CHANGES.2003 63 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793794795796797798799800801802803804805806807808809810811812813814815816817818819820821822823824825826827828829830831832833834835836837838839840841842843844845846847848849850851852853854855856857858859860861862863864865866867868869870871872873874875876877878879880881882883884885886887888889890891892893894895896897898899900901902903904905906907908909910911912913914915916917918919920921922923924925926927928929930931932933934935936937938939940941942943944945946947948949950951952953954955956957958959960961962963964965966967968969970971972973974975976977978979980981982983984985986987988989990991992993994995996997998999100010011002100310041005100610071008100910101011101210131014101510161017101810191020102110221023102410251026102710281029103010311032103310341035103610371038103910401041104210431044104510461047104810491050105110521053105410551056105710581059106010611062106310641065106610671068106910701071107210731074107510761077107810791080108110821083108410851086108710881089109010911092109310941095109610971098109911001101110211031104110511061107110811091110111111121113111411151116111711181119112011211122112311241125112611271128112911301131113211331134113511361137113811391140114111421143114411451146114711481149115011511152115311541155115611571158115911601161116211631164116511661167116811691170117111721173117411751176117711781179118011811182118311841185118611871188118911901191119211931194119511961197119811991200120112021203120412051206120712081209121012111212121312141215121612171218121912201221122212231224122512261227122812291230123112321233123412351236123712381239124012411242124312441245124612471248124912501251125212531254125512561257125812591260126112621263126412651266126712681269127012711272127312741275127612771278127912801281128212831284128512861287128812891290129112921293129412951296129712981299130013011302130313041305130613071308130913101311131213131314131513161317131813191320132113221323132413251326132713281329133013311332133313341335133613371338133913401341134213431344134513461347134813491350135113521353135413551356135713581359136013611362136313641365136613671368136913701371137213731374137513761377137813791380138113821383138413851386138713881389139013911392139313941395139613971398139914001401140214031404140514061407140814091410141114121413141414151416141714181419142014211422142314241425142614271428142914301431143214331434143514361437143814391440144114421443144414451446144714481449145014511452145314541455145614571458145914601461146214631464146514661467146814691470147114721473147414751476147714781479148014811482148314841485148614871488148914901491149214931494149514961497149814991500150115021503150415051506150715081509151015111512151315141515151615171518151915201521152215231524152515261527152815291530153115321533153415351536153715381539154015411542154315441545154615471548154915501551155215531554155515561557155815591560156115621563156415651566156715681569157015711572
  1. Daniel (19 December)
  2. - CURLOPT_IPRESOLVE was not possible to set.
  3. - Gisle Vanem updated the djgpp build files.
  4. Daniel (18 December)
  5. - John McGowan reported a redirect-problem that happened if a site used a URL
  6. like "url.com?var=content" (without a proper slash) and from that address
  7. redirected the user-agent to an absolute directory.
  8. - David Byron made libcurl build fine with both the .NET and VC6 versions of
  9. MSVC
  10. Daniel (16 December)
  11. - Updated test 506 since it started to fail after the cache prune change
  12. yesterday. I also changed it slightly to feature a counter in each debug
  13. output for easier tracing.
  14. Daniel (15 December)
  15. - Old DNS cache entries are now only pruned after curl is done with a request,
  16. and not in the actual name resolve call.
  17. - corrected the --enable-ares patch
  18. - Giuseppe Attardi found and fixed a problem within libcurl that re-used
  19. already freed memory.
  20. Daniel (10 December)
  21. - Gisle Vanem reported that the dict support was broken. I broke it during my
  22. ftps-changes overhaul. I've now added a 'curlassert' function that can be
  23. used to verify expressions, to prevent future errors of the same
  24. kind. They're only present in debug-builds.
  25. - Diego Casorran made curl and libcurl possible to build natively (no more
  26. need for the ixemul library) on AmigaOS.
  27. - Dominick Meglio made configure --enable-ares support a given path to the
  28. installed ares lib, instead of always using it in the curl source tree.
  29. This also fixed the curl-config --libs output.
  30. - Eric S. Raymond patched a very minor man page format error in
  31. libcurl-errors.3
  32. Daniel (8 December)
  33. - Fixed the flaw that made -lz appear twice on the link command line.
  34. - After correspondence with Gisle Vanem, I changed the 'connection aborted'
  35. error text when the FTP response reader failed to more specificly identify
  36. what the problem is.
  37. - Based on a patch from Dominick Meglio, curl-config --feature now outputs
  38. 'AsynchDNS' as a feature if libcurl was built with ares. The feature name
  39. is the same that 'curl -V' outputs, for simplicity.
  40. Daniel (3 December)
  41. - Marty Kuhrt made the build up-to-date on VMS, and moved most of the VMS-
  42. specific stuff in the client code to a separate header file.
  43. - Steve Green fixed a return code bug in Curl_resolv(), that made the socks5
  44. code fail.
  45. - swalkaus at yahoo.com patched libcurl to ignore Content-Length: headers
  46. when Transfer-Encoding: chunked is used, as mandated by RFC2616.
  47. Daniel (2 December)
  48. - --ftp-pasv was added, which serves the only purpose of overriding a
  49. previously set --ftpport option. Starting now, --ftp-port is a recognized
  50. alias for --ftpport for consistency.
  51. - Giuseppe Attardi pointed out that we should use MSG_NOSIGNAL when we use
  52. send() and recv(). I added checks for the define in the configure script and
  53. adjusted the code accordingly. If the symbol is present, we won't attempt
  54. to ignore the SIGPIPE signal.
  55. Daniel (1 December)
  56. - Mathias Axelsson set up a bsdftpd-ssl server for me and I could make curl
  57. run fine against its FTPS implementation. Now these FTPS-related things
  58. work:
  59. o explicit and implicit FTPS
  60. o active (PORT) and passive (PASV)
  61. o upload and download
  62. o verified against bsdftpd-ssl and RaidenFTPD
  63. Daniel (27 November)
  64. - James Clancy made the Borland Makefiles up to date.
  65. - Markus Moeller improved the SPNEGO detection in the configure script.
  66. Daniel (25 November)
  67. - Dave May filed bug report #848371, identifying that if you'd do POST over a
  68. proxy to a https server, libcurl didn't POST at all, it just made a GET! It
  69. turned out to be because libcurl wrongly didn't consider the authentication
  70. "negotiation phase" to be complete yet.
  71. I added test case 95 to verify my fix for this.
  72. Daniel (24 November)
  73. - Thanks to Mathias Axelsson, I've been able to work on FTPS for libcurl and it
  74. seems to work somewhat fine now.
  75. The FTPS stuff is based on RFC2228 and the murray-auth-ftp-ssl draft
  76. (version 12). There seems to exist quite a few servers that have implemented
  77. the server side of this.
  78. We can now use ftps:// URLs to explicitly switch on SSL/TSL for the control
  79. connection and the data connection (dealing with two SSL connections forced
  80. me to change a lot of stuff in libcurl).
  81. Alternatively, and what seems to be the recommended way, we can set the new
  82. option CURLOPT_FTP_SSL to one of these values:
  83. CURLFTPSSL_NOPE, - do not attempt to use SSL
  84. CURLFTPSSL_TRY - try using SSL, proceed anyway otherwise
  85. CURLFTPSSL_CONTROL - SSL for the control connection or fail
  86. CURLFTPSSL_ALL - SSL for all communication or fail
  87. Any failure to set the desired level will make libcurl fail with the error
  88. code CURLE_FTP_SSL_FAILED. This new option makes a "normal" ftp:// transfer
  89. attempt to be made securely.
  90. I've been able to login and get files (passively) from Mathias' server using
  91. both ftps:// and CURLOPT_FTP_SSL. (I've made 'curl' understand the --ftp-ssl
  92. option that sets CURLFTPSSL_TRY.)
  93. - Gaz Iqbal fixed a range string memory leak.
  94. - Gisle Vanem fixed the Windows builds.
  95. - Added the new FTPSSL defines in curl/curl.h
  96. Daniel (20 November)
  97. - Josh Kapell filed bug report #845247 as he found an endless loop when
  98. getting a 407 back from a proxy when no user+password was given. Added test
  99. case 94 to verify the fix.
  100. Daniel (19 November)
  101. - Kevin Roth fixed a progress-bar problem on Windows.
  102. - While working with Nicolas Croiset's bug report #843739, I noticed two minor
  103. problems related to ftp partial downloads: if a partial transfer is
  104. detected, we must close the connection as we cannot know in what state it is
  105. anymore. This looks like a ProFTPD bug:
  106. http://curl.haxx.se/mail/lib-2003-11/0079.html
  107. Daniel (17 November)
  108. - Maciej W. Rozycki made the configure script use a cache variable for the
  109. writable argv test. This way, the default can be overridden better (for
  110. cross-compiles etc)
  111. Daniel (15 November)
  112. - Mathias Axelsson found out libcurl sometimes freed the server certificate
  113. twice, leading to crashes!
