2
0

CHANGES.0 772 KB

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586878889909192939495969798991001011021031041051061071081091101111121131141151161171181191201211221231241251261271281291301311321331341351361371381391401411421431441451461471481491501511521531541551561571581591601611621631641651661671681691701711721731741751761771781791801811821831841851861871881891901911921931941951961971981992002012022032042052062072082092102112122132142152162172182192202212222232242252262272282292302312322332342352362372382392402412422432442452462472482492502512522532542552562572582592602612622632642652662672682692702712722732742752762772782792802812822832842852862872882892902912922932942952962972982993003013023033043053063073083093103113123133143153163173183193203213223233243253263273283293303313323333343353363373383393403413423433443453463473483493503513523533543553563573583593603613623633643653663673683693703713723733743753763773783793803813823833843853863873883893903913923933943953963973983994004014024034044054064074084094104114124134144154164174184194204214224234244254264274284294304314324334344354364374384394404414424434444454464474484494504514524534544554564574584594604614624634644654664674684694704714724734744754764774784794804814824834844854864874884894904914924934944954964974984995005015025035045055065075085095105115125135145155165175185195205215225235245255265275285295305315325335345355365375385395405415425435445455465475485495505515525535545555565575585595605615625635645655665675685695705715725735745755765775785795805815825835845855865875885895905915925935945955965975985996006016026036046056066076086096106116126136146156166176186196206216226236246256266276286296306316326336346356366376386396406416426436446456466476486496506516526536546556566576586596606616626636646656666676686696706716726736746756766776786796806816826836846856866876886896906916926936946956966976986997007017027037047057067077087097107117127137147157167177187197207217227237247257267277287297307317327337347357367377387397407417427437447457467477487497507517527537547557567577587597607617627637647657667677687697707717727737747757767777787797807817827837847857867877887897907917927937947957967977987998008018028038048058068078088098108118128138148158168178188198208218228238248258268278288298308318328338348358368378388398408418428438448458468478488498508518528538548558568578588598608618628638648658668678688698708718728738748758768778788798808818828838848858868878888898908918928938948958968978988999009019029039049059069079089099109119129139149159169179189199209219229239249259269279289299309319329339349359369379389399409419429439449459469479489499509519529539549559569579589599609619629639649659669679689699709719729739749759769779789799809819829839849859869879889899909919929939949959969979989991000100110021003100410051006100710081009101010111012101310141015101610171018101910201021102210231024102510261027102810291030103110321033103410351036103710381039104010411042104310441045104610471048104910501051105210531054105510561057105810591060106110621063106410651066106710681069107010711072107310741075107610771078107910801081108210831084108510861087108810891090109110921093109410951096109710981099110011011102110311041105110611071108110911101111111211131114111511161117111811191120112111221123112411251126112711281129113011311132113311341135113611371138113911401141114211431144114511461147114811491150115111521153115411551156115711581159116011611162116311641165116611671168116911701171117211731174117511761177117811791180118111821183118411851186118711881189119011911192119311941195119611971198119912001201120212031204120512061207120812091210121112121213121412151216121712181219122012211222122312241225122612271228122912301231123212331234123512361237123812391240124112421243124412451246124712481249125012511252125312541255125612571258125912601261126212631264126512661267126812691270127112721273127412751276127712781279128012811282128312841285128612871288128912901291129212931294129512961297129812991300130113021303130413051306130713081309131013111312131313141315131613171318131913201321132213231324132513261327132813291330133113321333133413351336133713381339134013411342134313441345134613471348134913501351135213531354135513561357135813591360136113621363136413651366136713681369137013711372137313741375137613771378137913801381138213831384138513861387138813891390139113921393139413951396139713981399140014011402140314041405140614071408140914101411141214131414141514161417141814191420142114221423142414251426142714281429143014311432143314341435143614371438143914401441144214431444144514461447144814491450145114521453145414551456145714581459146014611462146314641465146614671468146914701471147214731474147514761477147814791480148114821483148414851486148714881489149014911492149314941495149614971498149915001501150215031504150515061507150815091510151115121513151415151516151715181519152015211522152315241525152615271528152915301531153215331534153515361537153815391540154115421543154415451546154715481549155015511552155315541555155615571558155915601561156215631564156515661567156815691570157115721573157415751576157715781579158015811582158315841585158615871588158915901591159215931594159515961597159815991600160116021603160416051606160716081609161016111612161316141615161616171618161916201621162216231624162516261627162816291630163116321633163416351636163716381639164016411642164316441645164616471648164916501651165216531654165516561657165816591660166116621663166416651666166716681669167016711672167316741675167616771678167916801681168216831684168516861687168816891690169116921693169416951696169716981699170017011702170317041705170617071708170917101711171217131714171517161717171817191720172117221723172417251726172717281729173017311732173317341735173617371738173917401741174217431744174517461747174817491750175117521753175417551756175717581759176017611762176317641765176617671768176917701771177217731774177517761777177817791780178117821783178417851786178717881789179017911792179317941795179617971798179918001801180218031804180518061807180818091810181118121813181418151816181718181819182018211822182318241825182618271828182918301831183218331834183518361837183818391840184118421843184418451846184718481849185018511852185318541855185618571858185918601861186218631864186518661867186818691870187118721873187418751876187718781879188018811882188318841885188618871888188918901891189218931894189518961897189818991900190119021903190419051906190719081909191019111912191319141915191619171918191919201921192219231924192519261927192819291930193119321933193419351936193719381939194019411942194319441945194619471948194919501951195219531954195519561957195819591960196119621963196419651966196719681969197019711972197319741975197619771978197919801981198219831984198519861987198819891990199119921993199419951996199719981999200020012002200320042005200620072008200920102011201220132014201520162017201820192020202120222023202420252026202720282029203020312032203320342035203620372038203920402041204220432044204520462047204820492050205120522053205420552056205720582059206020612062206320642065206620672068206920702071207220732074207520762077207820792080208120822083208420852086208720882089209020912092209320942095209620972098209921002101210221032104210521062107210821092110211121122113211421152116211721182119212021212122212321242125212621272128212921302131213221332134213521362137213821392140214121422143214421452146214721482149215021512152215321542155215621572158215921602161216221632164216521662167216821692170217121722173217421752176217721782179218021812182218321842185218621872188218921902191219221932194219521962197219821992200220122022203220422052206220722082209221022112212221322142215221622172218221922202221222222232224222522262227222822292230223122322233223422352236223722382239224022412242224322442245224622472248224922502251225222532254225522562257225822592260226122622263226422652266226722682269227022712272227322742275227622772278227922802281228222832284228522862287228822892290229122922293229422952296229722982299230023012302230323042305230623072308230923102311231223132314231523162317231823192320232123222323232423252326232723282329233023312332233323342335233623372338233923402341234223432344234523462347234823492350235123522353235423552356235723582359236023612362236323642365236623672368236923702371237223732374237523762377237823792380238123822383238423852386238723882389239023912392239323942395239623972398239924002401240224032404240524062407240824092410241124122413241424152416241724182419242024212422242324242425242624272428242924302431243224332434243524362437243824392440244124422443244424452446244724482449245024512452245324542455245624572458245924602461246224632464246524662467246824692470247124722473247424752476247724782479248024812482248324842485248624872488248924902491249224932494249524962497249824992500250125022503250425052506250725082509251025112512251325142515251625172518251925202521252225232524252525262527252825292530253125322533253425352536253725382539254025412542254325442545254625472548254925502551255225532554255525562557255825592560256125622563256425652566256725682569257025712572257325742575257625772578257925802581258225832584258525862587258825892590259125922593259425952596259725982599260026012602260326042605260626072608260926102611261226132614261526162617261826192620262126222623262426252626262726282629263026312632263326342635263626372638263926402641264226432644264526462647264826492650265126522653265426552656265726582659266026612662266326642665266626672668266926702671267226732674267526762677267826792680268126822683268426852686268726882689269026912692269326942695269626972698269927002701270227032704270527062707270827092710271127122713271427152716271727182719272027212722272327242725272627272728272927302731273227332734273527362737273827392740274127422743274427452746274727482749275027512752275327542755275627572758275927602761276227632764276527662767276827692770277127722773277427752776277727782779278027812782278327842785278627872788278927902791279227932794279527962797279827992800280128022803280428052806280728082809281028112812281328142815281628172818281928202821282228232824282528262827282828292830283128322833283428352836283728382839284028412842284328442845284628472848284928502851285228532854285528562857285828592860286128622863286428652866286728682869287028712872287328742875287628772878287928802881288228832884288528862887288828892890289128922893289428952896289728982899290029012902290329042905290629072908290929102911291229132914291529162917291829192920292129222923292429252926292729282929293029312932293329342935293629372938293929402941294229432944294529462947294829492950295129522953295429552956295729582959296029612962296329642965296629672968296929702971297229732974297529762977297829792980298129822983298429852986298729882989299029912992299329942995299629972998299930003001300230033004300530063007300830093010301130123013301430153016301730183019302030213022302330243025302630273028302930303031303230333034303530363037303830393040304130423043304430453046304730483049305030513052305330543055305630573058305930603061306230633064306530663067306830693070307130723073307430753076307730783079308030813082308330843085308630873088308930903091309230933094309530963097309830993100310131023103310431053106310731083109311031113112311331143115311631173118311931203121312231233124312531263127312831293130313131323133313431353136313731383139314031413142314331443145314631473148314931503151315231533154315531563157315831593160316131623163316431653166316731683169317031713172317331743175317631773178317931803181318231833184318531863187318831893190319131923193319431953196319731983199320032013202320332043205320632073208320932103211321232133214321532163217321832193220322132223223322432253226322732283229323032313232323332343235323632373238323932403241324232433244324532463247324832493250325132523253325432553256325732583259326032613262326332643265326632673268326932703271327232733274327532763277327832793280328132823283328432853286328732883289329032913292329332943295329632973298329933003301330233033304330533063307330833093310331133123313331433153316331733183319332033213322332333243325332633273328332933303331333233333334333533363337333833393340334133423343334433453346334733483349335033513352335333543355335633573358335933603361336233633364336533663367336833693370337133723373337433753376337733783379338033813382338333843385338633873388338933903391339233933394339533963397339833993400340134023403340434053406340734083409341034113412341334143415341634173418341934203421342234233424342534263427342834293430343134323433343434353436343734383439344034413442344334443445344634473448344934503451345234533454345534563457345834593460346134623463346434653466346734683469347034713472347334743475347634773478347934803481348234833484348534863487348834893490349134923493349434953496349734983499350035013502350335043505350635073508350935103511351235133514351535163517351835193520352135223523352435253526352735283529353035313532353335343535353635373538353935403541354235433544354535463547354835493550355135523553355435553556355735583559356035613562356335643565356635673568356935703571357235733574357535763577357835793580358135823583358435853586358735883589359035913592359335943595359635973598359936003601360236033604360536063607360836093610361136123613361436153616361736183619362036213622362336243625362636273628362936303631363236333634363536363637363836393640364136423643364436453646364736483649365036513652365336543655365636573658365936603661366236633664366536663667366836693670367136723673367436753676367736783679368036813682368336843685368636873688368936903691369236933694369536963697369836993700370137023703370437053706370737083709371037113712371337143715371637173718371937203721372237233724372537263727372837293730373137323733373437353736373737383739374037413742374337443745374637473748374937503751375237533754375537563757375837593760376137623763376437653766376737683769377037713772377337743775377637773778377937803781378237833784378537863787378837893790379137923793379437953796379737983799380038013802380338043805380638073808380938103811381238133814381538163817381838193820382138223823382438253826382738283829383038313832383338343835383638373838383938403841384238433844384538463847384838493850385138523853385438553856385738583859386038613862386338643865386638673868386938703871387238733874387538763877387838793880388138823883388438853886388738883889389038913892389338943895389638973898389939003901390239033904390539063907390839093910391139123913391439153916391739183919392039213922392339243925392639273928392939303931393239333934393539363937393839393940394139423943394439453946394739483949395039513952395339543955395639573958395939603961396239633964396539663967396839693970397139723973397439753976397739783979398039813982398339843985398639873988398939903991399239933994399539963997399839994000400140024003400440054006400740084009401040114012401340144015401640174018401940204021402240234024402540264027402840294030403140324033403440354036403740384039404040414042404340444045404640474048404940504051405240534054405540564057405840594060406140624063406440654066406740684069407040714072407340744075407640774078407940804081408240834084408540864087408840894090409140924093409440954096409740984099410041014102410341044105410641074108410941104111411241134114411541164117411841194120412141224123412441254126412741284129413041314132413341344135413641374138413941404141414241434144414541464147414841494150415141524153415441554156415741584159416041614162416341644165416641674168416941704171417241734174417541764177417841794180418141824183418441854186418741884189419041914192419341944195419641974198419942004201420242034204420542064207420842094210421142124213421442154216421742184219422042214222422342244225422642274228422942304231423242334234423542364237423842394240424142424243424442454246424742484249425042514252425342544255425642574258425942604261426242634264426542664267426842694270427142724273427442754276427742784279428042814282428342844285428642874288428942904291429242934294429542964297429842994300430143024303430443054306430743084309431043114312431343144315431643174318431943204321432243234324432543264327432843294330433143324333433443354336433743384339434043414342434343444345434643474348434943504351435243534354435543564357435843594360436143624363436443654366436743684369437043714372437343744375437643774378437943804381438243834384438543864387438843894390439143924393439443954396439743984399440044014402440344044405440644074408440944104411441244134414441544164417441844194420442144224423442444254426442744284429443044314432443344344435443644374438443944404441444244434444444544464447444844494450445144524453445444554456445744584459446044614462446344644465446644674468446944704471447244734474447544764477447844794480448144824483448444854486448744884489449044914492449344944495449644974498449945004501450245034504450545064507450845094510451145124513451445154516451745184519452045214522452345244525452645274528452945304531453245334534453545364537453845394540454145424543454445454546454745484549455045514552455345544555455645574558455945604561456245634564456545664567456845694570457145724573457445754576457745784579458045814582458345844585458645874588458945904591459245934594459545964597459845994600460146024603460446054606460746084609461046114612461346144615461646174618461946204621462246234624462546264627462846294630463146324633463446354636463746384639464046414642464346444645464646474648464946504651465246534654465546564657465846594660466146624663466446654666466746684669467046714672467346744675467646774678467946804681468246834684468546864687468846894690469146924693469446954696469746984699470047014702470347044705470647074708470947104711471247134714471547164717471847194720472147224723472447254726472747284729473047314732473347344735473647374738473947404741474247434744474547464747474847494750475147524753475447554756475747584759476047614762476347644765476647674768476947704771477247734774477547764777477847794780478147824783478447854786478747884789479047914792479347944795479647974798479948004801480248034804480548064807480848094810481148124813481448154816481748184819482048214822482348244825482648274828482948304831483248334834483548364837483848394840484148424843484448454846484748484849485048514852485348544855485648574858485948604861486248634864486548664867486848694870487148724873487448754876487748784879488048814882488348844885488648874888488948904891489248934894489548964897489848994900490149024903490449054906490749084909491049114912491349144915491649174918491949204921492249234924492549264927492849294930493149324933493449354936493749384939494049414942494349444945494649474948494949504951495249534954495549564957495849594960496149624963496449654966496749684969497049714972497349744975497649774978497949804981498249834984498549864987498849894990499149924993499449954996499749984999500050015002500350045005500650075008500950105011501250135014501550165017501850195020502150225023502450255026502750285029503050315032503350345035503650375038503950405041504250435044504550465047504850495050505150525053505450555056505750585059506050615062506350645065506650675068506950705071507250735074507550765077507850795080508150825083508450855086508750885089509050915092509350945095509650975098509951005101510251035104510551065107510851095110511151125113511451155116511751185119512051215122512351245125512651275128512951305131513251335134513551365137513851395140514151425143514451455146514751485149515051515152515351545155515651575158515951605161516251635164516551665167516851695170517151725173517451755176517751785179518051815182518351845185518651875188518951905191519251935194519551965197519851995200520152025203520452055206520752085209521052115212521352145215521652175218521952205221522252235224522552265227522852295230523152325233523452355236523752385239524052415242524352445245524652475248524952505251525252535254525552565257525852595260526152625263526452655266526752685269527052715272527352745275527652775278527952805281528252835284528552865287528852895290529152925293529452955296529752985299530053015302530353045305530653075308530953105311531253135314531553165317531853195320532153225323532453255326532753285329533053315332533353345335533653375338533953405341534253435344534553465347534853495350535153525353535453555356535753585359536053615362536353645365536653675368536953705371537253735374537553765377537853795380538153825383538453855386538753885389539053915392539353945395539653975398539954005401540254035404540554065407540854095410541154125413541454155416541754185419542054215422542354245425542654275428542954305431543254335434543554365437543854395440544154425443544454455446544754485449545054515452545354545455545654575458545954605461546254635464546554665467546854695470547154725473547454755476547754785479548054815482548354845485548654875488548954905491549254935494549554965497549854995500550155025503550455055506550755085509551055115512551355145515551655175518551955205521552255235524552555265527552855295530553155325533553455355536553755385539554055415542554355445545554655475548554955505551555255535554555555565557555855595560556155625563556455655566556755685569557055715572557355745575557655775578557955805581558255835584558555865587558855895590559155925593559455955596559755985599560056015602560356045605560656075608560956105611561256135614561556165617561856195620562156225623562456255626562756285629563056315632563356345635563656375638563956405641564256435644564556465647564856495650565156525653565456555656565756585659566056615662566356645665566656675668566956705671567256735674567556765677567856795680568156825683568456855686568756885689569056915692569356945695569656975698569957005701570257035704570557065707570857095710571157125713571457155716571757185719572057215722572357245725572657275728572957305731573257335734573557365737573857395740574157425743574457455746574757485749575057515752575357545755575657575758575957605761576257635764576557665767576857695770577157725773577457755776577757785779578057815782578357845785578657875788578957905791579257935794579557965797579857995800580158025803580458055806580758085809581058115812581358145815581658175818581958205821582258235824582558265827582858295830583158325833583458355836583758385839584058415842584358445845584658475848584958505851585258535854585558565857585858595860586158625863586458655866586758685869587058715872587358745875587658775878587958805881588258835884588558865887588858895890589158925893589458955896589758985899590059015902590359045905590659075908590959105911591259135914591559165917591859195920592159225923592459255926592759285929593059315932593359345935593659375938593959405941594259435944594559465947594859495950595159525953595459555956595759585959596059615962596359645965596659675968596959705971597259735974597559765977597859795980598159825983598459855986598759885989599059915992599359945995599659975998599960006001600260036004600560066007600860096010601160126013601460156016601760186019602060216022602360246025602660276028602960306031603260336034603560366037603860396040604160426043604460456046604760486049605060516052605360546055605660576058605960606061606260636064606560666067606860696070607160726073607460756076607760786079608060816082608360846085608660876088608960906091609260936094609560966097609860996100610161026103610461056106610761086109611061116112611361146115611661176118611961206121612261236124612561266127612861296130613161326133613461356136613761386139614061416142614361446145614661476148614961506151615261536154615561566157615861596160616161626163616461656166616761686169617061716172617361746175617661776178617961806181618261836184618561866187618861896190619161926193619461956196619761986199620062016202620362046205620662076208620962106211621262136214621562166217621862196220622162226223622462256226622762286229623062316232623362346235623662376238623962406241624262436244624562466247624862496250625162526253625462556256625762586259626062616262626362646265626662676268626962706271627262736274627562766277627862796280628162826283628462856286628762886289629062916292629362946295629662976298629963006301630263036304630563066307630863096310631163126313631463156316631763186319632063216322632363246325632663276328632963306331633263336334633563366337633863396340634163426343634463456346634763486349635063516352635363546355635663576358635963606361636263636364636563666367636863696370637163726373637463756376637763786379638063816382638363846385638663876388638963906391639263936394639563966397639863996400640164026403640464056406640764086409641064116412641364146415641664176418641964206421642264236424642564266427642864296430643164326433643464356436643764386439644064416442644364446445644664476448644964506451645264536454645564566457645864596460646164626463646464656466646764686469647064716472647364746475647664776478647964806481648264836484648564866487648864896490649164926493649464956496649764986499650065016502650365046505650665076508650965106511651265136514651565166517651865196520652165226523652465256526652765286529653065316532653365346535653665376538653965406541654265436544654565466547654865496550655165526553655465556556655765586559656065616562656365646565656665676568656965706571657265736574657565766577657865796580658165826583658465856586658765886589659065916592659365946595659665976598659966006601660266036604660566066607660866096610661166126613661466156616661766186619662066216622662366246625662666276628662966306631663266336634663566366637663866396640664166426643664466456646664766486649665066516652665366546655665666576658665966606661666266636664666566666667666866696670667166726673667466756676667766786679668066816682668366846685668666876688668966906691669266936694669566966697669866996700670167026703670467056706670767086709671067116712671367146715671667176718671967206721672267236724672567266727672867296730673167326733673467356736673767386739674067416742674367446745674667476748674967506751675267536754675567566757675867596760676167626763676467656766676767686769677067716772677367746775677667776778677967806781678267836784678567866787678867896790679167926793679467956796679767986799680068016802680368046805680668076808680968106811681268136814681568166817681868196820682168226823682468256826682768286829683068316832683368346835683668376838683968406841684268436844684568466847684868496850685168526853685468556856685768586859686068616862686368646865686668676868686968706871687268736874687568766877687868796880688168826883688468856886688768886889689068916892689368946895689668976898689969006901690269036904690569066907690869096910691169126913691469156916691769186919692069216922692369246925692669276928692969306931693269336934693569366937693869396940694169426943694469456946694769486949695069516952695369546955695669576958695969606961696269636964696569666967696869696970697169726973697469756976697769786979698069816982698369846985698669876988698969906991699269936994699569966997699869997000700170027003700470057006700770087009701070117012701370147015701670177018701970207021702270237024702570267027702870297030703170327033703470357036703770387039704070417042704370447045704670477048704970507051705270537054705570567057705870597060706170627063706470657066706770687069707070717072707370747075707670777078707970807081708270837084708570867087708870897090709170927093709470957096709770987099710071017102710371047105710671077108710971107111711271137114711571167117711871197120712171227123712471257126712771287129713071317132713371347135713671377138713971407141714271437144714571467147714871497150715171527153715471557156715771587159716071617162716371647165716671677168716971707171717271737174717571767177717871797180718171827183718471857186718771887189719071917192719371947195719671977198719972007201720272037204720572067207720872097210721172127213721472157216721772187219722072217222722372247225722672277228722972307231723272337234723572367237723872397240724172427243724472457246724772487249725072517252725372547255725672577258725972607261726272637264726572667267726872697270727172727273727472757276727772787279728072817282728372847285728672877288728972907291729272937294729572967297729872997300730173027303730473057306730773087309731073117312731373147315731673177318731973207321732273237324732573267327732873297330733173327333733473357336733773387339734073417342734373447345734673477348734973507351735273537354735573567357735873597360736173627363736473657366736773687369737073717372737373747375737673777378737973807381738273837384738573867387738873897390739173927393739473957396739773987399740074017402740374047405740674077408740974107411741274137414741574167417741874197420742174227423742474257426742774287429743074317432743374347435743674377438743974407441744274437444744574467447744874497450745174527453745474557456745774587459746074617462746374647465746674677468746974707471747274737474747574767477747874797480748174827483748474857486748774887489749074917492749374947495749674977498749975007501750275037504750575067507750875097510751175127513751475157516751775187519752075217522752375247525752675277528752975307531753275337534753575367537753875397540754175427543754475457546754775487549755075517552755375547555755675577558755975607561756275637564756575667567756875697570757175727573757475757576757775787579758075817582758375847585758675877588758975907591759275937594759575967597759875997600760176027603760476057606760776087609761076117612761376147615761676177618761976207621762276237624762576267627762876297630763176327633763476357636763776387639764076417642764376447645764676477648764976507651765276537654765576567657765876597660766176627663766476657666766776687669767076717672767376747675767676777678767976807681768276837684768576867687768876897690769176927693769476957696769776987699770077017702770377047705770677077708770977107711771277137714771577167717771877197720772177227723772477257726772777287729773077317732773377347735773677377738773977407741774277437744774577467747774877497750775177527753775477557756775777587759776077617762776377647765776677677768776977707771777277737774777577767777777877797780778177827783778477857786778777887789779077917792779377947795779677977798779978007801780278037804780578067807780878097810781178127813781478157816781778187819782078217822782378247825782678277828782978307831783278337834783578367837783878397840784178427843784478457846784778487849785078517852785378547855785678577858785978607861786278637864786578667867786878697870787178727873787478757876787778787879788078817882788378847885788678877888788978907891789278937894789578967897789878997900790179027903790479057906790779087909791079117912791379147915791679177918791979207921792279237924792579267927792879297930793179327933793479357936793779387939794079417942794379447945794679477948794979507951795279537954795579567957795879597960796179627963796479657966796779687969797079717972797379747975797679777978797979807981798279837984798579867987798879897990799179927993799479957996799779987999800080018002800380048005800680078008800980108011801280138014801580168017801880198020802180228023802480258026802780288029803080318032803380348035803680378038803980408041804280438044804580468047804880498050805180528053805480558056805780588059806080618062806380648065806680678068806980708071807280738074807580768077807880798080808180828083808480858086808780888089809080918092809380948095809680978098809981008101810281038104810581068107810881098110811181128113811481158116811781188119812081218122812381248125812681278128812981308131813281338134813581368137813881398140814181428143814481458146814781488149815081518152815381548155815681578158815981608161816281638164816581668167816881698170817181728173817481758176817781788179818081818182818381848185818681878188818981908191819281938194819581968197819881998200820182028203820482058206820782088209821082118212821382148215821682178218821982208221822282238224822582268227822882298230823182328233823482358236823782388239824082418242824382448245824682478248824982508251825282538254825582568257825882598260826182628263826482658266826782688269827082718272827382748275827682778278827982808281828282838284828582868287828882898290829182928293829482958296829782988299830083018302830383048305830683078308830983108311831283138314831583168317831883198320832183228323832483258326832783288329833083318332833383348335833683378338833983408341834283438344834583468347834883498350835183528353835483558356835783588359836083618362836383648365836683678368836983708371837283738374837583768377837883798380838183828383838483858386838783888389839083918392839383948395839683978398839984008401840284038404840584068407840884098410841184128413841484158416841784188419842084218422842384248425842684278428842984308431843284338434843584368437843884398440844184428443844484458446844784488449845084518452845384548455845684578458845984608461846284638464846584668467846884698470847184728473847484758476847784788479848084818482848384848485848684878488848984908491849284938494849584968497849884998500850185028503850485058506850785088509851085118512851385148515851685178518851985208521852285238524852585268527852885298530853185328533853485358536853785388539854085418542854385448545854685478548854985508551855285538554855585568557855885598560856185628563856485658566856785688569857085718572857385748575857685778578857985808581858285838584858585868587858885898590859185928593859485958596859785988599860086018602860386048605860686078608860986108611861286138614861586168617861886198620862186228623862486258626862786288629863086318632863386348635863686378638863986408641864286438644864586468647864886498650865186528653865486558656865786588659866086618662866386648665866686678668866986708671867286738674867586768677867886798680868186828683868486858686868786888689869086918692869386948695869686978698869987008701870287038704870587068707870887098710871187128713871487158716871787188719872087218722872387248725872687278728872987308731873287338734873587368737873887398740874187428743874487458746874787488749875087518752875387548755875687578758875987608761876287638764876587668767876887698770877187728773877487758776877787788779878087818782878387848785878687878788878987908791879287938794879587968797879887998800880188028803880488058806880788088809881088118812881388148815881688178818881988208821882288238824882588268827882888298830883188328833883488358836883788388839884088418842884388448845884688478848884988508851885288538854885588568857885888598860886188628863886488658866886788688869887088718872887388748875887688778878887988808881888288838884888588868887888888898890889188928893889488958896889788988899890089018902890389048905890689078908890989108911891289138914891589168917891889198920892189228923892489258926892789288929893089318932893389348935893689378938893989408941894289438944894589468947894889498950895189528953895489558956895789588959896089618962896389648965896689678968896989708971897289738974897589768977897889798980898189828983898489858986898789888989899089918992899389948995899689978998899990009001900290039004900590069007900890099010901190129013901490159016901790189019902090219022902390249025902690279028902990309031903290339034903590369037903890399040904190429043904490459046904790489049905090519052905390549055905690579058905990609061906290639064906590669067906890699070907190729073907490759076907790789079908090819082908390849085908690879088908990909091909290939094909590969097909890999100910191029103910491059106910791089109911091119112911391149115911691179118911991209121912291239124912591269127912891299130913191329133913491359136913791389139914091419142914391449145914691479148914991509151915291539154915591569157915891599160916191629163916491659166916791689169917091719172917391749175917691779178917991809181918291839184918591869187918891899190919191929193919491959196919791989199920092019202920392049205920692079208920992109211921292139214921592169217921892199220922192229223922492259226922792289229923092319232923392349235923692379238923992409241924292439244924592469247924892499250925192529253925492559256925792589259926092619262926392649265926692679268926992709271927292739274927592769277927892799280928192829283928492859286928792889289929092919292929392949295929692979298929993009301930293039304930593069307930893099310931193129313931493159316931793189319932093219322932393249325932693279328932993309331933293339334933593369337933893399340934193429343934493459346934793489349935093519352935393549355935693579358935993609361936293639364936593669367936893699370937193729373937493759376937793789379938093819382938393849385938693879388938993909391939293939394939593969397939893999400940194029403940494059406940794089409941094119412941394149415941694179418941994209421942294239424942594269427942894299430943194329433943494359436943794389439944094419442944394449445944694479448944994509451945294539454945594569457945894599460946194629463946494659466946794689469947094719472947394749475947694779478947994809481948294839484948594869487948894899490949194929493949494959496949794989499950095019502950395049505950695079508950995109511951295139514951595169517951895199520952195229523952495259526952795289529953095319532953395349535953695379538953995409541954295439544954595469547954895499550955195529553955495559556955795589559956095619562956395649565956695679568956995709571957295739574957595769577957895799580958195829583958495859586958795889589959095919592959395949595959695979598959996009601960296039604960596069607960896099610961196129613961496159616961796189619962096219622962396249625962696279628962996309631963296339634963596369637963896399640964196429643964496459646964796489649965096519652965396549655965696579658965996609661966296639664966596669667966896699670967196729673967496759676967796789679968096819682968396849685968696879688968996909691969296939694969596969697969896999700970197029703970497059706970797089709971097119712971397149715971697179718971997209721972297239724972597269727972897299730973197329733973497359736973797389739974097419742974397449745974697479748974997509751975297539754975597569757975897599760976197629763976497659766976797689769977097719772977397749775977697779778977997809781978297839784978597869787978897899790979197929793979497959796979797989799980098019802980398049805980698079808980998109811981298139814981598169817981898199820982198229823982498259826982798289829983098319832983398349835983698379838983998409841984298439844984598469847984898499850985198529853985498559856985798589859986098619862986398649865986698679868986998709871987298739874987598769877987898799880988198829883988498859886988798889889989098919892989398949895989698979898989999009901990299039904990599069907990899099910991199129913991499159916991799189919992099219922992399249925992699279928992999309931993299339934993599369937993899399940994199429943994499459946994799489949995099519952995399549955995699579958995999609961996299639964996599669967996899699970997199729973997499759976997799789979998099819982998399849985998699879988998999909991999299939994999599969997999899991000010001100021000310004100051000610007100081000910010100111001210013100141001510016100171001810019100201002110022100231002410025100261002710028100291003010031100321003310034100351003610037100381003910040100411004210043100441004510046100471004810049100501005110052100531005410055100561005710058100591006010061100621006310064100651006610067100681006910070100711007210073100741007510076100771007810079100801008110082100831008410085100861008710088100891009010091100921009310094100951009610097100981009910100101011010210103101041010510106101071010810109101101011110112101131011410115101161011710118101191012010121101221012310124101251012610127101281012910130101311013210133101341013510136101371013810139101401014110142101431014410145101461014710148101491015010151101521015310154101551015610157101581015910160101611016210163101641016510166101671016810169101701017110172101731017410175101761017710178101791018010181101821018310184101851018610187101881018910190101911019210193101941019510196101971019810199102001020110202102031020410205102061020710208102091021010211102121021310214102151021610217102181021910220102211022210223102241022510226102271022810229102301023110232102331023410235102361023710238102391024010241102421024310244102451024610247102481024910250102511025210253102541025510256102571025810259102601026110262102631026410265102661026710268102691027010271102721027310274102751027610277102781027910280102811028210283102841028510286102871028810289102901029110292102931029410295102961029710298102991030010301103021030310304103051030610307103081030910310103111031210313103141031510316103171031810319103201032110322103231032410325103261032710328103291033010331103321033310334103351033610337103381033910340103411034210343103441034510346103471034810349103501035110352103531035410355103561035710358103591036010361103621036310364103651036610367103681036910370103711037210373103741037510376103771037810379103801038110382103831038410385103861038710388103891039010391103921039310394103951039610397103981039910400104011040210403104041040510406104071040810409104101041110412104131041410415104161041710418104191042010421104221042310424104251042610427104281042910430104311043210433104341043510436104371043810439104401044110442104431044410445104461044710448104491045010451104521045310454104551045610457104581045910460104611046210463104641046510466104671046810469104701047110472104731047410475104761047710478104791048010481104821048310484104851048610487104881048910490104911049210493104941049510496104971049810499105001050110502105031050410505105061050710508105091051010511105121051310514105151051610517105181051910520105211052210523105241052510526105271052810529105301053110532105331053410535105361053710538105391054010541105421054310544105451054610547105481054910550105511055210553105541055510556105571055810559105601056110562105631056410565105661056710568105691057010571105721057310574105751057610577105781057910580105811058210583105841058510586105871058810589105901059110592105931059410595105961059710598105991060010601106021060310604106051060610607106081060910610106111061210613106141061510616106171061810619106201062110622106231062410625106261062710628106291063010631106321063310634106351063610637106381063910640106411064210643106441064510646106471064810649106501065110652106531065410655106561065710658106591066010661106621066310664106651066610667106681066910670106711067210673106741067510676106771067810679106801068110682106831068410685106861068710688106891069010691106921069310694106951069610697106981069910700107011070210703107041070510706107071070810709107101071110712107131071410715107161071710718107191072010721107221072310724107251072610727107281072910730107311073210733107341073510736107371073810739107401074110742107431074410745107461074710748107491075010751107521075310754107551075610757107581075910760107611076210763107641076510766107671076810769107701077110772107731077410775107761077710778107791078010781107821078310784107851078610787107881078910790107911079210793107941079510796107971079810799108001080110802108031080410805108061080710808108091081010811108121081310814108151081610817108181081910820108211082210823108241082510826108271082810829108301083110832108331083410835108361083710838108391084010841108421084310844108451084610847108481084910850108511085210853108541085510856108571085810859108601086110862108631086410865108661086710868108691087010871108721087310874108751087610877108781087910880108811088210883108841088510886108871088810889108901089110892108931089410895108961089710898108991090010901109021090310904109051090610907109081090910910109111091210913109141091510916109171091810919109201092110922109231092410925109261092710928109291093010931109321093310934109351093610937109381093910940109411094210943109441094510946109471094810949109501095110952109531095410955109561095710958109591096010961109621096310964109651096610967109681096910970109711097210973109741097510976109771097810979109801098110982109831098410985109861098710988109891099010991109921099310994109951099610997109981099911000110011100211003110041100511006110071100811009110101101111012110131101411015110161101711018110191102011021110221102311024110251102611027110281102911030110311103211033110341103511036110371103811039110401104111042110431104411045110461104711048110491105011051110521105311054110551105611057110581105911060110611106211063110641106511066110671106811069110701107111072110731107411075110761107711078110791108011081110821108311084110851108611087110881108911090110911109211093110941109511096110971109811099111001110111102111031110411105111061110711108111091111011111111121111311114111151111611117111181111911120111211112211123111241112511126111271112811129111301113111132111331113411135111361113711138111391114011141111421114311144111451114611147111481114911150111511115211153111541115511156111571115811159111601116111162111631116411165111661116711168111691117011171111721117311174111751117611177111781117911180111811118211183111841118511186111871118811189111901119111192111931119411195111961119711198111991120011201112021120311204112051120611207112081120911210112111121211213112141121511216112171121811219112201122111222112231122411225112261122711228112291123011231112321123311234112351123611237112381123911240112411124211243112441124511246112471124811249112501125111252112531125411255112561125711258112591126011261112621126311264112651126611267112681126911270112711127211273112741127511276112771127811279112801128111282112831128411285112861128711288112891129011291112921129311294112951129611297112981129911300113011130211303113041130511306113071130811309113101131111312113131131411315113161131711318113191132011321113221132311324113251132611327113281132911330113311133211333113341133511336113371133811339113401134111342113431134411345113461134711348113491135011351113521135311354113551135611357113581135911360113611136211363113641136511366113671136811369113701137111372113731137411375113761137711378113791138011381113821138311384113851138611387113881138911390113911139211393113941139511396113971139811399114001140111402114031140411405114061140711408114091141011411114121141311414114151141611417114181141911420114211142211423114241142511426114271142811429114301143111432114331143411435114361143711438114391144011441114421144311444114451144611447114481144911450114511145211453114541145511456114571145811459114601146111462114631146411465114661146711468114691147011471114721147311474114751147611477114781147911480114811148211483114841148511486114871148811489114901149111492114931149411495114961149711498114991150011501115021150311504115051150611507115081150911510115111151211513115141151511516115171151811519115201152111522115231152411525115261152711528115291153011531115321153311534115351153611537115381153911540115411154211543115441154511546115471154811549115501155111552115531155411555115561155711558115591156011561115621156311564115651156611567115681156911570115711157211573115741157511576115771157811579115801158111582115831158411585115861158711588115891159011591115921159311594115951159611597115981159911600116011160211603116041160511606116071160811609116101161111612116131161411615116161161711618116191162011621116221162311624116251162611627116281162911630116311163211633116341163511636116371163811639116401164111642116431164411645116461164711648116491165011651116521165311654116551165611657116581165911660116611166211663116641166511666116671166811669116701167111672116731167411675116761167711678116791168011681116821168311684116851168611687116881168911690116911169211693116941169511696116971169811699117001170111702117031170411705117061170711708117091171011711117121171311714117151171611717117181171911720117211172211723117241172511726117271172811729117301173111732117331173411735117361173711738117391174011741117421174311744117451174611747117481174911750117511175211753117541175511756117571175811759117601176111762117631176411765117661176711768117691177011771117721177311774117751177611777117781177911780117811178211783117841178511786117871178811789117901179111792117931179411795117961179711798117991180011801118021180311804118051180611807118081180911810118111181211813118141181511816118171181811819118201182111822118231182411825118261182711828118291183011831118321183311834118351183611837118381183911840118411184211843118441184511846118471184811849118501185111852118531185411855118561185711858118591186011861118621186311864118651186611867118681186911870118711187211873118741187511876118771187811879118801188111882118831188411885118861188711888118891189011891118921189311894118951189611897118981189911900119011190211903119041190511906119071190811909119101191111912119131191411915119161191711918119191192011921119221192311924119251192611927119281192911930119311193211933119341193511936119371193811939119401194111942119431194411945119461194711948119491195011951119521195311954119551195611957119581195911960119611196211963119641196511966119671196811969119701197111972119731197411975119761197711978119791198011981119821198311984119851198611987119881198911990119911199211993119941199511996119971199811999120001200112002120031200412005120061200712008120091201012011120121201312014120151201612017120181201912020120211202212023120241202512026120271202812029120301203112032120331203412035120361203712038120391204012041120421204312044120451204612047120481204912050120511205212053120541205512056120571205812059120601206112062120631206412065120661206712068120691207012071120721207312074120751207612077120781207912080120811208212083120841208512086120871208812089120901209112092120931209412095120961209712098120991210012101121021210312104121051210612107121081210912110121111211212113121141211512116121171211812119121201212112122121231212412125121261212712128121291213012131121321213312134121351213612137121381213912140121411214212143121441214512146121471214812149121501215112152121531215412155121561215712158121591216012161121621216312164121651216612167121681216912170121711217212173121741217512176121771217812179121801218112182121831218412185121861218712188121891219012191121921219312194121951219612197121981219912200122011220212203122041220512206122071220812209122101221112212122131221412215122161221712218122191222012221122221222312224122251222612227122281222912230122311223212233122341223512236122371223812239122401224112242122431224412245122461224712248122491225012251122521225312254122551225612257122581225912260122611226212263122641226512266122671226812269122701227112272122731227412275122761227712278122791228012281122821228312284122851228612287122881228912290122911229212293122941229512296122971229812299123001230112302123031230412305123061230712308123091231012311123121231312314123151231612317123181231912320123211232212323123241232512326123271232812329123301233112332123331233412335123361233712338123391234012341123421234312344123451234612347123481234912350123511235212353123541235512356123571235812359123601236112362123631236412365123661236712368123691237012371123721237312374123751237612377123781237912380123811238212383123841238512386123871238812389123901239112392123931239412395123961239712398123991240012401124021240312404124051240612407124081240912410124111241212413124141241512416124171241812419124201242112422124231242412425124261242712428124291243012431124321243312434124351243612437124381243912440124411244212443124441244512446124471244812449124501245112452124531245412455124561245712458124591246012461124621246312464124651246612467124681246912470124711247212473124741247512476124771247812479124801248112482124831248412485124861248712488124891249012491124921249312494124951249612497124981249912500125011250212503125041250512506125071250812509125101251112512125131251412515125161251712518125191252012521125221252312524125251252612527125281252912530125311253212533125341253512536125371253812539125401254112542125431254412545125461254712548125491255012551125521255312554125551255612557125581255912560125611256212563125641256512566125671256812569125701257112572125731257412575125761257712578125791258012581125821258312584125851258612587125881258912590125911259212593125941259512596125971259812599126001260112602126031260412605126061260712608126091261012611126121261312614126151261612617126181261912620126211262212623126241262512626126271262812629126301263112632126331263412635126361263712638126391264012641126421264312644126451264612647126481264912650126511265212653126541265512656126571265812659126601266112662126631266412665126661266712668126691267012671126721267312674126751267612677126781267912680126811268212683126841268512686126871268812689126901269112692126931269412695126961269712698126991270012701127021270312704127051270612707127081270912710127111271212713127141271512716127171271812719127201272112722127231272412725127261272712728127291273012731127321273312734127351273612737127381273912740127411274212743127441274512746127471274812749127501275112752127531275412755127561275712758127591276012761127621276312764127651276612767127681276912770127711277212773127741277512776127771277812779127801278112782127831278412785127861278712788127891279012791127921279312794127951279612797127981279912800128011280212803128041280512806128071280812809128101281112812128131281412815128161281712818128191282012821128221282312824128251282612827128281282912830128311283212833128341283512836128371283812839128401284112842128431284412845128461284712848128491285012851128521285312854128551285612857128581285912860128611286212863128641286512866128671286812869128701287112872128731287412875128761287712878128791288012881128821288312884128851288612887128881288912890128911289212893128941289512896128971289812899129001290112902129031290412905129061290712908129091291012911129121291312914129151291612917129181291912920129211292212923129241292512926129271292812929129301293112932129331293412935129361293712938129391294012941129421294312944129451294612947129481294912950129511295212953129541295512956129571295812959129601296112962129631296412965129661296712968129691297012971129721297312974129751297612977129781297912980129811298212983129841298512986129871298812989129901299112992129931299412995129961299712998129991300013001130021300313004130051300613007130081300913010130111301213013130141301513016130171301813019130201302113022130231302413025130261302713028130291303013031130321303313034130351303613037130381303913040130411304213043130441304513046130471304813049130501305113052130531305413055130561305713058130591306013061130621306313064130651306613067130681306913070130711307213073130741307513076130771307813079130801308113082130831308413085130861308713088130891309013091130921309313094130951309613097130981309913100131011310213103131041310513106131071310813109131101311113112131131311413115131161311713118131191312013121131221312313124131251312613127131281312913130131311313213133131341313513136131371313813139131401314113142131431314413145131461314713148131491315013151131521315313154131551315613157131581315913160131611316213163131641316513166131671316813169131701317113172131731317413175131761317713178131791318013181131821318313184131851318613187131881318913190131911319213193131941319513196131971319813199132001320113202132031320413205132061320713208132091321013211132121321313214132151321613217132181321913220132211322213223132241322513226132271322813229132301323113232132331323413235132361323713238132391324013241132421324313244132451324613247132481324913250132511325213253132541325513256132571325813259132601326113262132631326413265132661326713268132691327013271132721327313274132751327613277132781327913280132811328213283132841328513286132871328813289132901329113292132931329413295132961329713298132991330013301133021330313304133051330613307133081330913310133111331213313133141331513316133171331813319133201332113322133231332413325133261332713328133291333013331133321333313334133351333613337133381333913340133411334213343133441334513346133471334813349133501335113352133531335413355133561335713358133591336013361133621336313364133651336613367133681336913370133711337213373133741337513376133771337813379133801338113382133831338413385133861338713388133891339013391133921339313394133951339613397133981339913400134011340213403134041340513406134071340813409134101341113412134131341413415134161341713418134191342013421134221342313424134251342613427134281342913430134311343213433134341343513436134371343813439134401344113442134431344413445134461344713448134491345013451134521345313454134551345613457134581345913460134611346213463134641346513466134671346813469134701347113472134731347413475134761347713478134791348013481134821348313484134851348613487134881348913490134911349213493134941349513496134971349813499135001350113502135031350413505135061350713508135091351013511135121351313514135151351613517135181351913520135211352213523135241352513526135271352813529135301353113532135331353413535135361353713538135391354013541135421354313544135451354613547135481354913550135511355213553135541355513556135571355813559135601356113562135631356413565135661356713568135691357013571135721357313574135751357613577135781357913580135811358213583135841358513586135871358813589135901359113592135931359413595135961359713598135991360013601136021360313604136051360613607136081360913610136111361213613136141361513616136171361813619136201362113622136231362413625136261362713628136291363013631136321363313634136351363613637136381363913640136411364213643136441364513646136471364813649136501365113652136531365413655136561365713658136591366013661136621366313664136651366613667136681366913670136711367213673136741367513676136771367813679136801368113682136831368413685136861368713688136891369013691136921369313694136951369613697136981369913700137011370213703137041370513706137071370813709137101371113712137131371413715137161371713718137191372013721137221372313724137251372613727137281372913730137311373213733137341373513736137371373813739137401374113742137431374413745137461374713748137491375013751137521375313754137551375613757137581375913760137611376213763137641376513766137671376813769137701377113772137731377413775137761377713778137791378013781137821378313784137851378613787137881378913790137911379213793137941379513796137971379813799138001380113802138031380413805138061380713808138091381013811138121381313814138151381613817138181381913820138211382213823138241382513826138271382813829138301383113832138331383413835138361383713838138391384013841138421384313844138451384613847138481384913850138511385213853138541385513856138571385813859138601386113862138631386413865138661386713868138691387013871138721387313874138751387613877138781387913880138811388213883138841388513886138871388813889138901389113892138931389413895138961389713898138991390013901139021390313904139051390613907139081390913910139111391213913139141391513916139171391813919139201392113922139231392413925139261392713928139291393013931139321393313934139351393613937139381393913940139411394213943139441394513946139471394813949139501395113952139531395413955139561395713958139591396013961139621396313964139651396613967139681396913970139711397213973139741397513976139771397813979139801398113982139831398413985139861398713988139891399013991139921399313994139951399613997139981399914000140011400214003140041400514006140071400814009140101401114012140131401414015140161401714018140191402014021140221402314024140251402614027140281402914030140311403214033140341403514036140371403814039140401404114042140431404414045140461404714048140491405014051140521405314054140551405614057140581405914060140611406214063140641406514066140671406814069140701407114072140731407414075140761407714078140791408014081140821408314084140851408614087140881408914090140911409214093140941409514096140971409814099141001410114102141031410414105141061410714108141091411014111141121411314114141151411614117141181411914120141211412214123141241412514126141271412814129141301413114132141331413414135141361413714138141391414014141141421414314144141451414614147141481414914150141511415214153141541415514156141571415814159141601416114162141631416414165141661416714168141691417014171141721417314174141751417614177141781417914180141811418214183141841418514186141871418814189141901419114192141931419414195141961419714198141991420014201142021420314204142051420614207142081420914210142111421214213142141421514216142171421814219142201422114222142231422414225142261422714228142291423014231142321423314234142351423614237142381423914240142411424214243142441424514246142471424814249142501425114252142531425414255142561425714258142591426014261142621426314264142651426614267142681426914270142711427214273142741427514276142771427814279142801428114282142831428414285142861428714288142891429014291142921429314294142951429614297142981429914300143011430214303143041430514306143071430814309143101431114312143131431414315143161431714318143191432014321143221432314324143251432614327143281432914330143311433214333143341433514336143371433814339143401434114342143431434414345143461434714348143491435014351143521435314354143551435614357143581435914360143611436214363143641436514366143671436814369143701437114372143731437414375143761437714378143791438014381143821438314384143851438614387143881438914390143911439214393143941439514396143971439814399144001440114402144031440414405144061440714408144091441014411144121441314414144151441614417144181441914420144211442214423144241442514426144271442814429144301443114432144331443414435144361443714438144391444014441144421444314444144451444614447144481444914450144511445214453144541445514456144571445814459144601446114462144631446414465144661446714468144691447014471144721447314474144751447614477144781447914480144811448214483144841448514486144871448814489144901449114492144931449414495144961449714498144991450014501145021450314504145051450614507145081450914510145111451214513145141451514516145171451814519145201452114522145231452414525145261452714528145291453014531145321453314534145351453614537145381453914540145411454214543145441454514546145471454814549145501455114552145531455414555145561455714558145591456014561145621456314564145651456614567145681456914570145711457214573145741457514576145771457814579145801458114582145831458414585145861458714588145891459014591145921459314594145951459614597145981459914600146011460214603146041460514606146071460814609146101461114612146131461414615146161461714618146191462014621146221462314624146251462614627146281462914630146311463214633146341463514636146371463814639146401464114642146431464414645146461464714648146491465014651146521465314654146551465614657146581465914660146611466214663146641466514666146671466814669146701467114672146731467414675146761467714678146791468014681146821468314684146851468614687146881468914690146911469214693146941469514696146971469814699147001470114702147031470414705147061470714708147091471014711147121471314714147151471614717147181471914720147211472214723147241472514726147271472814729147301473114732147331473414735147361473714738147391474014741147421474314744147451474614747147481474914750147511475214753147541475514756147571475814759147601476114762147631476414765147661476714768147691477014771147721477314774147751477614777147781477914780147811478214783147841478514786147871478814789147901479114792147931479414795147961479714798147991480014801148021480314804148051480614807148081480914810148111481214813148141481514816148171481814819148201482114822148231482414825148261482714828148291483014831148321483314834148351483614837148381483914840148411484214843148441484514846148471484814849148501485114852148531485414855148561485714858148591486014861148621486314864148651486614867148681486914870148711487214873148741487514876148771487814879148801488114882148831488414885148861488714888148891489014891148921489314894148951489614897148981489914900149011490214903149041490514906149071490814909149101491114912149131491414915149161491714918149191492014921149221492314924149251492614927149281492914930149311493214933149341493514936149371493814939149401494114942149431494414945149461494714948149491495014951149521495314954149551495614957149581495914960149611496214963149641496514966149671496814969149701497114972149731497414975149761497714978149791498014981149821498314984149851498614987149881498914990149911499214993149941499514996149971499814999150001500115002150031500415005150061500715008150091501015011150121501315014150151501615017150181501915020150211502215023150241502515026150271502815029150301503115032150331503415035150361503715038150391504015041150421504315044150451504615047150481504915050150511505215053150541505515056150571505815059150601506115062150631506415065150661506715068150691507015071150721507315074150751507615077150781507915080150811508215083150841508515086150871508815089150901509115092150931509415095150961509715098150991510015101151021510315104151051510615107151081510915110151111511215113151141511515116151171511815119151201512115122151231512415125151261512715128151291513015131151321513315134151351513615137151381513915140151411514215143151441514515146151471514815149151501515115152151531515415155151561515715158151591516015161151621516315164151651516615167151681516915170151711517215173151741517515176151771517815179151801518115182151831518415185151861518715188151891519015191151921519315194151951519615197151981519915200152011520215203152041520515206152071520815209152101521115212152131521415215152161521715218152191522015221152221522315224152251522615227152281522915230152311523215233152341523515236152371523815239152401524115242152431524415245152461524715248152491525015251152521525315254152551525615257152581525915260152611526215263152641526515266152671526815269152701527115272152731527415275152761527715278152791528015281152821528315284152851528615287152881528915290152911529215293152941529515296152971529815299153001530115302153031530415305153061530715308153091531015311153121531315314153151531615317153181531915320153211532215323153241532515326153271532815329153301533115332153331533415335153361533715338153391534015341153421534315344153451534615347153481534915350153511535215353153541535515356153571535815359153601536115362153631536415365153661536715368153691537015371153721537315374153751537615377153781537915380153811538215383153841538515386153871538815389153901539115392153931539415395153961539715398153991540015401154021540315404154051540615407154081540915410154111541215413154141541515416154171541815419154201542115422154231542415425154261542715428154291543015431154321543315434154351543615437154381543915440154411544215443154441544515446154471544815449154501545115452154531545415455154561545715458154591546015461154621546315464154651546615467154681546915470154711547215473154741547515476154771547815479154801548115482154831548415485154861548715488154891549015491154921549315494154951549615497154981549915500155011550215503155041550515506155071550815509155101551115512155131551415515155161551715518155191552015521155221552315524155251552615527155281552915530155311553215533155341553515536155371553815539155401554115542155431554415545155461554715548155491555015551155521555315554155551555615557155581555915560155611556215563155641556515566155671556815569155701557115572155731557415575155761557715578155791558015581155821558315584155851558615587155881558915590155911559215593155941559515596155971559815599156001560115602156031560415605156061560715608156091561015611156121561315614156151561615617156181561915620156211562215623156241562515626156271562815629156301563115632156331563415635156361563715638156391564015641156421564315644156451564615647156481564915650156511565215653156541565515656156571565815659156601566115662156631566415665156661566715668156691567015671156721567315674156751567615677156781567915680156811568215683156841568515686156871568815689156901569115692156931569415695156961569715698156991570015701157021570315704157051570615707157081570915710157111571215713157141571515716157171571815719157201572115722157231572415725157261572715728157291573015731157321573315734157351573615737157381573915740157411574215743157441574515746157471574815749157501575115752157531575415755157561575715758157591576015761157621576315764157651576615767157681576915770157711577215773157741577515776157771577815779157801578115782157831578415785157861578715788157891579015791157921579315794157951579615797157981579915800158011580215803158041580515806158071580815809158101581115812158131581415815158161581715818158191582015821158221582315824158251582615827158281582915830158311583215833158341583515836158371583815839158401584115842158431584415845158461584715848158491585015851158521585315854158551585615857158581585915860158611586215863158641586515866158671586815869158701587115872158731587415875158761587715878158791588015881158821588315884158851588615887158881588915890158911589215893158941589515896158971589815899159001590115902159031590415905159061590715908159091591015911159121591315914159151591615917159181591915920159211592215923159241592515926159271592815929159301593115932159331593415935159361593715938159391594015941159421594315944159451594615947159481594915950159511595215953159541595515956159571595815959159601596115962159631596415965159661596715968159691597015971159721597315974159751597615977159781597915980159811598215983159841598515986159871598815989159901599115992159931599415995159961599715998159991600016001160021600316004160051600616007160081600916010160111601216013160141601516016160171601816019160201602116022160231602416025160261602716028160291603016031160321603316034160351603616037160381603916040160411604216043160441604516046160471604816049160501605116052160531605416055160561605716058160591606016061160621606316064160651606616067160681606916070160711607216073160741607516076160771607816079160801608116082160831608416085160861608716088160891609016091160921609316094160951609616097160981609916100161011610216103161041610516106161071610816109161101611116112161131611416115161161611716118161191612016121161221612316124161251612616127161281612916130161311613216133161341613516136161371613816139161401614116142161431614416145161461614716148161491615016151161521615316154161551615616157161581615916160161611616216163161641616516166161671616816169161701617116172161731617416175161761617716178161791618016181161821618316184161851618616187161881618916190161911619216193161941619516196161971619816199162001620116202162031620416205162061620716208162091621016211162121621316214162151621616217162181621916220162211622216223162241622516226162271622816229162301623116232162331623416235162361623716238162391624016241162421624316244162451624616247162481624916250162511625216253162541625516256162571625816259162601626116262162631626416265162661626716268162691627016271162721627316274162751627616277162781627916280162811628216283162841628516286162871628816289162901629116292162931629416295162961629716298162991630016301163021630316304163051630616307163081630916310163111631216313163141631516316163171631816319163201632116322163231632416325163261632716328163291633016331163321633316334163351633616337163381633916340163411634216343163441634516346163471634816349163501635116352163531635416355163561635716358163591636016361163621636316364163651636616367163681636916370163711637216373163741637516376163771637816379163801638116382163831638416385163861638716388163891639016391163921639316394163951639616397163981639916400164011640216403164041640516406164071640816409164101641116412164131641416415164161641716418164191642016421164221642316424164251642616427164281642916430164311643216433164341643516436164371643816439164401644116442164431644416445164461644716448164491645016451164521645316454164551645616457164581645916460164611646216463164641646516466164671646816469164701647116472164731647416475164761647716478164791648016481164821648316484164851648616487164881648916490164911649216493164941649516496164971649816499165001650116502165031650416505165061650716508165091651016511165121651316514165151651616517165181651916520165211652216523165241652516526165271652816529165301653116532165331653416535165361653716538165391654016541165421654316544165451654616547165481654916550165511655216553165541655516556165571655816559165601656116562165631656416565165661656716568165691657016571165721657316574165751657616577165781657916580165811658216583165841658516586165871658816589165901659116592165931659416595165961659716598165991660016601166021660316604166051660616607166081660916610166111661216613166141661516616166171661816619166201662116622166231662416625166261662716628166291663016631166321663316634166351663616637166381663916640166411664216643166441664516646166471664816649166501665116652166531665416655166561665716658166591666016661166621666316664166651666616667166681666916670166711667216673166741667516676166771667816679166801668116682166831668416685166861668716688166891669016691166921669316694166951669616697166981669916700167011670216703167041670516706167071670816709167101671116712167131671416715167161671716718167191672016721167221672316724167251672616727167281672916730167311673216733167341673516736167371673816739167401674116742167431674416745167461674716748167491675016751167521675316754167551675616757167581675916760167611676216763167641676516766167671676816769167701677116772167731677416775167761677716778167791678016781167821678316784167851678616787167881678916790167911679216793167941679516796167971679816799168001680116802168031680416805168061680716808168091681016811168121681316814168151681616817168181681916820168211682216823168241682516826168271682816829168301683116832168331683416835168361683716838168391684016841168421684316844168451684616847168481684916850168511685216853168541685516856168571685816859168601686116862168631686416865168661686716868168691687016871168721687316874168751687616877168781687916880168811688216883168841688516886168871688816889168901689116892168931689416895168961689716898168991690016901169021690316904169051690616907169081690916910169111691216913169141691516916169171691816919169201692116922169231692416925169261692716928169291693016931169321693316934169351693616937169381693916940169411694216943169441694516946169471694816949169501695116952169531695416955169561695716958169591696016961169621696316964169651696616967169681696916970169711697216973169741697516976169771697816979169801698116982169831698416985169861698716988169891699016991169921699316994169951699616997169981699917000170011700217003170041700517006170071700817009170101701117012170131701417015170161701717018170191702017021170221702317024170251702617027170281702917030170311703217033170341703517036170371703817039170401704117042170431704417045170461704717048170491705017051170521705317054170551705617057170581705917060170611706217063170641706517066170671706817069170701707117072170731707417075170761707717078170791708017081170821708317084170851708617087170881708917090170911709217093170941709517096170971709817099171001710117102171031710417105171061710717108171091711017111171121711317114171151711617117171181711917120171211712217123171241712517126171271712817129171301713117132171331713417135171361713717138171391714017141171421714317144171451714617147171481714917150171511715217153171541715517156171571715817159171601716117162171631716417165171661716717168171691717017171171721717317174171751717617177171781717917180171811718217183171841718517186171871718817189171901719117192171931719417195171961719717198171991720017201172021720317204172051720617207172081720917210172111721217213172141721517216172171721817219172201722117222172231722417225172261722717228172291723017231172321723317234172351723617237172381723917240172411724217243172441724517246172471724817249172501725117252172531725417255172561725717258172591726017261172621726317264172651726617267172681726917270172711727217273172741727517276172771727817279172801728117282172831728417285172861728717288172891729017291172921729317294172951729617297172981729917300173011730217303173041730517306173071730817309173101731117312173131731417315173161731717318173191732017321173221732317324173251732617327173281732917330173311733217333173341733517336173371733817339173401734117342173431734417345173461734717348173491735017351173521735317354173551735617357173581735917360173611736217363173641736517366173671736817369173701737117372173731737417375173761737717378173791738017381173821738317384173851738617387173881738917390173911739217393173941739517396173971739817399174001740117402174031740417405174061740717408174091741017411174121741317414174151741617417174181741917420174211742217423174241742517426174271742817429174301743117432174331743417435174361743717438174391744017441174421744317444174451744617447174481744917450174511745217453174541745517456174571745817459174601746117462174631746417465174661746717468174691747017471174721747317474174751747617477174781747917480174811748217483174841748517486174871748817489174901749117492174931749417495174961749717498174991750017501175021750317504175051750617507175081750917510175111751217513175141751517516175171751817519175201752117522175231752417525175261752717528175291753017531175321753317534175351753617537175381753917540175411754217543175441754517546175471754817549175501755117552175531755417555175561755717558175591756017561175621756317564175651756617567175681756917570175711757217573175741757517576175771757817579175801758117582175831758417585175861758717588175891759017591175921759317594175951759617597175981759917600176011760217603176041760517606176071760817609176101761117612176131761417615176161761717618176191762017621176221762317624176251762617627176281762917630176311763217633176341763517636176371763817639176401764117642176431764417645176461764717648176491765017651176521765317654176551765617657176581765917660176611766217663176641766517666176671766817669176701767117672176731767417675176761767717678176791768017681176821768317684176851768617687176881768917690176911769217693176941769517696176971769817699177001770117702177031770417705177061770717708177091771017711177121771317714177151771617717177181771917720177211772217723177241772517726177271772817729177301773117732177331773417735177361773717738177391774017741177421774317744177451774617747177481774917750177511775217753177541775517756177571775817759177601776117762177631776417765177661776717768177691777017771177721777317774177751777617777177781777917780177811778217783177841778517786177871778817789177901779117792177931779417795177961779717798177991780017801178021780317804178051780617807178081780917810178111781217813178141781517816178171781817819178201782117822178231782417825178261782717828178291783017831178321783317834178351783617837178381783917840178411784217843178441784517846178471784817849178501785117852178531785417855178561785717858178591786017861178621786317864178651786617867178681786917870178711787217873178741787517876178771787817879178801788117882178831788417885178861788717888178891789017891178921789317894178951789617897178981789917900179011790217903179041790517906179071790817909179101791117912179131791417915179161791717918179191792017921179221792317924179251792617927179281792917930179311793217933179341793517936179371793817939179401794117942179431794417945179461794717948179491795017951179521795317954179551795617957179581795917960179611796217963179641796517966179671796817969179701797117972179731797417975179761797717978179791798017981179821798317984179851798617987179881798917990179911799217993179941799517996179971799817999180001800118002
  1. _ _ ____ _
  2. ___| | | | _ \| |
  3. / __| | | | |_) | |
  4. | (__| |_| | _ <| |___
  5. \___|\___/|_| \_\_____|
  6. Old Changelog
  7. Changes done to curl and libcurl from 1997 to 2010, edited manually. The most
  8. recent changes are always generated into the CHANGES file straight from git.
  9. Kamil Dudka (17 June 2010)
  10. - Improve test575 in order to not fail with threaded DNS resolver.
  11. Version 7.21.0 (16 June 2010)
  12. Daniel Stenberg (5 June 2010)
  13. - Constantine Sapuntzakis fixed a case of spurious SSL connection aborts using
  14. libcurl and OpenSSL. "I tracked it down to uncleared error state on the
  15. OpenSSL error stack - patch attached deals with that."
  16. Daniel Stenberg (5 June 2010)
  17. - Frank Meier added CURLINFO_PRIMARY_PORT, CURLINFO_LOCAL_IP and
  18. CURLINFO_LOCAL_PORT to curl_easy_getinfo().
  19. Yang Tse (4 June 2010)
  20. - Enabled OpenLDAP support for cygwin builds. This support was disabled back
  21. in 2008 due to incompatibilities between OpenSSL and OpenLDAP headers.
  22. cygwin's OpenSSL 0.9.8l and OpenLDAP 2.3.43 versions on cygwin 1.5.25
  23. allow building an OpenLDAP enabled libcurl supporting back to Windows 95.
  24. Removed the non-functional CURL_LDAP_HYBRID code and references.
  25. Daniel Stenberg (2 June 2010)
  26. - Jason McDonald posted bug report #3006786 when he found that the SFTP code
  27. didn't timeout properly in several places in the code even if a timeout was
  28. set properly.
  29. Based on his suggested patch, I wrote a different implementation that I
  30. think addressed the issue better and also uses the connect timeout for the
  31. initial part of the SSH/SFTP done during the "protocol connect" phase.
  32. (http://curl.haxx.se/bug/view.cgi?id=3006786)
  33. Yang Tse (2 June 2010)
  34. - Added missing new libcurl files to non-configure targets. Adjusted
  35. libcurl standard internal header inclusions in new files. Fixed an
  36. SPNEGO related memory leak. Fixed several LDAP related compilation
  37. issues, and fixed some compiler warnings.
  38. Daniel Stenberg (1 June 2010)
  39. - Igor Novoseltsev reported a problem with the multi socket API and using
  40. timeouts and timers. It boiled down to a problem with libcurl's use of
  41. GetTickCount() interally to figure out the current time, while Igor's own
  42. application code used another function call.
  43. It made his app call the socket API timeout function a bit _before_ libcurl
  44. would consider the timeout to trigger, and that could easily lead to
  45. timeouts or stalls in the app. It seems GetTickCount() in general often has
  46. no better resolution than 16ms and switching to the alternative function
  47. QueryPerformanceCounter has its share of problems:
  48. http://www.virtualdub.org/blog/pivot/entry.php?id=106
  49. We address this problem by simply having libcurl treat timers that already
  50. has occured or will occur within 40ms subject for treatment. I'm confident
  51. that there are other implementations and operating systems with similarly in
  52. accurate timer functions so it makes sense to have applied generically and I
  53. don't believe we sacrifice much by adding a 40ms inaccuracy on these
  54. timeouts.
  55. Kamil Dudka (27 May 2010)
  56. - added a new test for CRL support (test313)
  57. - Tor Arntsen changed the alternative definition of bool to use enum instead
  58. of unsigned char.
  59. Daniel Stenberg (25 May 2010)
  60. - Julien Chaffraix fixed the warning seen when compiling lib/rtmp.c: one
  61. unused variables, several unused arguments and some missing #include.
  62. - Julien Chaffraix fixed 2 OOM errors: a missing NULL-check in
  63. lib/http_negociate.c and a potential NULL dereferencing in lib/splay.c
  64. - Howard Chu brought a patch that makes the LDAP code much cleaner, nicer and
  65. in general being a better libcurl citizen. If a new enough OpenLDAP version
  66. is detect, the new and shiny lib/openldap.c code is then used instead of the
  67. old cruft.
  68. Daniel Stenberg (21 May 2010)
  69. - Eric Mertens posted bug #3003705: when we made TFTP use the correct timeout
  70. option when sent to the server (fixed May 18th 2010) it became obvious that
  71. libcurl used invalid timeout values (300 by default while the RFC allows
  72. nothing above 255). While of course it is obvious that as TFTP has worked
  73. thus far without being able to set timeout at all, just removing the setting
  74. wouldn't make any difference in behavior. I decided to still keep it (but
  75. fix the problem) as it now actually allows for easier (future) customization
  76. of the timeout.
  77. (http://curl.haxx.se/bug/view.cgi?id=3003705)
  78. - Douglas Kilpatrick filed bug report #3004787 and pointed out that the TFTP
  79. code didn't handle block id wraps correctly. His suggested fix inspired the
  80. fix I committed.
  81. (http://curl.haxx.se/bug/view.cgi?id=3004787)
  82. Daniel Stenberg (20 May 2010)
  83. - Tanguy Fautre brought a fix to allow curl to build with Microsoft VC10.
  84. Daniel Stenberg (18 May 2010)
  85. - Eric Mertens posted bug report #3003005 pointing out that the libcurl TFTP
  86. code was not sending the timeout option properly to the server, and
  87. suggested a fix.
  88. (http://curl.haxx.se/bug/view.cgi?id=3003005)
  89. Kamil Dudka (16 May 2010)
  90. - Pavel Raiskup introduced a new option CURLOPT_FNMATCH_DATA in order to pass
  91. a custom data pointer to the callback specified by CURLOPT_FNMATCH_FUNCTION.
  92. Daniel Stenberg (14 May 2010)
  93. - John-Mark Bell filed bug #3000052 that identified a problem (with an
  94. associated patch) with the OpenSSL handshake state machine when the multi
  95. interface is used:
  96. Performing an https request using a curl multi handle and using select or
  97. epoll to wait for events results in a hang. It appears that the cause is the
  98. fix for bug #2958179, which makes ossl_connect_common unconditionally return
  99. from the step 2 loop when fetching from a multi handle.
  100. When ossl_connect_step2 has completed, it updates connssl->connecting_state
  101. to ssl_connect_3. ossl_connect_common will then return to the caller, as a
  102. multi handle is in use. Eventually, the client code will call
  103. curl_multi_fdset to obtain an updated fdset to select or epoll on. For https
  104. requests, curl_multi_fdset will cause https_getsock to be called.
  105. https_getsock will only return a socket handle if the connecting_state is
  106. ssl_connect_2_reading or ssl_connect_2_writing. Therefore, the client will
  107. never obtain a valid fdset, and thus not drive the multi handle, resulting
  108. in a hang.
  109. (http://curl.haxx.se/bug/view.cgi?id=3000052)
  110. - Sebastian V reported bug #3000056 identifying a problem with redirect
  111. following. It showed that when curl followed redirects it didn't properly
  112. ignore the response body of the 30X response if that response was using
  113. compressed Content-Encoding!
  114. (http://curl.haxx.se/bug/view.cgi?id=3000056)
  115. Daniel Stenberg (12 May 2010)
  116. - Howard Chu brought support for RTMP. This is powered by the underlying
  117. librtmp library. It supports a range of variations and "sub-protocols"
  118. within the RTMP family.
  119. - Pavel Raiskup brought support for FTP directory wildcard matching to allow
  120. selective downloading. To provide that, a set of new options were added:
  121. CURLOPT_WILDCARDMATCH
  122. CURLOPT_CHUNK_BGN_FUNCTION
  123. CURLOPT_CHUNK_END_FUNCTION
  124. CURLOPT_CHUNK_DATA
  125. CURLOPT_FNMATCH_FUNCTION
  126. There were also a set of new tests added (574 - 577) to verify this.
  127. Kamil Dudka (11 May 2010)
  128. - CRL support in libcurl-NSS has been completely broken. Now it works. Original
  129. bug report: https://bugzilla.redhat.com/581926
  130. Daniel Stenberg (7 May 2010)
  131. - Dirk Manske reported a regression. When connecting with the multi interface,
  132. there were situations where libcurl wouldn't store connect time correctly as
  133. it used to (and is documented to) do.
  134. Using his fine sample program we could repeat it, and I wrote up test case
  135. 573 using that code. The problem does not easily show itself using the local
  136. test suite though.
  137. The fix, also as suggested by Dirk, is a bit on the ugly side as it adds yet
  138. another call to Curl_verboseconnect() and setting the TIMER_CONNECT time.
  139. That situation is subject for some closer inspection in the future.
  140. - Howard Chu split the I/O handling functions into private handlers.
  141. Howard Chu brought the bulk work of this patch that properly moves out the
  142. sending and recving of data to the parts of the code that are properly
  143. responsible for the various ways of doing so.
  144. Daniel Stenberg assisted with polishing a few bits and fixed some minor
  145. flaws in the original patch.
  146. Another upside of this patch is that we now abuse CURLcodes less with the
  147. "magic" -1 return codes and instead use CURLE_AGAIN more consistently.
  148. Daniel Stenberg (5 May 2010)
  149. - Hoi-Ho Chan introduced support for using the PolarSSL library. You control
  150. this with the new configure option --with-polarssl.
  151. Daniel Stenberg (29 Apr 2010)
  152. - Ben Greear made telnet a lot better/easier to use by an application:
  153. The main change is to allow input from user-specified methods, when they are
  154. specified with CURLOPT_READFUNCTION. All calls to fflush(stdout) in
  155. telnet.c were removed, which makes using 'curl telnet://foo.com' painful
  156. since prompts and other data are not always returned to the user promptly.
  157. Use 'curl --no-buffer telnet://foo.com' instead. In general, the user
  158. should have their CURLOPT_WRITEFUNCTION do a fflush for interactive use.
  159. Also fix assumption that reading from stdin never returns < 0.
  160. Old code could crash in that case.
  161. Call progress functions in telnet main loop.
  162. Daniel Stenberg (26 Apr 2010)
  163. - Make use of the libssh2_init/exit functions that libssh2 added in version
  164. 1.2.5. Using them will improve how libcurl works in threaded situations when
  165. SCP and SFTP are transfered.
  166. Daniel Stenberg (25 Apr 2010)
  167. - Based on work by Kamil Dudka, I've introduced the new configure option
  168. --enable-threaded-resolver. When used, the configure script will check for
  169. pthreads and if around, it will build libcurl to use pthreads to do name
  170. resolving in a threaded manner. Note that this is just a fix to offer an
  171. option that can enable the code that already included. The threader resolver
  172. code was mostly added on Jan 26 2010.
  173. Daniel Stenberg (24 Apr 2010)
  174. - Alex Bligh introduced the --proto and -proto-redir options that limit what
  175. protocols curl accepts for the requests and when following redirects.
  176. Kamil Dudka (24 Apr 2010)
  177. - Fixed test536 in order to not fail with threaded DNS resolver and tweaked
  178. comments in certain examples using curl_multi_fdset().
  179. - Fixed SSL handshake timeout underflow in libcurl-NSS, which caused test405
  180. to hang on a slow machine.
  181. Daniel Stenberg (21 Apr 2010)
  182. - The -O option caused curl to crash on windows and DOS due to the tool
  183. writing out of boundary memory.
  184. Yang Tse (20 Apr 2010)
  185. - Ruslan Gazizov detected that MSVC makefiles were using wsock32.lib instead
  186. of ws2_32.lib, this generated linking issues on MSVC IPv6 enabled builds
  187. that were done using those makefiles.
  188. Daniel Stenberg (19 Apr 2010)
  189. - -J/--remote-header-name didn't strip trailing carriage returns or linefeeds
  190. properly, so they could be used in the file name.
  191. Daniel Stenberg (16 Apr 2010)
  192. - Jerome Vouillon made the GnuTLS SSL handshake phase non-blocking.
  193. - The recent overhaul of the SSL recv function made the GnuTLS specific code
  194. treat a zero returned from gnutls_record_recv() as an error, and this caused
  195. our HTTPS test cases to fail. We leave it to upper layer code to detect if
  196. an EOF is a problem or not.
  197. - I reverted the resolver fix from yesterday and instead removed all uses of
  198. AI_CANONNAME all over libcurl and made the only user of that info (krb5.c)
  199. use the host name from the URL instead. No reverse resolving is a good
  200. thing.
  201. - Paul Howarth made configure properly detect GSS "on ancient Linux distros"
  202. by editing in which order we use headers to detect GSS.
  203. Daniel Stenberg (15 Apr 2010)
  204. - Rainer Canavan filed bug report #2987196 that identified libcurl doing
  205. unnecesary reverse name lookups in many cases when built to use IPv4 and
  206. getaddrinfo(). The logic for ipv6 is now used for ipv4 too.
  207. (http://curl.haxx.se/bug/view.cgi?id=2963679)
  208. Version 7.20.1 (14 April 2010)
  209. Daniel Stenberg (9 Apr 2010)
  210. - Prefixing the FTP quote commands with an asterisk really only worked for the
  211. postquote actions. This is now fixed and test case 227 has been extended to
  212. verify.
  213. Kamil Dudka (4 Apr 2010)
  214. - Eliminated a race condition in Curl_resolv_timeout().
  215. - Refactorized interface of Curl_ssl_recv()/Curl_ssl_send().
  216. - libcurl-NSS now provides more accurate messages and error codes in case of
  217. client certificate problem. Either during connection, or transfer phase.
  218. Daniel Stenberg (1 Apr 2010)
  219. - Matt Wixson found and fixed a bug in the SCP/SFTP area where the code
  220. treated a 0 return code from libssh2 to be the same as EAGAIN while in
  221. reality it isn't. The problem caused a hang in SFTP transfers from a
  222. MessageWay server.
  223. Daniel Stenberg (28 Mar 2010)
  224. - Ben Greear: If you pass a URL to pop3 that does not contain a message ID as
  225. part of the URL, it would previously ask for 'INBOX' which just causes the
  226. pop3 server to return an error.
  227. Now libcurl treats en empty message ID as a request for LIST (list of pop3
  228. message IDs). User's code could then parse this and download individual
  229. messages as desired.
  230. Daniel Stenberg (27 Mar 2010)
  231. - Ben Greear brought a patch that from now on allows all protocols to specify
  232. name and user within the URL, in the same manner HTTP and FTP have been
  233. allowed to in the past - although far from all of the libcurl supported
  234. protocls actually have that feature in their URL definition spec.
  235. Daniel Stenberg (26 Mar 2010)
  236. - Ben Greear brought code that makes the rate limiting code for the easy
  237. interface a bit smoother as it introduces sub-second sleeps during it and it
  238. also takes the buffer sizes into account.
  239. Daniel Stenberg (24 Mar 2010)
  240. - Bob Richmond: There's an annoying situation where libcurl will read new HTTP
  241. response data from a socket, then check if it's a timeout if one is set. If
  242. the last packet received constitutes the end of the response body, libcurl
  243. still treats it as a timeout condition and reports a message like:
  244. "Operation timed out after 3000 milliseconds with 876 out of 876 bytes
  245. received"
  246. It should only a timeout if the timer lapsed and we DIDN'T receive the end
  247. of the response body yet.
  248. - Christopher Conroy fixed a problem with RTSP and GET_PARAMETER reported
  249. to us by Massimo Callegari. There's a new test case 572 that verifies this
  250. now.
  251. - The 'ares' subtree has been removed from the source repository. It was
  252. always a separate project that sort of piggybacked on the curl project since
  253. the dawn of times and now the time has come for it to go stand on its own
  254. legs and continue living its own life. All details on c-ares and its new
  255. source code repository is found at http://c-ares.haxx.se/
  256. Daniel Stenberg (23 Mar 2010)
  257. - Kenny To filed the bug report #2963679 with patch to fix a problem he
  258. experienced with doing multi interface HTTP POST over a proxy using
  259. PROXYTUNNEL. He found a case where it would connect fine but bits.tcpconnect
  260. was not set correct so libcurl didn't work properly.
  261. (http://curl.haxx.se/bug/view.cgi?id=2963679)
  262. - Akos Pasztory filed debian bug report #572276
  263. http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=572276 mentioning a problem
  264. with a resource that returns chunked-encoded _and_ with a Content-Length
  265. and libcurl failed to properly ignore the latter information.
  266. - Hauke Duden provided an example program that made the multi interface crash.
  267. His example simply used the multi interface and did first one FTP transfer
  268. and after completion it used a second easy handle and did another FTP
  269. transfer on the same FTP server.
  270. This triggered a bug in the "delayed easy handle kill" system that curl
  271. uses: when an FTP connection is left alive it must keep an easy handle
  272. around internally - only for the purpose of having an easy handle when it
  273. later disconnects it. The code assumed that when the easy handle was removed
  274. and an internal reference was made, that version could be killed later on
  275. when a new easy handle came using the same connection. This was wrong as
  276. Hauke's example showed that the removed handle wasn't killed for real until
  277. later. This caused a double close attempt => segfault.
  278. Daniel Stenberg (22 Mar 2010)
  279. - Thomas Lopatic fixed the alarm()-based DNS timeout:
  280. Looking at the code of Curl_resolv_timeout() in hostip.c, I think that in
  281. case of a timeout, the signal handler for SIGALRM never gets removed. I
  282. think that in my case it gets executed at some point later on when execution
  283. has long left Curl_resolv_timeout() or even the cURL library.
  284. The code that is jumped to with siglongjmp() simply sets the error message
  285. to "name lookup timed out" and then returns with CURLRESOLV_ERROR. I guess
  286. that instead of simply returning without cleaning up, the code should have a
  287. goto that jumps to the spot right after the call to Curl_resolv().
  288. Kamil Dudka (22 Mar 2010)
  289. - Douglas Steinwand contributed a patch fixing insufficient initialization in
  290. Curl_clone_ssl_config()
  291. Daniel Stenberg (21 Mar 2010)
  292. - Ben Greear improved TFTP: the error code returning and the treatment
  293. of TSIZE == 0 when uploading.
