in AIX 5.1.
- - renamed curl_strerror.[ch] to strerror.[ch]
- - Joe Halpin added CURLOPT_TCP_NODELAY and --tcp-nodelay to make it possible
- for users to disable the Nagle algorthim-usage.
- - Tor Arntsen provided some interesting strerror_r() knowledge. glibc has its
- own API which differs from the POSIX one. Daniel adjusted the configure
- script to detect the version in use, and the code now uses the new defines
- accordingly.
- - Fixed some build flaws with the new lib/curl_strerror.c source file.
- Daniel (24 March 2004)
- - Gisle Vanem's fix to replace the bad use of strerror(). This introduces
- Curl_strerror() that attempts to be thread-safe _and_ works on Windows too!
- - Tor Arntsen spell-fixed lots of libcurl man pages.
- - Tor Arntsen made testcurl.pl work with older perl 5 versions, and Daniel
- made it not use chdir .. to go back, as that isn't very good when you've
- setup a testdir containing symlinks.
- - Added a check for strerror_r() in the configure script.
- Daniel (23 March 2004)
- - Added Greg Hewgill's testcurl.pl script to CVS. We have not moved over to
- use this script for the real distributed testing just yet, but it is only
- a matter of time.
- - Gisle Vanem provided code that makes curl report a better error message
- if --interface fails on windows.
- - The regular progress meter is now fixed to never wrap due to long lines. All
- fields are now static sized. If the time in the time fields get a time value
- that would represent a time that is 100 hours or more (if not, it remains
- using a HH:MM:SS display), it switches first to a "NNNd NNh" display (for
- days and hours) and if that isn't enough it switches to a "NNNd" display if
- it is more than 999 days.
- Several of the calculations were also moved to fixed-point math instead of
- using doubles.
- Daniel (22 March 2004)
- - Glen Nakamura noticed CURLINFO_CONTENT_LENGTH_DOWNLOAD didn't work as it
- used to do if CURLOPT_NOBODY is set TRUE.
- - Kevin Roth patched the cygwin package makefile and README to adjust to
- new cygwin packaging guidelines.
- - Enabled "NT responses" in the NTLM authentication. Doing this simply means
- that we provide an extra chunk of data in each "type-3 message". The only
- reason for doing this is that it seems that using only the "Lanmanager hash"
- (as we've been doing until now) doesn't support passwords longer than 14
- characters and it turns out there are users out there who want to use
- libcurl and NTLM with such passwords! ;-) Seven NTLM-related test cases were
- updated accordingly. Mentioned as issue 29 in TODO-RELEASE, bug report
- #915609
- - Moved the generated libcurl version info to a new header file, named
- curl/curlver.h. Now interested parties can include ONLY version info, should
- anyone want that (and it seems at least some windows resource files would).
- Mentioned as issue 27 in TODO-RELEASE.
- Daniel (21 March 2004)
- - Fixed the root Makefile to use tabs for the netware target. Günter Knauf
- pointed this out.
- - Marty Kuhrt's VMS cleanup
- - Thomas Schwinge made buildconf recognize ACLOCAL_FLAGS to invoke aclocal
- with particular pre-determined options.
- Version 7.11.1 (19 March 2004)
- Daniel (18 March 2004)
- - Tor Arntsen brought some info about SGI IRIX:
- IRIX supports 3 different executable/object formats, -32, -n32 and -64.
- -n32 is default 32-bit format, -32 is the "old" 32-bit format, and -64 is
- the 64-bit format. Libraries for the different formats are in lib, lib32
- and lib64 respectively.
- We've now adjusted the configure script to adapt to this when scanning for
- 3rd party libs, such as OpenSSL.
- Daniel (17 March 2004)
- - Watz pointed out a few missing files in the MSVC project description file.
- - Günter Knauf brought patches, code and makefiles to build curl on Novell
- NetWare.
- Daniel (15 March 2004)
- - Lots of libcurl man pages were updated to contain references to other man
- pages the recognized way so that they appear as nice hyperlinks in the HTML
- versions.
- - buildconf now checks the m4 version too, since autoconf requires a GNU m4
- version to build proper configure scripts.
- Daniel (12 March 2004)
- - Added CURLOPT_POSTFIELDSIZE_LARGE, the large file version of
- CURLOPT_POSTFIELDSIZE to allow POSTs larger than 2GB.
- - David Byron fixed an uninitialized variable case/crash.
- Daniel (10 March 2004)
- - Jeff Lawson fixed the SSL connection to deal with received signals during the
- connect.
- - Changed the OS string for win32 to become "i386-pc-win32".
- Daniel (9 March 2004)
- - Changed the internals to use curl_socket_t for socket variable type. This
- should enable us to build with less warnings on Windows, where SOCKET is
- used which is an unsigned int, while most other platforms use a mere int.
- - Modified lib/config-win32.h to build fine on MSVC again.
- Version 7.11.1-pre1 (8 March 2004)
- Daniel (8 March 2004)
- - Minor fix to make curl CURL_VERSION_LARGEFILE is only set if curl_off_t is
- larger than 4 bytes.
- Daniel (4 March 2004)
- - Improved PUT/POST with NTLM/Digest authentication, the so called issue 12.
- - Modified the test HTTP server a lot to work with the upcoming changes for
- PUT/POST with NTLM/Digest authentication (like test case 88). Added Andrés
- García's win32-changes. Improved the logging.
- - Fixed the file:-related progress/getinfo stuff a bit more.
- Daniel (4 March 2004)
- - I corrected a problem with the multi interface when following a Location:
- header or when doing multiple-request authentications. A subsequent request
- could erroneously re-use a previous connection that was sent with
- Connection: close. Christopher R. Palmer reported.
- - Andrés García patched curl to prevent warnings while compiling with mingw,
- mainly because it is now possible to have both WIN32 and HAVE_CONFIG_H
- defined.
- - When transferring files from a file: URL, the progress meter and other
- transfer metrics were not updated properly.
- - David Byron provided a "version resource" file to the curl executable for
- the windows builds.
- Daniel (3 March 2004)
- - David Byron's work on making libcurl only require winsock 1.1 on Windows
- machines.
- - More variable cleanups based on compiler warnings generated by Tor Arntsen's
- autobuilds with MIPSPro.
- - Joe Halpin helped us fix some pedantic compiler warnings on FreeBSD.
- - Applied Tom Bates' patch to build on nsr-tandem-nsk.
- - Dan Fandrich corrected some flaws in the configure GSS detection.
- Daniel (2 March 2004)
- - Fixed the libcurl code to use FORMAT_OFF_T for printf() formatting
- curl_off_t types internally.
- Daniel (1 March 2004)
- - Added CURL_VERSION_LARGEFILE as a feature-bit in the curl_version_info()
- response, that signals if this libcurl supports >2GB files. curl -V now
- outputs 'Largefile' in the Features: field if this is the case. Most systems
- are likely to support this.
- - We offer a CURL_FORMAT_OFF_T define in the public header, which can be used
- to printf() curl_off_t variables. We also modified the libcurl sources to
- use this define instead of the previous %Od approach (although I've left the
- O-flag functional in the code). This should also prevent compilers to warn
- on the home-grown option.
- - Fixed the resume-check code to test for a working resume at the end of the
- headers and not at the first body-byte.
- - CURLOPT_DNS_USE_GLOBAL_CACHE is now considered obsolete. Stop using it. If
- you need a global DNS cache for whatever reason, use the share interface and
- you'll get a global cache that works the way it should work. You can even
- have any number of global caches, all at your command. This is now also
- mentioned in the docs.
- - Made the *printf code support the z-flag to enable size_t printf() in a
- manner similar to how glibc allows it. To make printfing of this work on
- platforms with 64bit size_t and 32bit ints. If there even are any! ;-)
- - Christopher R. Palmer discovered that if you CURLOPT_FRESH_CONNECT and
- CURLAUTH_NTLM (or CURLAUTH_ANY and libcurl then picked NTLM), libcurl would
- loop without succeeding to authenticate due to the new connection that was
- made for all round-trips in the authentication. Now, the FRESH_CONNECT is
- remade to only matter for the first connection made with curl_easy_perform()
- and all the rest that might follow due to FOLLOWLOCATION or HTTP
- authentication are now ignoring that option.
- - Adjusted the QUIT code slightly since it could core-dump.
- - Corrected the test suite's FTP server to provide a correct size to the
- 'verifiedserver' request.
- Daniel (27 February 2004)
- - Joe Halpin made the FTP code send QUIT on the control connection before
- disconnecting the TCP connection. This is what good-behaving ftp clients
- should do.
- Daniel (26 February 2004)
- - David Byron updated several files to make curl build fine on MSVC 6. He
- also added the 'buildconf.bat' that works like the 'buildconf + configure'
- combo does on unixes.
- - Gisle Vanem made the memdebug stuff support calloc() as well.
- - Tor Arntsen pointed out that testcurl.sh needed to remove the generated
- files in order to have them re-generated in each build.
- - Andy Serpa found out that the share interface did not enjoy life when not
- having the lock and unlock callbacks set, even though documented to be
- OK. It still is OK, and now the code won't segfault anymore!
- Daniel (25 February 2004)
- - Based on a patch by Greg Hewgill I modified how long long is used in the
- mprintf code, as we can use a 64bit type with MSVC that is a long long
- equivalent. This corrects some weird large file behaviors on windows.
- - Tor Arntsen helped me work out --enable-debug to work better with different
- versions of the gcc and icc compilers.
- - Added CURLOPT_SHARE to the curl_easy_setopt.3 man page.
- Daniel (22 February 2004)
- - Applied the final pieces of Gisle Vanem's patch that brings a working name
- resolve timeout to the windows versions of curl!
- Daniel (21 February 2004)
- - David Byron's fix to allow the speed-limit logic work even if you set
- limit-rate. It does work on the expense of the rate limiter.
- Daniel (20 February 2004)
- - configure --enable-debug with gcc now also tries to detect the icc compiler
- (which somehow gets treated as if it is a gcc) to stop using all the gcc
- options with it, and we also provide -isystem options for each extra -I
- option the configure script has figured out (for OpenSSL, kerberos, zlib,
- Heimdal etc). This of course to prevent warnings on headers we don't have
- control of.
- Daniel (19 February 2004)
- - Doug Porter made libcurl use the HOME environment variable before the
- getpwuid results when looking for .netrc files.
- - If 'configure --enable-debug' is used with gcc, it now checks which gcc
- version it is and uses as picky compiler options as possible for the
- particular version.
- - Code that can be used in both the lib and in the curl app is now made to use
- the curlx_ prefix. The first function to be available like this is the
- curlx_strtoll() function. This is made to allow the app to use existing code,
- but without polluting the libcurl API. Further explanations posted here:
- http://curl.haxx.se/mail/lib-2004-02/0215.html
- Daniel (18 February 2004)
- - Fixed buildconf to not use "which" as AIX and Tru64 have what have been
- referred to as "horribly broken 'which' programs".
- - Made sure dns cache timeout set to -1 really means caching forever.
- Daniel (17 February 2004)
- - Made it possibly to build c-ares with the libcurl memdebug system to better
- track memory.
- Daniel (16 February 2004)
- - When using ares, we now initialize the ares 'channel' in curl_easy_init()
- and re-use that same handle during the entire curl handle's life-time. It
- improves performance.
- - Fixed a problem when displaying verbose for ipv6-enabled libcurls and
- re-used connections. Problem reported and fix verified by Grigory Entin.
- - Jeff Lawson fixed the version-check in the SOCKS5 code.
- Daniel (15 February 2004)
- - Fixed a case where a host cache entry was not flagged in-use properly when a
- cached entry was used.
- - Andrés García's patch that checks for winmm in the configure script was
- applied.
- Daniel (13 February 2004)
- - Ben Greear's SO_BINDTODEVICE patch for the binding of the local end to a
- specific network interface.
- - Greg Hewgill found out that the variable holding 'contentlength' wasn't big
- enough to hold a large file!
- - Tor Arntsen fixed a 64bit-related problem in date-related code in the ftp
- department, and there was another potential problem in the name resolve code
- too.
- Daniel (11 February 2004)
- - Removed a few variables that were only set but never used, as some compilers
- warn about that and we do not like compiler warnings!
- - Removed the need for symlinks in the tests/data directory if curl is built
- outside of the source directory and the 'make test' is used. This was done
- by providing a "source dir path" to the scripts/servers.
- - Now, if the configure script can't find an nroff tool or an option to nroff
- to use to convert man pages with, it will completely switch off the built-in
- manual.
- - 'configure --disable-manual' completely disables the built-in manual from
- the curl command tool.
- - Andrés García fixed the configure script and a minor source edit, and now
- he has managed to get msys/mingw to run configure and then build!
- Daniel (9 February 2004)
- - The default HTTP Accept: header was modified to the much simpler
- "Accept: */*".
- - P R Schaffner updated the curl-ssl spec file for RPMs.
- - Dominick Meglio brought lots of documentation for the share interface's man
- pages that were previously missing.
- - Tor Arntsen provided a patch that makes libcurl work-around a bug in the
- AIX5 implementation of getaddrinfo(). This makes the FTP PORT stuff work on
- ipv6-enabled AIX builds.
- - Ken Rastatter provided portability fixes for the curlgtk.c example, and now
- it runs on windows with GTK as well!
- Daniel (6 February 2004)
- - Andrés García made the configure script find gethostbyname() fine when run
- with mingw on windows.
- - Modified the ldap code to use proper function pointers all over (instead of
- mixed data and function pointers) to work-around the picky MIPSPro compiler
- warnings.
- - A custom Host: header is only considered if the request is not made by
- following a location. After discussions with Tim Baker.
- Daniel (5 February 2004)
- - The libz part of the configure script now only set the two libz-related
- define HAVE_ZLIB_H and HAVE_LIBZ if both the lib and the header is found.
- If one is missing, none of the defines is set.
- - Andrés García fixed the Mingw makefiles.
- - Len Krause reported that curl 7.9.X could do uploading from stdin without
- doing chunked encoding, which current curl cannot do even if you disable
- the transfer-encoding chunked header. Now it can again, and test case 98
- verifies this functionality.
- - Tor Arntsen fixed a weird getaddrinfo() usage in the FTP code, preventing
- the ipv6-code for PORT work on AIX 5.2. We now also provide (better) error
- messages when bailing out in the that function.
- - Tor Arntsen now provides AIX and IRIX (using gcc, xlc and the MIPSPro
- compilers) automated build logs (http://curl.haxx.se/auto/) and we've fixed
- numerous minor quirks to make less warnings appear.
- Daniel (4 February 2004)
- - Based on a patch by Gilad, we now use the custom timeouts when waiting for a
- server to connect when using FTP PORT. Previously we always waited 10
- seconds, no more no less. We now also changed the default (if no timeout is
- set) to wait 60 seconds for the connect before we fail.
- Daniel (3 February 2004)
- - Modified to link with c-ares instead of ares.
- Daniel (2 February 2004)
- - Added a configure test to check for which option the (g)nroff tool wants
- to extract plain text from the man pages. Tor Arntsen told us the AIX
- version of GNU gnroff doesn't support -man!
- - Added an undef of accept in memdebug.h to make curl build with --enable-debug
- on AIX 5.2 which seems to have accept defined. Reported by Tor Arntsen.
- - curl_version() now includes c-ares version info, and curl_version_info() now
- returns a struct with version SECOND that also includes that info.
- - We are now officially using c-ares for asynch name resolves. c-ares is the
- new library, based on the existing ares but with an extended and slightly
- modified API.
- - Dirk improved the ares timeout code, and now we also include the ares error
- string when we fail to resolve a name.
- - Another tweak to make test case 91 run fine. Now we have another bit on a
- connection that is set true if the connection is marked for 'retry'. That
- makes the connection get closed and re-opened and the HTTP-done code must
- not complain on the fact that no data was received.
- - Based on Dirk Manske's patch, I modified the name resolving with ares to
- feature a timeout for really slow lookups. It now defaults to 300 seconds,
- but is now adjusted to the CONNECTTIMEOUT/TIMOUE timeouts if one of them
- is set.
- - Fixed the inclusion of ca-bundle.h to really use the one in the build dir
- before the one in the source dir. Domenico Andreoli found out and reported.
- - Added test case 97, a simple POST with a custom Content-Type header
- replacing the original application/x-www-form-urlencoded one.
- Daniel (30 January 2004)
- - Added code that attempts to fix the test 91 failure. As has been figured out
- by Patrick Smith, the error happens because we re-use a connection that the
- server is just about to close and we even manage to send away the request
- without seeing an error. On the first read attempt we get a ECONNRESET.
- Starting now, we attempt to detect this and if so, we retry the request on a
- fresh connection.
- - I added test case 510 which is a custom program that does a POST using a
- read callback, with chunked transfer-encoding.
- - Adjusted one of the MPE/iX changes as it made test case 504 fail all over.
- - Added --socks as a recognized option. It works just like --proxy but sets a
- SOCKS5 proxy to use. SOCKS5 support has been available in libcurl for a
- while, just not provided by the curl tool. This does not currently work for
- IPv6-enabled libcurls.
- Daniel (29 January 2004)
- - Stadler Stephan pointed out that src/hugehelp.c included config.h without
- checking the define if its present...
- - Ken Hirsch provided patches to make curl build fine on the MPE/iX operating
- system.
- - Dan Fandrich compiled curl with lots of aggressively pedantic compiler
- options and thus found a few minor errors and did some general cleanups to
- avoid them.
- - Dirk Manske fixed a flaw in ares that prevented it to use non-blocking
- sockets properly.
- Daniel (28 January 2004)
- - Richard Bramante fixed chunked transfer-encoded "uploads" to send a final
- CRLF combo properly.
- Daniel (27 January 2004)
- - Made the response-headers during a CONNECT request to a proxy get passed on
- as regular headers, so they appear with -i/-I options and similar.
- - Based on a patch by Gisle Vanem, I've made the progress meter display
- properly switch to a GB-display when more than 9999MB have been transfered.
- Daniel (23 January 2004)
- - Gisle Vanem pointed out a curlrc parser problem/crash when an option with a
- required didn't have one and was on the last line of a file.
- - More Windows fixes for large files. We now build and link with
- ../lib/strtoofft.c in the app code since Curl_strtoll() is not a provided
- libcurl function... Perhaps we should consider a 'common' dir or similar
- where we put source code used in both the lib and the client. Or perhaps
- we'll just make this function available in the library...
- - Vincent Bronner found out the socks5 code crashed when no username was
- set.
- - Vincent Bronner spotted a problem with proxy username/password when re-using
- a persistent connection.
- - Fixed the progress meter display for files larger than 2^31 bytes. Gisle
- Vanem reported.
- Daniel (22 January 2004)
- - Gisle Vanem made strtoll() get used when curl is built with the mingw
- compiler.
- - Gisle Vanem fixed the compressed help text code to display properly.
- - Removed the '#define HttpPost' from the public header file, as curl_httppost
- is the proper name and it has been for quite some time now. Fixes another
- name space pollution.
- - Added 'curl_off_t' typedef in the public header file, to be used to provide
- large file sizes to the *_LARGE options. Adjusted the code all over to use
- this variable type instead of 'off_t'. This is an attempt to make the large
- file support work on more platforms. The configure script now checks the
- size of the curl_off_t instead of the plain off_t.
- Version 7.11.0 (22 January 2004)
- Daniel (21 January 2004)
- - Removed the defines in the public header file with TIMECOND_ prefixes. They
- have been obsolete since April 22nd 2002, and if this causes anyone any
- problems now it is very easy to just add CURL_ to the names. This corrects
- this name space pollution.
- Daniel (19 January 2004)
- - David Byron cleaned up how --trace with no option was treated, and also
- arguments in a config file without a required parameter!
- Daniel (16 January 2004)
- - Gisle Vanem fixed a few issues where compilers warned about variables
- possibly being used unassigned.
- - Minor Interix build problem fixed.
- Daniel (15 January 2004)
- - Peter Sylvester pointed out some necessary escaping needed in the
- acinclude.m4 file when automake 1.8 or later is used.
- Daniel (14 January 2004)
- - Vincent Bronner fixed the Curl_resolv() return code. This extends the fix
- Steve Green provided on december 3...
- Daniel (13 January 2004)
- - Luke Call made the win32 version of the password prompting function support
- backspace.
- - Dan Fandrich fixed the hugehelp source file to contain both a compressed and
- an uncompressed version in the distribution, so that more people easier can
- build curl with the compressed version.
- - Diego Casorran brought another AmigaOS build patch for native Amiga builds.
- - Matt Veenstra updated the Mac OS X framework files.
- - Brian R Duffy brought a section to the INSTALL file on how to build a
- SSL-enabled curl using the free Borland C++ compiler. He also updated the
- Borland lib/Makefile.b32.
- - I fixed the test case 509 which I broke yesterday. Now the libtest are
- compiled with an include path that points to the library's source dir, so
- that the libtests can include files from the source tree. This was made to
- make it possible to use the USE_SSLEAY define in the library test files.
- Daniel (12 January 2004)
- - Peter Sylvester brought code that now allows a callback to modified the URL
- even when the multi interface is used, and then libcurl will simulate a
- "follow location" to that new URL. Test 509 was added to test this feature.
- - Extended the time we retry servers in the test script, and I also made it
- retry the https and ftps servers before they are considered bad. I believe
- the previous approach could turn problematic on really slow hosts.
- Version 7.11.0-pre1 (12 January 2004)
- Daniel (11 January 2004)
- - Dominick Meglio pointed out FTPS should use default port 990 according to
- IANA.
- Daniel (8 January 2004)
- - Fixed the SPNEGO configure check to not use -R or other non-portable options
- in the LDFLAGS. Reported by Pierre in bug report #872930.
- Daniel (5 January 2004)
- - Dan Fandrich provided a fix on our zlib usage.
- - David J Meyer's patch that introduce large file support to libcurl was
- applied. New curl_easy_setopt options that accept 'off_t' arguments are:
- INFILESIZE_LARGE
- RESUME_FROM_LARGE
- MAXFILESIZE_LARGE
- Daniel (4 January 2004)
- - Based on Dominick Meglio's comments, I made our private version of
- gettimeofday() declared static. This would otherwise collide with the same
- function in other libs (like ares for example).
- - Added Dominick Meglio's description on how to build libcurl with ares
- on win32.
- Daniel (19 December)
- - CURLOPT_IPRESOLVE was not possible to set.
- - Gisle Vanem updated the djgpp build files.
- Daniel (18 December)
- - John McGowan reported a redirect-problem that happened if a site used a URL
- like "url.com?var=content" (without a proper slash) and from that address
- redirected the user-agent to an absolute directory.
- - David Byron made libcurl build fine with both the .NET and VC6 versions of
- MSVC
- Daniel (16 December)
- - Updated test 506 since it started to fail after the cache prune change
- yesterday. I also changed it slightly to feature a counter in each debug
- output for easier tracing.
- Daniel (15 December)
- - Old DNS cache entries are now only pruned after curl is done with a request,
- and not in the actual name resolve call.
- - corrected the --enable-ares patch
- - Giuseppe Attardi found and fixed a problem within libcurl that re-used
- already freed memory.
- Daniel (10 December)
- - Gisle Vanem reported that the dict support was broken. I broke it during my
- ftps-changes overhaul. I've now added a 'curlassert' function that can be
- used to verify expressions, to prevent future errors of the same
- kind. They're only present in debug-builds.
- - Diego Casorran made curl and libcurl possible to build natively (no more
- need for the ixemul library) on AmigaOS.
- - Dominick Meglio made configure --enable-ares support a given path to the
- installed ares lib, instead of always using it in the curl source tree.
- This also fixed the curl-config --libs output.
- - Eric S. Raymond patched a very minor man page format error in
- libcurl-errors.3
- Daniel (8 December)
- - Fixed the flaw that made -lz appear twice on the link command line.
- - After correspondence with Gisle Vanem, I changed the 'connection aborted'
- error text when the FTP response reader failed to more specificly identify
- what the problem is.
- - Based on a patch from Dominick Meglio, curl-config --feature now outputs
- 'AsynchDNS' as a feature if libcurl was built with ares. The feature name
- is the same that 'curl -V' outputs, for simplicity.
- Daniel (3 December)
- - Marty Kuhrt made the build up-to-date on VMS, and moved most of the VMS-
- specific stuff in the client code to a separate header file.
- - Steve Green fixed a return code bug in Curl_resolv(), that made the socks5
- code fail.
- - swalkaus at yahoo.com patched libcurl to ignore Content-Length: headers
- when Transfer-Encoding: chunked is used, as mandated by RFC2616.
- Daniel (2 December)
- - --ftp-pasv was added, which serves the only purpose of overriding a
- previously set --ftpport option. Starting now, --ftp-port is a recognized
- alias for --ftpport for consistency.
- - Giuseppe Attardi pointed out that we should use MSG_NOSIGNAL when we use
- send() and recv(). I added checks for the define in the configure script and
- adjusted the code accordingly. If the symbol is present, we won't attempt
- to ignore the SIGPIPE signal.
- Daniel (1 December)
- - Mathias Axelsson set up a bsdftpd-ssl server for me and I could make curl
- run fine against its FTPS implementation. Now these FTPS-related things
- work:
- o explicit and implicit FTPS
- o active (PORT) and passive (PASV)
- o upload and download
- o verified against bsdftpd-ssl and RaidenFTPD
- Daniel (27 November)
- - James Clancy made the Borland Makefiles up to date.
- - Markus Moeller improved the SPNEGO detection in the configure script.
- Daniel (25 November)
- - Dave May filed bug report #848371, identifying that if you'd do POST over a
- proxy to a https server, libcurl didn't POST at all, it just made a GET! It
- turned out to be because libcurl wrongly didn't consider the authentication
- "negotiation phase" to be complete yet.
- I added test case 95 to verify my fix for this.
- Daniel (24 November)
- - Thanks to Mathias Axelsson, I've been able to work on FTPS for libcurl and it
- seems to work somewhat fine now.
- The FTPS stuff is based on RFC2228 and the murray-auth-ftp-ssl draft
- (version 12). There seems to exist quite a few servers that have implemented
- the server side of this.
- We can now use ftps:// URLs to explicitly switch on SSL/TSL for the control
- connection and the data connection (dealing with two SSL connections forced
- me to change a lot of stuff in libcurl).
- Alternatively, and what seems to be the recommended way, we can set the new
- option CURLOPT_FTP_SSL to one of these values:
- CURLFTPSSL_NOPE, - do not attempt to use SSL
- CURLFTPSSL_TRY - try using SSL, proceed anyway otherwise
- CURLFTPSSL_CONTROL - SSL for the control connection or fail
- CURLFTPSSL_ALL - SSL for all communication or fail
- Any failure to set the desired level will make libcurl fail with the error
- code CURLE_FTP_SSL_FAILED. This new option makes a "normal" ftp:// transfer
- attempt to be made securely.
- I've been able to login and get files (passively) from Mathias' server using
- both ftps:// and CURLOPT_FTP_SSL. (I've made 'curl' understand the --ftp-ssl
- option that sets CURLFTPSSL_TRY.)
- - Gaz Iqbal fixed a range string memory leak.
- - Gisle Vanem fixed the Windows builds.
- - Added the new FTPSSL defines in curl/curl.h
- Daniel (20 November)
- - Josh Kapell filed bug report #845247 as he found an endless loop when
- getting a 407 back from a proxy when no user+password was given. Added test
- case 94 to verify the fix.
- Daniel (19 November)
- - Kevin Roth fixed a progress-bar problem on Windows.
- - While working with Nicolas Croiset's bug report #843739, I noticed two minor
- problems related to ftp partial downloads: if a partial transfer is
- detected, we must close the connection as we cannot know in what state it is
- anymore. This looks like a ProFTPD bug:
- http://curl.haxx.se/mail/lib-2003-11/0079.html
- Daniel (17 November)
- - Maciej W. Rozycki made the configure script use a cache variable for the
- writable argv test. This way, the default can be overridden better (for
- cross-compiles etc)
- Daniel (15 November)
- - Mathias Axelsson found out libcurl sometimes freed the server certificate
- twice, leading to crashes!
- Daniel (14 November)
- - Siddhartha Prakash Jain found a case with a bad resolve that we didn't
- properly bail out from, when using ares.
- Daniel (13 November)
- - Default Content-Type for parts in multipart formposts has changed to
- "application/octet-stream". This seems more appropriate, and I believe
- mozilla and the likes do this. In the same area: .html files now get
- text/html as Content-Type. (Pointed out in bug report #839806)
- - Gisle Vanem corrected the --progress-bar output by doing a flush of the
- output, which apparently makes it look better on at least windows, but
- possibly other platforms too.
- - Peter Sylvester identified a problem in the connect code, which made the
- multi interface on a ipv6-enabled solaris box do bad. Test case 504 to be
- specific. I've spent some time to clean-up the Curl_connecthost() function
- now to use less duplicated code for the two different sections: ipv6 and
- ipv4.
- Daniel (11 November)
- - Added CURLOPT_NETRC_FILE. Use this to tell libcurl which file to use instead
- of trying to find a .netrc in the current user's home directory. The
- existing .netrc file finder is somewhat naive and is far from perfect on
- several platforms that aren't unix-style. If this option isn't set when
- CURLOPT_NETRC is set, the previous approach will still be used.
- The current .netrc check code now also support longer than 256 bytes path
- names.
- Daniel (10 November)
- - Kang-Jin Lee pointed out that the generated ca-bundle.h file shouldn't be
- written in the source dir if a different build dir is used.
- - After Sébastien Willemijns' bug report, we now check the separators properly
- in the 229-reply servers respond on a EPSV command and bail out better if
- the reply string is not RFC2428-compliant.
- Daniel (7 November)
- - Based on Gisle Vanem's patch, I made curl try harder to get the home
- directory of the current user, in order to find the default .curlrc file.
- We're also considering moving out the HOME-dir code from libcurl, and
- instead have the app pass in the path to the .netrc file (which is the only
- logic left in libcurl that uses the HOME dir). Then curl can use the home
- dir for that purpose too.
- - Ralph Mitchell's updated testcurl.sh to the script to take an existing
- directory name and build/run/test curl in there instead of trying to update
- from CVS. Using this approach, the script can now be used to test daily
- tarballs etc.
- - Gisle Vanem added a "resource file" to the Windows DLL builds, to contain
- information such as version number, library name, copyright info etc.
- Daniel (6 November)
- - curl checks if the existing libcurl supports things like --ntlm, --negotiate
- and --krb4 and returns error if not.
- - I added three new global defines in the curl/curl.h header:
- LIBCURL_VERSION_MAJOR, LIBCURL_VERSION_MINOR and LIBCURL_VERSION_PATCH. They
- are the three numbers in the library's version number, separated for easier
- usage. 'maketgz' was updated accordingly to generate these numbers properly
- when building release-archives.
- - Uninitialized variable fix, reported by both Marty Kuhrt and Benjamin
- Gerard.
- - Matt Veenstra provided build files to build libcurl as a "framework" under
- Mac OS X. See the lib/libcurl.framework.make for details.
- - Removed the defines of TRUE and FALSE from the curl/curl.h header file.
- They're not in our name space so we should not fiddle with them.
- Daniel (5 November)
- - Replaced the man page to HTML converter program with a new one: roffit.
- Makes nicer web pages.
- Daniel (4 November)
- - Troels Walsted Hansen fixed the MSVC makefiles to let them build curl fine
- on Windows.
- - Kevin Roth corrected the cygwin package generator and spell-fixed the
- comment in the ca-bundle.h file.
- Version 7.10.8 (1 November 2003)
- Daniel (31 October)
- - Assume that MDTM on an FTP server returns the timestamp using the UTC time
- zone. This changes the time CURLINFO_FILETIME returns for a given file over
- FTP, and will change existing uses of CURLOPT_TIMECONDITION. It will make
- the functionality more similar to how the HTTP one is already working.
- - Command line options that take numerical parameters (such as -y, -Y, -C etc)
- now report error and exit if the parameter isn't truly a number greater than
- or equal to zero. This helps users to notice bad usage earlier. Before, when
- a user forgot or missed to add a numerical parameter to an option, the
- command line parser would simply "eat" the following option and it would
- cause great confusion.
- Daniel (30 October)
- - David Hull made libcurl deal with NOBODY and HEADER for file:// the same way
- it already does for FTP: it provides HTTP-looking headers that provide info
- only about the file, without doing the actual transfer. The curl tool then
- lets --head do this.
- Daniel (29 October)
- - runtests.pl now checks for and use valgrind if present. It will redirect the
- valgrind results in log/valgrind[num] but it currently doesn't scan that
- file for any errors or anything, that is still only made manually.
- - David Hull made the file: URL parser also accept the somewhat sloppy file
- syntax: file:/path. I added test case 203 to verify this.
- Daniel (28 October)
- - Dan C tracked down yet another weird behavior in the glibc gethostbyname_r()
- function for some specific versions (reported on 2.2.5 and 2.1.1), and
- provided a fix. On Linux machines with these glibc versions, non-ipv6
- builds of libcurl would often fail to resolve perfectly resolvable host
- names.
- Daniel (26 October)
- - James Bursa found out that curl_msnprintf() could write the trailing
- zero-byte outside its given buffer size. This could happen if you generated
- a very long error message as then libcurl would overwrite the ERRORBUFFER
- with one byte. Using a non-existing very long local file:// name is one case
- that could make this occur.
- Daniel (24 October)
- - David Hull filed bug report #829827. It identified a problem with -C - if
- the full file already was downloaded and thus the server responded with a
- 416. libcurl would then wrongly use the Content-Length: header and expect
- that size to get transfer, causing a "hang" until the server closed the
- connection and then an error 18 ("still N bytes data left of the transfer").
- Now we don't return any error at all, but I think libcurl should perhaps
- return some kind of info since the requested range was out of the size of
- the document.
- - Based on David Hull's fix in bug report #804599, we now check for solaris and
- gcc in configure and set the -mimpure-text link flag for linking the lib
- better.
- - I've introduced a -t option to the runtests.pl script. With that option set,
- the script runs special "memory torture" tests. For each test command line
- in that section, the script first runs the command line and counts the total
- amount of allocations made. It then runs the exact same command line again,
- forcing allocation number N to fail. It will try every N from 1 to the total
- number of amounts made. For every invoke, it checks that no memory was
- leaked as that would indicate a bad cleanup somewhere in the code.
- This is just beginning to work, and I've already made some corrections in
- libcurl code. When this code works somewhat fine, I'll make sure 'make test'
- in the root dir will run these tests as well.
- Daniel (23 October)
- - Georg Horn fixed how the CA verification is made. Verifications can now be
- made while at the same time the result of it can be ignored. This also
- affects the curl tool as -k can now be used together with --cacert or
- --capath.
- Daniel (22 October)
- - Gisle Vanem found out --disable-eprt didn't work and patched it.
- - Test case 91 was modified and could now repeat the problem Kevin Roth has
- reported, and the bug was fixed.
- - Dylan Ellicott added vc-libcurl-ssl-dll as a target to the root makefile
- to build a static libcurl that links with a shared OpenSSL using MSVC.
- Daniel (21 October)
- - Andrés García updated the mingw32 makefiles.
- Version 7.10.8-pre5 (21 October 2003)
- Daniel (19 October)
- - Georg Horn made libcurl output more info on SSL failures when receiving
- data.
- Version 7.10.8-pre4 (18 October 2003)
- Daniel (17 October)
- - Dominick Meglio implemented CURLOPT_MAXFILESIZE and --max-filesize.
- - Made libcurl show verbose info about what auth type and user name that is
- being sent in its HTTP request-headers.
- Daniel (16 October)
- - Removed support for CURLOPT_PASSWDFUNCTION and CURLOPT_PASSWDDATA. libcurl
- no longer prompt for passwords under any circumstances. Password prompting
- was instead moved to curl, which now prompts for password if -u or -U lack
- it. This solves the problem Kevin Roth reported when curl prompted for
- password twice when doing NTLM authentication.
- - I rewrote the SSL subjectAltName check to avoid having to rely on OpenLDAP-
- licensed derivate code.
- Daniel (15 October)
- - Avoid doing getsockopt() on Windows to verify connects. It seems that this
- hogs Windows machines when libcurl is being used multi-threaded (with > ~50
- threads). Andrew Fuller helped us verify and test this.
- Daniel (14 October)
- - Kimmo Kinnunen fixed a crash with duphandle() when CURLDEBUG is set.
- - Gisle Vanem made libcurl build and work with IPv6 on Windows.
- Daniel (13 October)
- - Giuseppe Attardi reported yet another segfault with ares and the multi
- interface. Me fixed.
- - Domenico Andreoli removed the extra LDFLAGS assignment in lib/Makefile.am
- that was reported about in the debian bug report #212086.
- Domenico also fixed two makefiles where we used 'gnroff' instead of the more
- portable $(NROFF).
- Daniel (12 October)
- - Dirk Manske made the share locking around DNS lookups slightly different to
- allow the share system's DNS lookups to run somewhat more
- independent/faster.
- Daniel (9 October)
- - Lachlan O'Dea fixed a resume problem: "If I set CURLOPT_RESUME_FROM, perform
- an HTTP download, then reset CURLOPT_RESUME_FROM to 0, the next download
- still has a Range header with a garbage value." bug report #820502
- - Dominick Meglio made the inet_pton.c file build fine using MSVC.
- - The 'sws' test suite web server now #include setup.h from the lib directory.
- This makes it more portable easier.
- Version 7.10.8-pre3 (8 October 2003)
- Daniel (8 October)
- - Frank Ticheler provided a patch that fixes how libcurl connects to multiple
- addresses, if one of them fails (ipv4-code).
- Daniel (7 October)
- - Neil Dunbar provided a patch that now makes libcurl check SSL
- subjectAltNames when matching certs. This is apparently detailed in RFC2818
- as the right thing to do. I had to add configure checks for inet_pton() and
- our own (strictly speaking, code from BIND written by Paul Vixie) provided
- code for the function for platforms that miss it.
- - HTTP POST using the read callback didn't work, as Florian Schoppmann
- reported.
- Daniel (5 October)
- - Shared provided a few fixes to make libcurl build on BeOS
- out-of-the-box. New code for BeOS-style non-blocking sockets, provided by
- Shard and Jeremy Friesner. Modified the autoconf check for non-blocking
- sockets to check for this kind too.
- Daniel (4 October)
- - Vincent Bronner pointed out that if you set CURLOPT_COOKIE for a transfer
- and then set it to NULL in a subsequent one, the previous cookie was still
- sent off!
- - Jon Turner fixed a problem libcurl had when it failed on an FTP transfer due
- to a bad path, it would cause the next transfer to use a bad path as well.
- - Siddhartha Prakash Jain provided a patch with a fix for libcurl with ares,
- when working on IP-only names as we then could return "wait" status when the
- name in fact already was resolved. I edited the patch slightly to not expose
- asynch details to non-ares aware source code.
- Daniel (3 October)
- - Neil Spring posted the debian bug report #213180, and pointed out that using
- the name 'access' in a function prototype is not very wise as some compilers
- complain.
- - Peter Sylvester provided his and Jean-Paul Merlin's curlx.c example source
- code that shows how they use ssl and callbacks.
- Daniel (2 October)
- - James MacMillan's patch makes curl build on QNX 6.2.x.
- Daniel (26 September)
- - My daughter was born!
- Daniel (23 September)
- - Added support for -4/--ipv4 and -6/--ipv6 to force names to resolve to that
- particular IP version. They only work for IPv6-enabled libcurls.
- - curl -V now outputs 'SPNEGO' as a feature in case libcurl was built to
- support that.
- Version 7.10.8-pre2 (22 September 2003)
- Daniel (22 September)
- - Giuseppe Attardi found a segfault in libcurl when using the multi interface
- with ares and doing repeated operations against a non-resolving host name.
- Daniel (19 September)
- - Added the CURLOPT_IPRESOLVE option, that allows an application to select
- what kind of IP addresses he wants to use when resolving host names. This
- is only interesting when using host names that resolve addresses using more
- than one version of IP.
- - Applied Markus Moeller's patch that introduces SPNEGO support if libcurl
- is built with the FBopenssl libraries. curl_version_info() now returns
- info on SPNEGO availability. The patch also made the GSSAPI stuff work fine
- with the MIT GSS-library (the Heimdal one still works too).
- Daniel (16 September)
- - Doing PUT with --digest failed, as reported in bug report #805853.
- - Using --anyauth that picked NTLM, and then a redirect closed the connection
- and took curl to a second NTLM page made curl fail. Bug report #806328
- identified the problem, test case 90 was added to verify the fix.
- Daniel (14 September)
- - codemastr brought a patch for ares to make the Windows portions of it work
- properly on NT4. I uploaded a new diff and updated the docs on where to get
- it etc.
- - Jeff Pohlmeyer tracked down a very hard-to-find bug where we removed a
- cached DNS entry even though it may be in use, which caused "random" memory
- to get overwritten and thus "random" crashes.
- Daniel (12 September)
- - Based on a bug report by David Kimdon, I made the runtests.pl script clear
- all possible proxy environment variables before the tests are run.
- - By default, easy handles within a multi handle now share DNS cache.
- - Tim Bartley brought a patch that makes the GSSNEGOTIATE option work for
- Microsoft's "Negotiate" authentication as well.
- Daniel (11 September)
- - A zero-length proxy string confused FTP transfers.
- - Bjorn Reese found a case with an uninitialized pointer, only present when
- built for ares.
- Version 7.10.8-pre1 (8 September 2003)
- Daniel (7 September)
- - Jurij Smakov found out that the non-OpenSSL MD5 code was not working on
- Alpha (or ia64). Only the OpenSSL-version did. I made a fix I think corrects
- the problem.
- Daniel (5 September)
- - Kevin Fisk reported that configure --enable-thread didn't work. I fixed.
- - De-macrofied the lib/hash.c source code somewhat.