  114. Daniel (14 November)
  115. - Siddhartha Prakash Jain found a case with a bad resolve that we didn't
  116. properly bail out from, when using ares.
  117. Daniel (13 November)
  118. - Default Content-Type for parts in multipart formposts has changed to
  119. "application/octet-stream". This seems more appropriate, and I believe
  120. mozilla and the likes do this. In the same area: .html files now get
  121. text/html as Content-Type. (Pointed out in bug report #839806)
  122. - Gisle Vanem corrected the --progress-bar output by doing a flush of the
  123. output, which apparently makes it look better on at least windows, but
  124. possibly other platforms too.
  125. - Peter Sylvester identified a problem in the connect code, which made the
  126. multi interface on a ipv6-enabled solaris box do bad. Test case 504 to be
  127. specific. I've spent some time to clean-up the Curl_connecthost() function
  128. now to use less duplicated code for the two different sections: ipv6 and
  129. ipv4.
  130. Daniel (11 November)
  131. - Added CURLOPT_NETRC_FILE. Use this to tell libcurl which file to use instead
  132. of trying to find a .netrc in the current user's home directory. The
  133. existing .netrc file finder is somewhat naive and is far from perfect on
  134. several platforms that aren't unix-style. If this option isn't set when
  135. CURLOPT_NETRC is set, the previous approach will still be used.
  136. The current .netrc check code now also support longer than 256 bytes path
  137. names.
  138. Daniel (10 November)
  139. - Kang-Jin Lee pointed out that the generated ca-bundle.h file shouldn't be
  140. written in the source dir if a different build dir is used.
  141. - After Sébastien Willemijns' bug report, we now check the separators properly
  142. in the 229-reply servers respond on a EPSV command and bail out better if
  143. the reply string is not RFC2428-compliant.
  144. Daniel (7 November)
  145. - Based on Gisle Vanem's patch, I made curl try harder to get the home
  146. directory of the current user, in order to find the default .curlrc file.
  147. We're also considering moving out the HOME-dir code from libcurl, and
  148. instead have the app pass in the path to the .netrc file (which is the only
  149. logic left in libcurl that uses the HOME dir). Then curl can use the home
  150. dir for that purpose too.
  151. - Ralph Mitchell's updated testcurl.sh to the script to take an existing
  152. directory name and build/run/test curl in there instead of trying to update
  153. from CVS. Using this approach, the script can now be used to test daily
  154. tarballs etc.
  155. - Gisle Vanem added a "resource file" to the Windows DLL builds, to contain
  156. information such as version number, library name, copyright info etc.
  157. Daniel (6 November)
  158. - curl checks if the existing libcurl supports things like --ntlm, --negotiate
  159. and --krb4 and returns error if not.
  160. - I added three new global defines in the curl/curl.h header:
  161. LIBCURL_VERSION_MAJOR, LIBCURL_VERSION_MINOR and LIBCURL_VERSION_PATCH. They
  162. are the three numbers in the library's version number, separated for easier
  163. usage. 'maketgz' was updated accordingly to generate these numbers properly
  164. when building release-archives.
  165. - Uninitialized variable fix, reported by both Marty Kuhrt and Benjamin
  166. Gerard.
  167. - Matt Veenstra provided build files to build libcurl as a "framework" under
  168. Mac OS X. See the lib/libcurl.framework.make for details.
  169. - Removed the defines of TRUE and FALSE from the curl/curl.h header file.
  170. They're not in our name space so we should not fiddle with them.
  171. Daniel (5 November)
  172. - Replaced the man page to HTML converter program with a new one: roffit.
  173. Makes nicer web pages.
  174. Daniel (4 November)
  175. - Troels Walsted Hansen fixed the MSVC makefiles to let them build curl fine
  176. on Windows.
  177. - Kevin Roth corrected the cygwin package generator and spell-fixed the
  178. comment in the ca-bundle.h file.
  179. Version 7.10.8 (1 November 2003)
  180. Daniel (31 October)
  181. - Assume that MDTM on an FTP server returns the timestamp using the UTC time
  182. zone. This changes the time CURLINFO_FILETIME returns for a given file over
  183. FTP, and will change existing uses of CURLOPT_TIMECONDITION. It will make
  184. the functionality more similar to how the HTTP one is already working.
  185. - Command line options that take numerical parameters (such as -y, -Y, -C etc)
  186. now report error and exit if the parameter isn't truly a number greater than
  187. or equal to zero. This helps users to notice bad usage earlier. Before, when
  188. a user forgot or missed to add a numerical parameter to an option, the
  189. command line parser would simply "eat" the following option and it would
  190. cause great confusion.
  191. Daniel (30 October)
  192. - David Hull made libcurl deal with NOBODY and HEADER for file:// the same way
  193. it already does for FTP: it provides HTTP-looking headers that provide info
  194. only about the file, without doing the actual transfer. The curl tool then
  195. lets --head do this.
  196. Daniel (29 October)
  197. - runtests.pl now checks for and use valgrind if present. It will redirect the
  198. valgrind results in log/valgrind[num] but it currently doesn't scan that
  199. file for any errors or anything, that is still only made manually.
  200. - David Hull made the file: URL parser also accept the somewhat sloppy file
  201. syntax: file:/path. I added test case 203 to verify this.
  202. Daniel (28 October)
  203. - Dan C tracked down yet another weird behavior in the glibc gethostbyname_r()
  204. function for some specific versions (reported on 2.2.5 and 2.1.1), and
  205. provided a fix. On Linux machines with these glibc versions, non-ipv6
  206. builds of libcurl would often fail to resolve perfectly resolvable host
  207. names.
  208. Daniel (26 October)
  209. - James Bursa found out that curl_msnprintf() could write the trailing
  210. zero-byte outside its given buffer size. This could happen if you generated
  211. a very long error message as then libcurl would overwrite the ERRORBUFFER
  212. with one byte. Using a non-existing very long local file:// name is one case
  213. that could make this occur.
  214. Daniel (24 October)
  215. - David Hull filed bug report #829827. It identified a problem with -C - if
  216. the full file already was downloaded and thus the server responded with a
  217. 416. libcurl would then wrongly use the Content-Length: header and expect
  218. that size to get transfer, causing a "hang" until the server closed the
  219. connection and then an error 18 ("still N bytes data left of the transfer").
  220. Now we don't return any error at all, but I think libcurl should perhaps
  221. return some kind of info since the requested range was out of the size of
  222. the document.
  223. - Based on David Hull's fix in bug report #804599, we now check for solaris and
  224. gcc in configure and set the -mimpure-text link flag for linking the lib
  225. better.
  226. - I've introduced a -t option to the runtests.pl script. With that option set,
  227. the script runs special "memory torture" tests. For each test command line
  228. in that section, the script first runs the command line and counts the total
  229. amount of allocations made. It then runs the exact same command line again,
  230. forcing allocation number N to fail. It will try every N from 1 to the total
  231. number of amounts made. For every invoke, it checks that no memory was
  232. leaked as that would indicate a bad cleanup somewhere in the code.
  233. This is just beginning to work, and I've already made some corrections in
  234. libcurl code. When this code works somewhat fine, I'll make sure 'make test'
  235. in the root dir will run these tests as well.
  236. Daniel (23 October)
  237. - Georg Horn fixed how the CA verification is made. Verifications can now be
  238. made while at the same time the result of it can be ignored. This also
  239. affects the curl tool as -k can now be used together with --cacert or
  240. --capath.
  241. Daniel (22 October)
  242. - Gisle Vanem found out --disable-eprt didn't work and patched it.
  243. - Test case 91 was modified and could now repeat the problem Kevin Roth has
  244. reported, and the bug was fixed.
  245. - Dylan Ellicott added vc-libcurl-ssl-dll as a target to the root makefile
  246. to build a static libcurl that links with a shared OpenSSL using MSVC.
  247. Daniel (21 October)
  248. - Andrés García updated the mingw32 makefiles.
  249. Version 7.10.8-pre5 (21 October 2003)
  250. Daniel (19 October)
  251. - Georg Horn made libcurl output more info on SSL failures when receiving
  252. data.
  253. Version 7.10.8-pre4 (18 October 2003)
  254. Daniel (17 October)
  255. - Dominick Meglio implemented CURLOPT_MAXFILESIZE and --max-filesize.
  256. - Made libcurl show verbose info about what auth type and user name that is
  257. being sent in its HTTP request-headers.
  258. Daniel (16 October)
  259. - Removed support for CURLOPT_PASSWDFUNCTION and CURLOPT_PASSWDDATA. libcurl
  260. no longer prompt for passwords under any circumstances. Password prompting
  261. was instead moved to curl, which now prompts for password if -u or -U lack
  262. it. This solves the problem Kevin Roth reported when curl prompted for
  263. password twice when doing NTLM authentication.
  264. - I rewrote the SSL subjectAltName check to avoid having to rely on OpenLDAP-
  265. licensed derivate code.