  294. - We've switched from CVS to git. See http://curl.haxx.se/source.html
  295. Kamil Dudka (19 Mar 2010)
  296. - Improved Curl_read() to not ignore the error returned from Curl_ssl_recv().
  297. Daniel Stenberg (15 Mar 2010)
  298. - Constantine Sapuntzakis brought a patch:
  299. The problem mentioned on Dec 10 2009
  300. (http://curl.haxx.se/bug/view.cgi?id=2905220) was only partially fixed.
  301. Partially because an easy handle can be associated with many connections in
  302. the cache (e.g. if there is a redirect during the lifetime of the easy
  303. handle). The previous patch only cleaned up the first one. The new fix now
  304. removes the easy handle from all connections, not just the first one.
  305. Daniel Stenberg (6 Mar 2010)
  306. - Ben Greear brought a patch that fixed the rate limiting logic for TFTP when
  307. the easy interface was used.
  308. Daniel Stenberg (5 Mar 2010)
  309. - Daniel Johnson provided fixes for building curl with the clang compiler.
  310. Yang Tse (5 Mar 2010)
  311. - Constantine Sapuntzakis detected and fixed a double free in builds done
  312. with threaded resolver enabled (Windows default configuration) that would
  313. get triggered when a curl handle is closed while doing DNS resolution.
  314. Daniel Stenberg (2 Mar 2010)
  315. - [Daniel Johnson] I've been trying to build libcurl with clang on Darwin and
  316. ran into some issues with the GSSAPI tests in configure.ac. The tests first
  317. try to determine the include dirs and libs and set CPPFLAGS and LIBS
  318. accordingly. It then checks for the headers and finally sets LIBS a second
  319. time, causing the libs to be included twice. The first setting of LIBS seems
  320. redundant and should be left out, since the first part is otherwise just
  321. about finding headers.
  322. My second issue is that 'krb5-config --libs gssapi' on Darwin is less than
  323. useless and returns junk that, while it happens to work with gcc, causes
  324. clang to choke. For example, --libs returns $CFLAGS along with the libs,
  325. which is really retarded. Simply setting 'LIBS="$LIBS -lgssapi_krb5
  326. -lresolv"' on Darwin is sufficient.
  327. - Based on patch provided by Jacob Moshenko, the transfer logic now properly
  328. makes sure that when using sub-second timeouts, there's no final bad 1000ms
  329. wait. Previously, a sub-second timeout would often make the elapsed time end
  330. up the time rounded up to the nearest second (e.g. 1s for 200ms timeout)
  331. - Andrei Benea filed bug report #2956698 and pointed out that the
  332. CURLOPT_CERTINFO feature leaked memory due to a missing OpenSSL function
  333. call. He provided the patch to fix it too.
  334. http://curl.haxx.se/bug/view.cgi?id=2956698
  335. - Markus Duft pointed out in bug #2961796 that even though Interix has a
  336. poll() function it doesn't quite work the way we want it so we must disable
  337. it, and he also provided a patch for it.
  338. http://curl.haxx.se/bug/view.cgi?id=2961796
  339. - Made the pingpong timeout code properly deal with the response timeout AND
  340. the global timeout if set. Also, as was reported in the bug report #2956437
  341. by Ryan Chan, the time stamp to use as basis for the per command timeout was
  342. not set properly in the DONE phase for FTP (and not for SMTP) so I fixed
  343. that just now. This was a regression compared to 7.19.7 due to the
  344. conversion of FTP code over to the generic pingpong concepts.
  345. http://curl.haxx.se/bug/view.cgi?id=2956437
  346. Daniel Stenberg (1 Mar 2010)
  347. - Ben Greear provided an update for TFTP that fixes upload.
  348. - Wesley Miaw reported bug #2958179 which identified a case of looping during
  349. OpenSSL based SSL handshaking even though the multi interface was used and
  350. there was no good reason for it.
  351. http://curl.haxx.se/bug/view.cgi?id=2958179
  352. Daniel Stenberg (26 Feb 2010)
  353. - Pat Ray in bug #2958474 pointed out an off-by-one case when receiving a
  354. chunked-encoding trailer.
  355. http://curl.haxx.se/bug/view.cgi?id=2958474
  356. Daniel Fandrich (25 Feb 2010)
  357. - Fixed a couple of out of memory leaks and a segfault in the SMTP & IMAP code.
  358. Yang Tse (25 Feb 2010)
  359. - I fixed bug report #2958074 indicating
  360. (http://curl.haxx.se/bug/view.cgi?id=2958074) that curl on Windows with
  361. option --trace-time did not use local time when timestamping trace lines.
  362. This could also happen on other systems depending on time souurce.
  363. Patrick Monnerat (22 Feb 2010)
  364. - Proper handling of STARTTLS on SMTP, taking CURLUSESSL_TRY into account.
  365. - SMTP falls back to RFC821 HELO when EHLO fails (and SSL is not required).
  366. - Use of true local host name (i.e.: via gethostname()) when available, as
  367. default argument to SMTP HELO/EHLO.
  368. - Test case 804 for HELO fallback.
  369. Daniel Stenberg (20 Feb 2010)
  370. - Fixed the SMTP compliance by making sure RCPT TO addresses are specified
  371. properly in angle brackets. Recipients provided with CURLOPT_MAIL_RCPT now
  372. get angle bracket wrapping automatically by libcurl unless the recipient
  373. starts with an angle bracket as then the app is assumed to deal with that
  374. properly on its own.
  375. - I made the SMTP code expect a 250 response back from the server after the
  376. full DATA has been sent, and I modified the test SMTP server to also send
  377. that response. As usual, the DONE operation that is made after a completed
  378. transfer is still not doable in a non-blocking way so this waiting for 250
  379. is unfortunately made blockingly.
  380. Yang Tse (14 Feb 2010)
  381. - Overhauled test suite getpart() function. Fixing potential out of bounds
  382. stack and memory overwrites triggered with huge test case definitions.
  383. Daniel Stenberg (13 Feb 2010)
  384. - Martin Hager reported and fixed a problem with a missing quote in libcurl.m4
  385. (http://curl.haxx.se/bug/view.cgi?id=2951319)
  386. - Tom Donovan fixed the CURL_FORMAT_* defines when building with cmake.
  387. (http://curl.haxx.se/bug/view.cgi?id=2951269)
  388. Daniel Stenberg (12 Feb 2010)
  389. - Jack Zhang reported a problem with SMTP: we wrongly used multiple addresses
  390. in the same RCPT TO line, when they should be sent in separate single
  391. commands. I updated test case 802 to verify this.
  392. - I also fixed a bad use of my_setopt_str() of CURLOPT_MAIL_RCPT in the curl
  393. tool which made it try to output it as string for the --libcurl feature
  394. which could lead to crashes.
  395. Yang Tse (11 Feb 2010)
  396. - Steven M. Schweda fixed VMS builder bad behavior when used in a batch job,
  397. removed obsolete batch_compile.com and defines.com and updated VMS readme.
  398. Version 7.20.0 (9 February 2010)
  399. Daniel Stenberg (9 Feb 2010)
  400. - When downloading compressed content over HTTP and the app asked libcurl to
  401. automatically uncompress it with the CURLOPT_ENCODING option, libcurl could
  402. wrongly provide the callback with more data than the maximum documented
  403. amount. An application could thus get tricked into badness if the maximum
  404. limit was trusted to be enforced by libcurl itself (as it is documented).
  405. This is further detailed and explained in the libcurl security advisory
  406. 20100209 at
  407. http://curl.haxx.se/docs/adv_20100209.html
  408. Daniel Fandrich (3 Feb 2010)
  409. - Changed the Watcom makefiles to make them easier to keep in sync with
  410. Makefile.inc since that can't be included directly.
  411. Yang Tse (2 Feb 2010)
  412. - Symbol CURL_FORMAT_OFF_T now obsoleted, will be removed in a future release,
  413. symbol will not be available when building with CURL_NO_OLDIES defined. Use
  414. of CURL_FORMAT_CURL_OFF_T is preferred since 7.19.0
  415. Daniel Stenberg (1 Feb 2010)
  416. - Using the multi_socket API, it turns out at times it seemed to "forget"
  417. connections (which caused a hang). It turned out to be an existing (7.19.7)
  418. bug in libcurl (that's been around for a long time) and it happened like
  419. this:
  420. The app calls curl_multi_add_handle() to add a new easy handle, libcurl will
  421. then set it to timeout in 1 millisecond so libcurl will tell the app about
  422. it.
  423. The app's timeout fires off that there's a timeout, the app calls libcurl as
  424. we so often document it:
  425. do {
  426. res = curl_multi_socket_action(... TIMEOUT ...);
  427. } while(CURLM_CALL_MULTI_PERFORM == res);
  428. And this is the problem number one:
  429. When curl_multi_socket_action() is called with no specific handle, but only
  430. a timeout-action, it will *only* perform actions within libcurl that are
  431. marked to run at this time. In this case, the request would go from INIT to
  432. CONNECT and return CURLM_CALL_MULTI_PERFORM. When the app then calls libcurl
  433. again, there's no timer set for this handle so it remains in the CONNECT
  434. state. The CONNECT state is a transitional state in libcurl so it reports no
  435. sockets there, and thus libcurl never tells the app anything more about that
  436. easy handle/connection.
  437. libcurl _does_ set a 1ms timeout for the handle at the end of
  438. multi_runsingle() if it returns CURLM_CALL_MULTI_PERFORM, but since the loop
  439. is instant the new job is not ready to run at that point (and there's no
  440. code that makes libcurl call the app to update the timout for this new
  441. timeout). It will simply rely on that some other timeout will trigger later
  442. on or that something else will update the timeout callback. This makes the
  443. bug fairly hard to repeat.
  444. The fix made to adress this issue:
  445. We introduce a loop in lib/multi.c around all calls to multi_runsingle() and
  446. simply check for CURLM_CALL_MULTI_PERFORM internally. This has the added
  447. benefit that this goes in line with my long-term wishes to get rid of the
  448. CURLM_CALL_MULTI_PERFORM all together from the public API.
  449. The downside of this fix, is that the counter we return in 'running_handles'
  450. in several of our public functions then gets a slightly new and possibly
  451. confusing behavior during times:
  452. If an app adds a handle that fails to connect (very quickly) it may just
  453. as well never appear as a 'running_handle' with this fix. Previously it
  454. would first bump the counter only to get it decreased again at next call.
  455. Even I have used that change in handle counter to signal "end of a
  456. transfer". The only *good* way to find the end of a individual transfer
  457. is calling curl_multi_info_read() to see if it returns one.
  458. Of course, if the app previously did the looping before it checked the
  459. counter, it really shouldn't be any new effect.
  460. Yang Tse (26 Jan 2010)
  461. - Constantine Sapuntzakis' and Joshua Kwan's work done in the last four months
  462. relative to the asynchronous DNS lookups, along with with some integration
  463. adjustments I have done are finally committed to CVS.
  464. Currently these enhancements will benefit builds done using c-ares on any
  465. platform as well as Windows builds using the default threaded resolver.
  466. This release does not make generally available POSIX threaded DNS lookups
  467. yet. There is no configure option to enable this feature yet. It is possible
  468. to experimantally try this feature running configure with compiler flags that
  469. make simultaneous definition of preprocessor symbols USE_THREADS_POSIX and
  470. HAVE_PTHREAD_H, as well as whatever reentrancy compiler flags and linker ones
  471. are required to link and properly use pthread_* functions on each platform.
  472. Daniel Stenberg (26 Jan 2010)
  473. - Mike Crowe made libcurl return CURLE_COULDNT_RESOLVE_PROXY when it is the
  474. proxy that cannot be resolved when using c-ares. This matches the behaviour
  475. when not using c-ares.
  476. Björn Stenberg (23 Jan 2010)
  477. - Added a new flag: -J/--remote-header-name. This option tells the
  478. -O/--remote-name option to use the server-specified Content-Disposition
  479. filename instead of extracting a filename from the URL.
  480. Daniel Stenberg (21 Jan 2010)
  481. - Chris Conroy brought support for RTSP transfers, and with it comes 8(!) new
  482. libcurl options for controlling what to get and how to receive posssibly
  483. interleaved RTP data.
  484. Daniel Stenberg (20 Jan 2010)
  485. - As was pointed out on the http-state mailing list, the order of cookies in a
  486. HTTP Cookie: header _needs_ to be sorted on the path length in the cases
  487. where two cookies using the same name are set more than once using
  488. (overlapping) paths. Realizing this, identically named cookies must be
  489. sorted correctly. But detecting only identically named cookies and take care
  490. of them individually is harder than just to blindly and unconditionally sort
  491. all cookies based on their path lengths. All major browsers also already do
  492. this, so this makes our behavior one step closer to them in the cookie area.
  493. Test case 8 was the only one that broke due to this change and I updated it
  494. accordingly.
  495. Daniel Stenberg (19 Jan 2010)
  496. - David McCreedy brought a fix and a new test case (129) to make libcurl work
  497. again when downloading files over FTP using ASCII and it turns out that the
  498. final size of the file is not the same as the initial size the server
  499. reported. This is very common since servers don't take the newline
  500. conversions into account.
  501. Kamil Dudka (14 Jan 2010)
  502. - Suppressed side effect of OpenSSL configure checks, which prevented NSS from
  503. being properly detected under certain circumstances. It had been caused by
  504. strange behavior of pkg-config when handling PKG_CONFIG_LIBDIR. pkg-config
  505. distinguishes among empty and non-existent environment variable in that case.
  506. Daniel Stenberg (12 Jan 2010)
  507. - Gil Weber reported a peculiar flaw with the multi interface when doing SFTP
  508. transfers: curl_multi_fdset() would return -1 and not set and file
  509. descriptors several times during a transfer of a single file. It turned out
  510. to be due to two different flaws now fixed. Gil's excellent recipe helped me
  511. nail this.
  512. Daniel Stenberg (11 Jan 2010)
  513. - Made sure that the progress callback is repeatedly called at a regular
  514. interval even during very slow connects.
  515. - The tests/runtests.pl script now checks to see if the test case that runs is
  516. present in the tests/data/Makefile.am and outputs a notice message on the
  517. screen if not. Each test file has to be included in that Makefile.am to get
  518. included in release archives and forgetting to add files there is a common
  519. mistake. This is an attempt to make it harder to forget.
  520. Daniel Stenberg (9 Jan 2010)
  521. - Johan van Selst found and fixed a OpenSSL session ref count leak:
  522. ossl_connect_step3() increments an SSL session handle reference counter on
  523. each call. When sessions are re-used this reference counter may be
  524. incremented many times, but it will be decremented only once when done (by
  525. Curl_ossl_session_free()); and the internal OpenSSL data will not be freed
  526. if this reference count remains positive. When a session is re-used the
  527. reference counter should be corrected by explicitly calling
  528. SSL_SESSION_free() after each consecutive SSL_get1_session() to avoid
  529. introducing a memory leak.
  530. (http://curl.haxx.se/bug/view.cgi?id=2926284)
  531. Daniel Stenberg (7 Jan 2010)
  532. - Make sure the progress callback is called repeatedly even during very slow
  533. name resolves when c-ares is used for resolving.
  534. Claes Jakobsson (6 Jan 2010)
  535. - Julien Chaffraix fixed so that the fragment part in an URL is not sent
  536. to the server anymore.
  537. Kamil Dudka (3 Jan 2010)
  538. - Julien Chaffraix eliminated a duplicated initialization in singlesocket().
  539. Daniel Stenberg (2 Jan 2010)
  540. - Make curl support --ssl and --ssl-reqd instead of the previous FTP-specific
  541. versions --ftp-ssl and --ftp-ssl-reqd as these options are now used to
  542. control SSL/TLS for IMAP, POP3 and SMTP as well in addition to FTP. The old
  543. option names are still working but the new ones are the ones listed and
  544. documented.
  545. Daniel Stenberg (1 Jan 2010)
  546. - Ingmar Runge enhanced libcurl's FTP engine to support the PRET command. This
  547. command is a special "hack" used by the drftpd server, but even though it is
  548. a custom extension I've deemed it fine to add to libcurl since this server
  549. seems to survive and people keep using it and want libcurl to support
  550. it. The new libcurl option is named CURLOPT_FTP_USE_PRET, and it is also
  551. usable from the curl tool with --ftp-pret. Using this option on a server
  552. that doesn't support this command will make libcurl fail.
  553. I added test cases 1107 and 1108 to verify the functionality.
  554. The PRET command is documented at
  555. http://www.drftpd.org/index.php/Distributed_PASV
  556. Yang Tse (30 Dec 2009)
  557. - Steven M. Schweda improved VMS build system, and Craig A. Berry helped
  558. with the patch and testing.
  559. Daniel Stenberg (26 Dec 2009)
  560. - Renato Botelho and Peter Pentchev brought a patch that makes the libcurl
  561. headers work correctly even on FreeBSD systems before v8.
  562. (http://curl.haxx.se/bug/view.cgi?id=2916915)
  563. Daniel Stenberg (17 Dec 2009)
  564. - David Byron fixed Curl_ossl_cleanup to actually call ENGINE_cleanup when
  565. available.
  566. - Follow-up fix for the proxy fix I did for Jon Nelson's bug. It turned out I
  567. was a bit too quick and broke test case 1101 with that change. The order of
  568. some of the setups is sensitive. I now changed it slightly again to make
  569. sure we do them in this order:
  570. 1 - parse URL and figure out what protocol is used in the URL
  571. 2 - prepend protocol:// to URL if missing
  572. 3 - parse name+password off URL, which needs to know what protocol is used
  573. (since only some allows for name+password in the URL)
  574. 4 - figure out if a proxy should be used set by an option
  575. 5 - if no proxy option, check proxy environment variables
  576. 6 - run the protocol-specific setup function, which needs to have the proxy
  577. already set
  578. Daniel Stenberg (15 Dec 2009)
  579. - Jon Nelson found a regression that turned out to be a flaw in how libcurl
  580. detects and uses proxies based on the environment variables. If the proxy
  581. was given as an explicit option it worked, but due to the setup order
  582. mistake proxies would not be used fine for a few protocols when picked up
  583. from '[protocol]_proxy'. Obviously this broke after 7.19.4. I now also added
  584. test case 1106 that verifies this functionality.
  585. (http://curl.haxx.se/bug/view.cgi?id=2913886)
  586. Daniel Stenberg (12 Dec 2009)
  587. - IMAP, POP3 and SMTP support and their TLS versions (including IMAPS, POP3S
  588. and SMTPS) are now supported. The current state may not yet be solid, but
  589. the foundation is in place and the test suite has some initial support for
  590. these protocols. Work will now persue to make them nice libcurl citizens
  591. until release.
  592. The work with supporting these new protocols was sponsored by
  593. networking4all.com - thanks!
  594. Daniel Stenberg (10 Dec 2009)
  595. - Siegfried Gyuricsko found out that the curl manual said --retry would retry
  596. on FTP errors in the transient 5xx range. Transient FTP errors are in the
  597. 4xx range. The code itself only tried on 5xx errors that occured _at login_.
  598. Now the retry code retries on all FTP transfer failures that ended with a
  599. 4xx response.
  600. (http://curl.haxx.se/bug/view.cgi?id=2911279)
  601. - Constantine Sapuntzakis figured out a case which would lead to libcurl
  602. accessing alredy freed memory and thus crash when using HTTPS (with
  603. OpenSSL), multi interface and the CURLOPT_DEBUGFUNCTION and a certain order
  604. of cleaning things up. I fixed it.
  605. (http://curl.haxx.se/bug/view.cgi?id=2905220)
  606. Daniel Stenberg (7 Dec 2009)
  607. - Martin Storsjo made libcurl use the Expect: 100-continue header for posts
  608. with unknown size. Previously it was only used for posts with a known size
  609. larger than 1024 bytes.
  610. Daniel Stenberg (1 Dec 2009)
  611. - If the Expect: 100-continue header has been set by the application through
  612. curl_easy_setopt with CURLOPT_HTTPHEADER, the library should set
  613. data->state.expect100header accordingly - the current code (in 7.19.7 at
  614. least) doesn't handle this properly. Martin Storsjo provided the fix!
  615. Yang Tse (28 Nov 2009)
  616. - Added Diffie-Hellman parameters to several test harness certificate files in
  617. PEM format. Required by several stunnel versions used by our test harness.
  618. Daniel Stenberg (28 Nov 2009)
  619. - Markus Koetter provided a polished and updated version of Chad Monroe's TFTP
  620. rework patch that now integrates TFTP properly into libcurl so that it can
  621. be used non-blocking with the multi interface and more. BLKSIZE also works.
  622. The --tftp-blksize option was added to allow setting the TFTP BLKSIZE from
  623. the command line.
  624. Daniel Stenberg (26 Nov 2009)
  625. - Extended and fixed the change I did on Dec 11 for the the progress
  626. meter/callback during FTP command/response sequences. It turned out it was
  627. really lame before and now the progress meter SHOULD get called at least
  628. once per second.
  629. Daniel Stenberg (23 Nov 2009)
  630. - Bjorn Augustsson reported a bug which made curl not report any problems even
  631. though it failed to write a very small download to disk (done in a single
  632. fwrite call). It turned out to be because fwrite() returned success, but
  633. there was insufficient error-checking for the fclose() call which tricked
  634. curl to believe things were fine.
  635. Yang Tse (23 Nov 2009)
  636. - David Byron modified Makefile.dist vc8 and vc9 targets in order to allow
  637. finer granularity control when generating src and lib makefiles.
  638. Yang Tse (22 Nov 2009)
  639. - I modified configure to force removal of the curlbuild.h file included in
  640. distribution tarballs for use by non-configure systems. As intended, this
  641. would get overwriten when doing in-tree builds. But VPATH builds would end
  642. having two curlbuild.h files, one in the source tree and another in the
  643. build tree. With the modification I introduced 5 Nov 2009 this could become
  644. an issue when running libcurl's test suite.
  645. Daniel Stenberg (20 Nov 2009)
  646. - Constantine Sapuntzakis identified a write after close, as the sockets were
  647. closed by libcurl before the SSL lib were shutdown and they may write to its
  648. socket. Detected to at least happen with OpenSSL builds.
  649. - Jad Chamcham pointed out a bug with connection re-use. If a connection had
  650. CURLOPT_HTTPPROXYTUNNEL enabled over a proxy, a subsequent request using the
  651. same proxy with the tunnel option disabled would still wrongly re-use that
  652. previous connection and the outcome would only be badness.
  653. Yang Tse (18 Nov 2009)
  654. - I modified the memory tracking system to make it intolerant with zero sized
  655. malloc(), calloc() and realloc() function calls.
  656. Daniel Stenberg (17 Nov 2009)
  657. - Constantine Sapuntzakis provided another fix for the DNS cache that could
  658. end up with entries that wouldn't time-out:
  659. 1. Set up a first web server that redirects (307) to a http://server:port
  660. that's down
  661. 2. Have curl connect to the first web server using curl multi
  662. After the curl_easy_cleanup call, there will be curl dns entries hanging
  663. around with in_use != 0.
  664. (http://curl.haxx.se/bug/view.cgi?id=2891591)
  665. - Marc Kleine-Budde fixed: curl saved the LDFLAGS set during configure into
  666. its pkg-config file. So -Wl stuff ended up in the .pc file, which is really
  667. bad, and breaks if there are multiple -Wl in our LDFLAGS (which are in
  668. PTXdist). bug #2893592 (http://curl.haxx.se/bug/view.cgi?id=2893592)
  669. Kamil Dudka (15 Nov 2009)
  670. - David Byron improved the configure script to use pkg-config to find OpenSSL
  671. (and in particular the list of required libraries) even if a path is given
  672. as argument to --with-ssl
  673. Yang Tse (15 Nov 2009)
  674. - I removed enable-thread / disable-thread configure option. These were only
  675. placebo options. The library is always built as thread safe as possible on
  676. every system.
  677. Claes Jakobsson (14 Nov 2009)
  678. - curl-config now accepts '--configure' to see what arguments was
  679. passed to the configure script when building curl.
  680. Daniel Stenberg (14 Nov 2009)
  681. - Claes Jakobsson restored the configure functionality to detect NSS when
  682. --with-nss is set but not "yes".
  683. I think we can still improve that to check for pkg-config in that path etc,
  684. but at least this patch brings back the same functionality we had before.
  685. - Camille Moncelier added support for the file type SSL_FILETYPE_ENGINE for
  686. the client certificate. It also disable the key name test as some engines
  687. can select a private key/cert automatically (When there is only one key
  688. and/or certificate on the hardware device used by the engine)
  689. Yang Tse (14 Nov 2009)
  690. - Constantine Sapuntzakis provided the fix that ensures that an SSL connection
  691. won't be reused unless protection level for peer and host verification match.
  692. I refactored how preprocessor symbol _THREAD_SAFE definition is done.
  693. Kamil Dudka (12 Nov 2009)
  694. - Kevin Baughman provided a fix preventing libcurl-NSS from crash on doubly
  695. closed NSPR descriptor. The issue was hard to find, reported several times
  696. before and always closed unresolved. More info at the RH bug:
  697. https://bugzilla.redhat.com/534176
  698. - libcurl-NSS now tries to reconnect with TLS disabled in case it detects
  699. a broken TLS server. However it does not happen if SSL version is selected
  700. manually. The approach was originally taken from PSM. Kaspar Brand helped me
  701. to complete the patch. Original bug reports:
  702. https://bugzilla.redhat.com/525496
  703. https://bugzilla.redhat.com/527771
  704. Yang Tse (12 Nov 2009)
  705. - I modified configure script to make the getaddrinfo function check also
  706. verify if the function is thread safe.
  707. Yang Tse (11 Nov 2009)
  708. - Marco Maggi reported that compilation failed when configured --with-gssapi
  709. and GNU GSS installed due to a missing mutual exclusion of header files in
  710. the Kerberos 5 code path. He also verified that my patch worked for him.
  711. Daniel Stenberg (11 Nov 2009)
  712. - Constantine Sapuntzakis posted bug #2891595
  713. (http://curl.haxx.se/bug/view.cgi?id=2891595) which identified how an entry
  714. in the DNS cache would linger too long if the request that added it was in
  715. use that long. He also provided the patch that now makes libcurl capable of
  716. still doing a request while the DNS hash entry may get timed out.
  717. - Christian Schmitz noticed that the progress meter/callback was not properly
  718. used during the FTP connection phase (after the actual TCP connect), while
  719. it of course should be. I also made the speed check get called correctly so
  720. that really slow servers will trigger that properly too.
  721. Kamil Dudka (5 Nov 2009)
  722. - Dropped misleading timeouts in libcurl-NSS and made sure the SSL socket works
  723. in non-blocking mode.
  724. Yang Tse (5 Nov 2009)
  725. - I removed leading 'curl' path on the 'curlbuild.h' include statement in
  726. curl.h, adjusting auto-makefiles include path, to enhance portability to
  727. OS's without an orthogonal directory tree structure such as OS/400.
  728. Daniel Stenberg (4 Nov 2009)
  729. - I fixed several problems with the transfer progress meter. It showed the
  730. wrong percentage for small files, most notable for <1000 bytes and could
  731. easily end up showing more than 100% at the end. It also didn't show any
  732. percentage, transfer size or estimated transfer times when transferring
  733. less than 100 bytes.
  734. Version 7.19.7 (4 November 2009)
  735. Daniel Stenberg (2 Nov 2009)
  736. - As reported independent by both Stan van de Burgt and Didier Brisebourg,
  737. CURLINFO_SIZE_DOWNLOAD (the -w variable size_download) didn't work when
  738. getting data from ldap!
  739. Daniel Stenberg (31 Oct 2009)
  740. - Gabriel Kuri reported a problem with CURLINFO_CONTENT_LENGTH_DOWNLOAD if the
  741. download was 0 bytes, as libcurl would then return the size as unknown (-1)
  742. and not 0. I wrote a fix and test case 566 to verify it.
  743. Daniel Stenberg (30 Oct 2009)
  744. - Liza Alenchery mentioned a problem with re-used SCP connection when a bad
  745. auth is used, as it caused a crash. I failed to repeat the issue, but still
  746. made a change that now forces the TCP connection used for a freed SCP
  747. session to get closed and not be re-used.
  748. - "Tom" posted a bug report that mentioned how libcurl did wrong when doing a
  749. POST using a read callback, with Digest authentication and
  750. "Transfer-Encoding: chunked" enforced. I would then cause the first request
  751. to be wrongly sent and then basically hang until the server closed the
  752. connection. I fixed the problem and added test case 565 to verify it.
  753. Daniel Stenberg (25 Oct 2009)
  754. - Dima Barsky made the curl cookie parser accept cookies even with blank or
  755. unparsable expiry dates and then treat them as session cookies - previously
  756. libcurl would reject cookies with a date format it couldn't parse. Research
  757. shows that the major browser treat such cookies as session cookies. I
  758. modified test 8 and 31 to verify this.
  759. Daniel Stenberg (21 Oct 2009)
  760. - Attempt to use pkg-config for finding out libssh2 installation details
  761. during configure.
  762. - A patch in bug report #2883177 (http://curl.haxx.se/bug/view.cgi?id=2883177)
  763. by Johan van Selst introduced the --crlfile option to curl, which makes curl
  764. tell libcurl about a file with CRL (certificate revocation list) data to
  765. read.
  766. Daniel Stenberg (18 Oct 2009)
  767. - Ray Dassen provided a patch in Debian's bug tracker (bug number #551461)
  768. that now makes curl_getdate(3) actually handles RFC 822 formatted dates that
  769. use the "single letter military timezones".
  770. http://www.rfc-ref.org/RFC-TEXTS/822/chapter5.html has the details.
  771. - Fixed memory leak in the SCP/SFTP code as it never freed the knownhosts
  772. data!
  773. - John Dennis filed bug report #2873666
  774. (http://curl.haxx.se/bug/view.cgi?id=2873666) which identified a problem
  775. which made libcurl loop infinitely when given incorrect credentials when
  776. using HTTP GSS negotiate authentication. He also provided a small and simple
  777. patch for it.
  778. - Kevin Baughman found a double close() problem with libcurl-NSS, as when
  779. libcurl called NSS to close the SSL "session" it also closed the actual
  780. socket.
  781. Yang Tse (17 Oct 2009)
  782. - Bug report #2866724 indicated
  783. (http://curl.haxx.se/bug/view.cgi?id=2866724) that curl on Windows failed
  784. when writing files whose file names originally contained characters which
  785. are not valid for file names on Windows. Dan Fandrich provided an initial
  786. patch and another revised one to fix this issue.
  787. Daniel Stenberg (1 Oct 2009)
  788. - Tom Mueller correctly reported in bug report #2870221
  789. (http://curl.haxx.se/bug/view.cgi?id=2870221) that libcurl returned an
  790. incorrect return code from the internal trynextip() function which caused
  791. him grief. This is a regression that was introduced in 7.19.1 and I find it
  792. strange it hasn't hit us harder, but I won't persue into figuring out
  793. exactly why.
  794. - Constantine Sapuntzakis: The current implementation will always set
  795. SO_SNDBUF to CURL_WRITE_SIZE even if the SO_SNDBUF starts out larger. The
  796. patch doesn't do a setsockopt if SO_SNDBUF is already greater than
  797. CURL_WRITE_SIZE. This should help folks who have set up their computer with
  798. large send buffers.
  799. Daniel Stenberg (27 Sep 2009)
  800. - I introduced a maximum limit for received HTTP headers. It is controlled by
  801. the define CURL_MAX_HTTP_HEADER which is even exposed in the public header
  802. file to allow for users to fairly easy rebuild libcurl with a modified
  803. limit. The rationale for a fixed limit is that libcurl is realloc()ing a
  804. buffer to be able to put a full header into it, so that it can call the
  805. header callback with the entire header, but that also risk getting it into
  806. trouble if a server by mistake or willingly sends a header that is more or
  807. less without an end. The limit is set to 100K.
  808. Daniel Stenberg (26 Sep 2009)
  809. - John P. McCaskey posted a bug report that showed how libcurl did wrong when
  810. saving received cookies with no given path, if the path in the request had a
  811. query part. That is means a question mark (?) and characters on the right
  812. side of that. I wrote test case 1105 and fixed this problem.
  813. Kamil Dudka (26 Sep 2009)
  814. - Implemented a protocol independent way to specify blocking direction, used by
  815. transfer.c for blocking. It is currently used only by SCP and SFTP protocols.
  816. This enhancement resolves an issue with 100% CPU usage during SFTP upload,
  817. reported by Vourhey.
  818. Daniel Stenberg (25 Sep 2009)
  819. - Chris Mumford filed bug report #2861587
  820. (http://curl.haxx.se/bug/view.cgi?id=2861587) identifying that libcurl used
  821. the OpenSSL function X509_load_crl_file() wrongly and failed if it would
  822. load a CRL file with more than one certificate within. This is now fixed.
  823. Daniel Stenberg (16 Sep 2009)
  824. - Sven Anders reported that we introduced a cert verfication flaw for OpenSSL-
  825. powered libcurl in 7.19.6. If there was a X509v3 Subject Alternative Name
  826. field in the certficate it had to match and so even if non-DNS and non-IP
  827. entry was present it caused the verification to fail.
  828. Daniel Fandrich (15 Sep 2009)
  829. - Moved the libssh2 checks after the SSL library checks. This helps when
  830. statically linking since libssh2 needs the SSL library link flags to be
  831. set up already to satisfy its dependencies. This wouldn't be necessary if
  832. the libssh2 configure check was changed to use pkg-config since the
  833. --static flag would add the dependencies automatically.
  834. Yang Tse (14 Sep 2009)
  835. - Revert Joshua Kwan's patch committed 11 Sep 2009.
  836. Some systems poll function sets POLLHUP in revents without setting
  837. POLLIN, and sets POLLERR without setting POLLIN and POLLOUT. In some
  838. libcurl code execution paths this could trigger busy wait loops with
  839. high CPU usage until a timeout condition aborted the loop.
  840. The reverted patch addressed the above issue for a very specific case,
  841. when awaiting c-ares to resolve. A libcurl-wide fix for Curl_poll now
  842. superceeds this one.
  843. Guenter Knauf (11 Sep 2009)
  844. - Joshua Kwan provided a patch to pass POLLERR / POLLHUP back to c-ares.
  845. This fixes a loop problem with high CPU usage.
  846. Daniel Stenberg (10 Sep 2009)
  847. - Claes Jakobsson fixed a problem with cookie expiry dates at exctly the epoch
  848. start second "Thu Jan 1 00:00:00 GMT 1970" as the date parser then returns 0
  849. which internally then is treated as a session cookie. That particular date
  850. is now made to get the value of 1.
  851. Daniel Stenberg (2 Sep 2009)
  852. - Daniel Johnson found a flaw in the code converting sftp-errors to libcurl
  853. errors.
  854. Daniel Stenberg (1 Sep 2009)
  855. - Peter Sylvester made a debug feature for Curl_resolv() that now will force
  856. libcurl to resolve 'localhost' whatever name you use in the URL *if* you set
  857. the --interface option to (exactly) "LocalHost". This will enable us to
  858. write tests for custom hosts names but still use a local host server.
  859. - configure now tries to use pkg-config for a number of sub-dependencies even
  860. when cross-compiling. The key to success is then you properly setup
  861. PKG_CONFIG_PATH before invoking configure.
  862. I also improved how NSS is detected by trying nss-config if pkg-config isn't
  863. present, and as a last resort just use the lib name and force the user to
  864. setup the LIBS/LDFLAGS/CFLAGS etc properly. The previous last resort would
  865. add a range of various libs that would almost never be quite correct.
  866. Daniel Stenberg (31 Aug 2009)
  867. - When using the multi interface with FTP and you asked for NOBODY, you did no
  868. QUOTE commands and the request used the same path as the connection had
  869. already changed to, it would decide that no commands would be necessary for
  870. the "DO" action and that was not handled properly but libcurl would instead
  871. hang.
  872. Kamil Dudka (28 Aug 2009)
  873. - Improved error message for not matching certificate subject name in
  874. libcurl-NSS. Originally reported at:
  875. https://bugzilla.redhat.com/show_bug.cgi?id=516056#c9
  876. Patrick Monnerat (24 Aug 2009)
  877. - Introduced a SYST-based test to properly set-up name format when dealing
  878. with the OS/400 FTP server.
  879. - Fixed an ftp_readresp() bug preventing detection of failing control socket
  880. and causing FTP client to loop forever.
  881. Daniel Stenberg (24 Aug 2009)
  882. - Marc de Bruin pointed out that configure --with-gnutls=PATH didn't work
  883. properly and provided a fix. http://curl.haxx.se/bug/view.cgi?id=2843008
  884. - Eric Wong introduced support for the new option -T. (dot) that makes curl
  885. read stdin in a non-blocking fashion. This also brings back -T- (minus) to
  886. the previous blocking behavior since it could break stuff for people at
  887. times.
  888. Michal Marek (21 Aug 2009)
  889. - With CURLOPT_PROXY_TRANSFER_MODE, avoid sending invalid URLs like
  890. ftp://example.com;type=i if the user specified ftp://example.com without the
  891. slash.
  892. Daniel Stenberg (21 Aug 2009)
  893. - Andre Guibert de Bruet pointed out a missing return code check for a
  894. strdup() that could lead to segfault if it returned NULL. I extended his
  895. suggest patch to now have Curl_retry_request() return a regular return code
  896. and better check that.
  897. - Lots of good work by Krister Johansen, mostly related to pipelining:
  898. Fix SIGSEGV on free'd easy_conn when pipe unexpectedly breaks
  899. Fix data corruption issue with re-connected transfers
  900. Fix use after free if we're completed but easy_conn not NULL
  901. Kamil Dudka (13 Aug 2009)
  902. - Changed NSS code to not ignore the value of ssl.verifyhost and produce more
  903. verbose error messages. Originally reported at:
  904. https://bugzilla.redhat.com/show_bug.cgi?id=516056
  905. Daniel Stenberg (12 Aug 2009)
  906. - Karl Moerder fixed the Makefile.vc* makefiles to include the new file
  907. nonblock.c so that they work fine again
  908. - I expanded test 517 with a bunch of more dates that originate from the
  909. Chrome browser test suite. It turns out most of them get parsed the same
  910. way.
  911. Version 7.19.6 (12 August 2009)
  912. Daniel Stenberg (12 Aug 2009)
  913. - Carsten Lange reported a bug and provided a patch for TFTP upload and the
  914. sending of the TSIZE option. I don't like fixing bugs just hours before
  915. a release, but since it was broken and the patch fixes this for him I decided
  916. to get it in anyway.
  917. Daniel Stenberg (11 Aug 2009)
  918. - Peter Sylvester made the HTTPS test server use specific certificates for
  919. each test, so that the test suite can now be used to actually test the
  920. verification of cert names etc. This made an error show up in the OpenSSL-
  921. specific code where it would attempt to match the CN field even if a
  922. subjectAltName exists that doesn't match. This is now fixed and verified
  923. in test 311.
  924. - Benbuck Nason posted the bug report #2835196
  925. (http://curl.haxx.se/bug/view.cgi?id=2835196), fixing a few compiler
  926. warnings when mixing ints and bools.
  927. Daniel Fandrich (10 Aug 2009)
  928. - Fixed a memory leak in the FTP code and an off-by-one heap buffer overflow.
  929. Daniel Fandrich (9 Aug 2009)
  930. - Fixed some memory leaks in the command-line tool that caused most of the
  931. torture tests to fail.
  932. Daniel Stenberg (2 Aug 2009)
  933. - Curt Bogmine reported a problem with SNI enabled on a particular server. We
  934. should introduce an option to disable SNI, but as we're in feature freeze
  935. now I've addressed the obvious bug here (pointed out by Peter Sylvester): we
  936. shouldn't try to enable SNI when SSLv2 or SSLv3 is explicitly selected.
  937. Code for OpenSSL and GnuTLS was fixed. NSS doesn't seem to have a particular
  938. option for SNI, or are we simply not using it?
  939. Daniel Stenberg (1 Aug 2009)
  940. - Scott Cantor posted the bug report #2829955
  941. (http://curl.haxx.se/bug/view.cgi?id=2829955) mentioning the recent SSL cert
  942. verification flaw found and exploited by Moxie Marlinspike. The presentation
  943. he did at Black Hat is available here:
  944. https://www.blackhat.com/html/bh-usa-09/bh-usa-09-archives.html#Marlinspike
  945. Apparently at least one CA allowed a subjectAltName or CN that contain a
  946. zero byte, and thus clients that assumed they would never have zero bytes
  947. were exploited to OK a certificate that didn't actually match the site. Like
  948. if the name in the cert was "example.com\0theatualsite.com", libcurl would
  949. happily verify that cert for example.com.
  950. libcurl now better uses the length of the extracted name, not using the zero
  951. termination for getting the string length.
  952. This fixing only made and needed in OpenSSL interfacing code.
  953. - Tanguy Fautre pointed out that OpenSSL's function RAND_screen() (present
  954. only in some OpenSSL installs - like on Windows) isn't thread-safe and we
  955. agreed that moving it to the global_init() function is a decent way to deal
  956. with this situation.
  957. - Alexander Beedie provided the patch for a noproxy problem: If I have set
  958. CURLOPT_NOPROXY to "*", or to a host that should not use a proxy, I actually
  959. could still end up using a proxy if a proxy environment variable was set.
  960. Daniel Stenberg (27 Jul 2009)
  961. - All the quote options (CURLOPT_QUOTE, CURLOPT_POSTQUOTE and
  962. CURLOPT_PREQUOTE) now accept a preceeding asterisk before the command to
  963. send when using FTP, as a sign that libcurl shall simply ignore the response
  964. from the server instead of treating it as an error. Not treating a 400+ FTP
  965. response code as an error means that failed commands will not abort the
  966. chain of commands, nor will they cause the connection to get disconnected.
  967. Daniel Stenberg (26 Jul 2009)
  968. - Johan van Selst posted bug report #2825989
  969. (http://curl.haxx.se/bug/view.cgi?id=2825989) pointing out that
  970. OpenSSL-powered libcurl didn't support the SHA-2 digest algorithm, and
  971. provided the solution too: to use OpenSSL_add_all_algorithms() in addition
  972. to the older SSLeay_* alternative. OpenSSL_add_all_algorithms was added in
  973. OpenSSL 0.9.5
  974. Daniel Stenberg (23 Jul 2009)
  975. - Added CURLOPT_SSH_KNOWNHOSTS, CURLOPT_SSH_KEYFUNCTION, CURLOPT_SSH_KEYDATA.
  976. They introduce known_host support for SSH keys to libcurl. See docs for
  977. details. Note that this feature depends on a new enough libssh2 version, to
  978. be supported in libssh2 1.2 and later (or current git repo at this time).
  979. Michal Marek (22 Jul 2009)
  980. - David Binderman found a memory and fd leak in lib/gtls.c:load_file()
  981. (https://bugzilla.novell.com/523919). When looking at the code, I found that
  982. also the ptr pointer can leak.
  983. Kamil Dudka (20 Jul 2009)
  984. - Claes Jakobsson improved the support for client certificates handling in
  985. NSS-powered libcurl. Now the client certificates can be selected
  986. automatically by a NSS built-in hook. Additionally pre-login to all PKCS11
  987. slots is no more performed. It used to cause problems with HW tokens.
  988. - Fixed reference counting for NSS client certificates. Now the PEM reader
  989. module should be always properly unloaded on Curl_nss_cleanup(). If the
  990. unload fails though, libcurl will try to reuse the already loaded instance.
  991. Daniel Fandrich (15 Jul 2009)
  992. - Added nonblock.c to the non-automake makefiles (note that the dependencies
  993. in the Watcom makefiles aren't quite correct).
  994. Michal Marek (15 Jul 2009)
  995. - Changed the description of CURLINFO_OS_ERRNO to make it clear that the
  996. errno is not reset on success.
  997. Guenter Knauf (14 Jul 2009)
  998. - renamed generated config.h to curl_config.h to avoid any future clashes
  999. with config.h from other projects.
  1000. Daniel Stenberg (9 Jul 2009)
  1001. - Eric Wong introduced curlx_nonblock() that the curl tool now (re-)uses for
  1002. setting a file descriptor non-blocking. Used by the functionality Eric
  1003. himself brough on June 15th.
  1004. Daniel Stenberg (8 Jul 2009)
  1005. - Constantine Sapuntzakis posted bug report #2813123
  1006. (http://curl.haxx.se/bug/view.cgi?id=2813123) and an a patch that fixes the
  1007. problem:
  1008. Url A is accessed using auth. Url A redirects to Url B (on a different
  1009. server0. Url B reuses a persistent connection. Url B has auth, even though
  1010. it's on a different server.
  1011. Note: if Url B does not reuse a persistent connection, auth is not sent.
  1012. reason:
  1013. data->state.first_host is not initialized becuase Curl_http_connect is not
  1014. called when a connection is reused.
  1015. Solution:
  1016. move initialization of data->state.first_host to Curl_http. No code before
  1017. Curl_http uses data->state.first_host anyway.
  1018. Guenter Knauf (4 Jul 2009)
  1019. - Markus Koetter provided a patch to avoid getnameinfo() usage which broke a
  1020. couple of both IPv4 and IPv6 autobuilds.
  1021. Daniel Stenberg (29 Jun 2009)
  1022. - Markus Koetter made CURLOPT_FTPPORT (and curl's -P/--ftpport) support a port
  1023. range if given colon-separated after the host name/address part. Like
  1024. "192.168.0.1:2000-10000"
  1025. - Modified the separators used for CURLOPT_CERTINFO in multi-part outputs. I
  1026. don't know how they got wrong in the first place, but using this output
  1027. format makes it possible to quite easily separate the string into an array
  1028. of multiple items.
  1029. Daniel Fandrich (16 June 2009)
  1030. - Added a few more compiler warning options for gcc.
  1031. Daniel Stenberg (16 Jun 2009)
  1032. - Reuven Wachtfogel made curl -o - properly produce a binary output on windows
  1033. (no newline translations). Use -B/--use-ascii if you rather get the ascii
  1034. approach.
  1035. Michal Marek (16 Jun 2009)
  1036. - When doing non-anonymous ftp via http proxies and the password is not
  1037. provided in the url, add it there (squid needs this).
  1038. Daniel Stenberg (15 Jun 2009)
  1039. - Eric Wong's patch:
  1040. This allows curl(1) to be used as a client-side tunnel for arbitrary stream
  1041. protocols by abusing chunked transfer encoding in both the HTTP request and
  1042. HTTP response. This requires server support for sending a response while a
  1043. request is still being read, of course.
  1044. If attempting to read from stdin returns EAGAIN, then we pause our sender.
  1045. This leaves curl to attempt to read from the socket while reading from stdin
  1046. (and thus sending) is paused.
  1047. This change was needed to allow successfully tunneling the git protocol over
  1048. HTTP (--no-buffer is needed, as well).
  1049. Patrick Monnerat (15 Jun 2009)
  1050. - Replaced use of standard C library rand()/srand() by our own pseudo-random
  1051. number generator.
  1052. Yang Tse (11 Jun 2009)
  1053. - I adapted testcurl script to allow building test harness programs when
  1054. cross-compiling for a *-*-mingw* host.
  1055. Daniel Stenberg (10 Jun 2009)
  1056. - Fabian Keil ran clang on the (lib)curl code, found a bunch of warnings and
  1057. contributed a range of patches to fix them.
  1058. Yang Tse (10 Jun 2009)
  1059. - I introduced configure script option --enable-curldebug which now allows
  1060. the decoupled enabling or disabling of the curl debug memory tracking
  1061. feature from the --enable-debug option which no longer controls this.
  1062. curl --version will list 'Debug' feature for debug enabled builds, and
  1063. will list 'TrackMemory' feature for curl debug memory tracking capable
  1064. builds. These features are independent and can be controlled when running
  1065. the configure script. When --enable-debug is given both features will be
  1066. enabled, unless some restriction prevents memory tracking from being used.
  1067. Internally, definition of preprocessor symbol DEBUGBUILD restricts code
  1068. which is only compiled for debug enabled builds. And symbol CURLDEBUG is
  1069. used to differentiate code which is _only_ used for memory tracking.
  1070. Yang Tse (9 Jun 2009)
  1071. - Daniel Steinberg pointed out that Curl_FormInit() in formdata.c was not
  1072. initializing the fread callback pointer and this triggered a compiler
  1073. warning, also provided a friendly suggestion on how to fix it.
  1074. Daniel Stenberg (8 Jun 2009)
  1075. - Claes Jakobsson provided a patch for libcurl-NSS that fixed a bad refcount
  1076. issue with client certs that caused issues like segfaults.
  1077. http://curl.haxx.se/mail/lib-2009-05/0316.html
  1078. - Triggered by bug report #2798852 and the patch in there, I fixed configure
  1079. to detect gnutls build options with pkg-config only and not libgnutls-config
  1080. anymore since GnuTLS has stopped distributing that tool. If an explicit path
  1081. is given to configure, we will instead guess on how to link and use that
  1082. lib. I did not use the patch from the bug report.
  1083. Yang Tse (8 Jun 2009)
  1084. - Igor Novoseltsev adjusted Makefile.vxworks to get sources and headers
  1085. included from Makefile.inc, and provided docs\INSTALL VxWorks section.
  1086. - I removed buildconf.bat from release and daily snapshot archives. This
  1087. file is only for CVS tree checkout builds.
  1088. Daniel Stenberg (8 Jun 2009)
  1089. - Eric Wong fixed --no-buffer to actually switch off output buffering. Been
  1090. broken since 7.19.0
  1091. Bill Hoffman (6 Jun 2009)
  1092. - Added some cmake docs and fixed socklen_t in the build.
  1093. Yang Tse (5 Jun 2009)
  1094. - John E. Malmberg provided VMS specific patch: "This fixes an existing bug
  1095. in urlglob.c where it was not converting the Curl Unix exit code to a VMS
  1096. DCL compatible exit code. This fix required the enhancement described next.
  1097. This also adds an enhancement to main.c so that when curl is run under a
  1098. Unix shell like Bash on VMS, it will return the standard Unix exit codes
  1099. and messages." And another patch for docs/examples.
  1100. I introduced os-specific.c and os-specific.h for use in curl tool code
  1101. and adjusted John E. Malmberg's patch placement to use these new files
  1102. as an effort to prevent main.c from growing ad infinitum. Code already
  1103. existing in main.c which is OS specific should be moved into these files.
  1104. Daniel Stenberg (4 June 2009)
  1105. - Setting the Content-Length: header from your app when you do a POST or PUT
  1106. is almost always a VERY BAD IDEA. Yet there are still apps out there doing
  1107. this, and now recently it triggered a bug/side-effect in libcurl as when
  1108. libcurl sends a POST or PUT with NTLM, it sends an empty post first when it
  1109. knows it will just get a 401/407 back. If the app then replaced the
  1110. Content-Length header, it caused the server to wait for input that libcurl
  1111. wouldn't send. Aaron Oneal reported this problem in bug report #2799008
  1112. (http://curl.haxx.se/bug/view.cgi?id=2799008) and helped us verify the fix.
  1113. Yang Tse (4 Jun 2009)
  1114. - Igor Novoseltsev provided patches and information, that after some
  1115. adjustments to better fit curl's way of doing things, have resulted
  1116. in the posibility of building libcurl for VxWorks.
  1117. Daniel Fandrich (2 June 2009)
  1118. - Checked in a Google Android make file. To use it, you must first
  1119. create a config.h file by running configure in the Android environment,
  1120. which doesn't seem to be easy to do. If no easy way can be found, a
  1121. static config-android.h may need to be created and checked in to the
  1122. libcurl source tree.
  1123. Daniel Stenberg (1 June 2009)
  1124. - Claes Jakobsson fixed the configure script to better find and use NSS
  1125. without pkg-config.
  1126. Yang Tse (1 Jun 2009)
  1127. - John E. Malmberg provided a VMS specific clean-up for curl.h, and pointed
  1128. out that the configure script was failing to detect the timeval struct on
  1129. VMS when building with _XOPEN_SOURCE_EXTENDED undefined due to definition
  1130. taking place in socket.h instead of time.h. I have adjusted configure
  1131. script to also include this header when checking struct timeval.
  1132. Daniel Stenberg (27 May 2009)
  1133. - Frank McGeough provided a small OpenSSL #include fix to make libcurl compile
  1134. fine with Nokia 5th edition 1.0 SDK for Symbian.
  1135. - Andre Guibert de Bruet found a call to a OpenSSL function that didn't check
  1136. for a failure properly.
  1137. - Mike Crowe pointed out that setting CURLOPT_USERPWD to NULL used to clear
  1138. the auth credentials back in 7.19.0 and earlier while now you have to set ""
  1139. to get the same effect. His patch brings back the ability to use NULL.
  1140. - Claes Jakobsson fixed libcurl-NSS to build fine even without the
  1141. PK11_CreateGenericObject() function.
  1142. Daniel Stenberg (25 May 2009)
  1143. - bug report #2796358 (http://curl.haxx.se/bug/view.cgi?id=2796358) pointed
  1144. out that the cookie parser would leak memory when it parses cookies that are
  1145. received with domain, path etc set multiple times in the same header. While
  1146. such a cookie is questionable, they occur in the wild and libcurl no longer
  1147. leaks memory for them. I added such a header to test case 8.
  1148. Daniel Fandrich (22 May 2009)
  1149. - Removed some obsolete digest code that caused a valgrind error in test 551.
  1150. Daniel Fandrich (20 May 2009)
  1151. - Added "non-existing host" test keywords to make it easy to skip those
  1152. tests on machines that have broken DNS configurations (such as
  1153. those configured to use OpenDNS).
  1154. Daniel Stenberg (19 May 2009)
  1155. - Kamil Dudka brought the patch from the Redhat bug entry
  1156. https://bugzilla.redhat.com/show_bug.cgi?id=427966 which was libcurl closing
  1157. a bad file descriptor when closing down the FTP data connection. Caolan
  1158. McNamara seems to be the original author of it.
  1159. Version 7.19.5 (18 May 2009)
  1160. Daniel Stenberg (17 May 2009)
  1161. - James Bursa posted a patch to the mailing list that fixed a problem with
  1162. no_proxy which made it not skip the proxy if the URL entered contained a
  1163. user name. I added test case 1101 to verify.
  1164. Daniel Stenberg (11 May 2009)
  1165. - Balint Szilakszi reported a memory leak when libcurl did gzip decompression
  1166. of streams that had some parts (legitimately) missing. We now provide and use
  1167. a proper cleanup function for the content encoding submodule.
  1168. http://curl.haxx.se/mail/lib-2009-05/0092.html
  1169. - Kamil Dudka provided a fix for libcurl-NSS reported by Michael Cronenworth
  1170. at https://bugzilla.redhat.com/show_bug.cgi?id=453612#c12
  1171. If an incorrect password is given while loading a private key, libcurl ends
  1172. up in an infinite loop consuming memory. The bug is critical.
  1173. - I fixed the problem with doing NTLM, POST and then following a 302 redirect,
  1174. as reported by Ebenezer Ikonne (on curl-users) and Laurent Rabret (on
  1175. curl-library). The transfer was mistakenly marked to get more data to send
  1176. but since it didn't actually have that, it just hung there...
  1177. Daniel Stenberg (10 May 2009)
  1178. - Andre Guibert de Bruet correctly pointed out an over-alloc with one wasted
  1179. byte in the digest code.
  1180. Yang Tse (9 May 2009)
  1181. - Removed DOS and TPF package's subdirectory Makefile.am, it was only used
  1182. to include some files in the distribution tarball serving no other purpose.
  1183. Files from the DOS and TPF subdirectories are now included in the EXTRA_DIST
  1184. of the Makefile in the parent subdirectory.
  1185. Yang Tse (8 May 2009)
  1186. - Changed host name literal in several tests to one under the haxx.se domain.
  1187. - Renamed vc6 workspace and project files to avoid filename clash when used
  1188. for conversion to later VS versions.
  1189. Daniel Stenberg (8 May 2009)
  1190. - Constantine Sapuntzakis fixed bug report #2784055
  1191. (http://curl.haxx.se/bug/view.cgi?id=2784055) identifying a problem to
  1192. connect to SOCKS proxies when using the multi interface. It turned out to
  1193. almost not work at all previously. We need to wait for the TCP connect to
  1194. be properly verified before doing the SOCKS magic.
  1195. There's still a flaw in the FTP code for this.
  1196. Daniel Stenberg (7 May 2009)
  1197. - Made the SO_SNDBUF setting for the data connection socket for ftp uploads as
  1198. well. See change 28 Apr 2009.
  1199. Yang Tse (7 May 2009)
  1200. - Fixed an issue affecting FTP transfers, introduced with the transfer.c
  1201. patch committed May 4.
  1202. Daniel Stenberg (7 May 2009)
  1203. - Man page *roff problems fixed thanks to input from Colin Watson. Problems
  1204. reported in the Debian package.
  1205. - Vijay G filed bug report #2723236
  1206. (http://curl.haxx.se/bug/view.cgi?id=2723236) identifying a problem with
  1207. libcurl's TFTP code and its lack of dealing with the OACK packet.
  1208. Yang Tse (5 May 2009)
  1209. - Fixed the --ftp-port address of test #251 to the CLIENTIP address, and
  1210. reverted the change affecting test suite harness committed 4 May.
  1211. Daniel Stenberg (5 May 2009)
  1212. - Inspired by Michael Smith's session id fix for OpenSSL, I did the
  1213. corresponding fix in the GnuTLS code: make sure to store the new session id
  1214. in case the previous re-used one is rejected.
  1215. Daniel Stenberg (4 May 2009)
  1216. - Michael Smith posted bug report #2786255
  1217. (http://curl.haxx.se/bug/view.cgi?id=2786255) with a patch, identifying how
  1218. libcurl did not deal with SSL session ids properly if the server rejected a
  1219. re-use of one. Starting now, it will forget the rejected one and remember
  1220. the new. This change was for OpenSSL only, it is likely that other SSL lib
  1221. code needs similar fixes.
  1222. Yang Tse (4 May 2009)
  1223. - Applied David McCreedy's "transfer.c fixes for CURL_DO_LINEEND_CONV and
  1224. non-ASCII platform HTTP requests" patch addressing two HTTP PUT problems:
  1225. 1) On non-ASCII platforms not all of the protocol portions of the PUT are
  1226. being translated to ASCII. 2) On all platforms the line endings of part of
  1227. the protocol portions are mangled from CRLF to CRCRLF if data->set.crlf or
  1228. data->set.prefer_ascii are set (depending on CURL_DO_LINEEND_CONV).
  1229. - Applied David McCreedy's patch to fix test suite harness to allow test FTP
  1230. server and client on different machines, providing FTP client address when
  1231. running the FTP test server.
  1232. Daniel Fandrich (3 May 2009)
  1233. - Added and disabled test case 563 which shows KNOWN_BUGS #59. The bug
  1234. report failed to mention that a proxy must be used to reproduce it.
  1235. Yang Tse (2 May 2009)
  1236. - Use a build-time configured curl_socklen_t data type instead of socklen_t.
  1237. Yang Tse (1 May 2009)
  1238. - Applied David McCreedy's patches "TPF-platform specific changes to various
  1239. files" and "http.c fix to Curl_proxyCONNECT for non-ASCII platforms", the
  1240. former with minor edits.
  1241. Daniel Stenberg (30 Apr 2009)
  1242. - I was going to fix issue #59 in KNOWN_BUGS
  1243. If the CURLOPT_PORT option is used on an FTP URL like
  1244. "ftp://example.com/file;type=A" the ";type=A" is stripped off.
  1245. I added test case 562 to verify, only to find out that I couldn't repeat
  1246. this bug so I hereby consider it not a bug anymore!
  1247. Daniel Stenberg (29 Apr 2009)
  1248. - Based on bug report #2723219 (http://curl.haxx.se/bug/view.cgi?id=2723219)
  1249. I've now made TFTP "connections" not being kept for re-use within libcurl.
  1250. TFTP is UDP-based so the benefit was really low (if even existing) to begin
  1251. with so instead of tracking down to fix this problem we instead removed the
  1252. re-use. I also enabled test case 1099 that I wrote a few days ago to verify
  1253. that this change fixes the reported problem.
  1254. Daniel Stenberg (28 Apr 2009)
  1255. - Constantine Sapuntzakis filed bug report #2783090
  1256. (http://curl.haxx.se/bug/view.cgi?id=2783090) pointing out that on windows
  1257. we need to grow the SO_SNDBUF buffer somewhat to get really good upload
  1258. speeds. http://support.microsoft.com/kb/823764 has the details. Friends
  1259. confirmed that simply adding 32 to CURL_MAX_WRITE_SIZE is enough.
  1260. - Bug report #2709004 (http://curl.haxx.se/bug/view.cgi?id=2709004) by Tim
  1261. Chen pointed out how curl couldn't upload with resume when reading from a
  1262. pipe.
  1263. This ended up with the introduction of a new return code for the
  1264. CURLOPT_SEEKFUNCTION callback that basically says that the seek failed but
  1265. that libcurl may try to resolve the situation anyway. In our case this means
  1266. libcurl will attempt to instead read that much data from the stream instead
  1267. of seeking and that way curl can now upload with resume when data is read
  1268. from a stream!
  1269. Daniel Stenberg (26 Apr 2009)
  1270. - Bug report #2779733 (http://curl.haxx.se/bug/view.cgi?id=2779733) by Sven
  1271. Wegener pointed out that CURLINFO_APPCONNECT_TIME didn't work with the multi
  1272. interface and provided a patch that fixed the problem!
  1273. Daniel Stenberg (24 Apr 2009)
  1274. - Kamil Dudka fixed another NSS-related leak when client certs were used.
  1275. - Bug report #2779245 (http://curl.haxx.se/bug/view.cgi?id=2779245) by Rainer
  1276. Koenig pointed out that the man page didn't tell that the *_proxy
  1277. environment variables can be specified lower case or UPPER CASE and the
  1278. lower case takes precedence,
  1279. Daniel Fandrich (21 Apr 2009)
  1280. - Added new libcurl source files to Amiga, RiscOS and VC6 build files.
  1281. Yang Tse (21 Apr 2009)
  1282. - Moved potential inclusion of system's malloc.h and memory.h header files to
  1283. setup_once.h. Inclusion of each header file is based on the definition of
  1284. NEED_MALLOC_H and NEED_MEMORY_H respectively.
  1285. Renamed libcurl's memory.h to curl_memory.h
  1286. Daniel Stenberg (20 Apr 2009)
  1287. - Leanic Lefever reported a crash and did some detailed research on why and
  1288. how it occurs (http://curl.haxx.se/mail/lib-2009-04/0289.html). The
  1289. conclusion was that if an error is detected and Curl_done() is called for
  1290. the connection, ftp_done() could at times return another error code that
  1291. then would take precedence and that new code confused existing logic that
  1292. works for the first error code (CURLE_SEND_ERROR) only.
  1293. - Gisle Vanem noticed that --libtool would produce bogus strings at times for
  1294. OBJECTPOINT options. Now we've introduced a new function - my_setopt_str -
  1295. within the app for setting plain string options to avoid the risk of this
  1296. mistake happening.
  1297. Daniel Stenberg (17 Apr 2009)
  1298. - Pramod Sharma reported and tracked down a bug when doing FTP over a HTTP
  1299. proxy. libcurl would then wrongly close the connection after each
  1300. request. In his case it had the weird side-effect that it killed NTLM auth
  1301. for the proxy causing an inifinite loop!
  1302. I added test case 1098 to verify this fix. The test case does however not
  1303. properly verify that the transfers are done persistently - as I couldn't
  1304. think of a clever way to achieve it right now - but you need to read the
  1305. stderr output after a test run to see that it truly did the right thing.
  1306. Daniel Stenberg (13 Apr 2009)
  1307. - bug report #2727981 (http://curl.haxx.se/bug/view.cgi?id=2727981) by Martin
  1308. Storsjö pointed out how setting CURLOPT_NOBODY to 0 could be downright
  1309. confusing as it set the method to either GET or HEAD. The example he showed
  1310. looked like:
  1311. curl_easy_setopt(curl, CURLOPT_PUT, 1);
  1312. curl_easy_setopt(curl, CURLOPT_NOBODY, 0);
  1313. The new way doesn't alter the method until the request is about to start. If
  1314. CURLOPT_NOBODY is then 1 the HTTP request will be HEAD. If CURLOPT_NOBODY is
  1315. 0 and the request happens to have been set to HEAD, it will then instead be
  1316. set to GET. I believe this will be less surprising to users, and hopefully
  1317. not hit any existing users badly.
  1318. - Toshio Kuratomi reported a memory leak problem with libcurl+NSS that turned
  1319. out to be leaking cacerts. Kamil Dudka helped me complete the fix. The issue
  1320. is found in Redhat's bug tracker:
  1321. https://bugzilla.redhat.com/show_bug.cgi?id=453612
  1322. There are still memory leaks present, but they seem to have other reasons.
  1323. Daniel Fandrich (11 Apr 2009)
  1324. - Added new libcurl source files to Symbian OS build files.
  1325. - Improved Symbian support for SSL.
  1326. Yang Tse (10 Apr 2009)
  1327. - Daniel Johnson improved the MacOSX-Framework shell script to now perform all
  1328. the steps required to build a Mac OS X four way fat ppc/i386/ppc64/x86_64
  1329. libcurl.framework. Four way fat framework requires OS X 10.5 SDK or later.
  1330. Yang Tse (8 Apr 2009)
  1331. - Removed Sun compilers preprocessor block from curlbuild.h.dist, this also
  1332. removes it from the curlbuild.h file originally distributed by the cURL
  1333. project as this file is intended for systems not capable of running the
  1334. configure script. For those who have been building curl out of the source
  1335. code curl distribution tarball provided by curl.haxx.se the change implies
  1336. nothing. Previous change in this area committed 2 Apr becomes irrelevant.
  1337. Daniel Stenberg (6 Apr 2009)
  1338. - I clarified in the docs that CURLOPT_SEEKFUNCTION should return 0 on success
  1339. and 1 on fatal errors. Previously it only mentioned non-zero on fatal
  1340. errors. This is a slight change in meaning, but it follows what we've done
  1341. elsewhere before and it opens up for LOTS of more useful return codes
  1342. whenever we can think of them...
  1343. Yang Tse (2 Apr 2009)
  1344. - Fix curl_off_t definition for builds done using Sun compilers and a
  1345. non-configured libcurl. In this case curl_off_t data type was gated
  1346. to the off_t data type which depends on the _FILE_OFFSET_BITS. This
  1347. configuration is exactly the unwanted configuration for our curl_off_t
  1348. data type which must not depend on such setting. This breaks ABI for
  1349. libcurl libraries built with Sun compilers which were built without
  1350. having run the configure script with _FILE_OFFSET_BITS different than
  1351. 64 and using the ILP32 data model.
  1352. Daniel Stenberg (1 Apr 2009)
  1353. - Andre Guibert de Bruet fixed a NULL pointer use in an infof() call if a
  1354. strdup() call failed.
  1355. Daniel Fandrich (31 Mar 2009)
  1356. - Properly return an error code in curl_easy_recv (reported by Jim Freeman).
  1357. Daniel Stenberg (18 Mar 2009)
  1358. - Kamil Dudka brought a patch that enables 6 additional crypto algorithms when
  1359. NSS is used. These ciphers were added in NSS 3.4 and require to be enabled
  1360. explicitly.
  1361. Daniel Stenberg (13 Mar 2009)
  1362. - Use libssh2_version() to present the libssh2 version in case the libssh2
  1363. library is found to support it.
  1364. Yang Tse (12 Mar 2009)
  1365. - Added missing Curl_read() return code checking in TELNET transfers.
  1366. - Pierre Brico found and fixed TELNET transfers not being aborted upon
  1367. a write callback failure.
  1368. Daniel Stenberg (11 Mar 2009)
  1369. - Kamil Dudka made the curl tool properly call curl_global_init() before any
  1370. other libcurl function.
  1371. Yang Tse (11 Mar 2009)
  1372. - Added missing TELNET timeout support for Windows builds. This issue was
  1373. reported by Pierre Brico.
  1374. Daniel Stenberg (9 Mar 2009)
  1375. - Frank Hempel found out a bug and provided the fix:
  1376. curl_easy_duphandle did not necessarily duplicate the CURLOPT_COOKIEFILE
  1377. option. It only enabled the cookie engine in the destination handle if
  1378. data->cookies is not NULL (where data is the source handle). In case of a
  1379. newly initialized handle which just had the cookie support enabled by a
  1380. curl_easy_setopt(handle, CURL_COOKIEFILE, "")-call, handle->cookies was
  1381. still NULL because the setopt-call only appends the value to
  1382. data->change.cookielist, hence duplicating this handle would not have the
  1383. cookie engine switched on.
  1384. We also concluded that the slist-functionality would be suitable for being
  1385. put in its own module rather than simply hanging out in lib/sendf.c so I
  1386. created lib/slist.[ch] for them.
  1387. - Andreas Farber made the 'buildconf' script check for the presence of m4
  1388. scripts to make it detect a bad checkout earlier. People with older
  1389. checkouts who don't do cvs update with the -d option won't get the new dirs
  1390. and then will get funny outputs that can be a bit hard to understand and
  1391. fix.
  1392. Daniel Stenberg (8 Mar 2009)
  1393. - Andre Guibert de Bruet found and fixed a code segment in ssluse.c where the
  1394. allocation of the memory BIO was not being properly checked.
  1395. - Andre Guibert de Bruet fixed the gnutls-using code: There are a few places
  1396. in the gnutls code where we were checking for negative values for errors,
  1397. when the man pages state that GNUTLS_E_SUCCESS is returned on success and
  1398. other values indicate error conditions.
  1399. - Bill Egert pointed out (http://curl.haxx.se/bug/view.cgi?id=2671602) that
  1400. curl didn't use sprintf() in a way that is documented to work in POSIX but
  1401. since we use our own printf() code (from libcurl) that shouldn't be a
  1402. problem. Nonetheless I modified the code to not rely on such particular
  1403. features and to not cause further raised eyebrowse with no good reason.
  1404. Daniel Fandrich (5 Mar 2009)
  1405. - Expanded the security section of the libcurl-tutorial man page to cover
  1406. more issues for authors to consider when writing robust libcurl-using
  1407. applications.
  1408. Yang Tse (5 Mar 2009)
  1409. - Fixed NTLM authentication memory leak on SSPI enabled Windows builds. This
  1410. issue was noticed by Chris Deidun.
  1411. Daniel Fandrich (4 Mar 2009)
  1412. - Fixed a problem with m4 quoting in the OpenSSL configure check reported
  1413. by Daniel Johnson.
  1414. Daniel Stenberg (3 Mar 2009)
  1415. - David James brought a patch that make libcurl close (all) dead connections
  1416. whenever you attempt to open a new connection.
  1417. 1. After cleaning up a dead connection, "continue" instead of
  1418. returning FALSE. This ensures that we clean up all dead connections,
  1419. rather than just cleaning up the first dead connection.
  1420. 2. Move up the cleanup for dead connections so that it occurs for
  1421. all connections, rather than just the connections which have the same
  1422. preferences as our current new connection.
  1423. Version 7.19.4 (3 March 2009)
  1424. Daniel Stenberg (3 Mar 2009)
  1425. - David Kierznowski notified us about a security flaw
  1426. (http://curl.haxx.se/docs/adv_20090303.html also known as CVE-2009-0037) in
  1427. which previous libcurl versions (by design) can be tricked to access an
  1428. arbitrary local/different file instead of a remote one when
  1429. CURLOPT_FOLLOWLOCATION is enabled. This flaw is now fixed in this release
  1430. together this the addition of two new setopt options for controlling this
  1431. new behavior:
  1432. o CURLOPT_REDIR_PROTOCOLS controls what protocols libcurl is allowed to
  1433. follow to when CURLOPT_FOLLOWLOCATION is enabled. By default, this option
  1434. excludes the FILE and SCP protocols and thus you nee to explicitly allow
  1435. them in your app if you really want that behavior.
  1436. o CURLOPT_PROTOCOLS controls what protocol(s) libcurl is allowed to fetch
  1437. using the primary URL option. This is useful if you want to allow a user or
  1438. other outsiders control what URL to pass to libcurl and yet not allow all
  1439. protocols libcurl may have been built to support.
  1440. Daniel Stenberg (27 Feb 2009)
  1441. - Senthil Raja Velu reported a problem when CURLOPT_INTERFACE and
  1442. CURLOPT_LOCALPORT were used together (the local port bind failed), and
  1443. Markus Koetter provided the fix!
  1444. Daniel Stenberg (25 Feb 2009)
  1445. - As Daniel Fandrich figured out, we must do the GnuTLS initing in the
  1446. curl_global_init() function to properly maintain the performing functions
  1447. thread-safe. We've previously (28 April 2007) moved the init to a later time
  1448. just to avoid it to fail very early when libgcrypt dislikes the situation,
  1449. but that move was bad and the fix should rather be in libgcrypt or
  1450. elsewhere.
  1451. Daniel Stenberg (24 Feb 2009)
  1452. - Brian J. Murrell found out that Negotiate proxy authentication didn't work.
  1453. It happened because the code used the struct for server-based auth all the
  1454. time for both proxy and server auth which of course was wrong.
  1455. Daniel Stenberg (23 Feb 2009)
  1456. - After a bug reported by James Cheng I've made curl_easy_getinfo() for
  1457. CURLINFO_CONTENT_LENGTH_DOWNLOAD and CURLINFO_CONTENT_LENGTH_UPLOAD return
  1458. -1 if the sizes aren't know. Previously these returned 0, make it impossible
  1459. to detect the difference between actually zero and unknown.
  1460. Yang Tse (23 Feb 2009)
  1461. - Daniel Johnson provided a shell script that will perform all the steps needed
  1462. to build a Mac OS X fat ppc/i386 or ppc64/x86_64 libcurl.framework
  1463. Daniel Stenberg (23 Feb 2009)
  1464. - I renamed everything in the windows builds files that used the name 'curllib'
  1465. to the proper 'libcurl' as clearly this caused confusion.
  1466. Yang Tse (20 Feb 2009)
  1467. - Do not halt compilation when using VS2008 to build a Windows 2000 target.
  1468. Daniel Stenberg (20 Feb 2009)
  1469. - Linus Nielsen Feltzing reported and helped me repeat and fix a problem with
  1470. FTP with the multi interface: when a transfer fails, like when aborted by a
  1471. write callback, the control connection was wrongly closed and thus not
  1472. re-used properly.
  1473. This change is also an attempt to cleanup the code somewhat in this area, as
  1474. now the FTP code attempts to keep (better) track on pending responses
  1475. necessary to get read in ftp_done().
  1476. Daniel Stenberg (19 Feb 2009)
  1477. - Patrik Thunstrom reported a problem and helped me repeat it. It turned out
  1478. libcurl did a superfluous 1000ms wait when doing SFTP downloads!
  1479. We read data with libssh2 while doing the "DO" operation for SFTP and then
  1480. when we were about to start getting data for the actual file part, the
  1481. "TRANSFER" part, we waited for socket action (in 1000ms) before doing a
  1482. libssh2-read. But in this case libssh2 had already read and buffered the
  1483. data so we ended up always just waiting 1000ms before we get working on the
  1484. data!
  1485. Patrick Monnerat (18 Feb 2009)
  1486. - FTP downloads (i.e.: RETR) ending with code 550 now return error
  1487. CURLE_REMOTE_FILE_NOT_FOUND instead of CURLE_FTP_COULDNT_RETR_FILE.
  1488. Daniel Stenberg (17 Feb 2009)
  1489. - Kamil Dudka made NSS-powered builds compile and run again!
  1490. - A second follow-up change by Andre Guibert de Bruet to fix a related memory
  1491. leak like that fixed on the 14th. When zlib returns failure, we need to
  1492. cleanup properly before returning error.
  1493. - CURLOPT_FTP_CREATE_MISSING_DIRS can now be set to 2 in addition to 1 for
  1494. plain FTP connections, and it will then allow MKD to fail once and retry the
  1495. CWD afterwards. This is especially useful if you're doing many simultanoes
  1496. connections against the same server and they all have this option enabled,
  1497. as then CWD may first fail but then another connection does MKD before this
  1498. connection and thus MKD fails but trying CWD works! The numbers can
  1499. (should?) now be set with the convenience enums now called
  1500. CURLFTP_CREATE_DIR and CURLFTP_CREATE_DIR_RETRY.
  1501. Tests has proven that if you're making an application that uploads a set of
  1502. files to an ftp server, you will get a noticable gain in speed if you're
  1503. using multiple connections and this option will be then be very useful.
  1504. Daniel Stenberg (14 Feb 2009)
  1505. - Andre Guibert de Bruet found and fixed a memory leak in the content encoding
  1506. code, which could happen on libz errors.
  1507. Daniel Fandrich (12 Feb 2009)
  1508. - Added support for Digest and NTLM authentication using GnuTLS.
  1509. Daniel Stenberg (11 Feb 2009)
  1510. - CURLINFO_CONDITION_UNMET was added to allow an application to get to know if
  1511. the condition in the previous request was unmet. This is typically a time
  1512. condition set with CURLOPT_TIMECONDITION and was previously not possible to
  1513. reliably figure out. From bug report #2565128
  1514. (http://curl.haxx.se/bug/view.cgi?id=2565128) filed by Jocelyn Jaubert.
  1515. Daniel Fandrich (4 Feb 2009)
  1516. - Don't add the standard /usr/lib or /usr/include paths to LDFLAGS and CPPFLAGS
  1517. (respectively) when --with-ssl=/usr is used (patch based on FreeBSD).
  1518. - Added an explicit buffer limit check in msdosify() (patch based on FreeBSD).
  1519. This couldn't ever overflow in curl, but might if the code were used
  1520. elsewhere or under different conditions.
  1521. Daniel Stenberg (3 Feb 2009)
  1522. - Hidemoto Nakada provided a small fix that makes it possible to get the
  1523. CURLINFO_CONTENT_LENGTH_DOWNLOAD size from file:// "transfers" with
  1524. CURLOPT_NOBODY set true.
  1525. Daniel Stenberg (2 Feb 2009)
  1526. - Patrick Scott found a rather large memory leak when using the multi
  1527. interface and setting CURLMOPT_MAXCONNECTS to something less than the number
  1528. of handles you add to the multi handle. All the connections that didn't fit
  1529. in the cache would not be properly disconnected nor freed!
  1530. - Craig A West brought us: libcurl now defaults to do CONNECT with HTTP
  1531. version 1.1 instead of 1.0 like before. This change also introduces the new
  1532. proxy type for libcurl called 'CURLPROXY_HTTP_1_0' that then allows apps to
  1533. switch (back) to CONNECT 1.0 requests. The curl tool also got a --proxy1.0
  1534. option that works exactly like --proxy but sets CURLPROXY_HTTP_1_0.
  1535. I updated all test cases cases that use CONNECT and I tried to do some using
  1536. --proxy1.0 and some updated to do CONNECT 1.1 to get both versions run.
  1537. Daniel Stenberg (31 Jan 2009)
  1538. - When building with c-ares 1.6.1 (not yet released) or later and IPv6 support
  1539. enabled, we can now take advantage of its brand new AF_UNSPEC support in
  1540. ares_gethostbyname(). This makes test case 241 finally run fine for me with
  1541. this setup since it now parses the "::1 ip6-localhost" line fine in my
  1542. /etc/hosts file!
  1543. Daniel Stenberg (30 Jan 2009)
  1544. - Scott Cantor filed bug report #2550061
  1545. (http://curl.haxx.se/bug/view.cgi?id=2550061) mentioning that I failed to
  1546. properly make sure that the VC9 makefiles got included in the latest
  1547. release. I've now fixed the release script and verified it so next release
  1548. will hopefully include them properly!
  1549. Daniel Fandrich (30 Jan 2009)
  1550. - Fixed --disable-proxy for FTP and SOCKS. Thanks to Daniel Egger for
  1551. reporting.
  1552. Yang Tse (29 Jan 2009)
  1553. - Introduced curl_sspi.c and curl_sspi.h for the implementation of functions
  1554. Curl_sspi_global_init() and Curl_sspi_global_cleanup() which previously were
  1555. named Curl_ntlm_global_init() and Curl_ntlm_global_cleanup() in http_ntlm.c
  1556. Also adjusted socks_sspi.c to remove the link-time dependency on the Windows
  1557. SSPI library using it now in the same way as it was done in http_ntlm.c.
  1558. Daniel Stenberg (28 Jan 2009)
  1559. - Markus Moeller introduced two new options to libcurl:
  1560. CURLOPT_SOCKS5_GSSAPI_SERVICE and CURLOPT_SOCKS5_GSSAPI_NEC to allow libcurl
  1561. to do GSS-style authentication with SOCKS5 proxies. The curl tool got the
  1562. options called --socks5-gssapi-service and --socks5-gssapi-nec to enable
  1563. these.
  1564. Daniel Stenberg (26 Jan 2009)
  1565. - Chad Monroe provided the new CURLOPT_TFTP_BLKSIZE option that allows an app
  1566. to set desired block size to use for TFTP transfers instead of the default
  1567. 512 bytes.
  1568. - The "-no_ticket" option was introduced in Openssl0.9.8j. It's a flag to
  1569. disable "rfc4507bis session ticket support". rfc4507bis was later turned
  1570. into the proper RFC5077 it seems: http://tools.ietf.org/html/rfc5077
  1571. The enabled extension concerns the session management. I wonder how often
  1572. libcurl stops a connection and then resumes a TLS session. also, sending the
  1573. session data is some overhead. .I suggest that you just use your proposed
  1574. patch (which explicitly disables TICKET).
  1575. If someone writes an application with libcurl and openssl who wants to
  1576. enable the feature, one can do this in the SSL callback.