- Daniel (4 September)
- - CURLINFO_HTTPAUTH_AVAIL and CURLINFO_PROXYAUTH_AVAIL added, Based on Joerg
- Mueller-Tolk's patch,
- Early (4 September)
- - Added CURLOPT_FTP_RESPONSE_TIMEOUT - allows user to set strict timeout
- requirements on the FTP server's ability to respond to individual commands
- without placing global requirements on transfer or connect time. Files
- affected:
- - include/curl/curl.h
- Added option CURLOPT_FTP_RESPONSE_TIMEOUT
- - lib/ftp.c
- Added branch inside Curl_GetFTPResponse to check for
- data->set.ftp_response_timeout
- - lib/url.c
- Modified Curl_setopt to recognize CURLOPT_FTP_RESPONSE_TIMEOUT
- - lib/urldata.h
- Added ftp_response_timeout to struct UserDefined
- Daniel (3 September)
- - Peter Pentchev found and fixed two problems in the test suite's web server
- code, that made it segfault at times.
- - Jörg Mueller-Tolk improved the proxy user+password handling, especially
- when providing a blank password.
- Daniel (2 September)
- - Fix for making CONNECT to proxies do the correct magic to allow NTLM, Digest
- and similar to work.
- Daniel (1 September)
- - Henrik Storner made libcurl work fine with OpenLDAP 2.1.22 (current).
- - Jeff Pohlmeyer added a proper error message for non-resolving hosts when
- using ares for lookups.
- Daniel (25 August)
- - John McGowan reported that curl -k still failed if the HTTPS server's CN
- field wasn't obtainable. This was due to the CURLOPT_SSL_VERIFYHOST being
- set to 1, and libcurl failed if the CN was missing. Starting now, having it
- set to 1 will simply output a warning if no CN could be obtained (as having
- a mismatch is OK).
- Daniel (21 August)
- - Vincent Sanders provided a fix for name resolving when linked with uClibc.
- Daniel (20 August)
- - Gerd v. Egidy provided a patch that makes libcurl store the FTP response
- code from ftp servers. Using curl_easy_getinfo() with CURLINFO_HTTP_CODE
- returns that data. The option is therefore now also known as
- CURLINFO_RESPONSE_CODE.
- - Antoine Calando found a segfault when doing multi-part/formpost using
- the multi interface.
- - Antoine Calando pointed out that curl_multi_info_read() didn't set the
- msgs_in_queue to 0 properly when returning NULL.
- Daniel (19 August)
- - I made curl support multiple -T options, as well as -T "{file1,file2}"
- style globbing. One -T for each URL is supported.
- - Jeff Pohlmeyer found a segfault when using ares-enabled libcurl and the
- multi interface when trying a non-existing host name.
- - Made the libcurl printf code support long longs if available.
- - Loren Kirkby pointed out that we did not clean up all SSL-allocated memory
- in curl_global_cleanup().
- Daniel (17 August)
- - Setting CURLOPT_WRITEFUNCTION or CURLOPT_READFUNCTION to NULL will now make
- them get the internal defaults restored. Previously this could cause a
- segfault. We should aim at having all pointer-related options get restored
- to default/safe values when set to NULL.
- Version 7.10.7 (15 August 2003)
- Daniel (14 August)
- - I modified the memdebug system to return failure on memory allocation
- functions after a set amount of successful ones. This enables us to test
- out-of-memory situations in a controlled manner and we can make sure that
- curl/libcurl behaves good in those.
- This made me find and fix several spots where we did not cleanup properly
- when bailing out due to errors (low memory).
- - Corrected test case 74. Made using -o with bad #[num] codes complain and
- bail out. Made #[num] support numbers larger than 9 as well. Added test
- case 86 for a proper range globbing test as well.
- Version 7.10.7-pre4 (12 August 2003)
- Daniel (12 August)
- - curl_version_info() now returns a flag if libcurl was built with asynch DNS
- support, and this is now also displayed with 'curl -V'.
- - Added a few new man pages to the docs/libcurl dir: curl_share_init,
- curl_share_setopt, curl_share_cleanup, libcurl-easy and libcurl-share.
- Daniel (11 August)
- - Mike Cherepov made the local binding code work for Windows, which makes
- the option CURLOPT_INTERFACE work on Windows as well.
- - Vincent Sanders updated the fopen.c example code a lot.
- - --proxy-ntlm is now supported by the curl tool. It forces the proxy
- authentication to be made using NTLM. It does not yet work for HTTPS over
- proxies (or other proxy-tunneling options). Test case 81 and 82 do some
- simple initial ntlm testing.
- - Found and fixed a minor memory leak on re-used connections with
- proxy-authentication.
- - I removed -@ and -Z as valid short options. They were very rarely used (@
- wasn't even documented).
- - Serge Semashko introduced CURLOPT_PROXYAUTH, and make it work when set to
- CURLAUTH_NTLM and/or CURLAUTH_BASIC. The PROXAUTH is similar to HTTPAUTH,
- but is for the proxy connection only, and HTTPAUTH is for the remote host.
- - Fixed loading of cookies with blank contents from a cookie jar. Also made the
- cookie functions inform on added and skipped cookies (for cookie debugging).
- Version 7.10.7-pre3 (8 August 2003)
- Daniel (8 August)
- - Applied David Byron's fix for file:// URLs with drive letters included.
- - I added the --ftp-create-dirs to the client code, which activates Early's
- CURLOPT_FTP_CREATE_MISSING_DIRS option, and wrote test case 147 to verify
- it. Added the option to the curl.1 man page too. Added the option to the
- curl_easy_setopt.3 man page too.
- Daniel (7 August)
- - Test case 60 failed on ia64 and AMD Opteron. Fixed now.
- - Fixed a printf problem that resulted in urlglobbing bugs (bug #203827 in the
- debian bug tracker). Added test case 74 to verify the fix and to discover if
- this breaks in the future.
- - "make distcheck" works again.
- Version 7.10.7-pre2 (6 August 2003)
- Daniel (5 August)
- - Duncan Wilcox helped me verify that the latest incarnation of my ares patch
- builds fine on Mac OS X (see the new lib/README.ares) file for all details.
- - Salvatore Sorrentino filed bug report #783116 and Early Ehlinger posted a
- bug report to the libcurl list, both identifying a problem with FTP
- persistent connections and how the dir hierarchy was not properly reset
- between files.
- - David Byron's thoughts on a fixed Makefile in tests/ were applied.
- - Jan Sundin reported a case where curl ignored a cookie that browsers don't,
- which turned up to be due to the number of dots in the 'domain'. I've now
- made curl follow the the original netscape cookie spec less strict on that
- part.
- Daniel (4 August)
- - Dirk Manske added cookie support for the experimental, hidden and still
- undocumented share feature!
- - Mark Fletcher provided an excellent bug report that identified a problem
- with FOLLOWLOCATION and chunked transfer-encoding, as libcurl would not
- properly ignore the body contents of 3XX response that included the
- Location: header.
- Early (6 August)
- - Added option CURLOPT_FTP_CREATE_MISSING_DIRS
- This option will force the target file's path to be created if it
- does not already exist on the remote system.
-
- Files affected:
- - include/curl/curl.h
- Added option CURLOPT_FTP_CREATE_MISSING_DIRS
- - lib/ftp.c
- Added function ftp_mkd, which issues a MKD command
- Added function ftp_force_cwd, which attempts a CWD,
- and does a MKD and retries the CWD if the original CWD
- fails
- Modified ftp_perform() to call its change directory function
- through a pointer. The pointer points to ftp_cwd by default,
- and is modified to point to ftp_force_cwd IFF
- data->set.ftp_create_missing_dirs is not 0.
- - lib/url.c
- Modified Curl_setopt to recognize CURLOPT_FTP_CREATE_MISSING_DIRS
- - lib/urldata.h
- Added ftp_create_missing_dirs to struct UserDefined
-
- - Minor Bugfix for CURLOPT_TIMECONDITION with FTP - if the file was not
- present to do the time comparison, it would fail.
- Files affected:
- - lib/ftp.c
- In ftp_perform(), the call to ftp_getfiletime() used to be followed
- by
- if (result)
- return result;
- And then by the code that actually did the time comparison.
- The code that did the comparison handled the case where the filetime
- was not available (as indicated by info.filetime < 0 or set.timevalue
- < 0), so I replaced the if (result) return result with a switch(result)
- that allows CURLE_FTP_COULDNT_RETR_FILE to fall through to the
- normal time comparison.
- Daniel (3 August)
- - When proxy authentication is used in a CONNECT request (as used for all SSL
- connects and otherwise enforced tunnel-thru-proxy requests), the same
- authentication header is also wrongly sent to the remote host.
- This is a rather significant info leak. I've fixed it now and mailed a patch
- and warning to the mailing lists.
- Daniel (1 August)
- - David Byron provided a patch to make 7.10.6 build correctly with the
- compressed hugehelp.c source file.
- Version 7.10.7-pre1 (31 July 2003)
- Daniel (30 July)
- - Jörg Müller-Tolk updated the VC makefile.
- - Daniel Noguerol made the ftp code output "Accept-Ranges: bytes" in similar
- style like other faked HTTP headers when NOBODY and HEADER are used. I
- updated two corresponding test cases too.
- - Marty Kuhrt pointed out a compilation problem on VMS due to my having
- changed a type from long to time_t, and I'm now changing it back to work
- more portably...
- He also indicated that distributing the src/hugehelp.c in a compressed state
- like I accidentally did may not be the smartest move... I've now fixed the
- distribute procedure to automatically generate an uncompressed version when I
- make release archives.
- Daniel (29 July)
- - Gisle Vanem brought changes to the mkhelp script for the generation of the
- compressed help text on some platforms.
- Version 7.10.6 (28 July 2003)
- Daniel (28 July)
- - François Pons brought a patch that once again made curl deal with ftp and
- "double slash" as indicating the root directory. In the RFC1738-fix of April
- 30, that ability was removed (since it is not the "right" way). So, starting
- now we can list the root dir of an ftp server both these ways:
- curl ftp://server.com/%2f as well as
- curl ftp://server.com//
- Daniel (24 July)
- - Henry Bland pointed out that we included sys/resource.h without good reason
- in several source files. Without it included, QNX builds better...
- - Andrés García updated the mingw makefiles.
- Daniel (23 July)
- - Tracy Boehrer experienced DNS cache problems and did some nice debugging
- and tracking which made it easy for me to correct the problem and Tracy
- could verify that it did cure the problem! When re-using a connection we
- now make sure we don't re-use the 'connect_addr' struct.
- - Daniel Kouril corrected the GSS-Negotiate code.
- - Juan F. Codagnone provided fixes to allow curl to build fine on Windows
- again.
- Daniel (22 July)
- - Edited the curl/curl.h include file to build on Windows properly.
- Daniel (21 July)
- - Moved the proxy credentials from the SessionHandle struct to the connectdata
- struct, to make multiple proxy connections with differerent user names work.
- - Adjusted the NTLM code to support proxy functionality.
- - Made the krb4 stuff compile with the user+password fields moved.
- Version 7.10.6-pre4 (21 July 2003)
- Daniel (20 July)
- - David Gardner pointed out in bug report 770755 that using the FTP command
- CWD with a blank argument is a bad idea and I made libcurl skip empty path
- segments starting now.
- Daniel (18 July)
- - Cris pointed out that my fix on July 16th didn't work fully. His pointing
- out this (and his patch) also made me realize that we have a very similar
- bug in the FTP connection re-use code. We must store a separate user and
- password field for each connection we keep (at least for FTP and HTTP+NTLM
- connections, so I made us do this unconditionally).
- - Since NTLM authenticates connections instead of single requests, I had to
- re-arrange how we store the NTLM data and I had to improve the test suite to
- finally work properly with persistency to make the NTLM tests run fine
- again. This also forced me to have to update lots of HTTP test cases.
- Daniel (16 July)
- - Cris Bailiff's bug report 768275 pointed out that using Basic auth with
- wrong user+password caused an endless loop. Fixed now. He also found out that
- we didn't properly authenticate connections with NTLM. Fixed too.
- - Dan Winship provided fixes for the NTLM code.
- Daniel (5 July)
- - Doug Kaufman provided additional fixes for the DOS port.
- Daniel (4 July)
- - Rick Richardson pointed out that using setvbuf() to achieve non-buffering
- on output is no-good for SCO Xenix and other unixes. We switched over to
- using plain fflush() instead.
- - Dan Grayson pointed out that we set the CURL_CA_BUNDLE variable wrongly in
- the configure script, and I had to change some build stuff to make the new
- way work.
- - Peter Sylvester's patch was applied that introduces the following:
- CURLOPT_SSL_CTX_FUNCTION to set a callback that gets called with the
- OpenSSL's ssl_ctx pointer passed in and allow a callback to act on it. If
- anything but CURLE_OK is returned, that will also be returned by libcurl
- all the way back. If this function changes the CURLOPT_URL, libcurl will
- detect this and instead go use the new URL.
- CURLOPT_SSL_CTX_DATA is a pointer you set to get passed to the callback set
- with CURLOPT_SSL_CTX_FUNCTION.
- Daniel (1 July)
- - David Byron provided a patch that allows a client to quit the test suite's
- HTTP server.
- - Gisle Vanem found and patched a lib handle leak in the ldap code.
- Daniel (25 June)
- - More NTLM-improvements. Less code. Smaller packets back and forth.
- Daniel (23 June)
- - Eric Glass provided us with a better doc on NTLM details, and I added more
- comments and clarified the current code more. Using the new knowledge, we
- should be able to make the NTLM stuff work even better.
- Eric's original URL: http://davenport.sourceforge.net/ntlm.html
- Version stored and provided at curl site: http://curl.haxx.se/rfc/ntlm.html
- - Fixed the minor compile problems pre3 had if built without GSSAPI and/or
- SSL.
- Version 7.10.6-pre3 (19 June 2003)
- Daniel (19 June)
- - Made curl use curl_free() on memory returned by curl_getenv(), as this
- should theoreticly make it possibly to build and run curl and libcurl with
- different memory allocation schemes with no problems.
- Daniel (18 June)
- - Improved the mkhelp.pl a bit further to make a nicer hugehelp text and to
- include a better comment in the top for the gzip compressed version.
- Daniel (17 June)
- - CURLOPT_HTTPAUTH is now a bitmask, in which you set which authentication
- type(s) you want to use. If more than one is set, libcurl will use one of
- the selected one and the one it considers is more secure. Test case 67 and
- 68 (for NTLM) were fixed and we've reduced a round-trip for specific --ntlm
- fetches, and test case 69 and 70 were added for testing authentication
- "picking". --anyauth is the new command line tool option, and I also added
- --basic for completeness (that's the default type).
- - Fixed the runtests.pl script to use the info provided by the new curl -V
- output.
- - --enable-debug now sets the CURLDEBUG define instead of MALLOCDEBUG, as it
- is meant to be a generic debug conditional.
- - curl_version_info() can now return CURL_VERSION_DEBUG as a feature bit, to
- indicate that the library was built with CURLDEBUG set.
- - Ralph Mitchell found out that some web applications very badly uses white
- spaces in Location: redirects, and apparently IE is a browser (the only
- one?) that supports this abomination. Based on Ralph's patch, I added code
- that now attempts to replace white spaces with the proper "%20" or "+".
- Test case 40 and 42 were added to verify my changes.
- - curl -V now also outputs a list of features the available library offers (if
- any).
- - The curl_version() string now includes "GSS" if libcurl is built with GSSAPI
- support.
- - David Orrell reported that libcurl still crashed when sending HUGE requests
- over HTTPS... I fixed.
- Version 7.10.6-pre2 (16 June 2003)
- Daniel (16 June)
- - curl_version_info() now returns bitmasked information weather NTLM and
- GSSNEGOTIATE are supported, since it is doomed to vary on different
- installations.
- - I remade the HTTP Digest code to use the MD5-code provided by OpenSSL if
- that is present, and only use our own MD5-code if it isn't.
-
- Daniel (13 June)
- - More NTLM help, fixes and patches from Cris Bailiff.
- - Marty Kuhrt brought include fixes for making VMS builds warning-free.
- Daniel (12 June)
- - NTLM authentication works somewhat against the test servers provided by
- Mathias Axelsson and Cris Bailiff. Use by setting CURLOPT_HTTPAUTH to
- CURLAUTH_NTLM to libcurl, or --ntlm for the curl tool. Test case 67 and 68
- were added for this. NTLM-support requires OpenSSL.
- - Dan Fandrich provided a patch, that granted that gzip and libz are available
- at build-time, compresses the hugehelp text in the curl command line and
- uncompresses it at request. Saves some ~60K in the final output executable.
- Daniel (11 June)
- - Long day of fighting the NTLM demons.
- Daniel (10 June)
- - Modified how to set auth type to libcurl. Now use CURLOPT_HTTPAUTH instead,
- and pick method. Supported ones currently are:
- CURLAUTH_BASIC - default selection
- CURLAUTH_DIGEST - formerly CURLOPT_HTTPDIGEST
- CURLAUTH_GSSNEGOTIATE
- - Daniel Kouril added HTTP GSS-Negotiate authentication support, as defined in
- the IETF draft draft-brezak-spnego-http-04.txt. In use already by various
- Microsoft web applications. --negotiate is the new family member. To take
- advantage of this, you need one of these packages:
- o Heimdal Kerberos5 http://www.pdc.kth.se/heimdal/heimdal.html
- o GSSAPI from Globus http://www.globus.org/
- o GSSAPI libraries from MIT Kerberos5 http://web.mit.edu/kerberos/www/
- - A missing ending bracket (']') while doing URL globbing could lead to a
- segfault. While fixing this, I also introduced better error reporting in the
- globbing code. (All this is application code outside libcurl.)
- Daniel (6 June)
- - David Orrell found out that sending a huge GET request over HTTPS could
- make libcurl fail and return an error code.
- Daniel (2 June)
- - Richard Bramante found out that "Content-Length: 0" was not properly used by
- libcurl if the response-headers indicated that the connection would be
- closed.
- - David Byron's patch was applied, that makes the --progress-bar take the
- local size into account when doing resumed downloads.
- - Feedback from Serge Semashko made me change the error message returned when
- CURLE_HTTP_RETURNED_ERROR is returned.
- - Anonymous in bug report #745122 pointed out that we should really be using
- SSL_CTX_set_options(... SSL_OP_ALL) to work around flaws in existing SSL
- implementations.
- Daniel (27 May)
- - Andreas Ley and Rich Gray helped me point out that no version of HP-UX has
- the sys/select.h header file so including it unconditionally in curl/multi.h
- is not a good thing. Now we check for HPUX and avoid using that header on
- such systems.
- - Rudy Koento experienced problems with curl's recent habit of POSTing data in
- two separate send() calls, first the headers and then the data. I've now
- made a fix that for static and known content that is less than 100K in size,
- everything is now sent in one single system call again. This is also better
- for network performance reasons.
- - I modified the main makefile to not build the test suite and a few other
- unnecessary things by default. Now, the test suite is built when 'make test'
- is run. This reduces build time for those who don't care for the test
- suite, and it also reduces confusion for people using platforms where the
- test suite build fails!
- Daniel (26 May)
- - Chris Lewis pointed out a flaw in the #ifdefs in curl/multi.h for Windows,
- which is now corrected.
- - Jis Joy found another flaw in the SOCK5 code, as libcurl treated the socks5
- proxy a little too much like as if it was a http proxy.
- Daniel (23 May)
- - Ricardo Cadime found a socket leak when listing directories without
- contents. Test cases 144 and 145 were added to verify the fix.
- - Rudy Koento found yet another problem when a HTTP server returns only a
- single-line of contents without any headers at all. libcurl then failed to
- count the data, thus returning error 52 "no contents". Test case 66 was
- added to verify that we now do right.
- Version 7.10.6-pre1 (23 May 2003)
- Daniel (23 May)
- - Jis in bug report #741841, fixed a bug in the SOCKS5 proxy-using code.
- Daniel (22 May)
- - David Remahl set up a test-server for me providing Digest authentication,
- and I wrote the first working code that support it. The test suite was
- modified slightly as well to work better for it and --digest was added to
- the command line options (and CURLOPT_HTTPDIGEST to the library)... RFC2617
- has all the gory details.
- Daniel (21 May)
- - David Balazic pointed out that curl_unescape() didn't check that %-codes
- were correctly followed by two hexadecimal digits when it unescape strings.
- Now, we do the check and only %XX codes are unescaped if the X letters are
- hexadecimals.
- - Gisle Vanem made curl build with djgpp on DOS.
- - Gisle Vanem improved the mkhelp.pl script to make a nicer manual that is
- shown with curl -M.
- Daniel (20 May)
- - Gisle Vanem provided a fix that makes libcurl more conservative, not
- expecting h_aliases of the hostent struct to always be non-NULL.
- Daniel (19 May)
- - As requested by Martin Michlmayr in Debian bug report #193630, libcurl now
- supports user name and password in the proxy environment variables. Added
- test case 63 to verify this.
- Version 7.10.5 (19 May 2003)
- Daniel (15 May)
- - Changed the order for the in_addr_t testing, as 'unsigned long' seems to be
- a very common type inet_addr() returns.
- Daniel (14 May)
- - George Comninos provided a fix that calls the progress meter when waiting
- for FTP command responses take >1 second. It'll make applications more
- "responsive" even when dealing with very slow ftp servers.
- Daniel (12 May)
- - George Comninos pointed out that libcurl uploads had two quirks:
- o when using FTP PORT command, it used blocking sockets!
- o it could loop a long time without doing progress meter updates
- Both items are fixed now.
- Daniel (9 May)
- - Dan Fandrich changed CURLOPT_ENCODING to select all supported encodings if
- set to "". This frees the application from having to know which encodings
- the library supports.
- - Dan Fandrich pointed out we had three unnecessary files in CVS that is
- generated with libtoolize, so they're now removed and libtoolize is invoked
- accordingly in the buildconf script.
- - Avery Fay found out that the CURLOPT_INTERFACE way of first checking if the
- given name is a network interface gave a real performance penalty on Linux,
- so now we more appropriately first check if it is an IP number and if so
- we don't check for a network interface with that name.
- - CURLOPT_FTP_USE_EPRT added. Set this to FALSE to disable libcurl's attempts
- to use EPRT and LPRT before the traditional PORT command. The command line
- tool sets this option with '--disable-eprt'.
- Version 7.10.5-pre2 (6 May 2003)
- Daniel (6 May)
- - Kevin Delafield reported another case where we didn't correctly check for
- EAGAIN but only EWOULDBLOCK, which caused badness on HPUX.
- Daniel (4 May)
- - Ben Greear noticed that the check for 'writable argv' exited the configure
- script when run for cross-compiling, which wasn't nice. Now it'll default to
- no and output a warning about the fact that it was not checked for.
- Daniel (2 May)
- - Added test case 62 and fixed some more on the cookie sending with a custom
- Host: header set.
- Daniel (1 May)
- - Andy Cedilnik fixed a few compiler warnings.
- - Made the "SSL read error: 5" error message more verbose, by adding code that
- queries the OpenSSL library to fill in the error buffer.
- Daniel (30 Apr)
- - Added sys/select.h include in the curl/multi.h file, after having been
- reminded about this by Rich Gray.
- - I made each test set its own server requirements, thus abandoning the
- previous system where the test number implied what server(s) to use for a
- specific test.
- - David Balazic made curl more RFC1738-compliant for FTP URLs, by fixing so
- that libcurl now uses one CWD command for each path part. A bunch of test
- cases were fixed to work accordingly.
- - Cookie fixes:
- A. Save domains in jars like Mozilla does. It means all domains set in
- Set-Cookie: headers are dot-prefixed.
- B. Save and use the 'tailmatch' field in the Mozilla/Netscape cookie jars
- (the second column).
- C. Reject cookies using illegal domains in the Set-Cookie: line. Concerns
- both domains with too few dots or domains that are outside the currently
- operating server host's domain.
- D. Set the path part by default to the one used in the request, if none was
- set in the Set-Cookie line.
- To make item C really good, I also made libcurl notice custom Host: headers
- and extract the host name set in there and use that as the host name for the
- site we're getting the cookies from. This allows user to specify a site's
- IP-address, but still be able to receive and send its cookies properly if
- you provide a valid Host: name for the site.
- Daniel (29 Apr)
- - Peter Kovacs provided a patch that makes the CURLINFO_CONNECT_TIME work fine
- when using the multi interface (too).
- Version 7.10.5-pre1 (23 Apr 2003)
- Daniel (23 Apr)
- - Upgraded to libtool 1.5.
- Daniel (22 Apr)
- - Peter Sylvester pointed out that curl_easy_setopt() will always (wrongly)
- return CURLE_OK no matter what happens.
- - Dan Fandrich fixed some gzip decompression bugs and flaws.
- Daniel (16 Apr)
- - Fixed minor typo in man page, reported in the Debian bug tracker.
- Daniel (15 Apr)
- - Fixed some FTP tests in the test suite that failed on my Solaris host, due
- to the config.h not being included before the system headers. When done that
- way, it did get a mixed sense of if big files are supported or not and then
- stat() and fstat() (as used in test case 505) got confused and failed to
- return a proper file size.
- - Formposting a file using a .html suffix is now properly set to Content-Type: text/html.
- Daniel (14 Apr)
- - Fixed the SSL error handling to return proper SSL error messages again, they
- broke in 7.10.4. I also attempt to track down CA cert problems and then
- return the CURLE_SSL_CACERT error code.
- - The curl tool now intercepts the CURLE_SSL_CACERT error code and displays
- a fairly big and explanatory error message. Kevin Roth helped me out with
- the wording.
- Daniel (11 Apr)
- - Nic Hines provided a second patch for gzip decompression, and fixed a bug
- when deflate or gzip contents were downloaded using chunked encoding.
- - Dan Fandrich made libcurl support automatic decompression of gzip contents
- (as an addition to the previous deflate support).
- - I made the CWD command during FTP session consider all 2xy codes to be OK
- responses.
- Daniel (10 Apr)
- - Vlad Krupin fixed a URL parsing issue. URLs that were not using a slash
- after the host name, but still had "?" and parameters appended, as in
- "http://hostname.com?foobar=moo", were not properly parsed by libcurl.
- Daniel (9 Apr)
- - Made CURLOPT_TIMECONDITION work for FTP transfers, using the same syntax as
- for HTTP. This then made -z work for ftp transfers too. Added test case 139
- and 140 for verifying this.
- - Getting the file date of an ftp file used the wrong time zone when
- displayed. It is supposedly always GMT. Added test case 141 for this.
- - Made the test suite's FTP server support MDTM.
- - The default DEBUGFUNCTION, as enabled with CURLOPT_VERBOSE now outputs
- CURLINFO_HEADER_IN data as well. The most notable effect from this is that
- using curl -v, you get to see the incoming "headers" as well. This is
- perhaps most useful when doing ftp.
- Daniel (8 Apr)
- - James Bursa fixed a flaw in the Content-Type extraction code, which missed
- the first letter if no space followed the colon.
- - Magnus Nilsson pointed out that share.c was missing in the MSVC project
- file.
- Daniel (6 Apr)
- - Ryan Weaver provided a patch that makes the CA cert bundle not get installed
- anymore when 'configure --without-ssl' has been used.
- Daniel (4 Apr)
- - Martijn Broenland found another cases where a server application didn't
- like the boundary string used by curl when doing a multi-part/formpost. We
- modified the boundary string to look like the one IE uses, as this is
- probably gonna make curl work with more applications.
- Daniel (3 Apr)
- - Kevin Roth reported that a bunch of tests fails on cygwin. One set fails
- when using perl 5.8 (and they run fine with perl 5.6), and another set
- failed because of an artifact in the test suite's FTP server that I
- corrected. It turned out the FTP server code was still having a file opened
- while the main test script removed it and invoked the HTTP server that
- attempted to create the same file name of the file the FTP server kept open.
- This operation works fine on unix, but not on cygwin.
- Version 7.10.4 (2 Apr 2003)
- Daniel (1 Apr)
- - Added test case 505 to exercise FTP upload with rename done with libcurl,
- and for that I had to extend the test suite's FTP server to deal with the
- RNFR and RNTO commands.
- Daniel (31 Mar)
- - Even more SSL config check modifications after Richard's testing.
- Version 7.10.4-pre6 (31 Mar 2003)
- Daniel (31 Mar)
- - More fixes for the SSL session ID cache checks when SSL configs are changed
- between connections. Based on tests and talks with Richard Bramante.
- - Guillaume Cottenceau provided a patch that added CURLOPT_UNRESTRICTED_AUTH.
- When enabled, it will prevent libcurl from limiting to which host it sends
- user+password to when following locations. By default, libcurl only sends
- name and password to the original host used in the first URL, but with this
- option set it will send the auth info to all hosts it follows location
- headers to. The new tool command line option for this is named
- "--location-trusted".
- - Frankie Fong reported a problem with libcurl if you re-used an easy handle
- with a proxy, and you first made a https:// connection to a host and then
- switched to a http:// one to the same host. libcurl would then wrongly re-use
- the same connection for it and fail to get the second URL properly
- Daniel (29 Mar)
- - Dan Shearer's fix that makes curl complain if invoked with nothing but "curl
- -O" was applied.
- Daniel (26 Mar)
- - Bryan Kemp was friendly enough to lend me an account on his Redhat 9 box and
- I could fix the configure problems on redhat 8.1 and 9 in no time thanks to
- this. Thanks a bunch Bryan!
- Daniel (25 Mar)
- - Renamed configure.in to configure.ac
- Version 7.10.4-pre5 (25 Mar 2003)
- Daniel (25 Mar)
- - Richard Bramante provided a fix for a handle re-use problem seen when you
- change options on an SSL-enabled connection between requests. Previously,
- changing peer verification or host verification and similar things was not
- taken into account when a connection were checked for re-use and thus
- enabling stricter check between requests on a re-used connection made no
- difference and the connection would thus be used erroneously.
- Daniel (24 Mar)
- - Götz Babin-Ebell pointed out that the ca-bundle.crt file contained a
- certificate from Trustcenter that was a demo certificate only that was never
- intended to be part of a CA bundle.
- Daniel (21 Mar)
- - Life is a mystery. Within a time period of 17 hours, Tim Pope and Michael
- Churchill filed one bug report each, both identifying problems with a second
- transfer when doing persistent transfers re-using a connection. Tim's one is
- #706624, labeled "Multiple uploads per handle fail" and Michael's #707003
- "Does not send Authorization: header when reusing connection". I could track
- both down to the same piece of logic and it turned out libcurl was not using
- new settings properly when re-using an existing connection. This concerned
- both uploading and downloading and involved exactly those pieces these two
- reports identified. This code has been this faulty since the day I
- introduced persistent connection support in libcurl, more than 2 years ago.
- Daniel (20 Mar 2003)
- - Five year anniversary. Today five years ago, the first ever curl release saw
- the light of day.
- Daniel (17 Mar)
- - Andy Cedilnik corrected flaws in some libcurl example-usage sources.
- Daniel (16 Mar)
- - Juan F. Codagnone reported that the fix from March 2nd was incomplete.
- - Added code to the configure.in to check for select() argument types. I've
- not made any code use the results just yet though.
- Daniel (15 Mar)
- - Gisle Vanem provided two patches to build better on Windows.
- - Adjusted the test suite code to better make sure that the server(s) required
- for a specific test is properly started before the test case is attempted.
- Many tests now run a lot faster than before.
- Daniel (14 Mar)
- - Another configure.in adjustment made the configure detect functions properly
- on HPUX now.
- Daniel (13 Mar)
- - Philippe Raoult fixed pre4-compile quirks for FreeBSD.
- Version 7.10.4-pre4 (13 Mar 2003)
- Daniel (13 Mar)
- - Added a backup-check for functions that aren't found by AC_CHECK_FUNCS()
- as I believe some checks on HPUX need this. At least some of the info given
- to us by Rick Jones seemed to indicate this.
- Daniel (12 Mar)
- - Thomas Tonino found out that if you used the curl tool to do PUT operations
- as in 'curl www.foo.com/dir/ -T file' and the file name included for example
- space or other characters that don't belong in URLs, curl did not properly
- URL encode them before using them in the URL.
- - Added an option to configure called --enable-libgcc that simply adds -lgcc
- to the LIBS variable, as this seems to be a common problem.
- - I modified the configure.in file, so that the headers are now checked in an
- order of "viality". We must also make sure to use the "default headers"
- parameter to AC_CHECK_HEADERS() so that headers are checked with the proper
- prerequisites included (i.e all the major and generally important header
- files are included there by default). This might be what we need for various
- Sun, HP, AIX and Tru64 systems to behave good again on the header check
- front.
- - Rick Jones pointed out a few compiler warnings on HP-UX that I addressed.
- - I made the configure --help output nicer by using AC_HELP_STRING() a lot
- more.
- Daniel (11 Mar)
- - Christophe Demory fixed the socket sending code to work better on HP-UX
- when sending data to a socket that would block. It then returns EAGAIN, not
- EWOULDBLOCK.
- - Richard Gorton improved the seeding function for systems without a good
- and reliable random source.
- - Richard Gorton fixed a few warnings that popped up when you built curl
- using the Sun compiler on a 64bit SPARC platform.
- - Martin C. Martin fixed a case where a connect failure using the multi
- interface didn't produce a human readable error string.
- Daniel (10 Mar)
- - Reverted ltmain.sh back to libtool 1.4.2 status again, as the 1.4.3 version
- broke the build on numerous platforms. It seems that libtool 1.4.3 puts some
- requirements on what versions of the other tools (autoconf + automake) that
- I am not familiar with and thus I couldn't fulfill at this point.
- Yes, this is more than mildly frustrating.
- Daniel (7 Mar)
- - Run libtoolize version 1.4.3.
- Version 7.10.4-pre3 (4 Mar 2003)
- Daniel (3 Mar)
- - Added share.obj to the VC6 and Borland libcurl makefiles.
- - Troels Walsted Hansen found and investigated a problem with libcurl on AIX,
- presumably only on 4.3 or later. gethostbyname_r() is not returning data
- that is possible to "keep" and cache the way libcurl does. But instead these
- versions of AIX uses a gethostbyname() that works thread-safely we can
- instead use the ordinary gethostbyname() and our pack_hostent() approach to
- achieve what we want. The configure script now attempts to detect AIX 4.3 or
- later to adjust for this.
- Daniel (2 Mar)
- - Juan F. Codagnone found a problem introduced in 7.10.3 when you first did a
- POST and then back to a GET using the same easy handle.
- Daniel (28 Feb)
- - Removed the strequal and strnequal defines from curl/curl.h header. They
- were never meant for the public header anyway. Philippe Raoult brought it
- up.
- - James Bursa fixed the RISC OS build.
- Daniel (27 Feb)
- - Avery Fay pointed out the very misleading curl_multi_info_read man page, and
- I updated it to become more accurate.
- - Salvatore Sorrentino found a problem with FTP downloading that turned out to
- be his FTP server returning size zero (0 bytes) when SIZE was used on a file
- while being in BINARY mode. We now make a second check for the actual size
- by scanning the RETR reply anyway, even if the SIZE command returned 0.
- Daniel (26 Feb)
- - Kyle Sallee reported a case where he would do a transfer that didn't update
- the progress meter properly. It turned out to be a case where libcurl would
- loop a little too eagerly in the transfer loop, which isn't really good for
- the APIs, especially not the multi API.
- Version 7.10.4-pre2 (24 Feb 2003)
- Daniel (24 Feb)
- - Kjetil Jacobsen found out that setting CURLOPT_MAXCONNECTS to a value higher
- than 5 could cause a segfault.
- - I believe I fixed the 'Expect: 100-continue' behavior that has been broken
- for a while (I think since my change dated Dec 10 2002). When this header is
- used, libcurl should wait for a HTTP 100 (or timeout) before sending the
- post/put data.
- Daniel (14 Feb)
- - Matthew Clarke provided some info what to modify to make curl build
- flawlessly on AIX 3.2.5.
- - Martin C. Martin found and fixed a problem in the multi interface when
- running on Windows and trying to connect to a port without a listener.
- Daniel (13 Feb)
- - Christopher R. Palmer fixed Curl_base64_encode() to deal with zeroes in the
- data to encode.
- Daniel (4 Feb)
- - Jean-Philippe added the first code that enables the 'share' system. This
- should now enable sharing of DNS data between two curl easy handles.
- - Incorporated Nico Baggus' fixes to again compile flawlessly on VMS.
- - James Bursa corrected a bad comment in the public include file curl/multi.h
- - Peter Forret reported one of those error:00000000 cases in libcurl again
- when connecting to a HTTPS site, and this time I did discover some oddities
- in how curl reports SSL errors back. It could miss showing the actual error.
- Version 7.10.4-pre1 (3 Feb 2003)
- Daniel (3 Feb)
- - Removed things in the docs saying capath doesn't work on Windows, as Julian
- Noble told us it works fine.
- Daniel (31 Jan)
- - Kevin Roth fixed the zlib build stuff in the Mingw32 makefile.
- Daniel (30 Jan)
- - Kevin Roth found out that curl on Windows always checked for the CA cert
- bundle using the environment variable and the path scan, even though
- -k/--insecure was used.
- - Hamish Mackenzie pointed out that curl only did strict host name verifying
- if capath or cainfo was used. Now it'll always do it unless -k / --insecure
- is used!
- - Pavel Cenek pointed out that the Content-Type extraction was done wrongly
- as the full string was not fetched. Added test case 57 to verify that curl
- does it right now.
- Daniel (29 Jan)
- - Jamie Wilkinson provided a patch that now makes curl attempt to clear out
- "sensitive" command line arguments so that they don't appear in ps outputs
- (only on platforms that allow writing to argv[]).
- - John McGowan found out that the DEBUGFUNCTION could be called with bad
- arguments and thus cause the --trace outputs to go wrong.
- - Removed all the emacs local variables from all files. Mats Lidell provided
- the new sample.emacs file (for a sample of what to include in your .emacs)
- and the curl-style.el that sets a better c-style for editing curl sources.
- - Dave Halbakken found a problem with FTP downloads that could accidently
- return CURLE_PARTIAL_FILE when curl_easy_perform() was called with NOBODY
- set TRUE.
- Daniel (27 Jan)
- - The fopen.c example was flawed as Nick Humfrey noticed, and I fixed it to
- work again.
- Daniel (24 Jan)
- - Bertrand Demiddelaer found and fixed a memory leak (the content-type string)
- when following locations.
- Daniel (22 Jan 2003)
- - Ian Wilkes and Legoff Vincent both independently provided fixes for making
- curl/multi.h work properly when compiled with a C++ compiler.
- Daniel (20 Jan 2003)
- - Fixed 'buildconf' to check version number of the required tools before
- they're actually used.
- - Wrote 'testcurl.sh', a script targeted for automatic and distributed curl
- tests on various platforms.
- - David Thiel pointed out that the .netrc file was not being dealt with
- properly anymore. I broke this in the password prompting "fix".
- - Markus F.X.J. Oberhumer patched libcurl to allocate the scratch buffer only
- on demand and thus we save 32KB in each curl handle that don't use that
- buffer. This need appeared when some people started using thousands of
- simultaneous curl handles... :-)
- Daniel (16 Jan 2003)
- - Markus Oberhumer fixed curl-config --cflags when the includedir was not
- /usr/include.
- - Markus Oberhumer fixed CURLINFO_PRIVATE to properly return NULL if it was
- set to NULL!
- Version 7.10.3 (14 Jan 2003)
- Daniel (10 Jan 2003)
- - Steve Oliphant pointed out that test case 105 did not work anymore and this
- was due to a missing fix for the password prompting.
- Version 7.10.3-pre6 (10 Jan 2003)
- Daniel (9 Jan 2003)
- - Bryan Kemp pointed out that curl -u could not provide a blank password
- without prompting the user. It can now. -u username: makes the password
- empty, while -u username makes curl prompt the user for a password.
- - Kjetil Jacobsen found a remaining connect problem in the multi interface on
- ipv4 systems (Linux only?), that I fixed and Kjetil verified that it fixed
- his problems.
- - memanalyze.pl now reads a file name from the command line, and no longer
- takes the data on stdin as before.
- Version 7.10.3-pre5 (9 Jan 2003)
- Daniel (9 Jan 2003)
- - Fixed tests/memanalyze.pl to work with file names that contain colons (as on
- Windows).
-
- - Kjetil Jacobsen quickly pointed out that lib/share.h was missing...
- Version 7.10.3-pre4 (9 Jan 2003)
- Daniel (9 Jan 2003)
- - Updated lib/share.c quite a bit to match the design document at
- http://curl.haxx.se/dev/sharing.txt a lot more.
- I'll try to update the document soonish. share.c is still not actually used
- by libcurl, but the API is slowly getting there and we can start
- implementing code that takes advantage of this system.
- Daniel (8 Jan 2003)
- - Updated share stuff in curl/curl.h, including data types, structs and
- function prototypes. The corresponding files in lib/ were also modified
- of course to remain compilable. Based on input from Jean-Philippe and also
- to make it more in line with the design document.
- - Jean-Philippe Barrette-LaPierre patched a very trivial memory leak in
- curl_escape() that would happen when realloc() returns NULL...
- - Matthew Blain provided feedback to make the --create-dirs stuff build
- properly on Windows.
- - Fixed the #include in tests/libtest/first.c as Legoff Vincent pointed out.
- Daniel (7 Jan 2003)
- - Philippe Raoult provided a patch that now makes libcurl properly support
- wildcard checks for certificate names.
- - Simon Liu added CURLOPT_HTTP200ALIASES, to let an application set other
- strings recognized as "HTTP 200" to allow http-like protocols to get
- downloaded fine by curl.
- - Now using autoconf 2.57 and automake 1.7.2
- - Doing "curl -I ftp://domain/non-existing-file" still outputed a date!
- Wayne Haigh reported.
- - The error message is now written properly with a newline in the --trace
- file.
- Daniel (6 Jan 2003)
- - Sterling Hughes fixed a possible bug: previously, if you called
- curl_easy_perform and then set the global dns cache, the global cache
- wouldn't be used. Pointed out by Jean-Philippe Barrette-LaPierre.
- - Matthew Blain's fixed the VC6 libcurl makefile to include better debug data
- on debug builds.
- Daniel (27 Dec 2002)
- - Philippe Raoult reported a bug with HTTPS connections which I evidently
- added in my 19 dec fix. I corrected it.
- Daniel (20 Dec)
- - Idea from the Debian latest patch: use AM_MAINTAINER_MODE in the configure
- script to make the default makefile less confusing "to the casual
- installer".