  266. Daniel (15 October)
  267. - Avoid doing getsockopt() on Windows to verify connects. It seems that this
  268. hogs Windows machines when libcurl is being used multi-threaded (with > ~50
  269. threads). Andrew Fuller helped us verify and test this.
  270. Daniel (14 October)
  271. - Kimmo Kinnunen fixed a crash with duphandle() when CURLDEBUG is set.
  272. - Gisle Vanem made libcurl build and work with IPv6 on Windows.
  273. Daniel (13 October)
  274. - Giuseppe Attardi reported yet another segfault with ares and the multi
  275. interface. Me fixed.
  276. - Domenico Andreoli removed the extra LDFLAGS assignment in lib/Makefile.am
  277. that was reported about in the debian bug report #212086.
  278. Domenico also fixed two makefiles where we used 'gnroff' instead of the more
  279. portable $(NROFF).
  280. Daniel (12 October)
  281. - Dirk Manske made the share locking around DNS lookups slightly different to
  282. allow the share system's DNS lookups to run somewhat more
  283. independent/faster.
  284. Daniel (9 October)
  285. - Lachlan O'Dea fixed a resume problem: "If I set CURLOPT_RESUME_FROM, perform
  286. an HTTP download, then reset CURLOPT_RESUME_FROM to 0, the next download
  287. still has a Range header with a garbage value." bug report #820502
  288. - Dominick Meglio made the inet_pton.c file build fine using MSVC.
  289. - The 'sws' test suite web server now #include setup.h from the lib directory.
  290. This makes it more portable easier.
  291. Version 7.10.8-pre3 (8 October 2003)
  292. Daniel (8 October)
  293. - Frank Ticheler provided a patch that fixes how libcurl connects to multiple
  294. addresses, if one of them fails (ipv4-code).
  295. Daniel (7 October)
  296. - Neil Dunbar provided a patch that now makes libcurl check SSL
  297. subjectAltNames when matching certs. This is apparently detailed in RFC2818
  298. as the right thing to do. I had to add configure checks for inet_pton() and
  299. our own (strictly speaking, code from BIND written by Paul Vixie) provided
  300. code for the function for platforms that miss it.
  301. - HTTP POST using the read callback didn't work, as Florian Schoppmann
  302. reported.
  303. Daniel (5 October)
  304. - Shared provided a few fixes to make libcurl build on BeOS
  305. out-of-the-box. New code for BeOS-style non-blocking sockets, provided by
  306. Shard and Jeremy Friesner. Modified the autoconf check for non-blocking
  307. sockets to check for this kind too.
  308. Daniel (4 October)
  309. - Vincent Bronner pointed out that if you set CURLOPT_COOKIE for a transfer
  310. and then set it to NULL in a subsequent one, the previous cookie was still
  311. sent off!
  312. - Jon Turner fixed a problem libcurl had when it failed on an FTP transfer due
  313. to a bad path, it would cause the next transfer to use a bad path as well.
  314. - Siddhartha Prakash Jain provided a patch with a fix for libcurl with ares,
  315. when working on IP-only names as we then could return "wait" status when the
  316. name in fact already was resolved. I edited the patch slightly to not expose
  317. asynch details to non-ares aware source code.
  318. Daniel (3 October)
  319. - Neil Spring posted the debian bug report #213180, and pointed out that using
  320. the name 'access' in a function prototype is not very wise as some compilers
  321. complain.
  322. - Peter Sylvester provided his and Jean-Paul Merlin's curlx.c example source
  323. code that shows how they use ssl and callbacks.
  324. Daniel (2 October)
  325. - James MacMillan's patch makes curl build on QNX 6.2.x.
  326. Daniel (26 September)
  327. - My daughter was born!
  328. Daniel (23 September)
  329. - Added support for -4/--ipv4 and -6/--ipv6 to force names to resolve to that
  330. particular IP version. They only work for IPv6-enabled libcurls.
  331. - curl -V now outputs 'SPNEGO' as a feature in case libcurl was built to
  332. support that.
  333. Version 7.10.8-pre2 (22 September 2003)
  334. Daniel (22 September)
  335. - Giuseppe Attardi found a segfault in libcurl when using the multi interface
  336. with ares and doing repeated operations against a non-resolving host name.
  337. Daniel (19 September)
  338. - Added the CURLOPT_IPRESOLVE option, that allows an application to select
  339. what kind of IP addresses he wants to use when resolving host names. This
  340. is only interesting when using host names that resolve addresses using more
  341. than one version of IP.
  342. - Applied Markus Moeller's patch that introduces SPNEGO support if libcurl
  343. is built with the FBopenssl libraries. curl_version_info() now returns
  344. info on SPNEGO availability. The patch also made the GSSAPI stuff work fine
  345. with the MIT GSS-library (the Heimdal one still works too).
  346. Daniel (16 September)
  347. - Doing PUT with --digest failed, as reported in bug report #805853.
  348. - Using --anyauth that picked NTLM, and then a redirect closed the connection
  349. and took curl to a second NTLM page made curl fail. Bug report #806328
  350. identified the problem, test case 90 was added to verify the fix.
  351. Daniel (14 September)
  352. - codemastr brought a patch for ares to make the Windows portions of it work
  353. properly on NT4. I uploaded a new diff and updated the docs on where to get
  354. it etc.
  355. - Jeff Pohlmeyer tracked down a very hard-to-find bug where we removed a
  356. cached DNS entry even though it may be in use, which caused "random" memory
  357. to get overwritten and thus "random" crashes.
  358. Daniel (12 September)
  359. - Based on a bug report by David Kimdon, I made the runtests.pl script clear
  360. all possible proxy environment variables before the tests are run.
  361. - By default, easy handles within a multi handle now share DNS cache.
  362. - Tim Bartley brought a patch that makes the GSSNEGOTIATE option work for
  363. Microsoft's "Negotiate" authentication as well.
  364. Daniel (11 September)
  365. - A zero-length proxy string confused FTP transfers.
  366. - Bjorn Reese found a case with an uninitialized pointer, only present when
  367. built for ares.
  368. Version 7.10.8-pre1 (8 September 2003)
  369. Daniel (7 September)
  370. - Jurij Smakov found out that the non-OpenSSL MD5 code was not working on
  371. Alpha (or ia64). Only the OpenSSL-version did. I made a fix I think corrects
  372. the problem.
  373. Daniel (5 September)
  374. - Kevin Fisk reported that configure --enable-thread didn't work. I fixed.
  375. - De-macrofied the lib/hash.c source code somewhat.
  376. Daniel (4 September)
  377. - CURLINFO_HTTPAUTH_AVAIL and CURLINFO_PROXYAUTH_AVAIL added, Based on Joerg
  378. Mueller-Tolk's patch,
  379. Early (4 September)
  380. - Added CURLOPT_FTP_RESPONSE_TIMEOUT - allows user to set strict timeout
  381. requirements on the FTP server's ability to respond to individual commands
  382. without placing global requirements on transfer or connect time. Files
  383. affected:
  384. - include/curl/curl.h
  385. Added option CURLOPT_FTP_RESPONSE_TIMEOUT
  386. - lib/ftp.c
  387. Added branch inside Curl_GetFTPResponse to check for
  388. data->set.ftp_response_timeout
  389. - lib/url.c
  390. Modified Curl_setopt to recognize CURLOPT_FTP_RESPONSE_TIMEOUT
  391. - lib/urldata.h
  392. Added ftp_response_timeout to struct UserDefined
  393. Daniel (3 September)
  394. - Peter Pentchev found and fixed two problems in the test suite's web server
  395. code, that made it segfault at times.
  396. - Jörg Mueller-Tolk improved the proxy user+password handling, especially
  397. when providing a blank password.
  398. Daniel (2 September)
  399. - Fix for making CONNECT to proxies do the correct magic to allow NTLM, Digest
  400. and similar to work.
  401. Daniel (1 September)
  402. - Henrik Storner made libcurl work fine with OpenLDAP 2.1.22 (current).
  403. - Jeff Pohlmeyer added a proper error message for non-resolving hosts when
  404. using ares for lookups.
  405. Daniel (25 August)
  406. - John McGowan reported that curl -k still failed if the HTTPS server's CN
  407. field wasn't obtainable. This was due to the CURLOPT_SSL_VERIFYHOST being
  408. set to 1, and libcurl failed if the CN was missing. Starting now, having it
  409. set to 1 will simply output a warning if no CN could be obtained (as having
  410. a mismatch is OK).
  411. Daniel (21 August)
  412. - Vincent Sanders provided a fix for name resolving when linked with uClibc.
  413. Daniel (20 August)
  414. - Gerd v. Egidy provided a patch that makes libcurl store the FTP response
  415. code from ftp servers. Using curl_easy_getinfo() with CURLINFO_HTTP_CODE
  416. returns that data. The option is therefore now also known as
  417. CURLINFO_RESPONSE_CODE.
  418. - Antoine Calando found a segfault when doing multi-part/formpost using
  419. the multi interface.
  420. - Antoine Calando pointed out that curl_multi_info_read() didn't set the
  421. msgs_in_queue to 0 properly when returning NULL.