  1577. Sharad Gupta brought this to my attention. Peter Sylvester helped me decide
  1578. on the proper action.
  1579. - Alexey Borzov filed bug report #2535504
  1580. (http://curl.haxx.se/bug/view.cgi?id=2535504) pointing out that realms with
  1581. quoted quotation marks in HTTP Digest headers didn't work. I've now added
  1582. test case 1095 that verifies my fix.
  1583. - Craig A West brought CURLOPT_NOPROXY and the corresponding --noproxy option.
  1584. They basically offer the same thing the NO_PROXY environment variable only
  1585. offered previously: list a set of host names that shall not use the proxy
  1586. even if one is specified.
  1587. Daniel Fandrich (20 Jan 2009)
  1588. - Call setlocale() for libtest tests to test the effects of locale-induced
  1589. libc changes on libcurl.
  1590. - Fixed a couple more locale-dependent toupper conversions, mainly for
  1591. clarity. This does fix one problem that causes ;type=i FTP URLs
  1592. to fail in the Turkish locale when CURLOPT_PROXY_TRANSFER_MODE is
  1593. used (test case 561)
  1594. - Added tests 561 and 1091 through 1094 to test various combinations
  1595. of ;type= and ;mode= URLs that could potentially fail in the Turkish
  1596. locale.
  1597. Daniel Stenberg (20 Jan 2009)
  1598. - Lisa Xu pointed out that the ssh.obj file was missing from the
  1599. lib/Makefile.vc6 file (and thus from the vc8 and vc9 ones too).
  1600. Version 7.19.3 (19 January 2009)
  1601. Daniel Stenberg (16 Jan 2009)
  1602. - Andrew de los Reyes fixed curlbuild.h for "generic" gcc builds on PPC, both
  1603. 32 bit and 64 bit.
  1604. Daniel Stenberg (15 Jan 2009)
  1605. - Tim Ansell fixed a compiler warning in lib/cookie.c
  1606. Daniel Stenberg (14 Jan 2009)
  1607. - Grant Erickson fixed timeouts for TFTP such that specifying a
  1608. connect-timeout, a max-time or both options work correctly and as expected
  1609. by passing the correct boolean value to Curl_timeleft via the
  1610. 'duringconnect' parameter.
  1611. With this small change, curl TFTP now behaves as expected (and likely as
  1612. originally-designed):
  1613. 1) For non-existent or unreachable dotted IP addresses:
  1614. a) With no options, follows the default curl 300s timeout...
  1615. b) With --connect-timeout only, follows that value...
  1616. c) With --max-time only, follows that value...
  1617. d) With both --connect-timeout and --max-time, follows the smaller value...
  1618. and times out with a "curl: (7) Couldn't connect to server" error.
  1619. 2) For transfers to/from a valid host:
  1620. a) With no options, follows default curl 300s timeout for the
  1621. first XRQ/DATA/ACK transaction and the default TFTP 3600s
  1622. timeout for the remainder of the transfer...
  1623. b) With --connect-time only, follows that value for the
  1624. first XRQ/DATA/ACK transaction and the default TFTP 3600s
  1625. timeout for the remainder of the transfer...
  1626. c) With --max-time only, follows that value for the first
  1627. XRQ/DATA/ACK transaction and for the remainder of the
  1628. transfer...
  1629. d) With both --connect-timeout and --max-time, follows the former
  1630. for the first XRQ/DATA/ACK transaction and the latter for the
  1631. remainder of the transfer...
  1632. and times out with a "curl: (28) Timeout was reached" error as
  1633. appropriate.
  1634. Daniel Stenberg (13 Jan 2009)
  1635. - Michael Wallner fixed a NULL pointer deref when calling
  1636. curl_easy_setup(curl, CURLOPT_COOKIELIST, "SESS") on a CURL handle with no
  1637. cookies data.
  1638. - Stefan Teleman brought a patch to fix the default curlbuild.h file for the
  1639. SunPro compilers.
  1640. Daniel Stenberg (12 Jan 2009)
  1641. - Based on bug report #2498665 (http://curl.haxx.se/bug/view.cgi?id=2498665)
  1642. by Daniel Black, I've now added magic to the configure script that makes it
  1643. use pkg-config to detect gnutls details as well if the existing method
  1644. (using libgnutls-config) fails. While doing this, I cleaned up and unified
  1645. the pkg-config usage when detecting openssl and nss as well.
  1646. Daniel Stenberg (11 Jan 2009)
  1647. - Karl Moerder brought the patch that creates vc9 Makefiles, and I made
  1648. 'maketgz' now use the actual makefile targets to do the VC8 and VC9
  1649. makefiles.
  1650. Daniel Stenberg (10 Jan 2009)
  1651. - Emil Romanus fixed:
  1652. When using the multi interface over HTTP and the server returns a Location
  1653. header, the running easy handle will get stuck in the CURLM_STATE_PERFORM
  1654. state, leaving the external event loop stuck waiting for data from the
  1655. ingoing socket (when using the curl_multi_socket_action stuff). While this
  1656. bug was pretty hard to find, it seems to require only a one-line fix. The
  1657. break statement on line 1374 in multi.c caused the function to skip the call
  1658. to multistate().
  1659. How to reproduce this bug? Well, that's another question. evhiperfifo.c in
  1660. the examples directory chokes on this bug only _sometimes_, probably
  1661. depending on how fast the URLs are added. One way of testing the bug out is
  1662. writing to hiper.fifo from more than one source at the same time.
  1663. Daniel Fandrich (7 Jan 2009)
  1664. - Unified much of the SessionHandle initialization done in Curl_open() and
  1665. curl_easy_reset() by creating Curl_init_userdefined(). This had the side
  1666. effect of fixing curl_easy_reset() so it now also resets
  1667. CURLOPT_FTP_FILEMETHOD and CURLOPT_SSL_SESSIONID_CACHE
  1668. Daniel Stenberg (7 Jan 2009)
  1669. - Rob Crittenden did once again provide an NSS update:
  1670. I have to jump through a few hoops now with the NSS library initialization
  1671. since another part of an application may have already initialized NSS by the
  1672. time Curl gets invoked. This patch is more careful to only shutdown the NSS
  1673. library if Curl did the initialization.
  1674. It also adds in a bit of code to set the default ciphers if the app that
  1675. call NSS_Init* did not call NSS_SetDomesticPolicy() or set specific
  1676. ciphers. One might argue that this lets other application developers get
  1677. lazy and/or they aren't using the NSS API correctly, and you'd be right.
  1678. But still, this will avoid terribly difficult-to-trace crashes and is
  1679. generally helpful.
  1680. Daniel Stenberg (1 Jan 2009)
  1681. - 'reconf' is removed since we rather have users use 'buildconf'
  1682. Daniel Stenberg (31 Dec 2008)
  1683. - Bas Mevissen reported http://curl.haxx.se/bug/view.cgi?id=2479030 pointing
  1684. out that 'reconf' didn't properly point out the m4 subdirectory when running
  1685. aclocal.
  1686. Daniel Stenberg (29 Dec 2008)
  1687. - Phil Lisiecki filed bug report #2413067
  1688. (http://curl.haxx.se/bug/view.cgi?id=2413067) that identified a problem that
  1689. would cause libcurl to mark a DNS cache entry "in use" eternally if the
  1690. subsequence TCP connect failed. It would thus never get pruned and refreshed
  1691. as it should've been.
  1692. Phil provided his own patch to this problem that while it seemed to work
  1693. wasn't complete and thus I wrote my own fix to the problem.
  1694. Daniel Stenberg (28 Dec 2008)
  1695. - Peter Korsgaard fixed building libcurl with "configure --with-ssl
  1696. --disable-verbose".
  1697. - Anthony Bryan fixed more language and spelling flaws in man pages.
  1698. Daniel Stenberg (22 Dec 2008)
  1699. - Given a recent enough libssh2, libcurl can now seek/resume with SFTP even
  1700. on file indexes beyond 2 or 4GB.
  1701. - Anthony Bryan provided a set of patches that cleaned up manual language,
  1702. corrected spellings and more.
  1703. Daniel Stenberg (20 Dec 2008)
  1704. - Igor Novoseltsev fixed a bad situation for the multi_socket() API when doing
  1705. pipelining, as libcurl could then easily get confused and A) work on the
  1706. handle that was not "first in queue" on a pipeline, or even B) tell the app
  1707. to REMOVE a socket while it was in use by a second handle in a pipeline. Both
  1708. errors caused hanging or stalling applications.
  1709. Daniel Stenberg (19 Dec 2008)
  1710. - curl_multi_timeout() could return a timeout value of 0 even though nothing
  1711. was actually ready to get done, as the internal time resolution is higher
  1712. than the returned millisecond timer. Therefore it could cause applications
  1713. running on fast processors to do short bursts of busy-loops.
  1714. curl_multi_timeout() will now only return 0 if the timeout is actually
  1715. alreay triggered.
  1716. - Using the libssh2 0.19 function libssh2_session_block_directions(), libcurl
  1717. now has an improved ability to do right when the multi interface (both
  1718. "regular" and multi_socket) is used for SCP and SFTP transfers. This should
  1719. result in (much) less busy-loop situations and thus less CPU usage with no
  1720. speed loss.
  1721. Daniel Stenberg (17 Dec 2008)
  1722. - SCP and SFTP with the multi interface had the same flaw: the 'DONE'
  1723. operation didn't complete properly if the EAGAIN equivalent was returned but
  1724. libcurl would simply continue with a half-completed close operation
  1725. performed. This ruined persistent connection re-use and cause some
  1726. SSH-protocol errors in general. The correction is unfortunately adding a
  1727. blocking function - doing it entirely non-blocking should be considered for
  1728. a better fix.
  1729. Gisle Vanem (16 Dec 2008)
  1730. - Added the possibility to use the Watt-32 tcp/ip stack under Windows.
  1731. The change simply involved adding a USE_WATT32 section in the
  1732. config-win32.h files (under ./lib and ./src). This section disables
  1733. the use of any Winsock headers.
  1734. Daniel Stenberg (16 Dec 2008)
  1735. - libssh2_sftp_last_error() was wrongly used at some places in libcurl which
  1736. made libcurl sometimes not properly abort problematic SFTP transfers.
  1737. Daniel Stenberg (12 Dec 2008)
  1738. - More work with Igor Novoseltsev to first fix the remaining stuff for
  1739. removing easy handles from multi handles when the easy handle is/was within
  1740. a HTTP pipeline. His bug report #2351653
  1741. (http://curl.haxx.se/bug/view.cgi?id=2351653) was also related and was
  1742. eventually fixed by a patch by Igor himself.
  1743. Yang Tse (12 Dec 2008)
  1744. - Patrick Monnerat fixed a build regression, introduced in 7.19.2, affecting
  1745. OS/400 compilations with IPv6 enabled.
  1746. Daniel Stenberg (12 Dec 2008)
  1747. - Mark Karpeles filed bug report #2416182 titled "crash in ConnectionExists
  1748. when using duphandle+curl_mutli"
  1749. (http://curl.haxx.se/bug/view.cgi?id=2416182) which showed that
  1750. curl_easy_duphandle() wrongly also copied the pointer to the connection
  1751. cache, which was plain wrong and caused a segfault if the handle would be
  1752. used in a different multi handle than the handle it was duplicated from.
  1753. Daniel Stenberg (11 Dec 2008)
  1754. - Keshav Krity found out that libcurl failed to deal with dotted IPv6
  1755. addresses if they were very long (>39 letters) due to a too strict address
  1756. validity parser. It now accepts addresses up to 45 bytes long.
  1757. Daniel Stenberg (11 Dec 2008)
  1758. - Internet Explorer had a broken HTTP digest authentication before v7 and
  1759. there are servers "out there" that relies on the client doing this broken
  1760. Digest authentication. Apache even comes with an option to work with such
  1761. broken clients.
  1762. The difference is only for URLs that contain a query-part (a '?'-letter and
  1763. text to the right of it).
  1764. libcurl now supports this quirk, and you enable it by setting the
  1765. CURLAUTH_DIGEST_IE bit in the bitmask you pass to the CURLOPT_HTTPAUTH or
  1766. CURLOPT_PROXYAUTH options. They are thus individually controlled to server
  1767. and proxy.
  1768. (note that there's no way to activate this with the curl tool yet)
  1769. Daniel Fandrich (9 Dec 2008)
  1770. - Added test cases 1089 and 1090 to test --write-out after a redirect to
  1771. test a report that the size didn't work, but these test cases pass.
  1772. - Documented CURLOPT_CONNECT_ONLY as being useful only on HTTP URLs.
  1773. Daniel Stenberg (9 Dec 2008)
  1774. - Ken Hirsch simplified how libcurl does FTPS: now it doesn't assume any
  1775. particular state for the control connection like it did before for implicit
  1776. FTPS (libcurl assumed such control connections to be encrypted while some
  1777. FTPS servers such as FileZilla assumes such connections to be clear
  1778. mode). Use the CURLOPT_USE_SSL option to set your desired level.
  1779. Daniel Stenberg (8 Dec 2008)
  1780. - Fred Machado posted about a weird FTP problem on the curl-users list and when
  1781. researching it, it turned out he got a 550 response back from a SIZE command
  1782. and then I fell over the text in RFC3659 that says:
  1783. The presence of the 550 error response to a SIZE command MUST NOT be taken
  1784. by the client as an indication that the file cannot be transferred in the
  1785. current MODE and TYPE.
  1786. In other words: the change I did on September 30th 2008 and that has been
  1787. included in the last two releases were a regression and a bad idea. We MUST
  1788. NOT take a 550 response from SIZE as a hint that the file doesn't exist.
  1789. - Christian Krause filed bug #2221237
  1790. (http://curl.haxx.se/bug/view.cgi?id=2221237) that identified an infinite
  1791. loop during GSS authentication given some specific conditions. With his
  1792. patience and great feedback I managed to narrow down the problem and
  1793. eventually fix it although I can't test any of this myself!
  1794. Daniel Fandrich (3 Dec 2008)
  1795. - Fixed the getifaddrs version of Curl_if2ip to work on systems without IPv6
  1796. support (e.g. Minix)
  1797. Daniel Stenberg (3 Dec 2008)
  1798. - Igor Novoseltsev filed bug #2351645
  1799. (http://curl.haxx.se/bug/view.cgi?id=2351645) that identified a problem with
  1800. the multi interface that occured if you removed an easy handle while in
  1801. progress and the handle was used in a HTTP pipeline.
  1802. - Pawel Kierski pointed out a mistake in the cookie code that could lead to a
  1803. bad fclose() after a fatal error had occured.
  1804. (http://curl.haxx.se/bug/view.cgi?id=2382219)
  1805. Daniel Fandrich (25 Nov 2008)
  1806. - If a HTTP request is Basic and num is already >=1000, the HTTP test
  1807. server adds 1 to num to get the data section to return. This allows
  1808. testing authentication negotiations using the Basic authentication
  1809. method.
  1810. - Added tests 1087 and 1088 to test Basic authentication on a redirect
  1811. with and without --location-trusted
  1812. Daniel Stenberg (24 Nov 2008)
  1813. - Based on a patch by Vlad Grachov, libcurl now uses a new libssh2 0.19
  1814. function when built to support SCP and SFTP that helps the library to know
  1815. in which direction a particular libssh2 operation would return EAGAIN so
  1816. that libcurl knows what socket conditions to wait for before trying the
  1817. function call again. Previously (and still when using libssh2 0.18 or
  1818. earlier), libcurl will busy-loop in this situation when the easy interface
  1819. is used!
  1820. Daniel Fandrich (20 Nov 2008)
  1821. - Automatically detect OpenBSD's CA cert bundle.
  1822. Daniel Stenberg (19 Nov 2008)
  1823. - I removed the default use of "Pragma: no-cache" from libcurl when a proxy is
  1824. used. It has been used since forever but it was never a good idea to use
  1825. unless explicitly asked for.
  1826. - Josef Wolf's extension that allows a $TESTDIR/gdbinit$testnum file that when
  1827. you use runtests.pl -g, will be sourced by gdb to allow additional fancy or
  1828. whatever you see fit
  1829. - Christian Krause reported and fixed a memory leak that would occur with HTTP
  1830. GSS/kerberos authentication (http://curl.haxx.se/bug/view.cgi?id=2284386)
  1831. - Andreas Wurf and Markus Koetter helped me analyze a problem that Andreas got
  1832. when uploading files to a single FTP server using multiple easy handle
  1833. handles with the multi interface. Occasionally a handle would stall in
  1834. mysterious ways.
  1835. The problem turned out to be a side-effect of the ConnectionExists()
  1836. function's eagerness to re-use a handle for HTTP pipelining so it would
  1837. select it even if already being in use, due to an inadequate check for its
  1838. chances of being used for pipelnining.
  1839. Daniel Fandrich (17 Nov 2008)
  1840. - Added more compiler warning options for gcc 4.3
  1841. Yang Tse (17 Nov 2008)
  1842. - Fix a remaining problem in the inet_pton() runtime configure check. And
  1843. fix internal Curl_inet_pton() failures to reject certain malformed literals.
  1844. - Make configure script check if ioctl with the SIOCGIFADDR command can be
  1845. used, and define HAVE_IOCTL_SIOCGIFADDR if appropriate.
  1846. Daniel Stenberg (16 Nov 2008)
  1847. - Christian Krause fixed a build failure when building with gss support
  1848. enabled and FTP disabled.
  1849. - Added check for NULL returns from strdup() in src/main.c and lib/formdata.c
  1850. - reported by Jim Meyering also prevent buffer overflow on MSDOS when you do
  1851. for example -O on a url with a file name part longer than PATH_MAX letters
  1852. - lib/nss.c fixes based on the report by Jim Meyering: I went over and added
  1853. checks for return codes for all calls to malloc and strdup that were
  1854. missing. I also changed a few malloc(13) to use arrays on the stack and a
  1855. few malloc(PATH_MAX) to instead use aprintf() to lower memory use.
  1856. - I fixed a memory leak in Curl_nss_connect() when CURLOPT_ISSUERCERT is
  1857. in use.
  1858. Daniel Fandrich (14 Nov 2008)
  1859. - Added .xml as one of the few common file extensions known by the multipart
  1860. form generator.
  1861. - Added some #ifdefs around header files and change the EAGAIN test to
  1862. fix compilation on Cell (reported by Jeff Curley).
  1863. Yang Tse (14 Nov 2008)
  1864. - Fixed several configure script issues affecting checks for inet_ntoa_r(),
  1865. inet_ntop(), inet_pton(), getifaddrs(), fcntl() and getaddrinfo().
  1866. Yang Tse (13 Nov 2008)
  1867. - Refactored configure script detection of functions used to set sockets into
  1868. non-blocking mode, and decouple function detection from function capability.
  1869. Version 7.19.2 (13 November 2008)
  1870. Michal Marek (13 Nov 2008)
  1871. - Fixed a potential data loss in Curl_client_write() when the transfer is
  1872. paused.
  1873. Daniel Stenberg (11 Nov 2008)
  1874. - Rainer Canavan filed bug #2255627
  1875. (http://curl.haxx.se/bug/view.cgi?id=2255627) which pointed out that a
  1876. program using libcurl's multi interface to download a HTTPS page with a
  1877. libcurl built powered by OpenSSL, would easily get silly and instead hand
  1878. over SSL details as data instead of the actual HTTP headers and body. This
  1879. happened because libcurl would consider the connection handshake done too
  1880. early. This problem was introduced at September 22nd 2008 with my fix of the
  1881. bug #2107377
  1882. The correct fix is now instead done within the GnuTLS-handling code, as both
  1883. the OpenSSL and the NSS code already deal with this situation in similar
  1884. fashion. I added test case 560 in an attempt to verify this fix, but
  1885. unfortunately it didn't trigger it even before this fix!
  1886. Yang Tse (11 Nov 2008)
  1887. - Related with bug #2230535 (http://curl.haxx.se/bug/view.cgi?id=2230535)
  1888. Daniel Fandrich noticed that curl_addrinfo was also missing in the build
  1889. process of other four non-configure platforms. Added now.
  1890. Daniel Fandrich (7 Nov 2008)
  1891. - The getifaddrs() version of Curl_if2ip() crashed when used on a Linux
  1892. system with a TEQL load-balancing device configured, which doesn't
  1893. have an address. Thanks to Adam Sampson for spotting this (bug #2234923).
  1894. Yang Tse (6 Nov 2008)
  1895. - Merged existing IPv4 and IPv6 Curl_ip2addr functions into a single one
  1896. which now also takes a protocol address family argument.
  1897. - Bug #2230535 (http://curl.haxx.se/bug/view.cgi?id=2230535) pointed out a
  1898. problem with MSVC 6 makefile that caused a build failure. It was noted that
  1899. the curl_addrinfo.obj reference was missing. I took the opportunity to sort
  1900. the list in which this was missing. Issue submitted by John Wilkinson.
  1901. Version 7.19.1 (5 November 2008)
  1902. Daniel Stenberg (4 Nov 2008)
  1903. - CURLINFO_FILETIME now works for file:// transfers as well
  1904. Daniel Stenberg (3 Nov 2008)
  1905. - Bug #2218480 (http://curl.haxx.se/bug/view.cgi?id=2218480) pointed out a
  1906. problem with my CURLINFO_PRIMARY_IP fix from October 7th that caused a NULL
  1907. pointer read. I also took the opportunity to clean up this logic (storing of
  1908. the connection's IP address) somewhat as we had it stored in two different
  1909. places and ways previously and they are now unified.
  1910. Yang Tse (3 Nov 2008)
  1911. - Fix undersized IPv6 address internal buffer. IPv6 address strings longer
  1912. than 35 characters would be truncated.
  1913. Daniel Stenberg (2 Nov 2008)
  1914. - Daniel Johnson reported and fixed:
  1915. When c-ares isn't enabled, libcurl by default calls getaddrinfo with family
  1916. set to PF_UNSPEC which causes getaddrinfo to return all available addresses,
  1917. both IPv4 and IPv6. Libcurl then tries each one until it can connect. If the
  1918. net connection doesn't support IPv6, libcurl can still fall back to IPv4.
  1919. However, since c-ares doesn't support PF_UNSPEC, when it's used it defaults
  1920. to using family=PF_INET6 and therefore only returns IPv6 addresses when AAAA
  1921. records are available, even if IPv4 addresses are also available. The effect
  1922. is that since my ISP doesn't do IPv6, libcurl can't connect at all to a site
  1923. that has AAAA records. It will work if I explicitly use CURL_IPRESOLVE_V4 or
  1924. --ipv4 with the curl tool. I discovered this when curl would fail to connect
  1925. to seemingly random sites. It turns out they weren't random, they were sites
  1926. with AAAA records.
  1927. So now libcurl defaults to PF_INET... until c-ares has been tought to offer
  1928. both.
  1929. Yang Tse (31 Oct 2008)
  1930. - Tests 558 and 559 are stabilized. These two tests were initially introduced
  1931. to aid in the location of a seg-fault which was only triggered on non-debug
  1932. builds done with the icc 9.1 Intel compiler. Test 558 does not trigger the
  1933. problem, but test 559 does trigger it. As of today, it isn't yet absolutely
  1934. clear if it is a compiler optimizer issue or a memory corruption one.
  1935. Yang Tse (30 Oct 2008)
  1936. - Use our Curl_addrinfo structure definition to handle address info data even
  1937. when a system addrinfo struct is available. Provide and use a wrapper around
  1938. systems getaddrinfo function, Curl_getaddrinfo_ex which returns a pointer to
  1939. a list of dynamically allocated Curl_addrinfo structs.
  1940. Configure will check freeaddrinfo and getaddrinfo functions and define
  1941. preprocessor symbols HAVE_FREEADDRINFO and HAVE_GETADDRINFO when appropriate.
  1942. Daniel Fandrich (29 Oct 2008)
  1943. - Fixed a bug that caused a few bytes of garbage to be sent after a
  1944. curl_easy_pause() during a chunky upload. Reported by Steve Roskowski.
  1945. Daniel Fandrich (28 Oct 2008)
  1946. - Changed the "resolve" test precheck program to verify that an IPv6 socket
  1947. can be created before resolving the IPv6 name. In the context of running
  1948. a test, it doesn't make sense to run an IPv6 test when a host is resolvable
  1949. but IPv6 isn't usable. This should fix failures of test 1085 on hosts with
  1950. library and DNS support for IPv6 but where actual use of IPv6 has been
  1951. administratively disabled.
  1952. Daniel Fandrich (24 Oct 2008)
  1953. - Added experimental support for zlib and OpenSSL on Symbian OS.
  1954. Daniel Fandrich (21 Oct 2008)
  1955. - Fixed some problems with SFTP range support to fix test cases 634 through
  1956. 637.
  1957. Daniel Fandrich (17 Oct 2008)
  1958. - Fixed a compile error reported by Albert Chin on AIX and IRIX when using
  1959. GTLS.
  1960. Daniel Stenberg (16 Oct 2008)
  1961. - Igor Novoseltsev added CURLOPT_PROXYUSER and CURLOPT_PROXYPASSWORD that then
  1962. make CURLOPT_PROXYUSERPWD sort of deprecated. The primary motive for adding
  1963. these new options is that they have no problems with the colon separator
  1964. that the CURLOPT_PROXYUSERPWD option does.
  1965. Daniel Stenberg (15 Oct 2008)
  1966. - Pascal Terjan filed bug #2154627
  1967. (http://curl.haxx.se/bug/view.cgi?id=2154627) which pointed out that libcurl
  1968. uses strcasecmp() in multiple places where it causes failures when the
  1969. Turkish locale is used. This is because 'i' and 'I' isn't the same letter so
  1970. strcasecmp() on those letters are different in Turkish than in English (or
  1971. just about all other languages). I thus introduced a totally new internal
  1972. function in libcurl (called Curl_raw_equal) for doing case insentive
  1973. comparisons for english-(ascii?) style strings that thus will make "file"
  1974. and "FILE" match even if the Turkish locale is selected.
  1975. Daniel Fandrich (15 Oct 2008)
  1976. - A <precheck> command is considered to have failed if it returns a non-zero
  1977. return code. This way, if the precheck command can't be run at all for
  1978. whatever reason, it's treated as a precheck failure which causes the
  1979. test to be skipped.
  1980. Daniel Stenberg (15 Oct 2008)
  1981. - John Wilkinson filed bug #2155496
  1982. (http://curl.haxx.se/bug/view.cgi?id=2155496) pointing out an error case
  1983. without a proper human-readable error message. When a read callback returns
  1984. a too large value (like when trying to return a negative number) it would
  1985. trigger and the generic error message then makes the proplem slightly
  1986. different to track down. I've added an error message for this now.
  1987. Daniel Fandrich (9 Oct 2008)
  1988. - Fixed the --interface option to work with IPv6 connections on glibc
  1989. systems supporting getifaddrs(). Also fixed a problem where an IPv6
  1990. address could be chosen instead of an IPv4 one for --interface when it
  1991. involved a name lookup.
  1992. Daniel Fandrich (8 Oct 2008)
  1993. - Added tests 1082 through 1085 to test symbolic --interface parameters
  1994. - Added tests 633 through 637 to test the new file range support for SFTP.
  1995. All but the first test cause an infinite loop or other failure and so
  1996. are added to DISABLED.
  1997. Daniel Stenberg (8 Oct 2008)
  1998. - John Wilkinson filed bug #2152270
  1999. (http://curl.haxx.se/bug/view.cgi?id=2152270) which identified and fixed a
  2000. CURLINFO_REDIRECT_URL memory leak and an additional wrong-doing:
  2001. Any subsequent transfer with a redirect leaks memory, eventually crashing
  2002. the process potentially.
  2003. Any subsequent transfer WITHOUT a redirect causes the most recent redirect
  2004. that DID occur on some previous transfer to still be reported.
  2005. - Igor Novoseltsev filed bug #2111613
  2006. (http://curl.haxx.se/bug/view.cgi?id=2111613) that eventually identified a
  2007. flaw in how the multi_socket interface in some cases missed to call the
  2008. timeout callback when easy interfaces are removed and added within the same
  2009. millisecond.
  2010. - Igor Novoseltsev brought a patch that introduced two new options to
  2011. curl_easy_setopt: CURLOPT_USERNAME and CURLOPT_PASSWORD that sort of
  2012. deprecates the good old CURLOPT_USERPWD since they allow applications to set
  2013. the user name and password independently and perhaps more importantly allow
  2014. both to contain colon(s) which CURLOPT_USERPWD doesn't fully support.
  2015. Daniel Fandrich (7 Oct 2008)
  2016. - Changed the handling of read/write errors in Curl_perform() to allow a
  2017. a fresh connection to be made in such cases and the request retransmitted.
  2018. This should fix test case 160. Added test case 1079 in an attempt to
  2019. test a similar connection dropping scenario, but as a race condition, it's
  2020. hard to test reliably.
  2021. - Created test cases 1080 and 1081 to reproduce a problem of
  2022. CURLINFO_REDIRECT_URL leaking memory and returning incorrect results when
  2023. two URLs are requested. Reported by vmpdemo in bug #2152270
  2024. Daniel Stenberg (7 Oct 2008)
  2025. - Fixed CURLINFO_PRIMARY_IP: When libcurl created a connection to host A then
  2026. the app re-used the handle to do a connection to host B and then again
  2027. re-used the handle to host A, it would not update the info with host A's IP
  2028. address (due to the connection being re-used) but it would instead report
  2029. the info from host B.
  2030. Yang Tse (7 Oct 2008)
  2031. - Added --enable-optimize configure option to enable and disable compiler
  2032. optimizations to allow decoupled setting from --enable-debug.
  2033. Yang Tse (2 Oct 2008)
  2034. - Added --enable-warnings configure option to enable and disable strict
  2035. compiler warnings to allow decoupled setting from --enable-debug.
  2036. runtests.pl will now run with picky compiler warnings enabled unless
  2037. explicitly disabled.
  2038. Daniel Fandrich (1 Oct 2008)
  2039. - "make clean" now cleans out the docs and tests directories, too.
  2040. Daniel Stenberg (30 Sep 2008)
  2041. - The libcurl FTP code now returns CURLE_REMOTE_FILE_NOT_FOUND error when SIZE
  2042. gets a 550 response back for the cases where a download (or NOBODY) is
  2043. wanted. It still allows a 550 as response if the SIZE is used as part of an
  2044. upload process (like if resuming an upload is requested and the file isn't
  2045. there before the upload). I also modified the FTP test server and a few test
  2046. cases accordingly to match this modified behavior.
  2047. Daniel Stenberg (29 Sep 2008)
  2048. - Daniel Egger provided a patch that allows you to disable proxy support in
  2049. libcurl to somewhat reduce the size of the binary. Run configure
  2050. --disable-proxy.
  2051. Daniel Fandrich (29 Sep 2008)
  2052. - Moved all signal-based name resolution timeout handling into a single new
  2053. Curl_resolv_timeout function to reduce coupling.
  2054. Daniel Stenberg (29 Sep 2008)
  2055. - Ian Lynagh provided a patch that now makes CURLOPT_RANGE work fine for SFTP
  2056. downloads!
  2057. - Maxim Ivanov filed bug report #2107803
  2058. (http://curl.haxx.se/bug/view.cgi?id=2107803) "no CURLINFO_REDIRECT_URL in
  2059. multi mode" together with a patch that fixed the problem.
  2060. Daniel Stenberg (25 Sep 2008)
  2061. - Emanuele Bovisio submitted bug report #2126435. We fixed the HTTP Digest
  2062. auth code to not behave badly when getting a blank realm with
  2063. realm="". http://curl.haxx.se/bug/view.cgi?id=2126435
  2064. Daniel Fandrich (23 Sep 2008)
  2065. - Make sure not to dereference the wrong UrlState proto union member when
  2066. switching from one protocol to another in a single request (e.g.
  2067. redirecting from HTTP to FTP as in test 1055) by resetting
  2068. state.expect100header before every request.
  2069. Daniel Stenberg (23 Sep 2008)
  2070. - Introducing Jamie Lokier's function for date to epoch conversion used in the
  2071. date parser function. This makes our function less dependent on system-
  2072. provided functions and instead we do all the magic ourselves. We also no
  2073. longer depend on the TZ environment variable. Switching to our own converter
  2074. has some side-effect and they are noted here for future reference (taken
  2075. from a mail by mr Lokier):
  2076. time_t is not measured in seconds in the ANSI C standard - or even counted
  2077. uniformly - weird platforms can use other numeric representations of dates
  2078. in time_t - hence the difftime() function.
  2079. On POSIX time_t is measured in UTC seconds, which means not including leap
  2080. seconds. But it's mentioned in a few places that some old POSIX-ish
  2081. environments include leap seconds in their time_t counts...
  2082. I'm pretty sure [the new implementation is] correct on anything truly POSIX.
  2083. And it's obviously a lot less dependent on platform quirks and corner cases
  2084. in many ways than the mktime() version.
  2085. - Rob Crittenden brought a patch to "add some locking for thread-safety to NSS
  2086. implementation".
  2087. Daniel Stenberg (22 Sep 2008)
  2088. - Made the SOCKS code use the new Curl_read_plain() function to fix the bug
  2089. Markus Moeller reported: http://curl.haxx.se/mail/archive-2008-09/0016.html
  2090. - recv() errors other than those equal to EAGAIN now cause proper
  2091. CURLE_RECV_ERROR to get returned. This made test case 160 fail so I've now
  2092. disabled it until we can figure out another way to exercise that logic.
  2093. - Michael Goffioul filed bug report #2107377 "Problem with multi + GnuTLS +
  2094. proxy" (http://curl.haxx.se/bug/view.cgi?id=2107377) that showed how a multi
  2095. interface using program didn't work when built with GnuTLS and a CONNECT
  2096. request was done over a proxy (basically test 502 over a proxy to a HTTPS
  2097. site). It turned out the ssl connect function would get called twice which
  2098. caused the second call to fail.
  2099. Daniel Fandrich (22 Sep 2008)
  2100. - Fixed test 539 to handle an out of memory condition that shows up now
  2101. that memdebug.h is included in the test programs.
  2102. Yang Tse (20 Sep 2008)
  2103. - Fix regression in configure script which affected OpenSSL builds on MSYS.
  2104. Yang Tse (19 Sep 2008)
  2105. - configure script now checks availability of the alarm() function.
  2106. Daniel Fandrich (18 Sep 2008)
  2107. - Don't bother to install a SIGALRM handler unless alarm() is available.
  2108. Also, leave the existing SIGALRM handler alone if the timeout is too small
  2109. to handle.
  2110. Daniel Fandrich (17 Sep 2008)
  2111. - Removed reference to curl-ca-bundle.crt in the host verification failure
  2112. error message.
  2113. Yang Tse (17 Sep 2008)
  2114. - Improve configure detection of gethostname(), localtime_r(), strstr(),
  2115. getservbyport_r(), gethostbyaddr_r() and gethostbyname_r().
  2116. Yang Tse (14 Sep 2008)
  2117. - Improve configure detection of strcasecmp(), strcasestr(), strcmpi(),
  2118. stricmp(), strlcat(), strncasecmp(), strncmpi() and strnicmp().
  2119. Yang Tse (13 Sep 2008)
  2120. - Disable tracking of fdopen() calls in the low-level memory leak tracking
  2121. code when fdopen() is not available, to avoid compiler error.
  2122. Yang Tse (12 Sep 2008)
  2123. - Further adjust detection of strerror_r() in the configure process, and
  2124. ensure that errno is not modified inside Curl_strerror().
  2125. Yang Tse (10 Sep 2008)
  2126. - Improve detection of gmtime_r(), strtoll(), sigaction(), strtok_r(),
  2127. strdup() and ftruncate() in the configure process.
  2128. Daniel Fandrich (9 Sep 2008)
  2129. - Mike Revi discovered some swapped speed switches documented in the curl man
  2130. page.
  2131. - Checked in some documentation and code improvements and fixes that I
  2132. discovered in the FreeBSD ports system.
  2133. Daniel Stenberg (8 Sep 2008)
  2134. - Dmitry Kurochkin patched a problem: I have found bug in pipelining through
  2135. proxy. I have a transparent proxy. When running with http_proxy environment
  2136. variable not set my test completes fine (it goes through transparent
  2137. proxy). When I set http_proxy variable my test hangs after the first
  2138. downloaded is complete. Looks like the second handle never gets out from
  2139. WAITDO state.
  2140. The fix: It makes checkPendPipeline move 1 handler from pend pipe to send
  2141. pipe if pipelining is not supported by server but there are no handles in
  2142. send and recv pipes.
  2143. - Stefan Krause pointed out that libcurl would wrongly send away cookies to
  2144. sites in cases where the cookie clearly has a very old expiry date. The
  2145. condition was simply that libcurl's date parser would fail to convert the
  2146. date and it would then count as a (timed-based) match. Starting now, a
  2147. missed date due to an unsupported date format or date range will now cause
  2148. the cookie to not match.
  2149. Daniel Fandrich (5 Sep 2008)
  2150. - Improved the logic that decides whether to use HTTP 1.1 features or not in a
  2151. request. Setting a specific version with CURLOPT_HTTP_VERSION overrides
  2152. all other checks, but otherwise, a 1.0 request will be made if the server
  2153. is known to support only 1.0 because it previously responded so and the
  2154. connection was kept alive, or a response to a previous request on this handle
  2155. came back as 1.0. The latter could take place in cases like redirection or
  2156. authentication where several requests have to be made before the operation
  2157. is complete. If any one of the servers in a redirection chain supports only
  2158. 1.0, then remaining requests will be sent in 1.0 mode.
  2159. - Detect cases where an upload must be sent chunked and the server supports
  2160. only HTTP 1.0 and return CURLE_UPLOAD_FAILED.
  2161. Daniel Stenberg (5 Sep 2008)
  2162. - Martin Drasar provided the CURLOPT_POSTREDIR patch. It renames
  2163. CURLOPT_POST301 (but adds a define for backwards compatibility for you who
  2164. don't define CURL_NO_OLDIES). This option allows you to now also change the
  2165. libcurl behavior for a HTTP response 302 after a POST to not use GET in the
  2166. subsequent request (when CURLOPT_FOLLOWLOCATION is enabled). I edited the
  2167. patch somewhat before commit. The curl tool got a matching --post302
  2168. option. Test case 1076 was added to verify this.
  2169. - Introducing CURLOPT_CERTINFO and the corresponding CURLINFO_CERTINFO. By
  2170. enabling this feature with CURLOPT_CERTINFO for a request using SSL (HTTPS
  2171. or FTPS), libcurl will gather lots of server certificate info and that info
  2172. can then get extracted by a client after the request has completed with
  2173. curl_easy_getinfo()'s CURLINFO_CERTINFO option. Linus Nielsen Feltzing
  2174. helped me test and smoothen out this feature.
  2175. Unfortunately, this feature currently only works with libcurl built to use
  2176. OpenSSL.
  2177. This feature was sponsored by networking4all.com - thanks!
  2178. - Dmitriy Sergeyev pointed out that curl_easy_pause() didn't unpause properly
  2179. during certain conditions. I also changed this code to use realloc() based
  2180. on Daniel Fandrich's suggestion.
  2181. Guenter Knauf (4 Sep 2008)
  2182. - MingW32 non-configure builds are now largefile feature enabled by default.
  2183. NetWare LIBC builds are also now largefile feature enabled by default.
  2184. Yang Tse (4 Sep 2008)
  2185. - Several fixes related with print formatting string directives.
  2186. Daniel Fandrich (3 Sep 2008)
  2187. - Search for the FreeBSD CA cert file /usr/local/share/certs/ca-root.crt
  2188. Daniel Fandrich (2 Sep 2008)
  2189. - Fixed an out of memory problem that caused torture test failures in tests
  2190. 706 and 707.
  2191. Daniel Stenberg (2 Sep 2008)
  2192. - Keith Mok added supported_protocols and supported_features to the pkg-config
  2193. file for libcurl, and while doing that fix he unified with curl-config.in
  2194. how the supported protocols and features are extracted and used, so both those
  2195. tools should now always be synced.
  2196. Version 7.19.0 (1 September 2008)
  2197. Daniel Fandrich (29 Aug 2008)
  2198. - Added tests 1071 through 1074 to test automatic downgrading from HTTP 1.1
  2199. to HTTP 1.0 upon receiving a response from the HTTP server. Tests 1072
  2200. and 1073 are similar to test 1069 in that they involve the impossible
  2201. scenario of sending chunked data to a HTTP 1.0 server. All these fail
  2202. and are added to DISABLED.
  2203. - Added test 1075 to test --anyauth with Basic authentication.
  2204. Daniel Stenberg (29 Aug 2008)
  2205. - When libcurl was doing a HTTP POST and the server would respond with
  2206. "Connection: close" and actually close the connection after the
  2207. response-body, libcurl could still have outstanding data to send and it
  2208. would not properly notice this and stop sending. This caused weirdness and
  2209. sad faces. http://curl.haxx.se/bug/view.cgi?id=2080222
  2210. Note that there are still reasons to consider libcurl's behavior when
  2211. getting a >= 400 response code while sending data, as Craig Perras' note
  2212. "http upload: how to stop on error" specifies:
  2213. http://curl.haxx.se/mail/archive-2008-08/0138.html
  2214. Daniel Stenberg (28 Aug 2008)
  2215. - Dengminwen reported that libcurl would lock a (cookie) share twice (without
  2216. an unlock in between) for a certain case and that in fact works when using
  2217. regular windows mutexes but not with pthreads'! Locks should of course not
  2218. get locked again so this is now fixed.
  2219. http://curl.haxx.se/mail/lib-2008-08/0422.html
  2220. - I'm abandoning the system with the web site mirrors (but keeping download
  2221. files bing mirrored) and thus I've changed the URL in the cookiejar header
  2222. to no longer use curlm.haxx.se but instead use the main site curl.haxx.se
  2223. Daniel Fandrich (27 Aug 2008)
  2224. - Fixed test case 1065 by changing the handling of CURLOPT_UPLOAD to set
  2225. the HTTP method to GET (or HEAD) when given a value of 0.
  2226. - Added test cases 1068 and 1069 to test a simple HTTP PUT from stdin. Test
  2227. case 1069 fails in a similar manner to test 1065 so is added to DISABLED.
  2228. Yang Tse (27 Aug 2008)
  2229. - Fix generation of MS VC6 .dsp file to make it support compilation of either
  2230. dynamic (DLL) or static (LIB) libcurl libraries in debug and release modes.
  2231. Daniel Fandrich (26 Aug 2008)
  2232. - Fixed out of memory problems that caused torture test failures in tests
  2233. 1021 and 1067.
  2234. Yang Tse (26 Aug 2008)
  2235. - Added check and symbol definition for WIN32 file API usage in configure,
  2236. supporting configure's --disable-largefile option for WIN32 targets also.
  2237. - Non-configure systems which do not use config-win32.h configuration file,
  2238. and want to use the WIN32 file API, must define USE_WIN32_LARGE_FILES or
  2239. USE_WIN32_SMALL_FILES as appropriate in their own configuration files.
  2240. Daniel Stenberg (23 Aug 2008)
  2241. - Running 'make ca-firefox' in the root build dir will now run the new
  2242. firefox-db2pem.sh conversion script that converts a local Firefox db of ca
  2243. certs into PEM format, suitable for use with a OpenSSL or GnuTLS built
  2244. libcurl.
  2245. - Constantine Sapuntzakis fixed a bug when doing proxy CONNECT with the multi
  2246. interface, and the proxy would send Connection: close during the
  2247. authentication phase. http://curl.haxx.se/bug/view.cgi?id=2069047
  2248. Daniel Fandrich (22 Aug 2008)
  2249. - Fixed a problem when --dump-header - was given with more than one URL,
  2250. which caused an error when the second header was dumped due to stdout
  2251. being closed. Added test case 1066 to verify. Also fixed a potential
  2252. problem where a closed file descriptor might be used for an upload
  2253. when more than one URL is given.
  2254. Yang Tse (22 Aug 2008)
  2255. - Improved libcurl's internal curl_m*printf() functions integral data type
  2256. size and signedness handling.
  2257. - Internal adjustments to better select/differentiate when large/small file
  2258. support is provided using WIN32 functions directly.
  2259. Daniel Fandrich (20 Aug 2008)
  2260. - Added an edited version of Vincent Le Normand's documentation of SFTP quote
  2261. commands to the man pages.
  2262. Daniel Stenberg (20 Aug 2008)
  2263. - Phil Pellouchoud pointed out that the windows version of libcurl had a
  2264. memory leak because it never called the OpenSSL function
  2265. CRYPTO_cleanup_all_ex_data() as it was supposed to. This was because of a
  2266. missing define in config-win32.h!
  2267. Gisle Vanem (18 Aug 2008)
  2268. - Updated lib/Makefile.Watcom with the option to use c-ares (USE_ARES=1).
  2269. Yang Tse (18 Aug 2008)
  2270. - Added test case 557 to verify libcurl's internal curl_m*printf() functions
  2271. formatting functionality when handling signed and unsigned longs, as well as
  2272. our curl_off_t data type.
  2273. Yang Tse (17 Aug 2008)
  2274. - OpenSSl enabled NetWare builds are changed to use the 'openssl' subdirectory
  2275. when including the OpenSSL header files. This is the recommended setting, this
  2276. prevents the undesired inclusion of header files with the same name as those
  2277. of OpenSSL but which do not belong to the OpenSSL package. The visible change
  2278. from previously released libcurl versions is that now OpenSSl enabled NetWare
  2279. builds also define USE_OPENSSL in config files, and that OpenSSL header files
  2280. must be located in a subdirectory named 'openssl'.
  2281. Yang Tse (16 Aug 2008)
  2282. - Library internal only C preprocessor macros FORMAT_OFF_T and FORMAT_OFF_TU
  2283. remain in use as internal curl_off_t print formatting strings for the internal
  2284. *printf functions which still cannot handle print formatting string directives
  2285. such as "I64d", "I64u", and others available on MSVC, MinGW, Intel's ICC, and
  2286. other DOS/Windows compilers.
  2287. Daniel Fandrich (15 Aug 2008)
  2288. - Added test case 1063 to test invalid long file ranges with file: URLs and
  2289. 1064 to test multiple http PUTs.
  2290. - Added test case 1065 to test a PUT with a single file but two URLs. This
  2291. was discovered to be problematic while investigating an incident reported by
  2292. Von back in May. curl in this case doesn't include a Content-Length: or
  2293. Transfer-Encoding: chunked header which is illegal. This test case is
  2294. added to DISABLED until a solution is found.
  2295. Yang Tse (15 Aug 2008)
  2296. - C preprocessor macros used internally and equally available externally which
  2297. aid in the use of the curl_off_t data type are named: CURL_FORMAT_CURL_OFF_T,
  2298. CURL_FORMAT_CURL_OFF_TU, CURL_SIZEOF_CURL_OFF_T, CURL_SUFFIX_CURL_OFF_T,
  2299. CURL_SUFFIX_CURL_OFF_TU, CURL_OFF_T_C and CURL_OFF_TU_C.
  2300. Yang Tse (13 Aug 2008)
  2301. - The size of long is a build time characteristic and as such it is now recorded
  2302. in curlbuild.h as CURL_SIZEOF_LONG. Definition now done from configure process
  2303. and in CVS curlbuild.h.dist for non-configure systems.
  2304. Daniel Fandrich (12 Aug 2008)
  2305. - Fixed a buffer overflow problem in Curl_proxyCONNECT that could occur
  2306. when a server responded with long headers and data. Luckily, the buffer
  2307. overflowed into another unused buffer, so no actual harm was done.
  2308. Added test cases 1060 and 1061 to verify.
  2309. Daniel Stenberg (12 Aug 2008)
  2310. - Andy Tsouladze fixed runtests.pl to not attempt to execute the stunnel
  2311. _directory_ if that happened to appear in the path!
  2312. Yang Tse (12 Aug 2008)
  2313. - Added macros for minimum-width signed and unsigned curl_off_t integer
  2314. constants CURL_OFF_T_C and CURL_OFF_TU_C. The clever double helper macro
  2315. used internally to provide its functionality is thanks to Lars Nilsson.
  2316. Daniel Fandrich (11 Aug 2008)
  2317. - Fixed a boundary condition error in ftp_readresp() whereby a non-terminal
  2318. line of a multiline FTP response whose last byte landed exactly at the end
  2319. of the BUFSIZE-length buffer would be treated as the terminal response
  2320. line. The following response code read in would then actually be the
  2321. end of the previous response line, and all responses from then on would
  2322. correspond to the wrong command. Test case 1062 verifies this.
  2323. - Stop closing a never-opened ftp socket.
  2324. Daniel Stenberg (11 Aug 2008)
  2325. - Constantine Sapuntzakis filed bug report #2042430
  2326. (http://curl.haxx.se/bug/view.cgi?id=2042430) with a patch. "NTLM Windows
  2327. SSPI code is not thread safe". This was due to libcurl using static
  2328. variables to tell wether to load the necessary SSPI DLL, but now the loading
  2329. has been moved to the more suitable curl_global_init() call.
  2330. - Constantine Sapuntzakis filed bug report #2042440
  2331. (http://curl.haxx.se/bug/view.cgi?id=2042440) with a patch. He identified a
  2332. problem when using NTLM over a proxy but the end-point does Basic, and then
  2333. libcurl would do wrong when the host sent "Connection: close" as the proxy's
  2334. NTLM state was erroneously cleared.
  2335. Yang Tse (11 Aug 2008)
  2336. - Added missing signed and unsigned curl_off_t integer constant suffixes for
  2337. internal and external use. CURL_SUFFIX_CURL_OFF_T, CURL_SUFFIX_CURL_OFF_TU.
  2338. Daniel Fandrich (7 Aug 2008)
  2339. - Fixed an uninitialized variable in multi_runsingle() that could cause a
  2340. request to prematurely end.
  2341. - Added test1059 to test the FTP proxy tunnel problem fixed July 11.
  2342. Yang Tse (7 Aug 2008)
  2343. - Added curlbuild.h and curlrules.h header files to libcurl's public headers.
  2344. File curlbuild.h is a generated file on configure-capable systems. This is
  2345. a first step towards configure-based info in public headers. Currently only
  2346. used to provide support for a curl_off_t data type which is not gated to
  2347. off_t. Further details are documented inside these mentioned header files.
  2348. - Fix CURL_CHECK_DEF so that when the expansion of the preprocessor symbol
  2349. results in a set of double-quoted strings, this macro will now return an
  2350. expansion which consists of a single double-quoted string as the result of
  2351. concatenating all of them.
  2352. - Skip data type check in DO_CURL_OFF_T_CHECK macro when argument is empty.
  2353. - Adjusted testcurl.pl to copy checked out curlbuild.h.dist as curlbuild.h
  2354. for non-configure targets when the host system doesn't run buildconf.bat.
  2355. - Prevent buildconf from removing 'Makefile' and 'missing' files. This would
  2356. blow away our CVS checked files 'missing' and 'hiper/Makefile'.
  2357. - Remove adjustment done to testcurl.pl to verify if change introduced by
  2358. Guenter Knauf in lib/Makefile.netware is enough to get the netware autobuilds
  2359. going again.
  2360. Yang Tse (5 Aug 2008)
  2361. - Changes done to buildconf script. Validate that autom4te and autoconf, as
  2362. well as aclocal and automake, versions match. Improve removal of previous
  2363. run generated files. Remove verbose debug logging of aclocal on Solaris.
  2364. Daniel Stenberg (5 Aug 2008)
  2365. - Yehoshua Hershberg found a problem that would make libcurl re-use a
  2366. connection with the multi interface even if a previous use of it caused a
  2367. CURLE_PEER_FAILED_VERIFICATION to get returned. I now make sure that failed
  2368. SSL connections properly close the connections.
  2369. Daniel Stenberg (4 Aug 2008)
  2370. - Test cases 1051, 1052 and 1055 were added by Daniel Fandrich on July 30 and
  2371. proved how PUT and POST with a redirect could lead to a "hang" due to the
  2372. data stream not being rewound properly when it had to in order to get sent
  2373. properly (again) to the subsequent URL. This is now fixed and these test
  2374. cases are no longer disabled.
  2375. Yang Tse (4 Aug 2008)
  2376. - Autoconf 2.62 has changed the behaviour of the AC_AIX macro which we use.
  2377. Prior versions of autoconf defined _ALL_SOURCE if _AIX was defined. 2.62
  2378. version of AC_AIX defines _ALL_SOURCE and other four preprocessor symbols
  2379. no matter if the system is AIX or not. To keep the traditional behaviour,
  2380. and an uniform one across autoconf versions AC_AIX is replaced with our
  2381. own internal macro CURL_CHECK_AIX_ALL_SOURCE.
  2382. Daniel Stenberg (4 Aug 2008)
  2383. - Test case 1041 (added by Daniel Fandrich July 14th) proved a bug where PUT
  2384. with -C - sent garbage in the Content-Range: header. I fixed this problem by
  2385. making sure libcurl always sets the size of the _entire_ upload if an app
  2386. attemps to do resumed uploads since libcurl simply cannot know the size of
  2387. what is currently at the server end. Test 1041 is no longer disabled.
  2388. Yang Tse (2 Aug 2008)
  2389. - No longer test availability of the gdi32 library, nor use it for linking, even
  2390. when we have been doing this since revision 1.47 of configure.ac 4 years and
  2391. 5 months ago when cross-compiling a Windows target. We actually don't use any
  2392. function from the Windows GDI (Graphics Device Interface) related with drawing
  2393. or graphics-related operations.
  2394. Daniel Fandrich (1 Aug 2008)
  2395. - Added support for --append on SFTP uploads. Unfortunately, OpenSSH doesn't
  2396. support this so it goes untested.
  2397. Yang Tse (1 Aug 2008)
  2398. - Configure process now checks if the preprocessor _REENTRANT symbol is already
  2399. defined. If it isn't currently defined a set of checks are performed to test
  2400. if its definition is required to make visible to the compiler a set of *_r
  2401. functions. Finally, if _REENTRANT is already defined or needed it takes care
  2402. of making adjustments necessary to ensure that it is defined equally for the
  2403. configure process tests and generated config file.
  2404. - Removed definition of CURL_CHECK_WORKING_RESOLVER from acinclude.m4 it has
  2405. not been in use since revision 1.81 of configure.in 6 years, 9 months ago.
  2406. Daniel Fandrich (31 Jul 2008)
  2407. - Fixed parsing of an IPv6 proxy address to support a scope identifier,
  2408. as well as IPv4 addresses in IPv6 format. Also, better handle the case
  2409. of a malformatted IPv6 address (avoid empty and NULL strings).
  2410. - Fixed a problem with any FTP URL or any URLs containing an IPv6 address
  2411. being mangled when passed to proxies when CURLOPT_PORT is also set
  2412. (reported by Pramod Sharma).
  2413. - User names embedded in proxy URLs without a password were parsed
  2414. incorrectly--the host name is treated as part of the user name and the
  2415. port number becomes the password. This can be observed in test 279
  2416. (was KNOWN_ISSUE #54).
  2417. Daniel Stenberg (30 Jul 2008)
  2418. - Phil Blundell added the CURLOPT_ADDRESS_SCOPE option, as well as adjusted
  2419. the URL parser to allow numerical IPv6-addresses to be specified with the
  2420. scope given, as per RFC4007 - with a percent letter that itself needs to be
  2421. URL escaped. For example, for an address of fe80::1234%1 the HTTP URL is:
  2422. "http://[fe80::1234%251]/"
  2423. - PHP's bug report #43158 (http://bugs.php.net/bug.php?id=43158) identifies a
  2424. true bug in libcurl built with OpenSSL. It made curl_easy_getinfo() more or
  2425. less always return 0 for CURLINFO_SSL_VERIFYRESULT because the function that
  2426. would set it to something non-zero would return before the assign in almost
  2427. all error cases. The internal variable is now set to non-zero from the start
  2428. of the function only to get cleared later on if things work out fine.
  2429. - Made the curl tool's -w option support the %{ssl_verify_result} variable
  2430. Daniel Fandrich (30 Jul 2008)
  2431. - Added test cases 1052 through 1055 to test uploading data from files
  2432. during redirects. Test cases 1052 and 1055 show problems (maybe the same
  2433. root cause as 1051) and are disabled.
  2434. - Fixed a couple of buffer overflows in the MS-DOS port of the curl tool.
  2435. Daniel Fandrich (29 Jul 2008)
  2436. - Fixed --use-ascii to properly convert text files on Symbian OS, MS-DOS
  2437. and OS/2.
  2438. - Added test case 1051 to test Location: following with PUT, as reported
  2439. by Ben Sutcliffe. The test when run manually shows a problem in curl
  2440. so it's disabled.
  2441. Daniel Fandrich (28 Jul 2008)
  2442. - Fixed display of the interface bind address in the trace output when it's
  2443. an IPv6 address.
  2444. - Added test cases 1045 through 1049 as simple tests of --interface using the
  2445. localhost interface.
  2446. - Added test case 1050 to test --ftp-port with an IPv6 address
  2447. Daniel Stenberg (26 Jul 2008)
  2448. - David Bau filed bug report #2026240 "CURL_READFUNC_PAUSE leads to buffer
  2449. overrun" (http://curl.haxx.se/bug/view.cgi?id=2026240) identifying two
  2450. problems, and providing the fix for them:
  2451. - CURL_READFUNC_PAUSE did in fact not pause the _sending_ of data that it is
  2452. designed for but paused _receiving_ of data!
  2453. - libcurl didn't internally set the read counter to zero when this return
  2454. code was detected, which would potentially lead to junk getting sent to
  2455. the server.
  2456. Daniel Fandrich (26 Jul 2008)
  2457. - Added test 1044 to test large file support in ftp with -I.
  2458. - Eliminate a unnecessary socket creation in Curl_getaddrinfo for an IPv4
  2459. address in an IPv6 capable libcurl.
  2460. - Added feature in runtests.pl to select tests based on key word.
  2461. Daniel Fandrich (23 Jul 2008)
  2462. - Changed the long logfile elision code in runtests.pl to properly handle
  2463. lines ending in \r.
  2464. - Changed references to TRUE and FALSE in the curl_easy_setopt man page to
  2465. 1 and zero, respectively, since TRUE and FALSE aren't part of the
  2466. libcurl API.
  2467. Daniel Stenberg (23 Jul 2008)
  2468. - I went over the curl_easy_setopt man page and replaced most references to
  2469. non-zero with the fixed value of 1. We should strive at making options
  2470. support '1' for enabling them mentioned explicitly, as that then will allow
  2471. us for to extend them in the future without breaking older programs.
  2472. Possibly we should even introduce a fancy define to use instead of '1' all
  2473. over...
  2474. Yang Tse (21 Jul 2008)
  2475. - Use the sreadfrom() wrapper to replace recvfrom() in our code.
  2476. Yang Tse (20 Jul 2008)
  2477. - when recvfrom prototype uses a void pointer for arguments 2, 5 or 6 this will
  2478. now cause the definition, as appropriate, of RECVFROM_TYPE_ARG2_IS_VOID,
  2479. RECVFROM_TYPE_ARG5_IS_VOID or RECVFROM_TYPE_ARG6_IS_VOID.
  2480. Yang Tse (17 Jul 2008)
  2481. - RECVFROM_TYPE_ARG2, RECVFROM_TYPE_ARG5 and RECVFROM_TYPE_ARG6 are now defined
  2482. to the data type pointed by its respective argument and not the pointer type.
  2483. Yang Tse (16 Jul 2008)
  2484. - Configure process now checks availability of recvfrom() socket function and
  2485. finds out its return type and the types of its arguments. Added definitions
  2486. for non-configure systems config files, and introduced macro sreadfrom which
  2487. will be used on udp sockets as a recvfrom() wrapper.
  2488. Yang Tse (15 Jul 2008)
  2489. - Added description/comment to include paths used in several Makefile.am files.
  2490. Added automake option nostdinc to test servers makefile and modified libcurl
  2491. external headers include path for libtest programs.
  2492. Daniel Fandrich (14 Jul 2008)
  2493. - Added test1040 through test1043 to test -C - on HTTP. Test 1041 failed so
  2494. it's added to DISABLED.
  2495. Yang Tse (14 Jul 2008)
  2496. - HTTP_ONLY definition check in lib/setup.h is now done once that configuration
  2497. file has been included. In this way if symbol is defined in the config file
  2498. it will no longer be ignored. Removed inclusion of remaining system header
  2499. files from configuration files. Moved _REENTRANT definition up/earlier in
  2500. lib/setup.h
  2501. Yang Tse (11 Jul 2008)
  2502. - Added missing multiple header inclusion prevention definition for header
  2503. file content_encoding.h
  2504. Daniel Fandrich (11 Jul 2008)
  2505. - Fixed test 553 to pass the torture test.
  2506. Daniel Stenberg (11 Jul 2008)
  2507. - Daniel Fandrich found out we didn't pass on the user-agent properly when
  2508. doing "proxy-tunnels" with non-HTTP prototols and that was simply because
  2509. the code assumed the user-agent was only needed for HTTP.
  2510. Daniel Fandrich (10 Jul 2008)
  2511. - Changed slightly the SFTP quote commands chmod, chown and chgrp to only
  2512. set the attribute that has changed instead of all possible ones. Hopefully,
  2513. this will solve the "Permission denied" problem that Nagarajan Sreenivasan
  2514. reported when setting some modes, but regardless, it saves a protocol
  2515. round trip in the chmod case.
  2516. - Added test cases 1038 and 1039 to test Adrian Kreher's report that ftp
  2517. uploads with -C - didn't resume properly, but the tests pass.
  2518. Yang Tse (10 Jul 2008)
  2519. - Peter Lamberg filed bug report #2015126: "poll gives WSAEINVAL when POLLPRI
  2520. is set in fdset.events" (http://curl.haxx.se/bug/view.cgi?id=2015126) which
  2521. exactly pinpointed the problem only triggered on Windows Vista, provided
  2522. reference to docs and also a fix. There is much work behind Peter Lamberg's
  2523. excellent bug report. Thank You!
  2524. Daniel Fandrich (9 Jul 2008)
  2525. - Added tests 1036 and 1037 to verify resumed ftp downloads with -C -
  2526. Daniel Stenberg (9 Jul 2008)
  2527. - Andreas Schuldei improved Phil Blundell's patch for IPv6 using c-ares, and I
  2528. edited it slightly. Now you should be able to use IPv6 addresses fine even
  2529. with libcurl built to use c-ares.
  2530. Daniel Fandrich (9 Jul 2008)
  2531. - Fixed an OOM handling problem that cause test 11 to fail the torture test.
  2532. Daniel Fandrich (8 Jul 2008)
  2533. - Fixed test 554 to pass the torture test.
  2534. Daniel Fandrich (7 Jul 2008)
  2535. - Added test cases 1034 & 1035 to test IDN name conversion failures.
  2536. Daniel Stenberg (7 Jul 2008)
  2537. - Scott Barrett provided a test case for a segfault in the FTP code and the
  2538. fix for it. It occured when you did a FTP transfer using
  2539. CURLFTPMETHOD_SINGLECWD and then did another one on the same easy handle but
  2540. switched to CURLFTPMETHOD_NOCWD. Due to the "dir depth" variable not being
  2541. cleared properly. Scott's test case is now known as test 539 and it
  2542. verifies the fix.
  2543. Daniel Stenberg (3 Jul 2008)
  2544. - Phil Blundell provided a fix for libcurl's treatment of unexpected 1xx
  2545. response codes. Previously libcurl would hang on such occurances. I added
  2546. test case 1033 to verify.
  2547. - Introcuding a new timestamp for curl_easy_getinfo():
  2548. CURLINFO_APPCONNECT_TIME. This is set with the "application layer"
  2549. handshake/connection is completed. Which typically is SSL, TLS or SSH and by
  2550. using this you can figure out the application layer's own connect time. You
  2551. can extract the time stamp using curl's -w option and the new variable named
  2552. 'time_appconnect'. This feature was sponsored by Lenny Rachitsky at NeuStar.
  2553. Daniel Fandrich (2 Jul 2008)
  2554. - Support Open Watcom C on Linux (as well as Windows).
  2555. Yang Tse (2 Jul 2008)
  2556. - The previously committed fix for bug report #1999181 prevented using the
  2557. monotonic clock on any system without an always supported POSIX compliant
  2558. implementation. Now the POSIX compliant configuration check is removed and
  2559. will fallback to gettimeofday when the monotonic clock is unavailable at
  2560. run-time.
  2561. - The configure process will now halt when sed, grep, egrep or ar programs
  2562. can not be found among the directories in PATH variable.
  2563. Daniel Stenberg (1 Jul 2008)
  2564. - Rolland Dudemaine provided fixes to get libcurl to build for the INTEGRITY
  2565. operating system.
  2566. Daniel Stenberg (30 Jun 2008)
  2567. - Made the internal printf() support %llu properly to print unsigned long longs.
  2568. - Stephen Collyer and Tor Arntsen helped identify a flaw in the range code
  2569. which output the range using a signed variable where it should rather use
  2570. unsigned.
  2571. Yang Tse (29 Jun 2008)
  2572. - John Lightsey filed bug report #1999181: "CLOCK_MONOTONIC always fails on
  2573. some systems" (http://curl.haxx.se/bug/view.cgi?id=1999181). The problem was
  2574. that the configure script did not use the _POSIX_MONOTONIC_CLOCK feature test
  2575. macro when checking monotonic clock availability. This is now fixed and the
  2576. monotonic clock will not be used unless the feature test macro is defined
  2577. with a value greater than zero indicating always supported.
  2578. Daniel Fandrich (25 Jun 2008)
  2579. - Honour --stderr with the -v option.
  2580. - Fixed a file handle leak in the command line client if more than one
  2581. --stderr option was given.
  2582. Daniel Stenberg (22 Jun 2008)
  2583. - Eduard Bloch filed the debian bug report #487567
  2584. (http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=487567) pointing out that
  2585. libcurl used Content-Range: instead of Range when doing a range request with
  2586. --head (CURLOPT_NOBODY). This is now fixed and test case 1032 was added to
  2587. verify.
  2588. Daniel Fandrich (21 Jun 2008)
  2589. - Stopped using ranges in scanf character sequences (e.g. %[a-z]) since that
  2590. is not ANSI C, just a common extension. This caused problems on
  2591. at least Open Watcom C.
  2592. Yang Tse (20 Jun 2008)
  2593. - Modified configuration script to actually verify if the compiler is good
  2594. enough at detecting compilation errors or at least it has been properly
  2595. configured to do so. Configuration heavily depends on this capability, so
  2596. if this compiler sanity check fails the configuration process will now fail.
  2597. Daniel Stenberg (20 Jun 2008)
  2598. - Phil Pellouchoud found a case where libcurl built with NSS failed to
  2599. handshake with a SSLv2 server, and it turned out to be because it didn't
  2600. recognize the cipher named "rc4-md5". In our list that cipher was named
  2601. plainly "rc4". I've now added rc4-md5 to work as an alias as Phil reported
  2602. that it made things work for him again.
  2603. - Hans-Jurgen May pointed out that trying SCP or SFTP over a SOCKS proxy
  2604. crashed libcurl. This is now addressed by making sure we use "plain send"
  2605. internally when doing the socks handshake instead of the Curl_write()
  2606. function which is designed to use the "target" protocol. That's then SCP or
  2607. SFTP in this case. I also took the opportunity and cleaned up some ssh-
  2608. related #ifdefs in the code for readability.
  2609. Daniel Stenberg (19 Jun 2008)
  2610. - Christopher Palow fixed a curl_multi_socket() issue which previously caused
  2611. libcurl to not tell the app properly when a socket was closed (when the name
  2612. resolve done by c-ares is completed) and then immediately re-created and put
  2613. to use again (for the actual connection). Since the closure will make the
  2614. "watch status" get lost in several event-based systems libcurl will need to
  2615. tell the app about this close/re-create case.
  2616. - Dengminwen found a bug in the connection re-use function when using the
  2617. multi interface with pipelining enabled as it would wrongly check for,
  2618. detect and close "dead connections" even though that connection was already
  2619. in use!
  2620. Daniel Fandrich (18 Jun 2008)
  2621. - Added SSH failure test cases 628-632
  2622. - Fixed a memory leak in the command-line tool that caused a valgrind error.
  2623. Daniel Stenberg (18 Jun 2008)
  2624. - Rob Crittenden brought a fix for the NSS layer that makes libcurl no longer
  2625. always fire up a new connection rather than using the existing one when the
  2626. multi interface is used. Original bug report:
  2627. https://bugzilla.redhat.com/show_bug.cgi?id=450140
  2628. Yang Tse (18 Jun 2008)
  2629. - Internal configure script improvement. No longer break out of shell "for"
  2630. statements from inside AC_FOO_IFELSE macros, otherwise temporary macro files
  2631. are not properly removed.
  2632. Daniel Fandrich (12 Jun 2008)
  2633. - Fixed curl-config --ca which wasn't being exported by configure.
  2634. Daniel Stenberg (11 Jun 2008)
  2635. - I did a cleanup of the internal generic SSL layer and how the various SSL
  2636. libraries are supported. Starting now, each underlying SSL library support
  2637. code does a set of defines for the 16 functions the generic layer (sslgen.c)
  2638. uses (all these new function defines use the prefix "curlssl_"). This
  2639. greatly simplified the generic layer in readability by involving much less
  2640. #ifdefs and other preprocessor stuff and should make it easier for people to
  2641. make libcurl work with new SSL libraries.
  2642. Hopefully I can later on document these 16 functions somewhat as well.
  2643. I also made most of the internal SSL-dependent functions (using Curl_ssl_
  2644. prefix) #defined to nothing when no SSL support is requested - previously
  2645. they would unnecessarily call mostly empty functions.
  2646. I've built libcurl with OpenSSL and GnuTLS and without SSL to test this and
  2647. I've also tried building with NSS but the NSS support is a mystery to me and
  2648. I failed to build libcurl with the NSS libraries I have installed. We really
  2649. should A) improve our configure script to detect unsuitable NSS versions
  2650. already at configure time and B) document our requirements better for the
  2651. SSL libraries.
  2652. Daniel Stenberg (10 Jun 2008)
  2653. - I made the OpenSSL code build again with OpenSSL 0.9.6. The CRLFILE
  2654. functionality killed it due to its unconditional use of
  2655. X509_STORE_set_flags...
  2656. Daniel Stenberg (8 Jun 2008)
  2657. - Due to the three new libcurl changes and the massive command line option
  2658. change I decided we'll mark it by bumping the next release number to 7.19.0!
  2659. - curl the tool now deals with its command line options somewhat differently!
  2660. All boolean options (such as -O, -I, -v etc), both short and long versions,
  2661. now always switch on/enable the option named. Using the same option multiple
  2662. times thus make no difference. To switch off one of those options, you need
  2663. to use the long version of the option and type --no-OPTION. Like to disable
  2664. verbose mode you use --no-verbose!
  2665. - Added --remote-name-all to curl, which if used changes the default for all
  2666. given URLs to be dealt with as if -O is used. So if you want to disable that
  2667. for a specific URL after --remote-name-all has been used, you muse use -o -
  2668. or --no-remote-name.
  2669. Daniel Stenberg (6 Jun 2008)
  2670. - Axel Tillequin and Arnaud Ebalard added support for CURLOPT_ISSUERCERT, for
  2671. OpenSSL, NSS and GnuTLS-built libcurls.
  2672. - Axel Tillequin and Arnaud Ebalard added support for CURLOPT_CRLFILE, for
  2673. OpenSSL, NSS and GnuTLS-built libcurls.
  2674. - Added CURLINFO_PRIMARY_IP as a new information retrievable with
  2675. curl_easy_getinfo. It returns a pointer to a string with the most recently
  2676. used IP address. Modified test case 500 to also verify this feature. The
  2677. implementing of this feature was sponsored by Lenny Rachitsky at NeuStar.
  2678. Version 7.18.2 (4 June 2008)
  2679. Daniel Fandrich (3 Jun 2008)
  2680. - Fixed a problem where telnet data would be lost if an EWOULDBLOCK
  2681. condition were encountered.
  2682. Marty Kuhrt (1 Jun 2008)
  2683. - Updated main.c to return CURLE_OK if PARAM_HELP_REQUESTED was returned
  2684. from getparameter instead of CURLE_FAILED_INIT. No point in returning
  2685. an error if --help or --version were requested.
  2686. Daniel Stenberg (28 May 2008)
  2687. - Emil Romanus found a problem and helped me repeat it. It occured when using
  2688. the curl_multi_socket() API with HTTP pipelining enabled and could lead to
  2689. the pipeline basically stalling for a very long period of time until it took
  2690. off again.
  2691. - Jeff Weber reported memory leaks with aborted SCP and SFTP transfers and
  2692. provided excellent repeat recipes. I fixed the cases I managed to reproduce
  2693. but Jeff still got some (SCP) problems even after these fixes:
  2694. http://curl.haxx.se/mail/lib-2008-05/0342.html
  2695. Daniel Stenberg (26 May 2008)
  2696. - Bug report #1973352 (http://curl.haxx.se/bug/view.cgi?id=1973352) identified
  2697. how the HTTP redirect following code didn't properly follow to a new URL if
  2698. the new url was but a query string such as "Location: ?moo=foo". Test case
  2699. 1031 was added to verify this fix.
  2700. - Andreas Faerber and Scott McCreary made (lib)curl build for the Haiku OS.
  2701. Yang Tse (26 May 2008)
  2702. - David Rosenstrauch reported that header files spnegohelp.h and
  2703. openssl/objects.h were needed to compile SPNEGO support.
  2704. Daniel Fandrich (22 May 2008)
  2705. - Made sure to pass longs in to curl_easy_setopt where necessary in the
  2706. example programs and libtest code.
  2707. Daniel Stenberg (19 May 2008)
  2708. - When trying to repeat a multi interface problem I fell over a few multi
  2709. interface problems:
  2710. o with pipelining disabled, the state should never be set to WAITDO but
  2711. rather go straight to DO
  2712. o we had multiple states for which the internal function returned no socket
  2713. at all to wait for, with the effect that libcurl calls the socket callback
  2714. (when curl_multi_socket() is used) with REMOVE prematurely (as it would be
  2715. added again within very shortly)
  2716. o when in DO and DOING states, the HTTP and HTTPS protocol handler functions
  2717. didn't return that the socket should be waited for writing, but instead it
  2718. was treated as if no socket was needing monitoring so again REMOVE was
  2719. called prematurely.
  2720. Daniel Stenberg (13 May 2008)
  2721. - Added test case 556 that uses curl_easy_send() and curl_easy_recv()
  2722. Daniel Stenberg (9 May 2008)
  2723. - Introducing curl_easy_send() and curl_easy_recv(). They can be used to send
  2724. and receive data over a connection previously setup with curl_easy_perform()
  2725. and its CURLOPT_CONNECT_ONLY option. The sendrecv.c example was added to
  2726. show how they can be used.
  2727. Yang Tse (9 May 2008)
  2728. - Internal time differences now use monotonic time source if available.
  2729. This also implies the removal of the winmm.lib dependency for WIN32.
  2730. Daniel Stenberg (9 May 2008)
  2731. - Stefan Krause reported a busy-looping case when using the multi interface
  2732. and doing CONNECT to a proxy. The app would then busy-loop until the proxy
  2733. completed its response.
  2734. Michal Marek (9 May 2008)
  2735. - Make Curl_write and it's callees accept a const pointer, in preparation
  2736. of tetetest's patch for curl_easy_send()
  2737. Daniel Stenberg (7 May 2008)
  2738. - Liam Healy filed the debian bug report #480044
  2739. (http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=480044) identifying a
  2740. segfault when using krb5 ftp, but the krb4 code had the same problem.
  2741. Yang Tse (7 May 2008)
  2742. - Christopher Palow provided the patch (edited by me) that introduces the
  2743. use of microsecond resolution keys for internal splay trees.
  2744. Daniel Stenberg (4 May 2008)
  2745. - Yuriy Sosov pointed out a configure fix for detecting c-ares when that is
  2746. built debug-enabled.
  2747. Daniel Stenberg (3 May 2008)
  2748. - Ben Van Hof filed bug report #1945240: "libcurl sometimes sends body twice
  2749. when using CURL_AUTH_ANY" (http://curl.haxx.se/bug/view.cgi?id=1945240).
  2750. The problem was that when libcurl rewound a stream meant for upload when it
  2751. would prepare for a second request, it could accidentally continue the
  2752. sending of the rewound data on the first request instead of on the second.
  2753. Ben also provided test case 1030 that verifies this fix.
  2754. Daniel Stenberg (3 May 2008)
  2755. - Jean-Francois Bertrand reported a libcurl crash with CURLOPT_TCP_NODELAY
  2756. since libcurl used getprotobyname() and that isn't thread-safe. We now
  2757. switched to use IPPROTO_TCP unconditionally, but perhaps the proper fix is
  2758. to detect the thread-safe version of the function and use that.
  2759. http://curl.haxx.se/mail/lib-2008-05/0011.html
  2760. Daniel Stenberg (1 May 2008)
  2761. - Bart Whiteley provided a patch that made libcurl work properly when an app
  2762. uses the CURLOPT_OPENSOCKETFUNCTION callback to create a unix domain socket
  2763. to a http server.
  2764. Daniel Stenberg (29 Apr 2008)
  2765. - To make it easier for applications that want lots of magic stuff done on
  2766. redirections and thus cannot use CURLOPT_FOLLOWLOCATION easily, we now
  2767. introduce the new CURLINFO_REDIRECT_URL option that lets applications
  2768. extract the URL libcurl would've redirected to if it had been told to. This
  2769. then enables the application to continue to that URL as it thinks is
  2770. suitable, without having to re-implement the magic of creating the new URL
  2771. from the Location: header etc. Test 1029 verifies it.
  2772. Yang Tse (29 Apr 2008)
  2773. - Improved easy interface resolving timeout handling in c-ares enabled builds
  2774. Daniel Fandrich (28 Apr 2008)
  2775. - Added test 1028 to test an HTTP redirect to a FTP URL.
  2776. Daniel Stenberg (28 Apr 2008)
  2777. - Norbert Frese filed bug report #1951588: "Problem with curlftpfs and
  2778. libcurl" (http://curl.haxx.se/bug/view.cgi?id=1951588) which seems to be an
  2779. identical report to what Denis Golovan reported in
  2780. http://curl.haxx.se/mail/lib-2008-02/0108.html The FTP code didn't reset the
  2781. user/password pointers properly even though there might've been a new
  2782. struct/cconnection getting used.
  2783. Daniel Stenberg (26 Apr 2008)
  2784. - Reverted back to use automake 1.9.6 in the next release (from automake
  2785. 1.10.1) since it *still* suffers from Solaris-related bugs. Our previous
  2786. automake 1.10 problem was reported in bug #1701360
  2787. (http://curl.haxx.se/bug/view.cgi?id=1701360) and this recent problem was
  2788. bug #1944825 (http://curl.haxx.se/bug/view.cgi?id=1944825). I have not
  2789. personally approached the automake team about either one of these but I
  2790. figure we need a Solaris 10 guy to do it!
  2791. Yang Tse (25 Apr 2008)
  2792. - Added 'timeout' and 'delay' attributes support for the test harness
  2793. <command> subsection.
  2794. Daniel Fandrich (24 Apr 2008)
  2795. - Made --stderr able to redirect all stderr messages.
  2796. Yang Tse (23 Apr 2008)
  2797. - Improve synchronization between test harness runtests.pl script
  2798. and test harness servers to minimize risk of false test failures.
  2799. Daniel Fandrich (22 Apr 2008)
  2800. - Added support for running on Symbian OS.
  2801. Daniel Fandrich (18 Apr 2008)
  2802. - Added test cases 1026 and 1027 to do some rudimentary tests on the --manual
  2803. and --help options.
  2804. Michal Marek (14 Apr 2008)
  2805. - allow disabling the typechecker by defining CURL_DISABLE_TYPECHECK, as
  2806. discussed in http://curl.haxx.se/mail/lib-2008-04/0291.html
  2807. Daniel Stenberg (14 Apr 2008)
  2808. - Stefan Krause reported a case where the OpenSSL handshake phase wasn't
  2809. properly acknowledging the timeout values, like if you pulled the network
  2810. plug in the midst of it.
  2811. - Andre Guibert de Bruet fixed a second case of not checking the malloc()
  2812. return code in the Negotiate code.
  2813. - Sandor Feldi reported bug #1942022
  2814. (http://curl.haxx.se/bug/view.cgi?id=1942022) pointing out a mistake in the
  2815. lib/Makefile.vc[68] makefiles' release-ssl-dll target.
  2816. - Brock Noland reported that curl behaved differently depending on which order
  2817. you used -i and -I.
  2818. Daniel Stenberg (12 Apr 2008)
  2819. - Andre Guibert de Bruet found and fixed a case where malloc() was called but
  2820. was not checked for a NULL return, in the Negotiate code.
  2821. Daniel Fandrich (9 Apr 2008)
  2822. - Added test cases 1024 & 1025 to test a scenario similar to the one reported
  2823. by Ben Combee where libcurl would send the wrong cookie to a redirected
  2824. server. libcurl was doing the right thing in these test cases.
  2825. Michal Marek (7 Apr 2008)
  2826. - Fix the MIT / Heimdal check for good:
  2827. Define HAVE_GSSMIT if <gssapi/{gssapi.h,gssapi_generic.h,gssapi_krb5.h}> are
  2828. available, otherwise define HAVE_GSSHEIMDAL if <gssapi.h> is available.