- Version 7.10.3-pre3 (20 Dec)
- Daniel (19 Dec)
- - Matthew Blain patched the Curl_base64_decode() function.
- - Evan Jordan reported in bug report #653022 that the SSL_read() usage was
- wrong, and it certainly was. It could lead to curl using too much CPU due to
- a stupid loop.
- Daniel (18 Dec)
- - As suggested by Margus Freudenthal, CURLE_HTTP_NOT_FOUND was renamed to
- CURLE_HTTP_RETURNED_ERROR since it is returned on any >= 400 code when
- CURLOPT_FAILONERROR is set.
- Daniel (17 Dec)
- - Bug reported #651464, reported by Christopher Palmer, provided an example
- source code using the multi interface that hang when trying to connect to a
- proxy on a localhost port where no proxy was listening. This bug was not
- repeatable on libcurls that were IPv6-enabled.
- Daniel (16 Dec)
- - Christopher Palmer also noticed what Vojtech Janota already was
- experiencing: The attempted name resolve fix for glibc 2.2.93 caused libcurl
- to crash when used on some older glibc versions. The problem is of course
- the silliness of the 2.2.93. I committed a fix that hopefully should make
- the binary run fine on either one of the versions, even though the solution
- is not as nice as I'd like it to be.
- Daniel (13 Dec)
- - Bug report #651460 by Christopher R. Palmer showed that when using libcurl
- to for example go over a proxy on localhost, it would attempt to connect
- through the proxy TWICE.
- I added test case 503 with which I managed to repeat this problem and I
- fixed the code to not re-attempt any connects (which also made it a nicer
- fix for the #650941 bug mentioned below).
- The sws server was extended to deal with CONNECT in order to make test
- case 503 do good.
- - Evan Jordan posted bug report #650989 about a memory leak in the public key
- retrieving code. He provided a suggested fix and I merely applied it!
- - Bug report #650941, posted by Christopher R. Palmer identified a problem
- with the multi interface and getting file:// URLs. This was now fixed and
- test case 502 was added to verify this.
- Daniel (12 Dec)
- - Test case 500 and 501 are the first ever libcurl test cases that run.
- - Made "configure --enable-debug" cut off all -O* options to the compiler
- - Finally fixed the test suite's ftp server so that test case 402 doesn't
- cause the following test case to fail anymore!
- Daniel (11 Dec)
- - CURL_MAX_WRITE_SIZE is now decreased to 16KB since it makes the Windows
- version perform uploads much faster!!! RBramante did lots of research on
- this topic.
- - Fixed the #include in curl/curl.h to include the other files outside the
- extern "C" scope.
- Daniel (10 Dec)
- - Moved around and added more logic:
- First, POST data is never sent as part of the request headers in the http.c
- code. It is always sent the "normal" read callback then send() way. This now
- enables a plain HTTP POST to be sent chunked if we want to. This also
- reduces the risk of having very big POSTs causing problems.
- Further, sending off the initial HTTP request is not done using a loop
- anymore. If it wasn't all sent off in the first send(), the rest of the
- request is sent off in the normal transfer select() loop. This makes several
- things possible, but mainly it makes libcurl block less when used from the
- multi interface and it also reduces the risk of problems with issuing very
- large requests.
- Daniel (9 Dec)
- - Moved the read callback pointer and data within the structs to a more
- suitable place. This in preparation for a better HTTP-request sending code
- without (a silly) loop.
- - The Dodds fix seems not to work.
- - Vojtech Janota tests proved that the resolve fix from oct 21st is not good
- enough since obviously older glibcs might return EAGAIN without this meaning
- that the buffer was too small.
- - [the other day] Made libcurl loop on recv() and send() now until done, and
- then get back to select(). Previously it went back to select() more often
- which really was a slight overhead. This was due to the reported performance
- problems on HTTP PUT on Windows. I couldn't see any notable difference on
- Linux...
- Version 7.10.3-pre2 (4 Dec 2002)
- Daniel (4 Dec 2002)
- - Lots of work with Malcolm Dodds made me add a temporary code fix that now
- shortens the timeout waiting for the 226 or 250 line after a completed
- FTP transfer.
- If no data is received within 60 seconds, this is taken as a sign of a dead
- control connection and we bail out.
- Daniel (3 Dec 2002)
- - Ralph's bug report #644841 identified a problem in which curl returned a
- timeout error code when in fact the problem was not a timeout. The proper
- error should now be propagated better when they're detected in the FTP
- response reading function.
- - Updated the Borland Makefiles.
- Daniel (2 Dec 2002)
- - Nicolas Berloquin provided a patch that introduced --create-dirs to the
- command line tool. When used in combination with -o, it lets curl create
- [non-existing] directories used in -o, suitably used with #-combinations
- such as:
- curl "www.images.com/{flowers,cities,parks,mountains}/pic_[1-100].jpg \
- -o "dir_#1/pic#2.jpg" --create-dirs
- Version 7.10.3-pre1
- Daniel (28 Nov 2002)
- - I visited Lars Nordgren and had a go with his problem, which lead me to
- implement this fix. If libcurl detects the added custom header
- "Transfer-Encoding: chunked", it will now enable a chunked transfer.
- Also, chunked transfer didn't quite work before but seems to do so now.
- - Kjetil Jacobsen pointed out that ./configure --disable-ipv6 --without-zlib
- didn't work on any platform...
- Daniel (26 Nov 2002)
- - Fixed a bad addrinfo free in the hostip.c code, hardly exposed anywhere
- - Dan Becker found and fixed a minor memory leak on persistent connnections
- using CURLOPT_USERPWD.
- Daniel (22 Nov 2002)
- - Based on Ralph Mitchell's excellent analysis I found a bug in the test suite
- web server (sws) which now lets test case 306 run fine even in combination
- with the other test cases.
- - Juan Ignacio Hervás found a crash in the verbose connect message that is
- used on persistent connections. This bug was added in 7.10.2 due to the
- rearranged name resolve code.
- Daniel (20 Nov 2002)
- - Kjetil Jacobsen provided a patch that introduces:
- CURLOPT_PRIVATE stores a private pointer in the curl handle.
- CURLINFO_PRIVATE retrieves the private pointer from the curl handle.
- - Karol Pietrzak pointed out how curl-config --cflags didn't output a good
- include dir so I've removed that for now.
- Version 7.10.2 (18 Nov 2002)
- Daniel (11 Nov 2002)
- - Dave Halbakken added curl_version_info to lib/libcurl.def to make libcurl
- properly build with MSVC on Windows.
- Daniel (8 Nov 2002)
- - Doing HTTP PUT without a specified file size now makes libcurl use
- Transfer-Encoding: chunked.
- Daniel (7 Nov 2002)
- - Bug report #634625 identified how curl returned timeout immediately when
- CURLOPT_CONNECTTIMEOUT was used and provided a fix.
- Version 7.10.2-pre4 (6 Nov 2002)
- Daniel (5 Nov 2002)
- - Lehel Bernadt found out and fixed. libcurl sent error message to the debug
- output when it stored the error message.
- - Avery Fay found some problems with the DNS cache (when the cache time was
- set to 0 we got a memory leak, but when the leak was fixed he got a crash
- when he used the CURLOPT_INTERFACE with that) that had me do some real
- restructuring so that we now have a reference counter in the dns cache
- entries to prevent an entry to get flushed while still actually in use.
- I also detected that we previously didn't update the time stamp when we
- extracted an entry from the cache so that must've been a reason for some
- very weird dns cache bugs.
- Version 7.10.2-pre3
- Daniel (31 Oct 2002)
- - Downgraded automake to 1.6.3 in an attempt to fix cygwin problems. (It
- turned out this didn't help though.)
- - Disable the DNS cache (by setting the timeout to 0) made libcurl leak
- memory. Avery Fay brought the example code that proved this.
- Version 7.10.2-pre2
- Daniel (28 Oct 2002)
- - Upgraded to autoconf 2.54 and automake 1.7 on the release-build host.
- - Kevin Roth made the command line tool check for a CURL_CA_BUNDLE environment
- variable (if --cacert isn't used) and if not set, the Windows version will
- check for a file named "curl-ca-bundle.crt" in the current directory or the
- directory where curl is located. That file is then used as CA root cert
- bundle.
- - Avery Fay pointed out that curl's configure scrip didn't get right if you
- used autoconf newer than 2.52. This was due to some badly quoted code.
- Version 7.10.2-pre1
- Daniel (23 Oct 2002)
- - Emiliano Ida confirmed that we now build properly with the Borland C++
- compiler too. We needed yet another fix for the ISO cpp check in the curl.h
- header file.
- - Yet another fix was needed to get the HTTP download without headers to work.
- This time it was needed if the first "believed header" was read all in the
- first read. Test 306 has not run properly since the 11th october fix.
- Daniel (21 Oct 2002)
- - Zvi Har'El pointed out a problem with curl's name resolving on Redhat 8
- machines (running IPv6 disabled). Mats Lidell let me use an account on his
- machine and I could verify that gethostbyname_r() has been changed to return
- EAGAIN instead of ERANGE when the given buffer size is too small. This is
- glibc 2.2.93.
- - Albert Chin helped me get the -no-undefined option corrected in
- lib/Makefile.am since Cygwin builds want it there while Solaris builds don't
- want it present. Kevin Roth helped me try it out on cygwin.
-
- - Nikita Schmidt provided a bug fix for a FOLLOWLOCATION bug introduced when
- the ../ support got in (7.10.1).
- Daniel (18 Oct 2002)
- - Fabrizio Ammollo pointed out a remaining problem with FOLLOWLOCATION in
- the multi interface.
- Daniel (17 Oct 2002)
- - Richard Cooper's experimenting proved that -j (CURLOPT_COOKIESESSION) didn't
- work quite as supposed. You needed to set it *before* you use
- CURLOPT_COOKIEFILE, and we dont' want that kind of dependencies.
- Daniel (15 Oct 2002)
- - Andrés García provided corrections for erratas in four libcurl man pages.
- Daniel (13 Oct 2002)
- - Starting now, we generate and include PDF versions of all the docs in the
- release archives.
- Daniel (12 Oct 2002)
- - Trying to connect to a host on a bad port number caused the multi interface
- to never return failure and it appeared to keep on trying forever (it just
- didn't do anything).
- Daniel (11 Oct 2002)
- - Downloading HTTP without headers didn't work 100%, some of the initial data
- got written twice. Kevin Roth reported.
- - Kevin Roth found out the "config file" parser in the client code could
- segfault, like if DOS newlines were used.
- Version 7.10.1 (11 Oct 2002)
- Daniel (10 Oct 2002)
- - Jeff Lawson fixed a few problems with connection re-use that remained when
- you set CURLOPT_PROXY to "".
- Daniel (9 Oct 2002)
- - Craig Davison found a terrible flaw and Cris Bailiff helped out in the
- search. Getting HTTP data from servers when the headers are split up in
- multiple reads, could cause junk data to get inserted among the saved
- headers. This only concerns HTTP(S) headers.
- Daniel (8 Oct 2002)
- - Vincent Penquerc'h gave us the good suggestion that when the ERRRORBUFFER
- is set internally, the error text is sent to the debug function as well.
- - I fixed the telnet code to timeout properly as the option tells it to. On
- non-windows platforms.
- Daniel (7 Oct 2002)
- - John Crow pointed out that libcurl-the-guide wasn't included in the release
- tarball!
- - Kevin Roth pointed out that make install didn't do right if build outside
- the source tree (ca-bundle wise).
- - FOLLOWLOCATION bugfix for the multi interface
- Daniel (4 Oct 2002)
- - Kevin Roth got problems with his cygwin build with -no-undefined was not
- present in lib/Makefile.am so I put it back in there again. The poor one who
- needs to remove it again must write a configure script to detect that need.
- - Ralph Mitchell pointed out that curl was a bit naive and didn't deal with ./
- or ../ stuff in the string passed back in a Location: header when following
- locations.
- - Albert Chin helped me to work out a better configure.in check for zlib, and
- both --without-zlib and -with-zlib seem to work rather well right now.
- - Zvi Har'El improvied the OpenSSL ENGINE check in the configure script to
- become more accurate.
- Daniel (1 Oct 2002)
- - Detlef Schmier pointed out the lack of a --without-libz option to configure,
- so I added one.
- Version 7.10 (1 Oct 2002)
- Daniel (30 Sep 2002)
- - Modified the curl_version_info() proto and returned struct once again, and
- updated the man page accordingly.
- - Cris Bailiff found out that the pre-releases crashed on name lookups on
- names such as "a:" or "baz:" (on Linux versions not being ipv6-enabled) due
- to some weird return codes from gethostbyname_r(). I'll blame the complete
- lack of docs in that department. Cris provided a fix, which I modified only
- slightly.
- Daniel (27 Sep 2002)
- - After a suggestion from Christian Kurz to Debian curl package maintainer
- Domenico Andreoli, I made it possible to override the proxy environment
- variables better. Now, by setting -x "" you can explicitly tell libcurl to
- not use a proxy, no matter whan the environment variables say.
- Version 7.10-pre4
- Daniel (26 Sep 2002)
- - Extended curl_version_info() more and wrote a man page for it.
- Daniel (25 Sep 2002)
- - libcurl could leak memory when downloading multiple files using http ranges,
- reported and fixed by Jean-Luc Guevel.
- - Walter J. Mack provided code and docs for the new curl_free() function that
- shall be used to free memory that is allocated by libcurl and returned back
- to the application, as curl_escape() and curl_unescape() do.
- - Yarram Sunil pointed out a flaw in the multi interface where a failed
- connection didn't close down properly and thus a second transfer using the
- same handle failed.
- - Andrés García fixed a flaw that made (among other things) dict-fetches
- return a random value.
- Daniel (24 Sep 2002)
- - Wez Furlong brought his initial patch that introduced curl_version_info().
- We might need to tweak it somewhat before release.
- Daniel (20 Sep 2002)
- - Craig Markwardt fixed another Tru64 IP resolve problem.
- Daniel (19 Sep 2002)
- - Dolbneff A.V and Spiridonoff A.V made the file:// code work with resumes
- in the same style other code does.
- - Ilguiz Latypov fixed a flaw in the client code when fetching multiple URLs
- and -C - was used. The first file's resume position was then accidentally
- reused on all the other files too.
- Daniel (18 Sep 2002)
- - The curl_easy_setopt.3 man page was greatly modified and the options have
- now been grouped in logical groups so that it should be somewhat easier to
- read it and find things you search for.
- Daniel (13 Sep 2002)
- - Kevin Roth pinpointed a scary flaw in libcurl, when the HTTP server doesn't
- send any headers back, only raw content. Right, that is a violation of the
- standard but still happens at times and we need to deal with it. Test case
- 306 was added to verify that we do right now.
- Version 7.10-pre3
- Daniel (11 Sep 2002)
- - Lukasz Czekierda found out that curl didn't send a correct HTTP Host: header
- when you specified the URL with an IPv6 IP-address.
- Daniel (4 Sep 2002)
- - Sven Neuhaus made --silent being acknowledged even when multiple URLs
- were used. It used to output "[1/2]: http://host/a.html.de --> a.html.d" etc
- even when told to shut up.
- Daniel (3 Sep 2002)
- - Updated all source code headers to use MIT-license references only, and
- point to the COPYING file and the http://curl.haxx.se/docs/copyright.html
- URL. I've cut out all references to MPL that I could find.
- - Corected the makefiles to not always use -lz when linking
- Version 7.10-pre2
- Daniel (2 Sep 2002)
- - James Gallagher added Content-Encoding support to libcurl so now curl and
- libcurl-using apps can request compressed contents using the 'deflate'
- method. See the special file lib/README.encoding for details.
- curl --compressed is now used to request compressed contents.
- curl-config --feature will include 'libz' if this feature was around when
- the library was built.
- Daniel (30 Aug 2002)
- - Applied an anonymous SOCKS5-proxy patch. Not properly working in all
- situations though, as all getaddrinfo()-using libcurls will fail on this.
- This is because of the somewhat naive way the current code tries to extract
- the IP address of the proxy.
- - Fixed up the SSL cert fixes from the other day even more after more inputs
- from Cris. Added three new SSL error codes to make the
- CURLE_SSL_CONNECT_ERROR slightly less overloaded.
- Daniel (27 Aug 2002)
- - After lots of talk with Tom Zerucha, Nick Gimbrone and Cris Bailiff I
- decided to talk the bold path and I now made libcurl do CA certificate
- verification by default. Thus library users need to explicitly turn this off
- if you want to connect to sites without proper checking. We also install a
- CA cert bundle on 'make install' now.
- The curl tool now requires the -k/--insecure option in order to allow
- connections and operations on SSL sites that aren't properly verified with
- -cafile or --capath.
- curl-config --ca displays the built-in path to the CA cert bundle.
- Daniel (26 Aug 2002)
- - Andrew Francis cleaned up some code that now compiles fine without the need
- for ugly MSVC pragmas.
- - Keith MacDonald found a minor bug in src/main.c that made it close stdin
- instead of the actual file handle. It shouldn't have resulted in much
- trouble as most operating systems close all file handles on process exit
- anyway.
- Daniel (22 Aug 2002)
- - Markus Oberhumer provided some documentation for his previously provided
- CURLOPT_NOSIGNAL fix.
- - Patched the lib/Makefile.am to hopefully no longer complain on undefined
- symbols that seemed to occur on builds with shared OpenSSL libraries on
- Solaris lately...
- Daniel (20 Aug 2002)
- - Fixed compiler warnings on MSCV++ compiles. We're looking for help here:
- remove the pragmas from lib/config-win32.h and adjust the sources where
- the warnings occur. Hiding them with pragmas like this is not the correct
- way of dealing with compiler warnings.
- Daniel (13 Aug 2002)
- - Ulrich Zadow made the global include files in curl/* include themselves
- using "curl.h" instead of <curl/curl.h> which thus allows people to more
- freely decide how to include curl and how to setup their include paths.
- - Sterling Hughes added the curl_share* interface, somewhat as discussed
- previously.
- - Jörn Hartroth pointed out that poll() was used in the pre1 source code and
- it isn't very portable, so now I check for it in the configure script and
- work around it.
- Version 7.9.9-pre1
- Daniel (12 Aug 2002)
- - Applied my initial take on making the multi stuff more asynchronous. Connects
- should now return back without "hanging" until it has connected for real.
- This should also be the case for FTP-PASV connects.
- Daniel (9 Aug 2002)
- - Applied Markus F.X.J. Oberhumer's patch that introduces CURLOPT_NOSIGNAL,
- which effectively prevents libcurl from doing anything that may cause
- signals to get sent. This is basicly for multi-threaded applications that
- now can use timeouts properly, without risking any signals to burst in and
- ruin the party.
-
- Daniel (5 Aug 2002)
- - Lukasz Czekierda reported that RFC2732-style literal IPv6 addresses didn't
- work. When did that code vanish? Anyway, it's back again now and seems to
- work!
- - Jonatan Lander found out that POSTing an empty string didn't work with the
- command line tool.
- Daniel (3 Aug 2002)
- - Jörn Hartroth fixed the libcurl.def file to build the windows DLL with
- the multi interface enabled.
- Daniel (1 Aug 2002)
- - The ftp PORT command now uses a better default IP address, as it will
- extract and use the local IP address used by the control connection.
- - Modified the #include lines in curl/multi.h to work better on more
- platforms.
- Daniel (31 Jul 2002)
- - Attempted a fix for Ray DeGennaro's reported HP-UX host name resolve
- problems.
- Daniel (30 Jul 2002)
- - Priya Ramakrishnan and Ryan Jones compiles curl/curl.h with a C++ compiler
- and don't get __STDC__ defined, which required us to extend the preprocessor
- check for the ## operator usage.
- - Correct the description for CURLOPT_PASSWDFUNCTION, if set to NULL the
- internal default function will be put back.
- - danfuzz at milk.com found out that libcurl badly assumed a space after
- 'Set-Cookie:' so if it wasn't present, it caused the first letter of the
- cookie name to fall off!
- Daniel (29 Jul 2002)
- - The password prompt asking for user password used stdout and now uses
- stderr instead to better allow redirecting. It also leaked a fopen() file
- handle that is now fixed.
- Daniel (28 Jul 2002)
- - HAVE_SETVBUF was left out from src/main.c which made -N not work. Found out
- by M T.
- Daniel (26 Jun 2002)
- - Glen Nakamura solved a crash in the name resolving function for IP-only
- addresses on Alpha Linux (at least).
- - T. Bharath corrected the high resolution timer introduced in 7.9.8.
- Daniel (22 Jun 2002)
- - Andrés García pointed out man page errors in curl_formadd.3. I fixed.
- Daniel (19 Jun 2002)
- - Chris Combes pointed out a flaw in curl_escape(). I fixed. We no longer
- tries to generate nor parse '+' in URLs. Spaces become %20, and only %-codes
- are translated by curl_unescape().
- Daniel (15 Jun 2002)
- - Added --limit-rate to the curl tool. Allows the user to set a maxmimum
- upper limit to how much bandwidth to use for transfers.
- - CURLOPT_BUFFERSIZE was added to libcurl. This sets a prefered size for the
- receive buffer in libcurl. The main point of this would be that the write
- callback gets called more often and with smaller chunks.
- Daniel (14 Jun 2002)
- - Yarram Sunil found out that the SocketIsDead() function performed a lot
- faster on Windows when removing the 1 microsecond timeout.
- - Hanno L. Kranzhoff fixed the VC++ project files.
- - Tom Mattison found out that ftp transfers closed the connection a little
- too often.
- - Miklos Nemeth posted a VC++ makefile fix and some INSTALL comments on how
- to disable specific protocols when building for Windows.
- Version 7.9.8
- Daniel (13 Jun 2002)
- - Time to let this baby go.
- Daniel (12 Jun 2002)
- - Chris Combes added three new options for curl_formadd(): CURLFORM_BUFFER,
- CURLFORM_BUFFERPTR, CURLFORM_BUFFERLENGTH. They are used to create a
- multipart that appears as a regular file upload, but the data is provided
- with a pointer and length.
-
- - Nico Baggus made the VMS version use sigsetjmp() too.
- - Jörn Hartroth fixed the mingw32 build using the mm lib.
- - Applied patches by Kris Kennaway that correct format string problems in
- lib/ftp.c and lib/ldap.c.
- Version 7.9.8-pre3
- Daniel (11 Jun 2002)
- - James Cone brought the idea of using sigsetjmp() in the signal handler to
- make the time-out of name lookups to work, even when the underlying name
- resolver library traps EINTR. The use of sigsetjmp() and siglongjmp() for
- this may be a bit drastic, and also not likely to exist on all platforms. I
- added careful checking for this in the configure script, even checks for it
- being a macro (which seems to be the case in for example Linux).
- sigsetjmp() seems to be mentioned in the Single Unix specification.
- - Miklos Nemeth brought a patch that allows libcurl to get built with specific
- protocols disabled. This is done by running ./configure
- --disable-[protocol].
- - FTP range downloads could make CURLE_FTP_WRITE_ERROR get returned. We now
- make precautions to not return this for range downloads.
- Added test case 135 that makes an ftp range download. Had to tweak the
- runtests.pl script a bit too.
- - Bug report #566835 identified a strlen() on a NULL pointer. Added additional
- check to prevent this.
- Daniel (10 Jun 2002)
- - Found and corrected a connect failure problem that didn't create a human
- error text.
- - Added code to compile with OpenSSL 0.9.7. Based on patch from Jacob Meuser
- and comments from Götz Babin-Ebell.
- - Gautam Mani found a socket descriptor leak that happened when FTP transfers
- failed and you reinvoked curl_easy_perform().
- Daniel (5 Jun 2002)
- - Gustaf Hui corrected curl_multi_remove_handle() so that it won't crash no
- matter when you decide to remove the CURL handle.
- - HAVE_RAND_STATUS was added to lib/config-win32.h by Andreas Olsson, as it
- makes windows builds stop complaining about "weak seeding" when it in fact
- isn't.
- - Another 64bit architecture crash that was introduced in 7.9.7 was now
- removed, as bug report #564585 clarified. This happened due to our attempts
- to only allocate only as much memory as is actually needed for name
- resolving (using realloc) which called for a function that could 'move' a
- hostent struct in memory.
- Version 7.9.8-pre2
- Daniel (3 Jun 2002)
- - T. Bharath fixed the CURLINFO_REDIRECT_TIME to return a correct time and
- made the CURLINFO_REQUEST_SIZE return the correct total request size. He
- also made the win32 timers use higher resolution than before.
- Daniel (29 May 2002)
- - Renaud Chaillat made me aware of the fact that libcurl returned an error if
- you tried to get an empty FTP file. This seemed like a wrong thing to do, so
- now it no longer does that! I just hope that no one built anything fancy
- upon this unexpected behavior...
- Daniel (28 May 2002)
- - Cris Bailiff brought CURLOPT_CAPATH that works like CURLOPT_CAINFO but
- specifies a path to a directory with certificates rather than a single file
- with them all concatenated. --capath was added to the command line tool
- for the same function.
- Windows users need to pay attention that the directory should be setup with
- the c_rehash tool of the OpenSSL package, and that creates symlinks by
- default that need to be replaced with actual copies to work on Windows.
- - Gustaf Hui provided new code that changes how curl_multi_info_read()
- messages are stored, so that they don't have to be kept around for the multi
- handle's entire life time. He also made it return failure codes properly
- which it didn't do before.
- Daniel (27 May 2002)
- - Gustaf Hui pointed out that running curl_multi_perform() without doing
- curl_multi_fdset() first was not really a working combo. I added an internal
- check for this and have some extra select() code without timeout to make the
- library internals work identically nevertheless. We might need to somehow
- either document that once you've used the *_fdset() you should remain using
- them in select() or you should blank them somehow so that libcurl won't go
- crazy.
- Version 7.9.8-pre1
- Daniel (22 May 2002)
- - James Cone brought an excellent patch, including several tests and docs!
- CURLOPT_NETRC now takes an enum as argument instead of the previous boolean.
- --netrc-optional was introduced as an addition to --netrc to allow the
- command line client to take use of all that new netrc stuff.
- - Bug report #558888 showed a case where libcurl re-used the previous host
- name when a connection over a proxy was re-used but to a different target
- host.
- Daniel (21 May 2002)
- - Edin Kadribasic helped me sort out a problem to made libcurl crash when
- trying to HTTP POST an empty string.
- - Clarified that Juergen Wilke donated the original tests/server/sws.c code.
- - Jean-Philippe Barrette-LaPierre made curl_formadd() return a typedef named
- CURLFORMcode instead of the previous 'int', and the various return codes are
- now globally exported. It allows applications to better figure out what goes
- wrong when curl_formadd() returns errors.
- Daniel (20 May 2002)
- - Roland Zimmermann pointed out that SSL_CTX_use_certificate_chain_file()
- is prefered to SSL_CTX_use_certificate_file().
- Daniel (17 May 2002)
- - Bug report #556869 pointed out that src/writeout.c didn't compile on freebsd
- after my AIX fixes the other week.
- - Bug report #556930 pointed out a FreeBSD core dump introduced in 7.9.7 in
- the DNS struct realloc stuff. Actually, this crash could happen on all
- systems that made the pack_hostent() function get invoked.
- - I removed several compiler warnings in the test suite's HTTP server.
- Version 7.9.7
- Daniel (10 May 2002)
- - Kevin Roth adjusted the --trace-ascii output slightly.
- - Paul Harrington found out that src/writeout.c needed an additional header
- file included for AIX builds
- Version 7.9.7-pre2
- Daniel (7 May 2002)
- - Updated the man page with --trace-ascii and -j/--junk-session-cookies.
- - Made --trace-ascii do pretty much the same as --trace but without the hex
- part in the output.
- - Added CURLOPT_COOKIESESSION that when enabled makes libcurl ignore session
- cookies read from a file. This option is enforced by the curl command line
- tool using the new -j/--junk-session-cookies option. After discussions with
- Kevin Roth. This makes it easier to use curl to fully emulate a browser's
- behavior, even when it comes to "session cookies". Session cookies are
- cookies that a normal browser discards when the browser is shut
- down. They're identified by not having any expire date/time.
- - When CURLOPT_DEBUGDATA was set, it ruined the CURLOPT_STDERR setting and
- this was discovered when --trace was made to crash.
- - Using -v and --trace at the same time confused matters. -v is now pretty
- much ignored when --trace or --trace-ascii is used.
- - Made --trace (and --trace-ascii) support - as file name to pass output to
- stdout instead. It makes it consistent with how other options work.
- Version 7.9.7-pre1
- Daniel (6 May 2002)
- - Added multi-post.c to the examples directory. I got the basic source for
- this from Gustaf Hui.
- Daniel (3 May 2002)
- - CURL_MAX_WRITE_SIZE is now an exported #define in the curl/curl.h header and
- can be used to figure out the maximum buffer size your write callback can
- get.
- - CURLOPT_READDATA is now an alias for CURLOPT_INFILE and CURLOPT_WRITEDATE is
- an alias for CURLOPT_FILE. These two were added for conformity. Most other
- callback function's userdata are provided with options using a similar name-
- scheme.
- - Added "--trace [file]" to the command line tool. It makes a very detailed
- trace dump get stored, with a full protocol dump that includes all received
- and transmitted data. This could be a very effective tool for debugging what
- goes wrong. This dump includes every byte the way it is sent to/received
- from the server. The dump is the plain-text version, so SSL transfers will
- still be readable.
- - I found out that the DEBUGFUNCTION was not called properly everywhere as we
- wanted it to. I fixed it.
- - -D now stores all headers to the same file if multiple URLs are given on the
- command line! Kevin Roth made me aware of that it didn't already do this!
- - Gustaf Hui wrote an excellent formpost example that used the multi
- interface. Unfortunately, it didn't work due to several bugs in how
- transfers were made when the multi interface was used.
- Daniel (2 May 2002)
- - Hanno Kranzhoff found out that when doing multiple transfers on the same
- easy handle, the progress meter would show a bad "currently downloaded
- value" when the transfer starts.
- Daniel (1 May 2002)
- - Applied another patch by Jacky Lam to make the name resolve info realloc()
- stuff work properly.
- Daniel (28 April 2002)
- - curl_multi_info_read() is now implemented!
- Daniel (27 April 2002)
- - Updated BUGS, TODO, FAQ, INSTALL and added BINDINGS.
- - I think I fixed the DNS cache prune crach Jacky Lam found and reported.
- - I cleaned up the name prefix stuff in the hash and llist modules.
- - FTP responses should now be better on timing out properly. The timeout value
- is maximum timeout for the entire request operation, but before this, the
- timeout was used as a maximum allowed time between two reads...
- Daniel (26 April 2002)
- - Fixed the test suite http server to not use snprintf() anymore due to better
- portability.
- Daniel (25 April 2002)
- - With Sterling Hughes' new DNS pruning, Jacky Lam asked if this wouldn't
- cause problems since the pruning is only checking the entry time, and it
- sure could cause problems. Therefor, I've now added and changed code so that
- this should not be a problem. Nowhere in the code will be store name
- resolved information around so that a sunsequent DNS cache prune should
- cause a problem. This of course called for some mild internal changes.
- Daniel (23 April 2002)
- - Improved the 'no_proxy' check, as using port numbers in the URL confused it
- previously. Reported by Erwan Legrand in bug report #547484.
- - The --interface option now works even on IPv6 enabled builds. Reported by
- 'thor'.
- Daniel (22 April 2002)
- - The #defines names starting with TIMECOND now has CURL_ prefixes. (The old
- names are still #defined too.) Pointed out by Robert Olson.
- - Jacky Lam brought code that lets the name resolve function only use as much
- memory as it actually needs. This only works on certain operating systems,
- but is totally transparant to all users.
- Daniel (19 April 2002)
- - Bjorn Reese fixed pack_hostent to work properly with 64 bit pointers.
- Daniel (18 April 2002)
- - Sterling Hughes added code to prune old DNS cache entries, since Jacky Lam
- experienced very big caches.
- Daniel (17 April 2002)
- - Dirk Manske patched the 301 response to work against the RFC but more like
- common browsers do. If a POST get a 301 back, it'll switch to GET in the
- next request (if location-following is enabled).
- Daniel (16 April 2002)
- - Dirk Manske posted a patch originally written by Ingo Wilken that introduced
- two new CURLINFO_* values: CURLINFO_REDIRECT_TIME and
- CURLINFO_REDIRECT_COUNT.
- Daniel (15 April 2002)
- - Jonatan Lander patched the verbose text 'Disables POST, goes with GET' to
- reflect reality better, like when the first request isn't POST and when
- the second isn't GET... :-)
- - Craig Davison pointed out that when curl_formadd()ing a file that doesn't
- exist, libcurl doesn't return error. Now, curl_easy_perform() will return
- CURLE_READ_ERROR if that is the case. Test 41 was added to verify this.
- Version 7.9.6
- Daniel (14 April 2002)
- - Dirk Manske brought a fix that makes libcurl strip off white spaces from the
- beginning of cookie contents.
- - Had to patch include/curl/curl.h since MSVC doesn't set the __STDC__ define.
- Moonesamy pointed out the problem, Bjorn Reese the solution.
- Version 7.9.6-pre5
- Daniel (12 April 2002)
- - Fixed the TIMER_CONNECT to be more accurate for FTP transfers. Previously
- FTP transfers got the "connect done" time set after the initial FTP commands
- and not directly after the TCP/IP connect as it should.
- I also made the time stamp get set even if the connect itself fails, which
- it didn't do previously.
- - Jean-Philippe Barrette-LaPierre provided his patch that introduces
- CURLOPT_DEBUGFUNCTION and CURLOPT_DEBUGDATA. They allow a program to a set a
- callback to receive debug/information data. That includes headers and data
- that is received and sent. CURLOPT_VERBOSE still controls it.
- By default, there is an internal debugfunction that will make things look
- and work as before if not changed.
- Daniel (10 April 2002)
- - Sebastien Willemijns found out that -x didn't use the default port number as
- is documented. It does now.
- - libcurl-errors.3 is a new man page attempting to document all libcurl error
- codes
- - Added two new error codes and changed the behaviour of two old ones
- slightly:
- CURLE_WRITE_ERROR
- This error was returned *both* for errors that occured when writing
- received data to a local file, as well as when we get problems writing data
- to a remote server. CURLE_SEND_ERROR has now been added for the latter
- error.
- CURLE_READ_ERROR
- This error was similarly returned *both* for errors when reading a local
- file, as well as when getting problems when reading network data.
- CURLE_RECV_ERROR has now been added for the latter error.
- (Two test cases were adjusted accordingly.)
- Daniel (9 April 2002)
- - runtests.pl now sets the HOME variable before running curl, to prevent any
- actual ~/.curlrc file to fool the tests!
- Version 7.9.6-pre4
- Daniel (8 April 2002)
- - Michael Curtis provided new functionality for curl on some platforms. Using
- the --environment option, curl will *set* a bunch of environment variables
- to values. The names are the same ones as for the -w/--writeout option.
- For now, this only works on the RISC OS version, as this feature relies on
- both OS support and that it matches OS paradigms.
- - Jacky Lam provided a fix for getting headers-only when the reply is HTTP/1.0
- and 304, I edited it slightly.
- Daniel (5 April 2002)
- - As requested by Jay Graves, the '.curlrc' file (or _curlrc as it is called
- when used in windows), is now loaded from the current directory if the HOME
- environment variable isn't set (or if it is too long). I also enlarged the
- array used to store the full file path in, to 512 bytes.
- - Kevin Roth pointed out to me why the "19 March" change regarding -G and -I
- was stupid and the change was reverted. Added test case 48 to verify the
- functionality.
- Version 7.9.6-pre3
- Daniel (4 April 2002)
- - Jonatan Lander brought a patch that makes curl/curl.h compile nicely on
- pre-ISO compilers, like when using gcc -traditional.
- Daniel (3 April 2002)
- - Jacky Lam identified a glitch when getting headers-only, where libcurl would
- "hang" 1 second in vain in the select() loop before returning back.
- - Tor Arntsen brought a patch for multipart formposts. It turned out that the
- "CGI_Lite Perl package" makes some bad assumptions on what letters that may
- be used in boundary strings and thus curl could confuse it by including '+'
- and '/'. While this is standards-compliant, we change the behavior to work
- smoothly with existing software based on that package.
- Daniel (2 April 2002)
- - Gerhard Herre filed bug report #536238 where he pointed out a crash in
- verbose FTP passive transfers for AIX.
- - Clarence Gardner pointed out a minor flaw in how libcurl didn't properly
- take care of all errors that SSL_read() could return.
- - Jacky Lam fixed a MALLOCDEBUG problem in lib/getinfo.c
- Daniel (27 March 2002)
- - T. Bharath pointed out a flaw in the connection re-use function that didn't
- check proxy connections properly for "deadness" before they were re-used.
- - Pedro Neves found out that HTTP POSTing with --data-binary did not properly
- work under Windows as the file specified wasn't read fully binary!
- Daniel (25 March 2002)
- - Jacky Lam brought a fix that improves treatment of cookies using identical
- domains but with leading dots properly.
- Daniel (22 March 2002)
- - Miklos Nemeth updated the windows section of the docs/INSTALL file and the
- windows makefiles.
- - Jon Dillon provided us with several good-looking curl images for
- promotion. View them here http://curl.haxx.se/icons.html
- Daniel (20 March 2002)
- - Peter Verhas found out that CRLF replacement in uploads was not working. I
- fixed it, and added test case 128 that verifies the functionality.
- - The list formerly known as curl-main is now named curl-users and is hosted
- by sourceforge. Susbcribe to the new list, get off the old one.
- Version 7.9.6-pre2
- Daniel (19 March 2002)
- - Made -G and -I on the same command line cause an error.
- - Moved the multi.h file to the "public" include directory and made it get
- included by curl.h so that no extra include files will be necessary to use
- it.
- Added docs and man pages for the multi interface to the release archive.
- Added the three example source codes too.
- Necessary steps in my campaign to sneak in the multi interface... ;-)
- - Updated the year in all copyright notices in all C and H files.
- Daniel (18 March 2002)
- - Tomas Szepe found out that -d and -G didn't mix as they should. I broke this
- in 7.9.5... Added test case 32 for this.
- Version 7.9.6-pre1
- Daniel (16 March 2002)
- - Peter Verhas pointed out that the curl_escape and curl_unscape man pages
- contained factual errors.
- - Albert Choy found and corrected a problem with the verbose output when doing
- PASV ftp transfers. It could make libcurl crash.
- Details in bug report #530562:
- http://sourceforge.net/tracker/?func=detail&atid=100976&aid=530562&group_id=976
- Daniel (15 March 2002)
- - Jun-ichiro itojun Hagino filed bug report #530204 that clearly pointed out
- the PF_INET fix from February 19 as a not-very-good fix as it broke IPv6
- capability! That patch is now reverted.
- The problem with slow name lookups with getaddrinfo() on non-IPv6 enabled
- hosts are instead made by first checking if the stack is IPv6-enabled and if
- not, the PF_INET is used and otherwise we go with the full PF_UNSPEC.
- - T. Bharath pointed out that when we return an "error" from a WRITEFUNCTION
- as described in the man page, libcurl did not return the documented error
- code (CURLE_WRITE_ERROR) but would instead return CURLE_READ_ERROR. This is
- now corrected.
- Daniel (14 March 2002)
- - Setting CURLOPT_POST without setting CURLOPT_POSTFIELDS now read the POST-
- data from the callback.
- - The GOPHER support seems to be broken. I don't think I'll even start fixing
- it until someone else finds out... :-)
- Daniel (13 March 2002)
- - Trying 'curl -I ftp.sunet.se' or similar did a SIZE on a silly "(nil)"
- string. If such a file would be present, curl returned the size of it! Now
- we prevent this.
- - Curl_sendf() was fixed to deal with situation where Curl_write() would've
- blocked and thus return -1.
- - Setting CURLOPT_PROGRESSFUNCTION to NULL now restores the internal function.
- - All CURLFORM_* options can now be used in a CURLFORM_ARRAY except the
- CURLFORM_ARRAY itself. This was necessary since we couldn't expand the
- CURLFORM_* list proprely and unrestricted until this was the case. It was
- also a bit peculiar to users why some options could be used in an array
- while others couldn't.
- - Removed some silly CRLF lines that had accidentally slipped into src/main.c
- Nico Baggus pointed them out to me.
- Daniel (11 March 2002)
- - CURLFORM_FILENAME was added. This can be set when creating a file upload
- part, to set the 'filename' field to a custom value. If this isn't used,
- the actually used filename will be included instead (as libcurl always has
- done). curl was adjusted accordingly, and now -F accepts a 'filename=' field
- too, and allows constructs such as:
- -F 'name=@filename;filename=/dev/null'
- and this can be combined with type= too, in a manner similar to:
- -F "file=@log/test39.txt;filename=fakerfile;type=moo/foobar"
- Test case 39 was added to verify this functionality.
- - The struct formerly known as HttpPost is now named curl_httppost to properly
- use the curl name space. I added a #define for the old name to make existing
- programs compile even when this new include file is used.
- Daniel (8 March 2002)
- - Clifford also discovered that if the client code failed early, as when doing
- "curl -O" only, it would do fclose(NULL) which caused a segmentation fault
- on some systems.
- - Clifford Wolf provided a patch that made --progress-bar work again.
- - I closed bug report #527032 by making sure that we add a newline after a
- transfer when --progress-bar has been used. Before, without the newline, it
- made the subsequent text come out wrong.
- Version 7.9.5
- Daniel (7 March 2002)
- - Added docs/KNOWN_BUGS to the release archive.
- Daniel (6 March 2002)
- - Kevin Roth corrected a flaw in the curl client globbing code that made it
- mess up backslashes. This was most notable on windows (cygwin) machines when
- using file://.
- - Brad provided another fix for building outside the source-tree.
- - Ralph Mitchell patched away a few compiler warnings in tests/server/sws.c
- Daniel (5 March 2002)
- - I noticed that the typedef in curl.h for the progress callback prototype was
- wrong and thus applications that used it would not get the proper input
- data. It used size_t where the implementation actually uses doubles!
- I wish I could blame someone else, but this was my fault. Again.