  422. Daniel (19 August)
  423. - I made curl support multiple -T options, as well as -T "{file1,file2}"
  424. style globbing. One -T for each URL is supported.
  425. - Jeff Pohlmeyer found a segfault when using ares-enabled libcurl and the
  426. multi interface when trying a non-existing host name.
  427. - Made the libcurl printf code support long longs if available.
  428. - Loren Kirkby pointed out that we did not clean up all SSL-allocated memory
  429. in curl_global_cleanup().
  430. Daniel (17 August)
  431. - Setting CURLOPT_WRITEFUNCTION or CURLOPT_READFUNCTION to NULL will now make
  432. them get the internal defaults restored. Previously this could cause a
  433. segfault. We should aim at having all pointer-related options get restored
  434. to default/safe values when set to NULL.
  435. Version 7.10.7 (15 August 2003)
  436. Daniel (14 August)
  437. - I modified the memdebug system to return failure on memory allocation
  438. functions after a set amount of successful ones. This enables us to test
  439. out-of-memory situations in a controlled manner and we can make sure that
  440. curl/libcurl behaves good in those.
  441. This made me find and fix several spots where we did not cleanup properly
  442. when bailing out due to errors (low memory).
  443. - Corrected test case 74. Made using -o with bad #[num] codes complain and
  444. bail out. Made #[num] support numbers larger than 9 as well. Added test
  445. case 86 for a proper range globbing test as well.
  446. Version 7.10.7-pre4 (12 August 2003)
  447. Daniel (12 August)
  448. - curl_version_info() now returns a flag if libcurl was built with asynch DNS
  449. support, and this is now also displayed with 'curl -V'.
  450. - Added a few new man pages to the docs/libcurl dir: curl_share_init,
  451. curl_share_setopt, curl_share_cleanup, libcurl-easy and libcurl-share.
  452. Daniel (11 August)
  453. - Mike Cherepov made the local binding code work for Windows, which makes
  454. the option CURLOPT_INTERFACE work on Windows as well.
  455. - Vincent Sanders updated the fopen.c example code a lot.
  456. - --proxy-ntlm is now supported by the curl tool. It forces the proxy
  457. authentication to be made using NTLM. It does not yet work for HTTPS over
  458. proxies (or other proxy-tunneling options). Test case 81 and 82 do some
  459. simple initial ntlm testing.
  460. - Found and fixed a minor memory leak on re-used connections with
  461. proxy-authentication.
  462. - I removed -@ and -Z as valid short options. They were very rarely used (@
  463. wasn't even documented).
  464. - Serge Semashko introduced CURLOPT_PROXYAUTH, and make it work when set to
  465. CURLAUTH_NTLM and/or CURLAUTH_BASIC. The PROXAUTH is similar to HTTPAUTH,
  466. but is for the proxy connection only, and HTTPAUTH is for the remote host.
  467. - Fixed loading of cookies with blank contents from a cookie jar. Also made the
  468. cookie functions inform on added and skipped cookies (for cookie debugging).
  469. Version 7.10.7-pre3 (8 August 2003)
  470. Daniel (8 August)
  471. - Applied David Byron's fix for file:// URLs with drive letters included.
  472. - I added the --ftp-create-dirs to the client code, which activates Early's
  473. CURLOPT_FTP_CREATE_MISSING_DIRS option, and wrote test case 147 to verify
  474. it. Added the option to the curl.1 man page too. Added the option to the
  475. curl_easy_setopt.3 man page too.
  476. Daniel (7 August)
  477. - Test case 60 failed on ia64 and AMD Opteron. Fixed now.
  478. - Fixed a printf problem that resulted in urlglobbing bugs (bug #203827 in the
  479. debian bug tracker). Added test case 74 to verify the fix and to discover if
  480. this breaks in the future.
  481. - "make distcheck" works again.
  482. Version 7.10.7-pre2 (6 August 2003)
  483. Daniel (5 August)
  484. - Duncan Wilcox helped me verify that the latest incarnation of my ares patch
  485. builds fine on Mac OS X (see the new lib/README.ares) file for all details.
  486. - Salvatore Sorrentino filed bug report #783116 and Early Ehlinger posted a
  487. bug report to the libcurl list, both identifying a problem with FTP
  488. persistent connections and how the dir hierarchy was not properly reset
  489. between files.
  490. - David Byron's thoughts on a fixed Makefile in tests/ were applied.
  491. - Jan Sundin reported a case where curl ignored a cookie that browsers don't,
  492. which turned up to be due to the number of dots in the 'domain'. I've now
  493. made curl follow the the original netscape cookie spec less strict on that
  494. part.
  495. Daniel (4 August)
  496. - Dirk Manske added cookie support for the experimental, hidden and still
  497. undocumented share feature!
  498. - Mark Fletcher provided an excellent bug report that identified a problem
  499. with FOLLOWLOCATION and chunked transfer-encoding, as libcurl would not
  500. properly ignore the body contents of 3XX response that included the
  501. Location: header.
  502. Early (6 August)
  503. - Added option CURLOPT_FTP_CREATE_MISSING_DIRS
  504. This option will force the target file's path to be created if it
  505. does not already exist on the remote system.
  506. Files affected:
  507. - include/curl/curl.h
  508. Added option CURLOPT_FTP_CREATE_MISSING_DIRS
  509. - lib/ftp.c
  510. Added function ftp_mkd, which issues a MKD command
  511. Added function ftp_force_cwd, which attempts a CWD,
  512. and does a MKD and retries the CWD if the original CWD
  513. fails
  514. Modified ftp_perform() to call its change directory function
  515. through a pointer. The pointer points to ftp_cwd by default,
  516. and is modified to point to ftp_force_cwd IFF
  517. data->set.ftp_create_missing_dirs is not 0.
  518. - lib/url.c
  519. Modified Curl_setopt to recognize CURLOPT_FTP_CREATE_MISSING_DIRS
  520. - lib/urldata.h
  521. Added ftp_create_missing_dirs to struct UserDefined
  522. - Minor Bugfix for CURLOPT_TIMECONDITION with FTP - if the file was not
  523. present to do the time comparison, it would fail.
  524. Files affected:
  525. - lib/ftp.c
  526. In ftp_perform(), the call to ftp_getfiletime() used to be followed
  527. by
  528. if (result)
  529. return result;
  530. And then by the code that actually did the time comparison.
  531. The code that did the comparison handled the case where the filetime
  532. was not available (as indicated by info.filetime < 0 or set.timevalue
  533. < 0), so I replaced the if (result) return result with a switch(result)
  534. that allows CURLE_FTP_COULDNT_RETR_FILE to fall through to the
  535. normal time comparison.
  536. Daniel (3 August)
  537. - When proxy authentication is used in a CONNECT request (as used for all SSL
  538. connects and otherwise enforced tunnel-thru-proxy requests), the same
  539. authentication header is also wrongly sent to the remote host.
  540. This is a rather significant info leak. I've fixed it now and mailed a patch
  541. and warning to the mailing lists.
  542. Daniel (1 August)
  543. - David Byron provided a patch to make 7.10.6 build correctly with the
  544. compressed hugehelp.c source file.
  545. Version 7.10.7-pre1 (31 July 2003)
  546. Daniel (30 July)
  547. - Jörg Müller-Tolk updated the VC makefile.
  548. - Daniel Noguerol made the ftp code output "Accept-Ranges: bytes" in similar
  549. style like other faked HTTP headers when NOBODY and HEADER are used. I
  550. updated two corresponding test cases too.
  551. - Marty Kuhrt pointed out a compilation problem on VMS due to my having
  552. changed a type from long to time_t, and I'm now changing it back to work
  553. more portably...
  554. He also indicated that distributing the src/hugehelp.c in a compressed state
  555. like I accidentally did may not be the smartest move... I've now fixed the
  556. distribute procedure to automatically generate an uncompressed version when I
  557. make release archives.
  558. Daniel (29 July)
  559. - Gisle Vanem brought changes to the mkhelp script for the generation of the
  560. compressed help text on some platforms.
  561. Version 7.10.6 (28 July 2003)
  562. Daniel (28 July)
  563. - François Pons brought a patch that once again made curl deal with ftp and
  564. "double slash" as indicating the root directory. In the RFC1738-fix of April
  565. 30, that ability was removed (since it is not the "right" way). So, starting
  566. now we can list the root dir of an ftp server both these ways:
  567. curl ftp://server.com/%2f as well as
  568. curl ftp://server.com//
  569. Daniel (24 July)
  570. - Henry Bland pointed out that we included sys/resource.h without good reason
  571. in several source files. Without it included, QNX builds better...
  572. - Andrés García updated the mingw makefiles.
  573. Daniel (23 July)
  574. - Tracy Boehrer experienced DNS cache problems and did some nice debugging
  575. and tracking which made it easy for me to correct the problem and Tracy
  576. could verify that it did cure the problem! When re-using a connection we
  577. now make sure we don't re-use the 'connect_addr' struct.