  2829. Only define GSS_C_NT_HOSTBASED_SERVICE to gss_nt_service_name if
  2830. GSS_C_NT_HOSTBASED_SERVICE isn't declared by the gssapi headers. This should
  2831. avoid breakage in case we wrongly recognize Heimdal as MIT again.
  2832. Daniel Stenberg (5 Apr 2008)
  2833. - Alexey Simak fixed curl_easy_reset() to reset the max redirect limit properly
  2834. - Based on the Debian bug report #474224 that complained about the FTP error
  2835. message when libcurl doesn't get a 220 back immediately on connect, I now
  2836. changed it to be more specific on what the problem is. Also worth noticing:
  2837. while the bug report contains an example where the response is:
  2838. 421 There are too many connected users, please try again later
  2839. we cannot assume that the error message will always be this readable nor
  2840. that it fits within a particular boundary etc.
  2841. Daniel Fandrich (3 Apr 2008)
  2842. - Added test627 to test SFTP with CURLOPT_NOBODY
  2843. Daniel Stenberg (3 Apr 2008)
  2844. - Setting CURLOPT_NOBODY to FALSE will now switch the HTTP request method to
  2845. GET simply because previously when you set CURLOPT_NOBODY to TRUE first and
  2846. then FALSE you'd end up in a broken state where a HTTP request would do a
  2847. HEAD by still act a lot like for a GET and hang waiting for the content etc.
  2848. - Scott Barrett added support for CURLOPT_NOBODY over SFTP
  2849. Daniel Fandrich (3 Apr 2008)
  2850. - Made sure that curl_global_init is called in all the multithreaded
  2851. example programs.
  2852. Michal Marek (31 Mar 2008)
  2853. - Removed the generated ca-bundle.h file. The verbatim value of $ca and
  2854. $capath is known to configure, so it can be defined in config.h instead.
  2855. Daniel Stenberg (31 Mar 2008)
  2856. - Added CURLFORM_STREAM as a supported option to curl_formadd() to allow an
  2857. application to provide data for a multipart with the read callback. Note
  2858. that the size needs to be provided with CURLFORM_CONTENTSLENGTH when the
  2859. stream option is used. This feature is verified by the new test case
  2860. 554. This feature was sponsored by Xponaut.
  2861. Daniel Fandrich (30 Mar 2008)
  2862. - Changed the makefile so the doc/examples/ programs are never built in a
  2863. normal build/install (only with the 'make check' target), so that a
  2864. build failure in the examples isn't fatal.
  2865. Version 7.18.1 (30 March 2008)
  2866. Daniel Stenberg (28 Mar 2008)
  2867. - Stephen Collyer pointed out that configure --with-libssh2 without a given
  2868. path didn't work properly.
  2869. Daniel Stenberg (27 Mar 2008)
  2870. - As found out and reported by Dan Petitt, libcurl didn't show progress/call
  2871. the progress callback for the first (potentially huge) piece of body data
  2872. sent together with the POST request headers in the initial send().
  2873. Daniel Stenberg (25 Mar 2008)
  2874. - Made setting the CURLOPT_SSL_CTX_FUNCTION option return a failure in case
  2875. libcurl wasn't built to use OpenSSL as that is a prerequisite for this
  2876. option to function!
  2877. Daniel Stenberg (22 Mar 2008)
  2878. - Fixed the problem with doing a zero byte SCP transfer, verified with test
  2879. case 617 (which was added by Daniel Fandrich 5 Mar 2008).
  2880. Daniel Fandrich (20 Mar 2008)
  2881. - Fixed a problem where curl-config --protocols could erroneously show LDAPS
  2882. support when curl didn't even have regular LDAP support. It looks like
  2883. this could happen when the --enable-ldaps configure switch is given but
  2884. configure couldn't find the LDAP headers or libraries.
  2885. Michal Marek (20 Mar 2008)
  2886. - Added --with-ca-path=DIRECTORY configure option to use an openSSL CApath by
  2887. default instead of a ca bundle. The configure script will also look for a
  2888. ca path if no ca bundle is found and no option given.
  2889. - Fixed detection of previously installed curl-ca-bundle.crt
  2890. Daniel Fandrich (18 Mar 2008)
  2891. - Added test 626 to reproduce an infinite loop when given an invalid
  2892. SFTP quote command reported by Vincent Le Normand, and fixed it.
  2893. Michal Marek (18 Mar 2008)
  2894. - Added curl_easy_getinfo typechecker.
  2895. - Added macros for curl_share_setopt and curl_multi_setopt to check at least
  2896. the correct number of arguments.
  2897. Daniel Fandrich (13 Mar 2008)
  2898. - Added tests 622-625 to test SFTP/SCP uploads. Test 625 was an attempt to
  2899. reproduce the --ftp-create-dirs problem reported by Brian Ulm, but that
  2900. seems to need a call curl_easy_reset() which this test case doesn't do.
  2901. Daniel Stenberg (13 Mar 2008)
  2902. - Brian Ulm figured out that if you did an SFTP upload with
  2903. CURLOPT_FTP_CREATE_MISSING_DIRS to create a directory, and then re-used the
  2904. handle and uploaded another file to another directory that needed to be
  2905. created, the second upload would fail. Another case of a state variable that
  2906. wasn't properly reset between requests.
  2907. - I rewrote the 100-continue code to use a single state variable instead of
  2908. the previous two ones. I think it made the logic somewhat clearer.
  2909. Daniel Stenberg (11 Mar 2008)
  2910. - Dmitry Popov filed bug report #1911069
  2911. (http://curl.haxx.se/bug/view.cgi?id=1911069) that identified a race
  2912. condition in the name resolver code when the DNS cache is shared between
  2913. multiple easy handles, each running in simultaneous threads that could cause
  2914. crashes.
  2915. - Added a macro for curl_easy_setopt() that accepts three arguments and simply
  2916. does nothing with them, just to make sure libcurl users always use three
  2917. arguments to this function. Due to its use of ... for the third argument, it
  2918. is otherwise hard to detect abuse.
  2919. Michal Marek (11 Mar 2008)
  2920. - Added a type checking macro for curl_easy_setopt(), needs gcc-4.3 and only
  2921. works in C mode atm (http://curl.haxx.se/mail/lib-2008-02/0267.html ,
  2922. http://curl.haxx.se/mail/lib-2008-02/0292.html )
  2923. Daniel Fandrich (10 Mar 2008)
  2924. - Added tests 618-621 to test SFTP/SCP transfers of more than one file
  2925. (test 620 tests the just-fixed problem reported by Brian Ulm).
  2926. Daniel Stenberg (9 Mar 2008)
  2927. - Brian Ulm reported a crash when doing a second SFTP transfer on a re-used
  2928. easy handle if curl_easy_reset() was used between them. I fixed it and Brian
  2929. verified that it cured his problem.
  2930. - Brian Ulm reported that if you first tried to download a non-existing SFTP
  2931. file and then fetched an existing one and re-used the handle, libcurl would
  2932. still report the second one as non-existing as well! I fixed it and Brian
  2933. verified that it cured his problem.
  2934. Michal Marek (6 Mar 2008)
  2935. - Fix the gssapi configure check to detect newer MIT Kerberos (patch by
  2936. Michael Calmer)
  2937. Yang Tse (6 Mar 2008)
  2938. - Fix regression on Curl_socket_ready() and Curl_poll() so that these will
  2939. again fail on select/poll errors different than EINTR.
  2940. Daniel Fandrich (5 Mar 2008)
  2941. - Fixed the test harness so it will write out zero-length data files.
  2942. - Added tests 616 and 617 to see how SFTP and SCP cope with zero-length
  2943. files, as questioned by Mike Protts. SFTP does for me but SCP doesn't
  2944. so test 617 is disabled for now.
  2945. Daniel S (4 Mar 2008)
  2946. - Mike Protts brought a patch that makes resumed transfers work with SFTP.
  2947. Daniel S (1 Mar 2008)
  2948. - Anatoli Tubman found and fixed a crash with Negotiate authentication used on
  2949. a re-used connection where both requests used Negotiate.
  2950. Guenter Knauf (26 Feb 2008)
  2951. - Kaspar Brand provided a patch to support server name indication (RFC 4366).
  2952. Daniel S (25 Feb 2008)
  2953. - Kaspar Brand made GnuTLS-built libcurl properly acknowledge the option that
  2954. forces it to prefer SSLv3.
  2955. Daniel S (23 Feb 2008)
  2956. - Sam Listopad provided a patch in feature-request #1900014
  2957. http://curl.haxx.se/bug/feature.cgi?id=1900014 that makes libcurl (built to
  2958. use OpenSSL) support a full chain of certificates in a given PKCS12
  2959. certificate.
  2960. Daniel S (22 Feb 2008)
  2961. - Georg Lippitsch made the src/Makefile.vc6 makefile use the same memory model
  2962. options as the lib/Makefile.vc6 already did.
  2963. Daniel S (21 Feb 2008)
  2964. - Zmey Petroff found a crash when libcurl accessed a NULL pointer, which
  2965. happened if you set the connection cache size to 1 and for example failed to
  2966. login to an FTP site. Bug report #1896698
  2967. (http://curl.haxx.se/bug/view.cgi?id=1896698)
  2968. Daniel S (20 Feb 2008)
  2969. - Fixed test case 405 to not fail when libcurl is built with GnuTLS
  2970. - Based on initial work done by Gautam Kachroo to address a bug, we now keep
  2971. better control at the exact state of the connection's SSL status so that we
  2972. know exactly when it has completed the SSL negotiation or not so that there
  2973. won't be accidental re-uses of connections that are wrongly believed to be
  2974. in SSL-completed-negotiate state.
  2975. - We no longer support setting the CURLOPT_URL option from inside a callback
  2976. such as the CURLOPT_SSL_CTX_FUNCTION one treat that as if it was a Location:
  2977. following. The patch that introduced this feature was done for 7.11.0, but
  2978. this code and functionality has been broken since about 7.15.4 (March 2006)
  2979. with the introduction of non-blocking OpenSSL "connects".
  2980. It was a hack to begin with and since it doesn't work and hasn't worked
  2981. correctly for a long time and nobody has even noticed, I consider it a very
  2982. suitable subject for plain removal. And so it was done.
  2983. Guenter Knauf (19 Feb 2008)
  2984. - We do no longer support SSLv2 by default since it has known flaws.
  2985. Kaspar Brand provided a patch for all supported SSL toolkits.
  2986. Daniel Fandrich (19 Feb 2008)
  2987. - Added test309 to test HTTP redirect to HTTPS URL
  2988. Daniel S (18 Feb 2008)
  2989. - We're no longer providing a very old ca-bundle in the curl tarball. You can
  2990. get a fresh one downloaded and created with 'make ca-bundle' or you can get
  2991. one from here => http://curl.haxx.se/docs/caextract.html if you want a fresh
  2992. new one extracted from Mozilla's recent list of ca certs.
  2993. The configure option --with-ca-bundle now lets you specify what file to use
  2994. as default ca bundle for your build. If not specified, the configure script
  2995. will check a few known standard places for a global ca cert to use.
  2996. Daniel S (17 Feb 2008)
  2997. - Jerome Muffat-Meridol helped me fix Curl_done() to close the current
  2998. connection by force when it was called before the entire request is
  2999. completed, simply because we can't know if the connection really can be
  3000. re-used safely at that point.
  3001. - Based on the same debugging logic, I've also made Curl_http_done() not
  3002. return CURLE_GOT_NOTHING if called "prematurely". This should have no real
  3003. effect to anything but the code makes more sense like this.
  3004. Daniel S (15 Feb 2008)
  3005. - Made the gnutls code path not even try to get the server cert if no peer
  3006. verification is requested. Previously it would even return failure if gnutls
  3007. failed to get the server cert even though no verification was asked for.
  3008. Public server showing the problem: https://www.net222.caisse-epargne.fr
  3009. - Fix my Curl_timeleft() leftover mistake in the gnutls code
  3010. - Pooyan McSporran found and fixed a flaw where you first would do a normal
  3011. http request and then you'd reuse the handle and replace the Accept: header,
  3012. as then libcurl would send two Accept: headers!
  3013. Daniel S (11 Feb 2008)
  3014. - Yang Tse pointed out a few remaining quirks from my timeout refactoring from
  3015. Feb 7 that didn't abort properly on timeouts. These are actually old
  3016. problems but now they should be fixed.
  3017. Yang Tse (10 Feb 2008)
  3018. - Bug report #1888932 (http://curl.haxx.se/bug/view.cgi?id=1888932) points out
  3019. and provides test program that demonstrates that libcurl might not set error
  3020. description message for error CURLE_COULDNT_RESOLVE_HOST for Windows threaded
  3021. name resolver builds. Fixed now.
  3022. Daniel Fandrich (8 Feb 2008)
  3023. - Added key words to all SSL-using tests so they can be skipped if necessary.
  3024. Removed a few unnecessary requires SSL statements.
  3025. Daniel S (8 Feb 2008)
  3026. - Mike Hommey filed and fixed bug report #1889856
  3027. (http://curl.haxx.se/bug/view.cgi?id=1889856): When using the gnutls ssl
  3028. layer, cleaning-up and reinitializing curl ends up with https requests
  3029. failing with "ASN1 parser: Element was not found" errors. Obviously a
  3030. regression added in 7.16.3.
  3031. Yang Tse (8 Feb 2008)
  3032. - Improved test harness SCP/SFTP start up server verification, doing a real
  3033. connection to the sftp server, authenticating and running a simple sftp
  3034. pwd command using the test harness generated configuration and key files.
  3035. Daniel S (8 Feb 2008)
  3036. - Günter Knauf added lib/mk-ca-bundle.pl which gets the Firefox ca bundle and
  3037. creates a suitable ca-bundle.crt file in PEM format for use with curl. The
  3038. recommended way to run it is to use 'make ca-bundle' in the build tree root.
  3039. Daniel Fandrich (7 Feb 2008)
  3040. - Added tests 1022 and 1023 to validate output of curl-config --version and
  3041. --vernum
  3042. Daniel S (7 Feb 2008)
  3043. - Refactored a lot of timeout code into a few functions in an attempt to make
  3044. them all use the same (hopefully correct) logic to make it less error-prone
  3045. and easier to introduce library-wide where it should be used.
  3046. Yang Tse (6 Feb 2008)
  3047. - Fix an issue in strdup replacement function when dealing with absolutely
  3048. huge strings. Only systems without a standard strdup would be affected.
  3049. Daniel S (3 Feb 2008)
  3050. - Dmitry Kurochkin cleaned up the pipelining code and removed the need for and
  3051. use of the "is_in_pipeline" struct field.
  3052. - I wrote up and added the threaded-ssl.c example source code that shows how
  3053. to do multi-threaded downloads of HTTPS files with a libcurl that is built
  3054. with OpenSSL. It uses pthreads for the threading.
  3055. Daniel S (31 Jan 2008)
  3056. - Niklas Angebrand made the cookie support in libcurl properly deal with the
  3057. "HttpOnly" feature introduced by Microsoft and apparently also supported by
  3058. Firefox: http://msdn2.microsoft.com/en-us/library/ms533046.aspx . HttpOnly
  3059. is now supported when received from servers in HTTP headers, when written to
  3060. cookie jars and when read from existing cookie jars.
  3061. I modified test case 31 and 46 to also do some basic HttpOnly testing.
  3062. - Dmitry Kurochkin moved several struct fields from the connectdata struct to
  3063. the SingleRequest one to make pipelining better. It is a bit tricky to keep
  3064. them in the right place, to keep things related to the actual request or to
  3065. the actual connection in the right place.
  3066. Daniel S (29 Jan 2008)
  3067. - Dmitry Kurochkin fixed Curl_done() for pipelining, as it could previously
  3068. crash!
  3069. - Michal Marek fixed minor mistake in test case 553 that prevented it from
  3070. working on other IP-addresses or port numbers.
  3071. Version 7.18.0 (28 January 2008)
  3072. Daniel S (27 Jan 2008)
  3073. - Dmitry Kurochkin: In "real world" testing I found more bugs in
  3074. pipelining. Broken connection is not restored and we get into infinite
  3075. loop. It happens because of wrong is_in_pipeline values.
  3076. Daniel S (26 Jan 2008)
  3077. - Kevin Reed filed bug report #1879375
  3078. (http://curl.haxx.se/bug/view.cgi?id=1879375) which describes how libcurl
  3079. got lost in this scenario: proxy tunnel (or HTTPS over proxy), ask to do any
  3080. proxy authentication and the proxy replies with an auth (like NTLM) and then
  3081. closes the connection after that initial informational response.
  3082. libcurl would not properly re-initialize the connection to the proxy and
  3083. continue the auth negotiation like supposed. It does now however, as it will
  3084. now detect if one or more authentication methods were available and asked
  3085. for, and will thus retry the connection and continue from there.
  3086. - I made the progress callback get called properly during proxy CONNECT.
  3087. Daniel S (23 Jan 2008)
  3088. - Igor Franchuk pointed out that CURLOPT_COOKIELIST set to "ALL" leaked
  3089. memory, and so did "SESS". Fixed now.
  3090. Yang Tse (22 Jan 2008)
  3091. - Check poll.h at configuration time, and use it when sys/poll.h unavailable
  3092. Daniel S (22 Jan 2008)
  3093. - Dmitry Kurochkin removed the cancelled state for pipelining, as we agreed
  3094. that it is bad anyway. Starting now, removing a handle that is in used in a
  3095. pipeline will break the pipeline - it'll be set back up again but still...
  3096. Yang Tse (21 Jan 2008)
  3097. - Disable ldap support for cygwin builds, since it breaks whole build process.
  3098. Fixing it will affect other platforms, so it is postponed for another release.
  3099. Daniel S (18 Jan 2008)
  3100. - Lau Hang Kin found and fixed a problem with the multi interface when doing
  3101. CONNECT over a proxy. curl_multi_fdset() didn't report back the socket
  3102. properly during that state, due to a missing case in the switch in the
  3103. multi_getsock() function.
  3104. Yang Tse (17 Jan 2008)
  3105. - Don't abort tests 518 and 537 when unable to raise the open-file soft limit.
  3106. Daniel S (16 Jan 2008)
  3107. - Nathan Coulter's patch that makes runtests.pl respect the PATH when figuring
  3108. out what valgrind to run.
  3109. Yang Tse (16 Jan 2008)
  3110. - Improved handling of out of memory in the command line tool that afected
  3111. data url encoded HTTP POSTs when reading it from a file.
  3112. Daniel S (16 Jan 2008)
  3113. - Dmitry Kurochkin worked a lot on improving the HTTP Pipelining support that
  3114. previously had a number of flaws, perhaps most notably when an application
  3115. fired up N transfers at once as then they wouldn't pipeline at all that
  3116. nicely as anyone would think... Test case 530 was also updated to take the
  3117. improved functionality into account.
  3118. - Calls to Curl_failf() are not supposed to provide a trailing newline as the
  3119. function itself adds that. Fixed on 50 or something strings!
  3120. Daniel S (15 Jan 2008)
  3121. - I made the torture test on test 530 go through. This was actually due to
  3122. silly code left from when we switched to let the multi handle "hold" the dns
  3123. cache when using the multi interface... Of course this only triggered when a
  3124. certain function call returned error at the correct moment.
  3125. Daniel S (14 Jan 2008)
  3126. - Joe Malicki filed bug report #1871269
  3127. (http://curl.haxx.se/bug/view.cgi?id=1871269) and we could fix his hang-
  3128. problem that occurred when doing a large HTTP POST request with the
  3129. response-body read from a callback.
  3130. Daniel S (12 Jan 2008)
  3131. - I re-arranged the curl --help output. All the options are now sorted on
  3132. their long option names and all descriptions are one-liners.
  3133. - Eric Landes provided the patch (edited by me) that introduces the
  3134. --keepalive-time to curl to set the keepalive probe interval. I also took
  3135. the opportunity to rename the recently added no-keep-alive option to
  3136. no-keepalive to keep a consistent naming and to avoid getting two dashes in
  3137. these option names. Eric also provided an update to the man page for the new
  3138. option.
  3139. Daniel S (11 Jan 2008)
  3140. - Daniel Egger made CURLOPT_RANGE work on file:// URLs the very same way it
  3141. already worked for FTP:// URLs.
  3142. - I made the curl tool switch from using CURLOPT_IOCTLFUNCTION to now use the
  3143. spanking new CURLOPT_SEEKFUNCTION simply to take advantage of the improved
  3144. performance for the upload resume cases where you want to upload the last
  3145. few bytes of a very large file. To implement this decently, I had to switch
  3146. the client code for uploading from fopen()/fread() to plain open()/read() so
  3147. that we can use lseek() to do >32bit seeks (as fseek() doesn't allow that)
  3148. on systems that offer support for that.
  3149. Daniel S (10 Jan 2008)
  3150. - Michal Marek made curl-config --libs not include /usr/lib64 in the output
  3151. (it already before skipped /usr/lib). /usr/lib64 is the default library
  3152. directory on many 64bit systems and it's unlikely that anyone would use the
  3153. path privately on systems where it's not.
  3154. - Georg Lippitsch brought CURLOPT_SEEKFUNCTION and CURLOPT_SEEKDATA to allow
  3155. libcurl to seek in a given input stream. This is particularly important when
  3156. doing upload resumes when there's already a huge part of the file present
  3157. remotely. Before, and still if this callback isn't used, libcurl will read
  3158. and through away the entire file up to the point to where the resuming
  3159. begins (which of course can be a slow opereration depending on file size,
  3160. I/O bandwidth and more). This new function will also be preferred to get
  3161. used instead of the CURLOPT_IOCTLFUNCTION for seeking back in a stream when
  3162. doing multi-stage HTTP auth with POST/PUT.
  3163. - Nikitinskit Dmitriy filed bug report #1868255
  3164. (http://curl.haxx.se/bug/view.cgi?id=1868255) with a patch. It identifies
  3165. and fixes a problem with parsing WWW-Authenticate: headers with additional
  3166. spaces in the line that the parser wasn't written to deal with.
  3167. Daniel S (8 Jan 2008)
  3168. - Introducing curl_easy_pause() and new magic return codes for both the read
  3169. and the write callbacks that now can make a connection's reading and/or
  3170. writing get paused.
  3171. Daniel S (6 Jan 2008)
  3172. - Jeff Johnson filed bug report #1863171
  3173. (http://curl.haxx.se/bug/view.cgi?id=1863171) where he pointed out that
  3174. libcurl's date parser didn't accept a +1300 time zone which actually is used
  3175. fairly often (like New Zealand's Dailight Savings Time), so I modified the
  3176. parser to now accept up to and including -1400 to +1400.
  3177. Daniel S (5 Jan 2008)
  3178. - Based on further discussion on curl-library, I reverted yesterday's SOCKS5
  3179. code to instead introduce support for a new proxy type called
  3180. CURLPROXY_SOCKS5_HOSTNAME that is used to send the host name to the proxy
  3181. instead of IP address and there's thus no longer any need for a new
  3182. curl_easy_setopt() option.
  3183. The default SOCKS5 proxy is again back to sending the IP address to the
  3184. proxy. The new curl command line option for enabling sending host name to a
  3185. SOCKS5 proxy is now --socks5-hostname.
  3186. Daniel S (4 Jan 2008)
  3187. - Based on Maxim Perenesenko's patch, we now do SOCKS5 operations and let the
  3188. proxy do the host name resolving and only if --socks5ip (or
  3189. CURLOPT_SOCKS5_RESOLVE_LOCAL) is used we resolve the host name locally and
  3190. pass on the IP address only to the proxy.
  3191. Yang Tse (3 Jan 2008)
  3192. - Modified test harness to allow SCP, SFTP and SOCKS4 tests to run with
  3193. OpenSSH 2.9.9, SunSSH 1.0 or later versions. SOCKS5 tests need OpenSSH
  3194. 3.7, SunSSH 1.0 or later.
  3195. Daniel S (2 Jan 2008)
  3196. - I fixed two cases of missing return code checks when handling chunked
  3197. decoding where a write error (or abort return from a callback) didn't stop
  3198. libcurl's processing.
  3199. - I removed the socklen_t use from the public curl/curl.h header and instead
  3200. made it an unsigned int. The type was only used in the curl_sockaddr struct
  3201. definition (only used by the curl_opensocket_callback). On all platforms I
  3202. could find information about, socklen_t is 32 unsigned bits large so I don't
  3203. think this will break the API or ABI. The main reason for this change is of
  3204. course for all the platforms that don't have a socklen_t definition in their
  3205. headers to build fine again. Providing our own configure magic and custom
  3206. definition of socklen_t on those systems proved to work but was a lot of
  3207. cruft, code and extra magic needed - when this very small change of type
  3208. seems harmless and still solves the missing socklen_t problem.
  3209. - Richard Atterer brought a patch that added support for SOCKS4a proxies,
  3210. which is an inofficial PROXY4 variant that sends the hostname to the proxy
  3211. instead of the resolved address (which is already supported by SOCKS5).
  3212. --socks4a is the curl command line option for it and CURLOPT_PROXYTYPE can
  3213. now be set to CURLPROXY_SOCKS4A as well.
  3214. Daniel S (1 Jan 2008)
  3215. - Mohun Biswas pointed out that --libcurl generated a source code with an int
  3216. function but without a return statement. While fixing that, I also took care
  3217. about adding some better comments for the generated code.
  3218. Daniel S (27 Dec 2007)
  3219. - Dmitry Kurochkin mentioned a flaw
  3220. (http://curl.haxx.se/mail/lib-2007-12/0252.html) in detect_proxy() which
  3221. failed to set the bits.proxy variable properly when an environment variable
  3222. told libcurl to use a http proxy.
  3223. Daniel S (26 Dec 2007)
  3224. - In an attempt to repeat the problem in bug report #1850730
  3225. (http://curl.haxx.se/bug/view.cgi?id=1850730) I wrote up test case 552. The
  3226. test is doing a 70K POST with a read callback and an ioctl callback over a
  3227. proxy requiring Digest auth. The test case code is more or less identical to
  3228. the test recipe code provided by Spacen Jasset (who submitted the bug
  3229. report).
  3230. Daniel S (25 Dec 2007)
  3231. - Gary Maxwell filed bug report #1856628
  3232. (http://curl.haxx.se/bug/view.cgi?id=1856628) and provided a fix for the
  3233. (small) memory leak in the SSL session ID caching code. It happened when a
  3234. previous entry in the cache was re-used.
  3235. Daniel Fandrich (19 Dec 2007)
  3236. - Ensure that nroff doesn't put anything but ASCII characters into the
  3237. --manual text.
  3238. Yang Tse (18 Dec 2007)
  3239. - MSVC 9.0 (VS2008) does not support Windows build targets prior to WinXP,
  3240. and makes wrong asumptions of build target when it isn't specified. So,
  3241. if no build target has been defined we will target WinXP when building
  3242. curl/libcurl with MSVC 9.0 (VS2008).
  3243. - (http://curl.haxx.se/mail/archive-2007-12/0039.html) reported and fixed
  3244. a file truncation problem on Windows build targets triggered when retrying
  3245. a download with curl.
  3246. Daniel S (17 Dec 2007)
  3247. - Mateusz Loskot pointed out that MSVC 9.0 (VS2008) has the pollfd struct and
  3248. defines in winsock2.h somehow differently than previous versions and that
  3249. curl 7.17.1 would fail to compile out of the box.
  3250. Daniel S (13 Dec 2007)
  3251. - David Wright filed bug report #1849764
  3252. (http://curl.haxx.se/bug/view.cgi?id=1849764) with an included fix. He
  3253. identified a problem for re-used connections that previously had sent
  3254. Expect: 100-continue and in some situations the subsequent POST (that didn't
  3255. use Expect:) still had the internal flag set for its use. David's fix (that
  3256. makes the setting of the flag in every single request unconditionally) is
  3257. fine and is now used!
  3258. Daniel S (12 Dec 2007)
  3259. - Gilles Blanc made the curl tool enable SO_KEEPALIVE for the connections and
  3260. added the --no-keep-alive option that can disable that on demand.
  3261. Daniel S (9 Dec 2007)
  3262. - Andrew Moise filed bug report #1847501
  3263. (http://curl.haxx.se/bug/view.cgi?id=1847501) and pointed out a memcpy()
  3264. that should be memmove() in the convert_lineends() function.
  3265. Daniel S (8 Dec 2007)
  3266. - Renamed all internal static functions that had Curl_ prefixes to no longer
  3267. have them. The Curl_ prefix is exclusively used for library internal global
  3268. symbols. Static functions can be named anything, except for using Curl_ or
  3269. curl_ prefixes. This is for consistency and for easier maintainance and
  3270. overview.
  3271. - Cleaned up and reformatted the TODO document to look like the FAQ and
  3272. CONTRIBUTE, which makes nicer web pages
  3273. - Added test cases 549 and 550 that test CURLOPT_PROXY_TRANSFER_MODE.
  3274. - Added keywords on a bunch of test cases
  3275. - Fixed an OOM problem in the curl code that would lead to fclose on a bad
  3276. handle and crash
  3277. Daniel S (5 Dec 2007)
  3278. - Spacen Jasset reported a problem with doing POST (with data read with a
  3279. callback) over a proxy when NTLM is used as auth with the proxy. The bug
  3280. also concerned Digest and was limited to using callback only. Spacen worked
  3281. with us to provide a useful patch. I added the test case 547 and 548 to
  3282. verify two variations of POST over proxy with NTLM.
  3283. Daniel S (3 Dec 2007)
  3284. - Ray Pekowski filed bug report #1842029
  3285. (http://curl.haxx.se/bug/view.cgi?id=1842029) in which he identified a
  3286. problem with SSL session caching that prevent it from working, and provided
  3287. the associated fix!
  3288. - Now libcurl (built with OpenSSL) doesn't return error anymore if the remote
  3289. SSL-based server doesn't present a certificate when the request is told to
  3290. ignore certificate verification anyway.
  3291. - Michal Marek introduced CURLOPT_PROXY_TRANSFER_MODE which is used to control
  3292. the appending of the "type=" thing on FTP URLs when they are passed to a
  3293. HTTP proxy. Some proxies just don't like that appending (which is done
  3294. unconditionally in 7.17.1), and some proxies treat binary/ascii transfers
  3295. better with the appending done!
  3296. Daniel S (29 Nov 2007)
  3297. - A bug report on the curl-library list showed a HTTP Digest session going on
  3298. with a 700+ letter nonce. Previously libcurl only support 127 letter ones
  3299. and now I bumped it to 1023.
  3300. - Fixed the resumed FTP upload loop to not require that the read callback
  3301. returns a full buffer on each invoke.
  3302. Daniel S (25 Nov 2007)
  3303. - Added test case 1015 that tests --data-urlencode in multiple ways
  3304. - Fixed --data-urlencode for when no @ or = are used
  3305. - Extended the user-agent buffer curl uses, since we can hit the 128 byte
  3306. border with plenty development libraries used. Like my current set: "curl
  3307. 7.17.2-CVS (i686-pc-linux-gnu) libcurl/7.17.2-CVS OpenSSL/0.9.8g
  3308. zlib/1.2.3.3 c-ares/1.5.2-CVS libidn/1.1 libssh2/0.19.0-CVS"
  3309. Daniel S (24 Nov 2007)
  3310. - Internal rearrangements, so that the previous struct HandleData is no more.
  3311. It is now known as SingleRequest and the Curl_transfer_keeper struct within
  3312. that was remove entirely. This has the upside that there are less duplicate
  3313. struct members that made it hard to see and remember what struct that was
  3314. used to store what data. The transfer_keeper thing was once stored on a
  3315. per-connection basis and then it made sense to have the duplicate info but
  3316. since it was moved to the SessionHandle (in 7.16.0) it just added weirdness.
  3317. The SingleRequest struct is used by data that only is valid for this single
  3318. request.
  3319. Yang Tse (22 Nov 2007)
  3320. - Provide a socklen_t definition in curl.h for Win32 API build targets
  3321. which don't have one.
  3322. Daniel S (22 Nov 2007)
  3323. - Alessandro Vesely helped me improve the --data-urlencode's syntax, parser
  3324. and documentation.
  3325. Daniel S (21 Nov 2007)
  3326. - While inspecting the Negotiate code, I noticed how the proxy auth was using
  3327. the same state struct as the host auth, so both could never be used at the
  3328. same time! I fixed it (without being able to check) to use two separate
  3329. structs to allow authentication using Negotiate on host and proxy
  3330. simultaneously.
  3331. Daniel S (20 Nov 2007)
  3332. - Emil Romanus pointed out a bug that made an easy handle get the cookie
  3333. engine activated when set to use a share (even if the share doesn't share
  3334. cookies). I fixed it.
  3335. - Fixed a very long-lasting mprintf() bug that occurred when we did "%.*s%s",
  3336. since the second %s would then wrongly used the numerical precision argument
  3337. instead and crash.
  3338. - Introduced --data-urlencode to the curl tool for easier url encoding of the
  3339. data sent in a post.
  3340. Daniel S (18 Nov 2007)
  3341. - Rob Crittenden fixed SSL connections with NSS done with the multi-interface
  3342. Daniel S (17 Nov 2007)
  3343. - Michal Marek made the test suite remember what test servers that fail to
  3344. start so that subsequent tries are simply skipped.
  3345. - Andres Garcia made the examples build fine on Windows (mingw + msys) when
  3346. the lib was built staticly.
  3347. Daniel S (16 Nov 2007)
  3348. - Ates Goral identified a problem in http.c:add_buffer_send() when a debug
  3349. callback was used, as it could wrongly pass on a bad size for the outgoing
  3350. HTTP header. The bad size would be a very large value as it was a wrapped
  3351. size_t content. This happened when the whole HTTP request failed to get sent
  3352. in one single send. http://curl.haxx.se/mail/lib-2007-11/0165.html
  3353. Daniel S (15 Nov 2007)
  3354. - Fixed yet another remaining problem with doing SFTP directory listings on a
  3355. re-used persistent connection. Mentioned by Immanuel Gregoire on the mailing
  3356. list.
  3357. - Michal Marek fixed the test suite to better deal with the case when the HTTP
  3358. ipv6 server can't run.
  3359. Yang Tse (14 Nov 2007)
  3360. - Fix a variable potential wrapping in add_buffer() when using absolutely
  3361. huge send buffer sizes.
  3362. Daniel S (13 Nov 2007)
  3363. - Fixed a remaining problem with doing SFTP directory listings on a re-used
  3364. persistent connection. Mentioned by Immanuel Gregoire on the mailing list.
  3365. Daniel S (12 Nov 2007)
  3366. - Bug report #1830637 (http://curl.haxx.se/bug/view.cgi?id=1830637), which was
  3367. forwarded from the Gentoo bug tracker by Daniel Black and was originally
  3368. submitted by Robin Johnson, pointed out that libcurl would do bad memory
  3369. references when it failed and bailed out before the handler thing was
  3370. setup. My fix is not done like the provided patch does it, but instead I
  3371. make sure that there's never any chance for a NULL pointer in that struct
  3372. member.
  3373. Yang Tse (10 Nov 2007)
  3374. - Vikram Saxena (http://curl.haxx.se/mail/lib-2007-11/0096.html) pointed out
  3375. that the pollfd struct was being multi defined when using VS2008. This is
  3376. now fixed in /curl/lib/select.h
  3377. Daniel S (8 Nov 2007)
  3378. - Bug report #1823487 (http://curl.haxx.se/bug/view.cgi?id=1823487) pointed
  3379. out that SFTP requests didn't use persistent connections. Neither did SCP
  3380. ones. I gave the SSH code a good beating and now both SCP and SFTP should
  3381. use persistent connections fine. I also did a bunch of indent changes as
  3382. well as a bug fix for the "keyboard interactive" auth.
  3383. Dan F (6 Nov 2007)
  3384. - Improved telnet support by drastically reducing the number of write
  3385. callbacks needed to pass a buffer to the user. Instead one per byte it
  3386. is now as little as one per segment.
  3387. Yang Tse (6 Nov 2007)
  3388. - Bug report #1824894 (http://curl.haxx.se/bug/view.cgi?id=1824894) pointed
  3389. out a problem in curl.h when building C++ apps with MSVC. To fix it, the
  3390. inclusion of header files in curl.h is moved outside of the C++ extern "C"
  3391. linkage block.
  3392. Daniel S (1 Nov 2007)
  3393. - Toby Peterson patched a memory problem in the command line tool that
  3394. happened when a user had a home dir as an empty string. curl would then do
  3395. free() on a wrong area.
  3396. Dan F (1 Nov 2007)
  3397. - Fixed curl-config --features to not display libz when it wasn't used
  3398. due to a missing header file.
  3399. Dan F (31 October 2007)
  3400. - Fixed the output of curl-config --protocols which showed SCP and SFTP
  3401. always, except when --without-libssh2 was given
  3402. - Added test cases 1013 and 1014 to check that curl-config --protocols and
  3403. curl-config --features matches the output of curl --version
  3404. Dan F (30 October 2007)
  3405. - Fixed an OOM problem with file: URLs
  3406. - Moved Curl_file_connect into the protocol handler struct
  3407. Dan F (29 October 2007)
  3408. - Added test case 546 to check that subsequent FTP transfers work after a
  3409. failed one using the multi interface
  3410. Daniel S (29 October 2007)
  3411. - Based on one of those bug reports that are intercepted by a distro's bug
  3412. tracker (https://bugzilla.redhat.com/show_bug.cgi?id=316191), I now made
  3413. curl-config --features and --protocols show the correct output when built
  3414. with NSS.
  3415. Version 7.17.1 (29 October 2007)
  3416. Dan F (25 October 2007)
  3417. - Added the --static-libs option to curl-config
  3418. Daniel S (25 October 2007)
  3419. - Made libcurl built with NSS possible to ignore the peer verification.
  3420. Previously it would fail if the ca bundle wasn't present, even if the code
  3421. ignored the verification results.
  3422. Patrick M (25 October 2007)
  3423. - Fixed test server to allow null bytes in binary posts.
  3424. _ Added tests 35, 544 & 545 to check binary data posts, both static (in place)
  3425. and dynamic (copied).
  3426. Daniel S (25 October 2007)
  3427. - Michal Marek fixed the test script to be able to use valgrind even when the
  3428. lib is built shared with libtool.
  3429. - Fixed a few memory leaks when the same easy handle is re-used to request
  3430. URLs with different protocols. FTP and TFTP related leaks. Caught thanks to
  3431. Dan F's new test cases.
  3432. Dan F (24 October 2007)
  3433. - Fixed the test FTP and TFTP servers to support the >10000 test number
  3434. notation
  3435. - Added test cases 2000 through 2003 which test multiple protocols using the
  3436. same easy handle
  3437. - Fixed the filecheck: make target to work outside the source tree
  3438. Daniel S (24 October 2007)
  3439. - Vladimir Lazarenko pointed out that we should do some 'mt' magic when
  3440. building with VC8 to get the "manifest" embedded to make fine stand-alone
  3441. binaries. The maketgz and the src/Makefile.vc6 files were adjusted
  3442. accordingly.
  3443. Daniel S (23 October 2007)
  3444. - Bug report #1812190 (http://curl.haxx.se/bug/view.cgi?id=1812190) points out
  3445. that libcurl tried to re-use connections a bit too much when using non-SSL
  3446. protocols tunneled over a HTTP proxy.
  3447. Daniel S (22 October 2007)
  3448. - Michal Marek forwarded the bug report
  3449. https://bugzilla.novell.com/show_bug.cgi?id=332917 about a HTTP redirect to
  3450. FTP that caused memory havoc. His work together with my efforts created two
  3451. fixes:
  3452. #1 - FTP::file was moved to struct ftp_conn, because is has to be dealt with
  3453. at connection cleanup, at which time the struct HandleData could be
  3454. used by another connection.
  3455. Also, the unused char *urlpath member is removed from struct FTP.
  3456. #2 - provide a Curl_reset_reqproto() function that frees
  3457. data->reqdata.proto.* on connection setup if needed (that is if the
  3458. SessionHandle was used by a different connection).
  3459. A long-term goal is of course to somehow get rid of how the reqdata struct
  3460. is used, as it is too error-prone.
  3461. - Bug report #1815530 (http://curl.haxx.se/bug/view.cgi?id=1815530) points out
  3462. that specifying a proxy with a trailing slash didn't work (unless it also
  3463. contained a port number).
  3464. Patrick M (15 October 2007)
  3465. - Fixed the dynamic CURLOPT_POSTFIELDS problem: this option is now static again
  3466. and option CURLOPT_COPYPOSTFIELDS has been added to support dynamic mode.
  3467. Patrick M (12 October 2007)
  3468. - Added per-protocol callback static tables, replacing callback ptr storage
  3469. in the connectdata structure by a single handler table ptr.
  3470. Dan F (11 October 2007)
  3471. - Fixed the -l option of runtests.pl
  3472. - Added support for skipping tests based on key words.
  3473. Daniel S (9 October 2007)
  3474. - Michal Marek removed the no longer existing return codes from the curl.1
  3475. man page.
  3476. Daniel S (7 October 2007)
  3477. - Known bug #47, which confused libcurl if doing NTLM auth over a proxy with
  3478. a response that was larger than 16KB is now improved slightly so that now
  3479. the restriction at 16KB is for the headers only and it should be a rare
  3480. situation where the response-headers exceed 16KB. Thus, I consider #47 fixed
  3481. and the header limitation is now known as known bug #48.
  3482. Daniel S (5 October 2007)
  3483. - Michael Wallner made the CULROPT_COOKIELIST option support a new magic
  3484. string: "FLUSH". Using that will cause libcurl to flush its cookies to the
  3485. CURLOPT_COOKIEJAR file.
  3486. - The new file docs/libcurl/ABI describes how we view ABI breakages, soname
  3487. bumps and what the version number's significance to all that is.
  3488. Daniel S (4 October 2007)
  3489. - I enabled test 1009 and made the --local-port use a wide range to reduce the
  3490. risk of failures.
  3491. - Kim Rinnewitz reported that --local-port didn't work with TFTP transfers.
  3492. This happened because the tftp code always uncondionally did a bind()
  3493. without caring if one already had been done and then it failed. I wrote a
  3494. test case (1009) to verify this, but it is a bit error-prone since it will
  3495. have to pick a fixed local port number and since the tests are run on so
  3496. many different hosts in different situations I'll add it in disabled state.
  3497. Yang Tse (3 October 2007)
  3498. - Fixed issue related with the use of ares_timeout() result.
  3499. Daniel S (3 October 2007)
  3500. - Alexey Pesternikov introduced CURLOPT_OPENSOCKETFUNCTION and
  3501. CURLOPT_OPENSOCKETDATA to set a callback that allows an application to
  3502. replace the socket() call used by libcurl. It basically allows the app to
  3503. change address, protocol or whatever of the socket.
  3504. - I renamed the CURLE_SSL_PEER_CERTIFICATE error code to
  3505. CURLE_PEER_FAILED_VERIFICATION (standard CURL_NO_OLDIES style), and made
  3506. this return code get used by the previous SSH MD5 fingerprint check in case
  3507. it fails.
  3508. - Based on a patch brought by Johnny Luong, libcurl now offers
  3509. CURLOPT_SSH_HOST_PUBLIC_KEY_MD5 and the curl tool --hostpubmd5. They both
  3510. make the SCP or SFTP connection verify the remote host's md5 checksum of the
  3511. public key before doing a connect, to reduce the risk of a man-in-the-middle
  3512. attack.
  3513. Daniel S (2 October 2007)
  3514. - libcurl now handles chunked-encoded CONNECT responses
  3515. Daniel S (1 October 2007)
  3516. - Alex Fishman reported a curl_easy_escape() problem that was made the
  3517. function do wrong on all input bytes that are >= 0x80 (decimal 128) due to a
  3518. signed / unsigned mistake in the code. I fixed it and added test case 543 to
  3519. verify.
  3520. Daniel S (29 September 2007)
  3521. - Immanuel Gregoire fixed a problem with persistent transfers over SFTP.
  3522. Daniel S (28 September 2007)
  3523. - Adapted the c-ares code to the API change c-ares 1.5.0 brings in the
  3524. notifier callback(s).
  3525. Dan F (26 September 2007)
  3526. - Enabled a few more gcc warnings with --enable-debug. Renamed a few
  3527. variables to avoid shadowing global declarations.
  3528. Daniel S (26 September 2007)
  3529. - Philip Langdale provided the new CURLOPT_POST301 option for
  3530. curl_easy_setopt() that alters how libcurl functions when following
  3531. redirects. It makes libcurl obey the RFC2616 when a 301 response is received
  3532. after a non-GET request is made. Default libcurl behaviour is to change
  3533. method to GET in the subsequent request (like it does for response code 302
  3534. - because that's what many/most browsers do), but with this CURLOPT_POST301
  3535. option enabled it will do what the spec says and do the next request using
  3536. the same method again. I.e keep POST after 301.
  3537. The curl tool got this option as --post301
  3538. Test case 1011 and 1012 were added to verify.
  3539. - Max Katsev reported that when doing a libcurl FTP request with
  3540. CURLOPT_NOBODY enabled but not CURLOPT_HEADER, libcurl wouldn't do TYPE
  3541. before it does SIZE which makes it less useful. I walked over the code and
  3542. made it do this properly, and added test case 542 to verify it.
  3543. Daniel S (24 September 2007)
  3544. - Immanuel Gregoire fixed KNOWN_BUGS #44: --ftp-method nocwd did not handle
  3545. URLs ending with a slash properly (it should list the contents of that
  3546. directory). Test case 351 brought back and also test 1010 was added.
  3547. Daniel S (21 September 2007)
  3548. - Mark Davies fixed Negotiate authentication over proxy, and also introduced
  3549. the --proxy-negotiate command line option to allow a user to explicitly
  3550. select it.
  3551. Daniel S (19 September 2007)
  3552. - Rob Crittenden provided an NSS update with the following highlights:
  3553. o It looks for the NSS database first in the environment variable SSL_DIR,
  3554. then in /etc/pki/nssdb, then it initializes with no database if neither of
  3555. those exist.
  3556. o If the NSS PKCS#11 libnspsem.so driver is available then PEM files may be
  3557. loaded, including the ca-bundle. If it is not available then only
  3558. certificates already in the NSS database are used.
  3559. o Tries to detect whether a file or nickname is being passed in so the right
  3560. thing is done
  3561. o Added a bit of code to make the output more like the OpenSSL module,
  3562. including displaying the certificate information when connecting in
  3563. verbose mode
  3564. o Improved handling of certificate errors (expired, untrusted, etc)
  3565. The libnsspem.so PKCS#11 module is currently only available in Fedora
  3566. 8/rawhide. Work will be done soon to upstream it. The NSS module will work
  3567. with or without it, all that changes is the source of the certificates and
  3568. keys.
  3569. Daniel S (18 September 2007)
  3570. - Immanuel Gregoire pointed out that public key SSH auth failed if no
  3571. public/private key was specified and there was no HOME environment variable,
  3572. and then it didn't continue to try the other auth methods. Now it will
  3573. instead try to get the files id_dsa.pub and id_dsa from the current
  3574. directory if none of the two conditions were met.
  3575. Dan F (17 September 2007)
  3576. - Added hooks to the test suite to make it possible to test a curl running
  3577. on a remote host.
  3578. - Changed some FTP tests to validate the format of the PORT and EPRT commands
  3579. sent by curl, if not the addresses themselves.
  3580. Daniel S (15 September 2007)
  3581. - Michal Marek made libcurl automatically append ";type=<a|i>" when using HTTP
  3582. proxies for FTP urls.
  3583. - Günter Knauf fixed LDAP builds in the Windows makefiles and fixed LDAPv3
  3584. support on Windows.
  3585. Dan F (13 September 2007)
  3586. - Added LDAPS, SCP and SFTP to curl-config --protocols. Removed and
  3587. fixed some AC_SUBST configure entries.
  3588. Version 7.17.0 (13 September 2007)
  3589. Daniel S (12 September 2007)
  3590. - Bug report #1792649 (http://curl.haxx.se/bug/view.cgi?id=1792649) pointed
  3591. out a problem with doing an empty upload over FTP on a re-used connection.
  3592. I added test case 541 to reproduce it and to verify the fix.
  3593. - I noticed while writing test 541 that the FTP code wrongly did a CWD on the
  3594. second transfer as it didn't store and remember the "" path from the
  3595. previous transfer so it would instead CWD to the entry path as stored. This
  3596. worked, but did a superfluous command. Thus, test case 541 now also verifies
  3597. this fix.
  3598. Dan F (5 September 2007)
  3599. - Added test case 1007 to test permission problem when uploading with TFTP
  3600. (to validate bug #1790403).
  3601. - TFTP now reports the "not defined" TFTP error code 0 as an error,
  3602. not success.
  3603. Daniel S (5 September 2007)
  3604. - Continued the work on a fix for #1779054
  3605. (http://curl.haxx.se/bug/view.cgi?id=1779054). My previous fix from August
  3606. 24 was not complete (either) but could accidentally "forget" parts of a
  3607. server response which led to faulty server response time-out errors.
  3608. Dan F (5 September 2007)
  3609. - Minix doesn't support getsockopt on UDP sockets or send/recv on TCP
  3610. sockets.
  3611. Dan F (31 August 2007)
  3612. - Made some of the error strings returned by the *strerror functions more
  3613. generic, and more consistent with each other.
  3614. - Renamed the curl_ftpssl enum to curl_usessl and its enumerated constants,
  3615. creating macros for backward compatibility:
  3616. CURLFTPSSL_NONE => CURLUSESSL_NONE
  3617. CURLFTPSSL_TRY => CURLUSESSL_TRY
  3618. CURLFTPSSL_CONTROL => CURLUSESSL_CONTROL
  3619. CURLFTPSSL_ALL => CURLUSESSL_ALL
  3620. CURLFTPSSL_LAST => CURLUSESSL_LAST
  3621. Dan F (30 August 2007)
  3622. - Renamed several libcurl error codes and options to make them more general
  3623. and allow reuse by multiple protocols. Several unused error codes were
  3624. removed. In all cases, macros were added to preserve source (and binary)
  3625. compatibility with the old names. These macros are subject to removal at
  3626. a future date, but probably not before 2009. An application can be
  3627. tested to see if it is using any obsolete code by compiling it with the
  3628. CURL_NO_OLDIES macro defined.
  3629. The following unused error codes were removed:
  3630. CURLE_BAD_CALLING_ORDER
  3631. CURLE_BAD_PASSWORD_ENTERED
  3632. CURLE_FTP_CANT_RECONNECT
  3633. CURLE_FTP_COULDNT_GET_SIZE
  3634. CURLE_FTP_COULDNT_SET_ASCII
  3635. CURLE_FTP_USER_PASSWORD_INCORRECT
  3636. CURLE_FTP_WEIRD_USER_REPLY
  3637. CURLE_FTP_WRITE_ERROR
  3638. CURLE_LIBRARY_NOT_FOUND
  3639. CURLE_MALFORMAT_USER
  3640. CURLE_OBSOLETE
  3641. CURLE_SHARE_IN_USE
  3642. CURLE_URL_MALFORMAT_USER
  3643. The following error codes were renamed:
  3644. CURLE_FTP_ACCESS_DENIED => CURLE_REMOTE_ACCESS_DENIED
  3645. CURLE_FTP_COULDNT_SET_BINARY => CURLE_FTP_COULDNT_SET_TYPE
  3646. CURLE_FTP_SSL_FAILED => CURLE_USE_SSL_FAILED
  3647. CURLE_FTP_QUOTE_ERROR => CURLE_QUOTE_ERROR
  3648. CURLE_TFTP_DISKFULL => CURLE_REMOTE_DISK_FULL
  3649. CURLE_TFTP_EXISTS => CURLE_REMOTE_FILE_EXISTS
  3650. CURLE_HTTP_RANGE_ERROR => CURLE_RANGE_ERROR
  3651. The following options were renamed:
  3652. CURLOPT_SSLKEYPASSWD => CURLOPT_KEYPASSWD
  3653. CURLOPT_FTPAPPEND => CURLOPT_APPEND
  3654. CURLOPT_FTPLISTONLY => CURLOPT_DIRLISTONLY
  3655. CURLOPT_FTP_SSL => CURLOPT_USE_SSL
  3656. A few more changes will take place with the next SONAME bump of the
  3657. library. These are documented in docs/TODO
  3658. - Documented some newer error codes in libcurl-error(3)
  3659. - Added more accurate error code returns from SFTP operations. Added test
  3660. case 615 to test an SFTP upload failure.
  3661. Dan F (28 August 2007)
  3662. - Some minor internal type and const changes based on a splint scan.
  3663. Daniel S (24 August 2007)
  3664. - Bug report #1779054 (http://curl.haxx.se/bug/view.cgi?id=1779054) pointed
  3665. out that libcurl didn't deal with large responses from server commands, when
  3666. the single response was consisting of multiple lines but of a total size of
  3667. 16KB or more. Dan Fandrich improved the ftp test script and provided test
  3668. case 1006 to repeat the problem, and I fixed the code to make sure this new
  3669. test case runs fine.
  3670. Patrick M (23 August 2007)
  3671. - OS/400 port: new files lib/config-os400.h lib/setup-os400.h packages/OS400/*.
  3672. See packages/OS400/README.OS400.
  3673. Daniel S (23 August 2007)
  3674. - Bug report #1779751 (http://curl.haxx.se/bug/view.cgi?id=1779751) pointed
  3675. out that doing first a file:// upload and then an FTP upload crashed libcurl
  3676. or at best caused furious valgrind complaints. Fixed now!
  3677. Daniel S (22 August 2007)
  3678. - Bug report #1779054 (http://curl.haxx.se/bug/view.cgi?id=1779054) pointed
  3679. out that libcurl didn't deal with very long (>16K) FTP server response lines
  3680. properly. Starting now, libcurl will chop them off (thus the client app will
  3681. not get the full line) but survive and deal with them fine otherwise. Test
  3682. case 1003 was added to verify this.
  3683. Daniel S (20 August 2007)
  3684. - Based on a patch by Christian Vogt, the FTP code now sets the upcoming
  3685. download transfer size much earlier to be possible to get read with
  3686. CURLINFO_CONTENT_LENGTH_DOWNLOAD as soon as possible. This is very much in a
  3687. similar spirit to the HTTP size change from August 11 2007.
  3688. Daniel S (18 August 2007)
  3689. - Robson Braga Araujo filed bug report #1776232
  3690. (http://curl.haxx.se/bug/view.cgi?id=1776232) about libcurl calling
  3691. Curl_client_write(), passing on a const string that the caller may not
  3692. modify and yet it does (on some platforms).
  3693. - Robson Braga Araujo filed bug report #1776235
  3694. (http://curl.haxx.se/bug/view.cgi?id=1776235) about ftp requests with NOBODY
  3695. on a directory would do a "SIZE (null)" request. This is now fixed and test
  3696. case 1000 was added to verify.
  3697. Daniel S (17 August 2007)
  3698. - Song Ma provided a patch that cures a problem libcurl has when doing resume
  3699. HTTP PUT using Digest authentication. Test case 5320 and 5322 were also
  3700. added to verify the functionality.
  3701. Daniel S (14 August 2007)
  3702. - Andrew Wansink provided an NTLM bugfix: in the case the server sets the flag
  3703. NTLMFLAG_NEGOTIATE_UNICODE, we need to filter it off because libcurl doesn't
  3704. UNICODE encode the strings it packs into the NTLM authenticate packet.
  3705. Daniel S (11 August 2007)
  3706. - Allen Pulsifer provided a patch that makes libcurl set the expected download
  3707. size earlier when doing HTTP downloads, so that applications and the
  3708. progress meter etc know get the info earlier in the flow than before.
  3709. - Patrick Monnerat modified the LDAP code and approach in curl. Starting now,
  3710. the configure script checks for openldap and friends and we link with those
  3711. libs just like we link all other third party libraries, and we no longer
  3712. dlopen() those libraries. Our private header file lib/ldap.h was renamed to
  3713. lib/curl_ldap.h due to this. I set a tag in CVS (curl-7_17_0-preldapfix)
  3714. just before this commit, just in case.
  3715. Dan F (8 August 2007)
  3716. - Song Ma noted a zlib memory leak in the illegal compressed header
  3717. countermeasures code path.
  3718. Daniel S (4 August 2007)
  3719. - Patrick Monnerat fixed curl_easy_escape() and curlx_strtoll() to work on
  3720. non-ASCII systems.
  3721. Daniel S (3 August 2007)
  3722. - I cut out support for libssh2 versions older than 0.16 to make our code a
  3723. lot simpler, and to avoid getting trouble with the LIBSSH2_APINO define
  3724. that 1) didn't work properly since it was >32 bits and 2) is removed in
  3725. libssh2 0.16...
  3726. Daniel S (2 August 2007)
  3727. - Scott Cantor filed bug report #1766320
  3728. (http://curl.haxx.se/bug/view.cgi?id=1766320) pointing out that the libcurl
  3729. code accessed two curl_easy_setopt() options (CURLOPT_DNS_CACHE_TIMEOUT and
  3730. CURLOPT_DNS_USE_GLOBAL_CACHE) as ints even though they're documented to be
  3731. passed in as longs, and that makes a difference on 64 bit architectures.
  3732. - Dmitriy Sergeyev reported a regression: resumed file:// transfers broke
  3733. after 7.16.2. This is much due to the different treatment file:// gets
  3734. internally, but now I added test 231 to make it less likely to happen again
  3735. without us noticing!
  3736. Daniel S (1 August 2007)
  3737. - Patrick Monnerat and I modified libcurl so that now it *copies* all strings
  3738. passed to it with curl_easy_setopt()! Previously it has always just refered
  3739. to the data, forcing the user to keep the data around until libcurl is done
  3740. with it. That is now history and libcurl will instead clone the given
  3741. strings and keep private copies. This is also part of Patrick Monnerat's
  3742. OS/400 port.
  3743. Due to this being a somewhat interesting change API wise, I've decided to
  3744. bump the version of the upcoming release to 7.17.0. Older applications will
  3745. of course not notice this change nor do they have to care, but new
  3746. applications can be written to take advantage of this.
  3747. - Greg Morse reported a problem with POSTing using ANYAUTH to a server
  3748. requiring NTLM, and he provided test code and a test server and we worked
  3749. out a bug fix. We failed to count sent body data at times, which then caused
  3750. internal confusions when libcurl tried to send the rest of the data in order
  3751. to maintain the same connection alive.
  3752. Daniel S (31 July 2007)
  3753. - Peter O'Gorman pointed out (and fixed) that the non-blocking check in
  3754. configure made libcurl use blocking sockets on AIX 4 and 5, while that
  3755. wasn't the intention.
  3756. Daniel S (29 July 2007)
  3757. - Jayesh A Shah filed bug report #1759542
  3758. (http://curl.haxx.se/bug/view.cgi?id=1759542) identifying a rather serious
  3759. problem with FTPS: libcurl closed the data connection socket and then later
  3760. in the flow it would call the SSL layer to do SSL shutdown which then would
  3761. use a socket that had already been closed - so if the application had opened
  3762. a new one in the mean time, libcurl could send gibberish that way! I worked
  3763. with Greg Zavertnik to properly diagnose and fix this. The fix affects code
  3764. for all SSL libraries we support, but it has only been truly verified to
  3765. work fine for the OpenSSL version. The others have only been code reviewed.
  3766. Daniel S (23 July 2007)
  3767. - Implemented the parts of Patrick Monnerat's OS/400 patch that introduces
  3768. support for the OS/400 Secure Sockets Layer library.
  3769. Dan F (23 July 2007)
  3770. - Implemented only the parts of Patrick Monnerat's OS/400 patch that renamed
  3771. some few internal identifiers to avoid conflicts, which could be useful on
  3772. other platforms.
  3773. Daniel S (22 July 2007)
  3774. - HTTP Digest bug fix by Chris Flerackers:
  3775. Scenario
  3776. - Perfoming a POST request with body
  3777. - With authentication (only Digest)
  3778. - Re-using a connection
  3779. libcurl would send a HTTP POST with an Authorization header but without
  3780. body. Our server would return 400 Bad Request in that case (because
  3781. authentication passed, but the body was empty).
  3782. Cause
  3783. 1) http_digest.c -> Curl_output_digest
  3784. - Updates allocptr.userpwd/allocptr.proxyuserpwd *only* if d->nonce is
  3785. filled in (and no errors)
  3786. - authp->done = TRUE if d->nonce is filled in
  3787. 2) http.c -> Curl_http
  3788. - *Always* uses allocptr.userpwd/allocptr.proxyuserpwd if not NULL
  3789. 3) http.c -> Curl_http, Curl_http_output_auth
  3790. So what happens is that Curl_output_digest cannot yet update the
  3791. Authorization header (allocptr.userpwd) which results in authhost->done=0 ->
  3792. authhost->multi=1 -> conn->bits.authneg = TRUE. The body is not
  3793. added. *However*, allocptr.userpwd is still used when building the request
  3794. - Added test case 354 that makes a simple FTP retrieval without password, which
  3795. verifies the bug fix in #1757328.
  3796. Daniel S (21 July 2007)
  3797. - To allow more flexibility in FTP test cases, I've removed the enforced states
  3798. from the test server code as they served no real purpose. The test server
  3799. is here to serve for the test cases, not to attempt to function as a real
  3800. server! While at it, I modified test case 141 to better test and verify
  3801. curl -I on a single FTP file.
  3802. Daniel S (20 July 2007)
  3803. - James Housley fixed the SFTP PWD command to work.
  3804. - Ralf S. Engelschall filed bug report #1757328
  3805. (http://curl.haxx.se/bug/view.cgi?id=1757328) and submitted a patch. It
  3806. turns out we broke login to FTP servers that don't require (nor understand)
  3807. PASS after the USER command. The breakage was done as part of the krb5
  3808. commit so a krb-using person needs to verify that the current version now
  3809. works or if we need to fix it (in a different way of course).
  3810. Dan F (17 July 2007)
  3811. - Fixed test cases 613 and 614 by improving the log postprocessor to handle
  3812. a new directory listing format that newer libssh2's can provide. This
  3813. is probably NOT sufficient to handle all directory listing formats that
  3814. server's can provide, and should be revisited.
  3815. Daniel S (17 July 2007)
  3816. - Daniel Johnson fixed a bug in how libssh2_session_last_error() was used, in
  3817. two places.
  3818. - Jofell Gallardo posted a libcurl log using FTP that exposed a bug which made
  3819. a control connection that was deemed "dead" to yet be re-used in a following
  3820. request.
  3821. Daniel S (13 July 2007)
  3822. - Colin Hogben filed bug report #1750274
  3823. (http://curl.haxx.se/bug/view.cgi?id=1750274) and submitted a patch for the
  3824. case where libcurl did a connect attempt to a non-listening port and didn't
  3825. provide a human readable error string back.
  3826. - Daniel Cater fixes:
  3827. 1 - made 'make vc8' work on windows.
  3828. 2 - made libcurl itself built with CURL_NO_OLDIES defined (which doesn't
  3829. define the symbols for backwards source compatibility)
  3830. 3 - updated libcurl-errors.3
  3831. 4 - added CURL_DISABLE_TFTP to docs/INSTALL
  3832. Daniel S (12 July 2007)
  3833. - Made the krb5 code build with Heimdal's GSSAPI lib.
  3834. Dan F (12 July 2007)
  3835. - Compile most of the example apps in docs/examples when doing a 'make check'.
  3836. Fixed some compile warnings and errors in those examples.
  3837. - Removed the example program ftp3rdparty.c since libcurl doesn't support
  3838. 3rd party FTP transfers any longer.
  3839. Daniel S (12 July 2007)
  3840. - Shmulik Regev found an (albeit rare) case where the proxy CONNECT operation
  3841. could in fact get stuck in an endless loop.
  3842. - Made CURLOPT_SSL_VERIFYHOST set to 1 acts as described in the documentation:
  3843. fail to connect if there is no Common Name field found in the remote cert.
  3844. We should deprecate the support for this set to 1 anyway soon, since the
  3845. feature is pointless and most likely never really used by anyone.
  3846. Daniel S (11 July 2007)
  3847. - Shmulik Regev fixed a bug with transfer-encoding skipping during the 407
  3848. error pages for proxy authentication.
  3849. - Giancarlo Formicuccia reported and fixed a problem with a closed connection
  3850. to a proxy during CONNECT auth negotiation.
  3851. Dan F (10 July 2007)
  3852. - Fixed a curl memory leak reported by Song Ma with a modified version
  3853. of the patch he suggested. Added his test case as test289 to verify.
  3854. - Force the time zone to GMT in the cookie tests in case the user is
  3855. using one of the so-called 'right' time zones that take into account
  3856. leap seconds, which causes the tests to fail (as reported by
  3857. Daniel Black in bug report #1745964).
  3858. Version 7.16.4 (10 July 2007)
  3859. Daniel S (10 July 2007)
  3860. - Kees Cook notified us about a security flaw
  3861. (http://curl.haxx.se/docs/adv_20070710.html) in which libcurl failed to
  3862. properly reject some outdated or not yet valid server certificates when
  3863. built with GnuTLS. Kees also provided the patch.
  3864. James H (5 July 2007)
  3865. - Gavrie Philipson provided a patch that will use a more specific error
  3866. message for an scp:// upload failure. If libssh2 has his matching
  3867. patch, then the error message return by the server will be used instead
  3868. of a more generic error.
  3869. Daniel S (1 July 2007)
  3870. - Thomas J. Moore provided a patch that introduces Kerberos5 support in
  3871. libcurl. This also makes the options change name to --krb (from --krb4) and
  3872. CURLOPT_KRBLEVEL (from CURLOPT_KRB4LEVEL) but the old names are still
  3873. - Song Ma helped me verify and extend a fix for doing FTP over a SOCKS4/5
  3874. proxy.
  3875. Daniel S (27 June 2007)
  3876. - James Housley: Add two new options for the SFTP/SCP/FILE protocols:
  3877. CURLOPT_NEW_FILE_PERMS and CURLOPT_NEW_DIRECTORY_PERMS. These control the
  3878. premissions for files and directories created on the remote
  3879. server. CURLOPT_NEW_FILE_PERMS defaults to 0644 and
  3880. CURLOPT_NEW_DIRECTORY_PERMS defaults to 0755
  3881. - I corrected the 10-at-a-time.c example and applied a patch for it by James
  3882. Bursa.
  3883. Daniel S (26 June 2007)
  3884. - Robert Iakobashvili re-arranged the internal hash code to work with a custom
  3885. hash function for different hashes, and also expanded the default size for
  3886. the socket hash table used in multi handles to greatly enhance speed when
  3887. very many connections are added and the socket API is used.
  3888. - James Housley made the CURLOPT_FTPLISTONLY mode work for SFTP directory
  3889. listings as well
  3890. Daniel S (25 June 2007)
  3891. - Adjusted how libcurl treats HTTP 1.1 responses without content-lenth or
  3892. chunked encoding (that also lacks "Connection: close"). It now simply
  3893. assumes that the connection WILL be closed to signal the end, as that is how
  3894. RFC2616 section 4.4 point #5 says we should behave.
  3895. Version 7.16.3 (25 June 2007)
  3896. Daniel S (23 June 2007)
  3897. - As reported by "Tro" in http://curl.haxx.se/mail/lib-2007-06/0161.html and
  3898. http://curl.haxx.se/mail/lib-2007-06/0238.html, libcurl didn't properly do
  3899. no-body requests on FTP files on re-used connections properly, or at least
  3900. it didn't provide the info back in the header callback properly in the
  3901. subsequent requests.
  3902. Daniel S (21 June 2007)
  3903. - Gerrit Bruchhäuser pointed out a warning that the Intel(R) Thread Checker
  3904. tool reports and it was indeed a legitimate one and it is one fixed. It was
  3905. a use of a share without doing the proper locking first.
  3906. Daniel S (20 June 2007)
  3907. - Adam Piggott filed bug report #1740263
  3908. (http://curl.haxx.se/bug/view.cgi?id=1740263). Adam discovered that when
  3909. getting a large amount of URLs with curl, they were fetched slower and
  3910. slower... which turned out to be because the --libcurl data collecting which
  3911. wrongly always was enabled, but no longer is...
  3912. Daniel S (18 June 2007)
  3913. - Robson Braga Araujo filed bug report #1739100
  3914. (http://curl.haxx.se/bug/view.cgi?id=1739100) that mentioned that libcurl
  3915. could not actually list the contents of the root directory of a given FTP
  3916. server if the login directory isn't root. I fixed the problem and added
  3917. three test cases (one is disabled for now since I identified KNOWN_BUGS #44,
  3918. we cannot use --ftp-method nocwd and list ftp directories).
  3919. Daniel S (14 June 2007)
  3920. - Shmulik Regev:
  3921. I've encountered (and hopefully fixed) a problem involving proxy CONNECT
  3922. requests and easy handles state management. The problem isn't simple to
  3923. reproduce since it depends on socket state. It only manifests itself when
  3924. working with non-blocking sockets.
  3925. Here is the scenario:
  3926. 1. in multi_runsingle the easy handle is in the CURLM_STATE_WAITCONNECT and
  3927. calls Curl_protocol_connect
  3928. 2. in Curl_proxyCONNECT, line 1247, if the socket isn't ready the function
  3929. returns and conn->bits.tunnel_connecting is TRUE
  3930. 3. when the call to Curl_protocol_connect returns the protocol_connect flag
  3931. is false and the easy state is changed to CURLM_STATE_PROTOCONNECT which
  3932. isn't correct if a proxy is used. Rather CURLM_STATE_WAITPROXYCONNECT
  3933. should be used.
  3934. I discovered this while performing an HTTPS request through a proxy (squid)
  3935. on my local network. The problem caused openssl to fail as it read the proxy
  3936. response to the CONNECT call ('HTTP/1.0 Established') rather than the SSL
  3937. handshake (the exact openssl error was 'wrong ssl version' but this isn't
  3938. very important)
  3939. - Dave Vasilevsky filed bug report #1736875
  3940. (http://curl.haxx.se/bug/view.cgi?id=1736875) almost simultanouesly as Dan
  3941. Fandrich mentioned a related build problem on the libcurl mailing list:
  3942. http://curl.haxx.se/mail/lib-2007-06/0131.html. Both problems had the same
  3943. reason: the definitions of the POLL* defines and the pollfd struct in the
  3944. libcurl code was depending on HAVE_POLL instead of HAVE_SYS_POLL_H.
  3945. Daniel S (13 June 2007)
  3946. - Tom Regner provided a patch and worked together with James Housley, so now
  3947. CURLOPT_FTP_CREATE_MISSING_DIRS works for SFTP connections as well as FTP
  3948. ones.
  3949. - Rich Rauenzahn filed bug report #1733119
  3950. (http://curl.haxx.se/bug/view.cgi?id=1733119) and we collaborated on the
  3951. fix. The problem is that for 64bit HPUX builds, several socket-related
  3952. functions would still assume int (32 bit) arguments and not socklen_t (64
  3953. bit) ones.
  3954. Daniel S (12 June 2007)
  3955. - James Housley brought his revamped SSH code that is state-machine driven to
  3956. really take advantage of the now totally non-blocking libssh2 (in CVS).
  3957. Dan F (8 June 2007)
  3958. - Incorporated Daniel Black's test706 and test707 SOCKS test cases.
  3959. - Fixed a few problems when starting the SOCKS server.
  3960. - Reverted some recent changes to runtests.pl that weren't compatible with
  3961. perl 5.0.
  3962. - Fixed the test harness so that it actually kills the ssh being used as
  3963. the SOCKS server.
  3964. Daniel S (6 June 2007)
  3965. - -s/--silent can now be used to toggle off the silence again if used a second
  3966. time.
  3967. Daniel S (5 June 2007)
  3968. - Added Daniel Black's work that adds the first few SOCKS test cases. I also
  3969. fixed two minor SOCKS problems to make the test cases run fine.
  3970. Daniel S (31 May 2007)
  3971. - Feng Tu made (lib)curl support "upload" resuming work for file:// URLs.
  3972. Daniel S (30 May 2007)
  3973. - I modified the 10-at-a-time.c example to transfer 500 downloads in parallel
  3974. with a c-ares enabled build only to find that it crashed miserably, and this
  3975. was due to some select()isms left in the code. This was due to API
  3976. restrictions in c-ares 1.3.x, but with the upcoming c-ares 1.4.0 this is no
  3977. longer the case so now libcurl runs much better with c-ares and the multi
  3978. interface with > 1024 file descriptors in use.
  3979. Extra note: starting now we require c-ares 1.4.0 for asynchronous name
  3980. resolves.
  3981. - Added CURLMOPT_MAXCONNECTS which is a curl_multi_setopt() option for setting
  3982. the maximum size of the connection cache maximum size of the multi handle.
  3983. Daniel S (27 May 2007)
  3984. - When working with a problem Stefan Becker had, I found an off-by-one buffer
  3985. overwrite in Curl_select(). While fixing it, I also improved its performance
  3986. somewhat by changing calloc to malloc and breaking out of a loop earlier
  3987. (when possible).
  3988. Daniel S (25 May 2007)
  3989. - Rob Crittenden fixed bug #1705802
  3990. (http://curl.haxx.se/bug/view.cgi?id=1705802), which was filed by Daniel
  3991. Black identifying several FTP-SSL test cases fail when we build libcurl with
  3992. NSS for TLS/SSL. Listed as #42 in KNOWN_BUGS.
  3993. Daniel S (24 May 2007)
  3994. - Song Ma filed bug report #1724016
  3995. (http://curl.haxx.se/bug/view.cgi?id=1724016) noticing that downloading
  3996. glob-ranges for TFTP was broken in CVS. Fixed now.
  3997. - 'mytx' in bug report #1723194 (http://curl.haxx.se/bug/view.cgi?id=1723194)
  3998. pointed out that the warnf() function in the curl tool didn't properly deal
  3999. with the cases when excessively long words were used in the string to chop
  4000. up.
  4001. Daniel S (22 May 2007)
  4002. - Andre Guibert de Bruet fixed a memory leak in the function that verifies the
  4003. peer's name in the SSL certificate when built for OpenSSL. The leak happens
  4004. for libcurls with CURL_DOES_CONVERSIONS enabled that fail to convert the CN
  4005. name from UTF8. He also fixed a leak when PKCS #12 parsing failed.
  4006. Daniel S (18 May 2007)
  4007. - Feng Tu reported that curl -w did wrong on TFTP transfers in bug report
  4008. #1715394 (http://curl.haxx.se/bug/view.cgi?id=1715394), and the
  4009. transfer-related info "variables" were indeed overwritten with zeroes
  4010. wrongly and have now been adjusted. The upload size still isn't accurate.
  4011. Daniel S (17 May 2007)
  4012. - Feng Tu pointed out a division by zero error in the TFTP connect timeout
  4013. code for timeouts less than five seconds, and also provided a fix for it.
  4014. Bug report #1715392 (http://curl.haxx.se/bug/view.cgi?id=1715392)
  4015. Dan F (16 May 2007)
  4016. - Added support for compiling under Minix 3.1.3 using ACK.
  4017. Dan F (14 May 2007)
  4018. - Added SFTP directory listing test case 613.
  4019. - Added support for quote commands before a transfer using SFTP and test
  4020. case 614.
  4021. - Changed the post-quote commands to occur after the transferred file is
  4022. closed.
  4023. - Allow SFTP quote commands chmod, chown, chgrp to set a value of 0.
  4024. Dan F (9 May 2007)
  4025. - Kristian Gunstone fixed a problem where overwriting an uploaded file with
  4026. sftp didn't truncate it first, which would corrupt the file if the new
  4027. file was shorter than the old.
  4028. Dan F (8 May 2007)
  4029. - Added FTPS test cases 406 and 407
  4030. Daniel S (8 May 2007)
  4031. - CURLE_FTP_COULDNT_STOR_FILE is now known as CURLE_UPLOAD_FAILED. This is
  4032. because I just made SCP uploads return this value if the file size of
  4033. the upload file isn't given with CURLOPT_INFILESIZE*. Docs updated to
  4034. reflect this news, and a define for the old name was added to the public
  4035. header file.
  4036. Daniel S (7 May 2007)
  4037. - James Bursa fixed a bug in the multi handle code that made the connection
  4038. cache grow a bit too much, beyond the normal 4 * easy_handles.
  4039. Daniel S (2 May 2007)
  4040. - Anders Gustafsson remarked that requiring CURLOPT_HTTP_VERSION set to 1.0
  4041. when CURLOPT_HTTP200ALIASES is used to avoid the problem mentioned below is
  4042. not very nice if the client wants to be able to use _either_ a HTTP 1.1
  4043. server or one within the aliases list... so starting now, libcurl will
  4044. simply consider 200-alias matches the to be HTTP 1.0 compliant.
  4045. - Tobias Rundström reported a problem they experienced with xmms2 and recent
  4046. libcurls, which turned out to be the 25-nov-2006 change which treats HTTP
  4047. responses without Content-Length or chunked encoding as without bodies. We
  4048. now added the conditional that the above mentioned response is only without
  4049. body if the response is HTTP 1.1.
  4050. - Jeff Pohlmeyer improved the hiperfifo.c example to use the
  4051. CURLMOPT_TIMERFUNCTION callback option.
  4052. - Set the timeout for easy handles to expire really soon after addition or
  4053. when CURLM_CALL_MULTI_PERFORM is returned from curl_multi_socket*/perform,
  4054. to make applications using only curl_multi_socket() to properly function
  4055. when adding easy handles "on the fly". Bug report and test app provided by
  4056. Michael Wallner.
  4057. Dan F (30 April 2007)
  4058. - Improved the test harness to allow running test servers on other than
  4059. the default port numbers, allowing more than one test suite to run
  4060. simultaneously on the same host.
  4061. Daniel S (28 April 2007)
  4062. - Peter O'Gorman fixed libcurl to not init GnuTLS as early as we did before,
  4063. since it then inits libgcrypt and libgcrypt is being evil and EXITS the
  4064. application if it fails to get a fine random seed. That's really not a nice
  4065. thing to do by a library.
  4066. - Frank Hempel fixed a curl_easy_duphandle() crash on a handle that had
  4067. been removed from a multi handle, and then fixed another flaw that prevented
  4068. curl_easy_duphandle() to work even after the first fix - the handle was
  4069. still marked as using the multi interface.
  4070. Daniel S (26 April 2007)
  4071. - Peter O'Gorman found a problem with SCP downloads when the downloaded file
  4072. was 16385 bytes (16K+1) and it turned out we didn't properly always "suck
  4073. out" all data from libssh2. The effect being that libcurl would hang on the
  4074. socket waiting for data when libssh2 had in fact already read it all...
  4075. Dan F (25 April 2007)
  4076. - Added support in runtests.pl for "!n" test numbers to disable individual
  4077. tests. Changed -t to only keep log files around when -k is specified,
  4078. to have the same behaviour as without -t.
  4079. Daniel S (25 April 2007)
  4080. - Sonia Subramanian brought our attention to a problem that happens if you set
  4081. the CURLOPT_RESUME_FROM or CURLOPT_RANGE options and an existing connection
  4082. in the connection cache is closed to make room for the new one when you call
  4083. curl_easy_perform(). It would then wrongly free range-related data in the
  4084. connection close funtion.
  4085. Yang Tse (25 April 2007)
  4086. - Steve Little fixed compilation on VMS 64-bit mode
  4087. Daniel S (24 April 2007)
  4088. - Robert Iakobashvili made the 'master_buffer' get allocated first once it is
  4089. can/will be used as it then makes the common cases save 16KB of data for each
  4090. easy handle that isn't used for pipelining.
  4091. Dan F (23 April 2007)
  4092. - Added <postcheck> support to the test harness.
  4093. - Added tests 610-612 to test more SFTP post-quote commands.
  4094. Daniel S (22 April 2007)
  4095. - Song Ma's warning if -r/--range is given with a "bad" range, also noted in
  4096. the man page now.
  4097. - Daniel Black filed bug #1705177
  4098. (http://curl.haxx.se/bug/view.cgi?id=1705177) where --without-ssl
  4099. --with-gnutl outputs a warning about SSL not being enabled even though GnuTLS
  4100. was found and used.
  4101. Daniel S (21 April 2007)
  4102. - Daniel Black filed bug #1704675
  4103. (http://curl.haxx.se/bug/view.cgi?id=1704675) identifying a double-free
  4104. problem in the SSL-dealing layer, telling GnuTLS to free NULL credentials on
  4105. closedown after a failure and a bad #ifdef for NSS when closing down SSL.
  4106. Yang Tse (20 April 2007)
  4107. - Save one call to curlx_tvnow(), which calls gettimeofday(), in each of
  4108. Curl_socket_ready(), Curl_poll() and Curl_select() when these are called
  4109. with a zero timeout or a timeout value indicating a blocking call should
  4110. be performed.
  4111. Daniel S (18 April 2007)
  4112. - James Housley made SFTP uploads use libssh2's non-blocking API
  4113. - Prevent the internal progress meter from updating more frequently than once
  4114. per second.
  4115. Dan F (17 April 2007)
  4116. - Added test cases 296, 297 and 298 to test --ftp-method handling
  4117. Daniel S (16 April 2007)
  4118. - Robert Iakobashvil added curl_multi_socket_action() to libcurl, which is a
  4119. function that deprecates the curl_multi_socket() function. Using the new
  4120. function the application tell libcurl what action that was found in the
  4121. socket that it passes in. This gives a significant performance boost as it
  4122. allows libcurl to avoid a call to poll()/select() for every call to
  4123. curl_multi_socket*().
  4124. I added a define in the public curl/multi.h header file that will make your
  4125. existing application automatically use curl_multi_socket_action() instead of
  4126. curl_multi_socket() when you recompile. But of course you'll get better
  4127. performance if you adjust your code manually and actually pass in the
  4128. correct action bitmask to this function.