- Version 7.9.5-pre6
- Daniel (4 March 2002)
- - Cut off the changes done during 2001 from this changelog file and put them
- in a separate file (CHANGES.2001), available from CVS of course.
- - I removed the multi directory. The example sources were moved to the
- docs/examples directory where they belong.
- - Wrote 7 new man pages for the current functions in the new multi interface.
- They're all still pretty basic, but we can use them as a start and add more
- contents to them when we figure out what to write. The large amount of man
- pages for libcurl now present made me decide to put them in a new separate
- subdirectory in the docs directory. Named libcurl.
- - Giuseppe Corbelli provided a template file for the EPM package manager, it
- gets generated nicely by the configure script now.
- Version 7.9.5-pre5
- Daniel (1 March 2002)
- - Moved the memanalyze.pl script into the tests/ dir and added it to the
- release archives. It was previously only present in the CVS tree.
- - Modified the February 17th Host: fix, as bug report #523718 pointed out that
- it caused crashes!
- - Nico Baggus added more error codes to the VMS stuff.
- - Wesley Laxton brought the code that introduced the new CURLOPT_PREQUOTE
- option. It is just another FTP quote option that allows the user to specify
- a list of FTP commands to issue *just before* the transfer command (RETR or
- STOR etc). It has turned up a few systems that really need this.
- The curl command line tool can also take advantage of this by prefixing the
- quote commands with a plus (+) in similar style that post transfer quote
- commands are specified.
- This is not yet documented. There is no test case for this yet.
- Daniel (28 February 2002)
- - Ralph Mitchell made some serious efforts and put a lot of sweat in setting
- up scripts and things for me to be able to repeat his problems, and I
- finally could. I found a problem with the header byte counter that wasn't
- increased properly and thus we could return CURLE_GOT_NOTHING when we in
- fact had received data.
- Daniel (27 February 2002)
- - I had to revert the non-space parsing cookie fix I posted to the mailing
- list. Expire dates do have spaces and still need to get parsed properly!
- Instead we just ignore trailing white space and it seems to work...
- Daniel (26 February 2002)
- - Made the cookie property 'Max-Age' work, just since we already tried to
- support it, it is better to do it right. No one uses this anyway.
- - The cookie parser could crash if a really weird (illegal) cookie line was
- received. I also made it better discard really oddly formatted lines better.
- Made the cookie jar store the second field from the left using the syntax
- that Netscape and Mozilla probably like. Curl itself ignores it.
- Added test case 31 for these cases.
- Clay Loveless' email regarding some cookie issues started my cleanup.
- - Kevin Roth pointed out that my automake fiddles broke the ability to build
- outside the source-tree and I posted a patch to the mailing list that brings
- this ability back.
- Version 7.9.5-pre4
- Daniel (25 February 2002)
- - Fiddled with the automake files to make all source files in the lib
- directory not have ../src in the include path, and the src sources shouldn't
- have ../lib!
- - All 79 test cases ran OK under Linux and Solaris using the new HTTP server
- in the test suite. The new HTTP server was first donated by Georg Horn and
- subsequently modified to work with the test suite. It is currently still not
- portable enough to run on "all over" but this is a start and I can run all
- curl tests on my machines. This is an important requirement for the upcoming
- public release.
- - Using -d and -I on the same command line now reports an error, as it implies
- two different HTTP requests that can't be mixed.
- - Jeffrey Pohlmeyer provided a patch that made the -w/--write-out option
- support %{content_type} to get the content type of the recent download.
- - Kevin Roth reported that pre2 and pre3 didn't compile properly on cygwin,
- and this was because I used #ifdef HAVE_WINSOCK_H in lib/multi.h to figure
- out if we could include winsock.h which turns out not to be a wise choice to
- do on cygwin since it has the file but can't include it!
- Daniel (22 February 2002)
- - Added src/config-vms.h to the release archive.
- - Fixed the connection timeout value again, the change from February 18 wasn't
- complete.
- Version 7.9.5-pre3
- Daniel (21 February 2002)
- - Kevin Roth and Andrés García both found out that lib/config.h.in was missing
- in the pre-release archive and thus the configure script failed.
- Version 7.9.5-pre2
- Daniel (20 February 2002)
- - Andrés García provided a solution to bug report #515228. the total time
- counter was not set correctly when -I was used during some conditions (all
- headers were read in one single read).
- - Nico Baggus provided a huge patch with minor tweaks all over to make curl
- compile nicely on VMS.
- Daniel (19 February 2002)
- - Rick Richardson found out that by replacing PF_UNSPEC with PF_INET in the
- getaddrinfo() calls, he could speed up some name resolving calls with an
- order of magnitudes on his Redhat Linux 7.2.
- - Philip Gladstone found a second INADDR_NONE problem where we used long
- intead of in_addr_t which caused 64bit problemos. We really shouldn't define
- that on two different places.
- Daniel (18 February 2002)
- - Philip Gladstone found a problem in how HTTP requests were sent if the
- request couldn't be sent all at once.
- - Emil found and corrected a bad connection timeout comparison that made curl
- use the longest of connect-timeout and timout as a timeout value, instead of
- the shortest as it was supposed to!
- - Aron Roberts provided updated information about LDAP URL syntax to go into
- the manual as a replacement for the old references.
- Daniel (17 February 2002)
- - Philip Gladstone pointed out two missing include files that made curl core
- dump on 64bit architectures. We need to pay more attention on these details.
- It is *lethal* to for example forget the malloc() prototype, as 'int' is
- 32bit and malloc() must return a 64bit pointer on these platforms.
- - Giaslas Georgios fixed a problem with Host: headers on repeated requests on
- the same handle using a proxy.
- Daniel (8 February 2002)
- - Hanno L. Kranzhoff accurately found out that disabling the Expect: header
- when doing multipart formposts didn't work very well. It disabled other
- parts of the request header too, resulting in a broken header. When I fixed
- this, I also noticed that the Content-Type wasn't possible to disable. It is
- now, even though it probably is really stupid to try to do this (because of
- the boundary string that is included in the internally generated header,
- used as form part separator.)
- Daniel (7 February 2002)
- - I moved the config*.h files from the root directory to the lib/ directory.
- - I've added the new test suite HTTP server to the CVS repository, It seems to
- work pretty good now, but we must make it get used by the test scripts
- properly and then we need to make sure that it compiles, builds and runs on
- most operating systems.
- Version 7.9.5-pre1
- Daniel (6 February 2002)
- - Miklos Nemeth provided updated windows makefiles and INSTALL docs.
- - Mr Larry Fahnoe found a problem with formposts and I managed to track down
- and patch this bug. This was actually two bugs, as the posted size was also
- said to be two bytes too large.
- - Brent Beardsley found out and brought a correction for the
- CURLINFO_CONTENT_TYPE parser that was off one byte. This was my fault, I
- accidentaly broke Giaslas Georgios' patch.
- Daniel (5 February 2002)
- - Kevin Roth found yet another SSL download problem.
- Version 7.9.4
- - no changes since pre-release
- Version 7.9.4-pre2
- Daniel (3 February 2002)
- - Eric Melville provided a few spelling corrections in the curl man page.
- Daniel (1 February 2002)
- - Andreas Damm corrected the unconditional use of gmtime() in getdate, it now
- uses gmtime_r() on all hosts that have it.
- Daniel (31 January 2002)
- - An anonymous bug report identified a problem in the DNS caching which made it
- sometimes allocate one byte too little to store the cache entry in. This
- happened when the port number started with 1!
- - Albert Chin provided a patch that improves the gethostbyname_r() configure
- check on HP-UX 11.00.
- Version 7.9.4-pre1
- Daniel (30 January 2002)
- - Georg Horn found another way the SSL reading failed due to the non-blocking
- state of the sockets! I fixed.
- Daniel (29 January 2002)
- - Multipart formposts now send the full request properly, including the CRLF.
- They were previously treated as part of the post data.
- - The upload byte counter bugged.
- - T. Bharath pointed out that we seed SSL on every connect, which is a time-
- consuming operation that should only be needed to do once. We patched
- libcurl to now only seed on the first connect when unseeded. The seeded
- status is global so it'll now only happen once during a program's life time.
- If the random_file or egdsocket is set, the seed will be re-made though.
- - Giaslas Georgios introduced CURLINFO_CONTENT_TYPE that lets
- curl_easy_getinfo() read the content-type from the previous request.
- Daniel (28 January 2002)
- - Kjetil Jacobsen found a way to crash curl and after much debugging, it
- turned out it was a IPv4-linux only problem introduced in 7.9.3 related to
- name resolving.
- - Andreas Damm posted a huge patch that made the curl_getdate() function fully
- reentrant!
- - Steve Marx pointed out that you couldn't mix CURLOPT_CUSTOMREQUEST with
- CURLOPT_POSTFIELDS. You can now!
- Daniel (25 January 2002)
- - Krishnendu Majumdar pointed out that the header length counter was not reset
- between multiple requests on the same handle.
- - Pedro Neves rightfully questioned why curl always append \r\n to the data
- that is sent in HTTP POST requests. Unfortunately, this broke the test suite
- as the test HTTP server is lame enough not to deal with this... :-O
- - Following Location: headers when the connection didn't close didn't work as
- libcurl didn't properly stop reading. This problem was added in 7.9.3 due to
- the restructured internals. 'Frank' posted a bug report about this.
- Daniel (24 January 2002)
- - Kevin Roth very quickly spotted that we wrongly installed the example
- programs that were built in the multi directory, when 'make install' was
- used. :-/
- Version 7.9.3
- Daniel (23 January 2002)
- - Andrés García found a persistancy problem when doing HTTP HEAD, that made
- curl "hang" until the connection was closed by the server. This problem has
- been introduced in 7.9.3 due to internal rewrites, this was not present in
- 7.9.2.
- Version 7.9.3-pre4
- Daniel (19 January 2002)
- - Antonio filed bug report #505514 and provided a fix! When doing multipart
- formposts, libcurl would include an error text in the actual post if a
- specified file wasn't found. This is not libcurl's job. Instead we add an
- empty part.
- Daniel (18 January 2002)
- - Played around with stricter compiler warnings for gcc (when ./configure
- --enable-debug is used) and changed some minor things to stop the warnings.
- - Commented out the 'long long' and 'long double' checks in configure.in, as
- we don't currently use them anyway and the code in lib/mprintf.c that use
- them causes warnings.
- - Saul Good and jonatan pointed out Mac OS X build problems with pre3 and how
- to correct them. Two compiler warnings were removed as well.
- - Andrés García fixed two minor mingw32 building problems.
- Version 7.9.3-pre3
- Daniel (17 January 2002)
- - docs/libcurl-the-guide is a new tutorial for our libcurl programming
- friends.
- - Richard Archer brought back the ability to compile and build with OpenSSL
- versions before 0.9.5.
- [http://sourceforge.net/tracker/?func=detail&atid=100976&aid=504163&group_id=976]
- - The DNS cache code didn't take the port number into account, which made it
- work rather bad on IPv6-enabled hosts (especially when doing passive
- FTP). Sterling fixed it.
- Daniel (16 January 2002)
- - Georg Horn could make a transfer time-out without error text. I found it and
- corrected it.
- - SSL writes didn't work, they return an uninitialized value that caused
- havoc all over. Georg Horn experienced this.
- - Kevin Roth patched the curl_version() function to use the proper OpenSSL
- function for version information. This way, curl will report the version of
- the SSL library actually running right now, not the one that had its headers
- installed when libcurl was built. Mainly intersting when running with shared
- OpenSSL libraries.
- Version 7.9.3-pre2
- Daniel (16 January 2002)
- - Mofied the main transfer loop and related stuff to deal with non-blocking
- sockets in the upload section. While doing this, I've now separated the
- connection oriented buffers to have one for downloads and one for uploads
- (as two can happen simultaneously). I also shrunk the buffers to 20K
- each. As we have a scratch buffer twice the size of the upload buffer, we
- arrived at 80K for buffers compared with the previous 150K.
- - Added the --cc option to curl-config command as it enables so very cool
- one-liners. Have a go a this one, building the simple.c example:
- $ `curl-config --cc --cflags --libs` -o example simple.c
- Daniel (14 January 2002)
- - I made all socket reads (recv) handle EWOULDBLOCK. I hope nicely. Now we
- only need to address all writes (send) too and then I'm ready for another
- pre-release...
- - Stoned Elipot patched the in_addr_t configure test to make it work better on
- more platforms.
- Daniel (9 January 2002)
- - Cris Bailiff found out that filling up curl's SSL session cache caused a
- crash!
- - Posted the curl questionnaire on the web site. If you haven't posted your
- opinions there yet, go there and do it now while it is still there:
- http://curl.haxx.se/q/
- - Georg Horn quickly found out that the SSL reading no longer worked as
- supposed since the switch to non-blocking sockets. I've made a quick patch
- (for reading only) but we should improve it even further.
- Version 7.9.3-pre1
- Daniel (7 January 2002)
- - I made the 'bool' typedef use an "unsigned char". It makes it the same on
- all platforms, no matter what the platform thinks the default format for
- char is. This was noticed since we made a silly comparison involving such a
- bool variable, and only one compiler/platform combination (on Debian Linux)
- complained about it (that happened to have its char unsigned by default).
- - Bug report #495290 identified a cookie parsing problem that was corrected.
- When a Set-Cookie: line is received without a trailing semicolon, libcurl
- didn't read the last "name=value" pair of the line, leading to confusions...
- - Sterling committed his updated DNS cache code.
- - I worked with Georg Horn and comments from Götz Babin-Ebell and switched
- curl's socket operations completely over to non-blocking for the entire
- operation (previously we used non-blocking only for the connection phase).
- We had to do this to make the SSL connection phase timeout properly without
- the use of signals. A little extra code to deal with this was added.
- - T. Bharath pointed out a slightly obscure cookie engine flaw.
- - Pete Su pointed out that libcurl didn't treat HTTP code 204 as it should.
- 204-replies never provides a response-body. This resulted in bad persistant
- behavior when 204 was received.
- Daniel (5 January 2002)
- - SM updated the VC++ library Makefiles for the new source files.
- Daniel (4 January 2002)
- - I discovered that we wrongly used inet_ntoa() (instead of inet_ntoa_r() in
- two places in the source code). One happened with VERBOSE set on connects,
- and the other when VERBOSE was on and krb4 over nat was used... I honestly
- don't think anyone has suffered from these mistakes.
- - I replaced a lot of silly occurances of printf() to instead use the more
- appropriate Curl_infof() or Curl_failf(). The krb4 and telnet code were
- affected.
- - Philip Gladstone found a few more problems with 64-bit archs (the 64-bit
- sparc on solaris 8).
- - After discussions on the libcurl list with Raoul Cridlig, I just made FTP
- response lines get passed to the header callback if such a one is
- registered. It'll make it possible for any application to get all the
- responses an FTP server sends to libcurl.
- Daniel (3 January 2002)
- - Sterling Hughes brought a few buckets of code. Now, libcurl will
- automatically cache DNS lookups and re-use the previous results first if any
- such is available. It greatly improves speed when doing many repeated
- operations to the same host.
- - As the test case uses --include and then --head, I had to modify src/main.c
- to deal with this situation slightly better than previously. When done, we
- have 100% good tests again in the main branch.
- Daniel (2 January 2002)
- - Made test case 25 run again in the multi-dev branch. But it seems that the
- changes done on dec-20 made test case 104 cease to work (in both branches).
- - Philip Gladstone pointed out a few portability problems in the source code
- that didn't compile on 64-bit sparcs using Sun's native compiler.
- Daniel (20 December 2001)
- - Björn Stenberg caught an unpleasent (but hard-to-find) bug that could cause
- libcurl to hang on transfers over proxy, when the proxy was specified with
- an environment variable!
- - Added code to make ftp operations treat the NO_BODY and HEADERS options
- better:
- NO_BODY set TRUE and HEADERS set TRUE:
- Return a set of headers with file info
- NO_BODY set FALSE
- Transfer data as usual, HEADERS is ignored
- NO_BODY set TRUE and HEADERS set FALSE
- Don't transfer any data, don't return any headers. Just perform the set
- of FTP commands.
- Daniel (17 December 2001)
- - Götz Babin-Ebell dove into the dark dungeons of the OpenSSL ENGINE stuff and
- made libcurl support it! This allows libcurl to do SSL connections with the
- private key stored in external hardware.
- To make this good, he had to add a bunch of new library options that'll be
- useful to others as well:
- CURLOPT_SSLCERTTYPE set SSL cert type (PEM/DER)
- CURLOPT_SSLKEY set SSL private key (file)
- CURLOPT_SSLKEYTYPE: set SSL key type (PEM/DER/ENG)
- CURLOPT_SSLKEYPASSWD: set the passphrase for your private key
- (CURLOPT_SSLCERTPASSWD is an alias)
- CURLOPT_SSLENGINE: set the name of the crypto engine
- (returns CURLE_SSL_ENGINE_NOTFOUND on error)
- CURLOPT_SSLENGINE_DEFAULT: set the default engine
- There are two new failure codes:
- CURLE_SSL_ENGINE_NOTFOUND
- CURLE_SSL_ENGINE_SETFAILED
- Daniel (14 December 2001)
- - We have "branched" the source-tree at a few places. Checkout the CVS sources
- with the 'multi-dev' label to get the latest multi interface development
- tree. The idea is to only branch affected files and to restrict the branch
- to the v8 multi interface development only.
- *NOTE* that if we get bug reports and patches etc, we might need to apply
- them in both branches!
- The multi-dev branch is what we are gonna use as main branch in the future
- if it turns out successful. Thus, we must maintain both now in case we need
- them. The current main branch will be used if we want to release a 7.9.3 or
- perhaps a 7.10 release before version 8. Which is very likely.
- - Marcus Webster provided code for the new CURLFORM_CONTENTHEADER option for
- curl_formadd(), that lets an application add a set of headers for that
- particular part in a multipart/form-post. He also provided a section to the
- man page that describes the new option.
- Daniel (11 December 2001)
- - Ben Greear made me aware of the fact that the Curl_failf() usage internally
- was a bit sloppy with adding newlines or not to the error messages. Let's
- once and for all say that they do not belong there!
- - When uploading files with -T to give a local file name, and you end the URL
- with a slash to have the local file name used remote too, we now no longer
- use the local directory as well. Only the file part of the -T file name
- will be appended to the right of the slash in the URL.
- Daniel (7 December 2001)
- - Michal Bonino pointed out that Digital Unix doesn't have gmtime_r so the
- link failed. Added a configure check and corrected source code.
- Version 7.9.2
- Daniel (5 December 2001)
- - Jon Travis found out that if you used libcurl and CURLOPT_UPLOAD and then
- on the same handle used CURLOPT_HTTPGET it would still attempt to upload.
- His suggested fix was perfect.
- Daniel (4 December 2001)
- - Incorporated more macos fixes and added four specific files in a new
- subdirectory below src.
- Daniel (3 December 2001)
- - Eric Lavigne reported two problems:
- First one in the curl_strnequal() function. I think this problem is rather
- macos 9 specific, as most platform provides a function to use instead of the
- one provided by libcurl.
- A second, more important, was in the way we take care of FTP responses. The
- code would read a large chunk of data and search for the end-of-response
- line within that chunk. When found, it would just skip the rest of the
- data. However, when the network connections are special, or perhaps the
- server is, we could actually get more than one response in that chunk of
- data so that when the next invoke to this function was done, the response
- had already been read and thrown away. Now, we cache the data not used in
- one call, as it could be useful in the subsequent call. Test case 126 was
- added and the test ftp server modified, to exercise this particular case.
- Version 7.9.2-pre8
- Daniel (2 December 2001)
- - Bug report #487825 correctly identified a problem when using a proxy and
- following a redirection from HTTP to HTTPS. libcurl then re-used the same
- proxy connection but without doing a proper HTTPS request.
- - Fixed win32 compiling quirks.
- Version 7.9.2-pre7
- Daniel (30 November 2001)
- - Documented --disable-epsv and CURLOPT_FTP_USE_EPSV.
- Daniel (29 November 2001)
- - Added --disable-epsv as an option. When used, curl won't attempt to use the
- EPSV command when doing passive FTP downloads. Wrote a test case for it.
- - Eric provided a few more fixes for building on Macs. He also pointed out
- a flaw in the signal handler restoration code.
- Daniel (28 November 2001)
- - Fiddled with some Tru64 problems reported by Dimitris Sarris. They appeared
- only when using VERBOSE ftp transfers. Do we use a too small buffer for
- gethostbyaddr_r(), was the lack of using in_addr_t wrong or is it that the
- hostent struct must be blanked before use? With Dimitris help and these
- patches, the problems seem to be history.
- - CURLOPT_FTP_USE_EPSV was added and can be set to FALSE to prevent libcurl
- from using the EPSV command before trying the normal PASV. Heikki Korpela
- pointed out that some firewalls and similar don't like the EPSV so we must
- be able to shut if off to work everywhere.
- - I added a configure check for 'in_addr_t' and made the ftp code use that to
- receive the inet_addr() return code in. Works on Solaris and Linux at
- least. The Linux man page for inet_addr() doesn't even mention in_addr_t...
- - Adjusted (almost) all FTP tests to the new command sequence.
- - FTP command sequence changes:
- EPSV is now always attempted before PASV. It is the final touch to make IPv6
- passive FTP downloads to work, but EPSV is not restricted to IPv6 but works
- fine with IPv4 too on the servers that support it.
- SIZE is now always issued before RETR. It makes curl know the actual
- download size before the download takes place, as it makes it less important
- to find the size sent in RETR responses. Many sites don't include the size
- in there.
- Both these changes made it necessary to change the test suite's ftp server
- code, and all FTP test cases need to be checked and adjusted!
- Daniel (27 November 2001)
- - Hans Steegers pointed out that the telnet code read from stdout, not stdin
- as it is supposed to do!
- Version 7.9.2-pre6
- Daniel (27 November 2001)
- - Eric Lavigne's minor changes to build on MacOS before OS X were applied.
- - greep at mindspring.com provided a main index.html page for our release
- archive docs directory. It just links to all the existing HTML files, but
- I think it may come useful to people.
- - There's now some initial code to support the EPSV FTP command. That should
- be used to do passive transfers IPv6-style. The code is still #if 0'ed in
- lib/ftp.c as I have no IPv6 ftp server to test this with.
- Daniel (26 November 2001)
- - Robert Schlabbach had problems to understand how to do resumed transfers,
- and I clarified the man page -C section somewhat.
- Version 7.9.2-pre5
- Daniel (22 November 2001)
- - Andrés García helped me out to track down the roots of bug report #479537,
- which was concerning curl returning the wrong error code when failing to
- connect. This didn't happen on all systems, and more specificly I've so far
- only seen this happen on IPv4-only Linux hosts.
- - I applied the fixes for the two bugs Eric Lavigne found when doing his MacOS
- port. A missing comma in arpa_telnet.h and a pretty wild write in the FTP
- response reader function. The latter write is however likely to occur in our
- own buffer unless very big FTP server replies (>25K) are read. I've never
- seen such a reply ever, so I think this is a relatively minor risk.
- Daniel (21 November 2001)
- - Moonesamy provided code to prevent junk from being output when libcurl
- returns an error code but no error description and that corrects how make is
- run in the Makefile.dist file (that appears as root Makefile in release
- archives).
- - Eric Lavigne mailed me bugfixes and patches for building libcurl on MacOS
- (non-X).
- - Kevin Roth modified the cygwin files once again, now to build against the
- shared OpenSSL DLLs.
- Version 7.9.2-pre4
- Daniel (20 November 2001)
- - Georg Horn brought a patch that introduced CURLINFO_STARTTRANSFER_TIME,
- complete with man page updates!
- Daniel (19 November 2001)
- - Miklos Nemeth provided details enough to update the Borland makefile
- properly.
- - Lars M Gustafsson found a case with a bad free(). In fact, it was so bad I'm
- amazed we never saw this before!
- - Kevin Roth patched the cygwin Makfile.
- Daniel (16 November 2001)
- - Klevtsov Vadim fixed a bug in how time-conditionals were sent when doing
- HTTP.
- Version 7.9.2-pre3
- Daniel (14 November 2001)
- - Samuel Listopad patched away the problem with SSL we got when someone call
- curl_global_init() => curl_global_cleanup() => curl_global_init(). The
- second init would not "take" and SSL would be unusable with curl from that
- point. This doesn't change the fact that calling the functions that way is
- wrong. curl_global_init() should be called exactly once and not more.
- Daniel (13 November 2001)
- - Fixed some minor variable type mixups in ftp.c that caused compiler warnings
- on HP-UX 11.00.
- - The FTP fix I did yesterday used an uninitialized variable that caused
- spurious errors when doing FTP.
- Version 7.9.2-pre2
- Daniel (12 November 2001)
- - Ricardo Cadime fell over a multiple-requests problem when first a FTP
- directory fetch failed and then a second request is made after that. The
- second request happened to get the FTP server response back from the
- previous request, when it did its initial CWD command.
- - Bjorn Reese pointed out that we could improve the time diff function to
- prevent truncation a bit.
- - Kai-Uwe Rommel made me aware that -p (http proxy tunnel) silly enough didn't
- work for plain HTTP requests! So I made that work.
- Version 7.9.2-pre1
- Daniel (12 November 2001)
- - Rewrote the Curl_ConnectHTTPProxyTunnel(). It should now not only work a lot
- faster, it should also support such ("broken") proxies that John Lask
- previously have reported problems with. His proxy sends a trailing zero byte
- after the end of the (proxy-) headers. I've tested this myself and it seems
- to work on a proxy the previous version also worked with...! This rewrite is
- due to the problems John Lask previously experienced.
- - Andrés García found out why the "current speed" meter sometimes showed 2048K
- for very quick transfers. It turned out the "time diff"-function returned a
- zero millisecond diff. We now always say it is at least one millisecond! In
- reality, these timers very rarely have that good resolution so even though
- the time diff was longer than 1 millisecond, it was reported as no diff.
- - I also modified the getinfo() again when returning times, as Paul Harrington
- reports that 7.9.1 only returns times with 1 second accuracy, which indeed
- is wrong.
- Daniel (8 November 2001)
- - Marcus Webster found out that curl_formadd() could read one byte outside a
- buffer boundary, which then of course could lead to a crash. Marcus also
- gracefully provided a patch for this this.
- - Glen Scott ran configure on his Cobalt Qube and it didn't figure out the
- correct way of calling gethostbyname_r() and thus failed to resolve hosts.
- This is two errors: it shouldn't continue the configure script if it finds
- gethostbyname_r() but can't figure out how to use it, and it should really
- figure out how to use it as it was running Linux and we know how that
- works...
-
- Daniel (7 November 2001)
- - docs/VERSIONS is a new file in the archive that explains the version number
- system we use in the curl project.
- - Did some more fixes that now makes libcurl only ignore signals as long as
- it needs to, and then restore (if any) previous signal handler again.
- Daniel (6 November 2001)
- - Enrik Berkhan posted bug report #478780, in which he very correctly pointed
- out two bad timeout matters in libcurl: we didn't restore the sigaction
- struct (the alarm handler for SIGALRM) nor did we restore the previous
- alarm() timeout that could've been set by a "parent" process or similar.
- - Kevin Roth made the cygwin binary get stripped before install.
- Daniel (5 November 2001)
- - Detlef Schmier reported that curl didn't compile using Solaris 8 with the
- native cc compiler. It was due to a bad function prototype. Fixed now.
- Unfortunately, I can't enable the -Wstrict-prototypes in my debug builds
- though, as gcc then complains like crazy on OpenSSL include files... :-(
- - John Lask provided SSL over HTTP proxy fixes. They'll need some tweaking
- to work on all platforms.
- - John Lask added the -1/--TLSv1 options that forces SSL into using TLS
- version 1 when speaking HTTPS.
- - John Lask brought a brand new VC++ makefile for the lib directory, that
- works a lot better than the previous!
- - Ramana Mokkapati brought some clever insights on the LDAP failures (bug
- report #475407), and his suggested changes are now applied.
- Version 7.9.1
- Daniel (4 November 2001)
- - I've added a number of new test cases the last few days. A few of them since
- I got reports that hinted on problems on timeouts, so I added four tests
- with timeouts for all sorts of protocols and stuff. I also came to think of
- a few other error scenarios that we currently didn't test properly, so I
- wrote up tests for a few of those too.
- Daniel (2 November 2001)
- - Replaced read() and write() with recv() and send() for socket operations
- even under normal unixes.
- Daniel (1 November 2001)
- - When an FTP transfer was aborted due to a timeout, it wasn't really aware of
- how many bytes that had been transferred and the error text always said 0
- bytes. I modified this to output the actually transferred amount! :-)
- - The FTP fixes in pre7 didn't compile on IPv6 enabled hosts. Does now. I also
- added more comments in the lib/ftp.c source file.
- - Minor updates to the FAQ, added a brand new section to the web site about
- the name issue (who owns "curl"? will someone sue us? etc etc):
- http://curl.haxx.se/legal/thename.html
- Version 7.9.1-pre7
- Daniel (31 October 2001)
- - The curl_easy_getinfo() timers accidentally lost their subsecond accuracy as
- the calculations used longs instead of doubles! Paul Harrington reported.
- - The SSL SocketIsDead() checks weren't good enough (as expected really), so I
- had to add a generic internal try-it-out system. If the request on a re-used
- connection seems to fail, then we go back and get a new (fresh) connection
- and re-tries the request on that instead. It kind of makes the
- SocketIsDead() check obsolete, but I think it is a quicker way for those
- cases where it actually discovers that the connection is dead.
- - When fixing the above, I noticed that we did quite a few writes to sockets
- in libcurl where we didn't check the return code (that it actually worked to
- send the data). With the new "attempted request" system we must detect those
- situations so I went over a bunch of functions, changed return types and
- added checks for what they actually return.
- Version 7.9.1-pre6
- Daniel (31 October 2001)
- - Paul Harrington detected a problem with persistant SSL connections. Or to be
- more exact, we didn't properly detect that the connection was dead and then
- a second connection would try to re-use it wrongly. The solution to this
- problem is still not very clear and I'm working on it. One OpenSSL insider
- said there is no way to know if the SSL connection is alive or not without
- actually trying an operation.
- Daniel (30 October 2001)
- - If a cookie was read from a file, it could accidentally strdup() a NULL
- pointer. Paul Harrington reported. [http://cvs.sourceforge.net/cgi-bin/viewcvs.cgi/curl/curl/lib/cookie.c.diff?r1=1.25&r2=1.26]
- - The MANUAL file now documents -t correctly. I also fixed the -T description
- in the curl.1 man page.
- Daniel (29 October 2001)
- - John Janssen found out that curl_formadd was missing in the libcurl.def file
- and that the docs stated the wrong return type for the function.
- - Andrés García found a bug with multiple files in the curl_formadd() function,
- that I removed with this patch [http://cvs.sourceforge.net/cgi-bin/viewcvs.cgi/curl/curl/lib/formdata.c.diff?r1=1.25&r2=1.26].
- - Kevin Roth brought another patch that moved the cygwin package files to the
- packages/Win32/cygwin directory.
- - A bug in the connection re-use logic made repeated requests to the same FTP
- server (when using name+pasword in the URL) sometimes use more than one
- connection. [http://cvs.sourceforge.net/cgi-bin/viewcvs.cgi/curl/curl/lib/url.c.diff?r1=1.166&r2=1.167]
- - Moonesamy tracked down and fixed a problem with the new 7.9.1 connect
- code. This corrected the error Kevin Roth reported on the 7.9.1-pre5 release
- (test 19)...
- [http://cvs.sourceforge.net/cgi-bin/viewcvs.cgi/curl/curl/lib/connect.c.diff?r1=1.13&r2=1.14]
- Daniel (26 October 2001)
- - Added test28 which verifies that "Location:"-following works even if the
- contents is separated with more than one space.
- Daniel (25 October 2001)
- - Ramana Mokkapati pointed out that LDAP transfers would 'hang' after the
- correct data has been output.
- Version 7.9.1-pre5
- Daniel (24 October 2001)
- - T. Bharath found a memory leak in the cookie engine. When we update a cookie
- that we already knew about, we lost a chunk of memory in the progress... The
- brand new test case 27 now tests for this occurrence. [http://cvs.sourceforge.net/cgi-bin/viewcvs.cgi/curl/curl/lib/cookie.c.diff?r1=1.24&r2=1.25]
- Daniel (23 October 2001)
- - pack_hostent() didn't properly align some pointers, so at least SPARC CPUs
- would core. [http://cvs.sourceforge.net/cgi-bin/viewcvs.cgi/curl/curl/lib/hostip.c.diff?r1=1.34&r2=1.35]
- Daniel (22 October 2001)
- - Tom Benoist reported that this SGI IRIX compiler didn't handle indented
- preprocessor instructions, so they're no longer in the source code!
- - Applied Kevin Roth's patches to make it easier to build cygwin packages from
- the out-of-the-box curl release archives.
- - I forgot to mention it below, but libcurl now closes connections that report
- transfer failures. Unconditionally. This could be made more nicely in the
- future if we set a flag or something that the connection is still good to be
- used for the errors that know that for a fact. We have to close the
- connection for the cases where we abort for example a HTTP transfer in the
- middle, or otherwise we might re-use that connection later with lots of data
- still being sent to us on it. [http://cvs.sourceforge.net/cgi-bin/viewcvs.cgi/curl/curl/lib/transfer.c.diff?r1=1.63&r2=1.64]
- Daniel (19 October 2001)
- - CURLE_GOT_NOTHING is now returned when a HTTP server doesn't return
- anything, not even a header. test case 37 was added to test for this.
- - T. Bharath made curl_easy_duphandle() properly clone the cookie status as
- well.
- Version 7.9.1-pre4
- Daniel (18 October 2001)
- - CURLOPT_FAILONERROR, set with "curl --fail" no longer returns an error if
- the HTTP return code is below 400.
- Daniel (17 October 2001)
- - The test suite now kills any running test http server when you re-start the
- tests.
- - We had to remove 'use strict' from two perl scripts, as the cygwin
- adjustments didn't play nicely otherwise for some reason. Any perl wizard
- out there who can put the scrict back and still make it run good on unix and
- cygwin?
- - A potential memory leak pointed out to us by Yanick Pelletier was removed.
- It would occur when a http file transfer fails. [http://cvs.sourceforge.net/cgi-bin/viewcvs.cgi/curl/curl/lib/transfer.c.diff?r1=1.60&r2=1.61]
- - The memory debugging system should no longer display anything to stderr
- if the curl_memdebug() hasn't been used to explicitly say so. This makes it
- easier to use the memory debug system and switch the logging on/off.
- Daniel (16 October 2001)
- - Kevin Roth provided fixes for building curl nicer in cygwin environments.
- Daniel (12 October 2001)
- - Cleaning up the progress meter/info code. The "current speed" is now more
- accurate than before as we now use the true time spent between the measures,
- and not just "assuming" every-second-update like before. The output should
- now also be of the same width at all times, never to show "extra" zeroes on
- the right edge.
- - After talking about possible Location: bugs on the mailing list, I modified
- the "absolute URL" checker in lib/transfer.c to be more strict when checking
- if the redirected URL is absolute.
- Daniel (11 October 2001)
- - Kevin Roth provided patches that make the test suite run fine on Windows
- 2000 running cygwin.
- Daniel (10 October 2001)
- - Setting the -c or the CURLOPT_COOKIEJAR option now enables the cookie parser.
- Previously -b or CURLOPT_COOKIEFILE was also required for the jar to work.
- Version 7.9.1-pre3
- Daniel (9 October 2001)
- - Added a new option to the command line client: -0/--http1.0. It uses the new
- libcurl option CURLOPT_HTTP_VERSION to request that libcurl uses HTTP 1.0
- requests instead of the default version (1.1). It should only be used if you
- really MUST do that because of a silly remote server.
- - Renamed the 'TimeCond' typedef in curl/curl.h to use a 'curl_' prefix as
- all public curl-symbols should.
- - libcurl now explicitly ignores the SIGPIPE signal.
- Daniel (8 October 2001)
- - Kevin Roth's change to the cookie-jar comment (in the stored file) was
- applied.
- - Lucas Adamski's minor bug in the bind error code failf() was fixed.
- Daniel (5 October 2001)
- - Moonesamy fixed the Curl_connecthost() function to not give compiler errors
- on a bunch of compilers, due to the argument named 'socket'.
- - Moonesamy also provided updated VC++ makefiles and project files.
- Version 7.9.1-pre2
- Daniel (4 October 2001)
- - Albert Chin provided a configure patch that makes the script detect proper
- gethostbyname_r() method without actually running any code, only compiling
- is necessary. This also removes the need of having a resolving 'localhost'
- name.
- - Found and removed memory leakage (name resolve data) in libcurl on
- IPv6-enabled hosts. These could sneak through because we didn't have any
- resource tracing on the IPv6-related functions. We do now.
- Daniel (3 October 2001)
- - Keith McGuigan patched away a (mainly Windows-) problem with the name
- resolver data being kept in the static memory area, which is removed when a
- thread is killed. The curl handle itself though perfectly handles being
- passed between threads.
- - Dirk Eddelbuettel reported an odd bug that turned out to be his proxy that
- required an Authorization: header. Now, proxies are not supposed to require
- that header, that is for true servers...
- - I accidentally ruined Georg's curl_formadd(). Uh, bad me. Corrected now.
- Version 7.9.1-pre1
- Daniel (3 October 2001)
- - Georg Huettenegger once again made an effort beyond the call of duty and not
- only improved the curl_formadd() function, but also took care of adjusting
- the curl command line client to use this new function instead of the
- obsoleted curl_formparse.
- Daniel (2 October 2001)
- - Major fix in how libcurl does TCP connects. It now does non-blocking
- connects to enable good timeouts without signals, and it now tries all IP
- addresses for any given host (if it resolves more than one and the first
- one(s) don't connect). Added a new source file 'connect.c' to deal with all
- the TCP connect stuff.
- - We now support IPv4-style IP-addresses in rfc2732-format, to better support
- people writing scripts without knowing what address there is.
- Daniel (28 September 2001)
- - Cleanups in the FTP source code. Divided the code into even more smaller
- functions and generally tried to make the differences between IPv4 and IPv6
- get less noticable in the sources.
- - If the remote file time is not readable/accessable/understood by libcurl,
- libcurl now returns -1 in the CURLINFO_FILETIME data, not 0 as it previously
- did. This should make curl not touch the file data unless there was a known
- remote date when -R is used.
- Daniel (27 September 2001)
- - Working on getting non-blocking connects working platform independent. We
- will also make curl try all IPs for a given host if the first one should
- fail.
- Daniel (26 September 2001)
- - Kevin Roth provided a cookie example that proved the cookie jar
- functionality wasn't working properly. I added test case 46 and made it
- work.
- Daniel (25 September 2001)
- - Jörn Hartroth updated the mingw32 makefiles.
- Version 7.9
- Daniel (23 September 2001)
- - Found and removed a 'socket leak' that would occur on IPv6 enabled hosts
- when FTP RETR failed.
- - Made the FTP upload tests run fine on machines with IPv6 enabled.
- Version 7.9-pre8
- Daniel (19 September 2001)
- - Vojtech Minarik set up a special-purpose test server and provided me with
- test certificates in order for me to repeat the bug reports #440068 and
- #440373. It turned out we didn't check all the error codes properly. We do
- now, and connecting with a unacceptable certificate will make libcurl fail
- to connect with an error code returned.
- - Ramana Mokkapati found a case when the Location: following code did wrong.
- I wrote a test case for this (45).
- Version 7.9-pre7
- Daniel (17 September 2001)
- - Linus Nielsen Feltzing fixed telnet for win32. It makes libcurl require
- winsock 2.0.
- Version 7.9-pre6
- - libtool 1.4.2 is now in use!
- Version 7.9-pre5
- Daniel (14 September 2001)
- - Added another 14 ftp tests.
- Daniel (13 September 2001)
- - Added curl_easy_duphandle() to the easy.h header file. It has now been
- tested and proved to work in a real-world tests by T Bharath. We still need
- to write up some docs for this function.
- - Added four more ftp tests to the test suite.
- Daniel (12 September 2001)
- - CURLOPT_SSL_CIPHER_LIST was added, and the curl tool option is named
- --ciphers. Use them to specify a list of ciphers to use in the SSL
- connection.
- - T. Bharath found a memory leak in libcurl's windows version. It turned out
- to be the new duphandle() that didn't quite work yet.
- Version 7.9-pre4
- Daniel (11 September 2001)
- - Added verbose output for SSL connections that output the server
- certificate's start and expire dates. As suggested by Paul Harrington.
- - Heikki Korpela found problems in the perl ftp server used for the test
- suite, when he runs on on OpenBSD with perl 5.6. Some changes have been
- made, but nothing really certain.
- - T. Bharath has experienced problems with libcurl's stack usage on windows
- and works on reducing it.
- Daniel (10 September 2001)
- - Cris Bailiff fixed the perl interface. It stopped working since the changed
- behavior with WRITEHEADER and NULL pointers.
- - The "output cookies" function could dump core if no cookies were enabled.
- Daniel (7 September 2001)
- - SM pointed out that the SSL code didn't compile any longer if SSL was
- disabled... Also, we needed to correct the #include for the utime stuff on
- windows.
- Daniel (6 September 2001)
- - T. Bharath pointed out a flaw in the SSL session cache code that made it
- sometimes read from a NULL pointer.
- Version 7.9-pre3
- Daniel (3 September 2001)
- - Added the -R/--remote-time option, that uses the remote file's datestamp to
- set the local file's datestamp. Thus, when you get a remote file your local
- file will get the same time and date. Note that this only works when you use
- -o or -O.
- - Installed libtool 1.4.1, libtoolized and everything.
- Daniel (1 September 2001)
- - Heikki Korpela pointed out that I did not ship the proper libtool stuff in
- the pre-releases, even though that was my intention. libtoolize has now
- been re-run.
- - Heikki also patched away the bad use of 'make -C' in the test suite
- makefile. make -C is not very portable and is now banned from here.
- Version 7.9-pre2
- Daniel (31 August 2001)
- - I just made a huge internal struct rehaul, and all the big internally used
- structs have been renamed, redesigned and stuff have been moved around a bit
- to make the source easier to follow, more logically grouped and to hopefully
- decrease future bugs. I also hope that this will make new functions to get
- easier to add, and make it less likely that we have bugs left like the URL-
- free bug from August 23.