  578. - Daniel Kouril corrected the GSS-Negotiate code.
  579. - Juan F. Codagnone provided fixes to allow curl to build fine on Windows
  580. again.
  581. Daniel (22 July)
  582. - Edited the curl/curl.h include file to build on Windows properly.
  583. Daniel (21 July)
  584. - Moved the proxy credentials from the SessionHandle struct to the connectdata
  585. struct, to make multiple proxy connections with differerent user names work.
  586. - Adjusted the NTLM code to support proxy functionality.
  587. - Made the krb4 stuff compile with the user+password fields moved.
  588. Version 7.10.6-pre4 (21 July 2003)
  589. Daniel (20 July)
  590. - David Gardner pointed out in bug report 770755 that using the FTP command
  591. CWD with a blank argument is a bad idea and I made libcurl skip empty path
  592. segments starting now.
  593. Daniel (18 July)
  594. - Cris pointed out that my fix on July 16th didn't work fully. His pointing
  595. out this (and his patch) also made me realize that we have a very similar
  596. bug in the FTP connection re-use code. We must store a separate user and
  597. password field for each connection we keep (at least for FTP and HTTP+NTLM
  598. connections, so I made us do this unconditionally).
  599. - Since NTLM authenticates connections instead of single requests, I had to
  600. re-arrange how we store the NTLM data and I had to improve the test suite to
  601. finally work properly with persistency to make the NTLM tests run fine
  602. again. This also forced me to have to update lots of HTTP test cases.
  603. Daniel (16 July)
  604. - Cris Bailiff's bug report 768275 pointed out that using Basic auth with
  605. wrong user+password caused an endless loop. Fixed now. He also found out that
  606. we didn't properly authenticate connections with NTLM. Fixed too.
  607. - Dan Winship provided fixes for the NTLM code.
  608. Daniel (5 July)
  609. - Doug Kaufman provided additional fixes for the DOS port.
  610. Daniel (4 July)
  611. - Rick Richardson pointed out that using setvbuf() to achieve non-buffering
  612. on output is no-good for SCO Xenix and other unixes. We switched over to
  613. using plain fflush() instead.
  614. - Dan Grayson pointed out that we set the CURL_CA_BUNDLE variable wrongly in
  615. the configure script, and I had to change some build stuff to make the new
  616. way work.
  617. - Peter Sylvester's patch was applied that introduces the following:
  618. CURLOPT_SSL_CTX_FUNCTION to set a callback that gets called with the
  619. OpenSSL's ssl_ctx pointer passed in and allow a callback to act on it. If
  620. anything but CURLE_OK is returned, that will also be returned by libcurl
  621. all the way back. If this function changes the CURLOPT_URL, libcurl will
  622. detect this and instead go use the new URL.
  623. CURLOPT_SSL_CTX_DATA is a pointer you set to get passed to the callback set
  624. with CURLOPT_SSL_CTX_FUNCTION.
  625. Daniel (1 July)
  626. - David Byron provided a patch that allows a client to quit the test suite's
  627. HTTP server.
  628. - Gisle Vanem found and patched a lib handle leak in the ldap code.
  629. Daniel (25 June)
  630. - More NTLM-improvements. Less code. Smaller packets back and forth.
  631. Daniel (23 June)
  632. - Eric Glass provided us with a better doc on NTLM details, and I added more
  633. comments and clarified the current code more. Using the new knowledge, we
  634. should be able to make the NTLM stuff work even better.
  635. Eric's original URL: http://davenport.sourceforge.net/ntlm.html
  636. Version stored and provided at curl site: http://curl.haxx.se/rfc/ntlm.html
  637. - Fixed the minor compile problems pre3 had if built without GSSAPI and/or
  638. SSL.
  639. Version 7.10.6-pre3 (19 June 2003)
  640. Daniel (19 June)
  641. - Made curl use curl_free() on memory returned by curl_getenv(), as this
  642. should theoreticly make it possibly to build and run curl and libcurl with
  643. different memory allocation schemes with no problems.
  644. Daniel (18 June)
  645. - Improved the mkhelp.pl a bit further to make a nicer hugehelp text and to
  646. include a better comment in the top for the gzip compressed version.
  647. Daniel (17 June)
  648. - CURLOPT_HTTPAUTH is now a bitmask, in which you set which authentication
  649. type(s) you want to use. If more than one is set, libcurl will use one of
  650. the selected one and the one it considers is more secure. Test case 67 and
  651. 68 (for NTLM) were fixed and we've reduced a round-trip for specific --ntlm
  652. fetches, and test case 69 and 70 were added for testing authentication
  653. "picking". --anyauth is the new command line tool option, and I also added
  654. --basic for completeness (that's the default type).
  655. - Fixed the runtests.pl script to use the info provided by the new curl -V
  656. output.
  657. - --enable-debug now sets the CURLDEBUG define instead of MALLOCDEBUG, as it
  658. is meant to be a generic debug conditional.
  659. - curl_version_info() can now return CURL_VERSION_DEBUG as a feature bit, to
  660. indicate that the library was built with CURLDEBUG set.
  661. - Ralph Mitchell found out that some web applications very badly uses white
  662. spaces in Location: redirects, and apparently IE is a browser (the only
  663. one?) that supports this abomination. Based on Ralph's patch, I added code
  664. that now attempts to replace white spaces with the proper "%20" or "+".
  665. Test case 40 and 42 were added to verify my changes.
  666. - curl -V now also outputs a list of features the available library offers (if
  667. any).
  668. - The curl_version() string now includes "GSS" if libcurl is built with GSSAPI
  669. support.
  670. - David Orrell reported that libcurl still crashed when sending HUGE requests
  671. over HTTPS... I fixed.
  672. Version 7.10.6-pre2 (16 June 2003)
  673. Daniel (16 June)
  674. - curl_version_info() now returns bitmasked information weather NTLM and
  675. GSSNEGOTIATE are supported, since it is doomed to vary on different
  676. installations.
  677. - I remade the HTTP Digest code to use the MD5-code provided by OpenSSL if
  678. that is present, and only use our own MD5-code if it isn't.
  679. Daniel (13 June)
  680. - More NTLM help, fixes and patches from Cris Bailiff.
  681. - Marty Kuhrt brought include fixes for making VMS builds warning-free.
  682. Daniel (12 June)
  683. - NTLM authentication works somewhat against the test servers provided by
  684. Mathias Axelsson and Cris Bailiff. Use by setting CURLOPT_HTTPAUTH to
  685. CURLAUTH_NTLM to libcurl, or --ntlm for the curl tool. Test case 67 and 68
  686. were added for this. NTLM-support requires OpenSSL.
  687. - Dan Fandrich provided a patch, that granted that gzip and libz are available
  688. at build-time, compresses the hugehelp text in the curl command line and
  689. uncompresses it at request. Saves some ~60K in the final output executable.
  690. Daniel (11 June)
  691. - Long day of fighting the NTLM demons.
  692. Daniel (10 June)
  693. - Modified how to set auth type to libcurl. Now use CURLOPT_HTTPAUTH instead,
  694. and pick method. Supported ones currently are:
  695. CURLAUTH_BASIC - default selection
  696. CURLAUTH_DIGEST - formerly CURLOPT_HTTPDIGEST
  697. CURLAUTH_GSSNEGOTIATE
  698. - Daniel Kouril added HTTP GSS-Negotiate authentication support, as defined in
  699. the IETF draft draft-brezak-spnego-http-04.txt. In use already by various
  700. Microsoft web applications. --negotiate is the new family member. To take
  701. advantage of this, you need one of these packages:
  702. o Heimdal Kerberos5 http://www.pdc.kth.se/heimdal/heimdal.html
  703. o GSSAPI from Globus http://www.globus.org/
  704. o GSSAPI libraries from MIT Kerberos5 http://web.mit.edu/kerberos/www/
  705. - A missing ending bracket (']') while doing URL globbing could lead to a
  706. segfault. While fixing this, I also introduced better error reporting in the
  707. globbing code. (All this is application code outside libcurl.)
  708. Daniel (6 June)
  709. - David Orrell found out that sending a huge GET request over HTTPS could
  710. make libcurl fail and return an error code.
  711. Daniel (2 June)
  712. - Richard Bramante found out that "Content-Length: 0" was not properly used by
  713. libcurl if the response-headers indicated that the connection would be
  714. closed.
  715. - David Byron's patch was applied, that makes the --progress-bar take the
  716. local size into account when doing resumed downloads.
  717. - Feedback from Serge Semashko made me change the error message returned when
  718. CURLE_HTTP_RETURNED_ERROR is returned.
  719. - Anonymous in bug report #745122 pointed out that we should really be using
  720. SSL_CTX_set_options(... SSL_OP_ALL) to work around flaws in existing SSL
  721. implementations.
  722. Daniel (27 May)
  723. - Andreas Ley and Rich Gray helped me point out that no version of HP-UX has
  724. the sys/select.h header file so including it unconditionally in curl/multi.h
  725. is not a good thing. Now we check for HPUX and avoid using that header on
  726. such systems.