  4129. Daniel S (14 April 2007)
  4130. - Jay Austin added "DH PARAMETERS" to the stunnel.pem certificate for the test
  4131. suite to make stunnel run better in some (most?) environments.
  4132. Dan F (13 April 2007)
  4133. - Added test cases 294 and 295 to test --ftp-account handling
  4134. - Improved handling of out of memory in ftp.
  4135. Yang Tse (13 April 2007)
  4136. - Fix test case 534 which started to fail 2007-04-13 due to the existance
  4137. of a new host on the net with the same silly domain the test was using
  4138. for a host which was supposed not to exist.
  4139. Daniel S (12 April 2007)
  4140. - Song Ma found a memory leak in the if2ip code if you pass in an interface
  4141. name longer than the name field of the ifreq struct (typically 6 bytes), as
  4142. then it wouldn't close the used dummy socket. Bug #1698974
  4143. (http://curl.haxx.se/bug/view.cgi?id=1698974)
  4144. Version 7.16.2 (11 April 2007)
  4145. Yang Tse (10 April 2007)
  4146. - Ravi Pratap provided some fixes for HTTP pipelining
  4147. - configure script will ignore --enable-sspi option for non-native Windows.
  4148. Daniel S (9 April 2007)
  4149. - Nick Zitzmann did ssh.c cleanups
  4150. Daniel S (3 April 2007)
  4151. - Rob Jones fixed better #ifdef'ing for a bunch of #include lines.
  4152. Daniel S (2 April 2007)
  4153. - Nick Zitzmann made the CURLOPT_POSTQUOTE option work for SFTP as well. The
  4154. accepted commands are as follows:
  4155. chgrp (gid) (path)
  4156. Changes the group ID of the file or directory at (path) to (gid). (gid)
  4157. must be a number.
  4158. chmod (perms) (path)
  4159. Changes the permissions of the file or directory at (path) to
  4160. (perms). (perms) must be a number in the format used by the chmod Unix
  4161. command.
  4162. chown (uid) (path)
  4163. Changes the user ID of the file or directory at (path) to (uid). (uid)
  4164. must be a number.
  4165. ln (source) (dest)
  4166. Creates a symbolic link at (dest) that points to the file located at
  4167. (source).
  4168. mkdir (path)
  4169. Creates a new directory at (path).
  4170. rename (source) (dest)
  4171. Moves the file or directory at (source) to (dest).
  4172. rm (path)
  4173. Deletes the file located at (path).
  4174. rmdir (path)
  4175. Deletes the directory located at (path). This command will raise an error
  4176. if the directory is not empty.
  4177. symlink (source) (dest)
  4178. Same as ln.
  4179. Daniel S (1 April 2007)
  4180. - Robert Iakobashvili made curl_multi_remove_handle() a lot faster when many
  4181. easy handles are added to a multi handle, by avoiding the looping over all
  4182. the handles to find which one to remove.
  4183. - Matt Kraai provided a patch that makes curl build on QNX 6 fine again.
  4184. Daniel S (31 March 2007)
  4185. - Fixed several minor issues detected by the coverity.com scanner.
  4186. - "Pixel" fixed a problem that appeared when you used -f with user+password
  4187. embedded in the URL.
  4188. Dan F (29 March 2007)
  4189. - Don't tear down the ftp connection if the maximum filesize was exceeded
  4190. and added tests 290 and 291 to check.
  4191. - Added ftps upload and SSL required tests 401 and 402.
  4192. - Send an EOF message before closing an SCP channel, as recommended by
  4193. RFC4254. Enable libssh2 tracing when ssh debugging is turned on.
  4194. Yang Tse (27 March 2007)
  4195. - Internal function Curl_select() renamed to Curl_socket_ready()
  4196. New Internal wrapper function Curl_select() around select (2), it
  4197. uses poll() when a fine poll() is available, so now libcurl can be
  4198. built without select() support at all if a fine poll() is available.
  4199. Daniel S (25 March 2007)
  4200. - Daniel Johnson fixed multi code to traverse the easy handle list properly.
  4201. A left-over bug from the February 21 fix.
  4202. Dan F (23 March 2007)
  4203. - Added --pubkey option to curl and made --key also work for SCP/SFTP,
  4204. plus made --pass work on an SSH private key as well.
  4205. - Changed the test harness to attempt to gracefully shut down servers
  4206. before resorting to the kill -9 hammer.
  4207. - Added test harness infrastructure to support scp/sftp tests, using
  4208. OpenSSH as the server.
  4209. - Fixed a memory leak when specifying a proxy with a file: URL.
  4210. Yang Tse (20 March 2007)
  4211. - Fixed: When a signal was caught awaiting for an event using Curl_select()
  4212. or Curl_poll() with a non-zero timeout both functions would restart the
  4213. specified timeout. This could even lead to the extreme case that if a
  4214. signal arrived with a frecuency lower to the specified timeout neither
  4215. function would ever exit.
  4216. Added experimental symbol definition check CURL_ACKNOWLEDGE_EINTR in
  4217. Curl_select() and Curl_poll(). When compiled with CURL_ACKNOWLEDGE_EINTR
  4218. defined both functions will return as soon as a signal is caught. Use it
  4219. at your own risk, all calls to these functions in the library should be
  4220. revisited and checked before fully supporting this feature.
  4221. Yang Tse (19 March 2007)
  4222. - Bryan Henderson fixed the progress function so that it can get called more
  4223. frequently allowing same calling frecuency for the client progress callback.
  4224. Dan F (15 March 2007)
  4225. - Various memory leaks plugged and NULL pointer fixes made in the ssh code.
  4226. Daniel (15 March 2007)
  4227. - Nick made the curl tool accept globbing ranges that only is one number, i.e
  4228. you can now use [1-1] without curl complaining.
  4229. Daniel (10 March 2007)
  4230. - Eygene Ryabinkin:
  4231. The problem is the following: when we're calling Curl_done and it decides to
  4232. keep the connection opened ('left intact'), then the caller is not notified
  4233. that the connection was done via the NULLifying of the pointer, so some easy
  4234. handle is keeping the pointer to this connection.
  4235. Later ConnectionExists can select such connection for reuse even if we're
  4236. not pipelining: pipeLen is zero, so the (pipeLen > 0 && !canPipeline) is
  4237. false and we can reuse this connection for another easy handle. But thus the
  4238. connection will be shared between two easy handles if the handle that wants
  4239. to take the ownership is not the same as was not notified of the connection
  4240. was done in Curl_done. And when some of these easy handles will get their
  4241. connection really freed the another one will still keep the pointer.
  4242. My fix was rather trivial: I just added the NULLification to the 'else'
  4243. branch in the Curl_done. My tests with Git and ElectricFence showed no
  4244. problems both for HTTP pulling and cloning. Repository size is about 250 Mb,
  4245. so it was a considerable amount of Curl's work.
  4246. Dan F (9 March 2007)
  4247. - Updated the test harness to add a new "crypto" feature check and updated the
  4248. appropriate test case to use it. For now, this is treated the same as the
  4249. "SSL" feature because curl doesn't list it separately.
  4250. Daniel (9 March 2007)
  4251. - Robert Iakobashvili fixed CURLOPT_INTERFACE for IPv6.
  4252. - Robert A. Monat improved the maketgz and VC6/8 generating to set the correct
  4253. machine type too.
  4254. - Justin Fletcher fixed a file descriptor leak in the curl tool when trying to
  4255. upload a file it couldn't open. Bug #1676581
  4256. (http://curl.haxx.se/bug/view.cgi?id=1676581)
  4257. Dan F (9 March 2007)
  4258. - Updated the test harness to check for protocol support before running each
  4259. test, fixing KNOWN_BUGS #11.
  4260. Dan F (7 March 2007)
  4261. - Reintroduced (after a 3 year hiatus) an FTPS test case (400) into the test
  4262. harness. It is very limited as it supports only ftps:// URLs with
  4263. --ftp-ssl-control specified, which implicitly encrypts the control
  4264. channel but not the data channels. That allows stunnel to be used with
  4265. an unmodified ftp server in exactly the same way that the test https
  4266. server is set up.
  4267. Dan F (7 March 2007)
  4268. - Honour --ftp-ssl-control on ftps:// URLs to allow encrypted control and
  4269. unencrypted data connections.
  4270. Dan F (6 March 2007)
  4271. - Fixed a couple of improper pointer uses detected by valgrind in test
  4272. cases 181 & 216.
  4273. Daniel (2 March 2007)
  4274. - Robert A. Monat and Shmulik Regev helped out to fix the new */Makefile.vc8
  4275. makefiles that are included in the source release archives, generated from
  4276. the Makefile.vc6 files by the maketgz script. I also modified the root
  4277. Makefile to have a VC variable that defaults to vc6 but can be overridden to
  4278. allow it to be used for vc8 as well. Like this:
  4279. nmake VC=vc8 vc
  4280. Daniel (27 February 2007)
  4281. - Hang Kin Lau found and fixed: When I use libcurl to connect to an https
  4282. server through a proxy and have the remote https server port set using the
  4283. CURLOPT_PORT option, protocol gets reset to http from https after the first
  4284. request.
  4285. User defined URL was modified internally by libcurl and subsequent reuse of
  4286. the easy handle may lead to connection using a different protocol (if not
  4287. originally http).
  4288. I found that libcurl hardcoded the protocol to "http" when it tries to
  4289. regenerate the URL if CURLOPT_PORT is set. I tried to fix the problem as
  4290. follows and it's working fine so far
  4291. Daniel (25 February 2007)
  4292. - Adam D. Moss made the HTTP CONNECT procedure less blocking when used from
  4293. the multi interface. Note that it still does a part of the connection in a
  4294. blocking manner.
  4295. Daniel (23 February 2007)
  4296. - Added warning outputs if the command line uses more than one of the options
  4297. -v, --trace and --trace-ascii, since it could really confuse the user.
  4298. Clarified this fact in the man page.
  4299. Daniel (21 February 2007)
  4300. - Ravi Pratap provided work on libcurl making pipelining more robust and
  4301. fixing some bugs:
  4302. o Don't mix GET and POST requests in a pipeline
  4303. o Fix the order in which requests are dispatched from the pipeline
  4304. o Fixed several curl bugs with pipelining when the server is returning
  4305. chunked encoding:
  4306. * Added states to chunked parsing for final CRLF
  4307. * Rewind buffer after parsing chunk with data remaining
  4308. * Moved chunked header initializing to a spot just before receiving
  4309. headers
  4310. Daniel (20 February 2007)
  4311. - Linus Nielsen Feltzing changed the CURLOPT_FTP_SSL_CCC option to handle
  4312. active and passive CCC shutdown and added the --ftp-ssl-ccc-mode command
  4313. line option.
  4314. Daniel (19 February 2007)
  4315. - Ian Turner fixed the libcurl.m4 macro's support for --with-libcurl.
  4316. - Shmulik Regev found a memory leak in re-used HTTPS connections, at least
  4317. when the multi interface was used.
  4318. - Robson Braga Araujo made passive FTP transfers work with SOCKS (both 4 and
  4319. 5).
  4320. Daniel (18 February 2007)
  4321. - Jeff Pohlmeyer identified two problems: first a rather obscure problem with
  4322. the multi interface and connection re-use that could make a
  4323. curl_multi_remove_handle() ruin a pointer in another handle.
  4324. The second problem was less of an actual problem but more of minor quirk:
  4325. the re-using of connections wasn't properly checking if the connection was
  4326. marked for closure.
  4327. Daniel (16 February 2007)
  4328. - Duncan Mac-Vicar Prett and Michal Marek reported problems with resetting
  4329. CURLOPT_RANGE back to no range on an easy handle when using FTP.
  4330. Dan F (14 February 2007)
  4331. - Fixed curl-config --libs so it doesn't list unnecessary libraries (and
  4332. therefore introduce unnecessary dependencies) when it's not needed.
  4333. Also, don't bother adding a library path of /usr/lib
  4334. Daniel (13 February 2007)
  4335. - The default password for anonymous FTP connections is now changed to be
  4336. "ftp@example.com".
  4337. - Robert A. Monat made libcurl build fine with VC2005 - it doesn't have
  4338. gmtime_r() like the older VC versions. He also made use of some machine-
  4339. specific defines to differentiate the "OS" define.
  4340. Daniel (12 February 2007)
  4341. - Rob Crittenden added support for NSS (Network Security Service) for the
  4342. SSL/TLS layer. http://www.mozilla.org/projects/security/pki/nss/
  4343. This is the fourth supported library for TLS/SSL that libcurl supports!
  4344. - Shmulik Regev fixed so that the final CRLF of HTTP response headers are sent
  4345. to the debug callback.
  4346. - Shmulik Regev added CURLOPT_HTTP_CONTENT_DECODING and
  4347. CURLOPT_HTTP_TRANSFER_DECODING that if set to zero will disable libcurl's
  4348. internal decoding of content or transfer encoded content. This may be
  4349. preferable in cases where you use libcurl for proxy purposes or similar. The
  4350. command line tool got a --raw option to disable both at once.
  4351. - release tarballs made with maketgz will from now on have a LIBCURL_TIMESTAMP
  4352. define set to hold the exact date and time of when the tarball was built, as
  4353. a human readable string using the UTC time zone.
  4354. - Jeff Pohlmeyer fixed a flaw in curl_multi_add_handle() when adding a handle
  4355. that has an easy handle present in the "closure" list pending closure.
  4356. Daniel (6 February 2007)
  4357. - Regular file downloads wiht SFTP and SCP are now done using the non-blocking
  4358. API of libssh2, if the libssh2 headers seem to support them. This will make
  4359. SCP and SFTP much more responsive and better libcurl citizens when used with
  4360. the multi interface etc.
  4361. Daniel (5 February 2007)
  4362. - Michael Wallner added support for CURLOPT_TIMEOUT_MS and
  4363. CURLOPT_CONNECTTIMEOUT_MS that, as their names suggest, do the timeouts with
  4364. millisecond resolution. The only restriction to that is the alarm()
  4365. (sometimes) used to abort name resolves as that uses full seconds. I fixed
  4366. the FTP response timeout part of the patch.
  4367. Internally we now count and keep the timeouts in milliseconds but it also
  4368. means we multiply set timeouts with 1000. The effect of this is that no
  4369. timeout can be set to more than 2^31 milliseconds (on 32 bit systems), which
  4370. equals 24.86 days. We probably couldn't before either since the code did
  4371. *1000 on the timeout values on several places already.
  4372. Daniel (3 February 2007)
  4373. - Yang Tse fixed the cookie expiry date in several test cases that started to
  4374. fail since they used "1 feb 2007"...
  4375. - Manfred Schwarb reported that socks5 support was broken and help us pinpoint
  4376. the problem. The code now tries harder to use httproxy and proxy where
  4377. apppropriate, as not all proxies are HTTP...
  4378. Version 7.16.1 (29 January 2007)
  4379. Daniel (29 January 2007)
  4380. - Michael Wallner reported that when doing a CONNECT with a custom User-Agent
  4381. header, you got _two_ User-Agent headers in the CONNECT request...! Added
  4382. test case 287 to verify the fix.
  4383. Daniel (28 January 2007)
  4384. - curl_easy_reset() now resets the CA bundle path correctly.
  4385. - David McCreedy fixed the Curl command line tool for HTTP on non-ASCII
  4386. platforms.
  4387. Daniel (25 January 2007)
  4388. - Added the --libcurl [file] option to curl. Append this option to any
  4389. ordinary curl command line, and you will get a libcurl-using source code
  4390. written to the file that does the equivalent operation of what your command
  4391. line operation does!
  4392. Dan F (24 January 2007)
  4393. - Fixed a dangling pointer problem that prevented the http_proxy environment
  4394. variable from being properly used in many cases (and caused test case 63
  4395. to fail).
  4396. Daniel (23 January 2007)
  4397. - David McCreedy did NTLM changes mainly for non-ASCII platforms:
  4398. #1
  4399. There's a compilation error in http_ntlm.c if USE_NTLM2SESSION is NOT
  4400. defined. I noticed this while testing various configurations. Line 867 of
  4401. the current http_ntlm.c is a closing bracket for an if/else pair that only
  4402. gets compiled in if USE_NTLM2SESSION is defined. But this closing bracket
  4403. wasn't in an #ifdef so the code fails to compile unless USE_NTLM2SESSION was
  4404. defined. Lines 198 and 140 of my patch wraps that closing bracket in an
  4405. #ifdef USE_NTLM2SESSION.
  4406. #2
  4407. I noticed several picky compiler warnings when DEBUG_ME is defined. I've
  4408. fixed them with casting. By the way, DEBUG_ME was a huge help in
  4409. understanding this code.
  4410. #3
  4411. Hopefully the last non-ASCII conversion patch for libcurl in a while. I
  4412. changed the "NTLMSSP" literal to hex since this signature must always be in
  4413. ASCII.
  4414. Conversion code was strategically added where necessary. And the
  4415. Curl_base64_encode calls were changed so the binary "blobs" http_ntlm.c
  4416. creates are NOT translated on non-ASCII platforms.
  4417. Dan F (22 January 2007)
  4418. - Converted (most of) the test data files into genuine XML. A handful still
  4419. are not, due mainly to the lack of support for XML character entities
  4420. (e.g. & => &amp; ). This will make it easier to validate test files using
  4421. tools like xmllint, as well as to edit and view them using XML tools.
  4422. Daniel (16 January 2007)
  4423. - Armel Asselin improved libcurl to behave a lot better when an easy handle
  4424. doing an FTP transfer is removed from a multi handle before completion. The
  4425. fix also fixed the "alive counter" to be correct on "premature removal" for
  4426. all protocols.
  4427. Dan F (16 January 2007)
  4428. - Fixed a small memory leak in tftp uploads discovered by curl's memory leak
  4429. detector. Also changed tftp downloads to URL-unescape the downloaded
  4430. file name.
  4431. Daniel (14 January 2007)
  4432. - David McCreedy provided libcurl changes for doing HTTP communication on
  4433. non-ASCII platforms. It does add some complexity, most notably with more
  4434. #ifdefs, but I want to see this supported added and I can't see how we can
  4435. add it without the extra stuff added.
  4436. - Setting CURLOPT_COOKIELIST to "ALL" when no cookies at all was present,
  4437. libcurl would crash when trying to read a NULL pointer.
  4438. Daniel (12 January 2007)
  4439. - Toby Peterson found a nasty bug that prevented (lib)curl from properly
  4440. downloading (most) things that were larger than 4GB on 32 bit systems. Matt
  4441. Witherspoon helped as narrow down the problem.
  4442. Daniel (5 January 2007)
  4443. - Linus Nielsen Feltzing introduced the --ftp-ssl-ccc command line option to
  4444. curl that uses the new CURLOPT_FTP_SSL_CCC option in libcurl. If enabled, it
  4445. will make libcurl shutdown SSL/TLS after the authentication is done on a
  4446. FTP-SSL operation.
  4447. Daniel (4 January 2007)
  4448. - David McCreedy made changes to allow base64 encoding/decoding to work on
  4449. non-ASCII platforms.
  4450. Daniel (3 January 2007)
  4451. - Matt Witherspoon fixed the flaw which made libcurl 7.16.0 always store
  4452. downloaded data in two buffers, just to be able to deal with a special HTTP
  4453. pipelining case. That is now only activated for pipelined transfers. In
  4454. Matt's case, it showed as a considerable performance difference,
  4455. Daniel (2 January 2007)
  4456. - Victor Snezhko helped us fix bug report #1603712
  4457. (http://curl.haxx.se/bug/view.cgi?id=1603712) (known bug #36) --limit-rate
  4458. (CURLOPT_MAX_SEND_SPEED_LARGE and CURLOPT_MAX_RECV_SPEED_LARGE) are broken
  4459. on Windows (since 7.16.0, but that's when they were introduced as previous
  4460. to that the limiting logic was made in the application only and not in the
  4461. library). It was actually also broken on select()-based systems (as apposed
  4462. to poll()) but we haven't had any such reports. We now use select(), Sleep()
  4463. or delay() properly to sleep a while without waiting for anything input or
  4464. output when the rate limiting is activated with the easy interface.
  4465. - Modified libcurl.pc.in to use Libs.private for the libs libcurl itself needs
  4466. to get built static. It has been mentioned before and was again brought to
  4467. our attention by Nathanael Nerode who filed debian bug report #405226
  4468. (http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=405226).
  4469. Daniel (29 December 2006)
  4470. - Make curl_easy_duphandle() set the magic number in the new handle.
  4471. Daniel (22 December 2006)
  4472. - Robert Foreman provided a prime example snippet showing how libcurl would
  4473. get confused and not acknowledge the 'no_proxy' variable properly once it
  4474. had used the proxy and you re-used the same easy handle. I made sure the
  4475. proxy name is properly stored in the connect struct rather than the
  4476. sessionhandle/easy struct.
  4477. - David McCreedy fixed a bad call to getsockname() that wrongly used a size_t
  4478. variable to point to when it should be a socklen_t.
  4479. - When setting a proxy with environment variables and (for example) running
  4480. 'curl [URL]' with a URL without a protocol prefix, curl would not send a
  4481. correct request as it failed to add the protocol prefix.
  4482. Daniel (21 December 2006)
  4483. - Robson Braga Araujo reported bug #1618359
  4484. (http://curl.haxx.se/bug/view.cgi?id=1618359) and subsequently provided a
  4485. patch for it: when downloading 2 zero byte files in a row, curl 7.16.0
  4486. enters an infinite loop, while curl 7.16.1-20061218 does one additional
  4487. unnecessary request.
  4488. Fix: During the "Major overhaul introducing http pipelining support and
  4489. shared connection cache within the multi handle." change, headerbytecount
  4490. was moved to live in the Curl_transfer_keeper structure. But that structure
  4491. is reset in the Transfer method, losing the information that we had about
  4492. the header size. This patch moves it back to the connectdata struct.
  4493. Daniel (16 December 2006)
  4494. - Brendan Jurd provided a fix that now prevents libcurl from getting a SIGPIPE
  4495. during certain conditions when GnuTLS is used.
  4496. Daniel (11 December 2006)
  4497. - Alexey Simak found out that when doing FTP with the multi interface and
  4498. something went wrong like it got a bad response code back from the server,
  4499. libcurl would leak memory. Added test case 538 to verify the fix.
  4500. I also noted that the connection would get cached in that case, which
  4501. doesn't make sense since it cannot be re-use when the authentication has
  4502. failed. I fixed that issue too at the same time, and also that the path
  4503. would be "remembered" in vain for cases where the connection was about to
  4504. get closed.
  4505. Daniel (6 December 2006)
  4506. - Sebastien Willemijns reported bug #1603712
  4507. (http://curl.haxx.se/bug/view.cgi?id=1603712) which is about connections
  4508. getting cut off prematurely when --limit-rate is used. While I found no such
  4509. problems in my tests nor in my reading of the code, I found that the
  4510. --limit-rate code was severly flawed (since it was moved into the lib, since
  4511. 7.15.5) when used with the easy interface and it didn't work as documented
  4512. so I reworked it somewhat and now it works for my tests.
  4513. Daniel (5 December 2006)
  4514. - Stefan Krause pointed out a compiler warning with a picky MSCV compiler when
  4515. passing a curl_off_t argument to the Curl_read_rewind() function which takes
  4516. an size_t argument. Curl_read_rewind() also had debug code left in it and it
  4517. was put in a different source file with no good reason when only used from
  4518. one single spot.
  4519. - Sh Diao reported that CURLOPT_CLOSEPOLICY doesn't work, and indeed, there is
  4520. no code present in the library that receives the option. Since it was not
  4521. possible to use, we know that no current users exist and thus we simply
  4522. removed it from the docs and made the code always use the default path of
  4523. the code.
  4524. - Jared Lundell filed bug report #1604956
  4525. (http://curl.haxx.se/bug/view.cgi?id=1604956) which identified setting
  4526. CURLOPT_MAXCONNECTS to zero caused libcurl to SIGSEGV. Starting now, libcurl
  4527. will always internally use no less than 1 entry in the connection cache.
  4528. - Sh Diao reported that CURLOPT_FORBID_REUSE no works, and indeed it broke in
  4529. the 7.16.0 release.
  4530. - Martin Skinner brought back bug report #1230118 to haunt us once again.
  4531. (http://curl.haxx.se/bug/view.cgi?id=1230118) curl_getdate() did not work
  4532. properly for all input dates on Windows. It was mostly seen on some TZ time
  4533. zones using DST. Luckily, Martin also provided a fix.
  4534. - Alexey Simak filed bug report #1600447
  4535. (http://curl.haxx.se/bug/view.cgi?id=1600447) in which he noted that active
  4536. FTP connections don't work with the multi interface. The problem is here
  4537. that the multi interface state machine has a state during which it can wait
  4538. for the data connection to connect, but the active connection is not done in
  4539. the same step in the sequence as the passive one is so it doesn't quite work
  4540. for active. The active FTP code still use a blocking function to allow the
  4541. remote server to connect.
  4542. The fix (work-around is a better word) for this problem is to set the
  4543. boolean prematurely that the data connection is completed, so that the "wait
  4544. for connect" phase ends at once.
  4545. The proper fix, left for the future, is of course to make the active FTP
  4546. case to act in a non-blocking way too.
  4547. - Matt Witherspoon fixed a problem case when the CPU load went to 100% when a
  4548. HTTP upload was disconnected:
  4549. "What appears to be happening is that my system (Linux 2.6.17 and 2.6.13) is
  4550. setting *only* POLLHUP on poll() when the conditions in my previous mail
  4551. occur. As you can see, select.c:Curl_select() does not check for POLLHUP. So
  4552. basically what was happening, is poll() was returning immediately (with
  4553. POLLHUP set), but when Curl_select() looked at the bits, neither POLLERR or
  4554. POLLOUT was set. This still caused Curl_readwrite() to be called, which
  4555. quickly returned. Then the transfer() loop kept continuing at full speed
  4556. forever."
  4557. Daniel (1 December 2006)
  4558. - Toon Verwaest reported that there are servers that send the Content-Range:
  4559. header in a third, not suppported by libcurl, format and we agreed that we
  4560. could make the parser more forgiving to accept all the three found
  4561. variations.
  4562. Daniel (25 November 2006)
  4563. - Venkat Akella found out that libcurl did not like HTTP responses that simply
  4564. responded with a single status line and no headers nor body. Starting now, a
  4565. HTTP response on a persistent connection (i.e not set to be closed after the
  4566. response has been taken care of) must have Content-Length or chunked
  4567. encoding set, or libcurl will simply assume that there is no body.
  4568. To my horror I learned that we had no less than 57(!) test cases that did bad
  4569. HTTP responses like this, and even the test http server (sws) responded badly
  4570. when queried by the test system if it is the test system. So although the
  4571. actual fix for the problem was tiny, going through all the newly failing test
  4572. cases got really painful and boring.
  4573. Daniel (24 November 2006)
  4574. - James Housley did lots of work and introduced SFTP downloads.
  4575. Daniel (13 November 2006)
  4576. - Ron in bug #1595348 (http://curl.haxx.se/bug/view.cgi?id=1595348) pointed
  4577. out a stack overwrite (and the corresponding fix) on 64bit Windows when
  4578. dealing with HTTP chunked encoding.
  4579. Daniel (9 November 2006)
  4580. - Nir Soffer updated libcurl.framework.make:
  4581. o fix symlinks, should link to Versions, not to ./Versions
  4582. o indentation improvments
  4583. - Dmitriy Sergeyev found a SIGSEGV with his test04.c example posted on 7 Nov
  4584. 2006. It turned out we wrongly assumed that the connection cache was present
  4585. when tearing down a connection.
  4586. - Ciprian Badescu found a SIGSEGV when doing multiple TFTP transfers using the
  4587. multi interface, but I could also repeat it doing multiple sequential ones
  4588. with the easy interface. Using Ciprian's test case, I could fix it.
  4589. Daniel (8 November 2006)
  4590. - Bradford Bruce reported that when setting CURLOPT_DEBUGFUNCTION without
  4591. CURLOPT_VERBOSE set to non-zero, you still got a few debug messages from the
  4592. SSL handshake. This is now stopped.
  4593. Daniel (7 November 2006)
  4594. - Olaf fixed a leftover problem with the CONNECT fix of his that would leave a
  4595. wrong error message in the error message buffer.
  4596. Daniel (3 November 2006)
  4597. - Olaf Stueben provided a patch that I edited slightly. It fixes the notorious
  4598. KNOWN_BUGS #25, which happens when a proxy closes the connection when
  4599. libcurl has sent CONNECT, as part of an authentication negotiation. Starting
  4600. now, libcurl will re-connect accordingly and continue the authentication as
  4601. it should.
  4602. Daniel (2 November 2006)
  4603. - James Housley brought support for SCP transfers, based on the libssh2 library
  4604. for the actual network protocol stuff.
  4605. Added these new curl_easy_setopt() options:
  4606. CURLOPT_SSH_AUTH_TYPES
  4607. CURLOPT_SSH_PUBLIC_KEYFILE
  4608. CURLOPT_SSH_PRIVATE_KEYFILE
  4609. Version 7.16.0 (30 October 2006)
  4610. Daniel (25 October 2006)
  4611. - Fixed CURLOPT_FAILONERROR to return CURLE_HTTP_RETURNED_ERROR even for the
  4612. case when 401 or 407 are returned, *IF* no auth credentials have been given.
  4613. The CURLOPT_FAILONERROR option is not possible to make fool-proof for 401
  4614. and 407 cases when auth credentials is given, but we've now covered this
  4615. somewhat more.
  4616. You might get some amounts of headers transferred before this situation is
  4617. detected, like for when a "100-continue" is received as a response to a
  4618. POST/PUT and a 401 or 407 is received immediately afterwards.
  4619. Added test 281 to verify this change.
  4620. Daniel (23 October 2006)
  4621. - Ravi Pratap provided a major update with pipelining fixes. We also no longer
  4622. re-use connections (for pipelining) before the name resolving is done.
  4623. Daniel (21 October 2006)
  4624. - Nir Soffer made the tests/libtest/Makefile.am use a proper variable for all
  4625. the single test applications' link and dependences, so that you easier can
  4626. override those from the command line when using make.
  4627. - Armel Asselin separated CA cert verification problems from problems with
  4628. reading the (local) CA cert file to let users easier pinpoint the actual
  4629. problem. CURLE_SSL_CACERT_BADFILE (77) is the new libcurl error code.
  4630. Daniel (18 October 2006)
  4631. - Removed the "protocol-guessing" for URLs with host names starting with FTPS
  4632. or TELNET since they are practically non-existant. This leaves us with only
  4633. three different prefixes that would assume the protocol is anything but
  4634. HTTP, and they are host names starting with "ftp.", "dict." or "ldap.".
  4635. Daniel (17 October 2006)
  4636. - Bug report #1579171 pointed out code flaws detected with "prefast", and they
  4637. were 1 - a too small memory clear with memset() in the threaded resolver and
  4638. 2 - a range of potentially bad uses of the ctype family of is*() functions
  4639. such as isdigit(), isalnum(), isprint() and more. The latter made me switch
  4640. to using our own set of these functions/macros using uppercase letters, and
  4641. with some extra set of crazy typecasts to avoid mistakingly passing in
  4642. negative numbers to the underlying is*() functions.
  4643. - With Jeff Pohlmeyer's help, I fixed the expire timer when using
  4644. curl_multi_socket() during name resolves with c-ares and the LOW_SPEED
  4645. options now work fine with curl_multi_socket() as well.
  4646. Daniel (16 October 2006)
  4647. - Added a check in configure that simply tries to run a program (not when
  4648. cross-compiling) in order to detect problems with run-time libraries that
  4649. otherwise would occur when the sizeof tests for curl_off_t would run and
  4650. thus be much more confusing to users. The check of course should run after
  4651. all lib-checks are done and before any other test is used that would run an
  4652. executable built for testing-purposes.
  4653. Dan F (13 October 2006)
  4654. - The tagging of application/x-www-form-urlencoded POST body data sent
  4655. to the CURLOPT_DEBUGFUNCTION callback has been fixed (it was erroneously
  4656. included as part of the header). A message was also added to the
  4657. command line tool to show when data is being sent, enabled when
  4658. --verbose is used.
  4659. Daniel (12 October 2006)
  4660. - Starting now, adding an easy handle to a multi stack that was already added
  4661. to a multi stack will cause CURLM_BAD_EASY_HANDLE to get returned.
  4662. - Jeff Pohlmeyer has been working with the hiperfifo.c example source code,
  4663. and while doing so it became apparent that the current timeout system for
  4664. the socket API really was a bit awkward since it become quite some work to
  4665. be sure we have the correct timeout set.
  4666. Jeff then provided the new CURLMOPT_TIMERFUNCTION that is yet another
  4667. callback the app can set to get to know when the general timeout time
  4668. changes and thus for an application like hiperfifo.c it makes everything a
  4669. lot easier and nicer. There's a CURLMOPT_TIMERDATA option too of course in
  4670. good old libcurl tradition.
  4671. Jeff has also updated the hiperfifo.c example code to use this news.
  4672. Daniel (9 October 2006)
  4673. - Bogdan Nicula's second test case (posted Sun, 08 Oct 2006) converted to test
  4674. case 535 and it now runs fine. Again a problem with the pipelining code not
  4675. taking all possible (error) conditions into account.
  4676. Daniel (6 October 2006)
  4677. - Bogdan Nicula's hanging test case (posted Wed, 04 Oct 2006) was converted to
  4678. test case 533 and the test now runs fine.
  4679. Daniel (4 October 2006)
  4680. - Dmitriy Sergeyev provided an example source code that crashed CVS libcurl
  4681. but that worked nicely in 7.15.5. I converted it into test case 532 and
  4682. fixed the problem.
  4683. Daniel (29 September 2006)
  4684. - Removed a few other no-longer present options from the header file.
  4685. - Support for FTP third party transfers was removed. Here's why:
  4686. o The recent multi interface changes broke it and the design of the 3rd party
  4687. transfers made it very hard to fix the problems
  4688. o It was still blocking and thus nasty for the multi interface
  4689. o It was a lot of extra code for a very rarely used feature
  4690. o It didn't use the same code as for "plain" FTP transfers, so it didn't work
  4691. fine for IPv6 and it didn't properly re-use connections and more
  4692. o There's nobody around who's willing to work on and improve the existing
  4693. code
  4694. This does not mean that third party transfers are banned forever, only that
  4695. they need to be done better if they are to be re-added in the future.
  4696. The CURLOPT_SOURCE_* options are removed from the lib and so are the --3p*
  4697. options from the command line tool. For this reason, I also bumped the
  4698. version info for the lib.
  4699. Daniel (28 September 2006)
  4700. - Reported in #1561470 (http://curl.haxx.se/bug/view.cgi?id=1561470), libcurl
  4701. would crash if a bad function sequence was used when shutting down after
  4702. using the multi interface (i.e using easy_cleanup after multi_cleanup) so
  4703. precautions have been added to make sure it doesn't any more - test case 529
  4704. was added to verify.
  4705. Daniel (27 September 2006)
  4706. - The URL in the cookie jar file is now changed since it was giving a 404.
  4707. Reported by Timothy Stone. The new URL will take the visitor to a curl web
  4708. site mirror with the document.
  4709. Daniel (24 September 2006)
  4710. - Bernard Leak fixed configure --with-gssapi-libs.
  4711. - Cory Nelson made libcurl use the WSAPoll() function if built for Windows
  4712. Vista (_WIN32_WINNT >= 0x0600)
  4713. Daniel (23 September 2006)
  4714. - Mike Protts added --ftp-ssl-control to make curl use FTP-SSL, but only
  4715. encrypt the control connection and use the data connection "plain".
  4716. - Dmitriy Sergeyev provided a patch that made the SOCKS[45] code work better
  4717. as it now will read the full data sent from servers. The SOCKS-related code
  4718. was also moved to the new lib/socks.c source file.
  4719. Daniel (21 September 2006)
  4720. - Added test case 531 in an attempt to repeat bug report #1561470
  4721. (http://curl.haxx.se/bug/view.cgi?id=1561470) that is said to crash when an
  4722. FTP upload fails with the multi interface. It did not, but I made a failed
  4723. upload still assume the control connection to be fine.
  4724. Daniel (20 September 2006)
  4725. - Armel Asselin fixed problems when you gave a proxy URL with user name and
  4726. empty password or no password at all. Test case 278 and 279 were added to
  4727. verify.
  4728. Daniel (12 September 2006)
  4729. - Added docs/examples/10-at-a-time.c by Michael Wallner
  4730. - Added docs/examples/hiperfifo.c by Jeff Pohlmeyer
  4731. Daniel (11 September 2006)
  4732. - Fixed my breakage from earlier today so that doing curl_easy_cleanup() on a
  4733. handle that is part of a multi handle first removes the handle from the
  4734. stack.
  4735. - Added CURLOPT_SSL_SESSIONID_CACHE and --no-sessionid to disable SSL
  4736. session-ID re-use on demand since there obviously are broken servers out
  4737. there that misbehave with session-IDs used.
  4738. - Jeff Pohlmeyer presented a *multi_socket()-using program that exposed a
  4739. problem with it (SIGSEGV-style). It clearly showed that the existing
  4740. socket-state and state-difference function wasn't good enough so I rewrote
  4741. it and could then re-run Jeff's program without any crash. The previous
  4742. version clearly could miss to tell the application when a handle changed
  4743. from using one socket to using another.
  4744. While I was at it (as I could use this as a means to track this problem
  4745. down), I've now added a 'magic' number to the easy handle struct that is
  4746. inited at curl_easy_init() time and cleared at curl_easy_cleanup() time that
  4747. we can use internally to detect that an easy handle seems to be fine, or at
  4748. least not closed or freed (freeing in debug builds fill the area with 0x13
  4749. bytes but in normal builds we can of course not assume any particular data
  4750. in the freed areas).
  4751. Daniel (9 September 2006)
  4752. - Michele Bini fixed how the hostname is put in NTLM packages. As servers
  4753. don't expect fully qualified names we need to cut them off at the first dot.
  4754. - Peter Sylvester cleaned up and fixed the getsockname() uses in ftp.c. Some
  4755. of them can be completetly removed though...
  4756. Daniel (6 September 2006)
  4757. - Ravi Pratap and I have implemented HTTP Pipelining support. Enable it for a
  4758. multi handle using CURLMOPT_PIPELINING and all HTTP connections done on that
  4759. handle will be attempted to get pipelined instead of done in parallell as
  4760. they are performed otherwise.
  4761. As a side-effect from this work, connections are now shared between all easy
  4762. handles within a multi handle, so if you use N easy handles for transfers,
  4763. each of them can pick up and re-use a connection that was previously used by
  4764. any of the handles, be it the same or one of the others.
  4765. This separation of the tight relationship between connections and easy
  4766. handles is most noticable when you close easy handles that have been used in
  4767. a multi handle and check amount of used memory or watch the debug output, as
  4768. there are times when libcurl will keep the easy handle around for a while
  4769. longer to be able to close it properly. Like for sending QUIT to close down
  4770. an FTP connection.
  4771. This is a major change.
  4772. Daniel (4 September 2006)
  4773. - Dmitry Rechkin (http://curl.haxx.se/bug/view.cgi?id=1551412) provided a
  4774. patch that while not fixing things very nicely, it does make the SOCKS5
  4775. proxy connection slightly better as it now acknowledges the timeout for
  4776. connection and it no longer segfaults in the case when SOCKS requires
  4777. authentication and you did not specify username:password.
  4778. Daniel (31 August 2006)
  4779. - Dmitriy Sergeyev found and fixed a multi interface flaw when using asynch
  4780. name resolves. It could get stuck in the wrong state.
  4781. Gisle (29 August 2006)
  4782. - Added support for other MS-DOS compilers (desides djgpp). All MS-DOS
  4783. compiler now uses the same config.dos file (renamed to config.h by
  4784. make). libcurl now builds fine using Watcom and Metaware's High-C
  4785. using the Watt-32 tcp/ip-stack.
  4786. Daniel (29 August 2006)
  4787. - David McCreedy added CURLOPT_SOCKOPTFUNCTION and CURLOPT_SOCKOPTDATA to
  4788. allow applications to set their own socket options.
  4789. Daniel (25 August 2006)
  4790. - Armel Asselin reported that the 'running_handles' counter wasn't updated
  4791. properly if you removed a "live" handle from a multi handle with
  4792. curl_multi_remove_handle().
  4793. Daniel (22 August 2006)
  4794. - David McCreedy fixed a remaining mistake from the August 19 TYPE change.
  4795. - Peter Sylvester pointed out a flaw in the AllowServerConnect() in the FTP
  4796. code when doing pure ipv6 EPRT connections.
  4797. Daniel (19 August 2006)
  4798. - Based on a patch by Armel Asselin, the FTP code no longer re-issues the TYPE
  4799. command on subsequent requests on a re-used connection unless it has to.
  4800. - Armel Asselin fixed a crash in the FTP code when using SINGLECWD mode and
  4801. files in the root directory.
  4802. - Andrew Biggs pointed out a "Expect: 100-continue" flaw where libcurl didn't
  4803. send the whole request at once, even though the Expect: header was disabled
  4804. by the application. An effect of this change is also that small (< 1024
  4805. bytes) POSTs are now always sent without Expect: header since we deem it
  4806. more costly to bother about that than the risk that we send the data in
  4807. vain.
  4808. Daniel (9 August 2006)
  4809. - Armel Asselin made the CURLOPT_PREQUOTE option work fine even when
  4810. CURLOPT_NOBODY is set true. PREQUOTE is then run roughly at the same place
  4811. in the command sequence as it would have run if there would've been a
  4812. transfer.
  4813. Daniel (8 August 2006)
  4814. - Fixed a flaw in the "Expect: 100-continue" treatment. If you did two POSTs
  4815. on a persistent connection and allowed the first to use that header, you
  4816. could not disable it for the second request.
  4817. Daniel (7 August 2006)
  4818. - Domenico Andreolfound a quick build error which happened because
  4819. src/config.h.in was not a proper duplcate of lib/config.h.in which it
  4820. should've been and this was due to the maketgz script not doing the cp
  4821. properly.
  4822. Version 7.15.5 (7 August 2006)
  4823. Daniel (2 August 2006)
  4824. - Mark Lentczner fixed how libcurl was not properly doing chunked encoding
  4825. if the header "Transfer-Encoding: chunked" was set by the application.
  4826. http://curl.haxx.se/bug/view.cgi?id=1531838
  4827. Daniel (1 August 2006)
  4828. - Maciej Karpiuk fixed a crash that would occur if we passed Curl_strerror()
  4829. an unknown error number on glibc systems.
  4830. http://curl.haxx.se/bug/view.cgi?id=1532289
  4831. Daniel (31 July 2006)
  4832. - *ALERT* curl_multi_socket() and curl_multi_socket_all() got modified
  4833. prototypes: they both now provide the number of running handles back to the
  4834. calling function. It makes the functions resemble the good old
  4835. curl_multi_perform() more and provides a nice way to know when the multi
  4836. handle goes empty.
  4837. ALERT2: don't use the curl_multi_socket*() functionality in anything
  4838. production-like until I say it's somewhat settled, as I suspect there might
  4839. be some further API changes before I'm done...
  4840. Daniel (28 July 2006)
  4841. - Yves Lejeune fixed so that replacing Content-Type: when doing multipart
  4842. formposts work exactly the way you want it (and the way you'd assume it
  4843. works).
  4844. Daniel (27 July 2006)
  4845. - David McCreedy added --ftp-ssl-reqd which makes curl *require* SSL for both
  4846. control and data connection, as the existing --ftp-ssl option only requests
  4847. it.
  4848. - [Hiper-related work] Added a function called curl_multi_assign() that will
  4849. set a private pointer added to the internal libcurl hash table for the
  4850. particular socket passed in to this function:
  4851. CURLMcode curl_multi_assign(CURLM *multi_handle,
  4852. curl_socket_t sockfd,
  4853. void *sockp);
  4854. 'sockp' being a custom pointer set by the application to be associated with
  4855. this socket. The socket has to be already existing and in-use by libcurl,
  4856. like having already called the callback telling about its existance.
  4857. The set hashp pointer will then be passed on to the callback in upcoming
  4858. calls when this same socket is used (in the brand new 'socketp' argument).
  4859. Daniel (26 July 2006)
  4860. - Dan Nelson added the CURLOPT_FTP_ALTERNATIVE_TO_USER libcurl option and curl
  4861. tool option named --ftp-alternative-to-user. It provides a mean to send a
  4862. particular command if the normal USER/PASS approach fails.
  4863. - Michael Jerris added magic that builds lib/curllib.vcproj automatically for
  4864. newer MSVC.
  4865. Daniel (25 July 2006)
  4866. - Georg Horn made the transfer timeout error message include more details.
  4867. Daniel (20 July 2006)
  4868. - David McCreedy fixed a build error when building libcurl with HTTP disabled,
  4869. problem added with the curl_formget() patch.
  4870. Daniel (17 July 2006)
  4871. - Jari Sundell did some excellent research and bug tracking, figured out that
  4872. we did wrong and patched it: When nodes were removed from the splay tree,
  4873. and we didn't properly remove it from the splay tree when an easy handle was
  4874. removed from a multi stack and thus we could wrongly leave a node in the
  4875. splay tree pointing to (bad) memory.
  4876. Daniel (14 July 2006)
  4877. - David McCreedy fixed a flaw where the CRLF counter wasn't properly cleared
  4878. for FTP ASCII transfers.
  4879. Daniel (8 July 2006)
  4880. - Ates Goral pointed out that libcurl's cookie parser did case insensitive
  4881. string comparisons on the path which is incorrect and provided a patch that
  4882. fixes this. I edited test case 8 to include details that test for this.
  4883. - Ingmar Runge provided a source snippet that caused a crash. The reason for
  4884. the crash was that libcurl internally was a bit confused about who owned the
  4885. DNS cache at all times so if you created an easy handle that uses a shared
  4886. DNS cache and added that to a multi handle it would crash. Now we keep more
  4887. careful internal track of exactly what kind of DNS cache each easy handle
  4888. uses: None, Private (allocated for and used only by this single handle),
  4889. Shared (points to a cache held by a shared object), Global (points to the
  4890. global cache) or Multi (points to the cache within the multi handle that is
  4891. automatically shared between all easy handles that are added with private
  4892. caches).
  4893. Daniel (4 July 2006)
  4894. - Toshiyuki Maezawa fixed a problem where you couldn't override the
  4895. Proxy-Connection: header when using a proxy and not doing CONNECT.
  4896. Daniel (24 June 2006)
  4897. - Michael Wallner added curl_formget(), which allows an application to extract
  4898. (serialise) a previously built formpost (as with curl_formadd()).
  4899. Daniel (23 June 2006)
  4900. - Arve Knudsen found a flaw in curl_multi_fdset() for systems where
  4901. curl_socket_t is unsigned (like Windows) that could cause it to wrongly
  4902. return a max fd of -1.
  4903. Daniel (20 June 2006)
  4904. - Peter Silva introduced CURLOPT_MAX_SEND_SPEED_LARGE and
  4905. CURLOPT_MAX_RECV_SPEED_LARGE that limit tha maximum rate libcurl is allowed
  4906. to send or receive data. This kind of adds the the command line tool's
  4907. option --limit-rate to the library.
  4908. The rate limiting logic in the curl app is now removed and is instead
  4909. provided by libcurl itself. Transfer rate limiting will now also work for -d
  4910. and -F, which it didn't before.
  4911. Daniel (19 June 2006)
  4912. - Made -K on a file that couldn't be read cause a warning to be displayed.
  4913. Daniel (13 June 2006)
  4914. - Dan Fandrich implemented --enable-hidden-symbols configure option to enable
  4915. -fvisibility=hidden on gcc >= 4.0. This reduces the size of the libcurl
  4916. binary and speeds up dynamic linking by hiding all the internal symbols from
  4917. the symbol table.
  4918. Version 7.15.4 (12 June 2006)
  4919. Daniel (8 June 2006)
  4920. - Brian Dessent fixed the code for cygwin in three distinct ways:
  4921. The first modifies {lib,src}/setup.h to not include the winsock headers
  4922. under Cygwin. This fixes the reported build problem. Cygwin attempts as
  4923. much as possible to emulate a posix environment under Windows. This means
  4924. that WIN32 is *not* #defined and (to the extent possible) everything is done
  4925. as it would be on a *ix type system. Thus <sys/socket.h> is the proper
  4926. include, and even though winsock2.h is present, including it just introduces
  4927. a whole bunch of incompatible socket API stuff.
  4928. The second is a patch I've included in the Cygwin binary packages for a
  4929. while. It skips two unnecessary library checks (-lwinmm and -lgdi32). The
  4930. checks are innocuous and they do succeed, but they pollute LIBS with
  4931. unnecessary stuff which gets recorded as such in the libcurl.la file, which
  4932. brings them into the build of any libcurl-downstream. As far as I know
  4933. these libs are really only necessary for mingw, so alternatively they could
  4934. be designed to only run if $host matches *-*-mingw* but I took the safer
  4935. route of skipping them for *-*-cygwin*.
  4936. The third patch replaces all uses of the ancient and obsolete __CYGWIN32__
  4937. with __CYGWIN__. Ref: <http://cygwin.com/ml/cygwin/2003-09/msg01520.html>.
  4938. Daniel (7 June 2006)
  4939. - Mikael Sennerholm provided a patch that added NTLM2 session response support
  4940. to libcurl. The 21 NTLM test cases were again modified to comply...
  4941. Daniel (27 May 2006)
  4942. - Óscar Morales Vivó updated the libcurl.framework.make file.
  4943. Daniel (26 May 2006)
  4944. - Olaf Stüben fixed a bug that caused Digest authentication with md5-sess to
  4945. fail. When using the md5-sess, the result was not Md5 encoded and Base64
  4946. transformed.
  4947. Daniel (25 May 2006)
  4948. - Michael Wallner provided a patch that allows "SESS" to be set with
  4949. CURLOPT_COOKIELIST, which then makes all session cookies get cleared.
  4950. Daniel (24 May 2006)
  4951. - Tor Arntsen made test 271 run fine again since the TFTP path fix.
  4952. Daniel (23 May 2006)
  4953. - Martin Michlmayr filed debian bug report #367954, but the same error also
  4954. showed up in the autobuilds. It seems a rather long-since introduced shell
  4955. script flaw in the configure script suddenly was detected by the bash
  4956. version in Debian Unstable. It had previously passed undetected by all
  4957. shells used so far...
  4958. - David McCreedy updated lib/config-tpf.h
  4959. Daniel (11 May 2006)
  4960. - Fixed the configure's check for old-style SSLeay headers since I fell over a
  4961. case with a duplicate file name (a krb4 implementation with an err.h
  4962. file). I converted the check to manually make sure three of the headers are
  4963. present before considering them fine.
  4964. - David McCreedy provided a fix for CURLINFO_LASTSOCKET that does extended
  4965. checks on the to-be-returned socket to make sure it truly seems to be alive
  4966. and well. For SSL connection it (only) uses OpenSSL functions.
  4967. Daniel (10 May 2006)
  4968. - Fixed DICT in two aspects:
  4969. 1 - allow properly URL-escaped words, like using %20 for spaces
  4970. 2 - properly escape certain letters within a word to comply to the RFC2229
  4971. Daniel (9 May 2006)
  4972. - Andreas Ntaflos reported a bug in libcurl.m4: When configuring my GNU
  4973. autotools project, which optionally (default=yes) uses libcurl on a system
  4974. without a (usable) libcurl installation, but not specifying
  4975. `--without-libcurl', configure determines correctly that no libcurl is
  4976. available, however, the LIBCURL variable gets expanded to `LIBCURL = -lcurl'
  4977. in the resulting Makefiles.
  4978. David Shaw fixed the flaw.
  4979. - Robson Braga Araujo fixed two problems in the recently added non-blocking SSL
  4980. connects. The state machine was not reset properly so that subsequent
  4981. connects using the same handle would fail, and there were two memory leaks.
  4982. - Robson Braga Araujo fixed a memory leak when you added an easy handle to a
  4983. multi stack and that easy handle had already been used to do one or more
  4984. easy interface transfers, as then the code threw away the previously used
  4985. DNS cache without properly freeing it.
  4986. Daniel (8 May 2006)
  4987. - Dan Fandrich went over the TFTP code and he pointed out and fixed numerous
  4988. problems:
  4989. * The received file is corrupted when a packet is lost and retransmitted
  4990. (this is a serious problem!)
  4991. * Transmitting a file aborts if a block is lost and retransmitted
  4992. * Data is stored in the wrong location in the buffer for uploads, so uploads
  4993. always fail (I don't see how it could have ever worked, but it did on x86
  4994. at least)
  4995. * A number of calls are made to strerror instead of Curl_strerror, making
  4996. the code not thread safe
  4997. * There are references to errno instead of Curl_sockerrno(), causing
  4998. incorrect error messages on Windows
  4999. * The file name includes a leading / which violates RFC3617. Doing something
  5000. similar to ftp, where two slashes after the host name means an absolute
  5001. reference seems a reasonable extension to fix this.
  5002. * Failures in EBCDIC conversion are not propagated up to the caller but are
  5003. silently ignored
  5004. - Fixed known bug #28. The TFTP code no longer assumes a packed struct and
  5005. thus works reliably on more platforms.
  5006. Daniel (5 May 2006)
  5007. - Roland Blom filed bug report #1481217
  5008. (http://curl.haxx.se/bug/view.cgi?id=1481217), with follow-ups by Michele
  5009. Bini and David Byron. libcurl previously wrongly used GetLastError() on
  5010. windows to get error details after socket-related function calls, when it
  5011. really should use WSAGetLastError() instead.
  5012. When changing to this, the former function Curl_ourerrno() is now instead
  5013. called Curl_sockerrno() as it is necessary to only use it to get errno from
  5014. socket-related functions as otherwise it won't work as intended on Windows.
  5015. Daniel (4 May 2006)
  5016. - Mark Eichin submitted bug report #1480821
  5017. (http://curl.haxx.se/bug/view.cgi?id=1480821) He found and identified a
  5018. problem with how libcurl dealt with GnuTLS and a case where gnutls returned
  5019. GNUTLS_E_AGAIN indicating it would block. It would then return an unexpected
  5020. return code, making Curl_ssl_send() confuse the upper layer - causing random
  5021. 28 bytes trash data to get inserted in the transfered stream.
  5022. The proper fix was to make the Curl_gtls_send() function return the proper
  5023. return codes that the callers would expect. The Curl_ossl_send() function
  5024. already did this.
  5025. Daniel (2 May 2006)
  5026. - Added a --checkfor option to curl-config to allow users to easier
  5027. write for example shell scripts that test for the presence of a
  5028. new-enough libcurl version. If --checkfor is given a version string
  5029. newer than what is currently installed, curl-config will return a
  5030. non-zero exit code and output a string about the unfulfilled
  5031. requirement.
  5032. Daniel (26 April 2006)
  5033. - David McCreedy brought initial line end conversions when doing FTP ASCII
  5034. transfers. They are done on non-windows systems and translate CRLF to LF.
  5035. I modified the 15 LIST-using test cases accordingly. The downside is that now
  5036. we'll have even more trouble to get the tests to run on Windows since they
  5037. should get CRLF newlines left intact which the *nix versions don't. I figure
  5038. the only sane thing to do is to add some kind of [newline] macro for the test
  5039. case files and have them expanded to the proper native line ending when the
  5040. test cases are run. This is however left to implement.
  5041. Daniel (25 April 2006)
  5042. - Paul Querna fixed libcurl to better deal with deflate content encoding
  5043. when the stream (wrongly) lacks a proper zlib header. This seems to be the
  5044. case on too many actual server implementations.
  5045. Daniel (21 April 2006)
  5046. - Ale Vesely fixed CURLOPT_INTERFACE when using a hostname.
  5047. Daniel (19 April 2006)
  5048. - Based on previous info from Tor Arntsen, I made configure detect the Intel
  5049. ICC compiler to add a compiler option for it, in order for configure to
  5050. properly be able to detect function prototypes.
  5051. - Robson Braga Araujo provided a patch that makes libcurl less eager to close
  5052. the control connection when using FTP, for example when you remove an easy
  5053. handle from a multi stack.
  5054. - Applied a patch by Ates Goral and Katie Wang that corrected my bad fix
  5055. attempt from April 10.
  5056. Daniel (11 April 2006)
  5057. - #1468330 (http://curl.haxx.se/bug/view.cgi?id=1468330) pointed out a bad
  5058. typecast in the curl tool leading to a crash with (64bit?) VS2005 (at least)
  5059. since the struct timeval field tv_sec is an int while time_t is 64bit.
  5060. Daniel (10 April 2006)
  5061. - Ates Goral found out that if you specified both CURLOPT_CONNECTTIMEOUT and
  5062. CURLOPT_TIMEOUT, the _longer_ time would wrongly be used for the SSL
  5063. connection time-out!
  5064. - I merged my hiper patch (http://curl.haxx.se/libcurl/hiper/) into the main
  5065. sources. See the lib/README.multi_socket for implementation story with
  5066. details. Don't expect it to work fully yet. I don't intend to blow any
  5067. whistles or ring any bells about it until I'm more convinced it works at
  5068. least somewhat reliably.
  5069. Daniel (7 April 2006)
  5070. - David McCreedy's EBCDIC and TPF changes. Three new curl_easy_setopt()
  5071. options (callbacks) were added:
  5072. CONV_FROM_NETWORK_FUNCTION
  5073. CONV_TO_NETWORK_FUNCTION
  5074. CONV_FROM_UTF8_FUNCTION
  5075. Daniel (5 April 2006)
  5076. - Michele Bini modified the NTLM code to work for his "weird IIS case"
  5077. (http://curl.haxx.se/mail/lib-2006-02/0154.html) by adding the NTLM hash
  5078. function in addition to the LM one and making some other adjustments in the
  5079. order the different parts of the data block are sent in the Type-2 reply.
  5080. Inspiration for this work was taken from the Firefox NTLM implementation.
  5081. I edited the existing 21(!) NTLM test cases to run fine with these news. Due
  5082. to the fact that we now properly include the host name in the Type-2 message
  5083. the test cases now only compare parts of that chunk.
  5084. Daniel (28 March 2006)
  5085. - #1451929 (http://curl.haxx.se/bug/view.cgi?id=1451929) detailed a bug that
  5086. occurred when asking libcurl to follow HTTP redirects and the original URL
  5087. had more than one question mark (?). Added test case 276 to verify.
  5088. Daniel (27 March 2006)
  5089. - David Byron found a problem multiple -d options when libcurl was built with
  5090. --enable-debug, as then curl used free() on memory allocated both with
  5091. normal malloc() and with libcurl-provided functions, when the latter MUST be
  5092. freed with curl_free() in debug builds.
  5093. Daniel (26 March 2006)
  5094. - Tor Arntsen figured out that TFTP was broken on a lot of systems since we
  5095. called bind() with a too big argument in the 3rd parameter and at least
  5096. Tru64, AIX and IRIX seem to be very picky about it.
  5097. Daniel (21 March 2006)
  5098. - David McCreedy added CURLINFO_FTP_ENTRY_PATH.
  5099. - Xavier Bouchoux made the SSL connection non-blocking for the multi interface
  5100. (when using OpenSSL).
  5101. - Tor Arntsen fixed the AIX Toolbox RPM spec
  5102. Daniel (20 March 2006)
  5103. - David McCreedy fixed libcurl to no longer ignore AUTH failures and now it
  5104. reacts properly according to the CURLOPT_FTP_SSL setting.
  5105. - Dan Fandrich fixed two TFTP problems: Fixed a bug whereby a received file
  5106. whose length was a multiple of 512 bytes could have random garbage
  5107. appended. Also, stop processing TFTP packets which are too short to be
  5108. legal.
  5109. - Ilja van Sprundel reported a possible crash in the curl tool when using
  5110. "curl hostwithoutslash -d data -G"
  5111. Version 7.15.3 (20 March 2006)
  5112. Daniel (20 March 2006)
  5113. - VULNERABILITY reported to us by Ulf Harnhammar.
  5114. libcurl uses the given file part of a TFTP URL in a manner that allows a
  5115. malicious user to overflow a heap-based memory buffer due to the lack of
  5116. boundary check.
  5117. This overflow happens if you pass in a URL with a TFTP protocol prefix
  5118. ("tftp://"), using a valid host and a path part that is longer than 512
  5119. bytes.
  5120. The affected flaw can be triggered by a redirect, if curl/libcurl is told to
  5121. follow redirects and an HTTP server points the client to a tftp URL with the
  5122. characteristics described above.
  5123. The Common Vulnerabilities and Exposures (CVE) project has assigned the name
  5124. CVE-2006-1061 to this issue.
  5125. Daniel (16 March 2006)
  5126. - Tor Arntsen provided a RPM spec file for AIX Toolbox, that now is included
  5127. in the release archive.
  5128. Daniel (14 March 2006)
  5129. - David McCreedy fixed:
  5130. a bad SSL error message when OpenSSL certificates are verified fine.
  5131. a missing return code assignment in the FTP code
  5132. Daniel (7 March 2006)
  5133. - Markus Koetter filed debian bug report #355715 which identified a problem
  5134. with the multi interface and multi-part formposts. The fix from February
  5135. 22nd could make the Curl_done() function get called twice on the same
  5136. connection and it was not designed for that and thus tried to call free() on
  5137. an already freed memory area!
  5138. - Peter Heuchert made sure the CURLFTPSSL_CONTROL setting for CURLOPT_FTP_SSL
  5139. is used properly.
  5140. Daniel (6 March 2006)
  5141. - Lots of users on Windows have reported getting the "SSL: couldn't set
  5142. callback" error message so I've now made the setting of that callback not be
  5143. as critical as before. The function is only used for additional loggging/
  5144. trace anyway so a failure just means slightly less data. It should still be
  5145. able to proceed and connect fine to the server.
  5146. Daniel (4 March 2006)
  5147. - Thomas Klausner provided a patch written by Todd Vierling in bug report
  5148. #1442471 that fixes a build problem on Interix.
  5149. Daniel (2 March 2006)
  5150. - FTP upload without a file name part in the URL now causes
  5151. curl_easy_perform() to return CURLE_URL_MALFORMAT. Previously it allowed the
  5152. upload but named the file "(nil)" (without the quotes). Test case 524
  5153. verifies.
  5154. - Added a check for getprotobyname in configure so that it'll be used, thanks
  5155. to Gisle Vanem's change the other day.
  5156. Daniel (28 February 2006)
  5157. - Dan Fandrich prevented curl from getting stuck in an endless loop in case we
  5158. are out of file handles very early in curl's code where it makes sure that
  5159. 0, 1 and 2 aren't gonna be used by the lib for transfers.
  5160. Daniel (27 February 2006)
  5161. - Marty Kuhrt pointed out that there were two VMS-specific files missing in
  5162. the release archive.
  5163. Version 7.15.2 (27 February 2006)
  5164. Daniel (22 February 2006)
  5165. - Lots of work and analysis by "xbx___" in bug #1431750
  5166. (http://curl.haxx.se/bug/view.cgi?id=1431750) helped me identify and fix two
  5167. different but related bugs:
  5168. 1) Removing an easy handle from a multi handle before the transfer is done
  5169. could leave a connection in the connection cache for that handle that is
  5170. in a state that isn't suitable for re-use. A subsequent re-use could then
  5171. read from a NULL pointer and segfault.
  5172. 2) When an easy handle was removed from the multi handle, there could be an
  5173. outstanding c-ares DNS name resolve request. When the response arrived,
  5174. it caused havoc since the connection struct it "belonged" to could've
  5175. been freed already.
  5176. Now Curl_done() is called when an easy handle is removed from a multi handle
  5177. pre-maturely (that is, before the transfer was complteted). Curl_done() also
  5178. makes sure to cancel all (if any) outstanding c-ares requests.
  5179. Daniel (21 February 2006)
  5180. - Peter Su added support for SOCKS4 proxies. Enable this by setting the proxy
  5181. type to the already provided type CURLPROXY_SOCKS4.
  5182. I added a --socks4 option that works like the current --socks5 option but
  5183. instead use the socks4 protocol.
  5184. Daniel (20 February 2006)
  5185. - Shmulik Regev fixed an issue with multi-pass authentication and compressed
  5186. content when libcurl didn't honor the internal ignorebody flag.
  5187. Daniel (18 February 2006)
  5188. - Ulf Härnhammar fixed a format string (printf style) problem in the Negotiate
  5189. code. It should however not be the cause of any troubles. He also fixed a
  5190. few similar problems in the HTTP test server code.
  5191. Daniel (17 February 2006)
  5192. - Shmulik Regev provided a fix for the DNS cache when using short life times,
  5193. as previously it could be holding on to old cached entries longer than
  5194. requested.
  5195. Daniel (11 February 2006)
  5196. - Karl Moerder added the CURLOPT_CONNECT_ONLY and CURLINFO_LASTSOCKET options
  5197. that an app can use to let libcurl only connect to a remote host and then
  5198. extract the socket from libcurl. libcurl will then not attempt to do any
  5199. transfer at all after the connect is done.
  5200. - Kent Boortz improved the configure check for GnuTLS to properly set LIBS
  5201. instead of LDFLAGS.
  5202. Daniel (8 February 2006)
  5203. - Philippe Vaucher provided a brilliant piece of test code that show a problem
  5204. with re-used FTP connections. If the second request on the same connection
  5205. was set not to fetch a "body", libcurl could get confused and consider it an
  5206. attempt to use a dead connection and would go acting mighty strange.
  5207. Daniel (2 February 2006)
  5208. - Make --limit-rate [num] mean bytes. It used to be that but it broke in my
  5209. change done in November 2005.
  5210. Daniel (30 January 2006)
  5211. - Added CURLOPT_LOCALPORT and CURLOPT_LOCALPORTRANGE to libcurl. Set with the
  5212. curl tool with --local-port. Plain and simply set the range of ports to bind
  5213. the local end of connections to. Implemented on to popular demand.
  5214. - Based on an error report by Philippe Vaucher, we no longer count a retried
  5215. connection setup as a follow-redirect. It turns out 1) this fails when a FTP
  5216. connection is re-setup and 2) it does make the max-redirs counter behave
  5217. wrong.
  5218. Daniel (24 January 2006)
  5219. - Michal Marek provided a patch for FTP that makes libcurl continue to try
  5220. PASV even after EPSV returned a positive response code, if libcurl failed to
  5221. connect to the port number the EPSV response said. Obviously some people are
  5222. going through protocol-sensitive firewalls (or similar) that don't
  5223. understand EPSV and then they don't allow the second connection unless PASV
  5224. was used. This also called for a minor fix of test case 238.
  5225. Daniel (20 January 2006)
  5226. - Duane Cathey was one of our friends who reported that curl -P [IP]
  5227. (CURLOPT_FTPPORT) didn't work for ipv6-enabed curls if the IP wasn't a
  5228. "native" IP while it works fine for ipv6-disabled builds!
  5229. In the process of fixing this, I removed the support for LPRT since I can't
  5230. think of many reasons to keep doing it and asking on the mailing list didn't
  5231. reveal anyone else that could either. The code that sends EPRT and PORT is
  5232. now also a lot simpler than before (IMHO).
  5233. Daniel (19 January 2006)
  5234. - Jon Turner pointed out that doing -P [hostname] (CURLOPT_FTPPORT) with curl
  5235. (built ipv4-only) didn't work.
  5236. Daniel (18 January 2006)
  5237. - As reported in bug #1408742 (http://curl.haxx.se/bug/view.cgi?id=1408742),
  5238. the configure script complained about a missing "missing" script if you ran
  5239. configure within a path whose name included one or more spaces. This is due
  5240. to a flaw in automake (1.9.6 and earlier). I've now worked around it by
  5241. including an "overloaded" version of the AM_MISSING_HAS_RUN script that'll
  5242. be used instead of the one automake ships with. This kludge needs to be
  5243. removed once we get an automake version with this problem corrected.
  5244. Possibly we'll then need to convert this into a kludge depending on what
  5245. automake version that is used and that is gonna be painful and I don't even
  5246. want to think about that now...!
  5247. Daniel (17 January 2006)
  5248. - David Shaw: Here is the latest libcurl.m4 autoconf tests. It is updated with
  5249. the latest features and protocols that libcurl supports and has a minor fix
  5250. to better deal with the obscure case where someone has more than one libcurl
  5251. installed at the same time.
  5252. Daniel (16 January 2006)
  5253. - David Shaw finally removed all traces of Gopher and we are now officially
  5254. not supporting it. It hasn't been functioning for years anyway, so this is
  5255. just finally stating what already was true. And a cleanup at the same time.
  5256. - Bryan Henderson turned the 'initialized' variable for curl_global_init()
  5257. into a counter, and thus you can now do multiple curl_global_init() and you
  5258. are then supposed to do the same amount of calls to curl_global_cleanup().
  5259. Bryan has also updated the docs accordingly.
  5260. Daniel (13 January 2006)
  5261. - Andrew Benham fixed a race condition in the test suite that could cause the
  5262. test script to kill all processes in the current process group!
  5263. Daniel (12 January 2006)
  5264. - Michael Jahn:
  5265. Fixed FTP_SKIP_PASV_IP and FTP_USE_EPSV to "do right" when used on FTP thru
  5266. HTTP proxy.
  5267. Fixed PROXYTUNNEL to work fine when you do ftp through a proxy. It would
  5268. previously overwrite internal memory and cause unpredicted behaviour!
  5269. Daniel (11 January 2006)
  5270. - I decided to document the "secret option" here now, as I've received *NO*
  5271. feedback at all on my mailing list requests from November 2005:
  5272. I'm looking for feedback and comments. I added some experimental code the
  5273. other day, that allows a libcurl user to select what method libcurl should
  5274. use to reach a file on a FTP(S) server.
  5275. This functionality is available in CVS code and in recent daily snapshots.
  5276. Let me explain...
  5277. The current name for the option is CURLOPT_FTP_FILEMETHOD (--ftp-method for
  5278. the command line tool) and you set it to a long (there are currenly no
  5279. defines for the argument values, just plain numericals). You can set three
  5280. different "methods" that do this:
  5281. 1 multicwd - like today, curl will do a single CWD operation for each path
  5282. part in the given URL. For deep hierarchies this means very many
  5283. commands. This is how RFC1738 says it should be done. This is the
  5284. default.
  5285. 2 nocwd - no CWD at all is done, curl will do SIZE, RETR, STOR etc and give
  5286. a full path to the server.
  5287. 3 singlecwd - make one CWD with the full target directory and then operate
  5288. on the file "normally".
  5289. (With the command line tool you do --ftp-method [METHOD], where [METHOD] is
  5290. one of "multicwd", "nocwd" or "singlecwd".)
  5291. What feedback I'm interested in:
  5292. 1 - Do they work at all? Do you find servers where one of these don't work?
  5293. 2 - What would proper names for the option and its arguments be, if we
  5294. consider this feature good enough to get included and documented in
  5295. upcoming releases?
  5296. 3 - Should we make libcurl able to "walk through" these options in case of
  5297. (path related) failures, or should it fail and let the user redo any
  5298. possible retries?
  5299. (This option is not documented in any man page just yet since I'm not sure
  5300. these names will be used or if the functionality will end up exactly like
  5301. this. And for the same reasons we have no test cases for these yet.)
  5302. Daniel (10 January 2006)
  5303. - When using a bad path over FTP, as in when libcurl couldn't CWD into all
  5304. given subdirs, libcurl would still "remember" the full path as if it is the
  5305. current directory libcurl is in so that the next curl_easy_perform() would
  5306. get really confused if it tried the same path again - as it would not issue
  5307. any CWD commands at all, assuming it is already in the "proper" dir.
  5308. Starting now, a failed CWD command sets a flag that prevents the path to be
  5309. "remembered" after returning.
  5310. Daniel (7 January 2006)
  5311. - Michael Jahn fixed so that the second CONNECT when doing FTP over a HTTP
  5312. proxy actually used a new connection and not sent the second request on the
  5313. first socket!
  5314. Daniel (6 January 2006)
  5315. - Alexander Lazic made the buildconf run the buildconf in the ares dir if that
  5316. is present instead of trying to mimic that script in curl's buildconf
  5317. script.
  5318. Daniel (3 January 2006)
  5319. - Andres Garcia made the TFTP test server build with mingw.
  5320. Daniel (16 December 2005)
  5321. - Jean Jacques Drouin pointed out that you could only have a user name or
  5322. password of 127 bytes or less embedded in a URL, where actually the code
  5323. uses a 255 byte buffer for it! Modified now to use the full buffer size.
  5324. Daniel (12 December 2005)
  5325. - Dov Murik corrected the HTTP_ONLY define to disable the TFTP support properly
  5326. Version 7.15.1 (7 December 2005)
  5327. Daniel (6 December 2005)
  5328. - Full text here: http://curl.haxx.se/docs/adv_20051207.html Pointed out by
  5329. Stefan Esser.
  5330. VULNERABILITY
  5331. libcurl's URL parser function can overflow a malloced buffer in two ways, if
  5332. given a too long URL.
  5333. These overflows happen if you
  5334. 1 - pass in a URL with no protocol (like "http://") prefix, using no slash
  5335. and the string is 256 bytes or longer. This leads to a single zero byte
  5336. overflow of the malloced buffer.
  5337. 2 - pass in a URL with only a question mark as separator (no slash) between
  5338. the host and the query part of the URL. This leads to a single zero byte
  5339. overflow of the malloced buffer.
  5340. Both overflows can be made with the same input string, leading to two single
  5341. zero byte overwrites.
  5342. The affected flaw cannot be triggered by a redirect, but the long URL must
  5343. be passed in "directly" to libcurl. It makes this a "local" problem. Of
  5344. course, lots of programs may still pass in user-provided URLs to libcurl
  5345. without doing much syntax checking of their own, allowing a user to exploit
  5346. this vulnerability.
  5347. There is no known exploit at the time of this writing.
  5348. Daniel (2 December 2005)
  5349. - Jamie Newton pointed out that libcurl's file:// code would close() a zero
  5350. file descriptor if given a non-existing file.
  5351. Daniel (24 November 2005)
  5352. - Doug Kaufman provided a set of patches to make curl build fine on DJGPP
  5353. again using configure.
  5354. - Yang Tse provided a whole series of patches to clear up compiler warnings on
  5355. MSVC 6.
  5356. Daniel (17 November 2005)
  5357. - I extended a patch from David Shaw to make libcurl _always_ provide an error
  5358. string in the given error buffer to address the flaw mention on 21 sep 2005.
  5359. Daniel (16 November 2005)
  5360. - Applied Albert Chin's patch that makes the libcurl.pc pkgconfig file get
  5361. installed on 'make install' time.
  5362. Daniel (14 November 2005)
  5363. - Quagmire reported that he needed to raise a NTLM buffer for SSPI to work
  5364. properly for a case, and so we did. We raised it even for non-SSPI builds
  5365. but it should not do any harm. http://curl.haxx.se/bug/view.cgi?id=1356715
  5366. - Jan Kunder's debian bug report
  5367. http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=338680 identified a weird
  5368. error message for when you try to upload a file and the requested directory
  5369. doesn't exist on the target server.
  5370. - Yang Tse fixed compiler warnings in lib/ssluse.c with OpenSSL 0.9.8 and in
  5371. lib/memdebug.h that showed up in his msvc builds.
  5372. Daniel (13 November 2005)
  5373. - Debian bug report 338681 by Jan Kunder: make curl better detect and report
  5374. bad limit-rate units:
  5375. http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=338681 Now curl will return
  5376. error if a bad unit is used.
  5377. - Thanks to this nice summary of poll() implementations:
  5378. http://www.greenend.org.uk/rjk/2001/06/poll.html and further tests by Eugene
  5379. Kotlyarov, we now know that cygwin's poll returns only POLLHUP on remote
  5380. connectin closure so we check for that case (too) and re-enable poll for
  5381. cygwin builds.
  5382. Daniel (12 November 2005)
  5383. - Eugene Kotlyarov found out that cygwin's poll() function isn't doing things
  5384. right: http://curl.haxx.se/mail/archive-2005-11/0045.html so we now disable
  5385. poll() and use select() on cygwin too (we already do the same choice on Mac
  5386. OS X)
  5387. - Dima Barsky patched problem #1348930: the GnuTLS code completely ignored
  5388. client certificates! (http://curl.haxx.se/bug/view.cgi?id=1348930).
  5389. Daniel (10 November 2005)
  5390. - David Lang fixed IPv6 support for TFTP!
  5391. - Introducing range stepping to the curl globbing support. Now you can specify
  5392. step counter by adding :[num] within the brackets when specifying a range:
  5393. [1-100:10]
  5394. [a-z:2]
  5395. If no step counter is set, it defaults to 1 as before:
  5396. [1-100]
  5397. [d-h]
  5398. Daniel (8 November 2005)
  5399. - Removed the use of AI_CANONNAME in the IPv6-enabled resolver functions since
  5400. we really have no use for reverse lookups of the address.
  5401. I truly hope these are the last reverse lookups we had lingering in the
  5402. code!
  5403. - Dmitry Bartsevich discovered some issues in compatibilty of SSPI-enabled
  5404. version of libcurl with different Windows versions. Current version of
  5405. libcurl imports SSPI functions from secur32.dll. However, under Windows NT
  5406. 4.0 these functions are located in security.dll, under Windows 9x - in
  5407. secur32.dll and Windows 2000 and XP contains both these DLLs (security.dll
  5408. just forwards calls to secur32.dll).
  5409. Dmitry's patch loads proper library dynamically depending on Windows
  5410. version. Function InitSecurityInterface() is used to obtain pointers to all
  5411. of SSPI function in one structure.
  5412. Daniel (31 October 2005)
  5413. - Vilmos Nebehaj improved libcurl's LDAP abilities:
  5414. The LDAP code in libcurl can't handle LDAP servers of LDAPv3 nor binary
  5415. attributes in LDAP objects. So, I made a quick patch to address these
  5416. problems.
  5417. The solution is simple: if we connect to an LDAP server, first try LDAPv3
  5418. (which is the preferred protocol as of now) and then fall back to LDAPv2.
  5419. In case of binary attributes, we first convert them to base64, just like the
  5420. openldap client does. It uses ldap_get_values_len() instead of
  5421. ldap_get_values() to be able to retrieve binary attributes correctly. I
  5422. defined the necessary LDAP macros in lib/ldap.c to be able to compile
  5423. libcurl without the presence of libldap
  5424. Daniel (27 October 2005)
  5425. - Nis Jorgensen filed bug report #1338648
  5426. (http://curl.haxx.se/bug/view.cgi?id=1338648) which really is more of a
  5427. feature request, but anyway. It pointed out that --max-redirs did not allow
  5428. it to be set to 0, which then would return an error code on the first
  5429. Location: found. Based on Nis' patch, now libcurl supports CURLOPT_MAXREDIRS
  5430. set to 0, or -1 for infinity. Added test case 274 to verify.
  5431. - tommink[at]post.pl reported in bug report #1337723
  5432. (http://curl.haxx.se/bug/view.cgi?id=1337723) that curl could not upload
  5433. binary data from stdin on Windows if the data contained control-Z (hex 1a)
  5434. since that is treated as end-of-file when read in text mode. Gisle Vanem
  5435. pointed out the fix, and I made both -T and --data-binary take advantage of
  5436. it.
  5437. - Jaz Fresh pointed out that if you used "-r [number]" as was wrongly described
  5438. in the man page, curl would send an invalid HTTP Range: header. The correct
  5439. way would be to use "-r [number]-" or even "-r -[number]". Starting now,
  5440. curl will warn if this is discovered, and automatically append a dash to the
  5441. range before passing it to libcurl.
  5442. Daniel (25 October 2005)
  5443. - Amol Pattekar reported a bug with great detail and a fine example in bug
  5444. #1326306 (http://curl.haxx.se/bug/view.cgi?id=1326306). When using the multi
  5445. interface and connecting to a host with multiple IP addresses, and one of
  5446. the addresses fails to connect (the server must exist and respond, just not
  5447. accept connections) libcurl leaks a socket descriptor. Thanks to the fine
  5448. report, I could find and fix this.
  5449. Daniel (22 October 2005)
  5450. - Dima Barsky reported a problem with GnuTLS-enabled libcurl in bug report
  5451. #1334338 (http://curl.haxx.se/bug/view.cgi?id=1334338). When reading an SSL
  5452. stream from a server and the server requests a "rehandshake", the current
  5453. code simply returns this as an error. I have no good way to test this, but
  5454. I've added a crude attempt of dealing with this situation slightly better -
  5455. it makes a blocking handshake if this happens. Done like this because fixing
  5456. this the "proper" way (that would handshake asynchronously) will require
  5457. quite some work and I really need a good way to test this to do such a
  5458. change.
  5459. Daniel (21 October 2005)
  5460. - "Ofer" reported a problem when libcurl re-used a connection and failed to do
  5461. it, it could then accidentally actually crash. Presumably, this concerns FTP
  5462. connections. http://curl.haxx.se/bug/view.cgi?id=1330310
  5463. - Temprimus improved the MSVC makefile so that the static debug SSL libs are
  5464. linked to the executable and not to the libcurld.lib
  5465. http://curl.haxx.se/bug/view.cgi?id=1326676
  5466. - Bradford Bruce made the windows resolver code properly return
  5467. CURLE_COULDNT_RESOLVE_PROXY and CURLE_COULDNT_RESOLVE_HOST on resolving
  5468. errors (as documented).