- Version 7.9-pre1
- Daniel (29 August 2001)
- - The new cookie code have enabled the brand new '-c/--cookie-jar' option. Use
- that to specify the file name in which you want to have all cookies curl
- knows of, dumped to. It'll be written using the netscape cookie format.
- This is internally done with the new CURLOPT_COOKIEJAR option to libcurl,
- which in turn dumps this information when curl_easy_cleanup() is invoked.
- There might be reasons to re-consider my choice of putting it there. Perhaps
- it is better placed to get done just before *_perform() is done. It is all
- of course depending on how you guys want to use this feature...
- - Added ftpupload.c in the source examples section, based on source code posted
- by Erick Nuwendam.
- Daniel (28 August 2001)
- - Now running libtool CVS branch-1-4 to generate stuff. Should fix problems
- on OpenBSD and hopefully on FreeBSD as well!
- - Georg Huettenegger modified the curl_formadd() functionality slightly, and
- added support for error code 417 when doing form post and using the Expect:
- header. Great work!
- - Made some tests with cached SSL session IDs, and they seem to work. There
- should be a significant speed improvement in the SSL connection phase, but
- in my tiny tests it just isn't possible to notice any difference. Like other
- caching in libcurl, you must reuse the same handle for the caching to take
- effect. SSL session ID caching is done on a per host-name and destination
- port number basis.
- Set verbose, and you'll get informational tests when libcurl detects and
- uses a previous SSL session ID.
- - Upgraded to automake 1.5 on my development/release machine.
- Daniel (27 August 2001)
- - Slowly started writing SSL session ID caching code
- Daniel (24 August 2001)
- - T. Bharath removed compiler warnings on windows and updated the MS project
- files.
- - Kevin Roth reported two kinds of command line constructs with the new -G that
- curl didn't really deal with the way one would like.
- - Tim Costello patched away a use of strcasecmp() in the SSL code. We have our
- own portable version named strequal() that should be used!
- - Tim also pointed out a problem in the lib/Makefile.vc6 file that made it mix
- debug object modules causing confusions.
- Daniel (23 August 2001)
- - T. Bharath accurately found a libcurl bug that would happen when doing a
- second invoke of curl_easy_perform() with a new URL when the previous invoke
- followed a Location: header.
- - Started the improvement work on the cookie engine:
- - Now keeps cookies in the same order as the cookie file
- - A write to the possibly static string was removed
- - Added a function that can output all cookies
- - Now supports reading multiple cookie files
- - Steve Lhomme corrected a DLL naming issue in the MSVC++ project file.
- - Split up the monster function in lib/ftp.c to use more smallish functions to
- increase readability and maintainability.
- Daniel (21 August 2001)
- - Georg Huettenegger's big patch was applied. Now we have:
- o "Expect: 100-continue" support. We will from now on send that header in
- all rfc1867-posts, as that makes us abort much faster when the server
- rejects our POST. Posting without the Expect: header is still possible in
- the standard replace-internal-header style.
- o curl_formadd() is a new formpost building function that is introduced to
- replace the now deprecated curl_formparse() function. The latter function
- will still hang around for a while, but the curl_formadd() is the new way
- and correct way to build form posts.
- o Documentation has been updated to reflect these changes
- These changes are reason enough to name the next curl release 7.9...
- - We now convert man pages to HTML pages and include them in the release
- archive. For the pleasure of everyone without nroff within reach.
- - Andrés García's suggested flushing of the progress meter output stream was
- added. It should make the progress meter look better on Windows.
- - Troy Engel pointed out a mistake in the configure script that made it fail
- on many Red Hat boxes!
- Daniel (20 August 2001)
- - We need an updated libtool to make a better build environment for OpenBSD
- as well as FreeBSD
- Version 7.8.1
- Daniel (20 August 2001)
- - Brad pointed out that we ship two extra libtool files in the tarballs that
- we really don't need to! Removing them makes the gz-archive about 60K
- smaller!
- - Albert Chin brought fixes for the configure script to detect socklen_t
- properly as well as moving lots of our custom autoconf macros to
- acinclude.m4.
- Daniel (19 August 2001)
- - Moonesamy improved his -G feature for host names only URLs...
- Daniel (17 August 2001)
- - Finally cleaned up the kerberos code to use Curl_ prefixes on all global
- symbols and to not use global variables.
- Version 7.8.1-pre6
- Daniel (16 August 2001)
- - S. Moonesamy added the -G option to curl, that converts the data specified
- with -d to a GET request. Default action when using -d is POST. When -G is
- used, the -d specified data will be appended to the URL with a '?'
- separator. As suggested previously by Kevin Roth.
- - curl-config --libs should now display all linker options required to link
- with libcurl. It includes the path and options for libcurl itself.
- curl-config --cflags displays the compiler option(s) needed to compile
- source files that use libcurl functions. Basically, that sets the include
- path correct.
- Daniel (15 August 2001)
- - Arkadiusz Miskiewicz pointed out a mistake in how IPv6-style IP-addresses
- were parsed and used. (RFC2732-format)
- - Bug #12733 over on php.net identified a problem in libcurl that made it core
- dump if you used CURLOPT_POST without setting any data to post with
- CURLOPT_POSTFIELDS! This is no longer the case. Not using CURLOPT_POSTFIELDS
- now equals setting it to no data at all.
- - Ramana Mokkapati reported that curl with '-w %{http_code}' didn't work
- properly when used for multiple URLs on a single command line. Indeed, the
- variable was not reset between the requests. This is now fixed.
- - David James fixed the Borland makefile so that libcurl still compiles and
- builds with that compiler.
- Daniel (14 August 2001)
- - Oops. I ruined Nico's socklen_t define in config-vms.h, corrected it now.
- - An older item not mentioned here before: CURL_GLOBAL_WIN32 is a define for
- windows users to curl_global_init(), that makes libcurl init the winsock
- stuff. If libcurl is all socket stuff you do, then allowing it to fiddle
- with this is a comfortable shortcut to fame.
- Version 7.8.1-pre5
- Daniel (14 August 2001)
- - Nico Baggus provided more feedback from his VMS porting efforts and a few
- minor changes were necessary.
- - I modified configure.in so that --enable-debug sets more picky gcc options.
- I then removed almost all the new warnings that appeared, and by doing so I
- corrected the size_t-treated-as-signed problem that has been discussed on
- the mailing list previously. I also removed a bunch of the just recently
- added #ifdef VMS lines.
- - I removed the use of a global variable in the SSL code. It was once
- necessary but hasn't been needed since OpenSSL 0.9.4. The old code should
- (hopefully) still work if libcurl is built against an ancient version of
- OpenSSL.
- Daniel (13 August 2001)
- - Peter Todd posted a patch that now allows non-file rc1867-style form posts
- to be larger than 4K.
- Daniel (10 August 2001)
- - S. Moonesamy fixed bugs for building debug and SSL lib in VC makefile
- Daniel (9 August 2001)
- - The redirected error stream was closed before the curl_easy_cleanup() call
- was made, and when VERBOSE was enabled, the cleanup function tried to use
- the stream. It could lead to a segmentation fault. Also, the stream was
- closed even if we looped to get more files. Corrects Dustin Boswell's bug
- report #441610
- - Now generates the release configure script with autoconf 2.52
- Version 7.8.1-pre4
- Daniel (8 August 2001)
- - curl -E uses a colon to separate a file name from a passphrase. This turned
- out really bad for the windows people who wants to include a drive letter in
- the file name like "c:\cert.pem". There's now a win32 work-around
- implemented that tries work around that, when the colon seems to be used for
- this kind of construct.
- - Patrick Bihan-Faou introduced CURLOPT_SSL_VERIFYHOST, which makes curl
- verify the server's CN field when talking https://. If --cacert is not used,
- any failures in matching is only displayed as information (-v).
- Daniel (7 August 2001)
- - Wrote up nine more test cases, more or less converted from the former test
- suite.
- Daniel (6 August 2001)
- - Heikki Korpela posted a patch that makes 'curl-config --libs' include the
- directory in which libcurl itself is installed in. While this wasn't my
- initial intention with this option, it makes sense and makes linking with
- libcurl easier.
- - Stefan Ulrich pointed out to us that other tools and libraries treat file://
- URLs with only one slash after the host name slighly different than libcurl
- does. Since all the others seem to agree, we better follow them.
- - Nico Baggus provided us with a huge set of fixes to make curl compile and
- build under OpenVMS.
- Version 7.8.1-pre3
- Daniel (6 August 2001)
- - Jonathan Hseu noticed that you couldn't get a header callback unless you
- set CURLOPT_WRITEHEADER to non-NULL, even if you didn't care about that
- data. This is now fixed.
- Daniel (5 August 2001)
- - Sergio Ballestrero provided a patch for reading responses from NCSA httpd
- 1.5.x servers, as they return really screwed up response headers when asked
- for with HTTP 1.1.
- - curl_escape() no longer treats already encoded characters in the input
- string especially.
- Daniel (3 August 2001)
- - I replaced the former lib/arpa_telnet.h file with one I wrote myself, to
- avoid the BSD annoucement clause of the license in the former file.
- - Andrew Francis provided a new version of base64.c to work around the license
- boiler plate that came with the previous one. I patched it, but the glory
- should go to Andrew for his heads up.
- - Tomasz Lacki noticed that when you do repeated transfers with libcurl you
- couldn't always reliably change HTTP request. This has now been fixed and a
- new libcurl option was added: CURLOPT_HTTPGET, that can force the HTTP
- requestr (back) to GET.
- - Linus Nielsen Feltzing pointed out that httpsserver.pl wasn't included in
- release archives. It should be now.
- Daniel (2 August 2001)
- - Frank Keeney pointed out a manual mistake for certificate convertions.
- - Tomasz Lacki pointed out a problem in the transfer loop that could make the
- select() loop use far too much CPU.
- - Pawel A. Gajda pointed out an output mistake done when using libcurl's
- progress callback.
- Daniel (29 June 2001)
- - Naveen Noel noticed that the Borland library makefile wasn't updated.
- - Nic Roets brought a fix for the certificate verification when using SSL.
- Daniel (27 June 2001)
- - Made the FTP tests run OK even on machines running curl IPv6-enabled.
- - Troy Engel corrected some RPM package details.
- Version 7.8.1-pre2
- Daniel (25 June 2001)
- - Björn Stenberg correctly identified a problem that occurred when downloading
- several files with curl, and using resume. The first file's resume index was
- then used for all files, resulting in weird results...
- - Anton Kalmykov provided a fix that makes curl work with form field names
- with spaces like when -F is used.
- Version 7.8.1-pre1
- Daniel (20 June 2001)
- - Mike Bytnar provided a fine report that proved that the --with-ssl option
- for configure needed tweaking. It no longer searches the default directories
- for OpenSSL libs or directories when a specified path is given.
- Daniel (19 June 2001)
- - When an FTP transfer is cut off during transfer, curl could present a truly
- garbaged error message and in worst case dump core. Thanks to detailed
- reports from Shawn Poulson we nailed this.
- Daniel (12 June 2001)
- - Salvador Dávila provided a fix for FTP range downloads.
- - Added a few more test cases from the former test suite to the new file
- format. We're now at a total of 26 tests.
- Daniel (11 June 2001)
- - libcurl's version-info was wrong, as noted by both Domenico Andreoli and
- David Odin.
- Daniel (7 June 2001)
- - Jörn fixed the curl_unescape duplicate entry in lib/libcurl.def
- - I made SSL certificate failure messages to be more detailed.
- Version 7.8
- Daniel (7 June 2001)
- - SDavila provided a resumed download fix.
- Version 7.8-pre4
- Daniel (1 June 2001)
- - Sterling provided some new PHP examples.
- - Changed the CVS hierarchy and the older checkout instruction does no longer
- work. We moved the entire source code into a CVS module named 'curl'.
- Daniel (31 May 2001)
- - CURLOPT_MUTE does not exist anymore. It is still present in the include file
- to not cause compiler errors for applications using it, but it isn't used
- anywhere in the library.
- Version 7.8-pre3
- Daniel (31 May 2001)
- - Once and for all fixed the _REENTRANT mess for Solaris compiles to present
- less warnings.
- - Sterling Hughes tirelessly points out and corrects my mistakes...! So,
- curl_global_init() now lets the argument flags *SET* what parts to
- init. CURL_GLOBAL_DEFAULT makes a nice default, CURL_GLOBAL_ALL inits all
- known subsystems and CURL_GLOBAL_NONE inits nothing more than absolutely
- necessary. Man page updated accordingly.
- - Fixed the strtok.h include file as it wouldn't compile on all platforms!
- Daniel (30 May 2001)
- - Made libcurl by default act as if CURLOPT_MUTE and CURLOPT_NOPROGRESS were
- set TRUE. Set them to FALSE to make libcurl more talkative. The *_MUTE
- option is subject for complete removal...
- Version 7.8-pre2
- Daniel (30 May 2001)
- - Cris Bailiff wrote a makefile for building Solaris packages.
- - Sterling Hughes brought fixes for 'buildconf' (the build-from-CVS tool) and
- we discussed and added a few CURL_GLOBAL_* flags in include/curl.h
- - Kjetil Jacobsen privately announced his python interface to libcurl,
- available at http://pycurl.sourceforge.net/
- Daniel (29 May 2001)
- - Sterling Hughes fixed a strtok() problem in libcurl. It is not a thread-
- safe function. Now configure checks for a thread-safe version, and
- lib/strtok.c offers one for the systems that don't come with one included!
- - Mettgut Jamalla correctly pointed out that the -# progress bar was written
- to stderr even though --stderr redirection was used. This is now corrected.
- - I moved out the list of contributors from the curl.1 man page and made a
- separate docs/THANKS file. It makes the list easier to find, and made it
- easier for me to make a separate web page with that same information.
- I really do want all you guys mentioned in there to feel you get the credit
- you deserve.
- - lib/easy.c didn't compile properly in the 7.8-pre1 due to a silly mistake
- Version 7.8-pre1
- Daniel (28 May 2001)
- - curl-config now supports '--vernum' that outputs a plain hexadecimal version
- of the libcurl version number (using 8 bits for each 3 numbers). Version
- 7.7.4 appears as 070704
- - Wrote man pages for curl_global_init and curl_global_cleanup...
- - T. Bharath brought news about the usage of the OpenSSL interface that was
- not previously taken into consideration and thus caused libcurl to leak
- memory. The only somewhat sane approach to fix this dilemma, is adding two
- two new functions curl_global_init() and curl_global_cleanup() that should
- be called *ONCE* by the application using libcurl. The init should be done
- only at startup, no matter how many threads the application is gonna use,
- and the cleanup should be called when the application has finished using
- libcurl completely.
- *** UPGRADE NOTICE ***
- If you write applications using libcurl, you really want to use the two
- functions mentioned above !!!
- I can't say I think this is a very beautiful solution, but as OpenSSL
- insists on making lots of stuff on a "global" scope, we're forced to walk
- the path they point us to.
- - Moving more test cases into the new file format.
- Version 7.7.4-pre3
- Daniel (23 May 2001)
- - Introduced a new file format for storing test cases, and thus I had to
- modify all the perl test scripts and more (I added a new one). I have not
- "ported" all the old test cases to the new format yet, but it'll come.
- The main advantage of this new format is that all test data for each test
- case is stored in a single file. It gives a better overview for each test
- case and a lot less files.
- - Andrés García brought a fix for the netscape/mozilla cookie file parsing
- function, as it turns out it doesn't always store the path!
- Daniel (22 May 2001)
- - As was reported anonymously, when FAILONERROR was used, the httpcode was
- not stored properly and thus wasn't possibly to read after a transfer with
- the curl_easy_getinfo() function. This is now corrected.
- - Installed and made use of the following tool versions:
- autoconf 2.50
- libtool 1.4
- automake 1.4-p1
- I wouldn't recommend any developer to try to generate things with older
- versions than these. Building from CVS will probably more or less require
- at least these versions.
- As a result of this, the configure script grew to more than double its
- previous size!
- Arkadiusz Miskiewicz helped me by pointing out I had to remove my
- acinclude.m4 file before I could get it working!
- Daniel (21 May 2001)
- - I made ftps:// work. Added test case 400 to the release archive, as the
- first ftps:// test case. Requires stunnel.
- - Also made the test cases that runs ssl tests not run if libcurl isn't built
- with ssl support.
- Daniel (19 May 2001)
- - Made the configure not add any extra -L LDFLAGS or -I CPPFLAGS unless they
- are actually needed. Albert Chin's and Domenico Andreoli's suggestions
- helped out.
- Version 7.7.4-pre2
- Daniel (18 May 2001)
- - Nicer configure-check for the OpenSSL headers, which then sets the proper
- variable to have curl-config be good. (Albert Chin provided the fix)
- - For systems that don't have theiw own 'strlcat()' libcurl provides its own.
- It was now renamed to prevent collides with other libs. (After discussions
- with Sterling Hughes and the implications this had on PHP builds.)
- Daniel (17 May 2001)
- - Colm Buckley posted a detailed bug report on (the debianized) 7.7.3, that
- turned out to be a problem with the debian-built 7.7.3-package that
- contained files from the 7.7.2 release!
- - I added the CURLE_ALREADY_COMPLETE again, but with a fake value, just to
- make programs that use it, not fail when compiling against this version of
- libcurl.
- Daniel (14 May 2001)
- - Pawel A. Gajda fixed a problem with resumed transfers on re-used persistent
- connections.
- Version 7.7.4-pre1
- Daniel (14 May 2001)
- - Jun-ichiro itojun Hagino fixed FTP PORT for IPv6-enabled libcurl.
- - Added the first HTTPS test to the test suite in the release archive.
- Daniel (12 May 2001)
- - Jukka Pihl suggested that if (lib)curl is told to verify the peer's
- certificate and the peer can't be verified, it should fail and return a
- proper error code. I added a brand new error code named
- CURLE_SSL_PEER_CERTIFICATE for this purpose.
- Daniel (11 May 2001)
- - As was discussed with Frederic Lepied a while ago, I now made libcurl not
- return error even though no data was transfered on upload/download resume
- when the no transfer is needed. The CURLE_ALREADY_COMPLETE error was removed
- from the header file to make any implemenator that uses that to be aware of
- the fact that it can't be returned anymore!
- - Improved general header-parsing to better allow white spaces and more.
- - Rodney Simmons proved the fix I did yesterday was bad and I had to post
- another one.
- - Ingo Wilken patched away two redirect problems more!
-
- Daniel (10 May 2001)
- - Cris Bailiff correctly noted that the space-after-header problem with
- Location: is present on several other places in the libcurl sources.
- - Ingo Wilken patched away a problem libcurl had when following Location:
- headers with an extra space after the colon.
- - Rodney Simmons found out that multiple FTP transfers did not treat relative
- directories correctly.
- Daniel (9 May 2001)
- - Getting an FTP file with CURLOPT_NOBODY set (or -I from the command line),
- makes curl use the non-standard ftp command "SIZE". If it failed, libcurl
- returned error. Starting now, it just don't output the file size instead.
- Anonymous bug report.
- - stunnel.pm was accidentally left out from the release archive, it is now
- added (stunnel is needed to run the https-tests in the test suite)
-
- Daniel (7 May 2001)
- - Corrected two minor compiler warnings due to the FILE * to void * conversion
- that I missed at two places. Jörn Hartroth brought me patches. Sander Gates
- filed a bug report on this.
- Version 7.7.3
- Daniel (4 May 2001)
- - All callback functions now take 'void *' instead of 'FILE *'. This is made
- this way to make it more obvious to people that anything can be passed to
- them (by using the apropriate option). After discussions with Sterling
- Hughes.
- Daniel (3 May 2001)
- - Cris Bailiff fixed a chunked transfer encoding problem with persistent
- connection that made libcurl fail if the persistent connection used mixed
- chunked and non-chunked transfers.
- - Cris Bailiff fixed a bad treatment of 304-replies, as they would not be
- treated as content-length 0 replies but would cause a "hang" until the
- server timed-out and closed the connection.
- - Brad Burdick found a minor problem in the docs/examples/Makefile.am
- Daniel (27 April 2001)
- - Updated the INTERALS document again. It was lagging a bit. I think I made it
- more easy to follow now as well.
- - Brad Burdick found a problem with persistent connections when curl received
- a "Content-Length: 0" header.
- - Giuseppe D'Ambrosio was first out to report that TELNET doesn't work in curl
- compiled/built on win32. It seems to work for unixes though!
- - Dave Hamilton reported weird problems with CURL/PHP that I really can't
- explain at the moment. I'm hoping on some help from the PHP crew.
- Daniel (26 April 2001)
- - I rewrote the FTP command response function. I had to do it to make ftps
- work, as the OpenSSL read()-function didn't work the same way the normal
- unix read() does, but it was also a huge performance boost. Previously the
- function read one byte at a time, now it reads very large chunks, and it
- makes a notable speed difference.
- Daniel (25 April 2001)
- - Connection re-use when not using a proxy didn't work properly for
- non-default port numbers.
- Daniel (24 April 2001)
- - I've noticed that FTPS doesn't work. We attempt to use ssl even for the
- data transfer, which causes the transfer to 'hang'... We need to fix this.
- - Improved the test suite to use 'stunnel' to do HTTPS and FTPS testing on
- the alredy written perl servers easily.
- Daniel (23 April 2001)
- - The OpenSSL version string recently modified didn't zero terminate one
- of the generated strings properly, which could lead to a crash or simply
- weird version string output!
- Version 7.7.2
- Daniel (22 April 2001)
- - Rosimildo da Silva updated the Makefiles for Borland/Windows.
- - Eric Rautman pointed out a problem with persistent connections that would
- lead to broken Host: headers in the second HTTP request.
- Daniel (20 April 2001)
- - Added man pages for the curl_strequal() and curl_mprintf() families. Wrote
- a 'libcurl overview' man page.
- - Spell-fixed some documents.
- - S. Moonesamy corrected mistakes in the man page.
- - Cris Bailiff fixed the curl_slists options in the perl interface, present
- separately in the Curl::easy 1.1.4 package.
- Daniel (19 April 2001)
- - Linus Nielsen Feltzing removed the decimals from the size variables in the
- --write-out output. We hardly ever get fraction of bytes! :-)
- Version 7.7.2-pre1
- Daniel (19 April 2001)
- - Albert Chin provided a configure patch for the AC_SYS_LARGEFILE macro.
- Daniel (18 April 2001)
- - Input from Michael Mealling made me add --feature to curl-config. It
- displays a list of features that have been built-in in the current
- libcurl. The currently available features that can be listed are: SSL, KRB4
- and IPv6.
- - I committed Cris and Georg's perl interface work. They've got callbacks
- working and options that receives those slist pointers.
- - Puneet Pawaia detected a problem with resumed downloads that use persistent
- connections and I made a rather large writeup to correct this. It is
- important that all session-data is stored in the connectdata struct and not
- in the main struct as this previously did.
- Daniel (17 April 2001)
- - Frederic Lepied fixed a ftp resumed download problem and introduced a new
- error code that lets applications be able to detect when a resumed download
- actually didn't download anything since the whole file is already present.
- Should this return OK instead?
- - I added 'curl-config.in' to the root dir and configure script. Now, a
- curl-config script is made when curl is built. The script can be used to
- figure out compile time options used when libcurl was built, which in turn
- should be options YOU should use to build applications that use libcurl.
- This *-config style is not a new idea, but something that has been used
- successfully in other (library based) projects.
- - Phil Karn pointed out that libcurl wrongly did not always use GMT time zone
- for the If-Modified-Since style headers.
- - Georg Schwarz pointed out an extra needed #include file needed in src/main.c
- for curl to build on Ultrix.
- Daniel (11 April 2001)
- - Cris Bailiff pointed out two problems that I corrected. First, libcurl's use
- of the environment variable HTTP_PROXY in uppercase may become a security
- hazard when people use libcurl in a server/cgi situation where the server
- sets the HTTP_*-variables according to incoming headers in the HTTP
- request. Thus, a "Proxy:"-header would set that environment variable!
- Then, invoking curl_easy_perform() without having an URL set caused a crash.
- - S. Moonesamy brought a patch that make curl use non-blocking connects on
- windows when connection timeout is set, as it allows windows users to set
- that timeout!
- - Hirotaka Matsuyuki wrote a Ruby interface to libcurl!
- - Cris Bailiff, Forrest Cahoon and Georg Horn work on the Perl interface.
- - I've written a first shot at a Java interface to libcurl. Many thanks to
- Daniel Marell for tirelessly answering to all my basic Java questions. It
- works, but it is still very basic.
- Daniel (10 April 2001)
- - The progress display could get silly when doing multiple file transfers, as
- it wasn't properly reset between transfers!
- - Discussions with Cris Bailiff who writes a Perl interface to libcurl, made
- me add CURLOPT_HEADERFUNCTION. It can be used to set a separate callback
- function for writing headers. Previously you could only set a different FILE
- * when headers are written from within libcurl.
- Daniel (7 April 2001)
- - Andrés García fixed a problem in curl_escape() and pointed out a flaw in
- the curl_easy_setopt man page.
- Daniel (6 April 2001)
- - Adjusted the version code to properly display OpenSSL 0.9.6a. They sure
- change their version define format often...
- - curl_formfree() now accepts a NULL pointer without crashing!
- Version 7.7.1
- Daniel (3 April 2001)
- - Puneet Pawaia pointed out two serious problems. Libcurl would attempt to
- read bad memory during situations when an (ftp) connection attempt failed.
- Also, the lib/Makefile.vc6 was corrected.
- - More investigations in the Location: following code made me realize that
- it was not clean enough to work transparantly with persistent and non-
- persistent connections. I think I've fixed it now.
- Daniel (29 March 2001)
- - Georg Horn mailed me some corrections for the Curl::easy perl interface.
- - Experimental ftps:// support added. It is basically FTP over SSL for the
- control connection. It still makes all data transfers going over unencrypted
- connections. Rainer Weikusat's ftpd-ssl server hack supports this and I used
- that to verify the functionality.
- Daniel (27 March 2001)
- - Guenole Bescon discovered that if you set a CURLOPT_TIMEOUT and then tried
- to get a file from a site and it fails, the SIGALRM would still be sent
- after the timeout-time, quite inexpectedly!
- - I added an ftp transfer example to docs/examples/ and I also wrote a tiny
- example makefile that can be used as a start when building one of the
- examples.
- Version 7.7.1-beta1
- Daniel (26 March 2001)
- - Mohamed Lrhazi reported problems with 7.6.1 and persistent HTTP/1.0
- connections (when the server replied a Connection: Keep-Alive) and this
- problem was not properly dealt with in 7.7 either. A patch was posted to the
- curl-and-php mailing list.
- Daniel (24 March 2001)
- - Colin Watson reported about a problem and brought a patch that corrected it,
- which was about the man page and lines starting with a single quote (') in a
- way that gnroff doesn't like.
- Daniel (23 March 2001)
- - Peter Bray reported correctly that the root makefile used make instead of
- $(MAKE) for the test target.
- - Corrected the Curl::easy perl interface to use curl_easy_setopt() and not
- curl_setopt() which was removed in 7.7!
- - S. Moonesamy provided updates on three documents (MANUAL, INSTALL and FAQ).
- - When following a Location:, libcurl would sometimes write to the URL string
- in a way it shouldn't. As the pointer is passed-in to libcurl from an
- application, we can't be allowed to write to it. The particular bug report
- from 'nk' that brought this up was because he had a read-only URL that then
- caused a libcurl crash!
- - No longer reads HEAD responses longer than to the last header. Previously,
- curl would read the full reply if the connection was a "close" one.
- - libcurl did re-use connections way too much. Doing "curl
- http://www.{microsoft,ibm}.com" would make it re-use the connection which
- made the second request return very odd results.
- Daniel (22 March 2001)
- - Edin Kadribasic made me aware that curl should not re-send POST requests
- when following 302-redirects. I made 302 work like 303 which means curl uses
- GET in the following request(s).
- - libcurl now reset the "followed-location" counter on each invoke of
- curl_easy_perform() as it otherwise would sum up all redirects on the same
- connection and thus could reach the maxredirs counter wrongly.
- - Jim Drash suggested curl_escape() should not re-encode what already looks
- like an encoded sequence and I think that's a fair suggestion.
- Version 7.7
- Daniel (22 March 2001)
- - The configure script now fails with an error message if gethostbyname_r() is
- detected but it couldn't figure out how to invoke it (what amount of
- arguments it is supposed to get). Reports from Andrés García made me aware
- of this need.
- - Talking with Jim Drash made me finally put the curl_escape and curl_unescape
- functions in the curl.h include file and write man pages for them. The
- escape function was modified to use the same interface as the unescape one
- had.
- - No bug reports at all on the latest betas. Release time coming up.
- Version 7.7-beta5
- Daniel (19 March 2001)
- - Georg Ottinger reported problems with using -C together with -L in the sense
- that the -C info got lost when it was redirected. I could not repeat this
- problem on the 7.7 branch why I leave this for the moment. Test case 39 was
- added to do exactly this, and it seems to do right.
- - Christian Robottom Reis reported how his 7.7 beta didn't successfully do
- form posts as elegantly as 7.6.1 did. Indeed, this was a flaw in the header
- engine, as HTTP 1.1 has introduced a new 100 "transient" return code for PUT
- and POST operations that I need to add support for. Section 8.2.3 in RFC2616
- has all the details. Seems to work now!
- Daniel (16 March 2001)
- - After having experienced another machine break-down, we're back.
- - Georg Horn's perl interface Curl::easy is now included in the curl release
- archive. The perl/ directory is now present. Please help me with docs,
- examples and updates you think fit.
- - Made a new php/ directory in the release archive and moved the PHP examples
- into a subdirectory in there. Not much PHP info yet, but I plan to. Please
- help me here as well!
- - Made libcurl return error if a transfer is aborted in the middle of a
- "chunk". It actually enables libcurl to discover premature transfer aborts
- even if the Content-Length: size is unknown.
- Daniel (15 March 2001)
- - Added --connect-timeout to curl, which sets the new CURLOPT_CONNECTTIMEOUT
- option in libcurl. It limits the time curl is allowed to spend in the
- connection phase. This differs from -m/--max-time that limits the entire
- file transfer operation. Requested by Larry Fahnoe and others.
- I also updated the curl.1 and curl_easy_setopt.3 man pages and removed the
- item from the TODO.
- Version 7.7-beta4
- Daniel (14 March 2001)
- - Made curl grok IPv6 with HTTP proxies and got everything to compile nicely
- again when ENABLE_IPV6 is set.
- I need to remake things in the test suite. I can't test the FTP parts with
- curl built for IPv6 as it uses a different set of FTP commands then!
- - I fell onto a bug report on php.net (posted by Lars Torben Wilson) that was
- a report meant for our project. Anyway, it said the .netrc parsing didn't
- work as supposed, and as I agreed with Lars, I made the netrc parser use
- getpwuid() to figure out the home directory of the effective user and try
- that netrc. It still uses the environment variable HOME for those that don't
- have that function or if the user doesn't return valid pwd info.
- - Edin Kadribaic posted a bug report where he got a crash when a fetch with
- user+password in the URL followed a Location: to a second URL (absolute,
- without name+password). This bug has been around for a long while and
- crashes due to a read at address zero. Fixed now. Wrote test case 38, that
- tests this.
- - Modified the test suite's httpserver slightly to append all client request
- data to its log file so that the test script now better can verify a range
- of requests and not only the last one, as it did previously.
- - Updated the curl man page with --random-file and --egd-file details.
- Version 7.7-beta3
- Daniel (14 March 2001)
- - Björn Stenberg provided similar fixes as Jörn did and some additional patches
- for non-SSL compiles.
- - I increased the interface number for libcurl as I've removed the low level
- functions from the interface. I also took this opportunity to rename the
- Curl_strequal function to curl_strequal and Curl_strnequal to
- curl_strnequal, as they're public libcurl functions (even if they're still
- undocumented).
- This will make older programs not capable of using the new libcurl with
- just a drop-in replacement.
- - Jörn Hartroth updated stuff for win32 compiles:
- o config-win32.h was fixed for socklen_t
- o lib/ssluse.c had a bad #endif placement
- o lib/file.c was made to compile on win32 again
- o lib/Makefile.m32 was updated with the new files
- o lib/libcurl.def matches the current interface state
- Daniel (13 March 2001)
- - It only took an hour or so before Jörn Hartroth found a problem in the
- chunked transfer-encoding. Given his fine example-site, I could easily spot
- the problem and when I re-read the spec (the part I have pasted in the top
- of the http_chunks.h file), I realized I had made my state-machine slightly
- wrong and didn't expect/handle the trailing CRLF that comes after the data
- in each chunk (and those extra two bytes sure feel wasted).
- Had to modify test case 34 to match this as well.
- Version 7.7-beta2
- Daniel (13 March 2001)
- - Added the policy stuff to the curl_easy_setopt man page for the two supported
- policies.
- - Implemented some support for the CURLOPT_CLOSEPOLICY option. The policies
- CURLCLOSEPOLICY_LEAST_RECENTLY_USED and CURLCLOSEPOLICY_OLDEST are now
- supported, and the "least recently used" is used as default if no policy
- is chosen.
- Daniel (12 March 2001)
- - Added CURLOPT_RANDOM_FILE and CURLOPT_EGDSOCKET to libcurl for seeding the
- SSL random engine. The random seeding support was also brought to the curl
- client with the new options --random-file <file> and --egd-file <file>. I
- need some people to really test this to know they work as supposed. Remember
- that libcurl now informs (if verbose is on) if the random seed is considered
- weak (HTTPS connections).
- - Made the chunked transfer-encoding engine detected bad formatted data length
- and return error if so (we can't possibly extract sensible data if this is
- the case). Added a test case that detects this. Number 36. Now there are 60
- test cases.
- - Added 5 new libcurl options to curl/curl.h that can be used to control the
- persistent connection support in libcurl. They're also documented (fairly
- thoroughly) in the curl_easy_setopt.3 man page. Three of them are now
- implemented, although not really tested at this point... Anyway, the new
- implemented options are named CURLOPT_MAXCONNECTS, CURLOPT_FRESH_CONNECT,
- CURLOPT_FORBID_REUSE. The ones still left to write code for are:
- CURLOPT_CLOSEPOLICY and its related option CURLOPT_CLOSEFUNCTION.
- - Made curl (the actual command line tool) use the new libcurl 7.7 persistent
- connection support by re-using the same curl handle for every specified file
- transfer and after some more test case tweaking we have 100% test case OK.
- I made some test cases return HTTP/1.0 now to make sure that works as well.
- - Had to add 'Connection: close' to the headers of a bunch of test cases so
- that curl behaves "old-style" since the test http server doesn't do multiple
- connections... Now I get 100% test case OK.
- - The curl.haxx.se site, the main curl mailing list and my personal email are
- all dead today due to power blackout in the area where the main servers are
- located. Horrible.
- - I've made persistance work over a squid HTTP proxy. I find it disturbing
- that it uses headers that aren't present in any HTTP standard though
- (Proxy-Connection:) and that makes me feel that I'm now on the edge of what
- the standard actually defines. I need to get this code excercised on a lot
- of different HTTP proxies before I feel safe.
- Now I'm facing the problem with my test suite servers (both FTP and HTTP)
- not supporting persistent connections and libcurl is doing them now. I have
- to fix the test servers to get all the test cases do OK.
- Daniel (8 March 2001)
- - Guenole Bescon reported that libcurl did output errors to stderr even if
- MUTE and NOPROGRESS was set. It turned out to be a bug and happens if
- there's an error and no ERRORBUFFER is set. This is now corrected.
- Version 7.7-beta1
- Daniel (8 March 2001)
- - "Transfer-Encoding: chunked" is no longer any trouble for libcurl. I've
- added two source files and I've run some test downloads that look fine.
- - HTTP HEAD works too, even on 1.1 servers.
- Daniel (5 March 2001)
- - The current 57 test cases now pass OK. It would suggest that libcurl works
- using the old-style with one connection per handle. The test suite doesn't
- handle multiple connections yet so there are no test cases for this.
- - I patched the telnet.c heavily to not use any global variables anymore. It
- should make it a lot nicer library-wise.
- - The file:// support was modified slightly to use the internal connect-first-
- then-do approach.
- Daniel (4 March 2001)
- - More bugs erased.
- Version 7.7-alpha2
- Daniel (4 March 2001)
- - Now, there's even a basic check that a re-used connection is still alive
- before it is assumed so. A few first tests have proven that libcurl will
- then re-connect instead of re-use the dead connection!
- Daniel (2 March 2001)
- - Now they work intermixed as well. Major coolness!
- - More fiddling around, my 'tiny' client I have for testing purposes now has
- proved to download both FTP and HTTP with persistent connections. They do
- not work intermixed yet though.
- Daniel (1 March 2001)
- - Wilfredo Sanchez pointed out a minor spelling mistake in a man page and that
- curl_slist_append() should take a const char * as second argument. It does
- now.
- Daniel (22 February 2001)
- - The persistent connections start to look good for HTTP. On a subsequent
- request, it seems that libcurl now can pick an already existing connection
- if a suitable one exists, or it opens a new one.
- - Douglas R. Horner mailed me corrections to the curl_formparse() man page
- that I applied.
- Daniel (20 February 2001)
- - Added the docs/examples/win32sockets.c file for our windows friends.
- - Linus Nielsen Feltzing provided brand new TELNET functionality and
- improvements:
- * Negotiation is now passive. Curl does not negotiate until the peer does.
- * Possibility to set negotiation options on the command line, currently only
- XDISPLOC, TTYPE and NEW_ENVIRON (called NEW_ENV).
- * Now sends the USER environment variable if the -u switch is used.
- * Use -t to set telnet options (Linus even updated the man page, awesome!)
- - Haven't done this big changes to curl for a while. Moved around a lot of
- struct fields and stuff to make multiple connections get connection specific
- data in separate structs so that they can co-exist in a nice way. See the
- mailing lists for discussions around how this is gonna be implemented. Docs
- and more will follow.
- Studied the HTTP RFC to find out better how persistent connections should
- work. Seems cool enough.
- Daniel (19 February 2001)
- - Bob Schader brought me two files that help set up a MS VC++ libcurl project
- easier. He also provided me with an up-to-date libcurl.def file.
- - I moved a bunch of prototypes from the public <curl/curl.h> file to the
- library private urldata.h. This is because of the upcoming changes. The
- low level interface is no longer being planned to become reality.
- Daniel (15 February 2001)
- - CURLOPT_POST is not required anymore. Just setting the POST string with
- CURLOPT_POSTFIELDS will switch on the HTTP POST. Most other things in
- libcurl already works this way, i.e they require only the parameter to
- switch on a feature so I think this works well with the rest. Setting a NULL
- string switches off the POST again.
- - Excellent suggestions from Rich Gray, Rick Jones, Johan Nilsson and Bjorn
- Reese helped me define a way how to incorporate persistent connections into
- libcurl in a very smooth way. If done right, no change may have to be made
- to older programs and they will just start using persistent connections when
- applicable!
- Daniel (13 February 2001)
- - Changed the word 'timeouted' to 'timed out' in two different error messages.
- Suggested by Larry Fahnoe.
- Version 7.6.1
- Daniel (9 February 2001)
- - Frank Reid and Cain Hopwood provided information and research around a HTTPS
- PUT/upload problem we seem to have. No solution found yet.
- Daniel (8 February 2001)
- - An interesting discussion is how to specify an empty password without having
- curl ask for it interactively? The current implmentation takes an empty
- password as a request for a password prompt. However, I still want to
- support a blank user field. Thus, today if you enter "-u :" (without user
- and password) curl will prompt for the password. Tricky. How would you
- specify you want the prompt otherwise?
- - Made the netrc parse result possible to use for other protocols than FTP and
- HTTP (such as the upcoming TELNET fixes).
- - The previously mentioned "MSVC++ problems" turned out to be a non-issue.
- - Added a HTTP file upload code example in the docs/examples/ section on
- request.
- - Adjusted the FTP response fix slightly.
- Version 7.6.1-pre3
- Daniel (7 February 2001)
- - S. Moonesamy found a flaw in the response reading function for FTP that
- could make libcurl not get out of the loop properly when it should, if
- libcurl got -1 returned when reading the socket.
- - I found a similar mistake in http.c when using a proxy and reading the
- results from the proxy connection.
- Daniel (6 February 2001)
- - S. Moonesamy pointed out that the VC makefile in src/ needed the libpath set
- for the debug build to work.
- - Daniel Gehriger stepped in to assist with the VC++ stuff Robert Weaver
- brought up yesterday.
- Daniel (5 February 2001)
- - Jun-ichiro itojun Hagino brought a big patch that brings IPv6-awareness to
- a bunch of different areas within libcurl.
- - Robert Weaver told me about the problems the MS VC++ 6.0 compiler has with
- the 'static' keyword on a number of libcurl functions. I might need to add a
- patch that redefines static when libcurl is compiled with that compiler.
- How do I know when VC++ compiles, anyone?
- Daniel (4 February 2001)
- - curl_getinfo() was extended with two new options:
- CURLINFO_CONTENT_LENGTH_DOWNLOAD and CURLINFO_CONTENT_LENGTH_UPLOAD. They
- return the full assumed content length of the transfer in the given
- direction. The CURLINFO_CONTENT_LENGTH_DOWNLOAD will be the Content-Length:
- size of a HTTP download. Added descriptions to the man page as well. This
- was done after discussions with Bob Schader.
- Daniel (3 February 2001)
- - Ingo Ralf Blum provided another fix that makes curl build under the more
- recent cygwin installations. It seems they've changed the preset defines to
- not include WIN32 anymore.
- Version 7.6.1-pre2
- Daniel (31 January 2001)
- - Curl_read() and curl_read() now return a ssize_t for the size, as it had to
- be able to return -1. The telnet support crashed due to this and there was a
- possibility to weird behavior all over. Linus Nielsen Feltzing helped me
- find this.
- - Added a configure.in check for a working getaddrinfo() if IPv6 is requested.
- I also made the configure script feature --enable-debug which sets a couple
- of compiler options when used. It assumes gcc.