  727. - Rudy Koento experienced problems with curl's recent habit of POSTing data in
  728. two separate send() calls, first the headers and then the data. I've now
  729. made a fix that for static and known content that is less than 100K in size,
  730. everything is now sent in one single system call again. This is also better
  731. for network performance reasons.
  732. - I modified the main makefile to not build the test suite and a few other
  733. unnecessary things by default. Now, the test suite is built when 'make test'
  734. is run. This reduces build time for those who don't care for the test
  735. suite, and it also reduces confusion for people using platforms where the
  736. test suite build fails!
  737. Daniel (26 May)
  738. - Chris Lewis pointed out a flaw in the #ifdefs in curl/multi.h for Windows,
  739. which is now corrected.
  740. - Jis Joy found another flaw in the SOCK5 code, as libcurl treated the socks5
  741. proxy a little too much like as if it was a http proxy.
  742. Daniel (23 May)
  743. - Ricardo Cadime found a socket leak when listing directories without
  744. contents. Test cases 144 and 145 were added to verify the fix.
  745. - Rudy Koento found yet another problem when a HTTP server returns only a
  746. single-line of contents without any headers at all. libcurl then failed to
  747. count the data, thus returning error 52 "no contents". Test case 66 was
  748. added to verify that we now do right.
  749. Version 7.10.6-pre1 (23 May 2003)
  750. Daniel (23 May)
  751. - Jis in bug report #741841, fixed a bug in the SOCKS5 proxy-using code.
  752. Daniel (22 May)
  753. - David Remahl set up a test-server for me providing Digest authentication,
  754. and I wrote the first working code that support it. The test suite was
  755. modified slightly as well to work better for it and --digest was added to
  756. the command line options (and CURLOPT_HTTPDIGEST to the library)... RFC2617
  757. has all the gory details.
  758. Daniel (21 May)
  759. - David Balazic pointed out that curl_unescape() didn't check that %-codes
  760. were correctly followed by two hexadecimal digits when it unescape strings.
  761. Now, we do the check and only %XX codes are unescaped if the X letters are
  762. hexadecimals.
  763. - Gisle Vanem made curl build with djgpp on DOS.
  764. - Gisle Vanem improved the mkhelp.pl script to make a nicer manual that is
  765. shown with curl -M.
  766. Daniel (20 May)
  767. - Gisle Vanem provided a fix that makes libcurl more conservative, not
  768. expecting h_aliases of the hostent struct to always be non-NULL.
  769. Daniel (19 May)
  770. - As requested by Martin Michlmayr in Debian bug report #193630, libcurl now
  771. supports user name and password in the proxy environment variables. Added
  772. test case 63 to verify this.
  773. Version 7.10.5 (19 May 2003)
  774. Daniel (15 May)
  775. - Changed the order for the in_addr_t testing, as 'unsigned long' seems to be
  776. a very common type inet_addr() returns.
  777. Daniel (14 May)
  778. - George Comninos provided a fix that calls the progress meter when waiting
  779. for FTP command responses take >1 second. It'll make applications more
  780. "responsive" even when dealing with very slow ftp servers.
  781. Daniel (12 May)
  782. - George Comninos pointed out that libcurl uploads had two quirks:
  783. o when using FTP PORT command, it used blocking sockets!
  784. o it could loop a long time without doing progress meter updates
  785. Both items are fixed now.
  786. Daniel (9 May)
  787. - Dan Fandrich changed CURLOPT_ENCODING to select all supported encodings if
  788. set to "". This frees the application from having to know which encodings
  789. the library supports.
  790. - Dan Fandrich pointed out we had three unnecessary files in CVS that is
  791. generated with libtoolize, so they're now removed and libtoolize is invoked
  792. accordingly in the buildconf script.
  793. - Avery Fay found out that the CURLOPT_INTERFACE way of first checking if the
  794. given name is a network interface gave a real performance penalty on Linux,
  795. so now we more appropriately first check if it is an IP number and if so
  796. we don't check for a network interface with that name.
  797. - CURLOPT_FTP_USE_EPRT added. Set this to FALSE to disable libcurl's attempts
  798. to use EPRT and LPRT before the traditional PORT command. The command line
  799. tool sets this option with '--disable-eprt'.
  800. Version 7.10.5-pre2 (6 May 2003)
  801. Daniel (6 May)
  802. - Kevin Delafield reported another case where we didn't correctly check for
  803. EAGAIN but only EWOULDBLOCK, which caused badness on HPUX.
  804. Daniel (4 May)
  805. - Ben Greear noticed that the check for 'writable argv' exited the configure
  806. script when run for cross-compiling, which wasn't nice. Now it'll default to
  807. no and output a warning about the fact that it was not checked for.
  808. Daniel (2 May)
  809. - Added test case 62 and fixed some more on the cookie sending with a custom
  810. Host: header set.
  811. Daniel (1 May)
  812. - Andy Cedilnik fixed a few compiler warnings.
  813. - Made the "SSL read error: 5" error message more verbose, by adding code that
  814. queries the OpenSSL library to fill in the error buffer.
  815. Daniel (30 Apr)
  816. - Added sys/select.h include in the curl/multi.h file, after having been
  817. reminded about this by Rich Gray.
  818. - I made each test set its own server requirements, thus abandoning the
  819. previous system where the test number implied what server(s) to use for a
  820. specific test.
  821. - David Balazic made curl more RFC1738-compliant for FTP URLs, by fixing so
  822. that libcurl now uses one CWD command for each path part. A bunch of test
  823. cases were fixed to work accordingly.
  824. - Cookie fixes:
  825. A. Save domains in jars like Mozilla does. It means all domains set in
  826. Set-Cookie: headers are dot-prefixed.
  827. B. Save and use the 'tailmatch' field in the Mozilla/Netscape cookie jars
  828. (the second column).
  829. C. Reject cookies using illegal domains in the Set-Cookie: line. Concerns
  830. both domains with too few dots or domains that are outside the currently
  831. operating server host's domain.
  832. D. Set the path part by default to the one used in the request, if none was
  833. set in the Set-Cookie line.
  834. To make item C really good, I also made libcurl notice custom Host: headers
  835. and extract the host name set in there and use that as the host name for the
  836. site we're getting the cookies from. This allows user to specify a site's
  837. IP-address, but still be able to receive and send its cookies properly if
  838. you provide a valid Host: name for the site.
  839. Daniel (29 Apr)
  840. - Peter Kovacs provided a patch that makes the CURLINFO_CONNECT_TIME work fine
  841. when using the multi interface (too).
  842. Version 7.10.5-pre1 (23 Apr 2003)
  843. Daniel (23 Apr)
  844. - Upgraded to libtool 1.5.
  845. Daniel (22 Apr)
  846. - Peter Sylvester pointed out that curl_easy_setopt() will always (wrongly)
  847. return CURLE_OK no matter what happens.
  848. - Dan Fandrich fixed some gzip decompression bugs and flaws.
  849. Daniel (16 Apr)
  850. - Fixed minor typo in man page, reported in the Debian bug tracker.
  851. Daniel (15 Apr)
  852. - Fixed some FTP tests in the test suite that failed on my Solaris host, due
  853. to the config.h not being included before the system headers. When done that
  854. way, it did get a mixed sense of if big files are supported or not and then
  855. stat() and fstat() (as used in test case 505) got confused and failed to
  856. return a proper file size.
  857. - Formposting a file using a .html suffix is now properly set to Content-Type: text/html.
  858. Daniel (14 Apr)
  859. - Fixed the SSL error handling to return proper SSL error messages again, they
  860. broke in 7.10.4. I also attempt to track down CA cert problems and then
  861. return the CURLE_SSL_CACERT error code.
  862. - The curl tool now intercepts the CURLE_SSL_CACERT error code and displays
  863. a fairly big and explanatory error message. Kevin Roth helped me out with
  864. the wording.
  865. Daniel (11 Apr)
  866. - Nic Hines provided a second patch for gzip decompression, and fixed a bug
  867. when deflate or gzip contents were downloaded using chunked encoding.
  868. - Dan Fandrich made libcurl support automatic decompression of gzip contents
  869. (as an addition to the previous deflate support).
  870. - I made the CWD command during FTP session consider all 2xy codes to be OK
  871. responses.
  872. Daniel (10 Apr)
  873. - Vlad Krupin fixed a URL parsing issue. URLs that were not using a slash
  874. after the host name, but still had "?" and parameters appended, as in
  875. "http://hostname.com?foobar=moo", were not properly parsed by libcurl.
  876. Daniel (9 Apr)
  877. - Made CURLOPT_TIMECONDITION work for FTP transfers, using the same syntax as
  878. for HTTP. This then made -z work for ftp transfers too. Added test case 139
  879. and 140 for verifying this.
  880. - Getting the file date of an ftp file used the wrong time zone when
  881. displayed. It is supposedly always GMT. Added test case 141 for this.
  882. - Made the test suite's FTP server support MDTM.