  5469. Daniel (20 October 2005)
  5470. - Dave Dribin made libcurl understand and handle cases when the server
  5471. (wrongly) sends *two* WWW-Authenticate headers for Digest. While this should
  5472. never happen in a sane world, libcurl previously got into an infinite loop
  5473. when this occurred. Dave added test 273 to verify this.
  5474. - Temprimus improved the MSVC makefile: "makes a build option available so if
  5475. you set rtlibcfg=static for the make, then it would build with /MT. The
  5476. default behaviour is /MD (the original)."
  5477. http://curl.haxx.se/bug/view.cgi?id=1326665
  5478. Daniel (14 October 2005)
  5479. - Reverted the LIBCURL_VERSION_NUM change from October 6. As Dave Dribin
  5480. reported, the define is used by the configure script and is assumed to use
  5481. the 0xYYXXZZ format. This made "curl-config --vernum" fail in the 7.15.0
  5482. release version.
  5483. Version 7.15.0 (13 October 2005)
  5484. Daniel (12 October 2005)
  5485. - Michael Sutton of iDEFENSE reported and I fixed a securitfy flaw in the NTLM
  5486. code that would overflow a buffer if given a too long user name or domain
  5487. name. This would happen if you enable NTLM authentication and either
  5488. A - pass in a user name and domain name to libcurl that together are longer
  5489. than 192 bytes
  5490. B - allow (lib)curl to follow HTTP "redirects" (Location: and the
  5491. appropriate HTTP 30x response code) and the new URL contains a URL with
  5492. a user name and domain name that together are longer than 192 bytes
  5493. See http://curl.haxx.se/docs/security.html for further details and updates
  5494. Daniel (5 October 2005)
  5495. - Darryl House reported a problem with using -z to download files from FTP.
  5496. It turned out that if the given time stamp was exact the same as the remote
  5497. time stamp, the file would still wrongly be downloaded. Added test case 272
  5498. to verify.
  5499. Daniel (4 October 2005)
  5500. - Domenico Andreoli fixed a man page malformat and removed odd (0xa0) bytes
  5501. from the configure script.
  5502. - Michael Wallner reported that the date parser had wrong offset stored for
  5503. the MEST and CEST time zones.
  5504. Daniel (27 September 2005)
  5505. - David Yan filed bug #1299181 (http://curl.haxx.se/bug/view.cgi?id=1299181)
  5506. that identified a silly problem with Content-Range: headers with the 'bytes'
  5507. keyword written in a different case than all lowercase! It would cause a
  5508. segfault!
  5509. - TJ Saunders of the proftpd project identified and pointed out problems with
  5510. the modified FTPS negotiation change of August 19 2005. Thus, we revert the
  5511. change back to pre-7.14.1 status.
  5512. Daniel (21 September 2005)
  5513. - Fixed "cut off" sentence in the libcurl-tutorial man page:
  5514. http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=329305
  5515. - Clarified in the curl_easy_setopt man page what the default
  5516. CURLOPT_WRITEFUNCTION and CURLOPT_WRITEDATA mean:
  5517. http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=329311
  5518. - Clarified in the curl_easy_setopt man page that CURLOPT_ERRORBUFFER
  5519. sometimes doesn't fill in the buffer even though it is supposed to:
  5520. http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=329313
  5521. - When CURLE_URL_MALFORMAT is returned due to a missing URL, it now has an
  5522. error string set.
  5523. Daniel (19 September 2005)
  5524. - Dmitry Bartsevich made the SSPI support work on Windows 9x as well.
  5525. Daniel (15 September 2005)
  5526. - Added a TFTP server to the test suite and made the test suite capable of
  5527. using it.
  5528. Daniel (7 September 2005)
  5529. - Ben Madsen's detailed reports that funnily enough only occurred with certain
  5530. glibc versions turned out to be curl using an already closed file handle
  5531. during certain conditions (like when saving FTP server "headers").
  5532. - Scott Davis helped me track down a problem in the test HTTP server that made
  5533. test case 56 wrongly fail at times. It turned out it was due to the server
  5534. finding the end of a chunked-encoded POST too early.
  5535. Daniel (6 September 2005)
  5536. - Now curl warns if an unknown variable is used in the -w/--writeout argument.
  5537. Daniel (4 September 2005)
  5538. - I applied Nicolas François' man page patch he posted to the Debian bug
  5539. tracker. It corrected two lines that started with apostrophes, which isn't
  5540. legal nroff format. http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=326511
  5541. - Added --ftp-skip-pasv-ip to the command line tool, that sets the new
  5542. CURLOPT_FTP_SKIP_PASV_IP option. It makes libcurl re-use the control
  5543. connection's IP address when setting up the data connection instead of
  5544. extractting the IP address from the PASV response. It has turned out this
  5545. feature is frequently needed by people to circumvent silly servers and silly
  5546. firewalls, especially when FTPS is used and the PASV command-response is
  5547. sent encrtyped.
  5548. Sponsored by CU*Answers
  5549. Daniel (1 September 2005)
  5550. - John Kelly added TFTP support to libcurl. A bunch of new error codes was
  5551. added. TODO: add them to docs. add TFTP server to test suite. add TFTP to
  5552. list of protocols whereever those are mentioned.
  5553. Version 7.14.1 (1 September 2005)
  5554. Daniel (29 August 2005)
  5555. - Kevin Lussier pointed out a problem with curllib.dsp and how to fix it.
  5556. - Igor Polyakov fixed a rather nasty problem with the threaded name resolver
  5557. for Windows, that could lead to an Access Violation when the multi interface
  5558. was used due to an issue with how the resolver thread was and was not
  5559. terminated.
  5560. - Simon Josefsson brought a patch that allows curl to get built to use GNU GSS
  5561. instead of MIT/Heimdal for GSS capabilities.
  5562. Daniel (24 August 2005)
  5563. - Toby Peterson added CURLOPT_IGNORE_CONTENT_LENGTH to the library, accessible
  5564. from the command line tool with --ignore-content-length. This will make it
  5565. easier to download files from Apache 1.x (and similar) servers that are
  5566. still having problems serving files larger than 2 or 4 GB. When this option
  5567. is enabled, curl will simply have to wait for the server to close the
  5568. connection to signal end of transfer. I wrote test case 269 that runs a
  5569. simple test to verify that this works.
  5570. - (Trying hard to exclude emotions now.) valgrind version 3 suddenly renamed
  5571. the --logfile command line option to --log-file, and thus the test script
  5572. valgrind autodetection now has yet another version check to do and then it
  5573. alters the valgrind command line accordingly.
  5574. - Fixed CA cert verification using GnuTLS with the default bundle, which
  5575. previously failed due to GnuTLS not allowing x509 v1 CA certs by default.
  5576. Ralph Mitchell reported.
  5577. Daniel (19 August 2005)
  5578. - Norbert Novotny had problems with FTPS and he helped me work out a patch
  5579. that made curl run fine in his end. The key was to make sure we do the
  5580. SSL/TLS negotiation immediately after the TCP connect is done and not after
  5581. a few other commands have been sent like we did previously. I don't consider
  5582. this change necessary to obey the standards, I think this server is pickier
  5583. than what the specs allow it to be, but I can't see how this modified
  5584. libcurl code can add any problems to those who are interpreting the
  5585. standards more liberally.
  5586. Daniel (17 August 2005)
  5587. - Jeff Pohlmeyer found out that if you ask libcurl to load a cookiefile (with
  5588. CURLOPT_COOKIEFILE), add a cookie (with CURLOPT_COOKIELIST), tell it to
  5589. write the result to a given cookie jar and then never actually call
  5590. curl_easy_perform() - the given file(s) to read was never read but the
  5591. output file was written and thus it caused a "funny" result.
  5592. - While doing some tests for the bug above, I noticed that Firefox generates
  5593. large numbers (for the expire time) in the cookies.txt file and libcurl
  5594. didn't treat them properly. Now it does.
  5595. Daniel (15 August 2005)
  5596. - Added more verbose "warning" messages to the curl client for cases where it
  5597. fails to open/read files etc to help users diagnose why it doesn't do what
  5598. you'd expect it to. Converted lots of old messages to use the new generic
  5599. function I wrote for this purpose.
  5600. Daniel (13 August 2005)
  5601. - James Bursa identified a libcurl HTTP bug and a good way to repeat it. If a
  5602. site responds with bad HTTP response that doesn't contain any header at all,
  5603. only a response body, and the write callback returns 0 to abort the
  5604. transfer, it didn't have any real effect but the write callback would be
  5605. called once more anyway.
  5606. Daniel (12 August 2005)
  5607. - Based on Richard Clayton's reports, I found out that using curl -d @filename
  5608. when 'filename' was not possible to access made curl use a GET request
  5609. instead.
  5610. - The time condition illegal syntax warning is now inhibited if -s is used.
  5611. Daniel (10 August 2005)
  5612. - Mario Schroeder found out that one of the debug callbacks calls that regards
  5613. SSL data with the CURLINFO_TEXT type claimed that the data was one byte
  5614. larger than it actually is, thus falsely telling the application that the
  5615. terminating zero was part of the data.
  5616. Daniel (9 August 2005)
  5617. - Christopher R. Palmer fixed the offsets used for date parsings when the time
  5618. zone name of a daylight savings time was used. For example, PDT vs PDS. This
  5619. flaw was introduced with the new date parser (11 sep 2004 - 7.12.2).
  5620. Fortunately, no web server or cookie string etc should be using such time
  5621. zone names thus limiting the effect of this bug.
  5622. Daniel (8 August 2005)
  5623. - Jon Grubbs filed bug report #1249962
  5624. (http://curl.haxx.se/bug/view.cgi?id=1249962) which identified a problem
  5625. with NTLM on a HTTP proxy if an FTP URL was given. libcurl now properly
  5626. switches to pure HTTP internally when an HTTP proxy is used, even for FTP
  5627. URLs. The problem would also occur with other multi-pass auth methods.
  5628. Daniel (7 August 2005)
  5629. - When curl is built with GnuTLS, curl-config didn't include "SSL" when
  5630. --features was used.
  5631. Daniel (28 July 2005)
  5632. - If any of the options CURLOPT_HTTPGET, CURLOPT_POST and CURLOPT_HTTPPOST is
  5633. set to 1, CURLOPT_NOBODY will now automatically be set to 0.
  5634. Daniel (27 July 2005)
  5635. - Dan Fandrich changes over the last week: fixed numerous minor configure
  5636. option parsing flaws: --without-gnutls, --without-spnego --without-gssapi
  5637. and --without-krb4. Spellfixed several error messages.
  5638. - Peteris Krumins added CURLOPT_COOKIELIST and CURLINFO_COOKIELIST, which is a
  5639. simple interface to extracting and setting cookies in libcurl's internal
  5640. "cookie jar". See the new cookie_interface.c example code.
  5641. Daniel (13 July 2005)
  5642. - Diego Casorran provided patches to make curl build fine on Amiga again.
  5643. Daniel (12 July 2005)
  5644. - Adrian Schuur added trailer support in the chunked encoding stream. The
  5645. trailer is then sent to the normal header callback/stream. I wrote up test
  5646. case 266 to verify the basic functionality. Do note that test case 34
  5647. contains a flawed chunked encoding stream that still works the same.
  5648. Daniel (5 July 2005)
  5649. - Gisle Vanem came up with a nice little work-around for bug #1230118
  5650. (http://curl.haxx.se/bug/view.cgi?id=1230118). It seems the Windows (MSVC)
  5651. libc time functions may return data one hour off if TZ is not set and
  5652. automatic DST adjustment is enabled. This made curl_getdate() return wrong
  5653. value, and it also concerned internal cookie expirations etc.
  5654. Daniel (4 July 2005)
  5655. - Andrew Bushnell provided enough info for me to tell that we badly needed to
  5656. fix the CONNECT authentication code with multi-pass auth methods (such as
  5657. NTLM) as it didn't previously properly ignore response-bodies - in fact it
  5658. stopped reading after all response headers had been received. This could
  5659. lead to libcurl sending the next request and reading the body from the first
  5660. request as response to the second request. (I also renamed the function,
  5661. which wasn't strictly necessary but...)
  5662. The best fix would to once and for all make the CONNECT code use the
  5663. ordinary request sending/receiving code, treating it as any ordinary request
  5664. instead of the special-purpose function we have now. It should make it
  5665. better for multi-interface too. And possibly lead to less code...
  5666. Added test case 265 for this. It doesn't work as a _really_ good test case
  5667. since the test proxy is too stupid, but the test case helps when running the
  5668. debugger to verify.
  5669. Daniel (30 June 2005)
  5670. - Dan Fandrich improved the configure script's ability to figure out what kind
  5671. of strerror_r() API that is used when cross-compiling. If __GLIB__ is
  5672. defined, it assumes the glibc API. If not, it issues a notice as before that
  5673. the user needs to manually edit lib/config.h for this.
  5674. Daniel (23 June 2005)
  5675. - David Shaw's fix that unifies proxy string treatment so that a proxy given
  5676. with CURLOPT_PROXY can use a http:// prefix and user + password. The user
  5677. and password fields are now also URL decoded properly. Test case 264 added
  5678. to verify.
  5679. Daniel (22 June 2005)
  5680. - David Shaw updated libcurl.m4
  5681. Daniel (14 June 2005)
  5682. - Gisle Vanem fixed a potential thread handle leak. Bug report #1216500
  5683. (http://curl.haxx.se/bug/view.cgi?id=1216500). Comment in
  5684. http://curl.haxx.se/mail/lib-2005-06/0059.html
  5685. Daniel (13 June 2005)
  5686. - Made buildconf run libtoolize in the ares dir too (inspired by Tupone's
  5687. reverted patch).
  5688. Daniel (9 June 2005)
  5689. - Incorporated Tupone's findtool fix in buildconf (slightly edited)
  5690. - Incorporated Tupone's head -n fix in buildconf.
  5691. Daniel (8 June 2005)
  5692. - Reverted Tupone's patch again, it broke numerous autobuilds. Let's apply it
  5693. in pieces, one by one and see what we need to adjust to work all over.
  5694. Daniel (6 June 2005)
  5695. - Tupone Alfredo fixed three problems in buildconf:
  5696. 1) findtool does look per tool in PATH and think ./perl is the perl
  5697. executable, while is just a local directory (I have . in the PATH)
  5698. 2) I got several warning for head -1 deprecated in favour of head -n 1
  5699. 3) ares directory is missing some file (missing is missing :-) ) because
  5700. automake and friends is not run.
  5701. Daniel (3 June 2005)
  5702. - Added docs/libcurl/getinfo-times, based on feedback from 'Edi':
  5703. http://curl.haxx.se/feedback/display.cgi?id=11178325798299&support=yes
  5704. - Andres Garcia provided yet another text mode patch for several test cases so
  5705. that they do text comparisions better on Windows (newline-wise).
  5706. Daniel (1 June 2005)
  5707. - The configure check for c-ares now adds the cares lib before the other libs,
  5708. to make it build fine with mingw. Inspired by Tupone Alfredo's bug report
  5709. and patch: http://curl.haxx.se/bug/view.cgi?id=1212940
  5710. Daniel (31 May 2005)
  5711. - Todd Kulesza reported a flaw in the proxy option, since a numerical IPv6
  5712. address was not possible to use. It is now, but requires it written
  5713. RFC2732-style, within brackets - which incidently is how you enter numerical
  5714. IPv6 addresses in URLs. Test case 263 added to verify.
  5715. Daniel (30 May 2005)
  5716. - Eric Cooper reported about a problem with HTTP servers that responds with
  5717. binary zeroes within the headers. They confused libcurl to do wrong so the
  5718. downloaded headers become incomplete. The fix is now verified with test case
  5719. 262. http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=310948
  5720. Daniel (25 May 2005)
  5721. - Fixed problems with the test suite, and in particular the FTP test cases
  5722. since it previously was failing every now and then in a nonsense manner.
  5723. - --trace-time now outputs the full microsecond, all 6 digits.
  5724. Daniel (24 May 2005)
  5725. - Andres Garcia provided a text mode patch for several test cases so that they
  5726. do text comparisions better on Windows (newline-wise).
  5727. - Any 2xx response (and not just 200) is now considered a fine response to
  5728. TYPE, as some servers obviously sends a 226 there. Added test case 261 to
  5729. verify. Based on a question/report by Georg Wicherski.
  5730. Daniel (20 May 2005)
  5731. - Improved runtests.pl to allow stdout tests to be mode=text as well, just
  5732. as file comparisons already supports. Added this info to the FILEFORMAT
  5733. docs.
  5734. Daniel (18 May 2005)
  5735. - John McGowan identified a problem in bug report #1204435
  5736. (http://curl.haxx.se/bug/view.cgi?id=1204435) with malformed URLs like
  5737. "http://somehost?data" as it added a slash too much in the request ("GET
  5738. /?data/"...). Added test case 260 to verify.
  5739. - The configure check for strerror_r() failed to detect the proper API at
  5740. times, like on HP-UX 10.20. Then lib/strerror.c badly assumed the glibc
  5741. version if the posix define wasn't set (since it _had_ found a strerror_r).
  5742. Daniel (16 May 2005)
  5743. - The gmtime_r() function in HP-UX 10.20 is broken. About 13 test cases fail
  5744. due to this. There's now a configure check that attempts to detect the bad
  5745. function and not use it on such systems.
  5746. Version 7.14.0 (16 May 2005)
  5747. Daniel (13 May 2005)
  5748. - Grigory Entin reported that curl's configure detects a fine poll() for Mac
  5749. OS X 10.4 (while 10.3 or later detected a "bad" one), but the executable
  5750. doesn't work as good as if built without poll(). I've adjusted the configure
  5751. to always skip the fine-poll() test on Mac OS X (darwin).
  5752. Daniel (12 May 2005)
  5753. - When doing a second request (after a disconnect) using the same easy handle,
  5754. over a proxy that uses NTLM authentication, libcurl failed to use NTLM again
  5755. properly (the auth method was accidentally reset to the same as had been set
  5756. for host auth, which defaults to Basic). Bug report #1200661
  5757. (http://curl.haxx.se/bug/view.cgi?id=1200661) identified the the problem and
  5758. the fix.
  5759. - If -z/--time-cond is used with an invalid date syntax, this is no longer
  5760. silently discarded. Instead a proper warning message is diplayed that
  5761. informs about it. But it still continues without the condition.
  5762. Version 7.14.0-pre2 (11 May 2005)
  5763. Daniel (11 May 2005)
  5764. - Starting now, libcurl sends a little different set of headers in its default
  5765. HTTP requests:
  5766. A) Normal non-proxy HTTP:
  5767. - no more "Pragma: no-cache" (this only makes sense to proxies)
  5768. B) Non-CONNECT HTTP request over proxy:
  5769. - "Pragma: no-cache" is used (like before)
  5770. - "Proxy-Connection: Keep-alive" (for older style 1.0-proxies)
  5771. C) CONNECT HTTP request over proxy:
  5772. - "Host: [name]:[port]"
  5773. - "Proxy-Connection: Keep-alive"
  5774. The A) case is mostly to reduce the default header size and remove a
  5775. pointless header.
  5776. The B) is to address (rare) problems with HTTP 1.0 proxies
  5777. The C) headers are both to address (rare) problems with some proxies. The
  5778. code in libcurl that deals with CONNECT requests need a rewrite, but it
  5779. feels like a too big a job for me to do now. Details are added in the code
  5780. comments for now.
  5781. Updated a large amount of test cases to reflect the news.
  5782. Daniel (10 May 2005)
  5783. - Half-baked attempt to bail out if select() returns _only_ errorfds when the
  5784. transfer is in progress. An attempt to fix Allan's problem. See
  5785. http://curl.haxx.se/mail/lib-2005-05/0073.html and the rest of that thread
  5786. for details.
  5787. I'm still not sure this is the right fix, but...
  5788. Version 7.14.0-pre1 (9 May 2005)
  5789. Daniel (2 May 2005)
  5790. - Sort of "fixed" KNOWN_BUGS #4: curl now builds IPv6 enabled on AIX 4.3. At
  5791. least it should no longer cause a compiler error. However, it does not have
  5792. AI_NUMERICHOST so we cannot getaddrinfo() any numerical addresses with it
  5793. (we use that for FTP PORT/EPRT)! So, I modified the configure check that
  5794. checks if the getaddrinfo() is working, to use AI_NUMERICHOST since then
  5795. it'll fail on AIX 4.3 and it will automatically build with IPv6 support
  5796. disabled.
  5797. - Added --trace-time that when used adds a time stamp to each trace line that
  5798. --trace, --trace-ascii and --verbose output. I also made the '>' display
  5799. separate each line on the linefeed so that HTTP requests etc look nicer in
  5800. the -v output.
  5801. - Made curl recognize the environment variables Lynx (and others?) support for
  5802. pointing out the CA cert path/file: SSL_CERT_DIR and SSL_CERT_FILE. If
  5803. CURL_CA_BUNDLE is not set, they are checked afterwards.
  5804. Like before: on windows if none of these are set, it checks for the ca cert
  5805. file like this:
  5806. 1. application's directory
  5807. 2. current working directory
  5808. 3. Windows System directory (e.g. C:\windows\system32)
  5809. 4. Windows Directory (e.g. C:\windows)
  5810. 5. all directories along %PATH%
  5811. Daniel (1 May 2005)
  5812. - The runtests.pl script now starts test servers by doing fork() and exec()
  5813. instead of the previous approach. This is less complicated and should
  5814. hopefully lead to less "leaked" servers (servers that aren't stopped
  5815. properly when the tests are stopped).
  5816. - Alexander Zhuravlev found a case when you did "curl -I [URL]" and it
  5817. complained on the chunked encoding, even though a HEAD should never return a
  5818. body and thus it cannot be a chunked-encoding problem!
  5819. Daniel (30 April 2005)
  5820. - Alexander Zhuravlev found out that (lib)curl SIGSEGVed when using
  5821. --interface on an address that can't be bound.
  5822. Daniel (28 April 2005)
  5823. - Working on fixing up test cases to mark sections as 'mode=text' for things
  5824. that curl writes as text files, since then they can get different line
  5825. endings depending on OS. Andrés García helps me work this out.
  5826. Did lots of other minor tweaks on the test scripts to work better and more
  5827. reliably find test servers and also kill test servers.
  5828. - Dan Fandrich pointed out how the runtests.pl script killed the HTTP server
  5829. instead of the HTTPS server when closing it down.
  5830. Daniel (27 April 2005)
  5831. - Paul Moore made curl check for the .curlrc file (_curlrc on windows) on two
  5832. more places. First, CURL_HOME is a new environment variable that is used
  5833. instead of HOME if it is set, to point out where the default config file
  5834. lives. If there's no config file in the dir pointed out by one of the
  5835. environment variables, the Windows version will instead check the same
  5836. directory the executable curl is located in.
  5837. Daniel (26 April 2005)
  5838. - Cory Nelson's work on nuking compiler warnings when building on x64 with
  5839. VS2005.
  5840. Daniel (25 April 2005)
  5841. - Fred New reported a bug where we used Basic auth and user name and password
  5842. in .netrc, and when following a Location: the subsequent requests didn't
  5843. properly use the auth as found in the netrc file. Added test case 257 to
  5844. verify my fix.
  5845. - Based on feedback from Cory Nelson, I added some preprocessor magic in
  5846. */setup.h and */config-win32.h to build fine with VS2005 on x64.
  5847. Daniel (23 April 2005)
  5848. - Alex Suykov made the curl tool now assume that uploads using HTTP:// or
  5849. HTTPS:// are the only ones that show output and thus motivates a switched
  5850. off progress meter if the output is sent to the terminal. This makes FTP
  5851. uploads without '>', -o or -O show the progress meter.
  5852. Daniel (22 April 2005)
  5853. - Dave Dribin's MSVC makefile fix: set CURL_STATICLIB when it builds static
  5854. library variants.
  5855. - Andres Garcia fixed configure to set the proper define when building static
  5856. libcurl on windows.
  5857. - --retry-delay didn't work.
  5858. Daniel (18 April 2005)
  5859. - Olivier reported that even though he used CURLOPT_PORT, libcurl clearly
  5860. still used the default port. He was right. I fixed the problem and added the
  5861. test cases 521, 522 and 523 to verify the fix.
  5862. - Toshiyuki Maezawa reported that when doing a POST with a read callback,
  5863. libcurl didn't properly send an Expect: 100-continue header. It does now.
  5864. - I committed by mig change in the test suite's FTP server that moves out all
  5865. socket/TCP code to a separate C program named sockfilt. And added 4 new
  5866. test cases for FTP over IPv6.
  5867. Daniel (8 April 2005)
  5868. - Cory Nelson reported a problem with a HTTP server that responded with a 304
  5869. response containing an "illegal" Content-Length: header, which was not
  5870. properly ignored by libcurl. Now it is. Test case 249 verifies.
  5871. Daniel (7 April 2005)
  5872. - Added ability to build and run with GnuTLS as an alternative to OpenSSL for
  5873. the secure layer. configure --with-gnutls enables with. Note that the
  5874. previous OpenSSL check still has preference and if it first detects OpenSSL,
  5875. it will not check for GnuTLS. You may need to explictly diable OpenSSL with
  5876. --without-ssl.
  5877. This work has been sponsored by The Written Word.
  5878. Daniel (5 April 2005)
  5879. - Christophe Legry fixed the post-upload check for FTP to not complain if the
  5880. upload was skipped due to a time-condition as set with
  5881. CURLOPT_TIMECONDITION. I added test case 247 and 248 to verify.
  5882. Version 7.13.2 (5 April 2005)
  5883. Daniel (4 April 2005)
  5884. - Marcelo Juchem fixed the MSVC makefile for libcurl
  5885. - Gisle Vanem fixed a crash in libcurl, that could happen if the easy handle
  5886. was killed before the threading resolver (windows only) still hadn't
  5887. completed.
  5888. - Hardeep Singh reported a problem doing HTTP POST with Digest. (It was
  5889. actually also affecting NTLM and Negotiate.) It turned out that if the
  5890. server responded with 100 Continue before the initial 401 response, libcurl
  5891. didn't take care of the response properly. Test case 245 and 246 added to
  5892. verify this.
  5893. Daniel (30 March 2005)
  5894. - Andres Garcia modified the configure script to check for libgdi32 before
  5895. libcrypto, to make the SSL check work fine on msys/mingw.
  5896. Daniel (29 March 2005)
  5897. - Tom Moers identified a flaw when you sent a POST with Digest authentication,
  5898. as in the first request when curl sends a POST with Content-Length: 0, it
  5899. still forcibly closed the connection before doing the next step in the auth
  5900. negotiation.
  5901. - Jesper Jensen found out that FTP-SSL didn't work since my FTP
  5902. rewrite. Fixing that was easy, but it also revealed a much worse problem:
  5903. the FTP server response reader function didn't properly deal with reading
  5904. responses in multiple tiny chunks properly! I modified the FTP server to
  5905. allow it to produce such split-up responses to make sure curl deals with
  5906. them as it should.
  5907. - Based on Augustus Saunders' comments and findings, the HTTP output auth
  5908. function was fixed to use the proper proxy authentication when multiple ones
  5909. are accepted. test 239 and test 243 were added to repeat the problems and
  5910. verify the fixes.
  5911. --proxy-anyauth was added to the curl tool
  5912. Daniel (16 March 2005)
  5913. - Tru64 and some IRIX boxes seem to not like test 237 as it is. Their
  5914. inet_addr() functions seems to use &255 on all numericals in a ipv4 dotted
  5915. address which makes a different failure... Now I've modified the ipv4
  5916. resolve code to use inet_pton() instead in an attempt to make these systems
  5917. better detect this as a bad IP address rather than creating a toally bogus
  5918. address that is then passed on and used.
  5919. Daniel (15 March 2005)
  5920. - Dan Fandrich made the code properly use the uClibc's version of
  5921. inet_ntoa_r() when built with it.
  5922. - Added test 237 and 238: test EPSV and PASV response handling when they get
  5923. well- formated data back but using illegal values. In 237 PASV gets an IP
  5924. address that is way bad. In 238 EPSV gets a port that is way out of range.
  5925. Daniel (14 March 2005)
  5926. - Added a few missing features to the curl-config --features list
  5927. - Modified testcurl.pl to now offer
  5928. 1 - command line options for all info it previously only read from
  5929. file: --name, --email, --desc and --configure
  5930. 2 - --nocvsup makes it not attempt to do cvs update
  5931. 3 - --crosscompile informs it and makes it not attempt things it can't do
  5932. - Fixed numerous win32 compiler warnings.
  5933. - Removed the lib/security.h file since it shadowed the mingw/win32 header
  5934. with the same name which is needed for SSPI builds. The contents of the
  5935. former security.h is now i krb4.h
  5936. - configure --enable-sspi now enables SSPI in the build. It only works for
  5937. windows builds (including cross-compiles for windows).
  5938. Daniel (12 March 2005)
  5939. - David Houlder added --form-string that adds that string to a multipart
  5940. formpost part, without special characters having special meanings etc like
  5941. --form features.
  5942. Daniel (11 March 2005)
  5943. - curl_version_info() returns the feature bit CURL_VERSION_SSPI if it was
  5944. built with SSPI support.
  5945. - Christopher R. Palmer made it possible to build libcurl with the
  5946. USE_WINDOWS_SSPI on Windows, and then libcurl will be built to use the
  5947. native way to do NTLM. SSPI also allows libcurl to pass on the current user
  5948. and its password in the request.
  5949. Daniel (9 March 2005)
  5950. - Dan F improved the SSL lib setup in configure.
  5951. - Nodak Sodak reported a crash when using a SOCKS4 proxy.
  5952. - Jean-Marc Ranger pointed out an embarassing debug printf() leftover in the
  5953. multi interface code.
  5954. - Adjusted the man page for the curl_getdate() return value for dates after
  5955. year 2038. For 32 bit time_t it returns 0x7fffffff but for 64bit time_t it
  5956. returns either the correct value or even -1 on some systems that still seem
  5957. to not deal with this properly. Tor Arntsen found a 64bit AIX system for us
  5958. that did the latter. Gwenole Beauchesne's Mandrake patch put the lights on
  5959. this problem in the first place.
  5960. Daniel (8 March 2005)
  5961. - Dominick Meglio reported that using CURLOPT_FILETIME when transferring a FTP
  5962. file got a Last-Modified: header written to the data stream, corrupting the
  5963. actual data. This was because some conditions from the previous FTP code was
  5964. not properly brought into the new FTP code. I fixed and I added test case
  5965. 520 to verify. (This bug was introduced in 7.13.1)
  5966. - Dan Fandrich fixed the configure --with-zlib option to always consider the
  5967. given path before any standard paths.
  5968. Daniel (6 March 2005)
  5969. - Randy McMurchy was the first to report that valgrind.pm was missing from the
  5970. release archive and thus 'make test' fails.
  5971. Daniel (5 March 2005)
  5972. - Dan Fandrich added HAVE_FTRUNCATE to several config-*.h files.
  5973. - Added test case 235 that makes a resumed upload of a file that isn't present
  5974. on the remote side. This then converts the operation to an ordinary STOR
  5975. upload. This was requested/pointed out by Ignacio Vazquez-Abrams.
  5976. It also proved (and I fixed) a bug in the newly rewritten ftp code (and
  5977. present in the 7.13.1 release) when trying to resume an upload and the
  5978. servers returns an error to the SIZE command. libcurl then loops and sends
  5979. SIZE commands infinitely.
  5980. - Dan Fandrich fixed a SSL problem introduced on February 9th that made
  5981. libcurl attempt to load the whole random file to seed the PRNG. This is
  5982. really bad since this turns out to be using /dev/urandom at times...
  5983. Version 7.13.1 (4 March 2005)
  5984. Daniel (4 March 2005)
  5985. - Dave Dribin made it possible to set CURLOPT_COOKIEFILE to "" to activate
  5986. the cookie "engine" without having to provide an empty or non-existing file.
  5987. - Rene Rebe fixed a -# crash when more data than expected was retrieved.
  5988. Daniel (22 February 2005)
  5989. - NTLM and ftp-krb4 buffer overflow fixed, as reported here:
  5990. http://www.securityfocus.com/archive/1/391042 and the CAN report here:
  5991. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0490
  5992. If these security guys were serious, we'd been notified in advance and we
  5993. could've saved a few of you a little surprise, but now we weren't.
  5994. Daniel (19 February 2005)
  5995. - Ralph Mitchell reported a flaw when you used a proxy with auth, and you
  5996. requested data from a host and then followed a redirect to another
  5997. host. libcurl then didn't use the proxy-auth properly in the second request,
  5998. due to the host-only check for original host name wrongly being extended to
  5999. the proxy auth as well. Added test case 233 to verify the flaw and that the
  6000. fix removed the problem.
  6001. Daniel (18 February 2005)
  6002. - Mike Dobbs reported a mingw build failure due to the lack of
  6003. BUILDING_LIBCURL being defined when libcurl is built. Now this is defined by
  6004. configure when mingw is used.
  6005. Daniel (17 February 2005)
  6006. - David in bug report #1124588 found and fixed a socket leak when libcurl
  6007. didn't close the socket properly when returning error due to failing
  6008. localbind
  6009. Daniel (16 February 2005)
  6010. - Christopher R. Palmer reported a problem with HTTP-POSTing using "anyauth"
  6011. that picks NTLM. Thanks to David Byron letting me test NTLM against his
  6012. servers, I could quickly repeat and fix the problem. It turned out to be:
  6013. When libcurl POSTs without knowing/using an authentication and it gets back
  6014. a list of types from which it picks NTLM, it needs to either continue
  6015. sending its data if it keeps the connection alive, or not send the data but
  6016. close the connection. Then do the first step in the NTLM auth. libcurl
  6017. didn't send the data nor close the connection but simply read the
  6018. response-body and then sent the first negotiation step. Which then failed
  6019. miserably of course. The fixed version forces a connection if there is more
  6020. than 2000 bytes left to send.
  6021. Daniel (14 February 2005)
  6022. - The configure script didn't check for ENGINE_load_builtin_engines() so it
  6023. was never used.
  6024. Daniel (11 February 2005)
  6025. - Removed all uses of strftime() since it uses the localised version of the
  6026. week day names and month names and servers don't like that.
  6027. Daniel (10 February 2005)
  6028. - Now the test script disables valgrind-testing when the test suite runs if
  6029. libcurl is built shared. Otherwise valgrind only tests the shell that runs
  6030. the wrapper-script named 'curl' that is a front-end to curl in this case.
  6031. This should also fix the huge amount of reports of false positives when
  6032. valgrind has identified leaks in (ba)sh and not in curl and people report
  6033. that as curl bugs. Bug report #1116672 is one example.
  6034. Also, the valgrind report parser has been adapted to check that at least one
  6035. of the sources in a stack strace is one of (lib)curl's source files or
  6036. otherwise it will not consider the problem to concern (lib)curl.
  6037. - Marty Kuhrt streamlined the VMS build.
  6038. Daniel (9 February 2005)
  6039. - David Byron fixed his SSL problems, initially mentioned here:
  6040. http://curl.haxx.se/mail/lib-2005-01/0240.html. It turned out we didn't use
  6041. SSL_pending() as we should.
  6042. - Converted lots of FTP code to a statemachine, so that the multi interface
  6043. doesn't block while communicating commands-responses with an FTP server.
  6044. I've added a comment like BLOCKING in the code on all spots I could find
  6045. where we still have blocking operations. When we change curl_easy_perform()
  6046. to use the multi interface, we'll also be able to simplify the code since
  6047. there will only be one "internal interface".
  6048. While doing this, I've now made CURLE_FTP_ACCESS_DENIED separate from the
  6049. new CURLE_LOGIN_DENIED. The first one is now access denied to a function,
  6050. like changing directory or retrieving a file, while the second means that we
  6051. were denied login.
  6052. The CVS tag 'before_ftp_statemachine' was set just before this went in, in
  6053. case of future need.
  6054. - Gisle made the DICT code send CRLF and not just LF as the spec says so.
  6055. Daniel (8 February 2005)
  6056. - Gisle fixed problems when libcurl runs out of memory, and worked on making
  6057. sure the proper error code is returned for those occations.
  6058. Daniel (7 February 2005)
  6059. - Maruko pointed out a problem with inflate decompressing exactly 64K
  6060. contents.
  6061. Daniel (5 February 2005)
  6062. - Eric Vergnaud found a use of an uninitialised variable in the ftp when doing
  6063. PORT on ipv6-enabled hosts.
  6064. - David Byron pointed out we could use BUFSIZE to read data (in
  6065. lib/transfer.c) instead of using BUFSIZE -1.
  6066. Version 7.13.0 (1 February 2005)
  6067. Daniel (31 January 2005)
  6068. - Added Lars Nilsson's htmltitle.cc example
  6069. Daniel (30 January 2005)
  6070. - Fixed a memory leak when using the multi interface and the DO operation
  6071. failed (as in test case 205).
  6072. - Fixed a valgrind warning for file:// operations.
  6073. - Fixed a valgrind report in the url globbing code for the curl command line
  6074. tool.
  6075. - Bugfixed the parser that scans the valgrind report outputs (in runtests.pl).
  6076. I noticed that it previously didn't detect and report the "Conditional jump
  6077. or move depends on uninitialised value(s)" error. When I fixed this, I
  6078. caught a few curl bugs with it. And then I had to spend time to make the
  6079. test suite IGNORE these errors when OpenSSL is used since it produce massive
  6080. amounts of valgrind warnings (but only of the "Conditional..." kind it
  6081. seems). So, if a test that requires SSL is run, it ignores the
  6082. "Conditional..." errors, and you'll get a "valgrind PARTIAL" output instead
  6083. of "valgrind OK".
  6084. Daniel (29 January 2005)
  6085. - Using the multi interface, and doing a requsted a re-used connection that
  6086. gets closed just after the request has been sent failed and did not re-issue
  6087. a request on a fresh reconnect like the easy interface did. Now it does!
  6088. - Define CURL_MULTIEASY when building libcurl (lib/easy.c to be exact), to use
  6089. my new curl_easy_perform() that uses the multi interface to run the
  6090. request. It is a great testbed for the multi interface and I believe we
  6091. shall do it this way for real in the future when we have a successor to
  6092. curl_multi_fdset(). I've used this approach to detect and fix several of the
  6093. recent multi-interfaces issues.
  6094. - Adjusted the KNOWN_BUGS #17 fix a bit more since the FTP code also did some
  6095. bad assumptions.
  6096. - multi interface: when a request is denied due to "Maximum redirects
  6097. followed" libcurl leaked the last Location: URL.
  6098. - Connect failures with the multi interface was often returned as "connect()
  6099. timed out" even though the reason was different.
  6100. Daniel (28 January 2005)
  6101. - KNOWN_BUGS #17 fixed. A DNS cache entry may not remain locked between two
  6102. curl_easy_perform() invokes. It was previously unlocked at disconnect, which
  6103. could mean that it remained locked between multiple transfers. The DNS cache
  6104. may not live as long as the connection cache does, as they are separate.
  6105. To deal with the lack of DNS (host address) data availability in re-used
  6106. connections, libcurl now keeps a copy of the IP adress as a string, to be
  6107. able to show it even on subsequent requests on the same connection.
  6108. The problem could be made to appear with this stunt:
  6109. 1. create a multi handle
  6110. 2. add an easy handle
  6111. 3. fetch a URL that is persistent (leaves the connection alive)
  6112. 4. remove the easy handle from the multi
  6113. 5. kill the multi handle
  6114. 6. create a multi handle
  6115. 7. add the same easy handle to the new multi handle
  6116. 8. fetch a URL from the same server as before (re-using the connection)
  6117. - Stephen More pointed out that CURLOPT_FTPPORT and the -P option didn't work
  6118. when built ipv6-enabled. I've now made a fix for it. Writing test cases for
  6119. custom port hosts turned too tricky so unfortunately there's none.
  6120. Daniel (25 January 2005)
  6121. - Ian Ford asked about support for the FTP command ACCT, and I discovered it
  6122. is present in RFC959... so now (lib)curl supports it as well. --ftp-account
  6123. and CURLOPT_FTP_ACCOUNT set the account string. (The server may ask for an
  6124. account string after PASS have been sent away. The client responds
  6125. with "ACCT [account string]".) Added test case 228 and 229 to verify the
  6126. functionality. Updated the test FTP server to support ACCT somewhat.
  6127. - David Shaw contributed a fairly complete and detailed autoconf test you can
  6128. use to detect libcurl and setup variables for the protocols the installed
  6129. libcurl supports: docs/libcurl/libcurl.m4
  6130. Daniel (21 January 2005)
  6131. - Major FTP third party transfer overhaul.
  6132. These four options are now obsolete: CURLOPT_SOURCE_HOST,
  6133. CURLOPT_SOURCE_PATH, CURLOPT_SOURCE_PORT (this option didn't work before)
  6134. and CURLOPT_PASV_HOST.
  6135. These two options are added: CURLOPT_SOURCE_URL and CURLOPT_SOURCE_QUOTE.
  6136. The target-side didn't use the proper path with RETR, and thus this only
  6137. worked correctly in the login path (i.e without doing any CWD). The source-
  6138. side still uses a wrong path, but the fix for this will need to wait. Verify
  6139. the flaw by using a source URL with included %XX-codes.
  6140. Made CURLOPT_FTPPORT control weather the target operation should use PORT
  6141. (or not). The other side thus uses passive (PASV) mode.
  6142. Updated the ftp3rdparty.c example source to use the updated options.
  6143. Added support for a second FTP server in the test suite. Named... ftp2.
  6144. Added test cases 230, 231 and 232 as a few first basic tests of very simple
  6145. 3rd party transfers.
  6146. Changed the debug output to include 'target' and 'source' when a 3rd party
  6147. is being made, to make it clearer what commands/responses came on what
  6148. connection.
  6149. Added three new command line options: --3p-url, --3p-user and --3p-quote.
  6150. Documented the command line options and the curl_easy_setopt options related
  6151. to third party transfers.
  6152. (Temporarily) disabled the ability to re-use an existing connection for the
  6153. source connection. This is because it needs to force a new in case the
  6154. source and target is the same host, and the host name check is trickier now
  6155. when the source is identified with a full URL instead of a plain host name
  6156. like before.
  6157. TODO (short-term) for 3rd party transfers: quote support. The options are
  6158. there, we need to add test cases to verify their functionality.
  6159. TODO (long-term) for 3rd party transfers: IPv6 support (EPRT and EPSV etc)
  6160. and SSL/TSL support.
  6161. Daniel (20 January 2005)
  6162. - Philippe Hameau found out that -Q "+[command]" didn't work, although some
  6163. code was written for it. I fixed and added test case 227 to verify it.
  6164. The curl.1 man page didn't mention the '+' so I added it.
  6165. Daniel (19 January 2005)
  6166. - Stephan Bergmann made libcurl return CURLE_URL_MALFORMAT if an FTP URL
  6167. contains %0a or %0d in the user, password or CWD parts. (A future fix would
  6168. include doing it for %00 as well - see KNOWN_BUGS for details.) Test case
  6169. 225 and 226 were added to verify this
  6170. - Stephan Bergmann pointed out two flaws in libcurl built with HTTP disabled:
  6171. 1) the proxy environment variables are still read and used to set HTTP proxy
  6172. 2) you couldn't disable http proxy with CURLOPT_PROXY (since the option was
  6173. disabled). This is important since apps may want to disable HTTP proxy
  6174. without actually knowing if libcurl was built to disable HTTP or not.
  6175. Based on Stephan's patch, both these issues should now be fixed.
  6176. Daniel (18 January 2005)
  6177. - Cody Jones' enhanced version of Samuel Díaz García's MSVC makefile patch was
  6178. applied.
  6179. Daniel (16 January 2005)
  6180. - Alex aka WindEagle pointed out that when doing "curl -v dictionary.com", curl
  6181. assumed this used the DICT protocol. While guessing protocols will remain
  6182. fuzzy, I've now made sure that the host names must start with "[protocol]."
  6183. for them to be a valid guessable name. I also removed "https" as a prefix
  6184. that indicates HTTPS, since we hardly ever see any host names using that.
  6185. Daniel (13 January 2005)
  6186. - Inspired by Martijn Koster's patch and example source at
  6187. http://www.greenhills.co.uk/mak/gentoo/curl-eintr-bug.c, I now made the
  6188. select() and poll() calls properly loop if they return -1 and errno is
  6189. EINTR. glibc docs for this is found here:
  6190. http://www.gnu.org/software/libc/manual/html_node/Interrupted-Primitives.html
  6191. This last link says BSD doesn't have this "effect". Will there be a problem
  6192. if we do this unconditionally?
  6193. Daniel (11 January 2005)
  6194. - Dan Torop cleaned up a few no longer used variables from David Phillips'
  6195. select() overhaul fix.
  6196. - Cyrill Osterwalder posted a detailed analysis about a bug that occurs when
  6197. using a custom Host: header and curl fails to send a request on a re-used
  6198. persistent connection and thus creates a new connection and resends it. It
  6199. then sent two Host: headers. Cyrill's analysis was posted here:
  6200. http://curl.haxx.se/mail/archive-2005-01/0022.html
  6201. - Bruce Mitchener identified (bug report #1099640) the never-ending SOCKS5
  6202. problem with the version byte and the check for bad versions. Bruce has lots
  6203. of clues on this, and based on his suggestion I've now removed the check of
  6204. that byte since it seems to be able to contain 1 or 5.
  6205. Daniel (10 January 2005)
  6206. - Pavel Orehov reported memory problems with the multi interface in bug report
  6207. #1098843. In short, a shared DNS cache was setup for a multi handle and when
  6208. the shared cache was deleted before the individual easy handles, the latter
  6209. cleanups caused read/writes to already freed memory.
  6210. - Hzhijun reported a memory leak in the SSL certificate code, that leaked the
  6211. remote certificate name when it didn't match the used host name.
  6212. Gisle (8 January 2005)
  6213. - Added Makefile.Watcom files (src/lib). Updated Makefile.dist.
  6214. Daniel (7 January 2005)
  6215. - Improved the test script's valgrind log parser to actually work! Also added
  6216. the ability to disable the log scanner for specific test cases. Test case
  6217. 509 results in numerous problems and leaks in OpenSSL and has to get it
  6218. disabled.
  6219. Daniel (6 January 2005)
  6220. - Fixed a single-byte read out of bounds in test case 39 in the curl tool code
  6221. (i.e not in the library).
  6222. - Bug report #1097019 identified a problem when doing -d "data" with -G and
  6223. sending it to two URLs with {}. Added test 199 to verify the fix.
  6224. Daniel (4 January 2005)
  6225. - Marty Kuhrt adjusted a VMS build script slightly
  6226. - Kai Sommerfeld and Gisle Vanem fixed libcurl to build with IPv6 support on
  6227. Win2000.
  6228. Daniel (2 January 2005)
  6229. - Alex Neblett updated the MSVC makefiles slightly.
  6230. Daniel (25 December 2004)
  6231. - Removed src/config.h.in from CVS, it is now copied from the (generated)
  6232. lib/config.h.in instead, as they can very well be the same. This removes a
  6233. "manual hassle". You may want to re-run buildconf now.
  6234. - Werner Koch filed Debian bug report #286794, mentioning that curl contained
  6235. non-free (by Debian's view) source code. This was Angus Mackay's
  6236. src/getpass.c source code. I tried to contact him about it to quickly solve
  6237. this issue, but his email addresses bounce and I got some time "over" and
  6238. reimplemented the functionality once brought by Angus. We no longer use any
  6239. of Angus' original code and the new function is much simpler (IMO). Issue
  6240. solved.
  6241. Daniel (24 December 2004)
  6242. - David Shaw added --protocols to curl-config, so that it now lists all
  6243. protocols libcurl was built to support. --feature no longer lists disabled
  6244. protocols.
  6245. Daniel (23 December 2004)
  6246. - David Shaw fixed the configure --disable-[protocol] variables so that
  6247. curl-config --feature now works correctly!
  6248. Daniel (22 December 2004)
  6249. - Rune Kleveland fixed a minor memory leak for received cookies with the
  6250. (rare) version attribute set.
  6251. - Marcin Konicki provided two configure fixes and a source fix to make curl
  6252. build out-of-the-box on BeOS.
  6253. Daniel (21 December 2004)
  6254. - Added test case 217 that verified CURLINFO_HTTP_CONNECTCODE, and I made the
  6255. -w option support 'http_connect' to make it easier to verify!
  6256. - Fixed lib/select.c include order to build fine on FreeBSD
  6257. - Fixed failf()'s reuse of the va_list variable that crashed on FreeBSD.
  6258. Pointed out by Peter Pentchev.
  6259. Version 7.12.3 (20 December 2004)
  6260. Daniel (19 December 2004)
  6261. - I investigated our PKCS12 build problem on Solaris 2.7 with OpenSSL 0.9.7e,
  6262. and it turned out to be the fault of the zlib 1.1.4 headers doing a typedef
  6263. named 'free_func' and the OpenSSL headers have a prototype that uses
  6264. 'free_func' in one of its arguments. This is why the compile errors out.
  6265. In other words, we need to include the openssl/pkcs12.h header before the
  6266. zlib.h header and it builds fine. The configure script now checks for this
  6267. file and it then gets included early in lib/urldata.h.
  6268. Daniel (18 December 2004)
  6269. - Samuel Listopad added support for PKCS12 formatted certificates.
  6270. - Samuel Listopad fixed -E to support "C:/path" (with forward slash) as well.
  6271. Daniel (16 December 2004)
  6272. - Gisle found and fixed a problem in the directory re-use for FTP.
  6273. I added test case 215 and 216 to better verify the functionality.
  6274. - Dinar in bug report #1086121, found a file handle leak when a multipart
  6275. formpost (including a file upload part) was aborted before the whole file
  6276. was sent.
  6277. Daniel (15 December 2004)
  6278. - Tom Lee found out that globbing of strings with backslashes didn't work as
  6279. you'd expect. Backslashes are such a central part of windows file names that
  6280. forcing backslashes to have to be escaped with backslashes is a bit too
  6281. awkward to users. Starting now, you only need to escape globbing characters
  6282. such as the five letters: "[]{},". Added test case 214 to verify this.
  6283. Daniel (14 December 2004)
  6284. - Harshal Pradhan patched a HTTP persistent connection flaw: if the user name
  6285. and/or password were modified between two requests on a persistent
  6286. connection, the second request were still made with the first setup!
  6287. I added test case 519 to verify the fix.
  6288. Daniel (13 December 2004)
  6289. - Gisle added CURLINFO_SSL_ENGINES to curl_easy_getinfo() to allow an app
  6290. to list all available crypto ENGINES.
  6291. - Gisle fixed bug report #1083542, which pointed out a problem with resuming
  6292. large file (>4GB) file:// transfers on windows.
  6293. Daniel (11 December 2004)
  6294. - Made the test suite HTTP server (sws) capable of using IPv6, and then
  6295. extended the test environment to support that and also added three test
  6296. cases (240, 241, 242) that run tests using IPv6. Test 242 uses a URL that
  6297. didn't work before the 10 dec fix by Kai Sommerfeld.
  6298. - Made a failed file:// resume output an error message
  6299. - Corrected the CURLE_BAD_DOWNLOAD_RESUME error message in lib/strerror.c
  6300. - Dan Fandrich:
  6301. simplified and consolidated the SSL checks in configure and the usage of the
  6302. defines in lib/setup.h
  6303. provided a first libcurl.pc.in file for pkg-config (but the result is not
  6304. installed anywhere at this point)
  6305. extended the cross compile section in the docs/INSTALL file
  6306. Daniel (10 December 2004)
  6307. - When providing user name in the URL and a IPv6-style IP-address (like in
  6308. "ftp://user@[::1]/tmp"), the URL parser didn't get the host extracted
  6309. properly. Reported and fixed by Kai Sommerfeld.
  6310. Daniel (9 December 2004)
  6311. - Ton Voon provided a configure fix that should fix the notorious (mostly
  6312. reported on Solaris) problem where the size_t check fails due to the SSL
  6313. libs being found in a dir not searched through by the run-time linker.
  6314. patch-tracker entry #1081707.
  6315. - Bryan Henderson pointed out in bug report #1081788 that the curl-config
  6316. --vernum output wasn't zero prefixed properly (as claimed in documentation).
  6317. This is fixed in maketgz now.
  6318. Daniel (8 December 2004)
  6319. - Matt Veenstra updated the mach-O framework files for Mac OS X.
  6320. - Rene Bernhardt found and fixed a buffer overrun in the NTLM code, where
  6321. libcurl always and unconditionally overwrote a stack-based array with 3 zero
  6322. bytes. This is not an exploitable buffer overflow. No need to get alarmed.
  6323. Daniel (7 December 2004)
  6324. - Fixed so that the final error message is sent to the verbose info "stream"
  6325. even if no errorbuffer is set.
  6326. Daniel (6 December 2004)
  6327. - Dan Fandrich added the --disable-cookies option to configure to build
  6328. libcurl without cookie support. This is mainly useful if you want to build a
  6329. minimalistic libcurl with no cookies support at all. Like for embedded
  6330. systems or similar.
  6331. - Richard Atterer fixed libcurl's way of dealing with the EPSV
  6332. response. Previously, libcurl would re-resolve the host name with the new
  6333. port number and attempt to connect to that, while it should use the IP from
  6334. the control channel. This bug made it hard to EPSV from an FTP server with
  6335. multiple IP addresses!
  6336. Daniel (3 December 2004)
  6337. - Bug report #1078066: when a chunked transfer was pre-maturely closed exactly
  6338. at a chunk boundary it was not considered an error and thus went unnoticed.
  6339. Fixed by Maurice Barnum.
  6340. Added test case 207 to verify.
  6341. Daniel (2 December 2004)
  6342. - Fixed the CONNECT loop to default timeout to 3600 seconds.
  6343. Added test case 206 that makes CONNECT with Digest.
  6344. Fixed a flaw that prepended "(nil)" to the initial CONNECT rqeuest's user-
  6345. agent field.
  6346. Daniel (30 November 2004)
  6347. - Dan Fandrich's fix for libz 1.1 and "extra field" usage in a gzip stream
  6348. - Dan also helped me with input data to create three more test cases for the
  6349. --compressed option.
  6350. Daniel (29 November 2004)
  6351. - I improved the test suite to enable binary contents in the tests (by proving
  6352. it base64 encoded), like for testing decompress etc. Added test 220 and 221
  6353. for this purpose. Tests can now also depend on libz to run.
  6354. - As reported by Reinout van Schouwen in Mandrake's bug tracker bug 12285
  6355. (http://qa.mandrakesoft.com/show_bug.cgi?id=12285), when connecting to an
  6356. IPv6 host with FTP, --disable-epsv (or --disable-eprt) effectively disables
  6357. the ability to transfer a file. Now, when connected to an FTP server with
  6358. IPv6, these FTP commands can't be disabled even if asked to with the
  6359. available libcurl options.
  6360. Daniel (26 November 2004)
  6361. - As reported in Mandrake's bug tracker bug 12289
  6362. (http://qa.mandrakesoft.com/show_bug.cgi?id=12289), curl would print a
  6363. newline to "finish" the progress meter after each redirect and not only
  6364. after a completed transfer.
  6365. Daniel (25 November 2004)
  6366. - FTP improvements:
  6367. If EPSV, EPRT or LPRT is tried and doesn't work, it will not be retried on
  6368. the same server again even if a following request is made using a persistent
  6369. connection.
  6370. If a second request is made to a server, requesting a file from the same
  6371. directory as the previous request operated on, libcurl will no longer make
  6372. that long series of CWD commands just to end up on the same spot. Note that
  6373. this is only for *exactly* the same dir. There is still room for improvements
  6374. to optimize the CWD-sending when the dirs are only slightly different.
  6375. Added test 210, 211 and 212 to verify these changes. Had to improve the
  6376. test script too and added a new primitive to the test file format.
  6377. Daniel (24 November 2004)
  6378. - Andrés García fixed the configure script to detect select properly when run
  6379. with Msys/Mingw on Windows.
  6380. Daniel (22 November 2004)
  6381. - Made HTTP PUT and POST requests no longer use HEAD when doing multi-pass
  6382. auth negotiation (NTLM, Digest and Negotiate), but instead use the request
  6383. keyword "properly". Details in lib/README.httpauth. This also introduces
  6384. CURLOPT_IOCTLFUNCTION and CURLOPT_IOCTLDATA, to be used by apps that use the
  6385. "any" auth alternative as then libcurl may need to send the PUT/POST data
  6386. more than once and thus may need to ask the app to "rewind" the read data
  6387. stream to start.
  6388. See also the new example using this: docs/examples/anyauthput.c
  6389. - David Phillips enhanced test 518. I made it depend on a "feature" so that
  6390. systems without getrlimit() won't attempt to test 518. configure now checks
  6391. for getrlimit() and setrlimit() for this test case.
  6392. Daniel (18 November 2004)
  6393. - David Phillips fixed libcurl to not crash anymore when more than FD_SETSIZE
  6394. file descriptors are in use. Test case 518 added to verify.
  6395. Daniel (15 November 2004)
  6396. - To test my fix for the CURLINFO_REDIRECT_TIME bug, I added time_redirect and
  6397. num_redirects support to the -w writeout option for the command line tool.
  6398. - Wojciech Zwiefka found out that CURLINFO_REDIRECT_TIME didn't work as
  6399. documented.
  6400. Daniel (12 November 2004)
  6401. - Gisle Vanem modigied the MSVC and Netware makefiles to build without
  6402. libcurl.def
  6403. - Dan Fandrich added the --disable-crypto-auth option to configure to allow
  6404. libcurl to build without Digest support. (I figure it should also explicitly
  6405. disable Negotiate and NTLM.)
  6406. - *** Modified Behaviour Alert ***
  6407. Setting CURLOPT_POSTFIELDS to NULL will no longer do a GET.
  6408. Setting CURLOPT_POSTFIELDS to "" will send a zero byte POST and setting
  6409. CURLOPT_POSTFIELDS to NULL and CURLOPT_POSTFIELDSIZE to zero will also make
  6410. a zero byte POST. Added test case 515 to verify this.
  6411. Setting CURLOPT_HTTPPOST to NULL makes a zero byte post. Added test case 516
  6412. to verify this.
  6413. CURLOPT_POSTFIELDSIZE must now be set to -1 to signal "we don't know".
  6414. Setting it to zero simply says this is a zero byte POST.
  6415. When providing POST data with a read callback, setting the size up front
  6416. is now made with CURLOPT_POSTFIELDSIZE and not with CURLOPT_INFILESIZE.
  6417. Daniel (11 November 2004)
  6418. - Dan Fandrich added --disable-verbose to the configure script to allow builds
  6419. without verbose strings in the code, to save some 12KB space. Makes sense
  6420. only for systems with very little memory resources.
  6421. - Jeff Phillips found out that a date string with a year beyond 2038 could
  6422. crash the new date parser on systems with 32bit time_t. We now check for
  6423. this case and deal with it.
  6424. Daniel (10 November 2004)
  6425. - I installed Heimdal on my Debian box (using the debian package) and noticed
  6426. that configure --with-gssapi failed to create a nice build. Fixed now.
  6427. Daniel (9 November 2004)
  6428. - Gisle Vanem marked all external function calls with CURL_EXTERN so that now
  6429. the Windows, Netware and other builds no longer need libcurl.def or similar
  6430. files.
  6431. Daniel (8 November 2004)
  6432. - Made the configure script check for tld.h if libidn was detected, since
  6433. libidn 0.3.X didn't have such a header and we don't work with anything
  6434. before libidn 0.4.1 anyway! Suse 9.1 apparently ships with a 0.3.X version
  6435. of libidn which makes the curl 7.12.2 build fail. Jean-Philippe
  6436. Barrette-LaPierre helped pointing this out.
  6437. - Ian Gulliver reported in debian bug report #278691: if curl is invoked in an
  6438. environment where stderr is closed the -v output will still be sent to file
  6439. descriptor 2 which then might be the network socket handle! Now we have a
  6440. weird hack instead that attempts to make sure that file descriptor 2 is
  6441. opened (with a call to pipe()) before libcurl is called to do the transfer.
  6442. configure now checks for pipe() and systems without pipe don't get the weird
  6443. hack done.
  6444. Daniel (5 November 2004)
  6445. - Tim Sneddon made libcurl send no more than 64K in a single first chunk when
  6446. doing a huge POST on VMS, as this is a system limitation. Default on general
  6447. systems is 100K.
  6448. Daniel (4 November 2004)
  6449. - Andres Garcia made it build on mingw againa, my --retry code broke the build.
  6450. Daniel (2 November 2004)
  6451. - Added --retry-max-time that allows a maximum time that may not have been
  6452. reached for a retry to be made. If not set there is no maximum time, only
  6453. the amount of retries set with --retry.
  6454. - Paul Nolan provided a patch to make libcurl build nicely on Windows CE.
  6455. Daniel (1 November 2004)
  6456. - When cross-compiling, the configure script no longer attempts to use
  6457. pkg-config on the build host in order to detect OpenSSL compiler options.
  6458. Daniel (27 October 2004)
  6459. - Dan Fandrich:
  6460. An improvement to the gzip handling of libcurl. There were two problems with
  6461. the old version: it was possible for a malicious gzip file to cause libcurl
  6462. to leak memory, as a buffer was malloced to hold the header and never freed
  6463. if the header ended with no file contents. The second problem is that the
  6464. 64 KiB decompression buffer was allocated on the stack, which caused
  6465. unexpectedly high stack usage and overflowed the stack on some systems
  6466. (someone complained about that in the mailing list about a year ago).
  6467. Both problems are fixed by this patch. The first one is fixed when a recent
  6468. (1.2) version of zlib is used, as it takes care of gzip header parsing
  6469. itself. A check for the version number is done at run-time and libcurl uses
  6470. that feature if it's present. I've created a define OLD_ZLIB_SUPPORT that
  6471. can be commented out to save some code space if libcurl is guaranteed to be
  6472. using a 1.2 version of zlib.
  6473. The second problem is solved by dynamically allocating the memory buffer
  6474. instead of storing it on the stack. The allocation/free is done for every
  6475. incoming packet, which is suboptimal, but should be dwarfed by the actual
  6476. decompression computation.
  6477. I've also factored out some common code between deflate and gzip to reduce
  6478. the code footprint somewhat. I've tested the gzip code on a few test files
  6479. and I tried deflate using the freshmeat.net server, and it all looks OK. I
  6480. didn't try running it with valgrind, however.
  6481. - Added a --retry option to curl that takes a numerical option for the number
  6482. of times the operation should be retried. It is retried if a transient error
  6483. is detected or if a timeout occurred. By default, it will first wait one
  6484. second between the retries and then double the delay time between each retry
  6485. until the delay time is ten minutes which then will be the delay time
  6486. between all forthcoming retries. You can set a static delay time with
  6487. "--retry-delay [num]" where [num] is the number of seconds to wait between
  6488. each retry.
  6489. Daniel (25 October 2004)
  6490. - Tomas Pospisek filed bug report #1053287 that proved -C - and --fail on a
  6491. file that was already completely downloaded caused an error, while it
  6492. doesn't if you don't use --fail! I added test case 194 to verify the fix.
  6493. Grrr. CURLOPT_FAILONERROR is now added to the list stuff to remove in
  6494. libcurl v8 due to all the kludges needed to support it.
  6495. - Mohun Biswas found out that formposting a zero-byte file didn't work very
  6496. good. I fixed.
  6497. Daniel (19 October 2004)
  6498. - Alexander Krasnostavsky made it possible to make FTP 3rd party transfers
  6499. with both source and destination being the same host. It can be useful if
  6500. you want to move a file on a server or similar.
  6501. - Guillaume Arluison added CURLINFO_NUM_CONNECTS to allow an app to figure
  6502. out how many new connects a previous transfer required.
  6503. I added %{num_connects} to the curl tool and added test case 192 and 193
  6504. to verify the new code.
  6505. Daniel (18 October 2004)
  6506. - Peter Wullinger pointed out that curl should call setlocale() properly to
  6507. initiate the specific language operations, to make the IDN stuff work
  6508. better.
  6509. Version 7.12.2 (18 October 2004)
  6510. Daniel (16 October 2004)
  6511. - Alexander Krasnostavsky made the CURLOPT_FTP_CREATE_MISSING_DIRS option work
  6512. fine even for third party transfers.
  6513. - runekl at opoint.com found out (and provided a fix) that libcurl leaked
  6514. memory for cookies with the "max-age" field set.
  6515. Gisle (16 October 2004)
  6516. - Issue 50 in TODO-RELEASE; Added Traian Nicolescu's patches for threaded
  6517. resolver on Windows. Plugged some potential handle and memory leaks.
  6518. Daniel (14 October 2004)
  6519. - Eric Vergnaud pointed out that libcurl didn't treat ?-letters in the user
  6520. name and password fields properly in URLs, like
  6521. ftp://us?er:pass?word@site.com/. Added test 191 to verify the fix.
  6522. Daniel (11 October 2004)
  6523. - libcurl now uses SO_NOSIGPIPE for systems that support it (Mac OS X 10.2 or
  6524. later is one) to inhibit the SIGPIPE signal when writing to a socket while
  6525. the peer dies. The same effect is provide by the MSG_NOSIGNAL parameter to
  6526. send() on other systems. Alan Pinstein verified the fix.
  6527. Daniel (10 October 2004)
  6528. - Systems with 64bit longs no longer use strtoll() or our strtoll- replacement
  6529. to parse 64 bit numbers. strtol() works fine. Added a configure check to
  6530. detect if [constant]LL works and if so, use that in the strtoll replacement
  6531. code to work around compiler warnings reported by Andy Cedilnik.
  6532. Gisle (6 October 2004)
  6533. - For USE_LIBIDN builds: Added Top-Level-Domain (TLD) check of host-name
  6534. used in fix_hostname(). Checks if characters in 'host->name' (indirectly
  6535. via 'ace_hostname') are legal according to the TLD tables in libidn.
  6536. Daniel (6 October 2004)
  6537. - Chih-Chung Chang reported that if you use CURLOPT_RESUME_FROM and enabled
  6538. CURLOPT_FOLLOWLOCATION, libcurl reported error if a redirect happened even
  6539. if the new URL would provide the resumed file. Test case 188 added to verify
  6540. the fix (together with existing test 99).
  6541. - Dan Fandrich fixed a configure flaw for systems that need both nsl and socket
  6542. libs to use gethostbyname().
  6543. - Removed tabs and trailing whitespace from lots of source files.
  6544. Daniel (5 October 2004)
  6545. - Made configure --with-libidn=PATH try the given PATH before the default
  6546. paths to make it possible to override.
  6547. - If idna_strerror() is present in libidn, we can use that instead of our
  6548. internal replacement. This function was added by Simon in libidn 0.5.6 and
  6549. is detected by configure.
  6550. - It seems basename() on IRIX is in the libgen library and since we don't use
  6551. that, configure finds libgen.h but not basename and then we get a compiler
  6552. error because our basename() replacement doesn't match the proto in
  6553. libgen.h. Starting now, we don't include the file if basename wasn't found
  6554. as well.
  6555. Daniel (4 October 2004)
  6556. - Chris found a race condition resulting in CURLE_COULDNT_RESOLVE_HOST and
  6557. potential crash, in the windows threaded name resolver code.
  6558. Daniel (3 October 2004)
  6559. - Replaced the use of isspace() in cookie.c with our own version instead since
  6560. we have most data as 'char *' and that makes us pass in negative values if
  6561. there is 8bit data in the string. Changing to unsigned causes too much
  6562. warnings or too many required typecasts to the normal string functions.
  6563. Harshal Pradhan identified this problem.
  6564. Daniel (2 October 2004)
  6565. - Bertrand Demiddelaer found a case where libcurl could read already freed
  6566. data when CURLOPT_VERBOSE is used and a (very) persistent connection. It
  6567. happened when the dns cache entry for the connection was pruned while the
  6568. connection was still alive and then again re-used. We worked together on
  6569. this fix.
  6570. - Gisle Vanem provided code that displays an error message when the (libidn
  6571. based) IDN conversion fails. This is really due to a missing suitable
  6572. function in the libidn API that I hope we can remove once libidn gets a
  6573. function like this.
  6574. Daniel (1 October 2004)
  6575. - Aleksandar Milivojevic reported a problem in the Redhat bugzilla (see
  6576. https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=134133) and not to
  6577. anyone involved in the curl project! This happens when you try to curl a
  6578. file from a proftpd site using SSL. It seems proftpd sends a somewhat
  6579. unorthodox response code (232 instead of 230). I relaxed the response code
  6580. check to deal with this and similar cases.
  6581. - Based on Fedor Karpelevitch's formpost path basename patch, file parts in
  6582. formposts no longer include the path part. If you _really_ want them, you
  6583. must provide your preferred full file name with CURLFORM_FILENAME.
  6584. Added detection for libgen.h and basename() to configure. My custom
  6585. basename() replacement function for systems without it, might be a bit too
  6586. naive...
  6587. Updated 6 test cases to make them work with the stripped paths.
  6588. Daniel (30 September 2004)
  6589. - Larry Campbell added CURLINFO_OS_ERRNO to curl_easy_getinfo() that allows an
  6590. app to retrieve the errno variable after a (connect) failure. It will make
  6591. sense to provide this for more failures in a more generic way, but let's
  6592. start like this.
  6593. - Günter Knauf and Casey O'Donnell worked out an extra #if condition for the
  6594. curl/multi.h header to work better in winsock-using apps.
  6595. - Jean-Philippe Barrette-LaPierre made buildconf run better on Mac OS X by
  6596. properly using glibtoolize instead of plain libtoolize. (This is made if
  6597. glibtool was found and used instead of plain libtool.)
  6598. Daniel (29 September 2004)
  6599. - Bertrand Demiddelaer fixed curl_easy_reset() so that it doesn't mistakingly
  6600. enable the progress meter.
  6601. Daniel (28 September 2004)
  6602. - "Mekonikum" found out that if you built curl without SSL support, although
  6603. your current SSL installation supports Engine, the compile fails.
  6604. Daniel (27 September 2004)
  6605. - When --with-ssl=PATH is used to the configure script, it no longer uses
  6606. pkg-config to figure out extra details. That is now only done if no PATH is
  6607. included or if SSL is checked for by default without the --with-ssl option.
  6608. Daniel (25 September 2004)
  6609. - Peter Sylvester pointed out that CURLOPT_SSLENGINE couldn't even be set to
  6610. NULL when no engine was supported. It can now.
  6611. Daniel (22 September 2004)
  6612. - Dan Fandrich fixed three test cases to no longer use "localhost" but instead
  6613. use "127.0.0.1" to avoid requiring that localhost resolves nicely.
  6614. - Jean-Claude Chauve fixed an LDAP crash when more than one record was
  6615. retrieved.
  6616. Daniel (19 September 2004)
  6617. - Andreas Rieke pointed out that when attempting to connect to a host without
  6618. a service on the specified port, curl_easy_perform() didn't properly provide
  6619. an error message in the CURLOPT_ERRORBUFFER buffer.
  6620. Daniel (16 September 2004)
  6621. - Daniel at touchtunes uses the FTP+SSL server "BSDFTPD-SSL from
  6622. http://bsdftpd-ssl.sc.ru/" which accordingly doesn't properly work with curl
  6623. when "AUTH SSL" is issued (although the server responds fine and everything)
  6624. but requires that curl issues "AUTH TLS" instead. See
  6625. http://curl.haxx.se/feedback/display.cgi?id=10951944937603&support=yes
  6626. Introducing CURLOPT_FTPSSLAUTH that allows the application to select which
  6627. of the AUTH strings to attempt first.
  6628. - Anonymous filed bug report #1029478 which identified a bug when you 1) used
  6629. a URL without properly seperating the host name and the parameters with a
  6630. slash. 2) the URL had parameters to the right of a ? that contains a slash
  6631. 3) curl was told to follow Location:s 4) the request got a response that
  6632. contained a Location: to redirect to "/dir". curl then appended the new path
  6633. on the wrong position of the original URL.
  6634. Test case 187 was added to verify that this was fixed properly.
  6635. Daniel (11 September 2004)
  6636. - Added parsedate.c that contains a rewrite of the date parser currently
  6637. provided by getdate.y. The new one is MUCH smaller and will allow us to run
  6638. away from the yacc/bison jungle. It is also slightly lacking in features
  6639. compared to the old one, but it supports parsing of all date formats HTTP
  6640. involves (and a fair bunch of others).
  6641. Daniel (10 September 2004)
  6642. - As found out by Jonas Forsman, curl didn't allow -F to set Content-Type on
  6643. text-parts. Starting now, we can do -F "name=daniel;type=text/extra". Added
  6644. test case 186 to verify.
  6645. - Bug report #1025986. When following a Location: with a custom Host: header
  6646. replacement, curl only replaced the Host: header on the initial request
  6647. and didn't replace it on the following ones. This resulted in requests with
  6648. two Host: headers.
  6649. Now, curl checks if the location is on the same host as the initial request
  6650. and then continues to replace the Host: header. And when it moves to another
  6651. host, it doesn't replace the Host: header but it also doesn't make the
  6652. second Host: header get used in the request.
  6653. This change is verified by the two new test cases 184 and 185.
  6654. Daniel (8 September 2004)
  6655. - Modified the test suite to be able to use and run with customized port
  6656. numbers. This was always intended but never before possible. Now a simple
  6657. change in the runtests.pl script can make all tests use different ports.
  6658. The default ports in use from now on are 8990 to 8993.
  6659. Daniel (2 September 2004)
  6660. - Minor modification of an SSL-related error message.
  6661. Daniel (31 August 2004)
  6662. - David Tarendash found out that curl_multi_add_handle() returned
  6663. CURLM_CALL_MULTI_PERFORM instead of CURLM_OK.
  6664. Daniel (30 August 2004)
  6665. - Make "Proxy-Connection: close" close the current proxy connection, as Roman
  6666. Koifman found out.
  6667. Daniel (24 August 2004)
  6668. - Fixed a getdate problem by post-replacing the getdate.c file after the
  6669. bison/yacc process to add the fix Harshal Pradhan suggested. The problem
  6670. caused a crash on Windows when parsing some dates.
  6671. Daniel (23 August 2004)
  6672. - Roman Koifman pointed out that libcurl send Expect: 100-continue on POSTs
  6673. even when told to use HTTP 1.0, which is not correct. Test case 180 and
  6674. 181 verify this.
  6675. - Added test case 182 to verify that zero byte transfers call the callback
  6676. properly.
  6677. Daniel (20 August 2004)
  6678. - Alexander Krasnostavsky made the write callback get called even when a zero
  6679. byte file is downloaded.
  6680. Daniel (18 August 2004)
  6681. - Ling Thio pointed out that when libcurl is built ipv6-enabled, it still did
  6682. reverse DNS lookups when fed with a numerical IP-address (like
  6683. http://127.0.0.1/), although it doesn't when built ipv6-disabled. libcurl
  6684. should never do reverse lookups.
  6685. Daniel (17 August 2004)
  6686. - Kjetil Jacobsen noticed that when transferring a file:// URL pointing to an
  6687. empty file, libcurl would return with the file still open.
  6688. - Alexander Krasnostavsky pointed out that the configure script needs to define
  6689. _THREAD_SAFE for AIX systems to make libcurl built really thread-safe.
  6690. Also added a check for the xlc compiler on AIX, and if that is detect we use
  6691. the -qthreaded compiler option
  6692. Daniel (16 August 2004)
  6693. - libcurl now allows a custom "Accept-Encoding:" header override the
  6694. internally set one that gets set with CURLOPT_ENCODING. Pointed out by Alex.
  6695. - Roland Krikava found and fixed a cookie problem when using a proxy (the
  6696. path matching was wrong). I added test case 179 to verify that we now do
  6697. right.
  6698. Daniel (15 August 2004)
  6699. - Casey O'Donnell fixed some MSVC makefile targets to link properly.
  6700. Daniel (11 August 2004)
  6701. - configure now defines _XOPEN_SOURCE to 500 on systems that need it to build
  6702. warning-free (the only known one so far is non-gcc builds on 64bit SGI
  6703. IRIX). (Reverted this change later as it caused compiler errors.)
  6704. - the FTP code now includes the server response in the error message when the
  6705. server gives back a 530 after the password is provided, as it isn't
  6706. necessary because of a bad user name or password.
  6707. Version 7.12.1 (10 August 2004)
  6708. Daniel (10 August 2004)
  6709. - In OpenSSL 0.9.7d and earlier, ASN1_STRING_to_UTF8 fails if the input is
  6710. already UTF-8 encoded. This made the certificate verification fail if the
  6711. remote server used a certificate with the name UTF-8 encoded.
  6712. Work-around brought by Alexis S. L. Carvalho.
  6713. Daniel (9 August 2004)
  6714. - I fixed the configure script for krb4 to use -lcom_err as well, as I started
  6715. to get link problems with it unless I did that on my Solaris 2.7 box. I
  6716. don't understand why I started to get problems with this now!
  6717. Daniel (5 August 2004)
  6718. - Enrico Scholz fixed the HTTP-Negotiate service name to be uppercase as
  6719. reported in bug report #1004105
  6720. Daniel (4 August 2004)
  6721. - Gisle Vanem provided a fix for the multi interface and connecting to a host
  6722. using multiple IP (bad) addresses.
  6723. - Dylan Salisbury made libcurl no longer accept cookies set to a TLD only (it
  6724. previously allowed that on the seven three-letter domains).
  6725. Daniel (31 July 2004)
  6726. - Joel Chen reported that the digest code assumed quotes around the contents a
  6727. bit too much.
  6728. Daniel (28 July 2004)
  6729. - Bertrand Demiddelaer fixed the host name to get setup properly even when a
  6730. connection is re-used, when a proxy is in use. Previously the wrong Host:
  6731. header could get sent when re-using a proxy connection to a different target
  6732. host.
  6733. - Fixed Brian Akins' reported problems with duplicate Host: headers on re-used
  6734. connections. If you attempted to replace the Host: header in the second
  6735. request, you got two such headers!
  6736. - src/Makefile.am now includes the Makefile.inc file to get info about files
  6737. Daniel (26 July 2004)
  6738. - Made "curl [URL] -o name#2" work as expected. If there's no globbing for the
  6739. #-number, it will simply be used as #2 in the file name.
  6740. - Bertrand Demiddelaer fixed testing with valgrind 2.1.x and added two missing
  6741. newlines in the cookie informationals.
  6742. Daniel (24 July 2004)
  6743. - I fixed the autobuilds with ares, since they now need to have buildconf run
  6744. in the ares dir before the configure script is run.
  6745. - Added Casey O'Donnell's curl_easy_reset() function. It has a proto in
  6746. curl/curl.h but we have no man page yet.
  6747. Daniel (20 July 2004)
  6748. - Added buildconf and buildconf.bat to the release archives, since they are
  6749. handy for rebuilding curl when using a daily snapshot (and not a pure CVS
  6750. checkout).
  6751. Daniel (16 July 2004)
  6752. - As suggested by Toby Peterson, libcurl now ignores Content-Length data if the
  6753. given size is a negative number. Test case 178 verifies this.
  6754. Daniel (14 July 2004)
  6755. - Günter Knauf has made the Netware builds do without the config-netware.h
  6756. files, so they are now removed from the dist packages.
  6757. - Günter Knauf made curl and libcurl build with Borland again.
  6758. - Andres Garcia fixed the common test 505 failures on windows.
  6759. Daniel (6 July 2004)
  6760. - Andrés García found out why the windows tests failed on file:// "uploads".
  6761. Daniel (2 July 2004)
  6762. - Andrés García reported a curl_share_cleanup() crash that occurs when no
  6763. lock/unlock callbacks have been set and the share is cleaned up.
  6764. Daniel (1 July 2004)
  6765. - When using curl --trace or --trace-ascii, no trace messages that were sent
  6766. by curl_easy_cleanup() were included in the trace file. This made the
  6767. message "Closing connection #0" never appear in trace dumps.
  6768. Daniel (30 June 2004)
  6769. - Niels van Tongeren found that setting CURLOPT_NOBODY to TRUE doesn't disable
  6770. a previously set POST request, making a very odd request get sent (unless
  6771. you disabled the POST) a HEAD request with a POST request-body. I've now
  6772. made CURLOPT_NOBODY enforce a proper HEAD. Added test case 514 for this.
  6773. Daniel (29 June 2004)
  6774. - Günter Knauf made the testcurl.pl script capable of using a custom setup
  6775. file to easier run multiple autobuilds on the same source tree.
  6776. - Gisle fixed the djgpp build and fixed a memory problem in some of the
  6777. reorged name resolved code.
  6778. - Fixed code to allow connects done using the multi interface to attempt the
  6779. next IP when connecting to a host that resolves to multiple IPs and a
  6780. connect attempt fails.
  6781. Daniel (27 June 2004)
  6782. - Based on Rob Stanzel's bug report #979480, I wrote a configure check that
  6783. checks if poll() can be used to wait on NULL as otherwise select() should be
  6784. used to do it. The select() usage was also fixed according to his report.
  6785. Mac OS X 10.3 says "poll() functionality for Mac OS X is implemented via an
  6786. emulation layer on top of select(), not in the kernel directly. It is
  6787. recommended that programs running under OS X 10.3 prefer select() over
  6788. poll(). Configure scripts should look for the _POLL_EMUL_H_ define (instead
  6789. of _POLL_H_ or _SYS_POLL_H_) and avoid implementations where poll is not
  6790. implemented in the kernel."
  6791. Yes, we can probably use select() on most platforms but today I prefered to
  6792. leave the code unaltered.