- Daniel (30 January 2001)
- - I finally took a stab at the long-term FIXME item I've had on myself, and
- now libcurl will properly work when doing a HTTP range-request that follows
- a Location:. Previously that would make libcurl fail saying that the server
- doesn't seem to support range requests.
- Daniel (29 January 2001)
- - I added a test case for the HTTP PUT resume thing (test case 33).
- Version 7.6.1-pre1
- Daniel (29 January 2001)
- - Yet another Content-Range change. Ok now? Bob Schader checks from his end
- and it works for him.
- Daniel (27 January 2001)
- - So the HTTP PUT resume fix wasn't good. There should appearantly be a
- Content-Range header when resuming a PUT.
- - I noticed I broke the download-check that verifies that a resumed HTTP
- download is actually resumed. It got broke because my new 'httpreq' field
- in the main curl struct. I should get slapped. I added a test case for
- this now, so I won't be able to ruin this again without noticing.
- - Added a test case for content-length verifying when downloading HTTP.
- - Made the progress meter title say if the transfer is being transfered. It
- makes the output slightly better for resumes.
- - When dealing with Location: and HTTP return codes, libcurl will not attempt
- to follow the spirit of RFC2616 better. It means that when POSTing to a
- URL that is being following to a second place, the standard will judge on
- what to do. All HTTP codes except 303 and 305 will cause curl to make a
- second POST operation. 303 will make a GET and 305 is not yet supported.
- I also wrote two test cases for this POST/GET/Location stuff.
- Version 7.6
- Daniel (26 January 2001)
- - Lots of mails back and forth with Bob Schader finally made me add a small
- piece of code in the HTTP engine so that HTTP upload resume works. You can
- now do an operation like 'curl -T file -C <offset> <URL>' and curl will PUT
- the ending part of the file starting at given offet to the specified URL.
- Version 7.6-pre4
- Daniel (25 January 2001)
- - I took hold of Rick Jones' question why we don't use recv() and send() for
- reading/writing to the sockets and I've now modified the sread() and
- swrite() macros to use them instead. If nothing else, they could be tested
- in the next beta-round coming right up.
- - Jeff Morrow found a problem with libcurl's usage of SSL_read() and supplied
- his research results in how to fix this. It turns out we have to invoke the
- function several times in some cases. The same goes for the SSL_write().
- I made some rather drastic changes all over libcurl to make all writes and
- reads get done on one single place so that this repeated-attempts thing
- would only have to be implemented at one point.
- - Rick Jones spotted that the 'total time' counter really didn't measure the
- total time very accurate on subsecond levels.
- - Johan Nilsson pointed out the need to more clearly specify that the timeout
- value you set for a download is for the *entire* download. There's currently
- no option available that sets a timeout for the connection phase only.
- Daniel (24 January 2001)
- - Ingo Ralf Blum submitted a series of patches required to get curl to compile
- properly with cygwin.
- - Robert Weaver posted a fix for the win32 section of the curl_getenv() code
- that corrected a potential memory leak.
- - Added comments in a few files in a sudden attempt to make the sources more
- easy to read and understand!
- Daniel (23 January 2001)
- - Added simple IPv6 detection in the configure script and made the version
- string add 'ipv6' to the enable section in that case. ENABLE_IPV6 will be
- set if curl is compiled with IPv6 support enabled.
- - Added a parser for IPv6-style specified IP-addresses in a URL. Thus, when
- IPv6 gets enabled soon, we can use URLs like '[0::1]:80'...
- - Made the URL globbing in the client possible to fail silently if there's an
- error in the globbing. It makes it almost intuitive, so when you don't
- follow the syntax rules, globbing is simply switched off and the raw string
- is used instead.
- I still think we'll get problems with IPv6-style IP-addresses when we *want*
- globbing on parts of the URL as the initial part of the URL will for sure
- seriously confuse the globber.
- Daniel (22 January 2001)
- - Björn Stenberg supplied a progress meter patch that makes it look better even
- during slow starts. Previously it made some silly assumptions...
- - Added two FTP tests for -Q and -Q - stuff since it was being discussed on
- the mailing list. Had to correct the ftpserver.pl too as it bugged slightly.
- Daniel (19 January 2001)
- - Made the Location: parsers deal with any-length URLs. Thus I removed the last
- code that restricts the length of URLs that curl supports.
- - Added a --globoff test case (#28) and it quickly identified a memory problem
- in src/main.c that I took care of.
- Version 7.6-pre3
- Daniel (17 January 2001)
- - Made the two former files lib/download.c and lib/highlevel.c become the new
- lib/transfer.c which makes more sense. I also did the rename from Transfer()
- to Curl_Transfer() in the other source files that use the transfer function
- in the spirit of using Curl_ prefix for library-scoped global symbols.
- Daniel (11 January 2001)
- - Added -g/--globoff that switches OFF the URL globbing and thus enables {}[]
- letters to be part of the URL. Do note that RFC2396 section 2.4.3 explicitly
- mention these letters to be escaped. This was posted as a feature request by
- Jorge Gutierrez and as a bug by Terry.
- - Short options to curl that requires parameters can now be specified without
- having the option and its parameter space separated. -ofile works as good as
- -o file. -m20 is equal to -m 20. Do note that this goes for single-letter
- options only, verbose --long-style options still must be separated with
- space from their parameters.
- Daniel (8 January 2001)
- - Francis Dagenais reported that the SCO compiler still fails when compiling
- curl due to that getpass_r() prototype. I've now put it around #ifndef
- HAVE_GETPASS_R in an attempt to please the SCO systems.
- - Made some minor corrections to get the client to cleanup properly and I made
- the separator work again when getting multiple globbed URLs to stdout.
- - Worked with Loic Dachary to get the make dist and make distcheck work
- correctly. The 'maketgz' script is now using the automake generated 'make
- dist' when creating release archives. Loic successfully made 'make rpms'
- automatically build RPMs!
- Loic Dachary (6 January 2001)
- - Automated generation of rpm packages, no need to be root.
- - make distcheck generates a proper distribution (EXTRA_DIST
- in all Makefile.am modified to match FILES).
- Daniel (5 January 2001)
- - Huge client-side hack: now multiple URLs are supported. Any number of URLs
- can be specified on the command line, and they'll all be downloaded. There
- must be a corresponding -o or -O for each URL or the data will be written to
- stdout. This needs more testing, time to release a 7.6-pre package.
- - The krb4 support was broken in the release. Fixed now.
- - Huge internal symbol rename operation. All non-static but still lib-internal
- symbols should now be prefixed with 'Curl_' to prevent collisions with other
- libs. All public symbols should be prefixed with 'curl_' and the rest should
- be static and thus invisible to the outside world. I updated the INTERNALS
- document to say this as well.
- Version 7.5.2
- Daniel (4 January 2001)
- - As Kevin P Roth suggested, I've added text to the man page for every command
- line option and what happens when you specify that option more than
- once. That hasn't been exactly crystal clear before.
- - Made the configure script possible to run from outside the source-tree. For
- odd reasons I can't build curl properly outside though. It has to do with
- curl's dependencies on libcurl...
- - Cut off all older (dated 1999 and earlier) CHANGES entries from this file.
- The older piece is named CHANGES.0 and is added to the CVS repository in
- case anyone would need it.
- - I added another file 'CVS-INFO' to the CVS. It contains information about
- files in the CVS that aren't included in release archives and how to build
- curl when you get the sources off CVS.
- - Updated CONTRIBUTE and FAQ due to the new license.
- Daniel (3 January 2001)
- - Renamed README.libcurl to LIBCURL
- - Changed headers in all sources files to the new dual license concept of
- curl: use the MIT/X derivate license *or* MPL. The LEGAL file was updated
- accordingly and the MPL 1.1 and MIT/X derivate licenses are now part of the
- release archive.
- Daniel (30 December 2000)
- - Made all FTP commands get sent with the trailing CRLF in one single write()
- as splitting them up seems to confuse at least some firewalls (FW-1 being
- one major).
- Daniel (19 December 2000)
- - Added file desrciptor and FILE handle leak detection to the memdebug system
- and thus I found and removed a file descriptor leakage in the ftp parts
- that happened when you did PORTed downloads.
- - Added an include <stdio.h> in <curl/curl.h> since it uses FILE *.
- Daniel (12 December 2000)
- - Multiple URL downloads with -O was still bugging. Not anymore I think or
- hope, or at least I've tried... :-O
- - Francois Petitjean fixed another -O problem
- Version 7.5.1
- Daniel (11 December 2000)
- - Cleaned up a few of the makefiles to use unix-style newlines only. As Kevin
- P Roth found out, at least one CVS client behaved wrongly when it found
- different newline conventions within the same file.
- - Albert Chin-A-Young corrected the LDFLAGS use in the configure script for
- the SSL stuff.
- Daniel (6 December 2000)
- - Massimo Squillace correctly described how libcurl could use session ids when
- doing SSL connections.
- - James Griffiths found out that curl would crash if the file you specify with
- -o is shorter than the URL! This took some hours to fully hunt down, but it
- is fixed now.
- Daniel (5 December 2000)
- - Jaepil Kim sent us makefiles that build curl using the free windows borland
- compiler. The root makefile now accepts 'make borland' to build curl with
- that compiler.
- - Stefan Radman pointed out that the test makefiles didn't use the PERL
- variable that the configure scripts figure out. Actually, you still need
- perl in the path for the test suite to run ok.
- - Rich Gray found numerous portability problems:
- * The SCO compiler got an error on the getpass_r() prototype in getpass.h
- since the curl one differed from the SCO one
- * The HPUX compiler got an error because of how curl did the sigaction
- stuff and used a define HPUX doesn't have (or need).
- * A few more problems remain to be researched.
- - Paul Harrington experienced a core dump using https. Not much details yet.
- Daniel (4 December 2000)
- - Jörn Hartroth fixed a problem with multiple URLs and -o/-O.
- Version 7.5
- Daniel (1 December 2000)
- - Craig Davison gave us his updates on the VC++ makefiles, so now curl should
- build fine with the Microsoft compiler on windows too.
- - Fixed the libcurl versioning so that we don't ruin old programs when
- releasing new shared library interfaces.
- Daniel (30 November 2000)
- - Renamed docs/README.curl to docs/MANUAL to better reflect what the document
- actually contains.
- Daniel (29 November 2000)
- - I removed a bunch of '#if 0' sections from the code. They only make things
- harder to follow. After all, we do have all older versions in the CVS.
- Version 7.5-pre5
- Daniel (28 November 2000)
- - I filled in more error codes in the man page error code list that had been
- lagging.
- - James Griffiths mailed me a fine patch that introduces the CURLOPT_MAXREDIRS
- libcurl option. When used, it'll prevent location following more than the
- set number of times. It is useful to break out of endless redirect-loops.
- Daniel (27 November 2000)
- - Added two test cases for file://.
- Daniel (22 November 2000)
- - Added the libcurl CURLOPT_FILETIME setopt, when set it tries to get the
- modified time of the remote document. This is a special option since it
- involves an extra set of commands on FTP servers. (Using the MDTM command
- which is not in the RFC959)
- curl_easy_getinfo() got a corresponding CURLINFO_FILETIME to get the time
- after a transfer. It'll return a zero if CURLOPT_FILETIME wasn't used or if
- the time wasn't possible to get.
- --head/-I used on a FTP server will now present a 'Last-Modified:' header
- if curl could get the time of the specified file.
- - Added the option '--cacert [file]' to curl, which allows a specified PEM
- file to be used to verify the peer's certificate when doing HTTPS
- connections. This has been requested, rather recently by Hulka Bohuslav but
- others have asked for it before as well.
- Daniel (21 November 2000)
- - Numerous fixes the test suite has brought into the daylight:
- * curl_unescape() could return a too long string
- * on ftp transfer failures, there could be memory leaks
- * ftp CWD could use bad directory names
- * memdebug now uses the mprintf() routines for better portability
- * free(NULL) removed when doing resumed transfers
- - Added a bunch of test cases for FTP.
- - General cleanups to make less warnings with gcc -Wall -pedantic.
- - I made the tests/ftpserver.pl work with the most commonly used ftp
- operations. PORT, PASV, RETR, STOR, LIST, SIZE, USER, PASS all work now. Now
- all I have to do is integrate the ftp server doings in the runtests.pl
- script so that ftp tests can be run the same way http tests already run.
- Daniel (20 November 2000)
- - Made libcurl capable of dealing with any-length URLs. The former limit of
- 4096 bytes was a bit annoying when people wanted to use curl to really make
- life tough on a web server. Now, the command line limit is the most annoying
- but that can be circumvented by using a config file.
- NOTE: there is still a 4096-byte limit on URLs extracted from Location:
- headers.
- - Corrected the spelling of 'resolve' in two error messages.
- - Alexander Kourakos posted a bug report and a patch that corrected it! It
- turned out that lynx and wget support lowercase environment variable names
- where curl only looked for the uppercase versions. Now curl will use the
- lowercase versions if they exist, but if they don't, it'll use the uppercase
- versions.
- Daniel (17 November 2000)
- - curl_formfree() was added. How come no one missed that one before? I ran the
- test suite with the malloc debug enabled and got lots of "nice" warnings on
- memory leaks. The most serious one was this. There were also leaks in the
- cookie handling, and a few errors when curl failed to connect and similar
- things. More tests cases were added to cover up and to verify that these
- problems have been removed.
- - Mucho updated config file parser (I'm dead tired of all the bug reports and
- weird behaviour I get on the former one). It works slightly differently now,
- although I doubt many people will notice the differences. The main
- difference being that if you use options that require parameters, they must
- both be specified on the same line. With this new parser, you can also
- specify long options without '--' and you may separate options and
- parameters with : or =. It makes a config file line could look like:
- user-agent = "foobar and something"
- Parameters within quotes may contain spaces. Without quotes, they're
- expected to be a single non-space word.
- Had to patch the command line argument parser a little to make this work.
- - Added --url as an option to allow the URL to be specified this way. It makes
- way nicer config files. The previous way of specifying URLs in the config
- file doesn't work anymore.
- Daniel (15 November 2000)
- - Using certain characters in usernames or passwords for HTTP authentication
- failed. This was due to the mprintf() that had a silly check for letters,
- and if they weren't isprint() they weren't outputed "as-is". This caused
- passwords and usernames using '§' (for example) to fail.
- Version 7.4.2
- Daniel (15 November 2000)
- - 'tests/runtests.pl' now sorts the test cases properly when 'all' is used.
- Daniel (14 November 2000)
- - I fell over the draft-ietf-ftpext-mlst-12.txt Internet Draft titled
- "Extensions to FTP" that contains a defined way how the ftp command SIZE
- could be assumed to work.
- - Laurent Papier posted a bug report about using "-C -" and FTP uploading a
- file that isn't prsent on the server. The server might then return a 550 and
- curl will fail. Should it instead as Laurent Papier suggests, start
- uploading from the beginning as a normal upload?
- Daniel (13 November 2000)
- - Fixed a crash with the followlocation counter.
- - While writing test cases for the test suite, I discovered an old limitation
- that prevented -o and -T to be used at the same time. I removed this
- immediately as this has no relevance in the current libcurl.
-
- - Chris Faherty fixed a free-twice problem in lib/file.c
- - I fixed the perl http server problem in the test suite.
- Version 7.4.2 pre4
- Daniel (10 November 2000)
- - I've (finally) started working on the curl test suite. It is in the new
- tests/ directory. It requires sh and perl. There's a TCP server in perl and
- most of the other stuff running a pretty simple shell script.
- I've only made four test cases so far, but it proves the system can work.
- - Laurent Papier noticed that curl didn't set TYPE when doing --head checks
- for sizes on FTP servers. Some servers seem to return different sizes
- depending on whether ASCII or BINARY is used!
- - Laurent Papier detected that if you appended a FTP upload and everything was
- already uploaded, curl would hang.
- - Angus Mackay's getpass_r() in lib/getpass.c is now compliant with the
- getpass_r() function it seems some systems actually have.
-
- - Venkataramana Mokkapati detected a bug in the cookie parser and corrected
- it. If the cookie was set for the full host name (domain=full.host.com),
- the cookie was never sent back because of a faulty length comparison between
- the set domain length and the current host name.
- Daniel (9 November 2000)
- - Added a configure check for gethostbyname in -lsocket (OS/2 seems to need
- it). Added a check for RSAglue/rsaref for the cases where libcrypto is found
- but libssl isn't. I haven't verified this fix yet though, as I have no
- system that requires those libs to build.
-
- Version 7.4.2 pre3
- Daniel (7 November 2000)
- - Removed perror() outputs from getpass.c. Angus Mackay also agreed to a
- slightly modified license of the getpass.c file as the prototype was changed.
- Daniel (6 November 2000)
- - Added possibility to set a password callback to use instead of the built-in.
- They're controled with curl_easy_setopt() of course, the tags are
- CURLOPT_PASSWDFUNCTION and CURLOPT_PASSWDDATA.
- - Used T. Bharath's thinking and fixed the timers that showed terribly wrong
- times when location: headers were followed.
- - Emmanuel Tychon discovered that curl didn't really like user names only in
- the URL. I corrected this and I also fixed the since long living problem
- with URL encoded user names and passwords in the URLs. They should work now.
-
- Daniel (2 November 2000)
- - When I added --interface, the new error code that was added with it was
- inserted in the wrong place and thus all error codes from 35 and upwards got
- increased one step. This is now corrected, we're back at the previous
- numbers. All new exit codes should be added at the end.
- Daniel (1 November 2000)
- - Added a check for signal() in the configure script so that if sigaction()
- isn't present, we can use signal() instead.
- - I'm having a license discussion going on privately. The issue is yet again
- GPL-licensed programs that have problems with MPL. I am leaning towards
- making a kind of dual-license that will solve this once and for all...
- Daniel (31 October 2000)
- - Added the packages/ directory. I intend to let this contain some docs and
- templates on how to generate custom-format packages for various platforms.
- I've now removed the RPM related curl.spec files from the archive root.
- Daniel (30 October 2000)
- - T. Bharath brought a set of patches that bring new functionality to
- curl_easy_getinfo() and curl_easy_setopt(). Now you can request peer
- certificate verification with the *setopt() CURLOPT_SSL_VERIFYPEER option
- and then use the CURLOPT_CAINFO to set the certificate to verify the remote
- peer against. After an such an operation with a verification request, the
- *_getinfo() option CURLINFO_SSL_VERIFYRESULT will return information about
- whether the verification succeeded or not.
- Daniel (27 October 2000)
- - Georg Horn brought us a splendid patch that solves the long-standing
- annoying problem with timeouts that made curl exit with silly exit codes
- (which as been commented out lately). This solution is sigaction() based and
- of course then only works for unixes (and only those unixes that actually
- have the sigaction() function).
- Daniel (26 October 2000)
- - Björn Stenberg supplied a patch that fixed the flaw mentioned by Kevin Roth
- that made the password get echoed when prompted for interactively. The
- getpass() function (now known as my_getpass()) was also fixed to not use any
- static buffers. This also means we cannot use the "standard" getpass()
- function even for those systems that have it, since it isn't thread-safe.
-
- - Kevin Roth found out that if you'd write a config file with '-v url', the
- url would not be used as "default URL" as documented, although if you wrote
- it 'url -v' it worked! This has been corrected now.
- - Kevin Roth's idea of using multiple -d options on the same command line was
- just brilliant, and I couldn't really think of any reason why we shouldn't
- support it! The append function always append '&' and then the new -d
- chunk. This enables constructs like the following:
- curl -d name=daniel -d age=unknown foobarsite.com
- Daniel (24 October 2000)
- - I fixed the lib/memdebug.c source so that it compiles on Linux and other
- systems. It will be useful one day when someone else but me wants to run the
- memory debugging system.
- Daniel (23 October 2000)
- - I modified the maketgz and configure scripts, so that the configure script
- will fetch the version number from the include/curl/curl.h header files, and
- then the maketgz doesn't have to rebuild the configure script when I build
- release-archives.
- - Björn Stenberg and Linus Nielsen correctly pointed out that curl was silly
- enough to not allow @-letters in passwords when they were specified with the
- -u or -U flags (CURLOPT_USERPWD and CURLOPT_PROXYUSERPWD). This also
- suggests that curl probably should url-decode the password piece of an URL
- so that you could pass an encoded @-letter there...
-
- Daniel (20 October 2000)
- - Yet another http server barfed on curl's request that include the port
- number in the Host: header always. I now only include the port number if it
- isn't the default (80 for HTTP, 443 for HTTPS). www.perl.com turned out to
- run one of those nasty servers.
- - The PHP4 module for curl had problems with referer that seems to have been
- corrected just yesterday. (Sterling Hughes of the PHP team confirmed this)
- Daniel (17 October 2000)
- - Vladimir Oblomov reported that the -Y and -y options didn't work. They
- didn't work for me either. This once again proves we should have that test
- suite...
-
- - I finally changed the error message libcurl returns if you try a https://
- URL when the library wasn't build with SSL enabled. It will now return this
- error:
- "libcurl was built with SSL disabled, https: not supported!"
- I really hope it will make it a bit clearer to users where the actual
- problem lies.
- Version 7.4.1
- Daniel (16 October 2000)
- - I forgot to remove some of the malloc debug defines from the makefiles in
- the release archive (of course).
- Version 7.4
- Daniel (16 October 2000)
- - The buffer overflow mentioned below was posted to bugtraq on Friday 13th.
- Daniel (12 October 2000)
- - Colin Robert Phipps elegantly corrected a buffer overflow. It could be used
- by an evil ftp server to crash curl. I took the opportunity of replacing a
- few other sprintf()s into snprintf()s as well.
- Daniel (11 October 2000)
- - Found some more memory leaks. This new simple memory debugger has turned out
- really useful!
- Version 7.4 pre6
- Daniel (9 October 2000)
- - Florian Koenig pointed out that the bool typedef in the curl/curl.h include
- file was breaking PHP 4.0.3 compiling. The bool typedef is not used in the
- public interface and was wrongly inserted in that header file.
- - Jörg Hartroth corrected a minor memory leak in the src/urlglob.c stuff. It
- didn't harm anyone since the memory is free()ed on exit anyway.
- - Corrected the src/main.c. We use the _MPRINTF_REPLACE #define to use our
- libcurl-printf() functions. This gives us snprintf() et al on all
- platforms. I converted the allocated useragent string to one that uses a
- local buffer.
- - I've set an #if 0 section around the Content-Transfer-Encoding header
- generated in lib/formdata.c. This will hopefully make curl do more
- PHP-friendly multi-part posts.
- Version 7.4 pre5
- Daniel (9 October 2000)
- - Nico Baggus found out that curl's ability to force a ASCII download when
- using FTP was no longer working! I corrected this. This problem was probably
- introduced when I redesigned libcurl for version 7.
- - Georg Horn provided a source example that proved a memory leak in libcurl.
- I added simple memory debugging facilities and now we can make libcurl log
- all memory fiddling functions. An additional perl script is used to analyze
- the output logfile and to match malloc()s with free()s etc. The memory leak
- Georg found turned out to be the main cookie struct that cookie_cleanup()
- didn't free! The perl script is named memanalyze.pl and it is available in
- the CVS respository, not in the release archive.
- Daniel (8 October 2000)
- - Georg Horn found a GetHost() problem. It turned out it never assigned the
- pointer in the third argument properly! This could make a crash, or at best
- a memory leak!
- Version 7.4 pre4
- Daniel (6 October 2000)
- - Is the -F post following the RFC 1867 spec? We had this dicussion on the
- mailing list since it appears curl can't post -F form posts to a PHP
- receiver... I've been in touch with the PHP developers about this.
- - Domenico Andreoli found out that the long option '--proxy' wasn't working
- anymore! The option parser got confused when I added the --proxytunnel for
- 7.3. This was indeed a very old flaw that hasn't turned up until now...
- - Jörn Hartroth provided patches, updated makefiles and two new files for DLL
- stuff on win32. He also pointed out that lib source files were compiled with
- -I../src which isn't only wrong but plain stupid!
- - Troels Walsted Hansen fixed a problem with HTTP resume. Curl previously used
- a local variable badly, that could lead to crashes.
- Version 7.4 pre3
- Daniel (4 October 2000)
- - More docs written. The curl_easy_getinfo.3 man page is now pretty accurate,
- as is the -w section in curl.1. I added two options to enable the user to
- get information about the received headers' size and the size of the HTTP
- request. T. Bharath requested them.
-
- Daniel (3 October 2000)
- - Corrected a sever free() before use in the new add_buffer_send()! ;-)
- Version 7.4 pre2
- Daniel (3 October 2000)
- - Jason S. Priebe sent me patches that changed the way curl issues HTTP
- requests. The entire request is now issued in one single shot. It didn't do
- this previously, and it has turned out that since the common browsers do it
- this way, some sites have turned out to work with browsers but not with
- curl! Although this is not a client-side problem, we want to be able to
- fully emulate browsers, and thus we have now adjusted the networking layer
- to slightly more appear as a browser. I adjusted Jason's patch, the faults
- are probably mine.
- Daniel (2 October 2000)
- - Anyone who ever uploaded data with curl on a slow link has noticed that the
- progess meter is updated very infrequently. That is due to the large buffer
- size curl is using. It reads 50Kb and sends it, updates the progress meter
- and loops. 50Kb is very much on a slow link, although it is pretty neat to
- use on a fast one.
- I've now made an adjustment that makes curl use a 2Kb buffer for uploads to
- start with. If curl's average upload speed is faster than buffer size bytes
- per second, curl will increase the used buffer size up to max 50Kb. It
- should make the progress meter work better.
-
- Version 7.4 pre1
- Daniel (29 September 2000)
- - Ripped out the -w stuff from the library and put in the curl tool. It gets
- all the relevant info from the library using the new curl_easy_getinfo()
- function.
- - brad at openbsd.org mailed me a patch that corrected my kerberos mistake and
- removed a compiler warning from hostip.c that OpenBSD people get.
- Daniel (28 September 2000)
- - Of course (I should probably get punished somehow) I didn't properly correct
- the #include lines for the base64 stuff in the kerberos sources in the just
- released 7.3 package. They still include the *_krb.h files! Now, the error
- is sooo very easy to spot and fix so I won't bother with a quick bug fix
- release. I'll post a patch whenever one is needed instead. It'll be
- available in the CVS in a few minutes anyway.
- Version 7.3
- Daniel (28 September 2000)
- - Removed the base64_krb.[ch] files. They've now replaced the former
- base64.[ch] files.
- Daniel (26 September 2000)
- - Updated some docs.
- - I changed the OpenSSL fix to work with older versions as well. The posted
- patch was only working with 0.9.6 and no older ones.
-
- Version 7.3-pre8
- Daniel (25 September 2000)
- - Erdmut Pfeifer informed us that curl didn't build with OpenSSL 0.9.6 and
- showed us what needed to get patched in order to make it build properly
- again.
- - Dirk Kruschewski found a bug in the cookie parser. I made an alternative
- approach to the solution Dirk himself suggested. The bug made a cookie
- header that didn't end with a trailing semicolon to not get parsed.
- - I've marked -c and -t deprecated now. If you use any of them, curl will tell
- you to use "-C -" or "-T -" instead. I don't think occupying two letters for
- nearly identical functions is good use. Also, -T - kind of follows the curl
- tradition of using - for stdin where a file name is expected.
- Daniel (23 September 2000)
- - Martin Hedenfalk provided the patch that finally made the krb4 ftp upload
- work!
- Daniel (21 September 2000)
- - The kerberos code is not quite thread-safe yet. There are a few more globals
- that need to be take care of. Let's get the upload working first!
- Daniel (20 September 2000)
- - Richard Prescott solved another name lookup buffer size problem. I took this
- opportunity to rewrite the GetHost() function. With these large buffer
- sizes, I think keeping them as local arrays quickly turn ugly. I now use
- malloc() to get the buffer memory. Thanks to this, I now can realloc() to a
- large buffer in case of demand (errno == ERANGE) in case a solution like
- that would become necessary. I still want to avoid that kind of nastiness.
- - Tried to compile and run curl on Linux for alpha and FreeBSD for alpha. Went
- as smooth as it could.
- - Added a docs/examples directory with two tiny example sources that show how
- to use libcurl. I hope users will supply me with more useful examples
- further on.
- - Applied a patch by Jörn Hartroth to no longer use the word 'inteface' in the
- config struct in the src/main.c file since certain compilers have that word
- "reservered". I figure that is some kind of C++ decease.
- - Updated the curl.1 man page with --interface and --krb4.
- - Modified the base64Encode() function to work like the kerberos one, so that
- I could remove the use of that. There is no need for *two* base64 encoding
- functions! ;-)
- Version 7.3pre5
- Daniel (19 September 2000)
- - The kerberos4-layer source code that is much "influenced" by the original
- krb4 source code, through yafc into curl, was using quite a lot of global
- variables. libcurl can't work properly with globals like that why I had to
- clean up almost every function in the new security.c to make them use
- connection specific variables instead of the globals. I just hope I didn't
- destroy anything now... :-) configure updated, version string now reflects
- krb4 built-in. It almost works now. Only uploads are still being naughty.
- Version 7.3pre3
- Daniel (18 September 2000)
- - Martin Hedenfalk supplied a major patch that introduces krb4-ftp support to
- curl. Martin is the primary author of the ftp client named yafc and he did
- not hesitate to help us implement this when I asked him. Many and sincere
- thanks to a splendid effort. It didn't even take many hours!
- - Stephen Kick supplied a big patch that introduces the --interface flag to
- the curl tool and CURLOPT_INTERFACE for libcurl. It allows you to specify an
- outgoing interface to use for your request. This may not work on all
- platforms. This needs testing.
- - Richard Prescott noticed that curl on Tru64 unix could core dumped if the
- name didn't resolve properly. This was due to the GetHost() function not
- returning an error even though it failed on some platforms!
- Daniel (15 September 2000)
- - Updated all sorts of documents in regards to the new proxytunnel support.
- Version 7.3pre2
- Daniel (15 September 2000)
- - Kai-Uwe Rommel pointed out a problem in the httpproxytunnel stuff for ftp.
- Adjusted it. Added better info message when setting up the tunnel and the
- pasv message when doing the second connect.
-
- Version 7.3pre1
- Daniel (15 September 2000)
- - libcurl now allows "httpproxytunnel" to an arbitrary host and port name. The
- second connection on ftp needed that.
- - TheArtOfHTTPScripting was corrected all over. I both type and spell really
- bad at times!
-
- Daniel (14 September 2000)
- - -p/--proxytunnel was added to 'curl'. It uses the new
- CURLOPT_HTTPPROXYTUNNEL libcurl option that allows "any" protocol to tunnel
- through the specified http proxy. At the moment, this should work with ftp.
- Daniel (13 September 2000)
- - Jochen Schaeuble found that file:// didn't work as expected. Corrected this
- and mailed the patch to the mailing list.
- Daniel (7 September 2000)
- - I changed the #define T() in curl.h since it turned out it wasn't really
- a good symbol to use (when you compiled PHP with curl as a module, that
- define collided with some IMAP define or something). This was posted to the
- PHP bug tracker.
- - I added extern "C" stuff in two header files to better allow libcurl usage
- in C++ sorces. Discussions on the libcurl list with Danny Horswell lead to
- this.
- Version 7.2.1
- Daniel (31 August 2000)
- - Albert Chin-A-Young fixed the configure script *again* and now it seems to
- detect Linux name resolving properly! (heard that before?)
- - Troels Walsted Hansen pointed out that downloading a file containing the
- letter '+' from an ftp server didn't work. It did work from HTTP though and
- the reason was my lame URL decoder.
- - I happened to notice that -I didn't at all work on ftp anymore. I corrected
- that.
- Version 7.2
- Daniel (30 August 2000)
- - Understanding AIX is a hard task. I believe I'll never figure out why they
- solve things so differently from the other unixes. Now, I'm left with the
- AIX 4.3 run-time warnings about duplicate symbols that according to this
- article (http://www.geocrawler.com/archives/3/405/1999/9/0/2593428/) is a
- libtool flaw. I tried the mentioned patch, although that stops the linking
- completely.
- So, if I select to ignore the ld warnings there are compiler warnings that
- fill the screen pretty bad when curl compiles. It turns out that if I want
- to '#include <arpa/inet.h>', I can get tid of the warnings by include the
- following three include files before that one:
- #include <net/if_dl.h>
- #include <sys/mbuf.h>
- #include <netinet/if_ether.h>
- Now, is it really sane to add those include files before arpa/inet.h in all
- the source files that include it?
- Thanks to Albert Chin-A-Young at thewrittenword.com who gave me the AIX
- login to try everything on.
- Daniel (24 August 2000)
- - Jan Schmidt supplied us a new VC6 makefile for Windows as the previous one
- was not up to date but lacked several object files.
- - More work on the naming.
- - Albert Chin-A-Young provided a configure-check for large file support, as
- some systems seem to need that for them to work. Had to change the position
- for the config.h include file in every .c file in the libcurl dir...
- - As suggested on the mailing list (by Troy Engel), I did use a --data-binary
- option instead of the messy way I've left described below. It seems to
- work. The libcurl fix remained the same as yesterday.
- Daniel (23 August 2000)
- - Back on the -d stripping newlines thing. The 'plain post' thing was added
- when I had no thought of that one could actually post binary data with
- it. Now, I have to add this functionality in a graceful manner and I think
- I've managed to come up with a way: '-d @file;binary' will thus post the
- file binary, exactly as its contents are. It is implemented with a new
- *setopt() option (CURLOPT_POSTFIELDSIZE) to set the postfield size, since
- libcurl can't strlen() the data in these cases.
- - Albert Chin-A-Young made some very serious efforts and all the name
- resolving problems seem to have been sorted out now on all the platforms
- that previously showed them. I'll make another release now anyday because of
- this.
- - The FAQ was much enhanced when it comes to the licensing issues thanks to
- Bjorn Reese.
- Daniel (21 August 2000)
- - Rick Welykochy pointed out a problem when you use -d to post and you want to
- keep the newlines, as curl strips them off as a bonus before posting...
- This needs to be addressed.
- Version 7.1.1
- Daniel (21 August 2000)
- - Got more people involved in the gethostbyname_r() mess. Caolan McNamara sent
- me configure-code that turned out to be very similar to my existing tests
- which only make me more sure I'm on the right path. I changed the order of
- the tests slightly, as it seems that some compilers don't yell error if a
- function is used with too many parameters. Thus, the first tested function
- will seem ok... Let's hope more compilers think of too-few parameters as bad
- manners, as we're now trying the functions in that order; fewer first. I
- should also add that Lars Hecking mailed me and volunteered to run tests on
- a few odd systems. Coalan is keeping his work over at
- http://www.csn.ul.ie/~caolan/publink/gethostbyname_r/. Might be handy in the
- future as well.
- Daniel (18 August 2000)
- - I noticed I hadn't increased the name lookup buffer in lib/ftp.c. I don't
- think this is the reason for the continued trouble though.
- Daniel (17 August 2000)
- - Fred Noz corrected my stupid mistakes in the gethostbyname_r() fluff. It
- should affect some AIX, Digital Unix and HPUX 10 systems.
- Daniel (15 August 2000)
- - Mathieu Legare compiled and build 7.1 without errors on both AIX 4.2 as well
- as AIX 4.3. Now why did problems occur before?
- - Fred Noz reported a -w/--write-out bug that caused it to malfunction when
- used combined with multiple URL retrievales. All but the first display got
- screwed up!
- Daniel (11 August 2000)
- - Jason Priebe and an anonymous friend found some host names the Linux version
- of curl could not resolve. It turned out the buffer used to retrieve that
- information was too small. Fixed. One could argue about the usefulness of
- not having the slightest trace of a man page for gethostbyname_r() on my
- Linux Redhat installation...
- Daniel (10 August 2000)
- - Balaji S Rao was first in line to note the missing possibility to replace
- the Content-Type: and Content-Length: headers when doing -d posts. I added
- the possibility just now. It seems some people wants to do standard posts
- using custom Content-Types.
- Daniel (8 August 2000)
- - Mike Dowell correctly discovered that curl did not approve of URLs with no
- user name but password. As in 'http://:foo@haxx.se'. I corrected this.
- Version 7.1
- Daniel (7 August 2000)
- - My AIX 4 fix does not work. I need help from a AIX 4 hacker.
- - I added my new document in the docs directory. It is aimed to become a sort
- of tutorial on how to do HTTP scripting with curl.
- Daniel (4 August 2000)
- - Working with Rich Gray on compiling curl for lots of different platforms.
- My fix for AIX 3.2 was not good enough and was slightly changed, I had to
- move an include file before another, as is now described in the source.
- AIX 4.2 (4.X?) has different gethostbyname_r() and gethostbyaddr_r()
- functions that the configure script didn't check for and thus the compile
- broke with an error. I have now changed the gethostbyname_r() check in the
- configure file to support all three versions of both these functions. My
- implementation that uses the AIX-style is though not yet verified and I may
- get problems to fix it if it turns out to bug since I don't have access to
- any system using that.
- For problems like that, I made the configure script allow --disable-thread
- to completely switch off the check for threadsafe versions of a few
- functions and thus go with the "good old versions" that tend to work
- although will break thread-safeness for libcurl. Most people won't use
- libcurl for other things than curl though, and curl doesn't need a
- thread-safe lib.
- - Working on my big tutorial about HTTP scripting with curl.
- Daniel (1 August 2000)
- - Rich Gray spotted a problem in src/setup.h caused by a #define strequal()
- that was just a left-over from passed times. The strequal() is now a true
- function supplied by libcurl for a portable case insensitive string
- comparison. I added the prototypes in include/curl.h and removed the
- now obsolete #define.
- - Igor Khristophorov made a fix to allow resumed download from Sun's
- JavaWebServer/1.1.1. It seems that their server sends bad Content-Range
- headers.
- - The makefiles forced a static library build, which is bad since we now use
- libtool and thus have excellent shared library support! Albert Chin-A-Young
- found out.
- Version 7.0.11beta
- Daniel (1 August 2000)
- - Albert Chin-A-Young pointed out that 'make install' did not properly create
- the header include directory, why it failed to install the header files as
- it should. Automake isn't really equipped to deal with subdirectories
- without Makefiles in any nice way. I had to run ahead and add Makefiles in
- both include and include/curl before I managed to create a top-level
- makefile that succeeds in install everything properly!
- - Ok, no more "features" added now. Let's just verify that there's no major
- flaws added now.
- Daniel (31 July 2000)
- - Both Jeff Schasny and Ketil Froyn asked me how to tell curl not to send one
- of those internally generated headers. They didn't settle with the blank
- ones you could tell curl to use. I rewrote the header-replace stuff a
- little. Now, if you replace an internal header with your own and that new
- one is a blank header you will only remove the internal one and not get any
- blank. I couldn't figure out any case when you want that blank header.
- Daniel (29 July 2000)
- - It struck me that the lib used localtime() which is not thread-safe, so now
- I use localtime_r() in the systems that has it.
- - I went through this entire document and removed all email addresses and left
- names only. I've really made an effort to always note who brought be bug
- reports or fixes, but more and more people ask me to remove the email
- addresses since they become victims for spams this way. Gordon Beaton got me
- working on this.
- Daniel (27 July 2000)
- - Jörn Hartroth found out that when you specified a HTTP proxy in an
- environment variable and used -L, curl failed in the second fetch. I
- corrected this problem and posted a patch to the list. No need for an extra
- beta release just for this.
- Version 7.0.10beta
- Daniel (27 July 2000)
- - So, libtool replaced two of my files with symbolic links and I forgot to add
- the two new libtool files to the release archive (and they were added as
- symlinks as well!) This of course lead to that the configure script failed
- on 7.0.9...
- Version 7.0.9beta
- Daniel (25 July 2000)
- - Kristian Köhntopp <kris at koehntopp.de> brought a fix that makes libcurl
- libtoolified, just as we've wanted for a while now. He also made the
- recently added man pages get installed properly on 'make install' and some
- other nice cleanups.
- - In a discussion with Eetu Ojanen it struck me that if we use curl to get a
- page using a password, and that page then sends a Location: to another
- server that curl follows, curl will send the user name and password to that
- server as well.
- Now, I'll never be able to make curl do Location: following all that perfect
- and you're all sooner or later required to write a script to do several
- fetches when you're doing advanced stuff, but now I've modified curl to at
- least *only* send the user name and password to the original server. Which
- means that if get a page from server A with a password, that forwards curl
- to server B, curl won't use the password there. If server B then forwards
- curl back to server A again, the password will be used again.
- This is not a perfect implementation, as in a browser case it would only use
- the password if the left-prefix of the first path is the same. I just think
- that this fix prevents a somewhat lurky "security hole".
- As a side-note in this subject: HTTP passwords are sent in cleartext and
- will never be considered to be safe or secure. Use HTTPS for that.
- - As discussed on the mailing list, I converted the FTP response reading
- function into using select() which then allows timeouts (even under win32!)
- if the command-reply session gets too slow or dies completely. I made a
- default timeout on 3600 seconds unless anything else is specified, since I
- don't think anyone wants to wait more than that for a single character to
- get received...
- - Torsten Foertsch <torsten.foertsch at gmx.net> brought a set of fixes for
- the rfc1867 form posts. He introduced 'name=<file' which brings a means to
- suuply very large text chunks read from the given file name. It differs from
- 'name=@file' in the way that this latter thing is marked in the uploaded
- contents as a file upload, while the first is just text (as in a input or
- textarea field). Torsten also corrected a bug that would happen if you used
- %s or similar in a -F file name.
- - As discovered by Nico Baggus <Nico.Baggus at mail.ing.nl>, when transferring
- files to/from FTP using type ASCII curl should not expect the transfer to be
- the exact size reported by the server as the file size. Since ASCII may very
- well mean that the content is translated while transfered, the final size
- may very well differ. Therefor, curl now ignores the file size when doing
- ASCII transfers in FTP.
- Daniel (24 July 2000)
- - Added CURLOPT_PROXYPORT to the curl_easy_setopt() call to allow the proxy
- port number to be set separately from the proxy host name.
- - Andrew <andrew at ugh.net.au> pointed out a netrc manual bug.