  883. - The default DEBUGFUNCTION, as enabled with CURLOPT_VERBOSE now outputs
  884. CURLINFO_HEADER_IN data as well. The most notable effect from this is that
  885. using curl -v, you get to see the incoming "headers" as well. This is
  886. perhaps most useful when doing ftp.
  887. Daniel (8 Apr)
  888. - James Bursa fixed a flaw in the Content-Type extraction code, which missed
  889. the first letter if no space followed the colon.
  890. - Magnus Nilsson pointed out that share.c was missing in the MSVC project
  891. file.
  892. Daniel (6 Apr)
  893. - Ryan Weaver provided a patch that makes the CA cert bundle not get installed
  894. anymore when 'configure --without-ssl' has been used.
  895. Daniel (4 Apr)
  896. - Martijn Broenland found another cases where a server application didn't
  897. like the boundary string used by curl when doing a multi-part/formpost. We
  898. modified the boundary string to look like the one IE uses, as this is
  899. probably gonna make curl work with more applications.
  900. Daniel (3 Apr)
  901. - Kevin Roth reported that a bunch of tests fails on cygwin. One set fails
  902. when using perl 5.8 (and they run fine with perl 5.6), and another set
  903. failed because of an artifact in the test suite's FTP server that I
  904. corrected. It turned out the FTP server code was still having a file opened
  905. while the main test script removed it and invoked the HTTP server that
  906. attempted to create the same file name of the file the FTP server kept open.
  907. This operation works fine on unix, but not on cygwin.
  908. Version 7.10.4 (2 Apr 2003)
  909. Daniel (1 Apr)
  910. - Added test case 505 to exercise FTP upload with rename done with libcurl,
  911. and for that I had to extend the test suite's FTP server to deal with the
  912. RNFR and RNTO commands.
  913. Daniel (31 Mar)
  914. - Even more SSL config check modifications after Richard's testing.
  915. Version 7.10.4-pre6 (31 Mar 2003)
  916. Daniel (31 Mar)
  917. - More fixes for the SSL session ID cache checks when SSL configs are changed
  918. between connections. Based on tests and talks with Richard Bramante.
  919. - Guillaume Cottenceau provided a patch that added CURLOPT_UNRESTRICTED_AUTH.
  920. When enabled, it will prevent libcurl from limiting to which host it sends
  921. user+password to when following locations. By default, libcurl only sends
  922. name and password to the original host used in the first URL, but with this
  923. option set it will send the auth info to all hosts it follows location
  924. headers to. The new tool command line option for this is named
  925. "--location-trusted".
  926. - Frankie Fong reported a problem with libcurl if you re-used an easy handle
  927. with a proxy, and you first made a https:// connection to a host and then
  928. switched to a http:// one to the same host. libcurl would then wrongly re-use
  929. the same connection for it and fail to get the second URL properly
  930. Daniel (29 Mar)
  931. - Dan Shearer's fix that makes curl complain if invoked with nothing but "curl
  932. -O" was applied.
  933. Daniel (26 Mar)
  934. - Bryan Kemp was friendly enough to lend me an account on his Redhat 9 box and
  935. I could fix the configure problems on redhat 8.1 and 9 in no time thanks to
  936. this. Thanks a bunch Bryan!
  937. Daniel (25 Mar)
  938. - Renamed configure.in to configure.ac
  939. Version 7.10.4-pre5 (25 Mar 2003)
  940. Daniel (25 Mar)
  941. - Richard Bramante provided a fix for a handle re-use problem seen when you
  942. change options on an SSL-enabled connection between requests. Previously,
  943. changing peer verification or host verification and similar things was not
  944. taken into account when a connection were checked for re-use and thus
  945. enabling stricter check between requests on a re-used connection made no
  946. difference and the connection would thus be used erroneously.
  947. Daniel (24 Mar)
  948. - Götz Babin-Ebell pointed out that the ca-bundle.crt file contained a
  949. certificate from Trustcenter that was a demo certificate only that was never
  950. intended to be part of a CA bundle.
  951. Daniel (21 Mar)
  952. - Life is a mystery. Within a time period of 17 hours, Tim Pope and Michael
  953. Churchill filed one bug report each, both identifying problems with a second
  954. transfer when doing persistent transfers re-using a connection. Tim's one is
  955. #706624, labeled "Multiple uploads per handle fail" and Michael's #707003
  956. "Does not send Authorization: header when reusing connection". I could track
  957. both down to the same piece of logic and it turned out libcurl was not using
  958. new settings properly when re-using an existing connection. This concerned
  959. both uploading and downloading and involved exactly those pieces these two
  960. reports identified. This code has been this faulty since the day I
  961. introduced persistent connection support in libcurl, more than 2 years ago.
  962. Daniel (20 Mar 2003)
  963. - Five year anniversary. Today five years ago, the first ever curl release saw
  964. the light of day.
  965. Daniel (17 Mar)
  966. - Andy Cedilnik corrected flaws in some libcurl example-usage sources.
  967. Daniel (16 Mar)
  968. - Juan F. Codagnone reported that the fix from March 2nd was incomplete.
  969. - Added code to the configure.in to check for select() argument types. I've
  970. not made any code use the results just yet though.
  971. Daniel (15 Mar)
  972. - Gisle Vanem provided two patches to build better on Windows.
  973. - Adjusted the test suite code to better make sure that the server(s) required
  974. for a specific test is properly started before the test case is attempted.
  975. Many tests now run a lot faster than before.
  976. Daniel (14 Mar)
  977. - Another configure.in adjustment made the configure detect functions properly
  978. on HPUX now.
  979. Daniel (13 Mar)
  980. - Philippe Raoult fixed pre4-compile quirks for FreeBSD.
  981. Version 7.10.4-pre4 (13 Mar 2003)
  982. Daniel (13 Mar)
  983. - Added a backup-check for functions that aren't found by AC_CHECK_FUNCS()
  984. as I believe some checks on HPUX need this. At least some of the info given
  985. to us by Rick Jones seemed to indicate this.
  986. Daniel (12 Mar)
  987. - Thomas Tonino found out that if you used the curl tool to do PUT operations
  988. as in 'curl www.foo.com/dir/ -T file' and the file name included for example
  989. space or other characters that don't belong in URLs, curl did not properly
  990. URL encode them before using them in the URL.
  991. - Added an option to configure called --enable-libgcc that simply adds -lgcc
  992. to the LIBS variable, as this seems to be a common problem.
  993. - I modified the configure.in file, so that the headers are now checked in an
  994. order of "viality". We must also make sure to use the "default headers"
  995. parameter to AC_CHECK_HEADERS() so that headers are checked with the proper
  996. prerequisites included (i.e all the major and generally important header
  997. files are included there by default). This might be what we need for various
  998. Sun, HP, AIX and Tru64 systems to behave good again on the header check
  999. front.
  1000. - Rick Jones pointed out a few compiler warnings on HP-UX that I addressed.
  1001. - I made the configure --help output nicer by using AC_HELP_STRING() a lot
  1002. more.
  1003. Daniel (11 Mar)
  1004. - Christophe Demory fixed the socket sending code to work better on HP-UX
  1005. when sending data to a socket that would block. It then returns EAGAIN, not
  1006. EWOULDBLOCK.
  1007. - Richard Gorton improved the seeding function for systems without a good
  1008. and reliable random source.
  1009. - Richard Gorton fixed a few warnings that popped up when you built curl
  1010. using the Sun compiler on a 64bit SPARC platform.
  1011. - Martin C. Martin fixed a case where a connect failure using the multi
  1012. interface didn't produce a human readable error string.
  1013. Daniel (10 Mar)
  1014. - Reverted ltmain.sh back to libtool 1.4.2 status again, as the 1.4.3 version
  1015. broke the build on numerous platforms. It seems that libtool 1.4.3 puts some
  1016. requirements on what versions of the other tools (autoconf + automake) that
  1017. I am not familiar with and thus I couldn't fulfill at this point.
  1018. Yes, this is more than mildly frustrating.
  1019. Daniel (7 Mar)
  1020. - Run libtoolize version 1.4.3.
  1021. Version 7.10.4-pre3 (4 Mar 2003)
  1022. Daniel (3 Mar)
  1023. - Added share.obj to the VC6 and Borland libcurl makefiles.
  1024. - Troels Walsted Hansen found and investigated a problem with libcurl on AIX,
  1025. presumably only on 4.3 or later. gethostbyname_r() is not returning data
  1026. that is possible to "keep" and cache the way libcurl does. But instead these
  1027. versions of AIX uses a gethostbyname() that works thread-safely we can
  1028. instead use the ordinary gethostbyname() and our pack_hostent() approach to
  1029. achieve what we want. The configure script now attempts to detect AIX 4.3 or
  1030. later to adjust for this.
  1031. Daniel (2 Mar)
  1032. - Juan F. Codagnone found a problem introduced in 7.10.3 when you first did a
  1033. POST and then back to a GET using the same easy handle.
  1034. Daniel (28 Feb)
  1035. - Removed the strequal and strnequal defines from curl/curl.h header. They
  1036. were never meant for the public header anyway. Philippe Raoult brought it
  1037. up.