  6793. Daniel (24 June 2004)
  6794. - The standard curl_version() string now only includes version info about
  6795. involved libraries and not about particular features. Thus it will no longer
  6796. include info about ipv6 nor GSS. That info is of course still available in
  6797. the feature bitmask curl_version_info() offers.
  6798. - Replaced all occurances of sprintf() with snprintf(). This is mostly because
  6799. it is "A Good Thing" rather than actually fixing any known problem. This
  6800. will help preventing future possible mistakes to cause buffer overflows.
  6801. - Major reorganization in the host resolve code (again). This time, I've
  6802. modified the code to now always use a linked list of Curl_addrinfo structs
  6803. to return resolved info in, no matter what resolver method or support that
  6804. is available on the platform. It makes it a lot easier to write code that
  6805. uses or depends on resolved data.
  6806. Internally, this means amongst other things that we can stop doing the weird
  6807. "increase buffer size until it works" trick when resolving hosts on
  6808. ipv4-only with gethostbyname_r(), we support socks even on libcurls built
  6809. with ipv6 enabled (but only to socks servers that resolve to an ipv4
  6810. address) and we no longer deep-copy or relocate hostent structs (we create
  6811. Curl_addrinfo chains instead).
  6812. The new "hostent to Curl_addrinfo" converter function is named Curl_he2ai()
  6813. and is slightly naive and simple, yet I believe it is functional enough to
  6814. work for libcurl.
  6815. Daniel (22 June 2004)
  6816. - David Cohen pointed out that RFC2109 says clients should allow cookies to
  6817. contain least 4096 bytes while libcurl only allowed 2047. I raised the limit
  6818. to 4999 now and made the used buffer get malloc()ed instead of simply
  6819. allocated on stack as before. Extended test case 46 to include a cookie with
  6820. very huge content to verify the fix.
  6821. - Günter Knauf fixed getdate.y to remove a few warnings. I removed the
  6822. ifdef'ed test we never ever use anyway.
  6823. - Gisle Vanem fixed the certificate wildcard checks to support a '*'-letter
  6824. anywhere in the wildcard string, support multiple '*'-letters in the
  6825. wildcard and to allow the '*'-letter to match a string that includes a dot.
  6826. Daniel (21 June 2004)
  6827. - testcurl.sh is now removed completely, tests/testcurl.pl is the script to
  6828. use when autobuilding curl!
  6829. - Kjetil Jacobsen brought my attention to the fact that you cannot properly
  6830. abort an upload with the readfunction callback, since returning 0 or -1 only
  6831. stops the upload and libcurl will continue waiting for downloaded data and
  6832. the server often waits for the rest of the upload data to arrive.
  6833. Thus, I've now added the ability for read callbacks to return
  6834. CURL_READFUNC_ABORT to abort an upload from a read callback. This will stop
  6835. the transfer immediately with a CURLE_ABORTED_BY_CALLBACK return code.
  6836. Test case 513 was added to verify that it works. I had to improve the test
  6837. HTTP server too to dump the request to a file even when the client
  6838. disconnects prematurely.
  6839. Daniel (19 June 2004)
  6840. - Luca Alteas provided a test case with a failing curl operation: when we POST
  6841. to a site with --digest (or similar) set, and the server responded with a 302
  6842. Location: to the "authprobe" request, it was not treated correctly. We still
  6843. will behave badly if FOLLOWLOCATION is enabled for this case, but I'm not
  6844. in the mood to dive into this right now and will leave it as-is for now.
  6845. Verified my fix with test case 177.
  6846. Daniel (18 June 2004)
  6847. - Gisle Vanem's patch that provides more details from the SSL layers (if you
  6848. use an OpenSSL version that supports it). It also introduces two new types
  6849. of data that can be sent to the debug callback: CURLINFO_SSL_DATA_IN and
  6850. CURLINFO_SSL_DATA_OUT.
  6851. - With David Byron's test server I could repeat his problem and make sure that
  6852. POSTing over HTTPS:// with NTLM works fine now. There was a general problem
  6853. with multi-pass authentication with non-GET operations with CONNECT.
  6854. Daniel (16 June 2004)
  6855. - Modified to keep the upload byte counter in an curl_off_t, not an int as
  6856. before. 32bits is not enough. This is most likely the bug Jean-Louis Lemaire
  6857. reported that makes 2GB FTP uploads to report error ("unaligned file sizes")
  6858. when completed.
  6859. Daniel (15 June 2004)
  6860. - Luca Alteas reported a problem that I fixed: if you did a POST with
  6861. CURLAUTH_DIGEST set but the server didn't require any authentication,
  6862. libcurl would repeatedly send HEAD lots of times until it gives up. This was
  6863. actually the case for all multi-pass authentications. Added test case 174,
  6864. 175 and 176 to verify this.
  6865. Daniel (14 June 2004)
  6866. - Multipart formposts uploading files no longer inserts the files themselves
  6867. into the huge prebuilt chunk. This enables libcurl to formpost files that is
  6868. larger than the amount of system memory. When the file given is passed on
  6869. stdin, libcurl still uses the old method of reading the full fill before the
  6870. upload takes place. This approach was selected in order to not alter the
  6871. behavior for existing applications, as when using stdin libcurl can't know
  6872. the size of the upload and chunked transfer-encoding can only be used on
  6873. HTTP 1.1 servers.
  6874. Daniel (13 June 2004)
  6875. - Gisle found out that we did wildcard cert name checks wrong, so that parts
  6876. of the check wrongly was case sensitive.
  6877. Daniel (11 June 2004)
  6878. - Tim Sneddon brought a minor VMS fix to make curl build properly on his VMS
  6879. machine. He also had some interesting libcurl patches... they might be able
  6880. to do in a slightly nicer way. Discussions are in progress.
  6881. Daniel (10 June 2004)
  6882. - Gisle Vanem brought code cleanupsm better verbose output and better connect
  6883. timeout handling when attempting to connect to a host that resolves to
  6884. multiple IP addresses.
  6885. - Steven Bazyl and Seshubabu Pasam pointed out a bug on win32 when freeing the
  6886. path after a file:// transfer.
  6887. Daniel (9 June 2004)
  6888. - Alexander Krasnostavsky made 'configure --disable-http' work to build libcurl
  6889. without HTTP support. I added a new return code for curl_formadd() in case
  6890. libcurl is built with HTTP disable: CURL_FORMADD_DISABLED.
  6891. - Alexander Krasnostavsky pointed out a missing file in the generated
  6892. curllib.dsp file, and now people building with this should get a libcurl.lib
  6893. file generated as it used to do before we generated this file.
  6894. Daniel (8 June 2004)
  6895. - Marty Kuhrt fixed a minor build problem for VMS.
  6896. Daniel (7 June 2004)
  6897. - Reverted the configure check from the 4th since it obviously didn't work.
  6898. Remade it in a different manner that hopefully works better.
  6899. Daniel (4 June 2004)
  6900. - Günter Knauf brought patches to make curl build fine on NetWare again.
  6901. - Made the configure checks for strerror_r() not exit the configure script
  6902. when built for cross-compiling.
  6903. Daniel (3 June 2004)
  6904. - Chris Gaukroger pointed out that 'make test' attempts to run the tests even
  6905. if curl is built cross-compiled. I've now made it output a short message
  6906. instead, saying it isn't possible to do.
  6907. - Alexander Krasnostavsky brought FTP 3rd party transfer support to libcurl.
  6908. You can now use libcurl to transfer files between two remote hosts using
  6909. FTP. There are a bunch of new options to control this with:
  6910. CURLOPT_SOURCE_HOST
  6911. CURLOPT_SOURCE_USERPWD
  6912. CURLOPT_SOURCE_PATH
  6913. CURLOPT_SOURCE_PORT
  6914. CURLOPT_PASV_HOST
  6915. CURLOPT_SOURCE_PREQUOTE
  6916. CURLOPT_SOURCE_POSTQUOTE
  6917. (They still remain to be documented properly in the curl_easy_setopt man
  6918. page.)
  6919. When using this, the ordinary CURLOPT_URL specifies the target URL, and you
  6920. specify the source data with these additional options. ftp3rdparty.c is a
  6921. new example source code showing how to use this.
  6922. - Vincent Bronner fixed the HTTP Digest code to use the proxy user name and
  6923. password when doing proxy authentication, it previously always used the host
  6924. user name and password!
  6925. Daniel (2 June 2004)
  6926. - CURLOPT_UPLOAD and CURLOPT_PUT now do the exact same thing internally, which
  6927. fixes some old confusions on when which of these should be used and what the
  6928. differences are.
  6929. - Applied Gisle's fixes to make curl build fine with lcc-win32
  6930. Version 7.12.0 (2 June 2004)
  6931. Daniel (1 June 2004)
  6932. - I clarified the --create-dirs option somewhat in the curl man page.
  6933. - Renaud Duhaut corrected the curl_unescape man page.
  6934. - David Byron modified one of Massimiliano Ziccardi's recent MSVC makefile
  6935. changes to now again use the mm lib by default.
  6936. Daniel (26 May 2004)
  6937. - Mohun Biswas added release-zlib and debug-zlib targets to the MSVC libcurl
  6938. Makefile
  6939. - David Byron reported a problem with proxy authentication when doing CONNECT,
  6940. like when accessing HTTPS sites wiht a proxy. This probably broke when I
  6941. rewrote the auth stuff recently.
  6942. - I added fileupload.c in the examples directory, showing how an upload to a
  6943. file:// URL is made.
  6944. Daniel (25 May 2004)
  6945. - Massimiliano Ziccardi updated the MSVC makefiles.
  6946. Daniel (24 May 2004)
  6947. - libcurl now supports "uploading" to file:// URLs. Test 204 and 205 were
  6948. added to verify.
  6949. - Simon Josefsson added a idn_free() function in libidn 0.4.5 as a reaction to
  6950. Gisle's previous mail. We now use this function, and thus we require libidn
  6951. 0.4.5 or later. No earlier version will do.
  6952. - Robert D. Young reported that CURLOPT_COOKIEFILE and CURLOPT_COOKIE could
  6953. not be used both in one request. Fixed it and added test case 172 to verify.
  6954. Daniel (21 May 2004)
  6955. - While talking to host a.b.c, libcurl did wrongly not accept cookies that
  6956. were set to the domain .a.b.c (that is with a dot prefix). This is now fixed
  6957. and test case 171 verifies it.
  6958. Daniel (20 May 2004)
  6959. - Jesse Noller reported that the upload speed info reported by libcurl was
  6960. wrong. The same was true for the download speed. Fixed now.
  6961. Daniel (19 May 2004)
  6962. - David Byron added test case 170 - this used to crash the previous version of
  6963. curl.
  6964. Daniel (17 May 2004)
  6965. - Peter Sylvester's patch that addresses two flaws in the peer certificate
  6966. name verification:
  6967. o when multiple common names are used (as in the curl tests), the last name
  6968. needs to be selected.
  6969. o allow comparing with encoded values, at least with BMP and ISO latin1
  6970. encoded T61strings.
  6971. - All 191 test cases run through the torture test OK! 'make test-torture' is
  6972. now available in the root makefile (on configure-based environments).
  6973. Daniel (14 May 2004)
  6974. - With a slightly modified ftpserver.pl I've now run almost all tests through
  6975. with runtests.pl -t. This is goodness!
  6976. - Since I have been unable to contact the CVS admins for several months, I've
  6977. decided that the current CVS hosting was not good enough. I've now moved the
  6978. CVS repo once again, see README for updated cvs checkout instructions.
  6979. Daniel (13 May 2004)
  6980. - runtests.pl -t now runs fine all the way to test 100. I believe test case
  6981. 100 fails because of an FTP server problem.
  6982. Daniel (12 May 2004)
  6983. - General cleanups all over to make libcurl survive and do well when a memory
  6984. function returns NULL. runtests.pl -t now works fine for the first 26 test
  6985. cases.
  6986. Daniel (11 May 2004)
  6987. - Seshubabu Pasam provided a patch that introduces curl_global_init_mem() -
  6988. like normal curl_global_init() but allows the app to replace all memory
  6989. functions with its own set. I modified it slightly.
  6990. - Based on Luca Alteas' comments, I modified the curllib.dsp generation code.
  6991. Daniel (10 May 2004)
  6992. - Gisle mailed Simon Josefsson (of libidn fame) about the benefits of a
  6993. separate free()-function by that lib to make sure the memory is freed by the
  6994. same memory subsystem that allocated it. He responded positively and this
  6995. will likely cause us to require a newer version of libidn as soon as Simon
  6996. releases one with such a libidn_free() function.
  6997. - James Bursa made runtests.pl's -t option work for any given test case, and I
  6998. edited to allow -g too. Not even test case 1 worked...
  6999. - Luca Altea made the nc= field not use quotes in outgoing HTTP Digest headers.
  7000. - Andrés García fixed a problem in the test script that made it fail to
  7001. recognize our own running HTTP server.
  7002. Daniel (7 May 2004)
  7003. - James Bursa fixed the memanalyze.pl script to conder malloc(0) areas OK to
  7004. free() and he made two failed-resolve error messages use the new display-
  7005. name instead of the internally-used name.
  7006. - Gisle Vanem tried curl with
  7007. www.etdomenenavnkanmaksimaltinneholdesekstitrebokstaversliksomdette.com
  7008. which caused problems, and I fixed the single zero byte buffer overwrite
  7009. that occurred (due to a stupid protocol buffer size and parser).
  7010. - Made the lib/curllib.dsp file get generated automaticly when a distribution
  7011. package is made, with the msvcproj.* files as templates and all
  7012. win32-sources added. I think this can be made to work better than the always
  7013. lagging-behind previous approach. I'm not sure this builds a working project
  7014. file right now though!
  7015. Daniel (6 May 2004)
  7016. - Michael Benedict brought a fix that fills in the errorbuffer properly when
  7017. ares fails to resolve a name for a case not previously dealt with like this.
  7018. Daniel (5 May 2004)
  7019. - Joe Halpin fixed the annoying typecast warning in lib/ldap.c
  7020. - Gisle Vanem fixes:
  7021. o memdebug to not access NULL on several places
  7022. o libcurl.def; curl_formparse is gone.
  7023. o progress.c; fixed the percent values being trunced to 0.
  7024. o if2ip.*; constified the 'interface' argument.
  7025. - Tor Arntsen reported that many of his autobuilds froze and I found and fixed
  7026. a problem introduced with the HTTP auth overhaul that could lead to a
  7027. never-ending internal request-loop due to un-initialized variables!
  7028. - Removed several compiler warnings on various compilers/platforms.
  7029. Daniel (4 May 2004)
  7030. - curl_formparse() has been removed from the library. It has been marked and
  7031. mentioned as deprecated for several years.
  7032. Daniel (3 May 2004)
  7033. - Rewritten HTTP authentication code. The previous code could not properly
  7034. deal with the added test cases 167, 168 and 169. I've now rewritten the code
  7035. to better separate host and proxy authentication and not re-use the same
  7036. variables as much as before as it proved non working in the more involved
  7037. cases. All the current tests run OK now, and so do the new ones. The curl
  7038. tool got a new option named --proxy-digest to enable HTTP Digest
  7039. authentication with the proxy. I also made the library support it.
  7040. - Gisle Vanem made the LDAP code work with wldap32.dll as supplied with
  7041. Win-98/ME/2000/XP, so no extra .dlls are required when curl/libcurl is used
  7042. on these Windows versions.
  7043. Daniel (30 April 2004)
  7044. - runtests.pl now scans the valgrind log for valgrind-detected memory leaks
  7045. after each test case if valgrind was found and used.
  7046. - I modified the app-code in curl to include the new lib/curlx.h and only
  7047. access those functions using the curlx_-prefix in preparation for the future
  7048. removal of several curl_-functions from the public libcurl API.
  7049. - Introduced lib/curlx.h as a single header to provide the curlx_-functions
  7050. to apps.
  7051. - Added notices in the man pages for curl_getenv, curl_mprintf, curl_strequal
  7052. and curl_strnequal that they are subject for removal in a future release.
  7053. STOP USING THESE FUNCTIONS.
  7054. - Mihai Ionescu noticed he couldn't do formposts with whitespace in the file
  7055. names and yes, I broke that on April 23. Sigh. I fixed it now and added
  7056. test case 166 to verify it.
  7057. - Luca Altea pointed out a mistake left from the Digest patch of yesterday.
  7058. Daniel (29 April 2004)
  7059. - Made IDN domains work when sending requsts over HTTP proxy as well. Added
  7060. test case 165 to verify the functionality.
  7061. - Fixed a bug in the new internal host name setup when re-using connections.
  7062. - James Bursa found out that curl_easy_duphandle() with ares-built libcurl
  7063. created a bad handle that would crash in the first name resolve attempt. This
  7064. is now fixed and test case 512 was added to verify it.
  7065. - Luca Altea provided a major HTTP Digest code fix and cleanup. We now follow
  7066. the Digest RFC a lot better.
  7067. - Gisle Vanem made the SSL code use ERR_error_string_n() where applicable.
  7068. Daniel (27 April 2004)
  7069. - I remodeled Gisle's IDN code slightly and now we convert both the host name
  7070. and proxy name to the ACE encoded version to use internally for resolves and
  7071. cookies etc. They are now using one 'struct hostname' each that keep both
  7072. the original name and the possibly encoded name. IDN resolves work for me
  7073. now using ipv6, ipv4 and ares resolving. Even cookies on IDN sites seem to
  7074. do right. I got some failures at first when CHARSET wasn't set at all which
  7075. confused libidn completely and it decided by encoding of choice was
  7076. 'ANSI_X3.4-1968'...
  7077. - made 'configure --without-libidn' work
  7078. Daniel (25 April 2004)
  7079. - Fixed the src/hugehelp.c file to include "setup.h" instead of "config.h" to
  7080. make the problems with USE_MANUAL on windows go away.
  7081. - configure --without-ssl could still wrongly include some OpenSSL info in the
  7082. Makefiles if pkg-config had info about OpenSSL. Bug #941762 reported by
  7083. Martin.
  7084. - Since we can now build and use quite a large set of 3rd party libraries, I
  7085. decided I would make configure produce a summary at the end showing what
  7086. libraries it uses and if not, what option to use to make it use that. I also
  7087. added some other random info that is nice in a "configure summary" output.
  7088. - Applied TommyTam's patch that now make curl work with telnet and stdin
  7089. properly on Windows.
  7090. - The changes for today below were made by me and Gisle Vanem.
  7091. The file previously known as hostip.c has now undergone a huge cleanup and
  7092. split:
  7093. hostip.c explained
  7094. ==================
  7095. The main COMPILE-TIME DEFINES to keep in mind when reading the host*.c
  7096. source file are these:
  7097. CURLRES_IPV6 - this host has getaddrinfo() and family, and thus we use
  7098. that. The host may not be able to resolve IPv6, but we don't really have to
  7099. take that into account. Hosts that aren't IPv6-enabled have CURLRES_IPV4
  7100. defined.
  7101. CURLRES_ARES - is defined if libcurl is built to use c-ares for asynchronous
  7102. name resolves. It cannot have ENABLE_IPV6 defined at the same time, as
  7103. c-ares has no ipv6 support. This can be Windows or *nix.
  7104. CURLRES_THREADED - is defined if libcurl is built to run under (native)
  7105. Windows, and then the name resolve will be done in a new thread, and the
  7106. supported asynch API will be the same as for ares-builds.
  7107. If any of the two previous are defined, CURLRES_ASYNCH is defined too. If
  7108. libcurl is not built to use an asynchronous resolver, CURLRES_SYNCH is
  7109. defined.
  7110. The host*.c sources files are split up like this:
  7111. hostip.c - method-independent resolver functions and utility functions
  7112. hostasyn.c - functions for asynchronous name resolves
  7113. hostsyn.c - functions for synchronous name resolves
  7114. hostares.c - functions for ares-using name resolves
  7115. hostthre.c - functions for threaded name resolves
  7116. hostip4.c - ipv4-specific functions
  7117. hostip6.c - ipv6-specific functions
  7118. The hostip.h is the single united header file for all this. It defines the
  7119. CURLRES_* defines based on the config*.h and setup.h defines.
  7120. - Added function header comments to many functions in an attempt to better
  7121. explain the purpose of them all.
  7122. - configure --with-libidn is now supported. It makes the configure script
  7123. check for libidn libs and include files in the prefix path given. If you
  7124. say --with-libidn=/usr/local, it will check for the lib in /usr/local/lib
  7125. and the includes in /usr/local/include etc.
  7126. - curl_version_info() now returns a struct aged CURLVERSION_THIRD including
  7127. libidn version info. The string curl_version() returns also includes libidn
  7128. version info, if available.
  7129. Version 7.11.2 (26 April 2004)
  7130. Daniel (25 April 2004)
  7131. - Erwin Authried pointed out that configure --disable-manual didn't do right
  7132. if you already had a src/hugehelp.c source file present (which most people
  7133. do I guess). It now uses the USE_MANUAL define properly.
  7134. Daniel (23 April 2004)
  7135. - Gisle Vanem found and fixed a memory leak when doing (failing) Windows
  7136. threaded name resolves.
  7137. - I also added test case 163 just to make sure -F "var=<file" works fine and
  7138. can pass on characters such as newlines, carriage-return and tabs.
  7139. - When we added test case 162 without adding the necessary requirement field
  7140. in the test meta data we could see that curl didn't complain if you used
  7141. --proxy-ntlm even if the underlying libcurl it uses has no NTLM support! I
  7142. now made it check this first, and it now exists with a "the installed
  7143. libcurl version doesn't support this" message if it happens again.
  7144. Daniel (22 April 2004)
  7145. - David Byron found and fixed a small bug with the --fail and authentication
  7146. stuff added a few weeks ago. Turns out that if you specify --proxy-ntlm and
  7147. communicate with a proxy that requires basic authentication, the proxy
  7148. properly returns a 407, but the failure detection code doesn't realize it
  7149. should give up, so curl returns with exit code 0. Test case 162 added to
  7150. verify the functionality.
  7151. - allow newlines in the contents when doing -F "var=[contents]"
  7152. Robert Marlow reported.
  7153. - If a transfer is found out to be only partial, libcurl will now treat that
  7154. as a problem serious enough to skip the final QUIT command before closing
  7155. the control connection. To avoid the risk that it will "hang" waiting for
  7156. the QUIT response. Added test case 161 to verify this.
  7157. Daniel (21 April 2004)
  7158. - Modified the heuristics for dealing with the test 160 scenario. When a
  7159. connection is re-used and nothing at all is received from it (because the
  7160. server closes the connection), we will now retry the request on a fresh new
  7161. connection. The previous ECONNRESET stuff from January 30 was removed again
  7162. as it didn't detect the situation good enough.
  7163. Daniel (20 April 2004)
  7164. - Added test case 160 to verify that curl works correctly when it gets a
  7165. connection reset when trying to re-use a connection. It should then simply
  7166. create a new connection and resend the request.
  7167. Daniel (19 April 2004)
  7168. - No more 512 byte limit for host name (inclusing name + password) in libcurl.
  7169. An added bonus is that we use less memory for the typical (shorter URL)
  7170. case.
  7171. - Cleaned up the sources to better use the terms 'hostname' and 'path'
  7172. internally when referring to that data. The buffers used for keep that info
  7173. is called 'namebuffer' and 'pathbuffer'. Much easier to read and understand
  7174. than the previous mess.
  7175. Daniel (15 April 2004)
  7176. - Modified runtests.pl again to remove all log files in the log/ dir between
  7177. each test, and then made -p display all non-zero byte files in the log dir.
  7178. It should make that data more usable and contain less rubbish.
  7179. - ftpserver.pl now produces log files more similar to how the sws ones look
  7180. and they now also contains a bit more details to help debugging ftp
  7181. problems.
  7182. - Removed the fixed maximum amount of dir levels the FTP code supported.
  7183. Previously we had a fixed array for 100 levels, now we save space in each
  7184. handle by allocating only for a few level by default and then enlarging that
  7185. in case of need (with no maximum depth). Adjusted test case 142 to verify
  7186. that 150 dir levels work fine. An added bonus is that we use less memory
  7187. for the typical (not very deep) case.
  7188. Daniel (14 April 2004)
  7189. - Asking for CURL_IPRESOLVE_V6 when ipv6 addresses can't be resolved will
  7190. now cause the resolve function to return NULL immediately. This flaw was
  7191. pointed out by Gisle Vanem.
  7192. - Gisle Vanem made curl -4/-6 actually set the desired option to libcurl.
  7193. - runtests.pl now has a new option (-p) that will display "interesting" log
  7194. files to stdout in case of a test failure. This is primarily intended to be
  7195. used in the 'full-test' make target that is used by the autobuild tests, as
  7196. we then get a much better chance to understand (remote) test failures based
  7197. on autobuild logs alone.
  7198. Daniel (13 April 2004)
  7199. - Gisle Vanem made the multi interface work again on Windows even when built
  7200. without ares. Before this, select() would return -1 during the name resolve
  7201. phase since curl_multi_fdset() didn't return any fd_set at all which wasn't
  7202. appreciated!
  7203. - curl_easy_duphandle() now duplicates the tcp_nodelay info as well.
  7204. Daniel (11 April 2004)
  7205. - Applied David Byron's patch for the MSVC libcurl makefile for builds with
  7206. zlib.
  7207. Daniel (9 April 2004)
  7208. - Dirk Manske improved the timer resolution for CURLINFO_*_TIME, it can now
  7209. be down to usec if the system sypports it.
  7210. Daniel (7 April 2004)
  7211. - A request that sends "Expect: 100-continue" and gets nothing but a single
  7212. 100 response back will now return a CURLE_GOT_NOTHING. Test 158 verifies.
  7213. - The strtoofft() macro is now named curlx_strtoofft() to use the curlx_*
  7214. approach fully.
  7215. Daniel (6 April 2004)
  7216. - Gisle Vanem's fixed bug #927979 reported by Nathan O'Sullivan. The problem
  7217. made libcurl on Windows leak a small amount of memory in each name resolve
  7218. when not used as a DLL.
  7219. - New authentication code added, particularly noticable when doing POST or PUT
  7220. with Digest or NTLM. libcurl will now use HEAD to negotiate the
  7221. authentication and when done perform the requested POST. Previously libcurl
  7222. sent POST immediately and expected the server to reply a final status code
  7223. with an error and then libcurl would not send the request-body but instead
  7224. send then next request in the sequence.
  7225. The reason for this change is due to IIS6 barfing on libcurl when we attempt
  7226. to POST with NTLM authentication. The reason for the problems is found in
  7227. RFC2616 section 8.2.3 regarding how servers should deal with the 100
  7228. continue request-header:
  7229. If it responds with a final status code, it MAY close the transport
  7230. connection or it MAY continue to read and discard the rest of the
  7231. request.
  7232. Previous versions of IIS clearly did close the connection in this case,
  7233. while this newer version decided it should "read and discard". That would've
  7234. forced us to send the whole POST (or PUT) data only to have it discarded and
  7235. then be forced to send it again. To avoid that huge penality, we switch to
  7236. using HEAD until we are authenticated and then send the POST.
  7237. The only actual drawback I can think of (except for the odd sites that might
  7238. treat HEAD differently than they would treat POST/PUT when given the same
  7239. URL) is that if you do POST with CURLAUTH_ANY set and the site requires NO
  7240. authentication, libcurl will still use a HEAD in a first round and then do a
  7241. POST.
  7242. If you do a HEAD or a GET on a site using CURLAUTH_ANY, libcurl will send
  7243. an un-authenticated request at once, which then is the only request if the
  7244. site requires no auth.
  7245. Alan Pinstein helped me work out the protocol details by figuring out why
  7246. libcurl failed and what IIS6 expects.
  7247. - The --limit-rate logic was corrected and now it works a lot better for
  7248. higher speeds, such as '10m' or similar. Reported in bug report #930249.
  7249. - Introducing curlx_tvnow() and curlx_tvdiff() using the new curlx_* fashion.
  7250. #include "timeval.h" from the lib dir to get the protos etc. Note that
  7251. these are NOT part of the libcurl API. The curl app simply uses the same
  7252. source files as the library does and therefore the file needs to be compiled
  7253. and linked with curl too, not just when creating libcurl.
  7254. - lib/strerror.c no longer uses sys_nerr on non-windows platforms since it
  7255. isn't portable enough
  7256. Daniel (2 April 2004)
  7257. - In the curl_strnqual.3 man page, we now prepend the man3 dir to the file
  7258. name to work better. As pointed out by Robin Kay.
  7259. - Andrés García updated the mingw makefiles.
  7260. - Dirk Manske fixed a problem I recently added in the progress meter code that
  7261. broke subsecond resolution for CURLINFO_TOTAL_TIME. He also pointed out a
  7262. mistake in the code that produces the final update of the progress meter
  7263. that would often prevent it from actually being updated that final time.
  7264. Daniel (1 April 2004)
  7265. - Dirk Manske fixed a memory leak that happened when we use ares for name
  7266. resolves and decides to time-out before ares does it. This fix uses the
  7267. brand new ares_cancel() function which is not present in c-ares 1.1.0.
  7268. When told to enable ares, the configure script now checks for presence of
  7269. the ares_cancel function to alert users if they attempt to use a too old
  7270. c-ares library.
  7271. Daniel (31 March 2004)
  7272. - Roy Shan fixed a flaw that prevented ares name resolve timeouts to occur!
  7273. - Dirk Manske found out that libcurl timed out waiting for resolves far too
  7274. easy when libcurl was built to use (c-)ares for name resolving.
  7275. - Further Digest fixing and a successful test case 153 now makes me believe
  7276. Mitz Wark's problems are fixed.
  7277. - Andres Garcia figured out that test case 63, while working, only proved a
  7278. flaw in libcurl's 'http_proxy' parser when a user name and password is
  7279. provided. The user name was not extracted properly (and 'http' was always
  7280. used as user name).
  7281. - Andrés García fixed compiler warnings in our ioctlsocket() usage.
  7282. Daniel (30 March 2004)
  7283. - Joe Halpin faced problems with the getnameinfo() argument ai_flags and the
  7284. particular bit named 'NI_WITHSCOPEID' on Solaris 9 for Intel. I've now
  7285. written a configure test that checks for a working NI_WITHSCOPEID
  7286. implemenation. No code uses the result from this test yet, it is still
  7287. experimental. James Carlson wrote in comp.unix.solaris: "It's a bug
  7288. (5006623) -- it's not supported and shouldn't be in the header file."
  7289. - I provided Mitz Wark with a first patch in order to fix libcurl's problems
  7290. to re-negotiate Digest authentication (when 'stale=true' is included in the
  7291. response header).
  7292. - Roy Shan discovered that the multi interface didn't properly timeout name
  7293. lookups which could make handles get stuck in that state and thus never get
  7294. completed. I've produced a first test patch that attempts to correct this.
  7295. - David Byron's patch was appplied to make CURLOPT_FAILONERROR work nicely
  7296. even with authentcations such as NTLM or Digest enabled. Test cases 150, 151
  7297. and 152 were added to verify the functionality.
  7298. Daniel (29 March 2004)
  7299. - Gisle Vanem updated files for the djgpp/MS-DOS build.
  7300. - Andrés García helped me work out a fix for the runtests.pl script to make
  7301. the file:// tests run fine when tested with the mingw-built version of curl.
  7302. - Fixed an include issue with netinet/tcp.h on AIX, based on input by Tor.
  7303. This also required a minor fix of the configure script.
  7304. - The postit2.c source example used the wrong struct name for the post data.
  7305. Daniel (26 March 2004)
  7306. - Gisle Vanem improved ipv6 support on windows by making the curl build to use
  7307. the correct getaddrinfo() function.
  7308. Daniel (25 March 2004)
  7309. - It turned out that AIX, despite having a "thread-safe libc", doesn't offer
  7310. all traditional functions thread-safe. This URL is informative on this
  7311. subject:
  7312. http://publibn.boulder.ibm.com/doc_link/en_US/a_doc_lib/aixprggd/ \
  7313. genprogc/thread_quick_ref.htm
  7314. As a result of this, we now check for three *_r() functions on recent AIX
  7315. versions as well that the URL mentions aren't thread-safe in AIX 5.1.
  7316. - renamed curl_strerror.[ch] to strerror.[ch]
  7317. - Joe Halpin added CURLOPT_TCP_NODELAY and --tcp-nodelay to make it possible
  7318. for users to disable the Nagle algorthim-usage.
  7319. - Tor Arntsen provided some interesting strerror_r() knowledge. glibc has its
  7320. own API which differs from the POSIX one. Daniel adjusted the configure
  7321. script to detect the version in use, and the code now uses the new defines
  7322. accordingly.
  7323. - Fixed some build flaws with the new lib/curl_strerror.c source file.
  7324. Daniel (24 March 2004)
  7325. - Gisle Vanem's fix to replace the bad use of strerror(). This introduces
  7326. Curl_strerror() that attempts to be thread-safe _and_ works on Windows too!
  7327. - Tor Arntsen spell-fixed lots of libcurl man pages.
  7328. - Tor Arntsen made testcurl.pl work with older perl 5 versions, and Daniel
  7329. made it not use chdir .. to go back, as that isn't very good when you've
  7330. setup a testdir containing symlinks.
  7331. - Added a check for strerror_r() in the configure script.
  7332. Daniel (23 March 2004)
  7333. - Added Greg Hewgill's testcurl.pl script to CVS. We have not moved over to
  7334. use this script for the real distributed testing just yet, but it is only
  7335. a matter of time.
  7336. - Gisle Vanem provided code that makes curl report a better error message
  7337. if --interface fails on windows.
  7338. - The regular progress meter is now fixed to never wrap due to long lines. All
  7339. fields are now static sized. If the time in the time fields get a time value
  7340. that would represent a time that is 100 hours or more (if not, it remains
  7341. using a HH:MM:SS display), it switches first to a "NNNd NNh" display (for
  7342. days and hours) and if that isn't enough it switches to a "NNNd" display if
  7343. it is more than 999 days.
  7344. Several of the calculations were also moved to fixed-point math instead of
  7345. using doubles.
  7346. Daniel (22 March 2004)
  7347. - Glen Nakamura noticed CURLINFO_CONTENT_LENGTH_DOWNLOAD didn't work as it
  7348. used to do if CURLOPT_NOBODY is set TRUE.
  7349. - Kevin Roth patched the cygwin package makefile and README to adjust to
  7350. new cygwin packaging guidelines.
  7351. - Enabled "NT responses" in the NTLM authentication. Doing this simply means
  7352. that we provide an extra chunk of data in each "type-3 message". The only
  7353. reason for doing this is that it seems that using only the "Lanmanager hash"
  7354. (as we've been doing until now) doesn't support passwords longer than 14
  7355. characters and it turns out there are users out there who want to use
  7356. libcurl and NTLM with such passwords! ;-) Seven NTLM-related test cases were
  7357. updated accordingly. Mentioned as issue 29 in TODO-RELEASE, bug report
  7358. #915609
  7359. - Moved the generated libcurl version info to a new header file, named
  7360. curl/curlver.h. Now interested parties can include ONLY version info, should
  7361. anyone want that (and it seems at least some windows resource files would).
  7362. Mentioned as issue 27 in TODO-RELEASE.
  7363. Daniel (21 March 2004)
  7364. - Fixed the root Makefile to use tabs for the netware target. Günter Knauf
  7365. pointed this out.
  7366. - Marty Kuhrt's VMS cleanup
  7367. - Thomas Schwinge made buildconf recognize ACLOCAL_FLAGS to invoke aclocal
  7368. with particular pre-determined options.
  7369. Version 7.11.1 (19 March 2004)
  7370. Daniel (18 March 2004)
  7371. - Tor Arntsen brought some info about SGI IRIX:
  7372. IRIX supports 3 different executable/object formats, -32, -n32 and -64.
  7373. -n32 is default 32-bit format, -32 is the "old" 32-bit format, and -64 is
  7374. the 64-bit format. Libraries for the different formats are in lib, lib32
  7375. and lib64 respectively.
  7376. We've now adjusted the configure script to adapt to this when scanning for
  7377. 3rd party libs, such as OpenSSL.
  7378. Daniel (17 March 2004)
  7379. - Watz pointed out a few missing files in the MSVC project description file.
  7380. - Günter Knauf brought patches, code and makefiles to build curl on Novell
  7381. NetWare.
  7382. Daniel (15 March 2004)
  7383. - Lots of libcurl man pages were updated to contain references to other man
  7384. pages the recognized way so that they appear as nice hyperlinks in the HTML
  7385. versions.
  7386. - buildconf now checks the m4 version too, since autoconf requires a GNU m4
  7387. version to build proper configure scripts.
  7388. Daniel (12 March 2004)
  7389. - Added CURLOPT_POSTFIELDSIZE_LARGE, the large file version of
  7390. CURLOPT_POSTFIELDSIZE to allow POSTs larger than 2GB.
  7391. - David Byron fixed an uninitialized variable case/crash.
  7392. Daniel (10 March 2004)
  7393. - Jeff Lawson fixed the SSL connection to deal with received signals during the
  7394. connect.
  7395. - Changed the OS string for win32 to become "i386-pc-win32".
  7396. Daniel (9 March 2004)
  7397. - Changed the internals to use curl_socket_t for socket variable type. This
  7398. should enable us to build with less warnings on Windows, where SOCKET is
  7399. used which is an unsigned int, while most other platforms use a mere int.
  7400. - Modified lib/config-win32.h to build fine on MSVC again.
  7401. Version 7.11.1-pre1 (8 March 2004)
  7402. Daniel (8 March 2004)
  7403. - Minor fix to make curl CURL_VERSION_LARGEFILE is only set if curl_off_t is
  7404. larger than 4 bytes.
  7405. Daniel (4 March 2004)
  7406. - Improved PUT/POST with NTLM/Digest authentication, the so called issue 12.
  7407. - Modified the test HTTP server a lot to work with the upcoming changes for
  7408. PUT/POST with NTLM/Digest authentication (like test case 88). Added Andrés
  7409. García's win32-changes. Improved the logging.
  7410. - Fixed the file:-related progress/getinfo stuff a bit more.
  7411. Daniel (4 March 2004)
  7412. - I corrected a problem with the multi interface when following a Location:
  7413. header or when doing multiple-request authentications. A subsequent request
  7414. could erroneously re-use a previous connection that was sent with
  7415. Connection: close. Christopher R. Palmer reported.
  7416. - Andrés García patched curl to prevent warnings while compiling with mingw,
  7417. mainly because it is now possible to have both WIN32 and HAVE_CONFIG_H
  7418. defined.
  7419. - When transferring files from a file: URL, the progress meter and other
  7420. transfer metrics were not updated properly.
  7421. - David Byron provided a "version resource" file to the curl executable for
  7422. the windows builds.
  7423. Daniel (3 March 2004)
  7424. - David Byron's work on making libcurl only require winsock 1.1 on Windows
  7425. machines.
  7426. - More variable cleanups based on compiler warnings generated by Tor Arntsen's
  7427. autobuilds with MIPSPro.
  7428. - Joe Halpin helped us fix some pedantic compiler warnings on FreeBSD.
  7429. - Applied Tom Bates' patch to build on nsr-tandem-nsk.
  7430. - Dan Fandrich corrected some flaws in the configure GSS detection.
  7431. Daniel (2 March 2004)
  7432. - Fixed the libcurl code to use FORMAT_OFF_T for printf() formatting
  7433. curl_off_t types internally.
  7434. Daniel (1 March 2004)
  7435. - Added CURL_VERSION_LARGEFILE as a feature-bit in the curl_version_info()
  7436. response, that signals if this libcurl supports >2GB files. curl -V now
  7437. outputs 'Largefile' in the Features: field if this is the case. Most systems
  7438. are likely to support this.
  7439. - We offer a CURL_FORMAT_OFF_T define in the public header, which can be used
  7440. to printf() curl_off_t variables. We also modified the libcurl sources to
  7441. use this define instead of the previous %Od approach (although I've left the
  7442. O-flag functional in the code). This should also prevent compilers to warn
  7443. on the home-grown option.
  7444. - Fixed the resume-check code to test for a working resume at the end of the
  7445. headers and not at the first body-byte.
  7446. - CURLOPT_DNS_USE_GLOBAL_CACHE is now considered obsolete. Stop using it. If
  7447. you need a global DNS cache for whatever reason, use the share interface and
  7448. you'll get a global cache that works the way it should work. You can even
  7449. have any number of global caches, all at your command. This is now also
  7450. mentioned in the docs.
  7451. - Made the *printf code support the z-flag to enable size_t printf() in a
  7452. manner similar to how glibc allows it. To make printfing of this work on
  7453. platforms with 64bit size_t and 32bit ints. If there even are any! ;-)
  7454. - Christopher R. Palmer discovered that if you CURLOPT_FRESH_CONNECT and
  7455. CURLAUTH_NTLM (or CURLAUTH_ANY and libcurl then picked NTLM), libcurl would
  7456. loop without succeeding to authenticate due to the new connection that was
  7457. made for all round-trips in the authentication. Now, the FRESH_CONNECT is
  7458. remade to only matter for the first connection made with curl_easy_perform()
  7459. and all the rest that might follow due to FOLLOWLOCATION or HTTP
  7460. authentication are now ignoring that option.
  7461. - Adjusted the QUIT code slightly since it could core-dump.
  7462. - Corrected the test suite's FTP server to provide a correct size to the
  7463. 'verifiedserver' request.
  7464. Daniel (27 February 2004)
  7465. - Joe Halpin made the FTP code send QUIT on the control connection before
  7466. disconnecting the TCP connection. This is what good-behaving ftp clients
  7467. should do.
  7468. Daniel (26 February 2004)
  7469. - David Byron updated several files to make curl build fine on MSVC 6. He
  7470. also added the 'buildconf.bat' that works like the 'buildconf + configure'
  7471. combo does on unixes.
  7472. - Gisle Vanem made the memdebug stuff support calloc() as well.
  7473. - Tor Arntsen pointed out that testcurl.sh needed to remove the generated
  7474. files in order to have them re-generated in each build.
  7475. - Andy Serpa found out that the share interface did not enjoy life when not
  7476. having the lock and unlock callbacks set, even though documented to be
  7477. OK. It still is OK, and now the code won't segfault anymore!
  7478. Daniel (25 February 2004)
  7479. - Based on a patch by Greg Hewgill I modified how long long is used in the
  7480. mprintf code, as we can use a 64bit type with MSVC that is a long long
  7481. equivalent. This corrects some weird large file behaviors on windows.
  7482. - Tor Arntsen helped me work out --enable-debug to work better with different
  7483. versions of the gcc and icc compilers.
  7484. - Added CURLOPT_SHARE to the curl_easy_setopt.3 man page.
  7485. Daniel (22 February 2004)
  7486. - Applied the final pieces of Gisle Vanem's patch that brings a working name
  7487. resolve timeout to the windows versions of curl!
  7488. Daniel (21 February 2004)
  7489. - David Byron's fix to allow the speed-limit logic work even if you set
  7490. limit-rate. It does work on the expense of the rate limiter.
  7491. Daniel (20 February 2004)
  7492. - configure --enable-debug with gcc now also tries to detect the icc compiler
  7493. (which somehow gets treated as if it is a gcc) to stop using all the gcc
  7494. options with it, and we also provide -isystem options for each extra -I
  7495. option the configure script has figured out (for OpenSSL, kerberos, zlib,
  7496. Heimdal etc). This of course to prevent warnings on headers we don't have
  7497. control of.
  7498. Daniel (19 February 2004)
  7499. - Doug Porter made libcurl use the HOME environment variable before the
  7500. getpwuid results when looking for .netrc files.
  7501. - If 'configure --enable-debug' is used with gcc, it now checks which gcc
  7502. version it is and uses as picky compiler options as possible for the
  7503. particular version.
  7504. - Code that can be used in both the lib and in the curl app is now made to use
  7505. the curlx_ prefix. The first function to be available like this is the
  7506. curlx_strtoll() function. This is made to allow the app to use existing code,
  7507. but without polluting the libcurl API. Further explanations posted here:
  7508. http://curl.haxx.se/mail/lib-2004-02/0215.html
  7509. Daniel (18 February 2004)
  7510. - Fixed buildconf to not use "which" as AIX and Tru64 have what have been
  7511. referred to as "horribly broken 'which' programs".
  7512. - Made sure dns cache timeout set to -1 really means caching forever.
  7513. Daniel (17 February 2004)
  7514. - Made it possibly to build c-ares with the libcurl memdebug system to better
  7515. track memory.
  7516. Daniel (16 February 2004)
  7517. - When using ares, we now initialize the ares 'channel' in curl_easy_init()
  7518. and re-use that same handle during the entire curl handle's life-time. It
  7519. improves performance.
  7520. - Fixed a problem when displaying verbose for ipv6-enabled libcurls and
  7521. re-used connections. Problem reported and fix verified by Grigory Entin.
  7522. - Jeff Lawson fixed the version-check in the SOCKS5 code.
  7523. Daniel (15 February 2004)
  7524. - Fixed a case where a host cache entry was not flagged in-use properly when a
  7525. cached entry was used.
  7526. - Andrés García's patch that checks for winmm in the configure script was
  7527. applied.
  7528. Daniel (13 February 2004)
  7529. - Ben Greear's SO_BINDTODEVICE patch for the binding of the local end to a
  7530. specific network interface.
  7531. - Greg Hewgill found out that the variable holding 'contentlength' wasn't big
  7532. enough to hold a large file!
  7533. - Tor Arntsen fixed a 64bit-related problem in date-related code in the ftp
  7534. department, and there was another potential problem in the name resolve code
  7535. too.
  7536. Daniel (11 February 2004)
  7537. - Removed a few variables that were only set but never used, as some compilers
  7538. warn about that and we do not like compiler warnings!
  7539. - Removed the need for symlinks in the tests/data directory if curl is built
  7540. outside of the source directory and the 'make test' is used. This was done
  7541. by providing a "source dir path" to the scripts/servers.
  7542. - Now, if the configure script can't find an nroff tool or an option to nroff
  7543. to use to convert man pages with, it will completely switch off the built-in
  7544. manual.
  7545. - 'configure --disable-manual' completely disables the built-in manual from
  7546. the curl command tool.
  7547. - Andrés García fixed the configure script and a minor source edit, and now
  7548. he has managed to get msys/mingw to run configure and then build!
  7549. Daniel (9 February 2004)
  7550. - The default HTTP Accept: header was modified to the much simpler
  7551. "Accept: */*".
  7552. - P R Schaffner updated the curl-ssl spec file for RPMs.
  7553. - Dominick Meglio brought lots of documentation for the share interface's man
  7554. pages that were previously missing.
  7555. - Tor Arntsen provided a patch that makes libcurl work-around a bug in the
  7556. AIX5 implementation of getaddrinfo(). This makes the FTP PORT stuff work on
  7557. ipv6-enabled AIX builds.
  7558. - Ken Rastatter provided portability fixes for the curlgtk.c example, and now
  7559. it runs on windows with GTK as well!
  7560. Daniel (6 February 2004)
  7561. - Andrés García made the configure script find gethostbyname() fine when run
  7562. with mingw on windows.
  7563. - Modified the ldap code to use proper function pointers all over (instead of
  7564. mixed data and function pointers) to work-around the picky MIPSPro compiler
  7565. warnings.
  7566. - A custom Host: header is only considered if the request is not made by
  7567. following a location. After discussions with Tim Baker.
  7568. Daniel (5 February 2004)
  7569. - The libz part of the configure script now only set the two libz-related
  7570. define HAVE_ZLIB_H and HAVE_LIBZ if both the lib and the header is found.
  7571. If one is missing, none of the defines is set.
  7572. - Andrés García fixed the Mingw makefiles.
  7573. - Len Krause reported that curl 7.9.X could do uploading from stdin without
  7574. doing chunked encoding, which current curl cannot do even if you disable
  7575. the transfer-encoding chunked header. Now it can again, and test case 98
  7576. verifies this functionality.
  7577. - Tor Arntsen fixed a weird getaddrinfo() usage in the FTP code, preventing
  7578. the ipv6-code for PORT work on AIX 5.2. We now also provide (better) error
  7579. messages when bailing out in the that function.
  7580. - Tor Arntsen now provides AIX and IRIX (using gcc, xlc and the MIPSPro
  7581. compilers) automated build logs (http://curl.haxx.se/auto/) and we've fixed
  7582. numerous minor quirks to make less warnings appear.
  7583. Daniel (4 February 2004)
  7584. - Based on a patch by Gilad, we now use the custom timeouts when waiting for a
  7585. server to connect when using FTP PORT. Previously we always waited 10
  7586. seconds, no more no less. We now also changed the default (if no timeout is
  7587. set) to wait 60 seconds for the connect before we fail.
  7588. Daniel (3 February 2004)
  7589. - Modified to link with c-ares instead of ares.
  7590. Daniel (2 February 2004)
  7591. - Added a configure test to check for which option the (g)nroff tool wants
  7592. to extract plain text from the man pages. Tor Arntsen told us the AIX
  7593. version of GNU gnroff doesn't support -man!
  7594. - Added an undef of accept in memdebug.h to make curl build with --enable-debug
  7595. on AIX 5.2 which seems to have accept defined. Reported by Tor Arntsen.
  7596. - curl_version() now includes c-ares version info, and curl_version_info() now
  7597. returns a struct with version SECOND that also includes that info.
  7598. - We are now officially using c-ares for asynch name resolves. c-ares is the
  7599. new library, based on the existing ares but with an extended and slightly
  7600. modified API.
  7601. - Dirk improved the ares timeout code, and now we also include the ares error
  7602. string when we fail to resolve a name.
  7603. - Another tweak to make test case 91 run fine. Now we have another bit on a
  7604. connection that is set true if the connection is marked for 'retry'. That
  7605. makes the connection get closed and re-opened and the HTTP-done code must
  7606. not complain on the fact that no data was received.
  7607. - Based on Dirk Manske's patch, I modified the name resolving with ares to
  7608. feature a timeout for really slow lookups. It now defaults to 300 seconds,
  7609. but is now adjusted to the CONNECTTIMEOUT/TIMOUE timeouts if one of them
  7610. is set.
  7611. - Fixed the inclusion of ca-bundle.h to really use the one in the build dir
  7612. before the one in the source dir. Domenico Andreoli found out and reported.
  7613. - Added test case 97, a simple POST with a custom Content-Type header
  7614. replacing the original application/x-www-form-urlencoded one.
  7615. Daniel (30 January 2004)
  7616. - Added code that attempts to fix the test 91 failure. As has been figured out
  7617. by Patrick Smith, the error happens because we re-use a connection that the
  7618. server is just about to close and we even manage to send away the request
  7619. without seeing an error. On the first read attempt we get a ECONNRESET.
  7620. Starting now, we attempt to detect this and if so, we retry the request on a
  7621. fresh connection.
  7622. - I added test case 510 which is a custom program that does a POST using a
  7623. read callback, with chunked transfer-encoding.
  7624. - Adjusted one of the MPE/iX changes as it made test case 504 fail all over.
  7625. - Added --socks as a recognized option. It works just like --proxy but sets a
  7626. SOCKS5 proxy to use. SOCKS5 support has been available in libcurl for a
  7627. while, just not provided by the curl tool. This does not currently work for
  7628. IPv6-enabled libcurls.
  7629. Daniel (29 January 2004)
  7630. - Stadler Stephan pointed out that src/hugehelp.c included config.h without
  7631. checking the define if its present...
  7632. - Ken Hirsch provided patches to make curl build fine on the MPE/iX operating
  7633. system.
  7634. - Dan Fandrich compiled curl with lots of aggressively pedantic compiler
  7635. options and thus found a few minor errors and did some general cleanups to
  7636. avoid them.
  7637. - Dirk Manske fixed a flaw in ares that prevented it to use non-blocking
  7638. sockets properly.
  7639. Daniel (28 January 2004)
  7640. - Richard Bramante fixed chunked transfer-encoded "uploads" to send a final
  7641. CRLF combo properly.
  7642. Daniel (27 January 2004)
  7643. - Made the response-headers during a CONNECT request to a proxy get passed on
  7644. as regular headers, so they appear with -i/-I options and similar.
  7645. - Based on a patch by Gisle Vanem, I've made the progress meter display
  7646. properly switch to a GB-display when more than 9999MB have been transfered.
  7647. Daniel (23 January 2004)
  7648. - Gisle Vanem pointed out a curlrc parser problem/crash when an option with a
  7649. required didn't have one and was on the last line of a file.
  7650. - More Windows fixes for large files. We now build and link with
  7651. ../lib/strtoofft.c in the app code since Curl_strtoll() is not a provided
  7652. libcurl function... Perhaps we should consider a 'common' dir or similar
  7653. where we put source code used in both the lib and the client. Or perhaps
  7654. we'll just make this function available in the library...
  7655. - Vincent Bronner found out the socks5 code crashed when no username was
  7656. set.
  7657. - Vincent Bronner spotted a problem with proxy username/password when re-using
  7658. a persistent connection.
  7659. - Fixed the progress meter display for files larger than 2^31 bytes. Gisle
  7660. Vanem reported.
  7661. Daniel (22 January 2004)
  7662. - Gisle Vanem made strtoll() get used when curl is built with the mingw
  7663. compiler.
  7664. - Gisle Vanem fixed the compressed help text code to display properly.
  7665. - Removed the '#define HttpPost' from the public header file, as curl_httppost
  7666. is the proper name and it has been for quite some time now. Fixes another
  7667. name space pollution.
  7668. - Added 'curl_off_t' typedef in the public header file, to be used to provide
  7669. large file sizes to the *_LARGE options. Adjusted the code all over to use
  7670. this variable type instead of 'off_t'. This is an attempt to make the large
  7671. file support work on more platforms. The configure script now checks the
  7672. size of the curl_off_t instead of the plain off_t.
  7673. Version 7.11.0 (22 January 2004)
  7674. Daniel (21 January 2004)
  7675. - Removed the defines in the public header file with TIMECOND_ prefixes. They
  7676. have been obsolete since April 22nd 2002, and if this causes anyone any
  7677. problems now it is very easy to just add CURL_ to the names. This corrects
  7678. this name space pollution.
  7679. Daniel (19 January 2004)
  7680. - David Byron cleaned up how --trace with no option was treated, and also
  7681. arguments in a config file without a required parameter!
  7682. Daniel (16 January 2004)
  7683. - Gisle Vanem fixed a few issues where compilers warned about variables
  7684. possibly being used unassigned.
  7685. - Minor Interix build problem fixed.
  7686. Daniel (15 January 2004)
  7687. - Peter Sylvester pointed out some necessary escaping needed in the
  7688. acinclude.m4 file when automake 1.8 or later is used.
  7689. Daniel (14 January 2004)
  7690. - Vincent Bronner fixed the Curl_resolv() return code. This extends the fix
  7691. Steve Green provided on december 3...
  7692. Daniel (13 January 2004)
  7693. - Luke Call made the win32 version of the password prompting function support
  7694. backspace.
  7695. - Dan Fandrich fixed the hugehelp source file to contain both a compressed and
  7696. an uncompressed version in the distribution, so that more people easier can
  7697. build curl with the compressed version.
  7698. - Diego Casorran brought another AmigaOS build patch for native Amiga builds.
  7699. - Matt Veenstra updated the Mac OS X framework files.
  7700. - Brian R Duffy brought a section to the INSTALL file on how to build a
  7701. SSL-enabled curl using the free Borland C++ compiler. He also updated the
  7702. Borland lib/Makefile.b32.
  7703. - I fixed the test case 509 which I broke yesterday. Now the libtest are
  7704. compiled with an include path that points to the library's source dir, so
  7705. that the libtests can include files from the source tree. This was made to
  7706. make it possible to use the USE_SSLEAY define in the library test files.
  7707. Daniel (12 January 2004)
  7708. - Peter Sylvester brought code that now allows a callback to modified the URL
  7709. even when the multi interface is used, and then libcurl will simulate a
  7710. "follow location" to that new URL. Test 509 was added to test this feature.
  7711. - Extended the time we retry servers in the test script, and I also made it
  7712. retry the https and ftps servers before they are considered bad. I believe
  7713. the previous approach could turn problematic on really slow hosts.
  7714. Version 7.11.0-pre1 (12 January 2004)
  7715. Daniel (11 January 2004)
  7716. - Dominick Meglio pointed out FTPS should use default port 990 according to
  7717. IANA.
  7718. Daniel (8 January 2004)
  7719. - Fixed the SPNEGO configure check to not use -R or other non-portable options
  7720. in the LDFLAGS. Reported by Pierre in bug report #872930.
  7721. Daniel (5 January 2004)
  7722. - Dan Fandrich provided a fix on our zlib usage.
  7723. - David J Meyer's patch that introduce large file support to libcurl was
  7724. applied. New curl_easy_setopt options that accept 'off_t' arguments are:
  7725. INFILESIZE_LARGE
  7726. RESUME_FROM_LARGE
  7727. MAXFILESIZE_LARGE
  7728. Daniel (4 January 2004)
  7729. - Based on Dominick Meglio's comments, I made our private version of
  7730. gettimeofday() declared static. This would otherwise collide with the same
  7731. function in other libs (like ares for example).
  7732. - Added Dominick Meglio's description on how to build libcurl with ares
  7733. on win32.
  7734. Daniel (19 December)
  7735. - CURLOPT_IPRESOLVE was not possible to set.
  7736. - Gisle Vanem updated the djgpp build files.
  7737. Daniel (18 December)
  7738. - John McGowan reported a redirect-problem that happened if a site used a URL
  7739. like "url.com?var=content" (without a proper slash) and from that address
  7740. redirected the user-agent to an absolute directory.
  7741. - David Byron made libcurl build fine with both the .NET and VC6 versions of
  7742. MSVC
  7743. Daniel (16 December)
  7744. - Updated test 506 since it started to fail after the cache prune change
  7745. yesterday. I also changed it slightly to feature a counter in each debug
  7746. output for easier tracing.
  7747. Daniel (15 December)
  7748. - Old DNS cache entries are now only pruned after curl is done with a request,
  7749. and not in the actual name resolve call.
  7750. - corrected the --enable-ares patch
  7751. - Giuseppe Attardi found and fixed a problem within libcurl that re-used
  7752. already freed memory.
  7753. Daniel (10 December)
  7754. - Gisle Vanem reported that the dict support was broken. I broke it during my
  7755. ftps-changes overhaul. I've now added a 'curlassert' function that can be
  7756. used to verify expressions, to prevent future errors of the same
  7757. kind. They're only present in debug-builds.
  7758. - Diego Casorran made curl and libcurl possible to build natively (no more
  7759. need for the ixemul library) on AmigaOS.
  7760. - Dominick Meglio made configure --enable-ares support a given path to the
  7761. installed ares lib, instead of always using it in the curl source tree.
  7762. This also fixed the curl-config --libs output.
  7763. - Eric S. Raymond patched a very minor man page format error in
  7764. libcurl-errors.3
  7765. Daniel (8 December)
  7766. - Fixed the flaw that made -lz appear twice on the link command line.
  7767. - After correspondence with Gisle Vanem, I changed the 'connection aborted'
  7768. error text when the FTP response reader failed to more specificly identify
  7769. what the problem is.
  7770. - Based on a patch from Dominick Meglio, curl-config --feature now outputs
  7771. 'AsynchDNS' as a feature if libcurl was built with ares. The feature name
  7772. is the same that 'curl -V' outputs, for simplicity.
  7773. Daniel (3 December)
  7774. - Marty Kuhrt made the build up-to-date on VMS, and moved most of the VMS-
  7775. specific stuff in the client code to a separate header file.
  7776. - Steve Green fixed a return code bug in Curl_resolv(), that made the socks5
  7777. code fail.
  7778. - swalkaus at yahoo.com patched libcurl to ignore Content-Length: headers
  7779. when Transfer-Encoding: chunked is used, as mandated by RFC2616.
  7780. Daniel (2 December)
  7781. - --ftp-pasv was added, which serves the only purpose of overriding a
  7782. previously set --ftpport option. Starting now, --ftp-port is a recognized
  7783. alias for --ftpport for consistency.
  7784. - Giuseppe Attardi pointed out that we should use MSG_NOSIGNAL when we use
  7785. send() and recv(). I added checks for the define in the configure script and
  7786. adjusted the code accordingly. If the symbol is present, we won't attempt
  7787. to ignore the SIGPIPE signal.
  7788. Daniel (1 December)
  7789. - Mathias Axelsson set up a bsdftpd-ssl server for me and I could make curl
  7790. run fine against its FTPS implementation. Now these FTPS-related things
  7791. work:
  7792. o explicit and implicit FTPS
  7793. o active (PORT) and passive (PASV)
  7794. o upload and download
  7795. o verified against bsdftpd-ssl and RaidenFTPD
  7796. Daniel (27 November)
  7797. - James Clancy made the Borland Makefiles up to date.
  7798. - Markus Moeller improved the SPNEGO detection in the configure script.
  7799. Daniel (25 November)
  7800. - Dave May filed bug report #848371, identifying that if you'd do POST over a
  7801. proxy to a https server, libcurl didn't POST at all, it just made a GET! It
  7802. turned out to be because libcurl wrongly didn't consider the authentication
  7803. "negotiation phase" to be complete yet.
  7804. I added test case 95 to verify my fix for this.
  7805. Daniel (24 November)
  7806. - Thanks to Mathias Axelsson, I've been able to work on FTPS for libcurl and it
  7807. seems to work somewhat fine now.
  7808. The FTPS stuff is based on RFC2228 and the murray-auth-ftp-ssl draft
  7809. (version 12). There seems to exist quite a few servers that have implemented
  7810. the server side of this.
  7811. We can now use ftps:// URLs to explicitly switch on SSL/TSL for the control
  7812. connection and the data connection (dealing with two SSL connections forced
  7813. me to change a lot of stuff in libcurl).
  7814. Alternatively, and what seems to be the recommended way, we can set the new
  7815. option CURLOPT_FTP_SSL to one of these values:
  7816. CURLFTPSSL_NOPE, - do not attempt to use SSL
  7817. CURLFTPSSL_TRY - try using SSL, proceed anyway otherwise
  7818. CURLFTPSSL_CONTROL - SSL for the control connection or fail
  7819. CURLFTPSSL_ALL - SSL for all communication or fail
  7820. Any failure to set the desired level will make libcurl fail with the error
  7821. code CURLE_FTP_SSL_FAILED. This new option makes a "normal" ftp:// transfer
  7822. attempt to be made securely.
  7823. I've been able to login and get files (passively) from Mathias' server using
  7824. both ftps:// and CURLOPT_FTP_SSL. (I've made 'curl' understand the --ftp-ssl
  7825. option that sets CURLFTPSSL_TRY.)
  7826. - Gaz Iqbal fixed a range string memory leak.
  7827. - Gisle Vanem fixed the Windows builds.
  7828. - Added the new FTPSSL defines in curl/curl.h
  7829. Daniel (20 November)
  7830. - Josh Kapell filed bug report #845247 as he found an endless loop when
  7831. getting a 407 back from a proxy when no user+password was given. Added test
  7832. case 94 to verify the fix.
  7833. Daniel (19 November)
  7834. - Kevin Roth fixed a progress-bar problem on Windows.
  7835. - While working with Nicolas Croiset's bug report #843739, I noticed two minor
  7836. problems related to ftp partial downloads: if a partial transfer is
  7837. detected, we must close the connection as we cannot know in what state it is
  7838. anymore. This looks like a ProFTPD bug:
  7839. http://curl.haxx.se/mail/lib-2003-11/0079.html
  7840. Daniel (17 November)
  7841. - Maciej W. Rozycki made the configure script use a cache variable for the
  7842. writable argv test. This way, the default can be overridden better (for
  7843. cross-compiles etc)
  7844. Daniel (15 November)
  7845. - Mathias Axelsson found out libcurl sometimes freed the server certificate
  7846. twice, leading to crashes!
  7847. Daniel (14 November)
  7848. - Siddhartha Prakash Jain found a case with a bad resolve that we didn't
  7849. properly bail out from, when using ares.
  7850. Daniel (13 November)
  7851. - Default Content-Type for parts in multipart formposts has changed to
  7852. "application/octet-stream". This seems more appropriate, and I believe
  7853. mozilla and the likes do this. In the same area: .html files now get
  7854. text/html as Content-Type. (Pointed out in bug report #839806)
  7855. - Gisle Vanem corrected the --progress-bar output by doing a flush of the
  7856. output, which apparently makes it look better on at least windows, but
  7857. possibly other platforms too.
  7858. - Peter Sylvester identified a problem in the connect code, which made the
  7859. multi interface on a ipv6-enabled solaris box do bad. Test case 504 to be
  7860. specific. I've spent some time to clean-up the Curl_connecthost() function
  7861. now to use less duplicated code for the two different sections: ipv6 and
  7862. ipv4.
  7863. Daniel (11 November)
  7864. - Added CURLOPT_NETRC_FILE. Use this to tell libcurl which file to use instead
  7865. of trying to find a .netrc in the current user's home directory. The
  7866. existing .netrc file finder is somewhat naive and is far from perfect on
  7867. several platforms that aren't unix-style. If this option isn't set when
  7868. CURLOPT_NETRC is set, the previous approach will still be used.
  7869. The current .netrc check code now also support longer than 256 bytes path
  7870. names.
  7871. Daniel (10 November)
  7872. - Kang-Jin Lee pointed out that the generated ca-bundle.h file shouldn't be
  7873. written in the source dir if a different build dir is used.
  7874. - After Sébastien Willemijns' bug report, we now check the separators properly
  7875. in the 229-reply servers respond on a EPSV command and bail out better if
  7876. the reply string is not RFC2428-compliant.
  7877. Daniel (7 November)
  7878. - Based on Gisle Vanem's patch, I made curl try harder to get the home
  7879. directory of the current user, in order to find the default .curlrc file.
  7880. We're also considering moving out the HOME-dir code from libcurl, and
  7881. instead have the app pass in the path to the .netrc file (which is the only
  7882. logic left in libcurl that uses the HOME dir). Then curl can use the home
  7883. dir for that purpose too.
  7884. - Ralph Mitchell's updated testcurl.sh to the script to take an existing
  7885. directory name and build/run/test curl in there instead of trying to update
  7886. from CVS. Using this approach, the script can now be used to test daily
  7887. tarballs etc.
  7888. - Gisle Vanem added a "resource file" to the Windows DLL builds, to contain
  7889. information such as version number, library name, copyright info etc.
  7890. Daniel (6 November)
  7891. - curl checks if the existing libcurl supports things like --ntlm, --negotiate
  7892. and --krb4 and returns error if not.
  7893. - I added three new global defines in the curl/curl.h header:
  7894. LIBCURL_VERSION_MAJOR, LIBCURL_VERSION_MINOR and LIBCURL_VERSION_PATCH. They
  7895. are the three numbers in the library's version number, separated for easier
  7896. usage. 'maketgz' was updated accordingly to generate these numbers properly
  7897. when building release-archives.
  7898. - Uninitialized variable fix, reported by both Marty Kuhrt and Benjamin
  7899. Gerard.
  7900. - Matt Veenstra provided build files to build libcurl as a "framework" under
  7901. Mac OS X. See the lib/libcurl.framework.make for details.
  7902. - Removed the defines of TRUE and FALSE from the curl/curl.h header file.
  7903. They're not in our name space so we should not fiddle with them.
  7904. Daniel (5 November)
  7905. - Replaced the man page to HTML converter program with a new one: roffit.
  7906. Makes nicer web pages.
  7907. Daniel (4 November)
  7908. - Troels Walsted Hansen fixed the MSVC makefiles to let them build curl fine
  7909. on Windows.
  7910. - Kevin Roth corrected the cygwin package generator and spell-fixed the
  7911. comment in the ca-bundle.h file.
  7912. Version 7.10.8 (1 November 2003)
  7913. Daniel (31 October)
  7914. - Assume that MDTM on an FTP server returns the timestamp using the UTC time
  7915. zone. This changes the time CURLINFO_FILETIME returns for a given file over
  7916. FTP, and will change existing uses of CURLOPT_TIMECONDITION. It will make
  7917. the functionality more similar to how the HTTP one is already working.
  7918. - Command line options that take numerical parameters (such as -y, -Y, -C etc)
  7919. now report error and exit if the parameter isn't truly a number greater than
  7920. or equal to zero. This helps users to notice bad usage earlier. Before, when
  7921. a user forgot or missed to add a numerical parameter to an option, the
  7922. command line parser would simply "eat" the following option and it would
  7923. cause great confusion.
  7924. Daniel (30 October)
  7925. - David Hull made libcurl deal with NOBODY and HEADER for file:// the same way
  7926. it already does for FTP: it provides HTTP-looking headers that provide info
  7927. only about the file, without doing the actual transfer. The curl tool then
  7928. lets --head do this.
  7929. Daniel (29 October)
  7930. - runtests.pl now checks for and use valgrind if present. It will redirect the
  7931. valgrind results in log/valgrind[num] but it currently doesn't scan that
  7932. file for any errors or anything, that is still only made manually.
  7933. - David Hull made the file: URL parser also accept the somewhat sloppy file
  7934. syntax: file:/path. I added test case 203 to verify this.
  7935. Daniel (28 October)
  7936. - Dan C tracked down yet another weird behavior in the glibc gethostbyname_r()
  7937. function for some specific versions (reported on 2.2.5 and 2.1.1), and
  7938. provided a fix. On Linux machines with these glibc versions, non-ipv6
  7939. builds of libcurl would often fail to resolve perfectly resolvable host
  7940. names.
  7941. Daniel (26 October)
  7942. - James Bursa found out that curl_msnprintf() could write the trailing
  7943. zero-byte outside its given buffer size. This could happen if you generated
  7944. a very long error message as then libcurl would overwrite the ERRORBUFFER
  7945. with one byte. Using a non-existing very long local file:// name is one case
  7946. that could make this occur.
  7947. Daniel (24 October)
  7948. - David Hull filed bug report #829827. It identified a problem with -C - if
  7949. the full file already was downloaded and thus the server responded with a
  7950. 416. libcurl would then wrongly use the Content-Length: header and expect
  7951. that size to get transfer, causing a "hang" until the server closed the
  7952. connection and then an error 18 ("still N bytes data left of the transfer").
  7953. Now we don't return any error at all, but I think libcurl should perhaps
  7954. return some kind of info since the requested range was out of the size of
  7955. the document.
  7956. - Based on David Hull's fix in bug report #804599, we now check for solaris and
  7957. gcc in configure and set the -mimpure-text link flag for linking the lib
  7958. better.
  7959. - I've introduced a -t option to the runtests.pl script. With that option set,
  7960. the script runs special "memory torture" tests. For each test command line
  7961. in that section, the script first runs the command line and counts the total
  7962. amount of allocations made. It then runs the exact same command line again,
  7963. forcing allocation number N to fail. It will try every N from 1 to the total
  7964. number of amounts made. For every invoke, it checks that no memory was
  7965. leaked as that would indicate a bad cleanup somewhere in the code.
  7966. This is just beginning to work, and I've already made some corrections in
  7967. libcurl code. When this code works somewhat fine, I'll make sure 'make test'
  7968. in the root dir will run these tests as well.
  7969. Daniel (23 October)
  7970. - Georg Horn fixed how the CA verification is made. Verifications can now be
  7971. made while at the same time the result of it can be ignored. This also
  7972. affects the curl tool as -k can now be used together with --cacert or
  7973. --capath.
  7974. Daniel (22 October)
  7975. - Gisle Vanem found out --disable-eprt didn't work and patched it.
  7976. - Test case 91 was modified and could now repeat the problem Kevin Roth has
  7977. reported, and the bug was fixed.
  7978. - Dylan Ellicott added vc-libcurl-ssl-dll as a target to the root makefile
  7979. to build a static libcurl that links with a shared OpenSSL using MSVC.
  7980. Daniel (21 October)
  7981. - Andrés García updated the mingw32 makefiles.
  7982. Version 7.10.8-pre5 (21 October 2003)
  7983. Daniel (19 October)
  7984. - Georg Horn made libcurl output more info on SSL failures when receiving
  7985. data.
  7986. Version 7.10.8-pre4 (18 October 2003)
  7987. Daniel (17 October)
  7988. - Dominick Meglio implemented CURLOPT_MAXFILESIZE and --max-filesize.
  7989. - Made libcurl show verbose info about what auth type and user name that is
  7990. being sent in its HTTP request-headers.
  7991. Daniel (16 October)
  7992. - Removed support for CURLOPT_PASSWDFUNCTION and CURLOPT_PASSWDDATA. libcurl
  7993. no longer prompt for passwords under any circumstances. Password prompting
  7994. was instead moved to curl, which now prompts for password if -u or -U lack
  7995. it. This solves the problem Kevin Roth reported when curl prompted for
  7996. password twice when doing NTLM authentication.
  7997. - I rewrote the SSL subjectAltName check to avoid having to rely on OpenLDAP-
  7998. licensed derivate code.
  7999. Daniel (15 October)
  8000. - Avoid doing getsockopt() on Windows to verify connects. It seems that this
  8001. hogs Windows machines when libcurl is being used multi-threaded (with > ~50
  8002. threads). Andrew Fuller helped us verify and test this.
  8003. Daniel (14 October)
  8004. - Kimmo Kinnunen fixed a crash with duphandle() when CURLDEBUG is set.
  8005. - Gisle Vanem made libcurl build and work with IPv6 on Windows.
  8006. Daniel (13 October)
  8007. - Giuseppe Attardi reported yet another segfault with ares and the multi
  8008. interface. Me fixed.
  8009. - Domenico Andreoli removed the extra LDFLAGS assignment in lib/Makefile.am
  8010. that was reported about in the debian bug report #212086.
  8011. Domenico also fixed two makefiles where we used 'gnroff' instead of the more
  8012. portable $(NROFF).
  8013. Daniel (12 October)
  8014. - Dirk Manske made the share locking around DNS lookups slightly different to
  8015. allow the share system's DNS lookups to run somewhat more
  8016. independent/faster.
  8017. Daniel (9 October)
  8018. - Lachlan O'Dea fixed a resume problem: "If I set CURLOPT_RESUME_FROM, perform
  8019. an HTTP download, then reset CURLOPT_RESUME_FROM to 0, the next download
  8020. still has a Range header with a garbage value." bug report #820502
  8021. - Dominick Meglio made the inet_pton.c file build fine using MSVC.
  8022. - The 'sws' test suite web server now #include setup.h from the lib directory.
  8023. This makes it more portable easier.
  8024. Version 7.10.8-pre3 (8 October 2003)
  8025. Daniel (8 October)
  8026. - Frank Ticheler provided a patch that fixes how libcurl connects to multiple
  8027. addresses, if one of them fails (ipv4-code).
  8028. Daniel (7 October)
  8029. - Neil Dunbar provided a patch that now makes libcurl check SSL
  8030. subjectAltNames when matching certs. This is apparently detailed in RFC2818
  8031. as the right thing to do. I had to add configure checks for inet_pton() and
  8032. our own (strictly speaking, code from BIND written by Paul Vixie) provided
  8033. code for the function for platforms that miss it.
  8034. - HTTP POST using the read callback didn't work, as Florian Schoppmann
  8035. reported.
  8036. Daniel (5 October)
  8037. - Shared provided a few fixes to make libcurl build on BeOS
  8038. out-of-the-box. New code for BeOS-style non-blocking sockets, provided by
  8039. Shard and Jeremy Friesner. Modified the autoconf check for non-blocking
  8040. sockets to check for this kind too.
  8041. Daniel (4 October)
  8042. - Vincent Bronner pointed out that if you set CURLOPT_COOKIE for a transfer
  8043. and then set it to NULL in a subsequent one, the previous cookie was still
  8044. sent off!
  8045. - Jon Turner fixed a problem libcurl had when it failed on an FTP transfer due
  8046. to a bad path, it would cause the next transfer to use a bad path as well.
  8047. - Siddhartha Prakash Jain provided a patch with a fix for libcurl with ares,
  8048. when working on IP-only names as we then could return "wait" status when the
  8049. name in fact already was resolved. I edited the patch slightly to not expose
  8050. asynch details to non-ares aware source code.
  8051. Daniel (3 October)
  8052. - Neil Spring posted the debian bug report #213180, and pointed out that using
  8053. the name 'access' in a function prototype is not very wise as some compilers
  8054. complain.
  8055. - Peter Sylvester provided his and Jean-Paul Merlin's curlx.c example source
  8056. code that shows how they use ssl and callbacks.
  8057. Daniel (2 October)
  8058. - James MacMillan's patch makes curl build on QNX 6.2.x.
  8059. Daniel (26 September)
  8060. - My daughter was born!
  8061. Daniel (23 September)
  8062. - Added support for -4/--ipv4 and -6/--ipv6 to force names to resolve to that
  8063. particular IP version. They only work for IPv6-enabled libcurls.
  8064. - curl -V now outputs 'SPNEGO' as a feature in case libcurl was built to
  8065. support that.
  8066. Version 7.10.8-pre2 (22 September 2003)
  8067. Daniel (22 September)
  8068. - Giuseppe Attardi found a segfault in libcurl when using the multi interface
  8069. with ares and doing repeated operations against a non-resolving host name.
  8070. Daniel (19 September)
  8071. - Added the CURLOPT_IPRESOLVE option, that allows an application to select
  8072. what kind of IP addresses he wants to use when resolving host names. This
  8073. is only interesting when using host names that resolve addresses using more
  8074. than one version of IP.
  8075. - Applied Markus Moeller's patch that introduces SPNEGO support if libcurl
  8076. is built with the FBopenssl libraries. curl_version_info() now returns
  8077. info on SPNEGO availability. The patch also made the GSSAPI stuff work fine
  8078. with the MIT GSS-library (the Heimdal one still works too).
  8079. Daniel (16 September)
  8080. - Doing PUT with --digest failed, as reported in bug report #805853.
  8081. - Using --anyauth that picked NTLM, and then a redirect closed the connection
  8082. and took curl to a second NTLM page made curl fail. Bug report #806328
  8083. identified the problem, test case 90 was added to verify the fix.
  8084. Daniel (14 September)
  8085. - codemastr brought a patch for ares to make the Windows portions of it work
  8086. properly on NT4. I uploaded a new diff and updated the docs on where to get
  8087. it etc.
  8088. - Jeff Pohlmeyer tracked down a very hard-to-find bug where we removed a
  8089. cached DNS entry even though it may be in use, which caused "random" memory
  8090. to get overwritten and thus "random" crashes.
  8091. Daniel (12 September)
  8092. - Based on a bug report by David Kimdon, I made the runtests.pl script clear
  8093. all possible proxy environment variables before the tests are run.
  8094. - By default, easy handles within a multi handle now share DNS cache.
  8095. - Tim Bartley brought a patch that makes the GSSNEGOTIATE option work for
  8096. Microsoft's "Negotiate" authentication as well.
  8097. Daniel (11 September)
  8098. - A zero-length proxy string confused FTP transfers.
  8099. - Bjorn Reese found a case with an uninitialized pointer, only present when
  8100. built for ares.
  8101. Version 7.10.8-pre1 (8 September 2003)
  8102. Daniel (7 September)
  8103. - Jurij Smakov found out that the non-OpenSSL MD5 code was not working on
  8104. Alpha (or ia64). Only the OpenSSL-version did. I made a fix I think corrects
  8105. the problem.
  8106. Daniel (5 September)
  8107. - Kevin Fisk reported that configure --enable-thread didn't work. I fixed.
  8108. - De-macrofied the lib/hash.c source code somewhat.
  8109. Daniel (4 September)
  8110. - CURLINFO_HTTPAUTH_AVAIL and CURLINFO_PROXYAUTH_AVAIL added, Based on Joerg
  8111. Mueller-Tolk's patch,
  8112. Early (4 September)
  8113. - Added CURLOPT_FTP_RESPONSE_TIMEOUT - allows user to set strict timeout
  8114. requirements on the FTP server's ability to respond to individual commands
  8115. without placing global requirements on transfer or connect time. Files
  8116. affected:
  8117. - include/curl/curl.h
  8118. Added option CURLOPT_FTP_RESPONSE_TIMEOUT
  8119. - lib/ftp.c
  8120. Added branch inside Curl_GetFTPResponse to check for
  8121. data->set.ftp_response_timeout
  8122. - lib/url.c
  8123. Modified Curl_setopt to recognize CURLOPT_FTP_RESPONSE_TIMEOUT
  8124. - lib/urldata.h
  8125. Added ftp_response_timeout to struct UserDefined
  8126. Daniel (3 September)
  8127. - Peter Pentchev found and fixed two problems in the test suite's web server
  8128. code, that made it segfault at times.
  8129. - Jörg Mueller-Tolk improved the proxy user+password handling, especially
  8130. when providing a blank password.
  8131. Daniel (2 September)
  8132. - Fix for making CONNECT to proxies do the correct magic to allow NTLM, Digest
  8133. and similar to work.
  8134. Daniel (1 September)
  8135. - Henrik Storner made libcurl work fine with OpenLDAP 2.1.22 (current).
  8136. - Jeff Pohlmeyer added a proper error message for non-resolving hosts when
  8137. using ares for lookups.
  8138. Daniel (25 August)
  8139. - John McGowan reported that curl -k still failed if the HTTPS server's CN
  8140. field wasn't obtainable. This was due to the CURLOPT_SSL_VERIFYHOST being
  8141. set to 1, and libcurl failed if the CN was missing. Starting now, having it
  8142. set to 1 will simply output a warning if no CN could be obtained (as having
  8143. a mismatch is OK).
  8144. Daniel (21 August)
  8145. - Vincent Sanders provided a fix for name resolving when linked with uClibc.