- - The FTP transfer code now accepts a 250-code as well as the previously
- accepted 226, after a successful file transfer. Mohan <mnair at
- evergreen-funds.com> pointed this out.
- - The check for *both* nsl and socket was never added in the v7 configure.in
- when I moved the main branch. I re-added that check to configure.in. This was
- discovered by Rich Gray.
- - Howard, Blaise <Blaise.Howard at factiva.com> pointed out a missing free() in
- curl_disconnect() which of course meant libcurl ate memory.
- - Brian E. Gallew noted that the HTTP 'Host:' header curl sent did not
- properly include the port number if non-default ports were used. This should
- now have been fixed.
- - HTTP connect errors now return errors earlier. This was most notably causing
- problems when the HTTPS certificate had problems and later caused a crash.
- Many thanks to Gregory Nicholls <gnicholls at level8.com> for discovering
- and suggesting a fix...
- Daniel (21 June 2000)
- - After a "bug report" I received where the user was using both -F and -I in a
- HTTP request (it severly confused the library I should add), I added some
- checks to src/main.c that prevents setting more than one HTTP request
- command, no matter what the user wants! ;-)
- Version 7.0.8beta
- Daniel (20 June 2000)
- - I did a major replace in many files to use the new curl domain haxx.se
- instead of the previous one.
- - As Eetu Ojanen suggested, I finally took the step and now libcurl no longer
- makes a POST after it has followed a location. When the initial POST has
- been done, it'll turned into a GET for the further requests. This is only
- interesting when using -L/--location *and* doing a POST at the same time.
- While messing with this, I added another weird feature I call 'auto
- referer'. If you append ';auto' to the right of a given referer string (or
- only use that string as referer), libcurl will automatically set the
- previoud URL as refered when it follows a Location: and gets a succeeding
- document.
- - My hero Rich Gray found the very obscure FTP bug that happened to him only
- when passing through a particular firewall and using the PORT command. It
- turned out that PORT was the only command in the lib/ftp.c source that
- didn't send a proper \r\n sequence but instead used the faulty \n which as
- it seemed is supported by most major ftp servers... :-O
- Version 7.0.7beta
- Daniel (16 June 2000)
- - I had avoided this long enough now, so I moved the alternative progress bar
- stuff from the lib and added it to the client code. This is now using the
- recently added progress callback and it seems to work pretty much like
- before. Since it is only one progress bar and you and download and upload at
- the same time, this bar shows the combined progress of both directions. This
- code was just ported from the old place to this, Lars is still our saviour!
- ;-) This also made the documentation more accurate since I never removed
- this function from any docs! Although I now removed the CURLOPT_PROGRESSMODE
- from the library since the lib has only one internal progress meter and it
- will never get another. It is although likely that the internal one also
- will be moved to the client code in the future (when I have other means of
- getting the writeout data and move that too to the client).
- - I took the opportunity to verify that standard progress meter works and I
- found out it didn't get inited properly. Grrr. I corrected that as well.
- Daniel (15 June 2000)
- - I thought I'd better verify that the -F option still works in v7 and of
- course it didn't... :-/ Anyway, I had the problems I could discover
- corrected. About one month of beta testing and not a single person has used
- this feature with v7?
- - Björn correctly pointed out that the --progress-bar still doesn't work in
- v7. Hm.
- Daniel (14 June 2000)
- - Tim Tassonis discovered that curl 7 didn't handle normal http POST as it
- should. I corrected this.
- Version 7.0.6beta
- Daniel (14 June 2000)
- - Björn Stenberg pointed out several problems (related to win32 compiling):
- lib/strequal.c had a bad #ifdef for one of the string comparisons (win32)
- src/main.c had several minor problems
- lib/makefile.m32 had getpass.[co] twice
- src/config-win32.h lacked the HAVE_FCNTL_H define
- both config-win32.h files now only set the HAVE_UNISTD_H define if the
- define MINGW32 is set, and I modified src/makefile.m32 and lib/makefile.m32
- to set it.
- Version 7.0.5beta
- Daniel (14 June 2000)
- - Applied Luong Dinh Dung's comments about a few win32 compile problems.
- - Applied Björn Stenberg's suggested fix that turns the win32 stdout to
- binary. It won't do it if the -B / --use-ascii option is used. That option
- is now an extended version of the previous -B /--ftp--ascii. The flag was
- already in use be the ldap as well so the new name fits pretty good. The
- libcyrl CURLOPT_TRANSFERTEXT was also introduced as an alias to the now
- obsolete CURLOPT_FTPASCII. Can't verify this fix myself as I have no win32
- compiler around.
- Daniel (13 June 2000)
- - Luong Dinh Dung <dung at sch.bme.hu> found a problem in curl_easy_cleanup()
- since it free()ed the main curl struct *twice*. This is now corrected.
- Daniel (9 June 2000)
- - Updated the RESOURCES file, added a README.win32 file.
- Daniel (8 June 2000)
- - So I finally added the progress callback to the *setopt() options and it
- should work now. I don't have the energy to write any test program for it
- right now.
- - Made the callback function typedefs public in curl/curl.h for comfort. Just
- in case anyone wanna fiddle with such pointers.
- - Updated the curl_easy_setopt() man page accordingly.
- Version 7.0.4beta
- Daniel (2 June 2000)
- - I noticed that when doing Location: following, we lost custom headers in all
- but the first request.
- - Removed the 'HttpPost' struct and moved the header stuff to the more generic
- curl_slist.
- - Added some better slist-cleanups in src/main.c
- Version 7.0.3beta
- Daniel (31 May 2000)
- - So I discovered that I released the 7.0.2beta without it being able to
- compile under Linux. gethostbyname_r() and gethostbyaddr_r() turned out to
- feature a different amount of arguments on different systems so I had to add
- a configure check for this and adjust the code slightly.
- Version 7.0.2beta
- Daniel (29 May 2000)
- - Corrected the bits.* assignments when using CURLOPT options that only
- toggles one of those bits.
- - Applied the huge patches from David LeBlanc <dleblanc at qnx.com> that add
- usage of the gethostbyname_r() and similar functions in case they're around,
- since that make libcurl much better threadsafe in many systems (such as
- solaris). I added the checks for these functions to the configure script.
- I can't explain why, but the inet_ntoa_r() function did not appear in my
- Solaris include files, I had to add my own include file for this for now.
- Daniel (22 May 2000)
- - Jörn Hartroth brought me fixes to make the win32 version compile properly as
- well as a rename of the 'interface' field in the urldata struct, as it seems
- to be reserved in some gcc versions!
- - Rich Gray struck back with yet some portability reports. Data General DG/UX
- needed a little fix in lib/ldap.c since it doesn't have RTLD_GLOBAL defined.
- More fixes are expected as a result of Richies very helpful work.
- Version 7.0.1beta
- Daniel (21 May 2000)
- - Updated lots of #defines, enums and variable type names in the library. No
- more weird URG or URLTAG prefixes. All types and names should be curl-
- prefixed to avoid name space clashes. The FLAGS-parameter to the former
- curl_urlget() has been converted into a bunch of flags to use in separate
- setopt calls. I'm still focusing on the easy-interface, as the curl tool is
- now using that.
- - Bjorn Reese has provided me with an asynchronous name resolver that I plan
- to use in upcoming versions of curl to be able to gracefully timeout name
- lookups.
- Version 7.0beta
- Daniel (18 May 2000)
- - Introduced LIBCURL_VERSION_NUM to the curl.h include file to better allow
- source codes to be dependent on the lib version. This define is now set to
- a dexadecimal number, with 8 bits each for major number, minor number and
- patch number. In other words, version 1.2.3 would make it 0x010203. It also
- makes a larger number a newer version.
- Daniel (17 May 2000)
- - Martin Kammerhofer correctly pointed out several flaws in the FTP range
- option. I corrected them.
- - Removed the win32 winsock init crap from the lib to the src/main.c file
- in the application instead. They can't be in the lib, especially not for
- multithreaded purposes.
- Daniel (16 May 2000)
- - Rewrote the src/main.c source to use the new easy-interface to libcurl 7.
- There is still more work to do, but the first step is now taken.
- <curl/easy.h> is the include file to use.
- Daniel (14 May 2000)
- - FTP URLs are now treated slightly different, more according to RFC 1738.
- - FTP sessions are now performed differently, with CWD commands to change
- directory instead of RETR/STOR/LIST with the full path. Discussions with
- Rich Gray made me notice these problems.
- - Janne Johansson discovered and corrected a buffer overflow in the
- src/usrglob.c file.
- - I had to add a lib/strequal.c file for doing case insensitive string
- compares on all platforms.
- Daniel (8 May 2000):
- - Been working lots on the new lib.
- - Together with Rich Gray, I've tried to adjust the configure script to work
- better on the NCR MP-RAS Unix.
- Daniel (2 May 2000):
- - Albert Chin-A-Young pointed out that I had a few too many instructions in
- configure.in that didn't do any good.
- Daniel (24 April 2000):
- - Added a new paragraph to the FAQ about what to do when configure can't
- find OpenSSL even though it is installed. Supplied by Bob Allison
- Daniel (12 April 2000):
- - Started messing around big-time to convert the old library interface to a
- better one...
- Daniel (8 April 2000):
- - Made the progress bar look better for file sizes between 9999 kilobytes
- and 100 megabytes. They're now displayed XX.XM.
- - I also noticed that ftp fetches through HTTP proxies didn't add the user
- agent string. It does now.
- - Habibie <habibie at MailandNews.com> supplied a pretty good way to build RPMs
- on a Linux machine. It still a) requires me to be root to do it, b) leaves
- the rpm packages laying at some odd place on my disk c) doesn't work to
- build the ssl version of curl since I didn't install openssl from an rpm
- package so now the rpm crap thinks I don't have openssl and refuses to build
- a package that depends on ssl... Did I mention I don't get along with RPM?
- - Once again I received a bug report about autoconf not setting -L prior to -l
- on the command line when checking for libs. In this case it made the native
- cc compiler on Solaris 7 to fail the OpenSSL check. This has previously been
- reported to cause problems on HP-UX and is a known flaw in autoconf 2.13. It
- is a pity there's no newer release around...
- Daniel (4 April 2000):
- - Marco G. Salvagno supplied me with two fixes that
- appearantly makes the OS/2 port work better with multiple URLs.
- Daniel (2 April 2000):
- - Another Location: fix. This time, when curl connected to a port and then
- followed a location with an absolute URL to another port, it misbehaved.
- Daniel (27 March 2000):
- - H. Daphne Luong pointed out that curl was wrongly
- messing up the proxy string when fetching a document through a http proxy,
- which screwed up multiple fetches such as in location: followings.
- Daniel (23 March 2000):
- - Marco G. Salvagno corrected my badly applied patch he
- actually already told me about!
- - H. Daphne Luong brought me a fix that now makes curl
- ignore select() errors in the download if errno is EINTR, which turns out to
- happen every now and then when using libcurl multi-threaded...
- Daniel (22 March 2000):
- - Wham Bang supplied a couple of win32 fixes. HAVE_UNAME
- was accidentally #defined in config-win32.h, which it shouldn't have been.
- The HAVE_UNISTD_H is not defined when compiling with the Makefile.vc6
- makefile for MS VC++.
- Daniel (21 March 2000):
- - I removed the AC_PROG_INSTALL macro from configure.in, since it appears that
- one of the AM_* macros searches for a BSD compatible install already. Janne
- Johansson made me aware of this.
- Version 6.5.2
- Daniel (21 March 2000):
- - Paul Harrington quickly pointed out to me that 6.5.1
- crashes hard. I upload 6.5.2 now as quickly as possible! The problem was
- the -D adjustments in src/main.c.
- Version 6.5.1
- Daniel (20 March 2000):
- - An anonymous post on sourceforge correctly pointed out a possible buffer
- overflow in the curl_unescape() function for URL conversions. The main
- problem with this bug is that the ftp download uses that function and this
- single- byte overflow could lead to very odd bugs (as one reported by Janne
- Johansson).
- Daniel (19 March 2000):
- - Marco G. Salvagno supplied me with a series of patches
- that now allows curl to get compiled on OS/2. It even includes a section in
- the INSTALL file. Very nice job!
- Daniel (17 March 2000):
- - Wham Bang supplied a patch for the lib/Makefile.vc6
- file. We still need some fixes for the config-win32.h since it appears that
- VC++ and mingw32 have different opinions about (at least) unistd.h's
- existence.
- Daniel (15 March 2000):
- - I modified the -D/--dump-header workings so that it doesn't write anything
- to the file until it needs to. This way, you can actually use -b and -D
- on the same file if you want repeated invokes to store and read the cookies
- in that one single file.
- - Poked around in lots of texts. Added the BUGS file for bug reporting stuff.
- Added the classic HTTP POST question to the FAQ, removed some #ifdef WIN32
- stuff from the sources (they're covered by the config-win32.h now).
- - Pascal Gaudette fixed a missing ldap.c problem in the
- Makefile.vc6 file. He also addressed a problem in src/config-win32.h.
- Daniel (14 March 2000):
- - Paul Harrington pointed out that the 'http_code' variable in the -w output
- was never written. I fixed it now.
- - Janne Johansson reported the complaints that OpenBSD does
- when getdate.c #includes malloc.h. It claims stdlib.h should be included
- instead. I added #ifdef HAVE_MALLOC_H code in getdate.y and two checks in
- the configure.in for malloc.h and stdlib.h.
- Version 6.5
- Daniel (13 March 2000):
- - <curl at spam.wolvesbane.net> pointed out that the way curl sent cookies in a
- single line wasn't enjoyed by IIS4.0 servers. In my view, that is not what
- the standards say, but I added a white space between the name/value pairs to
- perhaps make them work better.
- - Added the perl check back in the configure.in again since the mkhelp.pl
- script needs it!
- - Made some beautifications in the curl man page.
- Daniel (3 March 2000):
- - Jörn helped me update the config-win32.h files with HAVE_SETVBUF and
- HAVE_STRDUP.
- Daniel (3 March 2000):
- - Uploaded the 6.5pre2 package.
- Daniel (2 March 2000):
- - Removed the perl-programs from the distribution, they never made many people
- happy and I'll still keep them available on the web.
- - Added the -w and -N stuff to the man page. Documented the new progress meter
- display in README.curl.
- - Jörn Hartroth, Chris <cbayliss at csc.come> and Ulf
- Möller from the openssl development team helped bringing me the details for
- fixing an OpenSSL usage flaw. It became apparent when they released openssl
- 0.9.5 since that barfed on curl's bad behavior (not seeding a random number
- thing).
- - Yet another option: -N/--no-buffer disables buffering in the output stream.
- Probably most useful for very slow transfers when you really want to get
- every byte curl receives within some preferred time. Andrew <tmr at gci.net>
- suggested this.
- - Damien Adant mailed me his fixes for making curl compile on Ultrix.
- Daniel (24 February 2000):
- - Applied Jörn Hartroth's fixes for config-win32.h and lib/Makefile.w32.
- I should also make a note here, if nothing else to myself, that when using
- the %-syntax for variables in DOS command prompts, you must use two %-
- letters for each one since that is an escape letter there! Maybe I should
- use another letter instead!
- - Added more variables to -w:
- 'http_code'
- 'time_namelookup'
- 'time_connect'
- 'time_pretransfer'
- 'url_effective'
- - Made -w@filename read the syntax from a file and -w@- reads the syntax from
- stdin in the good old "standard" curl way.
- Daniel (22 February 2000):
- - Released a 6.5pre1 version to get some test and user feedback.
- Daniel (21 February 2000):
- - I added the -w/--write-out flag and some variables to go with it. -w is a
- single string, whatever you enter there will be written out when curl has
- completed a successful request. There are some variable substitutions and
- they are specified as '%{variable}' (without the quotes). Variables that
- exist as of this moment are:
- total_time - total transfer time in seconds (with 2 decimals)
- size_download - total downloaded amount of bytes
- size_upload - total uploaded amount of bytes
- speed_download - the average speed of the entire download
- speed_upload - the average speed of the entire upload
- I will of course add more variables, but I need input on these and others.
- - It struck me that the -# progress bar will be hard to just apply on the new
- progress bar concept. I need some feedback on this before that'll get re-
- introduced! :-/
- Daniel (16 February 2000):
- - Jörn Hartroth brought me some fixes for the progress meter and I continued
- working on it. It seems to work for http download, http post, ftp download
- and ftp upload. It should be a pretty good test it works generally good.
- - Still need to add the -# progress bar into the new style progress interface.
- - Gonna have a go at my new output option parameter next.
- Daniel (15 February 2000):
- - The progress meter stuff is slowly taking place. There's more left before it
- is working ok and everything is tested, but we're reaching there. Slowly!
- Daniel (11 February 2000):
- - Paul Marquis fixed the config file parsing of curl to
- deal with any-length lines, removing the previous limit of 4K.
- - Eetu Ojanen's suggestion of supporting the @-style for -b
- is implemented. Now -b@<filename> works as well as the old style. -b@- also
- similarly reads the cookies from stdin.
- - Reminder: -D should not write to the file until it needs to, in the same way
- -o does. That would enable curl to use -b and -D on the same file...
- - Ellis Pritchard made getdate.y work for MacOS X.
- - Paul Harrington helped me out finding the crash in the
- cookie parser. He also pointed out curl's habit of sending empty cookies to
- the server.
- Daniel (8 February 2000):
- - Ron Zapp corrected a problem in src/urlglob.c that
- prevented curl from getting compiled on sunos 4. The problem had to do
- with the difference in sprintf() return code types.
- - Transfer() should now be able to download and upload simultaneously. Let's
- do some progress meter fixes later this week.
- Daniel (31 January 2000):
- - Paul Harrington found another core dump in the cookie
- parser. Curl doesn't properly recognize the 'version' keyword and I think
- that is what caused this. I need to refresh some specs on cookies and see
- what else curl lacks to improve this a bit more once and for all.
- RFC 2109 clearly specifies how cookies should be dealt with when they are
- compliant with that spec. I don't think many servers are though...
- - Mark W. Eichin found that while curl is uploading a form
- to a web site, it doesn't read incoming data why it'll hang after a while
- since the socket "pipe" becomes full.
- It took me two hours to rewrite Download() and Upload() into the new
- single function Transfer(). It even seems to work! More testing is required
- of course... I should get the header-sending together in a kind of queue
- and let them get "uploaded" in Transfer() as well.
- - Zhibiao Wu pointed out a curl bug in the location: area,
- although I did not get a reproducible way to do this why I have to wait
- with fixing anything.
- - Bob Schader suggested I should implement resume
- support for the HTTP PUT operation, and as I think it is a valid suggestion
- I'll work on it.
- Daniel (25 January 2000):
- - M Travis Obenhaus pointed out a manual mixup with -y and -Y that was
- corrected.
- - Jens Schleusener pointed out a problem to compile
- curl on AIX 4.1.4 and gave me a solution. This problem was already fixed
- by Jörn's recent #include modifications!
- Daniel (19 January 2000):
- - Oskar Liljeblad pointed out and corrected a problem
- in the Location: following system that made curl following a location: to a
- different protocol to fail.
- At January 31st I re-considered this fix and the surrounding source code. I
- could not really see that the patch did any difference, why I removed it
- again for further research and debugging. (It disabled location: following
- on server not running on default ports.)
- - Jörn Hartroth brought a fix that once again
- made it possible to select progress bar.
- - Jörn also fixed a few include problems.
- Version 6.4
- Daniel (17 January 2000):
- - Based on suggestions from Björn Stenberg, I made the
- progress deal better with larger files and added a "Time" field which shows
- the time spent on the download so far.
- - I'm now using the CVS repository on sourceforge.net, which also allows web
- browsing. See http://curl.haxx.nu.
- Daniel (10 January 2000):
- - Renumbered some enums in curl/curl.h since tag number 35 was used twice!
- - Added "postquote" support to the ftp section that enables post-ftp-transfer
- quote commands.
- - Now made the -Q/--quote parameter recognize '-' as a prefix, which means
- that command will be issued AFTER a successful ftp transfer. This can of
- course be used to delete or rename a file after it has been uploaded or
- downloaded. Use your imagination! ;-)
- - Since I do the main development on solaris 2.6 now, I had to download and
- install GNU groff to generate the hugehelp.c file. The solaris nroff cores
- on the man page! So, in order to make the solaris configure script find a
- better result I made gnroff get checked prior to the regular nroff.
- - Added all the curl exit codes to the man page.
- - Jim Gallagher properly tracked down a bug in autoconf
- 2.13. The AC_CHECK_LIB() macro wrongfully uses the -l flag before the -L
- flag to 'ld' which causes the HP-UX 10.20 flavour to fail on all libchecks
- and therefore you can't make the configure script find the openssl libs!
- Daniel (28 December 1999):
- - Tim Verhoeven correctly identified that curl
- doesn't support URL formatted file names when getting ftp. Now, there's a
- problem with getting very weird file names off FTP servers. RFC 959 defines
- that the file name syntax to use should be the same as in the native OS of
- the server. Since we don't know the peer server system we currently just
- translate the URL syntax into plain letters. It is still better and with
- the solaris 2.6-supplied ftp server it works with spaces in the file names.
- Daniel (27 December 1999):
- - When curl parsed cookies straight off a remote site, it corrupted the input
- data, which, if the downloaded headers were stored made very odd characters
- in the saved data. Correctly identified and reported by Paul Harrington.
- Daniel (13 December 1999):
- - General cleanups in the library interface. There had been some bad kludges
- added during times of stress and I did my best to clean them off. It was
- both regarding the lib API as well as include file confusions.
- Daniel (3 December 1999):
- - A small --stderr bug was reported by Eetu Ojanen...
- - who also brought the suggestion of extending the -X flag to ftp list as
- well. So, now it is and the long option is now --request instead. It is
- only for ftp list for now (and the former http stuff too of course).
- Lars J. Aas (24 November 1999):
- - Patched curl to compile and build under BeOS. Doesn't work yet though!
- - Corrected the Makefile.am files to allow putting object files in
- different directories than the sources.
- Version 6.3.1
- Daniel (23 November 1999):
- - I've had this major disk crash. My good old trust-worthy source disk died
- along with the machine that hosted it. Thank goodness most of all the
- things I've done are either backed up elsewhere or stored in this CVS
- server!
- - Michael S. Steuer pointed out a bug in the -F handling
- that made curl hang if you posted an empty variable such as '-F name='. It
- was one of those old bugs that never have worked properly...
- - Jason Baietto pointed out a general flaw in the HTTP
- download. Curl didn't complain if it was prematurely aborted before the
- entire download was completed. It does now.
- Daniel (19 November 1999):
- - Chris Maltby very accurately criticized the lack of
- return code checks on the fwrite() calls. I did a thorough check for all
- occurrences and corrected this.
- Daniel (17 November 1999):
- - Paul Harrington pointed out that the -m/--max-time option
- doesn't work for the slow system calls like gethostbyname()... I don't have
- any good fix yet, just a slightly less bad one that makes curl exit hard
- when the timeout is reached.
- - Bjorn Reese helped me point out a possible problem that might be the reason
- why Thomas Hurst experience problems in his Amiga version.
- Daniel (12 November 1999):
- - I found a crash in the new cookie file parser. It crashed when you gave
- a plain http header file as input...
- Version 6.3
- Daniel (10 November 1999):
- - I kind of found out that the HTTP time-conditional GETs (-z) aren't always
- respected by the web server and the document is therefore sent in whole
- again, even though it doesn't match the requested condition. After reading
- section 13.3.4 of RFC 2616, I think I'm doing the right thing now when I do
- my own check as well. If curl thinks the condition isn't met, the transfer
- is aborted prematurely (after all the headers have been received).
- - After comments from Robert Linden I also rewrote some parts of the man page
- to better describe how the -F works.
- - Michael Anti put up a new curl download mirror in
- China: http://www.pshowing.com/curl/
- - I added the list of download mirrors to the README file
- - I did add more explanations to the man page
- Daniel (8 November 1999):
- - I made the -b/--cookie option capable of reading netscape formatted cookie
- files as well as normal http-header files. It should be able to
- transparently figure out what kind of file it got as input.
- Daniel (29 October 1999):
- - Another one of Sebastiaan van Erk's ideas (that has been requested before
- but I seem to have forgotten who it was), is to add support for ranges in
- FTP downloads. As usual, one request is just a request, when they're two
- it is a demand. I've added simple support for X-Y style fetches. X has to
- be the lower number, though you may omit one of the numbers. Use the -r/
- --range switch (previously HTTP-only).
- - Sebastiaan van Erk suggested that curl should be
- able to show the file size of a specified file. I think this is a splendid
- idea and the -I flag is now working for FTP. It displays the file size in
- this manner:
- Content-Length: XXXX
- As it resembles normal headers, and leaves us the opportunity to add more
- info in that display if we can come up with more in the future! It also
- makes sense since if you access ftp through a HTTP proxy, you'd get the
- file size the same way.
- I changed the order of the QUOTE command executions. They're now executed
- just after the login and before any other command. I made this to enable
- quote commands to run before the -I stuff is done too.
- - I found out that -D/--dump-header and -V/--version weren't documented in
- the man page.
- - Many HTTP/1.1 servers do not support ranges. Don't ask me why. I did add
- some text about this in the man page for the range option. The thread in
- the mailing list that started this was initiated by Michael Anti.
- - I get reports about nroff crashes on solaris 2.6+ when displaying the curl
- man page. Switch to gnroff instead, it is reported to work(!). Adam Barclay
- reported and brought the suggestion.
- - In a dialogue with Johannes G. Kristinsson we came
- up with the idea to let -H/--header specified headers replace the
- internally generated headers, if you happened to select to add a header
- that curl normally uses by itself. The advantage with this is not entirely
- obvious, but in Johannes' case it means that he can use another Host: than
- the one curl would set.
- Daniel (27 October 1999):
- - Jongki Suwandi brought a nice patch for (yet another) crash when following
- a location:. This time you had to follow a https:// server's redirect to
- get the core.
- Version 6.2
- Daniel (21 October 1999):
- - I think I managed to remove the suspicious (nil) that has been seen just
- before the "Host:" in HTTP requests when -v was used.
- - I found out that if you followed a location: when using a proxy, without
- having specified http:// in the URL, the protocol part was added once again
- when moving to the next URL! (The protocol part has to be added to the
- URL when going through a proxy since it has no protocol-guessing system
- such as curl has.)
- - Benjamin Ritcey reported a core dump under solaris 2.6
- with OpenSSL 0.9.4. It turned out this was due to a bad free() in main.c
- that occurred after the download was done and completed.
- - Benjamin found ftp downloads to show the first line of the download meter
- to get written twice, and I removed that problem. It was introduced with
- the multiple URL support.
- - Dan Zitter correctly pointed out that curl 6.1 and earlier versions didn't
- honor RFC 2616 chapter 4 section 2, "Message Headers": "...Field names are
- case-insensitive..." HTTP header parsing assumed a certain casing. Dan
- also provided me with a patch that corrected this, which I took the liberty
- of editing slightly.
- - Dan Zitter also provided a nice patch for config.guess to better recognize
- the Mac OS X
- - Dan also corrected a minor problem in the lib/Makefile that caused linking
- to fail on OS X.
- Daniel (19 October 1999):
- - Len Marinaccio came up with some problems with curl. Since Windows has a
- crippled shell, it can't redirect stderr and that causes trouble. I added
- --stderr today which allows the user to redirect the stderr stream to a
- file or stdout.
- Daniel (18 October 1999):
- - The configure script now understands the '--without-ssl' flag, which now
- totally disable SSL/https support. Previously it wasn't possible to force
- the configure script to leave SSL alone. The previous functionality has
- been retained. Troy Engel helped test this new one.
- Version 6.1 (October 17 1999)
- Daniel (17 October 1999):
- - I ifdef'ed or commented all the zlib stuff in the sources and configure
- script. It turned out we needed to mock more with zlib than I initially
- thought, to make it capable of downloading compressed HTTP documents and
- uncompress them on the fly. I didn't mean the zlib parts of curl to become
- more than minor so this means I halt the zlib expedition for now and wait
- until someone either writes the code or zlib gets updated and better
- adjusted for this kind of usage. I won't get into details here, but a
- short a summary is suitable:
- - zlib can't automatically detect whether to use zlib or gzip
- decompression methods.
- - zlib is very neat for reading gzipped files from a file descriptor,
- although not as nice for reading buffer-based data such as we would
- want it.
- - there are still some problems with the win32 version when reading from
- a file descriptor if that is a socket
- Daniel (14 October 1999):
- - Moved the (external) include files for libcurl into a subdirectory named
- curl and adjusted all #include lines to use <curl/XXXX> to maintain a
- better name space and control of the headers. This has been requested.
- Daniel (12 October 1999):
- - I modified the 'maketgz' script to perform a 'make' too before a release
- archive is put together in an attempt to make the time stamps better and
- hopefully avoid the double configure-running that use to occur.
- Daniel (11 October 1999):
- - Applied Jörn's patches that fixes zlib for mingw32 compiles as well as
- some other missing zlib #ifdef and more text on the multiple URL docs in
- the man page.
- Version 6.1beta
- Daniel (6 October 1999):
- - Douglas E. Wegscheid sent me a patch that made the exact same thing as I
- just made: the -d switch is now capable of reading post data from a named
- file or stdin. Use it similarly to the -F. To read the post data from a
- given file:
- curl -d @path/to/filename www.postsite.com
- or let curl read it out from stdin:
- curl -d @- www.postit.com
- Jörn Hartroth (3 October 1999):
- - Brought some more patches for multiple URL functionality. The MIME
- separation ideas are almost scrapped now, and a custom separator is being
- used instead. This is still compile-time "flagged".
- Daniel
- - Updated curl.1 with multiple URL info.
- Daniel (30 September 1999):
- - Felix von Leitner brought openssl-check fixes for configure.in to work
- out-of-the-box when the openssl files are installed in the system default
- dirs.
- Daniel (28 September 1999)
- - Added libz functionality. This should enable decompressing gzip, compress
- or deflate encoding HTTP documents. It also makes curl send an accept that
- it accepts that kind of encoding. Compressed contents usually shortens
- download time. I *need* someone to tell me a site that uses compressed HTTP
- documents so that I can test this out properly.
- - As a result of the adding of zlib awareness, I changed the version string
- a little. I plan to add openldap version reporting in there too.
- Daniel (17 September 1999)
- - Made the -F option allow stdin when specifying files. By using '-' instead
- of file name, the data will be read from stdin.
- Version 6.0 (September 14 1999)
- Daniel (13 September 1999)
- - Added -X/--http-request <request> to enable any HTTP command to be sent.
- Do not that your server has to support the exact string you enter. This
- should possibly a string like DELETE or TRACE.
- - Applied Douglas' mingw32-fixes for the makefiles.
- Daniel (10 September 1999)
- - Douglas E. Wegscheid pointed out a problem. Curl didn't check the FTP
- servers return code properly after the --quote commands were issued. It
- took anything non 200 as an error, when all 2XX codes should be accepted as
- OK.
- - Sending cookies to the same site in multiple lines like curl used to do
- turned out to be bad and breaking the cookie specs. Curl now sends all
- cookies on a single Cookie: line. Curl is not yet RFC 2109 compliant, but I
- doubt that many servers do use that syntax (yet).
- Daniel (8 September 1999)
- - Jörn helped me make sure it still compiles nicely with mingw32 under win32.
- Daniel (7 September 1999)
- - FTP upload through proxy is now turned into a HTTP PUT. Requested by
- Stefan Kanthak.
- - Added the ldap files to the .m32 makefile.
- Daniel (3 September 1999)
- - Made cookie matching work while using HTTP proxy.
- Bjorn Reese (31 August 1999)
- - Passed his ldap:// patch. Note that this requires the openldap shared
- library to be installed and that LD_LIBRARY_PATH points to the
- directory where the lib will be found when curl is run with a
- ldap:// URL.
- Jörn Hartroth (31 August 1999)
- - Made the Mingw32 makefiles into single files.
- - Made file:// work for Win32. The same code is now used for unix as well for
- performance reasons.
- Douglas E. Wegscheid (30 August 1999)
- - Patched the Mingw32 makefiles for SSL builds.
- Matthew Clarke (30 August 1999)
- - Made a cool patch for configure.in to allow --with-ssl to specify the
- root dir of the openssl installation, as in
- ./configure --with-ssl=/usr/ssl_here
- - Corrected the 'reconf' script to work better with some shells.
- Jörn Hartroth (26 August 1999)
- - Fixed the Mingw32 makefiles in lib/ and corrected the file.c for win32
- compiles.
- Version 5.11
- Daniel (25 August 1999)
- - John Weismiller pointed out a bug in the header-line
- realloc() system in download.c.
- - I added lib/file.[ch] to offer a first, simple, file:// support. It
- probably won't do much good on win32 system at this point, but I see it
- as a start.
- - Made the release archives get a Makefile in the root dir, which can be
- used to start the compiling/building process easier. I haven't really
- changed any INSTALL text yet, I wanted to get some feed-back on this
- first.
- Daniel (17 August 1999)
- - Another Location: bug. Curl didn't do proper relative locations if the
- original URL had cgi-parameters that contained a slash. Nusu's page
- again.
- - Corrected the NO_PROXY usage. It is a list of substrings that if one of
- them matches the tail of the host name it should connect to, curl should
- not use a proxy to connect there. Pointed out to me by Douglas
- E. Wegscheid. I also changed the README text a little regarding this.
- Daniel (16 August 1999)
- - Fixed a memory bug with http-servers that sent Location: to a Location:
- page. Nusu's page showed this too.
- - Made cookies work a lot better. Setting the same cookie name several times
- used to add more cookies instead of replacing the former one which it
- should've. Nusu <nus at intergorj.ro> brought me an URL that made this
- painfully visible...
- Troy (15 August 1999)
- - Brought new .spec files as well as a patch for configure.in that lets the
- configure script find the openssl files better, even when the include
- files are in /usr/include/openssl
- Version 5.10
- Daniel (13 August 1999)
- - SSL_CTX_set_default_passwd_cb() has been modified in the 0.9.4 version of
- OpenSSL. Now why couldn't they simply add a *new* function instead of
- modifying the parameters of an already existing function? This way, we get
- a compiler warning if compiling with 0.9.4 but not with earlier. So, I had
- to come up with a #if construction that deals with this...
- - Made curl output the SSL version number get displayed properly with 0.9.4.
- Troy (12 August 1999)
- - Added MingW32 (GCC-2.95) support under Win32. The INSTALL file was also
- a bit rearranged.
-
- Daniel (12 August 1999)
- - I had to copy a good <arpa/telnet.h> include file into the curl source
- tree to enable the silly win32 systems to compile. The distribution rights
- allows us to do that as long as the file remains unmodified.
- - I corrected a few minor things that made the compiler complain when
- -Wall -pedantic was used.
- - I'm moving the official curl web page to http://curl.haxx.nu. I think it
- will make it easier to remember as it is a lot shorter and less cryptic.
- The old one still works and shows the same info.
- Daniel (11 August 1999)
- - Albert Chin-A-Young mailed me another correction for NROFF in the
- configure.in that is supposed to be better for IRIX users.
- Daniel (10 August 1999)
- - Albert Chin-A-Young helped me with some stupid Makefile things, as well as
- some fiddling with the getdate.c stuff that he had problems with under
- HP-UX v10. getdate.y will now be compiled into getdate.c if the appropriate
- yacc or bison is found by the configure script. Since this is slightly new,
- we need to test the output getdate.c with win32 systems to make sure it
- still compiles there.
- Daniel (5 August 1999)
- - I've just setup a new mailing list with the intention to keep discussions
- around libcurl development in it. I mainly expect it to be for thoughts and
- brainstorming around a "next generation" library, rather than nitpicking
- about the current implementation or details in the current libcurl.
- To join our happy bunch of future-looking geeks, enter 'subscribe
- <address>' in the body of a mail and send it to
- libcurl-request@listserv.fts.frontec.se. Curl bug reports, the usual curl
- talk and everything else should still be kept in this mailing list. I've
- started to archive this mailing list and have put the libcurl web page at
- www.fts.frontec.se/~dast/libcurl/.
- - Stefan Kanthak contacted me regarding a few problems in the configure
- script which he discovered when trying to make curl compile and build under
- Siemens SINIX-Z V5.42B2004!
- - Marcus Klein very accurately informed me that src/version.h was not present
- in the CVS repository. Oh, how silly...
- - Linus Nielsen rewrote the telnet:// part and now curl offers limited telnet
- support. If you run curl like 'curl telnet://host' you'll get all output on
- the screen and curl will read input from stdin. You'll be able to login and
- run commands etc, but since the output is buffered, expect to get a little
- weird output.
- This is still in its infancy and it might get changed. We need your
- feed-back and input in how this is best done.
- WIN32 NOTE: I bet we'll get problems when trying to compile the current
- lib/telnet.c on win32, but I think we can sort them out in time.
- - David Sanderson reported that FORCE_ALLOCA_H or HAVE_ALLOCA_H must be
- defined for getdate.c to compile properly on HP-UX 11.0. I updated the
- configure script to check for alloca.h which should make it.
- Daniel (4 August 1999)
- - I finally got to understand Marcus Klein's ftp download resume problem,
- which turns out to be due to different outputs from different ftp
- servers. It makes ftp download resuming a little trickier, but I've made
- some modifications I really believe will work for most ftp servers and I do
- hope you report if you have problems with this!
- - Added text about file transfer resuming to README.curl.
- Daniel (2 August 1999)
- - Applied a progress-bar patch from Lars J. Aas. It offers
- a new styled progress bar enabled with -#/--progress-bar.
- T. Yamada <tai at imasy.or.jp> (30 July 1999)
- - It breaks with segfault when 1) curl is using .netrc to obtain
- username/password (option '-n'), and 2) is automatically redirected to
- another location (option '-L').
- There is a small bug in lib/url.c (block starting from line 641), which
- tries to take out username/password from user- supplied command-line
- argument ('-u' option). This block is never executed on first attempt since
- CONF_USERPWD bit isn't set at first, but curl later turns it on when it
- checks for CONF_NETRC bit. So when curl tries to redo everything due to
- redirection, it segfaults trying to access *data->userpwd.
- Version 5.9.1
- Daniel (30 July 1999)
- - Steve Walch pointed out that there is a memory leak in the formdata
- functions. I added a FormFree() function that is now used and supposed to
- correct this flaw.
- - Mark Wotton reported:
- 'curl -L https://www.cwa.com.au/' core dumps. I managed to cure this by
- correcting the cleanup procedure. The bug seems to be gone with my OpenSSL
- 0.9.2b, although still occurs when I run the ~100 years old SSLeay 0.8.0. I
- don't know whether it is curl or SSLeay that is to blame for that.
- - Marcus Klein:
- Reported an FTP upload resume bug that I really can't repeat nor understand.
- I leave it here so that it won't be forgotten.
- Daniel (29 July 1999)
- - Costya Shulyupin suggested support for longer URLs when following Location:
- and I could only agree and fix it!
- - Leigh Purdie found a problem in the upload/POST department. It turned out
- that http.c accidentaly cleared the pointer instead of the byte counter
- when supposed to.
- - Costya Shulyupin pointed out a problem with port numbers and Location:. If
- you had a server at a non-standard port that redirected to an URL using a
- standard port number, curl still used that first port number.
- - Ralph Beckmann pointed out a problem when using both CONF_FOLLOWLOCATION
- and CONF_FAILONERROR simultaneously. Since the CONF_FAILONERROR exits on
- the 302-code that the follow location header outputs it will never show any
- html on location: pages. I have now made it look for >=400 codes if
- CONF_FOLLOWLOCATION is set.
- - 'struct slist' is now renamed to 'struct curl_slist' (as suggested by Ralph
- Beckmann).
- - Joshua Swink and Rick Welykochy were the first to point out to me that the
- latest OpenSSL package now have moved the standard include path. It is now
- in /usr/local/ssl/include/openssl and I have now modified the --enable-ssl
- option for the configure script to use that as the primary path, and I
- leave the former path too to work with older packages of OpenSSL too.
- Daniel (9 June 1999)
- - I finally understood the IRIX problem and now it seem to compile on it!
- I am gonna remove those #define strcasecmp() things once and for all now.
- Daniel (4 June 1999)
- - I adjusted the FTP reply 227 parser to make the PASV command work better
- with more ftp servers. Appearantly the Roxen Challanger server replied
- something curl 5.9 could deal with! :-( Reported by Ashley Reid-Montanaro
- and Mark Butler brought a solution for it.
- Daniel (26 May 1999)
- - Rearranged. README is new, the old one is now README.curl and I added a
- README.libcurl with text I got from Ralph Beckmann.
- - I also updated the INSTALL text.
- Daniel (25 May 1999)
- - David Jonathan Lowsky correctly pointed out that curl didn't properly deal
- with form posting where the variable shouldn't have any content, as in curl
- -F "form=" www.site.com. It was now fixed.
- Version 5.9 (May 22 1999)
- Daniel (22 May 1999)
- - I've got a bug report from Aaron Scarisbrick in which he states he has some
- problems with -L under FreeBSD 3.0. I have previously got another bug
- report from Stefan Grether which points at an error with similar sympthoms
- when using win32. I made the allocation of the new url string a bit faster
- and different, don't know if it actually improves anything though...
- Daniel (20 May 1999)
- - Made the cookie parser deal with CRLF newlines too.
- Daniel (19 May 1999)
- - Download() didn't properly deal with failing return codes from the sread()
- function. Adam Coyne found the problem in the win32 version, and Troy Engel
- helped me out isolating it.
- Daniel (16 May 1999)
- - Richard Adams pointed out a bug I introduced in 5.8. --dump-header doesn't
- work anymore! :-/ I fixed it now.
- - After a suggestion by Joshua Swink I added -S / --show-error to force curl
- to display the error message in case of an error, even if -s/--silent was
- used.
- Daniel (10 May 1999)
- - I moved the stuff concerning HTTP, DICT and TELNET it their own source
- files now. It is a beginning on my clean-up of the sources to make them
- layer all those protocols better to enable more to be added easier in the
- future!
- - Leon Breedt sent me some files I've not put into the main curl
- archive. They're for creating the Debian package thingie. He also sent me a
- debian package that I've made available for download at the web page
- Daniel (9 May 1999)
- - Made it compile on cygwin too.