  1038. - James Bursa fixed the RISC OS build.
  1039. Daniel (27 Feb)
  1040. - Avery Fay pointed out the very misleading curl_multi_info_read man page, and
  1041. I updated it to become more accurate.
  1042. - Salvatore Sorrentino found a problem with FTP downloading that turned out to
  1043. be his FTP server returning size zero (0 bytes) when SIZE was used on a file
  1044. while being in BINARY mode. We now make a second check for the actual size
  1045. by scanning the RETR reply anyway, even if the SIZE command returned 0.
  1046. Daniel (26 Feb)
  1047. - Kyle Sallee reported a case where he would do a transfer that didn't update
  1048. the progress meter properly. It turned out to be a case where libcurl would
  1049. loop a little too eagerly in the transfer loop, which isn't really good for
  1050. the APIs, especially not the multi API.
  1051. Version 7.10.4-pre2 (24 Feb 2003)
  1052. Daniel (24 Feb)
  1053. - Kjetil Jacobsen found out that setting CURLOPT_MAXCONNECTS to a value higher
  1054. than 5 could cause a segfault.
  1055. - I believe I fixed the 'Expect: 100-continue' behavior that has been broken
  1056. for a while (I think since my change dated Dec 10 2002). When this header is
  1057. used, libcurl should wait for a HTTP 100 (or timeout) before sending the
  1058. post/put data.
  1059. Daniel (14 Feb)
  1060. - Matthew Clarke provided some info what to modify to make curl build
  1061. flawlessly on AIX 3.2.5.
  1062. - Martin C. Martin found and fixed a problem in the multi interface when
  1063. running on Windows and trying to connect to a port without a listener.
  1064. Daniel (13 Feb)
  1065. - Christopher R. Palmer fixed Curl_base64_encode() to deal with zeroes in the
  1066. data to encode.
  1067. Daniel (4 Feb)
  1068. - Jean-Philippe added the first code that enables the 'share' system. This
  1069. should now enable sharing of DNS data between two curl easy handles.
  1070. - Incorporated Nico Baggus' fixes to again compile flawlessly on VMS.
  1071. - James Bursa corrected a bad comment in the public include file curl/multi.h
  1072. - Peter Forret reported one of those error:00000000 cases in libcurl again
  1073. when connecting to a HTTPS site, and this time I did discover some oddities
  1074. in how curl reports SSL errors back. It could miss showing the actual error.
  1075. Version 7.10.4-pre1 (3 Feb 2003)
  1076. Daniel (3 Feb)
  1077. - Removed things in the docs saying capath doesn't work on Windows, as Julian
  1078. Noble told us it works fine.
  1079. Daniel (31 Jan)
  1080. - Kevin Roth fixed the zlib build stuff in the Mingw32 makefile.
  1081. Daniel (30 Jan)
  1082. - Kevin Roth found out that curl on Windows always checked for the CA cert
  1083. bundle using the environment variable and the path scan, even though
  1084. -k/--insecure was used.
  1085. - Hamish Mackenzie pointed out that curl only did strict host name verifying
  1086. if capath or cainfo was used. Now it'll always do it unless -k / --insecure
  1087. is used!
  1088. - Pavel Cenek pointed out that the Content-Type extraction was done wrongly
  1089. as the full string was not fetched. Added test case 57 to verify that curl
  1090. does it right now.
  1091. Daniel (29 Jan)
  1092. - Jamie Wilkinson provided a patch that now makes curl attempt to clear out
  1093. "sensitive" command line arguments so that they don't appear in ps outputs
  1094. (only on platforms that allow writing to argv[]).
  1095. - John McGowan found out that the DEBUGFUNCTION could be called with bad
  1096. arguments and thus cause the --trace outputs to go wrong.
  1097. - Removed all the emacs local variables from all files. Mats Lidell provided
  1098. the new sample.emacs file (for a sample of what to include in your .emacs)
  1099. and the curl-style.el that sets a better c-style for editing curl sources.
  1100. - Dave Halbakken found a problem with FTP downloads that could accidently
  1101. return CURLE_PARTIAL_FILE when curl_easy_perform() was called with NOBODY
  1102. set TRUE.
  1103. Daniel (27 Jan)
  1104. - The fopen.c example was flawed as Nick Humfrey noticed, and I fixed it to
  1105. work again.
  1106. Daniel (24 Jan)
  1107. - Bertrand Demiddelaer found and fixed a memory leak (the content-type string)
  1108. when following locations.
  1109. Daniel (22 Jan 2003)
  1110. - Ian Wilkes and Legoff Vincent both independently provided fixes for making
  1111. curl/multi.h work properly when compiled with a C++ compiler.
  1112. Daniel (20 Jan 2003)
  1113. - Fixed 'buildconf' to check version number of the required tools before
  1114. they're actually used.
  1115. - Wrote 'testcurl.sh', a script targeted for automatic and distributed curl
  1116. tests on various platforms.
  1117. - David Thiel pointed out that the .netrc file was not being dealt with
  1118. properly anymore. I broke this in the password prompting "fix".
  1119. - Markus F.X.J. Oberhumer patched libcurl to allocate the scratch buffer only
  1120. on demand and thus we save 32KB in each curl handle that don't use that
  1121. buffer. This need appeared when some people started using thousands of
  1122. simultaneous curl handles... :-)
  1123. Daniel (16 Jan 2003)
  1124. - Markus Oberhumer fixed curl-config --cflags when the includedir was not
  1125. /usr/include.
  1126. - Markus Oberhumer fixed CURLINFO_PRIVATE to properly return NULL if it was
  1127. set to NULL!
  1128. Version 7.10.3 (14 Jan 2003)
  1129. Daniel (10 Jan 2003)
  1130. - Steve Oliphant pointed out that test case 105 did not work anymore and this
  1131. was due to a missing fix for the password prompting.
  1132. Version 7.10.3-pre6 (10 Jan 2003)
  1133. Daniel (9 Jan 2003)
  1134. - Bryan Kemp pointed out that curl -u could not provide a blank password
  1135. without prompting the user. It can now. -u username: makes the password
  1136. empty, while -u username makes curl prompt the user for a password.
  1137. - Kjetil Jacobsen found a remaining connect problem in the multi interface on
  1138. ipv4 systems (Linux only?), that I fixed and Kjetil verified that it fixed
  1139. his problems.
  1140. - memanalyze.pl now reads a file name from the command line, and no longer
  1141. takes the data on stdin as before.
  1142. Version 7.10.3-pre5 (9 Jan 2003)
  1143. Daniel (9 Jan 2003)
  1144. - Fixed tests/memanalyze.pl to work with file names that contain colons (as on
  1145. Windows).
  1146. - Kjetil Jacobsen quickly pointed out that lib/share.h was missing...
  1147. Version 7.10.3-pre4 (9 Jan 2003)
  1148. Daniel (9 Jan 2003)
  1149. - Updated lib/share.c quite a bit to match the design document at
  1150. http://curl.haxx.se/dev/sharing.txt a lot more.
  1151. I'll try to update the document soonish. share.c is still not actually used
  1152. by libcurl, but the API is slowly getting there and we can start
  1153. implementing code that takes advantage of this system.
  1154. Daniel (8 Jan 2003)
  1155. - Updated share stuff in curl/curl.h, including data types, structs and
  1156. function prototypes. The corresponding files in lib/ were also modified
  1157. of course to remain compilable. Based on input from Jean-Philippe and also
  1158. to make it more in line with the design document.
  1159. - Jean-Philippe Barrette-LaPierre patched a very trivial memory leak in
  1160. curl_escape() that would happen when realloc() returns NULL...
  1161. - Matthew Blain provided feedback to make the --create-dirs stuff build
  1162. properly on Windows.
  1163. - Fixed the #include in tests/libtest/first.c as Legoff Vincent pointed out.
  1164. Daniel (7 Jan 2003)
  1165. - Philippe Raoult provided a patch that now makes libcurl properly support
  1166. wildcard checks for certificate names.
  1167. - Simon Liu added CURLOPT_HTTP200ALIASES, to let an application set other
  1168. strings recognized as "HTTP 200" to allow http-like protocols to get
  1169. downloaded fine by curl.
  1170. - Now using autoconf 2.57 and automake 1.7.2
  1171. - Doing "curl -I ftp://domain/non-existing-file" still outputed a date!
  1172. Wayne Haigh reported.
  1173. - The error message is now written properly with a newline in the --trace
  1174. file.
  1175. Daniel (6 Jan 2003)
  1176. - Sterling Hughes fixed a possible bug: previously, if you called
  1177. curl_easy_perform and then set the global dns cache, the global cache
  1178. wouldn't be used. Pointed out by Jean-Philippe Barrette-LaPierre.
  1179. - Matthew Blain's fixed the VC6 libcurl makefile to include better debug data
  1180. on debug builds.