- Troy Engel (7 May 1999)
- - Brought a series of patches to allow curl to compile smoothly on MSVC++ 6
- again!
- Daniel (6 May 1999)
- - I changed the #ifdef HAVE_STRFTIME placement for the -z code so that it
- will be easier to discover systems that don't have that function and thus
- can't use -z successfully. Made the strftime() get used if WIN32 is defined
- too.
- Version 5.8
- Daniel (5 May 1999)
- - I've had it with this autoconf/automake mess. It seems to work allright
- for most people who don't have automake installed, but for those who have
- there are problems all over.
- I've got like five different bug reports on this only the last
- week... Claudio Neves and Federico Bianchi and root <duggerj001 at
- hawaii.rr.com> are some of them reporting this.
- Currently, I have no really good fix since I want to use automake myself to
- generate the Makefile.in files. I've found out that the @SHELL@-problems
- can often be fixed by manually invoking 'automake' in the archive root
- before you run ./configure... I've hacked my maketgz script now to fiddle
- a bit with this and my tests seem to work better than before at least!
- Daniel (4 May 1999)
- - mkhelp.pl has been doing badly lately. I corrected a case problem in
- the regexes.
- - I've now remade the -o option to not touch the file unless it needs to.
- I had to do this to make -z option really fine, since now you can make a
- curl fetch and use a local copy's time when downloading to that file, as
- in:
- curl -z dump -o dump remote.site.com/file.html
- This will only get the file if the remote one is newer than the local.
- I'm aware that this alters previous behaviour a little. Some scripts out
- there may depend on that the file is always touched...
- - Corrected a bug in the SSLv2/v3 selection.
- - Felix von Leitner requested that curl should be able to send
- "If-Modified-Since" headers, which indeed is a fair idea. I implemented it
- right away! Try -z <expression> where expression is a full GNU date
- expression or a file name to get the date from!
- Stephan Lagerholm (30 Apr 1999)
- - Pointed out a problem with the src/Makefile for FreeBSD. The RM variable
- isn't set and causes the make to fail.
- Daniel (26 April 1999)
- - Am I silly or what? Irving Wolfe pointed out to me that the curl version
- number was not set properly. Hasn't been since 5.6. This was due to a bug
- in my maketgz script!
- David Eriksson (25 Apr 1999)
- - Found a bug in cookies.c that made it crash at times.
- Version 5.7.1
- Doug Kaufman (23 Apr 1999)
- - Brought two sunos 4 fixes. One of them being the hostip.c fix mentioned
- below and the other one a correction in include/stdcheaders.h
- - Added a paragraph about compiling with the US-version of openssl to the
- INSTALL file.
- Daniel
- - New mailing list address. Info updated on the web page as well as in the
- README file
- Greg Onufer (20 Apr 1999)
- - hostip.c didn't compile properly on SunOS 5.5.1.
- It needs an #include <sys/types.h>
- Version 5.7
- Daniel (Apr 20 1999)
- - Decided to upload a non-beta version right now!
- - Made curl support any-length HTTP headers. The destination buffer is now
- simply enlarged every time it turns out to be too small!
- - Added the FAQ file to the archive. Still a bit smallish, but it is a
- start.
- Eric Thelin (15 Apr 1999)
- - Made -D accept '-' instead of filename to write to stdout.
- Version 5.6.3beta
- Daniel (Apr 12 1999)
- - Changed two #ifdef WIN32 to better #ifdef <errorcode> when connect()ing
- in url.c and ftp.c. Makes cygwin32 deal with them better too. We should
- try to get some decent win32-replacement there. Anyone?
- - The old -3/--crlf option is now ONLY --crlf!
- - I changed the "SSL fix" to a more lame one, but that doesn't remove as
- much functionality. Now I've enabled the lib to select what SSL version it
- should try first. Appearantly some older SSL-servers don't like when you
- talk v3 with them so you need to be able to force curl to talk v2 from the
- start. The fix dated April 6 and posted on the mailing list forced curl to
- use v2 at all times using a modern OpenSSL version, but we don't really
- want such a crippled solution.
-
- - Marc Boucher sent me a patch that corrected a math error for the
- "Curr.Speed" progress meter.
- - Eric Thelin sent me a patch that enables '-K -' to read a config file from
- stdin.
- - I found out we didn't close the file properly before so I added it!
- Daniel (Apr 9 1999)
- - Yu Xin pointed out a problem with ftp download resume. It didn't work at
- all! ;-O
- Daniel (Apr 6 1999)
- - Corrected the version string part generated for the SSL version.
- - I found a way to make some other SSL page work with openssl 0.9.1+ that
- previously didn't (ssleay 0.8.0 works with it though!). Trying to get
- some real info from the OpenSSL guys to see how I should do to behave the
- best way. SSLeay 0.8.0 shouldn't be that much in use anyway these days!
- Version 5.6.2beta
- Daniel (Apr 4 1999)
- - Finally have curl more cookie "aware". Now read carefully. This is how
- it works.
- To make curl read cookies from an already existing file, in plain header-
- format (like from the headers of a previous fetch) invoke curl with the
- -b flag like:
- curl -b file http://site/foo.html
- Curl will then use all cookies it finds matching. The old style that sets
- a single cookie with -b is still supported and is used if the string
- following -b includes a '=' letter, as in "-b name=daniel".
- To make curl read the cookies sent in combination with a location: (which
- sites often do) point curl to read a non-existing file at first (i.e
- to start with no existing cookies), like:
- curl -b nowhere http://site/setcookieandrelocate.html
- - Added a paragraph in the TODO file about the SSL problems recently
- reported. Evidently, some kind of SSL-problem curl may need to address.
- - Better "Location:" following.
- Douglas E. Wegscheid (Tue, 30 Mar 1999)
- - A subsecond display patch.
- Daniel (Mar 14 1999)
- - I've separated the version number of libcurl and curl now. To make
- things a little easier, I decided to start the curl numbering from
- 5.6 and the former version number known as "curl" is now the one
- set for libcurl.
- - Removed the 'enable-no-pass' from configure, I doubt anyone wanted
- that.
- - Made lots of tiny adjustments to compile smoothly with cygwin under
- win32. It's a killer for porting this to win32, bye bye VC++! ;-)
- Compiles and builds out-of-the-box now. See the new wordings in
- INSTALL for details.
- - Beginning experiments with downloading multiple document from a http
- server while remaining connected.
- Version 5.6beta
- Daniel (Mar 13 1999)
- - Since I've changed so much, I thought I'd just go ahead and implement the
- suggestion from Douglas E. Wegscheid. -D or --dump-header is now storing
- HTTP headers separately in the specified file.
- - Added new text to INSTALL on what to do to build this on win32 now.
- - Aaargh. I had to take a step back and prefix the shared #include files
- in the sources with "../include/" to please VC++...
- Daniel (Mar 12 1999)
- - Split the url.c source into many tiny sources for better readability
- and smaller size.
- Daniel (Mar 11 1999)
- - Started to change stuff for a move to make libcurl and a more separate
- curl application that uses the libcurl. Made the libcurl sources into
- the new lib directory while the curl application will remain in src as
- before. New makefiles, adjusted configure script and so.
- libcurl.a built quickly and easily. I better make a better interface to
- the lib functions though.
- The new root dir include/ is supposed to contain the public information
- about the new libcurl. It is a little ugly so far :-)
- Daniel (Mar 1 1999)
- - Todd Kaufmann sent me a good link to Netscape's cookie spec as well as the
- info that RFC 2109 specifies how to use them. The link is now in the
- README and the RFC in the RESOURCES.
- Daniel (Feb 23 1999)
- - Finally made configure accept --with-ssl to look for SSL libs and includes
- in the "standard" place /usr/local/ssl...
- Daniel (Feb 22 1999)
- - Verified that curl linked fine with OpenSSL 0.9.1c which seems to be
- the most recent.
- Henri Gomez (Fri Feb 5 1999)
- - Sent in an updated curl-ssl.spec. I still miss the script that builds an
- RPM automatically...
- Version 5.5.1
- Mark Butler (27 Jan 1999)
- - Corrected problems in Download().
- Danitel Stenberg (25 Jan 1999)
- - Jeremie Petit pointed out a few flaws in the source that prevented it from
- compile warning free with the native compiler under Digital Unix v4.0d.
- Version 5.5
- Daniel Stenberg (15 Jan 1999)
- - Added Bjorns small text to the README about the DICT protocol.
- Daniel Stenberg (11 Jan 1999)
- - <jswink at softcom.net> reported about the win32-versioin: "Doesn't use
- ALL_PROXY environment variable". Turned out to be because of the static-
- buffer nature of the win32 environment variable calls!
- Bjorn Reese (10 Jan 1999)
- - I have attached a simple addition for the DICT protocol (RFC 2229).
- It performs dictionary lookups. The output still needs to be better
- formatted.
- To test it try (the exact format, and more examples are described in
- the RFC)
- dict://dict.org/m:hello
- dict://dict.org/m:hello::soundex
- Vicente Garcia (10 Jan 1999)
- - Corrected the progress meter for files larger than 20MB.
- Daniel Stenberg (7 Jan 1999)
- - Corrected the -t and -T help texts. They claimed to be FTP only.
- Version 5.4
- Daniel Stenberg
- (7 Jan 1999)
- - Irving Wolfe reported that curl -s didn't always supress the progress
- reporting. It was the form post that autoamtically always switched it on
- again. This is now corrected!
- (4 Jan 1999)
- - Andreas Kostyrka suggested I'd add PUT and he helped me out to test it. If
- you use -t or -T now on a http or https server, PUT will be used for file
- upload.
- I removed the former use of -T with HTTP. I doubt anyone ever really used
- that.
- (4 Jan 1999)
- - Erik Jacobsen found a width bug in the mprintf() function. I corrected it
- now.
- (4 Jan 1999)
- - As John V. Chow pointed out to me, curl accepted very limited URL sizes. It
- should now accept path parts that are up to at least 4096 bytes.
- - Somehow I screwed up when applying the AIX fix from Gilbert Ramirez, so
- I redid that now.
- Version 5.3a (win32 only)
- Troy Engel
- - Corrected a win32 bug in the environment variable part.
- Version 5.3
- Gilbert Ramirez Jr. (21 Dec 1998)
- - I have implemented the "quote" function of FTP clients. It allows you to
- send arbitrary commands to the remote FTP server. I chose the -Q/--quote
- command-line arguments.
- You can have more than one quoted string, and curl will apply them in
- order. This is what I use for my MVS upload:
- curl -B --crlf -Q "site lrecl=80" -Q "site blk=8000" -T file ftp://os390/test
- Curl will send the two quoted "site" commands in the proper order.
- - Made it compile smoothly on AIX.
- Gilbert Ramirez Jr. (18 Dec 1998)
- - Brought an MVS patch: -3/--mvs, for ftp upload to the MVS ftp server.
- Troy Engel (17 Dec 1998)
- - Brought a correction that fixes the win32 curl bug.
- Daniel Stenberg
- - A bug, pointed out to me by Dr H. T. Leung, caused curl to crash on the -A
- flag on certain systems. Actually, all systems should've!
- - Added a few defines to make directories/file names get build nicer (with _
- instead of . and \ instead of / in win32).
- - steve <fisk at polar.bowdoin.edu> reported a weird bug that occured if the
- ftp server response line had a parenthesis on the line before the (size)
- info. I hope it works better now!
- Version 5.2.1
- Steven G. Johnson (Dec 14, 1998)
- - Brought a fix that corrected a crash in 5.2 due to bad treatment of the
- environment variables.
- Version 5.2
- Daniel Stenberg (Dec 14, 1998)
- - Rewrote the mkhelp script and now, the mkhelp.pl script generates the
- hugehelp.c file from the README *and* the man page file curl.1. By using
- both files, I no longer need to have double information in both the man
- page and the README as well. So, win32-users will only have the hugehelp.c
- file for all info, but then, they download the plain binary most times
- anyway.
- - gcc2.8.1 with the -Wall flag complaints a lot on subscript has type `char'
- if I don't explicitly typecast the argument to isdigit() or isspace() to
- int. So I did to compile warning free with that too.
- - Added checks for 'long double' and 'long long' in the configure script. I
- need those for the mprintf.c source to compile well on non long long
- comforming systems!
- Version 5.1 (not publicly released)
- Daniel Stenberg (Dec 10, 1998)
- - I got a request for a pre-compiled NT Alpha version. Anyone?
- - Added Lynx/CERN www lib proxy environment variable support. That means curl
- now reads and understands the following environment variables:
- HTTP_PROXY, HTTPS_PROXY, FTP_PROXY, GOPHER_PROXY
- They should be set for protocol-specific proxies. General proxy should be
- set with
-
- ALL_PROXY
- And a comma-separated list of host names that shouldn't go through any
- proxy is set in (only an asterisk, '*' matches all hosts).
- NO_PROXY
- The usage of the -x/--proxy flag overrides the environment variables.
- - Proxy can now be specified with a procotol:// prefix.
- - Wrote the curl.1 man page.
- - Introduced a whole new dynamic buffer system for all sprintf()s. It is
- based on the *printf() package by yours truly and Bjorn Reese. Hopefully,
- there aren't that many buffer overflow risks left now.
- - Ah, I should mention I've compiled and built curl successfully under
- solaris 2.6 with gcc now, gcc 2.7.2 won't work but 2.8.1 did ok.
- Oren Tirosh (Dec 3, 1998)
- - Brought two .spec files, to use when creating (Linux) Redhat style RPM
- packages. They're named curl.spec and curl-ssl.spec.
- Troy Engel
- - Supplied the src/Makefile.vc6 for easy compiling with VC++ under Win32.
- Version 5.0
- Daniel Stenberg (Dec 1, 1998)
- - Not a single bug report in ages.
- - Corrected getpass.c and main.c to compile warning and error free with the
- Win32 VC++ crap.
- Version 5.0 beta 24
- Daniel Stenberg (Nov 20, 1998)
- HOW TO BUILD A RELEASE ARCHIVE:
- * Pre-requisite software:
- What To build what Reads data from
- ==== ============= ===============
- GNU automake Makefile.in, aclocal.m4 configure.in
- GNU make(1) - " -
- GNU gcc(1) - " -
- GNU autoconf configure configure.in
- GNU autoheader(2) config.h.in configure.in, acconfig.h
- * Make sure all files that should be part of the archive are put in FILES.
- * Run './maketgz' and enter version number of the new to become archive.
- maketgz does:
- - Enters the newly created version number in url.h.
- - (If you don't have automake, this script will warn about that, but unless
- you have changed the Makefile.am files, that is nothing to care about.)
- If you have it, it'll run it.
- - If you have autoconf, the configure.in will be edited to get the newly
- created version number and autoconf will be run.
- - Creates a new directory named curl-<version>. (Actually, it uses the base
- name of the current directory up to the first '-'.)
- - Copies all files mentioned in FILES to the new directory. Saving
- permissions and directory structure.
- - Uses tar to create an archive of it all, named curl-<version>.tar.gz
- - gzips the archive
- - Removes the new directory and all its contents.
- * When done, you have an archive stored in your directory named
- curl-<version>.tar.gz.
- Done!
- (1) They're required to make automake run properly.
- (2) It is distributed as a part of the GNU autoconf archive.
- Daniel Stenberg (Nov 18, 1998)
- - I changed the TAG-system. If you ever used urlget() from this package in
- another product, you need to recompile with the new headers. I did this
- new stuff to better deal with different compilers and system with different
- variable sizes. I think it makes it a little more portable. This proves
- to compile warning free with the problematic IRIX compiler!
- - Win32 compiled with a silly error. Corrected now.
- - Brian Chaplin reported yet another problem in
- multiline FTP responses. I've tried to correct it. I mailed him a new
- version and I hope he gets back soon with positive feedback!
- - Improved the 'maketgz' to create a temporary directory tree which it makes
- an archive from instead of the previous renaming of the current one.
- - Mailing list opened (see README).
- - Made -v more verbose on the PASV section of ftp transfers. Now it tells
- host name and IP of the new host (and port number). I also added a section
- about PORT vs PASV in the README.
- Version 5.0 beta 21
- Angus Mackay (Nov 15, 1998)
- - Introduced automake stuff.
- Daniel Stenberg (Nov 13, 1998)
- - Just made a successful GET of a document from an SSL-server using my own
- private certificate for authentication! The certificate has to be in PEM
- format. You do that the easiest way (although not *that* easy) by
- downloading the SSLyeay PKCS#12-patch by Dr Stephen N. Henson from his site
- at: http://www.drh-consultancy.demon.co.uk/. Using his tool, you can
- convert any modern Netscape or (even) MSIE certificate to PEM-format. Use
- it with 'curl -E <certificate:password> https://site.com'. If this isn't a
- cool feature, then I don't know what cool features look like! ;-)
- - Working slowly on telnet connections. #define TRY_TELNET to try it out.
- (curl -u user:passwd "telnet://host.com/cat .login" is one example) I do
- have problem to define how it should work. The prime purpose for this must
- be to get (8bit clean) files via telnet, and it really isn't that easy to
- get files this way. Still having problems with \n being converted to \r\n.
- Angus Mackay (Nov 12, 1998)
- - Corrected another bug in the long parameter name parser.
- - Modified getpass.c (NOTE: see the special licensing in the top of that
- source file).
- Daniel Stenberg (Nov 12, 1998)
- - We may have removed the silly warnings from url.c when compiled under IRIX.
- Thanks again to Bjorn Reese and Martin Staael.
- - Wrote formfind.pl which is a new perl script intended to help you find out
- how a FORM submission should be done. This needs a little more work to get
- really good.
- Daniel Stenberg (Nov 11, 1998)
- - Made the HTTP header-checker accept white spaces before the HTTP/1.? line.
- Appearantly some proxies/sites add such at times (my test proxy did when I
- downloaded a gopher page with it)!
- - Moved the former -h to -M and made -h show the short help text instead. I
- had to enable a forced help text option. Now an even shorter help text will
- be presented when an unknown option and similar, is used.
- - stdcheaders.h didn't work with IRIX 6.4 native cc compiler. I hope my
- changes don't make other versions go nuts instead.
- Daniel Stenberg (Nov 10, 1998)
- - Added a weird check in the configure script to check for the silly AIX
- warnings about my #define strcasecmp() stuff. I do that define to prevent
- me and other contributors to accidentaly use that function name instead
- of strequal()...
- - I bugfixed Angus's getpass.c very little.
- - Fixed the verbose flag names to getopt-style, i.e 'curl --loc' will be
- sufficient instead of --location as "loc" is a unique prefix. Also, anything
- after a '--' is treated as an URL. So if you do have a host with a weeeird
- name you can do 'curl -- -host.com'.
- - Another getopt-adjust; curl now accepts flags after the URL on the command
- line. 'curl www.foo.com -O' is perfectly valid.
- - Corrected the .curlrc parser so that strtok() is no longer used and I
- believe it works better. Even URLs can be specified in it now.
- Angus Mackay (Nov 9, 1998)
- - Replaced getpass.c with a newly written one, not under GPL license
- - Changed OS to a #define in config.h instead of compiler flag
- - Makefile now uses -DHAVE_CONFIG_H
- Daniel Stenberg (Nov 9, 1998)
- - Ok, I expanded the tgz-target to update the version string on each occation
- I build a release archive!
- - I reacted on Angus Mackay's initiative and remade the parameter parser to
- be more getopt compliant. Curl now supports "merged" flags as in
- curl -lsv ftp.site.com
- Do note that I had to move three short-names of the options. Parameters
- that needs an additional string such as -x must be stand-alone or the
- last in a merged sequence:
- curl -lsx my-proxy ftp.site.com
- is ok, but using the flags in a different order like '-lxs' would cause
- unexpected results (as the 's' option would be skipped).
- - I've changed the headers in all files that are subject to the MozPL
- license, as they are supposed to look like when conforming.
- - Made the configure script make the config.h. The former config.h is now
- setup.h.
- - The RESOURCES and TODO files have been added to the archive.
- Angus Mackay (Nov 5, 1998)
- - Fixed getpass.c and various configure stuff
- Daniel Stenberg (Nov 3, 1998)
- - Use -H/--header for custom HTTP-headers. Lets you pass on your own
- specified headers to the remote server. I wouldn't recommend trying to use
- a header with a defined usage according to standards. Use this flag once
- for every custom header you want to add.
- - Use -B/--ftp-ascii to force ftp to use ASCII mode when transfering files.
- - Corrected the 'getlinks.pl' script, I accidentally left my silly proxy
- usage in there! Since the introduction of the .curlrc file, it is easier to
- write scripts that use curl since proxies and stuff should be in the
- .curlrc file anyway.
- - Introducing the new -F flag for HTTP POST. It supports multipart/form-data
- which means it is gonna be possible to upload files etc through HTTP POST.
- Shiraz Kanga asked for the feature and my brother,
- Björn Stenberg helped me design the user
- interface for this beast. This feature requires quite some docs,
- since it has turned out not only quite capable, but also complicated! :-)
- - A note here, since I've received mail about it. SSLeay versions prior to
- 0.8 will *not* work with curl!
- - Wil Langford reported a bug that occurred since curl
- did not properly use CRLF when issuing ftp commands. I fixed it.
- - Rearranged the order config files are read. .curlrc is now *always* read
- first and before the command line flags. -K config files then act as
- additional config items.
- - Use -q AS THE FIRST OPTION specified to prevent .curlrc from being read.
- - You can now disable a proxy by using -x "". Useful if the .curlrc file
- specifies a proxy and you wanna fetch something without going through
- that.
- - I'm thinking of dropping the -p support. Its really not useful since ports
- could (and should?) be specified as :<port> appended on the host name
- instead, both in URLs and to proxy host names.
- - Martin Staael reports curl -L bugs under Windows NT
- (test with URL http://come.to/scsde). This bug is not present in this
- version anymore.
- - Added support for the weird FTP URL type= thing. You can download a file
- using ASCII transfer by appending ";type=A" to the right of it. Other
- available types are type=D for dir-list (NLST) and type=I for binary
- transfer. I can't say I've ever seen anyone use this kind of URL though!
- :-)
- - Troy Engel pointed out a bug in my getenv("HOME")
- usage for win32 systems. I introduce getenv.c to better cope with
- this. Mr Engel helps me with the details around that...
- - A little note to myself and others, I should make the win32-binary built
- with SSL support...
- - Ryan Nelson sent me comments about building curl
- with SSL under FreeBSD. See the Makefile for details. Using the configure
- script, it should work better and automatically now...
- - Cleaned up in the port number mess in the source. No longer stores and uses
- proxy port number separate from normal port number.
- - 'configure' script working. Confirmed compiles on:
- Host SSL Compiler
- SunOS 5.5 no gcc
- SunOS 5.5.1 yes gcc
- SunOS 5.6 no cc (with gcc, it has the "gcc include files" problem)
- SunOS 4.1.3 no gcc (without ANSI C headers)
- SunOS 4.1.2 no gcc (native compiler failed)
- Linux 2.0.18 no gcc
- Linux 2.0.32 yes gcc
- Linux 2.0.35 no gcc (with glibc)
- IRIX 6.2 no gcc (cc compiles generate a few warnings)
- IRIX 6.4 no cc (generated warnings though)
- Win32 no Borland
- OSF4.0 no ?
- - Ooops. The 5beta (and 4.10) under win32 failed if the HOME variable wasn't
- set.
- - When using a proxy, curl now guesses and uses the protocol part in cases
- like:
- curl -x proxy:80 www.site.com
- Proxies normally go nuts unless http:// is prepended to the host name, so
- if curl is used like this, it guesses protocol and appends the protocol
- string before passing it to the proxy. It already did this when used
- without proxy.
- - Better port usage with SSL through proxy now. If you specified a different
- https-port when accessing through a proxy, it didn't use that number
- correctly. I also rewrote the code that parses the stuff read from the
- proxy when you wanna connect through it with SSL.
- - Bjorn Reese helped me work around one of the compiler
- warnings on IRIX native cc compiles.
- Version 4.10 (Oct 26, 1998)
- Daniel Stenberg
- - John A. Bristor suggested a config file switch,
- and since I've been having that idea kind of in the background for a long
- time I rewrote the parameter parsing function a little and now I introduce
- the -K/--config flag. I also made curl *always* (unless -K is used) try to
- load the .curlrc file for command line parameters. The syntax for the
- config file is the standard command line argument style. Details in 'curl
- -h' or the README.
- - I removed the -k option. Keep-alive isn't really anything anyone would
- want to enable with curl anyway.
- - Martin Staael helped me add the 'irix' target. Now
- "make irix" should build curl successfully on non-gcc SGI machines.
- - Single switches now toggle behaviours. I.e if you use -v -v the second
- will switch off the verbose mode the first one enabled. This is so that
- you can disable a default setting a .curlrc file enables etc.
- Version 4.9 (Oct 7, 1998)
- Daniel Stenberg
- - Martin Staael suggested curl would support cookies.
- I added -b/--cookie to enable free-text cookie data to be passed. There's
- also a little blurb about general cookie stuff in the README/help text.
- - dmh <dmh at jet.es> suggested HTTP resume capabilities. Although you could
- manually get curl to resume HTTP documents, I made the -c resume flag work
- for HTTP too (unless -r is used too, which would be very odd anyway).
- - Added checklinks.pl to the archive. It is a still experimental perl script
- that checks all links of a web page by using curl.
- - Rearranged the archive hierarchy a little. Build the executable in the
- src/ dir from now on!
- - Version 4.9 and hereafter, is no longer released under the GPL license.
- I have now updated the LEGAL file etc and now this is released using the
- Mozilla Public License to avoid the plague known as "the GPL virus". You
- must make the source available if you decide to change and/or redistribute
- curl, but if you decide to use curl within something else you do not need
- to offer the world the source to that too.
- - Curl did not like HTTP servers that sent no headers at all on a GET
- request. It is a violation of RFC2068 but appearantly some servers do
- that anyway. Thanks to Gordon Beaton for the report!
- - -L/--location was added after a suggestion from Martin Staael. This makes
- curl ATTEMPT to follow the Location: redirect if one is present in the HTTP
- headers. If -i or -I is used with this flag, you will see headers from all
- sites the Location: points to. Do note that the first server can point to a
- second that points to a third etc. It seems the Location: parameter (said
- to be an AbsoluteURI in RFC2068) isn't always absolute.. :-/ Anyway, I've
- made curl ATTEMPT to do the best it can to deal with the reality.
- - Added getlinks.pl to the archive. getlinks.pl selectively downloads
- files that a web page links to.
- Version 4.8.4
- Daniel Stenberg
- - As Julian Romero Nieto reported, curl reported wrong version number.
- - As Teemu Yli-Elsila pointed out, the win32 version of 4.8 (and probably all
- other versions for win32) didn't work with binary files since I'm too used
- to the UNIX style fopen() where binary and text don't differ...
- - Ralph Beckmann brought me some changes that lets curl compile error and
- warning free with -Wall -pedantic with g++. I also took the opportunity to
- clean off some unused variables and similar.
- - Ralph Beckmann made me aware of a really odd bug now corrected. When curl
- read a set of headers from a HTTP server, divided into more than one read
- and the first read showed a full line *exactly* (i.e ending with a
- newline), curl did not behave well.
- Version 4.8.3
- Daniel Stenberg
- - I was too quick to release 4.8.2 with too little testing. One of the
- changes is now reverted slightly to the 4.8.1 way since 4.8.2 couldn't
- upload files. I still think both problems corrected in 4.8.2 remain
- corrected. Reported by Julian Romero Nieto.
- Version 4.8.2
- Daniel Stenberg
- - Bernhard Iselborn reported two FTP protocol errors curl did. They're now
- corrected. Both appeared when getting files from a MS FTP server! :-)
- Version 4.8.1
- Daniel Stenberg
- - Added a last update of the progress meter when the transfer is done. The
- final output on the screen didn't have to be the final size transfered
- which made it sometimes look odd.
- - Thanks to David Long I got rid of a silly bug that happened if a HTTP-page
- had nothing but header. Appearantly Solaris deals with negative sizes in
- fwrite() calls a lot better than Linux does... =B-]
- Version 4.8 (Aug 31, 1998)
- Daniel Stenberg
- - Continue FTP file transfer. -c is the switch. Note that you need to
- specify a file name if you wanna resume a download (you can't resume a
- download sent to stdout). Resuming upload may be limited by the server
- since curl is then using the non-RFC959 command SIZE to get the size of
- the target file before upload begins (to figure out which offset to
- use). Use -C to specify the offset yourself! -C is handy if you're doing
- the output to something else but a plain file or when you just want to get
- the end of a file.
- - recursiveftpget.pl now features a maximum recursive level argument.
- Version 4.7
- Daniel Stenberg
- - Added support to abort a download if the speed is below a certain amount
- (speed-limit) bytes per second for a certain (speed-time) time.
- - Wrote a perl script 'recursiveftpget.pl' to recursively use curl to get a
- whole ftp directory tree. It is meant as an example of how curl can be
- used. I agree it isn't the wisest thing to do to make a separate new
- connection for each file and directory for this.
- Version 4.6
- Daniel Stenberg
- - Added a first attempt to optionally parse the .netrc file for login user
- and password. If used with http, it enables user authentication. -n is
- the new switch.
- - Removed the extra newlines on the default user-agent string.
- - Corrected the missing ftp upload error messages when it failed without the
- verbose flag set. Gary W. Swearingen found it.
- - Now using alarm() to enable second-precision timeout even on the name
- resolving/connecting phase. The timeout is although reset after that first
- sequence. (This should be corrected.) Gary W. Swearingen reported.
- - Now spells "Unknown" properly, as in "Unknown option 'z'"... :-)
- - Added bug report email address in the README.
- - Added a "current speed" field to the progress meter. It shows the average
- speed the last 5 seconds. The other speed field shows the average speed of
- the entire transfer so far.
- Version 4.5.1
- Linas Vepstas
- - SSL through proxy fix
- - Added -A to allow User-Agent: changes
- Daniel Stenberg
- - Made the -A work when SSL-through-proxy.
- Version 4.5
- Linas Vepstas
- - More SSL corrections
- - I've added a port to AIX.
- - running SSL through a proxy causes a chunk of code to be executred twice.
- one of those blocks needs to be deleted.
- Daniel Stenberg
- - Made -i and -I work again
- Version 4.4
- Linas Vepstas
- - -x can now also specify proxyport when used as in 'proxyhost:proxyport'
- - SSL fixes
- Version 4.3
- Daniel Stenberg
- - Adjusted to compile under win32 (VisualC++ 5). The -P switch does not
- support network interface names in win32. I couldn't figure out how!
- Version 4.2
- Linas Vepstas / Sampo Kellomaki
- - Added SSL / SSLeay support (https://)
- - Added the -T usage for HTTP POST.
- Daniel Stenberg
- - Bugfixed the SSL implementation.
- - Made -P a lot better to use other IP addresses. It now accepts a following
- parameter that can be either
- interface - i.e "eth0" to specify which interface's IP address you
- want to use
- IP address - i.e "192.168.10.1" to specify exact IP number
- host name - i.e "my.host.domain" to specify machine
- "-" - (any single-letter string) to make it pick the machine's
- default
- - The Makefile is now ready to compile for solaris, sunos4 and linux right
- out of the box.
- - Better generated version string seen with 'curl -V'
- Version 4.1
- Daniel Stenberg
- - The IP number returned by the ftp server as a reply to PASV does no longer
- have to DNS resolve. In fact, no IP-number-only addresses have to anymore.
- - Binds better to available port when -P is used.
- - Now LISTs ./ instead of / when used as in ftp://ftp.funet.fi/. The reason
- for this is that exactly that site, ftp.funet.fi, does not allow LIST /
- while LIST ./ is fine. Any objections?
- Version 4 (1998-03-20)
- Daniel Stenberg
- - I took another huge step and changed both version number and project name!
- The reason for the new name is that there are just one too many programs
- named urlget already and this program already can a lot more than merely
- getting URLs, and the reason for the version number is that I did add the
- pretty big change in -P and since I changed name I wanted to start with
- something fresh!
- - The --style flags are working better now.
- - Listing directories with FTP often reported that the file transfer was
- incomplete. Wrong assumptions were too common for directories, why no
- size will be attempted to get compared on them from now on.
- - Implemented the -P flag that let's the ftp control issue a PORT command
- instead of the standard PASV.
- - -a for appending FTP uploads works.
- ***************************************************************************
- Version 3.12 (14 March 1998)
- Daniel Stenberg
- - End-of-header tracking still lacked support for \r\n or just \n at the
- end of the last header line.
- Sergio Barresi
- - Added PROXY authentication.
- Rafael Sagula
- - Fixed some little bugs.
- Version 3.11
- Daniel Stenberg
- - The header parsing was still not correct since the 3.2 modification...
- Version 3.10
- Daniel Stenberg
- - 3.7 and 3.9 were simultaneously developed and merged into this version.
- - FTP upload did not work correctly since 3.2.
- Version 3.9
- Rafael Sagula
- - Added the "-e <url> / --referer <url>" option where we can specify
- the referer page. Obviously, this is necessary only to fool the
- server, but...
- Version 3.7
- Daniel Stenberg
- - Now checks the last error code sent from the ftp server after a file has
- been received or uploaded. Wasn't done previously.
- - When 'urlget <host>' is used without a 'protocol://' first in the host part,
- it now checks for host names starting with ftp or gopher and if it does,
- it uses that protocol by default instead of http.
- Version 3.6
- Daniel Stenberg
- - Silly mistake made the POST bug. This has now also been tested to work with
- proxy.
- Version 3.5
- Daniel Stenberg
- - Highly inspired by Rafael Sagula's changes to the 3.1 that added an almost
- functional POST, I applied his changes into this version and made them work.
- (It seems POST requires the Content-Type and Content-Length headers.) It is
- now usable with the -d switch.
- Version 3.3 - 3.4
- Passed to avoid confusions
- Version 3.2
- Daniel Stenberg
- - Major rewrite of two crucial parts of this code: upload and download.
- They are both now using a select() switch, that allows much better
- progress meter and time control.
- - alarm() usage removed completely
- - FTP get can now list directory contents if the path ends with a slash '/'.
- Urlget on a ftp-path that doesn't end with a slash means urlget will
- attempt getting it as a file name.
- - FTP directory view supports -l for "list-only" which lists the file names
- only.
- - All operations support -m for max time usage in seconds allowed.
- - FTP upload now allows the size of the uploaded file to be provided, and
- thus it can better check it actually uploaded the whole file. It also
- makes the progress meter for uploads much better!
- - Made the parameter parsing fail in cases like 'urlget -r 900' which
- previously tried to connect to the host named '900'.
- Version 3.1
- Kjell Ericson
- - Pointed out how to correct the 3 warnings in win32-compiles.
- Daniel Stenberg
- - Removed all calls to exit().
- - Made the short help text get written to stdout instead of stderr.
- - Made this file instead of keeping these comments in the source.
- - Made two callback hooks, that enable external programs to use urlget()
- easier and to grab the output/offer the input easier.
- - It is evident that Win32-compiles are painful. I watched the output from
- the Borland C++ v5 and it was awful. Just ignore all those warnings.
- Version 3.0
- Daniel Stenberg
- - Added FTP upload capabilities. The name urlget gets a bit silly now
- when we can put too... =)
- - Restructured the source quite a lot.
- Changed the urlget() interface. This way, we will survive changes much
- better. New features can come and old can be removed without us needing
- to change the interface. I've written a small explanation in urlget.h
- that explains it.
- - New flags include -t, -T, -O and -h. The -h text is generated by the new
- mkhelp script.
- Version 2.9
- Remco van Hooff
- - Added a fix to make it compile smoothly on Amiga using the SAS/C
- compiler.
-
- Daniel Stenberg
- - Believe it or not, but the STUPID Novell web server seems to require
- that the Host: keyword is used, so well I use it and I (re-introduce) the
- urlget User-Agent:. I still have to check that this Host: usage works with
- proxies... 'Host:' is required for HTTP/1.1 GET according to RFC2068.
- Version 2.8
- Rafael Sagula
- - some little modifications
- Version 2.7
- Daniel Stenberg
- - Removed the -l option and introduced the -f option instead. Now I'll
- rewrite the former -l kludge in an external script that'll use urlget to
- fetch multipart files like that.
- - '-f' is introduced, it means Fail without output in case of HTTP server
- errors (return code >=300).
- - Added support for -r, ranges. Specify which part of a document you
- want, and only that part is returned. Only with HTTP/1.1-servers.
- - Split up the source in 3 parts. Now all pure URL functions are in
- urlget.c and stuff that deals with the stand-alone program is in main.c.
- - I took a few minutes and wrote an embryo of a README file to explain
- a few things.
- Version 2.6
- Daniel Stenberg
- - Made the -l (loop) thing use the new CONF_FAILONERROR which makes
- urlget() return error code if non-successful. It also won't output anything
- then. Now finally removed the HTTP 1.0 and error 404 dependencies.
- - Added -I which uses the HEAD request to get the header only from a
- http-server.
- Version 2.5
- Rafael Sagula
- - Made the progress meter use HHH:MM:SS instead of only seconds.
- Version 2.4
- Daniel Stenberg
- - Added progress meter. It appears when downloading > BUFFER SIZE and
- mute is not selected. I found out that when downloading large files from
- really really slow sites, it is desirable to know the status of the
- download. Do note that some downloads are done unawaring of the size, which
- makes the progress meter less thrilling ;) If the output is sent to a tty,
- the progress meter is shut off.
- - Increased buffer size used for reading.
- - Added length checks in the user+passwd parsing.
- - Made it grok user+passwd for HTTP fetches. The trick is to base64
- encode the user+passwd and send an extra header line. Read chapter 11.1 in
- RFC2068 for details. I added it to be used just like the ftp one. To get a
- http document from a place that requires user and password, use an URL
- like:
- http://user:passwd@www.site.to.leach/doc.html
- I also added the -u flag, since WHEN USING A PROXY YOU CAN'T SPECIFY THE
- USER AND PASSWORD WITH HTTP LIKE THAT. The -u flag works for ftp too, but
- not if used with proxy. To do the same as the above one, you can invoke:
- urlget -u user:passwd http://www.site.to.leach/doc.html
- Version 2.3
- Rafael Sagula
- - Added "-o" option (output file)
- - Added URG_HTTP_NOT_FOUND return code.
- (Daniel's note:)
- Perhaps we should detect all kinds of errors and instead of writing that
- custom string for the particular 404-error, use the error text we actually
- get from the server. See further details in RFC2068 (HTTP 1.1
- definition). The current way also relies on a HTTP/1.0 reply, which newer
- servers might not do.
- - Looping mode ("-l" option). It's easier to get various split files.
- (Daniel's note:)
- Use it like 'urlget -l 1 http://from.this.site/file%d.html', which will
- make urlget to attempt to fetch all files named file1.html, file2.html etc
- until no more files are found. This is only a modification of the
- STAND_ALONE part, nothing in the urlget() function was modfified for this.
- Daniel Stenberg
- - Changed the -h to be -i instead. -h should be preserved to help use.
- - Bjorn Reese indicated that Borland _might_ use '_WIN32' instead of the
- VC++ WIN32 define and therefore I added a little fix for that.
- Version 2.2
- Johan Andersson
- - The urlget function didn't set the path to url when using proxy.
- - Fixed bug with IMC proxy. Now using (almost) complete GET command.
-
- Daniel Stenberg
- - Made it compile on Solaris. Had to reorganize the includes a bit.
- (so Win32, Linux, SunOS 4 and Solaris 2 compile fine.)
- - Made Johan's keepalive keyword optional with the -k flag (since it
- makes a lot of urlgets take a lot longer time).
- - Made a '-h' switch in case you want the HTTP-header in the output.
- Version 2.1
- Daniel Stenberg and Kjell Ericson
- - Win32-compilable
- - No more global variables
- - Mute option (no output at all to stderr)
- - Full range of return codes from urlget(), which is now written to be a
- function for easy-to-use in [other] programs.
- - Define STAND_ALONE to compile the stand alone urlget program
- - Now compiles with gcc options -ansi -Wall -pedantic ;)
- Version 2.0
- - Introducing ftp GET support. The FTP URL type is recognized and used.
- - Renamed the project to 'urlget'.
- - Supports the user+passwd in the FTP URL (otherwise it tries anonymous
- login with a weird email address as password).
- Version 1.5
- Daniel Stenberg
- - The skip_header() crap messed it up big-time. By simply removing that
- one we can all of a sudden download anything ;)
- - No longer requires a trailing slash on the URLs.
- - If the given URL isn't prefixed with 'http://', HTTP is assumed and
- given a try!
- - 'void main()' is history.
- Version 1.4
- Daniel Stenberg
- - The gopher source used the ppath variable instead of path which could
- lead to disaster.
- Version 1.3
- Daniel Stenberg
- - Well, I added a lame text about the time it took to get the data. I also
- fought against Johan to prevent his -f option (to specify a file name
- that should be written instead of stdout)! =)
- - Made it write 'connection refused' for that particular connect()
- problem.
- - Renumbered the version. Let's not make silly 1.0.X versions, this is
- a plain 1.3 instead.
- Version 1.2
- Johan Andersson
- - Discovered and fixed the problem with getting binary files. puts() is
- now replaced with fwrite(). (Daniel's note: this also fixed the buffer
- overwrite problem I found in the previous version.)
- Rafael Sagula
- - Let "-p" before "-x".
- Daniel Stenberg
- - Bugfixed the proxy usage. It should *NOT* use nor strip the port number
- from the URL but simply pass that information to the proxy. This also
- made the user/password fields possible to use in proxy [ftp-] URLs.
- (like in ftp://user:password@ftp.my.site:8021/README)
- Johan Andersson
- - Implemented HTTP proxy support.
- - Receive byte counter added.
- Bjorn Reese
- - Implemented URLs (and skipped the old syntax).
- - Output is written to stdout, so to achieve the above example, do:
- httpget http://143.54.10.6/info_logo.gif > test.gif
- Version 1.1
- Daniel Stenberg
- - Adjusted it slightly to accept named hosts on the command line. We
- wouldn't wanna use IP numbers for the rest of our lifes, would we?
- Version 1.0
- Rafael Sagula
- - Wrote the initial httpget, which started all this!
|