  8146. Daniel (20 August)
  8147. - Gerd v. Egidy provided a patch that makes libcurl store the FTP response
  8148. code from ftp servers. Using curl_easy_getinfo() with CURLINFO_HTTP_CODE
  8149. returns that data. The option is therefore now also known as
  8150. CURLINFO_RESPONSE_CODE.
  8151. - Antoine Calando found a segfault when doing multi-part/formpost using
  8152. the multi interface.
  8153. - Antoine Calando pointed out that curl_multi_info_read() didn't set the
  8154. msgs_in_queue to 0 properly when returning NULL.
  8155. Daniel (19 August)
  8156. - I made curl support multiple -T options, as well as -T "{file1,file2}"
  8157. style globbing. One -T for each URL is supported.
  8158. - Jeff Pohlmeyer found a segfault when using ares-enabled libcurl and the
  8159. multi interface when trying a non-existing host name.
  8160. - Made the libcurl printf code support long longs if available.
  8161. - Loren Kirkby pointed out that we did not clean up all SSL-allocated memory
  8162. in curl_global_cleanup().
  8163. Daniel (17 August)
  8164. - Setting CURLOPT_WRITEFUNCTION or CURLOPT_READFUNCTION to NULL will now make
  8165. them get the internal defaults restored. Previously this could cause a
  8166. segfault. We should aim at having all pointer-related options get restored
  8167. to default/safe values when set to NULL.
  8168. Version 7.10.7 (15 August 2003)
  8169. Daniel (14 August)
  8170. - I modified the memdebug system to return failure on memory allocation
  8171. functions after a set amount of successful ones. This enables us to test
  8172. out-of-memory situations in a controlled manner and we can make sure that
  8173. curl/libcurl behaves good in those.
  8174. This made me find and fix several spots where we did not cleanup properly
  8175. when bailing out due to errors (low memory).
  8176. - Corrected test case 74. Made using -o with bad #[num] codes complain and
  8177. bail out. Made #[num] support numbers larger than 9 as well. Added test
  8178. case 86 for a proper range globbing test as well.
  8179. Version 7.10.7-pre4 (12 August 2003)
  8180. Daniel (12 August)
  8181. - curl_version_info() now returns a flag if libcurl was built with asynch DNS
  8182. support, and this is now also displayed with 'curl -V'.
  8183. - Added a few new man pages to the docs/libcurl dir: curl_share_init,
  8184. curl_share_setopt, curl_share_cleanup, libcurl-easy and libcurl-share.
  8185. Daniel (11 August)
  8186. - Mike Cherepov made the local binding code work for Windows, which makes
  8187. the option CURLOPT_INTERFACE work on Windows as well.
  8188. - Vincent Sanders updated the fopen.c example code a lot.
  8189. - --proxy-ntlm is now supported by the curl tool. It forces the proxy
  8190. authentication to be made using NTLM. It does not yet work for HTTPS over
  8191. proxies (or other proxy-tunneling options). Test case 81 and 82 do some
  8192. simple initial ntlm testing.
  8193. - Found and fixed a minor memory leak on re-used connections with
  8194. proxy-authentication.
  8195. - I removed -@ and -Z as valid short options. They were very rarely used (@
  8196. wasn't even documented).
  8197. - Serge Semashko introduced CURLOPT_PROXYAUTH, and make it work when set to
  8198. CURLAUTH_NTLM and/or CURLAUTH_BASIC. The PROXAUTH is similar to HTTPAUTH,
  8199. but is for the proxy connection only, and HTTPAUTH is for the remote host.
  8200. - Fixed loading of cookies with blank contents from a cookie jar. Also made the
  8201. cookie functions inform on added and skipped cookies (for cookie debugging).
  8202. Version 7.10.7-pre3 (8 August 2003)
  8203. Daniel (8 August)
  8204. - Applied David Byron's fix for file:// URLs with drive letters included.
  8205. - I added the --ftp-create-dirs to the client code, which activates Early's
  8206. CURLOPT_FTP_CREATE_MISSING_DIRS option, and wrote test case 147 to verify
  8207. it. Added the option to the curl.1 man page too. Added the option to the
  8208. curl_easy_setopt.3 man page too.
  8209. Daniel (7 August)
  8210. - Test case 60 failed on ia64 and AMD Opteron. Fixed now.
  8211. - Fixed a printf problem that resulted in urlglobbing bugs (bug #203827 in the
  8212. debian bug tracker). Added test case 74 to verify the fix and to discover if
  8213. this breaks in the future.
  8214. - "make distcheck" works again.
  8215. Version 7.10.7-pre2 (6 August 2003)
  8216. Daniel (5 August)
  8217. - Duncan Wilcox helped me verify that the latest incarnation of my ares patch
  8218. builds fine on Mac OS X (see the new lib/README.ares) file for all details.
  8219. - Salvatore Sorrentino filed bug report #783116 and Early Ehlinger posted a
  8220. bug report to the libcurl list, both identifying a problem with FTP
  8221. persistent connections and how the dir hierarchy was not properly reset
  8222. between files.
  8223. - David Byron's thoughts on a fixed Makefile in tests/ were applied.
  8224. - Jan Sundin reported a case where curl ignored a cookie that browsers don't,
  8225. which turned up to be due to the number of dots in the 'domain'. I've now
  8226. made curl follow the the original netscape cookie spec less strict on that
  8227. part.
  8228. Daniel (4 August)
  8229. - Dirk Manske added cookie support for the experimental, hidden and still
  8230. undocumented share feature!
  8231. - Mark Fletcher provided an excellent bug report that identified a problem
  8232. with FOLLOWLOCATION and chunked transfer-encoding, as libcurl would not
  8233. properly ignore the body contents of 3XX response that included the
  8234. Location: header.
  8235. Early (6 August)
  8236. - Added option CURLOPT_FTP_CREATE_MISSING_DIRS
  8237. This option will force the target file's path to be created if it
  8238. does not already exist on the remote system.
  8239. Files affected:
  8240. - include/curl/curl.h
  8241. Added option CURLOPT_FTP_CREATE_MISSING_DIRS
  8242. - lib/ftp.c
  8243. Added function ftp_mkd, which issues a MKD command
  8244. Added function ftp_force_cwd, which attempts a CWD,
  8245. and does a MKD and retries the CWD if the original CWD
  8246. fails
  8247. Modified ftp_perform() to call its change directory function
  8248. through a pointer. The pointer points to ftp_cwd by default,
  8249. and is modified to point to ftp_force_cwd IFF
  8250. data->set.ftp_create_missing_dirs is not 0.
  8251. - lib/url.c
  8252. Modified Curl_setopt to recognize CURLOPT_FTP_CREATE_MISSING_DIRS
  8253. - lib/urldata.h
  8254. Added ftp_create_missing_dirs to struct UserDefined
  8255. - Minor Bugfix for CURLOPT_TIMECONDITION with FTP - if the file was not
  8256. present to do the time comparison, it would fail.
  8257. Files affected:
  8258. - lib/ftp.c
  8259. In ftp_perform(), the call to ftp_getfiletime() used to be followed
  8260. by
  8261. if (result)
  8262. return result;
  8263. And then by the code that actually did the time comparison.
  8264. The code that did the comparison handled the case where the filetime
  8265. was not available (as indicated by info.filetime < 0 or set.timevalue
  8266. < 0), so I replaced the if (result) return result with a switch(result)
  8267. that allows CURLE_FTP_COULDNT_RETR_FILE to fall through to the
  8268. normal time comparison.
  8269. Daniel (3 August)
  8270. - When proxy authentication is used in a CONNECT request (as used for all SSL
  8271. connects and otherwise enforced tunnel-thru-proxy requests), the same
  8272. authentication header is also wrongly sent to the remote host.
  8273. This is a rather significant info leak. I've fixed it now and mailed a patch
  8274. and warning to the mailing lists.
  8275. Daniel (1 August)
  8276. - David Byron provided a patch to make 7.10.6 build correctly with the
  8277. compressed hugehelp.c source file.
  8278. Version 7.10.7-pre1 (31 July 2003)
  8279. Daniel (30 July)
  8280. - Jörg Müller-Tolk updated the VC makefile.
  8281. - Daniel Noguerol made the ftp code output "Accept-Ranges: bytes" in similar
  8282. style like other faked HTTP headers when NOBODY and HEADER are used. I
  8283. updated two corresponding test cases too.
  8284. - Marty Kuhrt pointed out a compilation problem on VMS due to my having
  8285. changed a type from long to time_t, and I'm now changing it back to work
  8286. more portably...
  8287. He also indicated that distributing the src/hugehelp.c in a compressed state
  8288. like I accidentally did may not be the smartest move... I've now fixed the
  8289. distribute procedure to automatically generate an uncompressed version when I
  8290. make release archives.
  8291. Daniel (29 July)
  8292. - Gisle Vanem brought changes to the mkhelp script for the generation of the
  8293. compressed help text on some platforms.
  8294. Version 7.10.6 (28 July 2003)
  8295. Daniel (28 July)
  8296. - François Pons brought a patch that once again made curl deal with ftp and
  8297. "double slash" as indicating the root directory. In the RFC1738-fix of April
  8298. 30, that ability was removed (since it is not the "right" way). So, starting
  8299. now we can list the root dir of an ftp server both these ways:
  8300. curl ftp://server.com/%2f as well as
  8301. curl ftp://server.com//
  8302. Daniel (24 July)
  8303. - Henry Bland pointed out that we included sys/resource.h without good reason
  8304. in several source files. Without it included, QNX builds better...
  8305. - Andrés García updated the mingw makefiles.
  8306. Daniel (23 July)
  8307. - Tracy Boehrer experienced DNS cache problems and did some nice debugging
  8308. and tracking which made it easy for me to correct the problem and Tracy
  8309. could verify that it did cure the problem! When re-using a connection we
  8310. now make sure we don't re-use the 'connect_addr' struct.
  8311. - Daniel Kouril corrected the GSS-Negotiate code.
  8312. - Juan F. Codagnone provided fixes to allow curl to build fine on Windows
  8313. again.
  8314. Daniel (22 July)
  8315. - Edited the curl/curl.h include file to build on Windows properly.
  8316. Daniel (21 July)
  8317. - Moved the proxy credentials from the SessionHandle struct to the connectdata
  8318. struct, to make multiple proxy connections with differerent user names work.
  8319. - Adjusted the NTLM code to support proxy functionality.
  8320. - Made the krb4 stuff compile with the user+password fields moved.
  8321. Version 7.10.6-pre4 (21 July 2003)
  8322. Daniel (20 July)
  8323. - David Gardner pointed out in bug report 770755 that using the FTP command
  8324. CWD with a blank argument is a bad idea and I made libcurl skip empty path
  8325. segments starting now.
  8326. Daniel (18 July)
  8327. - Cris pointed out that my fix on July 16th didn't work fully. His pointing
  8328. out this (and his patch) also made me realize that we have a very similar
  8329. bug in the FTP connection re-use code. We must store a separate user and
  8330. password field for each connection we keep (at least for FTP and HTTP+NTLM
  8331. connections, so I made us do this unconditionally).
  8332. - Since NTLM authenticates connections instead of single requests, I had to
  8333. re-arrange how we store the NTLM data and I had to improve the test suite to
  8334. finally work properly with persistency to make the NTLM tests run fine
  8335. again. This also forced me to have to update lots of HTTP test cases.
  8336. Daniel (16 July)
  8337. - Cris Bailiff's bug report 768275 pointed out that using Basic auth with
  8338. wrong user+password caused an endless loop. Fixed now. He also found out that
  8339. we didn't properly authenticate connections with NTLM. Fixed too.
  8340. - Dan Winship provided fixes for the NTLM code.
  8341. Daniel (5 July)
  8342. - Doug Kaufman provided additional fixes for the DOS port.
  8343. Daniel (4 July)
  8344. - Rick Richardson pointed out that using setvbuf() to achieve non-buffering
  8345. on output is no-good for SCO Xenix and other unixes. We switched over to
  8346. using plain fflush() instead.
  8347. - Dan Grayson pointed out that we set the CURL_CA_BUNDLE variable wrongly in
  8348. the configure script, and I had to change some build stuff to make the new
  8349. way work.
  8350. - Peter Sylvester's patch was applied that introduces the following:
  8351. CURLOPT_SSL_CTX_FUNCTION to set a callback that gets called with the
  8352. OpenSSL's ssl_ctx pointer passed in and allow a callback to act on it. If
  8353. anything but CURLE_OK is returned, that will also be returned by libcurl
  8354. all the way back. If this function changes the CURLOPT_URL, libcurl will
  8355. detect this and instead go use the new URL.
  8356. CURLOPT_SSL_CTX_DATA is a pointer you set to get passed to the callback set
  8357. with CURLOPT_SSL_CTX_FUNCTION.
  8358. Daniel (1 July)
  8359. - David Byron provided a patch that allows a client to quit the test suite's
  8360. HTTP server.
  8361. - Gisle Vanem found and patched a lib handle leak in the ldap code.
  8362. Daniel (25 June)
  8363. - More NTLM-improvements. Less code. Smaller packets back and forth.
  8364. Daniel (23 June)
  8365. - Eric Glass provided us with a better doc on NTLM details, and I added more
  8366. comments and clarified the current code more. Using the new knowledge, we
  8367. should be able to make the NTLM stuff work even better.
  8368. Eric's original URL: http://davenport.sourceforge.net/ntlm.html
  8369. Version stored and provided at curl site: http://curl.haxx.se/rfc/ntlm.html
  8370. - Fixed the minor compile problems pre3 had if built without GSSAPI and/or
  8371. SSL.
  8372. Version 7.10.6-pre3 (19 June 2003)
  8373. Daniel (19 June)
  8374. - Made curl use curl_free() on memory returned by curl_getenv(), as this
  8375. should theoreticly make it possibly to build and run curl and libcurl with
  8376. different memory allocation schemes with no problems.
  8377. Daniel (18 June)
  8378. - Improved the mkhelp.pl a bit further to make a nicer hugehelp text and to
  8379. include a better comment in the top for the gzip compressed version.
  8380. Daniel (17 June)
  8381. - CURLOPT_HTTPAUTH is now a bitmask, in which you set which authentication
  8382. type(s) you want to use. If more than one is set, libcurl will use one of
  8383. the selected one and the one it considers is more secure. Test case 67 and
  8384. 68 (for NTLM) were fixed and we've reduced a round-trip for specific --ntlm
  8385. fetches, and test case 69 and 70 were added for testing authentication
  8386. "picking". --anyauth is the new command line tool option, and I also added
  8387. --basic for completeness (that's the default type).
  8388. - Fixed the runtests.pl script to use the info provided by the new curl -V
  8389. output.
  8390. - --enable-debug now sets the CURLDEBUG define instead of MALLOCDEBUG, as it
  8391. is meant to be a generic debug conditional.
  8392. - curl_version_info() can now return CURL_VERSION_DEBUG as a feature bit, to
  8393. indicate that the library was built with CURLDEBUG set.
  8394. - Ralph Mitchell found out that some web applications very badly uses white
  8395. spaces in Location: redirects, and apparently IE is a browser (the only
  8396. one?) that supports this abomination. Based on Ralph's patch, I added code
  8397. that now attempts to replace white spaces with the proper "%20" or "+".
  8398. Test case 40 and 42 were added to verify my changes.
  8399. - curl -V now also outputs a list of features the available library offers (if
  8400. any).
  8401. - The curl_version() string now includes "GSS" if libcurl is built with GSSAPI
  8402. support.
  8403. - David Orrell reported that libcurl still crashed when sending HUGE requests
  8404. over HTTPS... I fixed.
  8405. Version 7.10.6-pre2 (16 June 2003)
  8406. Daniel (16 June)
  8407. - curl_version_info() now returns bitmasked information weather NTLM and
  8408. GSSNEGOTIATE are supported, since it is doomed to vary on different
  8409. installations.
  8410. - I remade the HTTP Digest code to use the MD5-code provided by OpenSSL if
  8411. that is present, and only use our own MD5-code if it isn't.
  8412. Daniel (13 June)
  8413. - More NTLM help, fixes and patches from Cris Bailiff.
  8414. - Marty Kuhrt brought include fixes for making VMS builds warning-free.
  8415. Daniel (12 June)
  8416. - NTLM authentication works somewhat against the test servers provided by
  8417. Mathias Axelsson and Cris Bailiff. Use by setting CURLOPT_HTTPAUTH to
  8418. CURLAUTH_NTLM to libcurl, or --ntlm for the curl tool. Test case 67 and 68
  8419. were added for this. NTLM-support requires OpenSSL.
  8420. - Dan Fandrich provided a patch, that granted that gzip and libz are available
  8421. at build-time, compresses the hugehelp text in the curl command line and
  8422. uncompresses it at request. Saves some ~60K in the final output executable.
  8423. Daniel (11 June)
  8424. - Long day of fighting the NTLM demons.
  8425. Daniel (10 June)
  8426. - Modified how to set auth type to libcurl. Now use CURLOPT_HTTPAUTH instead,
  8427. and pick method. Supported ones currently are:
  8428. CURLAUTH_BASIC - default selection
  8429. CURLAUTH_DIGEST - formerly CURLOPT_HTTPDIGEST
  8430. CURLAUTH_GSSNEGOTIATE
  8431. - Daniel Kouril added HTTP GSS-Negotiate authentication support, as defined in
  8432. the IETF draft draft-brezak-spnego-http-04.txt. In use already by various
  8433. Microsoft web applications. --negotiate is the new family member. To take
  8434. advantage of this, you need one of these packages:
  8435. o Heimdal Kerberos5 http://www.pdc.kth.se/heimdal/heimdal.html
  8436. o GSSAPI from Globus http://www.globus.org/
  8437. o GSSAPI libraries from MIT Kerberos5 http://web.mit.edu/kerberos/www/
  8438. - A missing ending bracket (']') while doing URL globbing could lead to a
  8439. segfault. While fixing this, I also introduced better error reporting in the
  8440. globbing code. (All this is application code outside libcurl.)
  8441. Daniel (6 June)
  8442. - David Orrell found out that sending a huge GET request over HTTPS could
  8443. make libcurl fail and return an error code.
  8444. Daniel (2 June)
  8445. - Richard Bramante found out that "Content-Length: 0" was not properly used by
  8446. libcurl if the response-headers indicated that the connection would be
  8447. closed.
  8448. - David Byron's patch was applied, that makes the --progress-bar take the
  8449. local size into account when doing resumed downloads.
  8450. - Feedback from Serge Semashko made me change the error message returned when
  8451. CURLE_HTTP_RETURNED_ERROR is returned.
  8452. - Anonymous in bug report #745122 pointed out that we should really be using
  8453. SSL_CTX_set_options(... SSL_OP_ALL) to work around flaws in existing SSL
  8454. implementations.
  8455. Daniel (27 May)
  8456. - Andreas Ley and Rich Gray helped me point out that no version of HP-UX has
  8457. the sys/select.h header file so including it unconditionally in curl/multi.h
  8458. is not a good thing. Now we check for HPUX and avoid using that header on
  8459. such systems.
  8460. - Rudy Koento experienced problems with curl's recent habit of POSTing data in
  8461. two separate send() calls, first the headers and then the data. I've now
  8462. made a fix that for static and known content that is less than 100K in size,
  8463. everything is now sent in one single system call again. This is also better
  8464. for network performance reasons.
  8465. - I modified the main makefile to not build the test suite and a few other
  8466. unnecessary things by default. Now, the test suite is built when 'make test'
  8467. is run. This reduces build time for those who don't care for the test
  8468. suite, and it also reduces confusion for people using platforms where the
  8469. test suite build fails!
  8470. Daniel (26 May)
  8471. - Chris Lewis pointed out a flaw in the #ifdefs in curl/multi.h for Windows,
  8472. which is now corrected.
  8473. - Jis Joy found another flaw in the SOCK5 code, as libcurl treated the socks5
  8474. proxy a little too much like as if it was a http proxy.
  8475. Daniel (23 May)
  8476. - Ricardo Cadime found a socket leak when listing directories without
  8477. contents. Test cases 144 and 145 were added to verify the fix.
  8478. - Rudy Koento found yet another problem when a HTTP server returns only a
  8479. single-line of contents without any headers at all. libcurl then failed to
  8480. count the data, thus returning error 52 "no contents". Test case 66 was
  8481. added to verify that we now do right.
  8482. Version 7.10.6-pre1 (23 May 2003)
  8483. Daniel (23 May)
  8484. - Jis in bug report #741841, fixed a bug in the SOCKS5 proxy-using code.
  8485. Daniel (22 May)
  8486. - David Remahl set up a test-server for me providing Digest authentication,
  8487. and I wrote the first working code that support it. The test suite was
  8488. modified slightly as well to work better for it and --digest was added to
  8489. the command line options (and CURLOPT_HTTPDIGEST to the library)... RFC2617
  8490. has all the gory details.
  8491. Daniel (21 May)
  8492. - David Balazic pointed out that curl_unescape() didn't check that %-codes
  8493. were correctly followed by two hexadecimal digits when it unescape strings.
  8494. Now, we do the check and only %XX codes are unescaped if the X letters are
  8495. hexadecimals.
  8496. - Gisle Vanem made curl build with djgpp on DOS.
  8497. - Gisle Vanem improved the mkhelp.pl script to make a nicer manual that is
  8498. shown with curl -M.
  8499. Daniel (20 May)
  8500. - Gisle Vanem provided a fix that makes libcurl more conservative, not
  8501. expecting h_aliases of the hostent struct to always be non-NULL.
  8502. Daniel (19 May)
  8503. - As requested by Martin Michlmayr in Debian bug report #193630, libcurl now
  8504. supports user name and password in the proxy environment variables. Added
  8505. test case 63 to verify this.
  8506. Version 7.10.5 (19 May 2003)
  8507. Daniel (15 May)
  8508. - Changed the order for the in_addr_t testing, as 'unsigned long' seems to be
  8509. a very common type inet_addr() returns.
  8510. Daniel (14 May)
  8511. - George Comninos provided a fix that calls the progress meter when waiting
  8512. for FTP command responses take >1 second. It'll make applications more
  8513. "responsive" even when dealing with very slow ftp servers.
  8514. Daniel (12 May)
  8515. - George Comninos pointed out that libcurl uploads had two quirks:
  8516. o when using FTP PORT command, it used blocking sockets!
  8517. o it could loop a long time without doing progress meter updates
  8518. Both items are fixed now.
  8519. Daniel (9 May)
  8520. - Dan Fandrich changed CURLOPT_ENCODING to select all supported encodings if
  8521. set to "". This frees the application from having to know which encodings
  8522. the library supports.
  8523. - Dan Fandrich pointed out we had three unnecessary files in CVS that is
  8524. generated with libtoolize, so they're now removed and libtoolize is invoked
  8525. accordingly in the buildconf script.
  8526. - Avery Fay found out that the CURLOPT_INTERFACE way of first checking if the
  8527. given name is a network interface gave a real performance penalty on Linux,
  8528. so now we more appropriately first check if it is an IP number and if so
  8529. we don't check for a network interface with that name.
  8530. - CURLOPT_FTP_USE_EPRT added. Set this to FALSE to disable libcurl's attempts
  8531. to use EPRT and LPRT before the traditional PORT command. The command line
  8532. tool sets this option with '--disable-eprt'.
  8533. Version 7.10.5-pre2 (6 May 2003)
  8534. Daniel (6 May)
  8535. - Kevin Delafield reported another case where we didn't correctly check for
  8536. EAGAIN but only EWOULDBLOCK, which caused badness on HPUX.
  8537. Daniel (4 May)
  8538. - Ben Greear noticed that the check for 'writable argv' exited the configure
  8539. script when run for cross-compiling, which wasn't nice. Now it'll default to
  8540. no and output a warning about the fact that it was not checked for.
  8541. Daniel (2 May)
  8542. - Added test case 62 and fixed some more on the cookie sending with a custom
  8543. Host: header set.
  8544. Daniel (1 May)
  8545. - Andy Cedilnik fixed a few compiler warnings.
  8546. - Made the "SSL read error: 5" error message more verbose, by adding code that
  8547. queries the OpenSSL library to fill in the error buffer.
  8548. Daniel (30 Apr)
  8549. - Added sys/select.h include in the curl/multi.h file, after having been
  8550. reminded about this by Rich Gray.
  8551. - I made each test set its own server requirements, thus abandoning the
  8552. previous system where the test number implied what server(s) to use for a
  8553. specific test.
  8554. - David Balazic made curl more RFC1738-compliant for FTP URLs, by fixing so
  8555. that libcurl now uses one CWD command for each path part. A bunch of test
  8556. cases were fixed to work accordingly.
  8557. - Cookie fixes:
  8558. A. Save domains in jars like Mozilla does. It means all domains set in
  8559. Set-Cookie: headers are dot-prefixed.
  8560. B. Save and use the 'tailmatch' field in the Mozilla/Netscape cookie jars
  8561. (the second column).
  8562. C. Reject cookies using illegal domains in the Set-Cookie: line. Concerns
  8563. both domains with too few dots or domains that are outside the currently
  8564. operating server host's domain.
  8565. D. Set the path part by default to the one used in the request, if none was
  8566. set in the Set-Cookie line.
  8567. To make item C really good, I also made libcurl notice custom Host: headers
  8568. and extract the host name set in there and use that as the host name for the
  8569. site we're getting the cookies from. This allows user to specify a site's
  8570. IP-address, but still be able to receive and send its cookies properly if
  8571. you provide a valid Host: name for the site.
  8572. Daniel (29 Apr)
  8573. - Peter Kovacs provided a patch that makes the CURLINFO_CONNECT_TIME work fine
  8574. when using the multi interface (too).
  8575. Version 7.10.5-pre1 (23 Apr 2003)
  8576. Daniel (23 Apr)
  8577. - Upgraded to libtool 1.5.
  8578. Daniel (22 Apr)
  8579. - Peter Sylvester pointed out that curl_easy_setopt() will always (wrongly)
  8580. return CURLE_OK no matter what happens.
  8581. - Dan Fandrich fixed some gzip decompression bugs and flaws.
  8582. Daniel (16 Apr)
  8583. - Fixed minor typo in man page, reported in the Debian bug tracker.
  8584. Daniel (15 Apr)
  8585. - Fixed some FTP tests in the test suite that failed on my Solaris host, due
  8586. to the config.h not being included before the system headers. When done that
  8587. way, it did get a mixed sense of if big files are supported or not and then
  8588. stat() and fstat() (as used in test case 505) got confused and failed to
  8589. return a proper file size.
  8590. - Formposting a file using a .html suffix is now properly set to Content-Type: text/html.
  8591. Daniel (14 Apr)
  8592. - Fixed the SSL error handling to return proper SSL error messages again, they
  8593. broke in 7.10.4. I also attempt to track down CA cert problems and then
  8594. return the CURLE_SSL_CACERT error code.
  8595. - The curl tool now intercepts the CURLE_SSL_CACERT error code and displays
  8596. a fairly big and explanatory error message. Kevin Roth helped me out with
  8597. the wording.
  8598. Daniel (11 Apr)
  8599. - Nic Hines provided a second patch for gzip decompression, and fixed a bug
  8600. when deflate or gzip contents were downloaded using chunked encoding.
  8601. - Dan Fandrich made libcurl support automatic decompression of gzip contents
  8602. (as an addition to the previous deflate support).
  8603. - I made the CWD command during FTP session consider all 2xy codes to be OK
  8604. responses.
  8605. Daniel (10 Apr)
  8606. - Vlad Krupin fixed a URL parsing issue. URLs that were not using a slash
  8607. after the host name, but still had "?" and parameters appended, as in
  8608. "http://hostname.com?foobar=moo", were not properly parsed by libcurl.
  8609. Daniel (9 Apr)
  8610. - Made CURLOPT_TIMECONDITION work for FTP transfers, using the same syntax as
  8611. for HTTP. This then made -z work for ftp transfers too. Added test case 139
  8612. and 140 for verifying this.
  8613. - Getting the file date of an ftp file used the wrong time zone when
  8614. displayed. It is supposedly always GMT. Added test case 141 for this.
  8615. - Made the test suite's FTP server support MDTM.
  8616. - The default DEBUGFUNCTION, as enabled with CURLOPT_VERBOSE now outputs
  8617. CURLINFO_HEADER_IN data as well. The most notable effect from this is that
  8618. using curl -v, you get to see the incoming "headers" as well. This is
  8619. perhaps most useful when doing ftp.
  8620. Daniel (8 Apr)
  8621. - James Bursa fixed a flaw in the Content-Type extraction code, which missed
  8622. the first letter if no space followed the colon.
  8623. - Magnus Nilsson pointed out that share.c was missing in the MSVC project
  8624. file.
  8625. Daniel (6 Apr)
  8626. - Ryan Weaver provided a patch that makes the CA cert bundle not get installed
  8627. anymore when 'configure --without-ssl' has been used.
  8628. Daniel (4 Apr)
  8629. - Martijn Broenland found another cases where a server application didn't
  8630. like the boundary string used by curl when doing a multi-part/formpost. We
  8631. modified the boundary string to look like the one IE uses, as this is
  8632. probably gonna make curl work with more applications.
  8633. Daniel (3 Apr)
  8634. - Kevin Roth reported that a bunch of tests fails on cygwin. One set fails
  8635. when using perl 5.8 (and they run fine with perl 5.6), and another set
  8636. failed because of an artifact in the test suite's FTP server that I
  8637. corrected. It turned out the FTP server code was still having a file opened
  8638. while the main test script removed it and invoked the HTTP server that
  8639. attempted to create the same file name of the file the FTP server kept open.
  8640. This operation works fine on unix, but not on cygwin.
  8641. Version 7.10.4 (2 Apr 2003)
  8642. Daniel (1 Apr)
  8643. - Added test case 505 to exercise FTP upload with rename done with libcurl,
  8644. and for that I had to extend the test suite's FTP server to deal with the
  8645. RNFR and RNTO commands.
  8646. Daniel (31 Mar)
  8647. - Even more SSL config check modifications after Richard's testing.
  8648. Version 7.10.4-pre6 (31 Mar 2003)
  8649. Daniel (31 Mar)
  8650. - More fixes for the SSL session ID cache checks when SSL configs are changed
  8651. between connections. Based on tests and talks with Richard Bramante.
  8652. - Guillaume Cottenceau provided a patch that added CURLOPT_UNRESTRICTED_AUTH.
  8653. When enabled, it will prevent libcurl from limiting to which host it sends
  8654. user+password to when following locations. By default, libcurl only sends
  8655. name and password to the original host used in the first URL, but with this
  8656. option set it will send the auth info to all hosts it follows location
  8657. headers to. The new tool command line option for this is named
  8658. "--location-trusted".
  8659. - Frankie Fong reported a problem with libcurl if you re-used an easy handle
  8660. with a proxy, and you first made a https:// connection to a host and then
  8661. switched to a http:// one to the same host. libcurl would then wrongly re-use
  8662. the same connection for it and fail to get the second URL properly
  8663. Daniel (29 Mar)
  8664. - Dan Shearer's fix that makes curl complain if invoked with nothing but "curl
  8665. -O" was applied.
  8666. Daniel (26 Mar)
  8667. - Bryan Kemp was friendly enough to lend me an account on his Redhat 9 box and
  8668. I could fix the configure problems on redhat 8.1 and 9 in no time thanks to
  8669. this. Thanks a bunch Bryan!
  8670. Daniel (25 Mar)
  8671. - Renamed configure.in to configure.ac
  8672. Version 7.10.4-pre5 (25 Mar 2003)
  8673. Daniel (25 Mar)
  8674. - Richard Bramante provided a fix for a handle re-use problem seen when you
  8675. change options on an SSL-enabled connection between requests. Previously,
  8676. changing peer verification or host verification and similar things was not
  8677. taken into account when a connection were checked for re-use and thus
  8678. enabling stricter check between requests on a re-used connection made no
  8679. difference and the connection would thus be used erroneously.
  8680. Daniel (24 Mar)
  8681. - Götz Babin-Ebell pointed out that the ca-bundle.crt file contained a
  8682. certificate from Trustcenter that was a demo certificate only that was never
  8683. intended to be part of a CA bundle.
  8684. Daniel (21 Mar)
  8685. - Life is a mystery. Within a time period of 17 hours, Tim Pope and Michael
  8686. Churchill filed one bug report each, both identifying problems with a second
  8687. transfer when doing persistent transfers re-using a connection. Tim's one is
  8688. #706624, labeled "Multiple uploads per handle fail" and Michael's #707003
  8689. "Does not send Authorization: header when reusing connection". I could track
  8690. both down to the same piece of logic and it turned out libcurl was not using
  8691. new settings properly when re-using an existing connection. This concerned
  8692. both uploading and downloading and involved exactly those pieces these two
  8693. reports identified. This code has been this faulty since the day I
  8694. introduced persistent connection support in libcurl, more than 2 years ago.
  8695. Daniel (20 Mar 2003)
  8696. - Five year anniversary. Today five years ago, the first ever curl release saw
  8697. the light of day.
  8698. Daniel (17 Mar)
  8699. - Andy Cedilnik corrected flaws in some libcurl example-usage sources.
  8700. Daniel (16 Mar)
  8701. - Juan F. Codagnone reported that the fix from March 2nd was incomplete.
  8702. - Added code to the configure.in to check for select() argument types. I've
  8703. not made any code use the results just yet though.
  8704. Daniel (15 Mar)
  8705. - Gisle Vanem provided two patches to build better on Windows.
  8706. - Adjusted the test suite code to better make sure that the server(s) required
  8707. for a specific test is properly started before the test case is attempted.
  8708. Many tests now run a lot faster than before.
  8709. Daniel (14 Mar)
  8710. - Another configure.in adjustment made the configure detect functions properly
  8711. on HPUX now.
  8712. Daniel (13 Mar)
  8713. - Philippe Raoult fixed pre4-compile quirks for FreeBSD.
  8714. Version 7.10.4-pre4 (13 Mar 2003)
  8715. Daniel (13 Mar)
  8716. - Added a backup-check for functions that aren't found by AC_CHECK_FUNCS()
  8717. as I believe some checks on HPUX need this. At least some of the info given
  8718. to us by Rick Jones seemed to indicate this.
  8719. Daniel (12 Mar)
  8720. - Thomas Tonino found out that if you used the curl tool to do PUT operations
  8721. as in 'curl www.foo.com/dir/ -T file' and the file name included for example
  8722. space or other characters that don't belong in URLs, curl did not properly
  8723. URL encode them before using them in the URL.
  8724. - Added an option to configure called --enable-libgcc that simply adds -lgcc
  8725. to the LIBS variable, as this seems to be a common problem.
  8726. - I modified the configure.in file, so that the headers are now checked in an
  8727. order of "viality". We must also make sure to use the "default headers"
  8728. parameter to AC_CHECK_HEADERS() so that headers are checked with the proper
  8729. prerequisites included (i.e all the major and generally important header
  8730. files are included there by default). This might be what we need for various
  8731. Sun, HP, AIX and Tru64 systems to behave good again on the header check
  8732. front.
  8733. - Rick Jones pointed out a few compiler warnings on HP-UX that I addressed.
  8734. - I made the configure --help output nicer by using AC_HELP_STRING() a lot
  8735. more.
  8736. Daniel (11 Mar)
  8737. - Christophe Demory fixed the socket sending code to work better on HP-UX
  8738. when sending data to a socket that would block. It then returns EAGAIN, not
  8739. EWOULDBLOCK.
  8740. - Richard Gorton improved the seeding function for systems without a good
  8741. and reliable random source.
  8742. - Richard Gorton fixed a few warnings that popped up when you built curl
  8743. using the Sun compiler on a 64bit SPARC platform.
  8744. - Martin C. Martin fixed a case where a connect failure using the multi
  8745. interface didn't produce a human readable error string.
  8746. Daniel (10 Mar)
  8747. - Reverted ltmain.sh back to libtool 1.4.2 status again, as the 1.4.3 version
  8748. broke the build on numerous platforms. It seems that libtool 1.4.3 puts some
  8749. requirements on what versions of the other tools (autoconf + automake) that
  8750. I am not familiar with and thus I couldn't fulfill at this point.
  8751. Yes, this is more than mildly frustrating.
  8752. Daniel (7 Mar)
  8753. - Run libtoolize version 1.4.3.
  8754. Version 7.10.4-pre3 (4 Mar 2003)
  8755. Daniel (3 Mar)
  8756. - Added share.obj to the VC6 and Borland libcurl makefiles.
  8757. - Troels Walsted Hansen found and investigated a problem with libcurl on AIX,
  8758. presumably only on 4.3 or later. gethostbyname_r() is not returning data
  8759. that is possible to "keep" and cache the way libcurl does. But instead these
  8760. versions of AIX uses a gethostbyname() that works thread-safely we can
  8761. instead use the ordinary gethostbyname() and our pack_hostent() approach to
  8762. achieve what we want. The configure script now attempts to detect AIX 4.3 or
  8763. later to adjust for this.
  8764. Daniel (2 Mar)
  8765. - Juan F. Codagnone found a problem introduced in 7.10.3 when you first did a
  8766. POST and then back to a GET using the same easy handle.
  8767. Daniel (28 Feb)
  8768. - Removed the strequal and strnequal defines from curl/curl.h header. They
  8769. were never meant for the public header anyway. Philippe Raoult brought it
  8770. up.
  8771. - James Bursa fixed the RISC OS build.
  8772. Daniel (27 Feb)
  8773. - Avery Fay pointed out the very misleading curl_multi_info_read man page, and
  8774. I updated it to become more accurate.
  8775. - Salvatore Sorrentino found a problem with FTP downloading that turned out to
  8776. be his FTP server returning size zero (0 bytes) when SIZE was used on a file
  8777. while being in BINARY mode. We now make a second check for the actual size
  8778. by scanning the RETR reply anyway, even if the SIZE command returned 0.
  8779. Daniel (26 Feb)
  8780. - Kyle Sallee reported a case where he would do a transfer that didn't update
  8781. the progress meter properly. It turned out to be a case where libcurl would
  8782. loop a little too eagerly in the transfer loop, which isn't really good for
  8783. the APIs, especially not the multi API.
  8784. Version 7.10.4-pre2 (24 Feb 2003)
  8785. Daniel (24 Feb)
  8786. - Kjetil Jacobsen found out that setting CURLOPT_MAXCONNECTS to a value higher
  8787. than 5 could cause a segfault.
  8788. - I believe I fixed the 'Expect: 100-continue' behavior that has been broken
  8789. for a while (I think since my change dated Dec 10 2002). When this header is
  8790. used, libcurl should wait for a HTTP 100 (or timeout) before sending the
  8791. post/put data.
  8792. Daniel (14 Feb)
  8793. - Matthew Clarke provided some info what to modify to make curl build
  8794. flawlessly on AIX 3.2.5.
  8795. - Martin C. Martin found and fixed a problem in the multi interface when
  8796. running on Windows and trying to connect to a port without a listener.
  8797. Daniel (13 Feb)
  8798. - Christopher R. Palmer fixed Curl_base64_encode() to deal with zeroes in the
  8799. data to encode.
  8800. Daniel (4 Feb)
  8801. - Jean-Philippe added the first code that enables the 'share' system. This
  8802. should now enable sharing of DNS data between two curl easy handles.
  8803. - Incorporated Nico Baggus' fixes to again compile flawlessly on VMS.
  8804. - James Bursa corrected a bad comment in the public include file curl/multi.h
  8805. - Peter Forret reported one of those error:00000000 cases in libcurl again
  8806. when connecting to a HTTPS site, and this time I did discover some oddities
  8807. in how curl reports SSL errors back. It could miss showing the actual error.
  8808. Version 7.10.4-pre1 (3 Feb 2003)
  8809. Daniel (3 Feb)
  8810. - Removed things in the docs saying capath doesn't work on Windows, as Julian
  8811. Noble told us it works fine.
  8812. Daniel (31 Jan)
  8813. - Kevin Roth fixed the zlib build stuff in the Mingw32 makefile.
  8814. Daniel (30 Jan)
  8815. - Kevin Roth found out that curl on Windows always checked for the CA cert
  8816. bundle using the environment variable and the path scan, even though
  8817. -k/--insecure was used.
  8818. - Hamish Mackenzie pointed out that curl only did strict host name verifying
  8819. if capath or cainfo was used. Now it'll always do it unless -k / --insecure
  8820. is used!
  8821. - Pavel Cenek pointed out that the Content-Type extraction was done wrongly
  8822. as the full string was not fetched. Added test case 57 to verify that curl
  8823. does it right now.
  8824. Daniel (29 Jan)
  8825. - Jamie Wilkinson provided a patch that now makes curl attempt to clear out
  8826. "sensitive" command line arguments so that they don't appear in ps outputs
  8827. (only on platforms that allow writing to argv[]).
  8828. - John McGowan found out that the DEBUGFUNCTION could be called with bad
  8829. arguments and thus cause the --trace outputs to go wrong.
  8830. - Removed all the emacs local variables from all files. Mats Lidell provided
  8831. the new sample.emacs file (for a sample of what to include in your .emacs)
  8832. and the curl-style.el that sets a better c-style for editing curl sources.
  8833. - Dave Halbakken found a problem with FTP downloads that could accidently
  8834. return CURLE_PARTIAL_FILE when curl_easy_perform() was called with NOBODY
  8835. set TRUE.
  8836. Daniel (27 Jan)
  8837. - The fopen.c example was flawed as Nick Humfrey noticed, and I fixed it to
  8838. work again.
  8839. Daniel (24 Jan)
  8840. - Bertrand Demiddelaer found and fixed a memory leak (the content-type string)
  8841. when following locations.
  8842. Daniel (22 Jan 2003)
  8843. - Ian Wilkes and Legoff Vincent both independently provided fixes for making
  8844. curl/multi.h work properly when compiled with a C++ compiler.
  8845. Daniel (20 Jan 2003)
  8846. - Fixed 'buildconf' to check version number of the required tools before
  8847. they're actually used.
  8848. - Wrote 'testcurl.sh', a script targeted for automatic and distributed curl
  8849. tests on various platforms.
  8850. - David Thiel pointed out that the .netrc file was not being dealt with
  8851. properly anymore. I broke this in the password prompting "fix".
  8852. - Markus F.X.J. Oberhumer patched libcurl to allocate the scratch buffer only
  8853. on demand and thus we save 32KB in each curl handle that don't use that
  8854. buffer. This need appeared when some people started using thousands of
  8855. simultaneous curl handles... :-)
  8856. Daniel (16 Jan 2003)
  8857. - Markus Oberhumer fixed curl-config --cflags when the includedir was not
  8858. /usr/include.
  8859. - Markus Oberhumer fixed CURLINFO_PRIVATE to properly return NULL if it was
  8860. set to NULL!
  8861. Version 7.10.3 (14 Jan 2003)
  8862. Daniel (10 Jan 2003)
  8863. - Steve Oliphant pointed out that test case 105 did not work anymore and this
  8864. was due to a missing fix for the password prompting.
  8865. Version 7.10.3-pre6 (10 Jan 2003)
  8866. Daniel (9 Jan 2003)
  8867. - Bryan Kemp pointed out that curl -u could not provide a blank password
  8868. without prompting the user. It can now. -u username: makes the password
  8869. empty, while -u username makes curl prompt the user for a password.
  8870. - Kjetil Jacobsen found a remaining connect problem in the multi interface on
  8871. ipv4 systems (Linux only?), that I fixed and Kjetil verified that it fixed
  8872. his problems.
  8873. - memanalyze.pl now reads a file name from the command line, and no longer
  8874. takes the data on stdin as before.
  8875. Version 7.10.3-pre5 (9 Jan 2003)
  8876. Daniel (9 Jan 2003)
  8877. - Fixed tests/memanalyze.pl to work with file names that contain colons (as on
  8878. Windows).
  8879. - Kjetil Jacobsen quickly pointed out that lib/share.h was missing...
  8880. Version 7.10.3-pre4 (9 Jan 2003)
  8881. Daniel (9 Jan 2003)
  8882. - Updated lib/share.c quite a bit to match the design document at
  8883. http://curl.haxx.se/dev/sharing.txt a lot more.
  8884. I'll try to update the document soonish. share.c is still not actually used
  8885. by libcurl, but the API is slowly getting there and we can start
  8886. implementing code that takes advantage of this system.
  8887. Daniel (8 Jan 2003)
  8888. - Updated share stuff in curl/curl.h, including data types, structs and
  8889. function prototypes. The corresponding files in lib/ were also modified
  8890. of course to remain compilable. Based on input from Jean-Philippe and also
  8891. to make it more in line with the design document.
  8892. - Jean-Philippe Barrette-LaPierre patched a very trivial memory leak in
  8893. curl_escape() that would happen when realloc() returns NULL...
  8894. - Matthew Blain provided feedback to make the --create-dirs stuff build
  8895. properly on Windows.
  8896. - Fixed the #include in tests/libtest/first.c as Legoff Vincent pointed out.
  8897. Daniel (7 Jan 2003)
  8898. - Philippe Raoult provided a patch that now makes libcurl properly support
  8899. wildcard checks for certificate names.
  8900. - Simon Liu added CURLOPT_HTTP200ALIASES, to let an application set other
  8901. strings recognized as "HTTP 200" to allow http-like protocols to get
  8902. downloaded fine by curl.
  8903. - Now using autoconf 2.57 and automake 1.7.2
  8904. - Doing "curl -I ftp://domain/non-existing-file" still outputed a date!
  8905. Wayne Haigh reported.
  8906. - The error message is now written properly with a newline in the --trace
  8907. file.
  8908. Daniel (6 Jan 2003)
  8909. - Sterling Hughes fixed a possible bug: previously, if you called
  8910. curl_easy_perform and then set the global dns cache, the global cache
  8911. wouldn't be used. Pointed out by Jean-Philippe Barrette-LaPierre.
  8912. - Matthew Blain's fixed the VC6 libcurl makefile to include better debug data
  8913. on debug builds.
  8914. Daniel (27 Dec 2002)
  8915. - Philippe Raoult reported a bug with HTTPS connections which I evidently
  8916. added in my 19 dec fix. I corrected it.
  8917. Daniel (20 Dec)
  8918. - Idea from the Debian latest patch: use AM_MAINTAINER_MODE in the configure
  8919. script to make the default makefile less confusing "to the casual
  8920. installer".
  8921. Version 7.10.3-pre3 (20 Dec)
  8922. Daniel (19 Dec)
  8923. - Matthew Blain patched the Curl_base64_decode() function.
  8924. - Evan Jordan reported in bug report #653022 that the SSL_read() usage was
  8925. wrong, and it certainly was. It could lead to curl using too much CPU due to
  8926. a stupid loop.
  8927. Daniel (18 Dec)
  8928. - As suggested by Margus Freudenthal, CURLE_HTTP_NOT_FOUND was renamed to
  8929. CURLE_HTTP_RETURNED_ERROR since it is returned on any >= 400 code when
  8930. CURLOPT_FAILONERROR is set.
  8931. Daniel (17 Dec)
  8932. - Bug reported #651464, reported by Christopher Palmer, provided an example
  8933. source code using the multi interface that hang when trying to connect to a
  8934. proxy on a localhost port where no proxy was listening. This bug was not
  8935. repeatable on libcurls that were IPv6-enabled.
  8936. Daniel (16 Dec)
  8937. - Christopher Palmer also noticed what Vojtech Janota already was
  8938. experiencing: The attempted name resolve fix for glibc 2.2.93 caused libcurl
  8939. to crash when used on some older glibc versions. The problem is of course
  8940. the silliness of the 2.2.93. I committed a fix that hopefully should make
  8941. the binary run fine on either one of the versions, even though the solution
  8942. is not as nice as I'd like it to be.
  8943. Daniel (13 Dec)
  8944. - Bug report #651460 by Christopher R. Palmer showed that when using libcurl
  8945. to for example go over a proxy on localhost, it would attempt to connect
  8946. through the proxy TWICE.
  8947. I added test case 503 with which I managed to repeat this problem and I
  8948. fixed the code to not re-attempt any connects (which also made it a nicer
  8949. fix for the #650941 bug mentioned below).
  8950. The sws server was extended to deal with CONNECT in order to make test
  8951. case 503 do good.
  8952. - Evan Jordan posted bug report #650989 about a memory leak in the public key
  8953. retrieving code. He provided a suggested fix and I merely applied it!
  8954. - Bug report #650941, posted by Christopher R. Palmer identified a problem
  8955. with the multi interface and getting file:// URLs. This was now fixed and
  8956. test case 502 was added to verify this.
  8957. Daniel (12 Dec)
  8958. - Test case 500 and 501 are the first ever libcurl test cases that run.
  8959. - Made "configure --enable-debug" cut off all -O* options to the compiler
  8960. - Finally fixed the test suite's ftp server so that test case 402 doesn't
  8961. cause the following test case to fail anymore!
  8962. Daniel (11 Dec)
  8963. - CURL_MAX_WRITE_SIZE is now decreased to 16KB since it makes the Windows
  8964. version perform uploads much faster!!! RBramante did lots of research on
  8965. this topic.
  8966. - Fixed the #include in curl/curl.h to include the other files outside the
  8967. extern "C" scope.
  8968. Daniel (10 Dec)
  8969. - Moved around and added more logic:
  8970. First, POST data is never sent as part of the request headers in the http.c
  8971. code. It is always sent the "normal" read callback then send() way. This now
  8972. enables a plain HTTP POST to be sent chunked if we want to. This also
  8973. reduces the risk of having very big POSTs causing problems.
  8974. Further, sending off the initial HTTP request is not done using a loop
  8975. anymore. If it wasn't all sent off in the first send(), the rest of the
  8976. request is sent off in the normal transfer select() loop. This makes several
  8977. things possible, but mainly it makes libcurl block less when used from the
  8978. multi interface and it also reduces the risk of problems with issuing very
  8979. large requests.
  8980. Daniel (9 Dec)
  8981. - Moved the read callback pointer and data within the structs to a more
  8982. suitable place. This in preparation for a better HTTP-request sending code
  8983. without (a silly) loop.
  8984. - The Dodds fix seems not to work.
  8985. - Vojtech Janota tests proved that the resolve fix from oct 21st is not good
  8986. enough since obviously older glibcs might return EAGAIN without this meaning
  8987. that the buffer was too small.
  8988. - [the other day] Made libcurl loop on recv() and send() now until done, and
  8989. then get back to select(). Previously it went back to select() more often
  8990. which really was a slight overhead. This was due to the reported performance
  8991. problems on HTTP PUT on Windows. I couldn't see any notable difference on
  8992. Linux...
  8993. Version 7.10.3-pre2 (4 Dec 2002)
  8994. Daniel (4 Dec 2002)
  8995. - Lots of work with Malcolm Dodds made me add a temporary code fix that now
  8996. shortens the timeout waiting for the 226 or 250 line after a completed
  8997. FTP transfer.
  8998. If no data is received within 60 seconds, this is taken as a sign of a dead
  8999. control connection and we bail out.
  9000. Daniel (3 Dec 2002)
  9001. - Ralph's bug report #644841 identified a problem in which curl returned a
  9002. timeout error code when in fact the problem was not a timeout. The proper
  9003. error should now be propagated better when they're detected in the FTP
  9004. response reading function.
  9005. - Updated the Borland Makefiles.
  9006. Daniel (2 Dec 2002)
  9007. - Nicolas Berloquin provided a patch that introduced --create-dirs to the
  9008. command line tool. When used in combination with -o, it lets curl create
  9009. [non-existing] directories used in -o, suitably used with #-combinations
  9010. such as:
  9011. curl "www.images.com/{flowers,cities,parks,mountains}/pic_[1-100].jpg \
  9012. -o "dir_#1/pic#2.jpg" --create-dirs
  9013. Version 7.10.3-pre1
  9014. Daniel (28 Nov 2002)
  9015. - I visited Lars Nordgren and had a go with his problem, which lead me to
  9016. implement this fix. If libcurl detects the added custom header
  9017. "Transfer-Encoding: chunked", it will now enable a chunked transfer.
  9018. Also, chunked transfer didn't quite work before but seems to do so now.
  9019. - Kjetil Jacobsen pointed out that ./configure --disable-ipv6 --without-zlib
  9020. didn't work on any platform...
  9021. Daniel (26 Nov 2002)
  9022. - Fixed a bad addrinfo free in the hostip.c code, hardly exposed anywhere
  9023. - Dan Becker found and fixed a minor memory leak on persistent connnections
  9024. using CURLOPT_USERPWD.
  9025. Daniel (22 Nov 2002)
  9026. - Based on Ralph Mitchell's excellent analysis I found a bug in the test suite
  9027. web server (sws) which now lets test case 306 run fine even in combination
  9028. with the other test cases.
  9029. - Juan Ignacio Hervás found a crash in the verbose connect message that is
  9030. used on persistent connections. This bug was added in 7.10.2 due to the
  9031. rearranged name resolve code.
  9032. Daniel (20 Nov 2002)
  9033. - Kjetil Jacobsen provided a patch that introduces:
  9034. CURLOPT_PRIVATE stores a private pointer in the curl handle.
  9035. CURLINFO_PRIVATE retrieves the private pointer from the curl handle.
  9036. - Karol Pietrzak pointed out how curl-config --cflags didn't output a good
  9037. include dir so I've removed that for now.
  9038. Version 7.10.2 (18 Nov 2002)
  9039. Daniel (11 Nov 2002)
  9040. - Dave Halbakken added curl_version_info to lib/libcurl.def to make libcurl
  9041. properly build with MSVC on Windows.
  9042. Daniel (8 Nov 2002)
  9043. - Doing HTTP PUT without a specified file size now makes libcurl use
  9044. Transfer-Encoding: chunked.
  9045. Daniel (7 Nov 2002)
  9046. - Bug report #634625 identified how curl returned timeout immediately when
  9047. CURLOPT_CONNECTTIMEOUT was used and provided a fix.
  9048. Version 7.10.2-pre4 (6 Nov 2002)
  9049. Daniel (5 Nov 2002)
  9050. - Lehel Bernadt found out and fixed. libcurl sent error message to the debug
  9051. output when it stored the error message.
  9052. - Avery Fay found some problems with the DNS cache (when the cache time was
  9053. set to 0 we got a memory leak, but when the leak was fixed he got a crash
  9054. when he used the CURLOPT_INTERFACE with that) that had me do some real
  9055. restructuring so that we now have a reference counter in the dns cache
  9056. entries to prevent an entry to get flushed while still actually in use.
  9057. I also detected that we previously didn't update the time stamp when we
  9058. extracted an entry from the cache so that must've been a reason for some
  9059. very weird dns cache bugs.
  9060. Version 7.10.2-pre3
  9061. Daniel (31 Oct 2002)
  9062. - Downgraded automake to 1.6.3 in an attempt to fix cygwin problems. (It
  9063. turned out this didn't help though.)
  9064. - Disable the DNS cache (by setting the timeout to 0) made libcurl leak
  9065. memory. Avery Fay brought the example code that proved this.
  9066. Version 7.10.2-pre2
  9067. Daniel (28 Oct 2002)
  9068. - Upgraded to autoconf 2.54 and automake 1.7 on the release-build host.
  9069. - Kevin Roth made the command line tool check for a CURL_CA_BUNDLE environment
  9070. variable (if --cacert isn't used) and if not set, the Windows version will
  9071. check for a file named "curl-ca-bundle.crt" in the current directory or the
  9072. directory where curl is located. That file is then used as CA root cert
  9073. bundle.
  9074. - Avery Fay pointed out that curl's configure scrip didn't get right if you
  9075. used autoconf newer than 2.52. This was due to some badly quoted code.
  9076. Version 7.10.2-pre1
  9077. Daniel (23 Oct 2002)
  9078. - Emiliano Ida confirmed that we now build properly with the Borland C++
  9079. compiler too. We needed yet another fix for the ISO cpp check in the curl.h
  9080. header file.
  9081. - Yet another fix was needed to get the HTTP download without headers to work.
  9082. This time it was needed if the first "believed header" was read all in the
  9083. first read. Test 306 has not run properly since the 11th october fix.
  9084. Daniel (21 Oct 2002)
  9085. - Zvi Har'El pointed out a problem with curl's name resolving on Redhat 8
  9086. machines (running IPv6 disabled). Mats Lidell let me use an account on his
  9087. machine and I could verify that gethostbyname_r() has been changed to return
  9088. EAGAIN instead of ERANGE when the given buffer size is too small. This is
  9089. glibc 2.2.93.
  9090. - Albert Chin helped me get the -no-undefined option corrected in
  9091. lib/Makefile.am since Cygwin builds want it there while Solaris builds don't
  9092. want it present. Kevin Roth helped me try it out on cygwin.
  9093. - Nikita Schmidt provided a bug fix for a FOLLOWLOCATION bug introduced when
  9094. the ../ support got in (7.10.1).
  9095. Daniel (18 Oct 2002)
  9096. - Fabrizio Ammollo pointed out a remaining problem with FOLLOWLOCATION in
  9097. the multi interface.
  9098. Daniel (17 Oct 2002)
  9099. - Richard Cooper's experimenting proved that -j (CURLOPT_COOKIESESSION) didn't
  9100. work quite as supposed. You needed to set it *before* you use
  9101. CURLOPT_COOKIEFILE, and we dont' want that kind of dependencies.
  9102. Daniel (15 Oct 2002)
  9103. - Andrés García provided corrections for erratas in four libcurl man pages.
  9104. Daniel (13 Oct 2002)
  9105. - Starting now, we generate and include PDF versions of all the docs in the
  9106. release archives.
  9107. Daniel (12 Oct 2002)
  9108. - Trying to connect to a host on a bad port number caused the multi interface
  9109. to never return failure and it appeared to keep on trying forever (it just
  9110. didn't do anything).
  9111. Daniel (11 Oct 2002)
  9112. - Downloading HTTP without headers didn't work 100%, some of the initial data
  9113. got written twice. Kevin Roth reported.
  9114. - Kevin Roth found out the "config file" parser in the client code could
  9115. segfault, like if DOS newlines were used.
  9116. Version 7.10.1 (11 Oct 2002)
  9117. Daniel (10 Oct 2002)
  9118. - Jeff Lawson fixed a few problems with connection re-use that remained when
  9119. you set CURLOPT_PROXY to "".
  9120. Daniel (9 Oct 2002)
  9121. - Craig Davison found a terrible flaw and Cris Bailiff helped out in the
  9122. search. Getting HTTP data from servers when the headers are split up in
  9123. multiple reads, could cause junk data to get inserted among the saved
  9124. headers. This only concerns HTTP(S) headers.
  9125. Daniel (8 Oct 2002)
  9126. - Vincent Penquerc'h gave us the good suggestion that when the ERRRORBUFFER
  9127. is set internally, the error text is sent to the debug function as well.
  9128. - I fixed the telnet code to timeout properly as the option tells it to. On
  9129. non-windows platforms.
  9130. Daniel (7 Oct 2002)
  9131. - John Crow pointed out that libcurl-the-guide wasn't included in the release
  9132. tarball!
  9133. - Kevin Roth pointed out that make install didn't do right if build outside
  9134. the source tree (ca-bundle wise).
  9135. - FOLLOWLOCATION bugfix for the multi interface
  9136. Daniel (4 Oct 2002)
  9137. - Kevin Roth got problems with his cygwin build with -no-undefined was not
  9138. present in lib/Makefile.am so I put it back in there again. The poor one who
  9139. needs to remove it again must write a configure script to detect that need.
  9140. - Ralph Mitchell pointed out that curl was a bit naive and didn't deal with ./
  9141. or ../ stuff in the string passed back in a Location: header when following
  9142. locations.
  9143. - Albert Chin helped me to work out a better configure.in check for zlib, and
  9144. both --without-zlib and -with-zlib seem to work rather well right now.
  9145. - Zvi Har'El improvied the OpenSSL ENGINE check in the configure script to
  9146. become more accurate.
  9147. Daniel (1 Oct 2002)
  9148. - Detlef Schmier pointed out the lack of a --without-libz option to configure,
  9149. so I added one.
  9150. Version 7.10 (1 Oct 2002)
  9151. Daniel (30 Sep 2002)
  9152. - Modified the curl_version_info() proto and returned struct once again, and
  9153. updated the man page accordingly.
  9154. - Cris Bailiff found out that the pre-releases crashed on name lookups on
  9155. names such as "a:" or "baz:" (on Linux versions not being ipv6-enabled) due
  9156. to some weird return codes from gethostbyname_r(). I'll blame the complete
  9157. lack of docs in that department. Cris provided a fix, which I modified only
  9158. slightly.
  9159. Daniel (27 Sep 2002)
  9160. - After a suggestion from Christian Kurz to Debian curl package maintainer
  9161. Domenico Andreoli, I made it possible to override the proxy environment
  9162. variables better. Now, by setting -x "" you can explicitly tell libcurl to
  9163. not use a proxy, no matter whan the environment variables say.
  9164. Version 7.10-pre4
  9165. Daniel (26 Sep 2002)
  9166. - Extended curl_version_info() more and wrote a man page for it.
  9167. Daniel (25 Sep 2002)
  9168. - libcurl could leak memory when downloading multiple files using http ranges,
  9169. reported and fixed by Jean-Luc Guevel.
  9170. - Walter J. Mack provided code and docs for the new curl_free() function that
  9171. shall be used to free memory that is allocated by libcurl and returned back
  9172. to the application, as curl_escape() and curl_unescape() do.
  9173. - Yarram Sunil pointed out a flaw in the multi interface where a failed
  9174. connection didn't close down properly and thus a second transfer using the
  9175. same handle failed.
  9176. - Andrés García fixed a flaw that made (among other things) dict-fetches
  9177. return a random value.
  9178. Daniel (24 Sep 2002)
  9179. - Wez Furlong brought his initial patch that introduced curl_version_info().
  9180. We might need to tweak it somewhat before release.
  9181. Daniel (20 Sep 2002)
  9182. - Craig Markwardt fixed another Tru64 IP resolve problem.
  9183. Daniel (19 Sep 2002)
  9184. - Dolbneff A.V and Spiridonoff A.V made the file:// code work with resumes
  9185. in the same style other code does.
  9186. - Ilguiz Latypov fixed a flaw in the client code when fetching multiple URLs
  9187. and -C - was used. The first file's resume position was then accidentally
  9188. reused on all the other files too.
  9189. Daniel (18 Sep 2002)
  9190. - The curl_easy_setopt.3 man page was greatly modified and the options have
  9191. now been grouped in logical groups so that it should be somewhat easier to
  9192. read it and find things you search for.
  9193. Daniel (13 Sep 2002)
  9194. - Kevin Roth pinpointed a scary flaw in libcurl, when the HTTP server doesn't
  9195. send any headers back, only raw content. Right, that is a violation of the
  9196. standard but still happens at times and we need to deal with it. Test case
  9197. 306 was added to verify that we do right now.
  9198. Version 7.10-pre3
  9199. Daniel (11 Sep 2002)
  9200. - Lukasz Czekierda found out that curl didn't send a correct HTTP Host: header
  9201. when you specified the URL with an IPv6 IP-address.
  9202. Daniel (4 Sep 2002)
  9203. - Sven Neuhaus made --silent being acknowledged even when multiple URLs
  9204. were used. It used to output "[1/2]: http://host/a.html.de --> a.html.d" etc
  9205. even when told to shut up.
  9206. Daniel (3 Sep 2002)
  9207. - Updated all source code headers to use MIT-license references only, and
  9208. point to the COPYING file and the http://curl.haxx.se/docs/copyright.html
  9209. URL. I've cut out all references to MPL that I could find.
  9210. - Corected the makefiles to not always use -lz when linking
  9211. Version 7.10-pre2
  9212. Daniel (2 Sep 2002)
  9213. - James Gallagher added Content-Encoding support to libcurl so now curl and
  9214. libcurl-using apps can request compressed contents using the 'deflate'
  9215. method. See the special file lib/README.encoding for details.
  9216. curl --compressed is now used to request compressed contents.
  9217. curl-config --feature will include 'libz' if this feature was around when
  9218. the library was built.
  9219. Daniel (30 Aug 2002)
  9220. - Applied an anonymous SOCKS5-proxy patch. Not properly working in all
  9221. situations though, as all getaddrinfo()-using libcurls will fail on this.
  9222. This is because of the somewhat naive way the current code tries to extract
  9223. the IP address of the proxy.
  9224. - Fixed up the SSL cert fixes from the other day even more after more inputs
  9225. from Cris. Added three new SSL error codes to make the
  9226. CURLE_SSL_CONNECT_ERROR slightly less overloaded.
  9227. Daniel (27 Aug 2002)
  9228. - After lots of talk with Tom Zerucha, Nick Gimbrone and Cris Bailiff I
  9229. decided to talk the bold path and I now made libcurl do CA certificate
  9230. verification by default. Thus library users need to explicitly turn this off
  9231. if you want to connect to sites without proper checking. We also install a
  9232. CA cert bundle on 'make install' now.
  9233. The curl tool now requires the -k/--insecure option in order to allow
  9234. connections and operations on SSL sites that aren't properly verified with
  9235. -cafile or --capath.
  9236. curl-config --ca displays the built-in path to the CA cert bundle.
  9237. Daniel (26 Aug 2002)
  9238. - Andrew Francis cleaned up some code that now compiles fine without the need
  9239. for ugly MSVC pragmas.
  9240. - Keith MacDonald found a minor bug in src/main.c that made it close stdin
  9241. instead of the actual file handle. It shouldn't have resulted in much
  9242. trouble as most operating systems close all file handles on process exit
  9243. anyway.
  9244. Daniel (22 Aug 2002)
  9245. - Markus Oberhumer provided some documentation for his previously provided
  9246. CURLOPT_NOSIGNAL fix.
  9247. - Patched the lib/Makefile.am to hopefully no longer complain on undefined
  9248. symbols that seemed to occur on builds with shared OpenSSL libraries on
  9249. Solaris lately...
  9250. Daniel (20 Aug 2002)
  9251. - Fixed compiler warnings on MSCV++ compiles. We're looking for help here:
  9252. remove the pragmas from lib/config-win32.h and adjust the sources where
  9253. the warnings occur. Hiding them with pragmas like this is not the correct
  9254. way of dealing with compiler warnings.
  9255. Daniel (13 Aug 2002)
  9256. - Ulrich Zadow made the global include files in curl/* include themselves
  9257. using "curl.h" instead of <curl/curl.h> which thus allows people to more
  9258. freely decide how to include curl and how to setup their include paths.
  9259. - Sterling Hughes added the curl_share* interface, somewhat as discussed
  9260. previously.
  9261. - Jörn Hartroth pointed out that poll() was used in the pre1 source code and
  9262. it isn't very portable, so now I check for it in the configure script and
  9263. work around it.
  9264. Version 7.9.9-pre1
  9265. Daniel (12 Aug 2002)
  9266. - Applied my initial take on making the multi stuff more asynchronous. Connects
  9267. should now return back without "hanging" until it has connected for real.
  9268. This should also be the case for FTP-PASV connects.
  9269. Daniel (9 Aug 2002)
  9270. - Applied Markus F.X.J. Oberhumer's patch that introduces CURLOPT_NOSIGNAL,
  9271. which effectively prevents libcurl from doing anything that may cause
  9272. signals to get sent. This is basicly for multi-threaded applications that
  9273. now can use timeouts properly, without risking any signals to burst in and
  9274. ruin the party.
  9275. Daniel (5 Aug 2002)
  9276. - Lukasz Czekierda reported that RFC2732-style literal IPv6 addresses didn't
  9277. work. When did that code vanish? Anyway, it's back again now and seems to
  9278. work!
  9279. - Jonatan Lander found out that POSTing an empty string didn't work with the
  9280. command line tool.
  9281. Daniel (3 Aug 2002)
  9282. - Jörn Hartroth fixed the libcurl.def file to build the windows DLL with
  9283. the multi interface enabled.
  9284. Daniel (1 Aug 2002)
  9285. - The ftp PORT command now uses a better default IP address, as it will
  9286. extract and use the local IP address used by the control connection.
  9287. - Modified the #include lines in curl/multi.h to work better on more
  9288. platforms.
  9289. Daniel (31 Jul 2002)
  9290. - Attempted a fix for Ray DeGennaro's reported HP-UX host name resolve
  9291. problems.
  9292. Daniel (30 Jul 2002)
  9293. - Priya Ramakrishnan and Ryan Jones compiles curl/curl.h with a C++ compiler
  9294. and don't get __STDC__ defined, which required us to extend the preprocessor
  9295. check for the ## operator usage.
  9296. - Correct the description for CURLOPT_PASSWDFUNCTION, if set to NULL the
  9297. internal default function will be put back.
  9298. - danfuzz at milk.com found out that libcurl badly assumed a space after
  9299. 'Set-Cookie:' so if it wasn't present, it caused the first letter of the
  9300. cookie name to fall off!
  9301. Daniel (29 Jul 2002)
  9302. - The password prompt asking for user password used stdout and now uses
  9303. stderr instead to better allow redirecting. It also leaked a fopen() file
  9304. handle that is now fixed.
  9305. Daniel (28 Jul 2002)
  9306. - HAVE_SETVBUF was left out from src/main.c which made -N not work. Found out
  9307. by M T.
  9308. Daniel (26 Jun 2002)
  9309. - Glen Nakamura solved a crash in the name resolving function for IP-only
  9310. addresses on Alpha Linux (at least).
  9311. - T. Bharath corrected the high resolution timer introduced in 7.9.8.
  9312. Daniel (22 Jun 2002)
  9313. - Andrés García pointed out man page errors in curl_formadd.3. I fixed.
  9314. Daniel (19 Jun 2002)
  9315. - Chris Combes pointed out a flaw in curl_escape(). I fixed. We no longer
  9316. tries to generate nor parse '+' in URLs. Spaces become %20, and only %-codes
  9317. are translated by curl_unescape().
  9318. Daniel (15 Jun 2002)
  9319. - Added --limit-rate to the curl tool. Allows the user to set a maxmimum
  9320. upper limit to how much bandwidth to use for transfers.
  9321. - CURLOPT_BUFFERSIZE was added to libcurl. This sets a prefered size for the
  9322. receive buffer in libcurl. The main point of this would be that the write
  9323. callback gets called more often and with smaller chunks.
  9324. Daniel (14 Jun 2002)
  9325. - Yarram Sunil found out that the SocketIsDead() function performed a lot
  9326. faster on Windows when removing the 1 microsecond timeout.
  9327. - Hanno L. Kranzhoff fixed the VC++ project files.
  9328. - Tom Mattison found out that ftp transfers closed the connection a little
  9329. too often.
  9330. - Miklos Nemeth posted a VC++ makefile fix and some INSTALL comments on how
  9331. to disable specific protocols when building for Windows.
  9332. Version 7.9.8
  9333. Daniel (13 Jun 2002)
  9334. - Time to let this baby go.
  9335. Daniel (12 Jun 2002)
  9336. - Chris Combes added three new options for curl_formadd(): CURLFORM_BUFFER,
  9337. CURLFORM_BUFFERPTR, CURLFORM_BUFFERLENGTH. They are used to create a
  9338. multipart that appears as a regular file upload, but the data is provided
  9339. with a pointer and length.
  9340. - Nico Baggus made the VMS version use sigsetjmp() too.
  9341. - Jörn Hartroth fixed the mingw32 build using the mm lib.
  9342. - Applied patches by Kris Kennaway that correct format string problems in
  9343. lib/ftp.c and lib/ldap.c.
  9344. Version 7.9.8-pre3
  9345. Daniel (11 Jun 2002)
  9346. - James Cone brought the idea of using sigsetjmp() in the signal handler to
  9347. make the time-out of name lookups to work, even when the underlying name
  9348. resolver library traps EINTR. The use of sigsetjmp() and siglongjmp() for
  9349. this may be a bit drastic, and also not likely to exist on all platforms. I
  9350. added careful checking for this in the configure script, even checks for it
  9351. being a macro (which seems to be the case in for example Linux).
  9352. sigsetjmp() seems to be mentioned in the Single Unix specification.
  9353. - Miklos Nemeth brought a patch that allows libcurl to get built with specific
  9354. protocols disabled. This is done by running ./configure
  9355. --disable-[protocol].
  9356. - FTP range downloads could make CURLE_FTP_WRITE_ERROR get returned. We now
  9357. make precautions to not return this for range downloads.
  9358. Added test case 135 that makes an ftp range download. Had to tweak the
  9359. runtests.pl script a bit too.
  9360. - Bug report #566835 identified a strlen() on a NULL pointer. Added additional
  9361. check to prevent this.
  9362. Daniel (10 Jun 2002)
  9363. - Found and corrected a connect failure problem that didn't create a human
  9364. error text.
  9365. - Added code to compile with OpenSSL 0.9.7. Based on patch from Jacob Meuser
  9366. and comments from Götz Babin-Ebell.
  9367. - Gautam Mani found a socket descriptor leak that happened when FTP transfers
  9368. failed and you reinvoked curl_easy_perform().
  9369. Daniel (5 Jun 2002)
  9370. - Gustaf Hui corrected curl_multi_remove_handle() so that it won't crash no
  9371. matter when you decide to remove the CURL handle.
  9372. - HAVE_RAND_STATUS was added to lib/config-win32.h by Andreas Olsson, as it
  9373. makes windows builds stop complaining about "weak seeding" when it in fact
  9374. isn't.
  9375. - Another 64bit architecture crash that was introduced in 7.9.7 was now
  9376. removed, as bug report #564585 clarified. This happened due to our attempts
  9377. to only allocate only as much memory as is actually needed for name
  9378. resolving (using realloc) which called for a function that could 'move' a
  9379. hostent struct in memory.
  9380. Version 7.9.8-pre2
  9381. Daniel (3 Jun 2002)
  9382. - T. Bharath fixed the CURLINFO_REDIRECT_TIME to return a correct time and
  9383. made the CURLINFO_REQUEST_SIZE return the correct total request size. He
  9384. also made the win32 timers use higher resolution than before.
  9385. Daniel (29 May 2002)
  9386. - Renaud Chaillat made me aware of the fact that libcurl returned an error if
  9387. you tried to get an empty FTP file. This seemed like a wrong thing to do, so
  9388. now it no longer does that! I just hope that no one built anything fancy
  9389. upon this unexpected behavior...
  9390. Daniel (28 May 2002)
  9391. - Cris Bailiff brought CURLOPT_CAPATH that works like CURLOPT_CAINFO but
  9392. specifies a path to a directory with certificates rather than a single file
  9393. with them all concatenated. --capath was added to the command line tool
  9394. for the same function.
  9395. Windows users need to pay attention that the directory should be setup with
  9396. the c_rehash tool of the OpenSSL package, and that creates symlinks by
  9397. default that need to be replaced with actual copies to work on Windows.
  9398. - Gustaf Hui provided new code that changes how curl_multi_info_read()
  9399. messages are stored, so that they don't have to be kept around for the multi
  9400. handle's entire life time. He also made it return failure codes properly
  9401. which it didn't do before.
  9402. Daniel (27 May 2002)
  9403. - Gustaf Hui pointed out that running curl_multi_perform() without doing
  9404. curl_multi_fdset() first was not really a working combo. I added an internal
  9405. check for this and have some extra select() code without timeout to make the
  9406. library internals work identically nevertheless. We might need to somehow
  9407. either document that once you've used the *_fdset() you should remain using
  9408. them in select() or you should blank them somehow so that libcurl won't go
  9409. crazy.
  9410. Version 7.9.8-pre1
  9411. Daniel (22 May 2002)
  9412. - James Cone brought an excellent patch, including several tests and docs!
  9413. CURLOPT_NETRC now takes an enum as argument instead of the previous boolean.
  9414. --netrc-optional was introduced as an addition to --netrc to allow the
  9415. command line client to take use of all that new netrc stuff.
  9416. - Bug report #558888 showed a case where libcurl re-used the previous host
  9417. name when a connection over a proxy was re-used but to a different target
  9418. host.
  9419. Daniel (21 May 2002)
  9420. - Edin Kadribasic helped me sort out a problem to made libcurl crash when
  9421. trying to HTTP POST an empty string.
  9422. - Clarified that Juergen Wilke donated the original tests/server/sws.c code.
  9423. - Jean-Philippe Barrette-LaPierre made curl_formadd() return a typedef named
  9424. CURLFORMcode instead of the previous 'int', and the various return codes are
  9425. now globally exported. It allows applications to better figure out what goes
  9426. wrong when curl_formadd() returns errors.
  9427. Daniel (20 May 2002)
  9428. - Roland Zimmermann pointed out that SSL_CTX_use_certificate_chain_file()
  9429. is prefered to SSL_CTX_use_certificate_file().
  9430. Daniel (17 May 2002)
  9431. - Bug report #556869 pointed out that src/writeout.c didn't compile on freebsd
  9432. after my AIX fixes the other week.
  9433. - Bug report #556930 pointed out a FreeBSD core dump introduced in 7.9.7 in
  9434. the DNS struct realloc stuff. Actually, this crash could happen on all
  9435. systems that made the pack_hostent() function get invoked.
  9436. - I removed several compiler warnings in the test suite's HTTP server.
  9437. Version 7.9.7
  9438. Daniel (10 May 2002)
  9439. - Kevin Roth adjusted the --trace-ascii output slightly.
  9440. - Paul Harrington found out that src/writeout.c needed an additional header
  9441. file included for AIX builds
  9442. Version 7.9.7-pre2
  9443. Daniel (7 May 2002)
  9444. - Updated the man page with --trace-ascii and -j/--junk-session-cookies.
  9445. - Made --trace-ascii do pretty much the same as --trace but without the hex
  9446. part in the output.
  9447. - Added CURLOPT_COOKIESESSION that when enabled makes libcurl ignore session
  9448. cookies read from a file. This option is enforced by the curl command line
  9449. tool using the new -j/--junk-session-cookies option. After discussions with
  9450. Kevin Roth. This makes it easier to use curl to fully emulate a browser's
  9451. behavior, even when it comes to "session cookies". Session cookies are
  9452. cookies that a normal browser discards when the browser is shut
  9453. down. They're identified by not having any expire date/time.
  9454. - When CURLOPT_DEBUGDATA was set, it ruined the CURLOPT_STDERR setting and
  9455. this was discovered when --trace was made to crash.
  9456. - Using -v and --trace at the same time confused matters. -v is now pretty
  9457. much ignored when --trace or --trace-ascii is used.
  9458. - Made --trace (and --trace-ascii) support - as file name to pass output to
  9459. stdout instead. It makes it consistent with how other options work.
  9460. Version 7.9.7-pre1
  9461. Daniel (6 May 2002)
  9462. - Added multi-post.c to the examples directory. I got the basic source for
  9463. this from Gustaf Hui.
  9464. Daniel (3 May 2002)
  9465. - CURL_MAX_WRITE_SIZE is now an exported #define in the curl/curl.h header and
  9466. can be used to figure out the maximum buffer size your write callback can
  9467. get.
  9468. - CURLOPT_READDATA is now an alias for CURLOPT_INFILE and CURLOPT_WRITEDATE is
  9469. an alias for CURLOPT_FILE. These two were added for conformity. Most other
  9470. callback function's userdata are provided with options using a similar name-
  9471. scheme.
  9472. - Added "--trace [file]" to the command line tool. It makes a very detailed
  9473. trace dump get stored, with a full protocol dump that includes all received
  9474. and transmitted data. This could be a very effective tool for debugging what
  9475. goes wrong. This dump includes every byte the way it is sent to/received
  9476. from the server. The dump is the plain-text version, so SSL transfers will
  9477. still be readable.
  9478. - I found out that the DEBUGFUNCTION was not called properly everywhere as we
  9479. wanted it to. I fixed it.
  9480. - -D now stores all headers to the same file if multiple URLs are given on the
  9481. command line! Kevin Roth made me aware of that it didn't already do this!
  9482. - Gustaf Hui wrote an excellent formpost example that used the multi
  9483. interface. Unfortunately, it didn't work due to several bugs in how
  9484. transfers were made when the multi interface was used.
  9485. Daniel (2 May 2002)
  9486. - Hanno Kranzhoff found out that when doing multiple transfers on the same
  9487. easy handle, the progress meter would show a bad "currently downloaded
  9488. value" when the transfer starts.
  9489. Daniel (1 May 2002)
  9490. - Applied another patch by Jacky Lam to make the name resolve info realloc()
  9491. stuff work properly.
  9492. Daniel (28 April 2002)
  9493. - curl_multi_info_read() is now implemented!
  9494. Daniel (27 April 2002)
  9495. - Updated BUGS, TODO, FAQ, INSTALL and added BINDINGS.
  9496. - I think I fixed the DNS cache prune crach Jacky Lam found and reported.
  9497. - I cleaned up the name prefix stuff in the hash and llist modules.
  9498. - FTP responses should now be better on timing out properly. The timeout value
  9499. is maximum timeout for the entire request operation, but before this, the
  9500. timeout was used as a maximum allowed time between two reads...
  9501. Daniel (26 April 2002)
  9502. - Fixed the test suite http server to not use snprintf() anymore due to better
  9503. portability.
  9504. Daniel (25 April 2002)
  9505. - With Sterling Hughes' new DNS pruning, Jacky Lam asked if this wouldn't
  9506. cause problems since the pruning is only checking the entry time, and it
  9507. sure could cause problems. Therefor, I've now added and changed code so that
  9508. this should not be a problem. Nowhere in the code will be store name
  9509. resolved information around so that a sunsequent DNS cache prune should
  9510. cause a problem. This of course called for some mild internal changes.
  9511. Daniel (23 April 2002)
  9512. - Improved the 'no_proxy' check, as using port numbers in the URL confused it
  9513. previously. Reported by Erwan Legrand in bug report #547484.
  9514. - The --interface option now works even on IPv6 enabled builds. Reported by
  9515. 'thor'.
  9516. Daniel (22 April 2002)
  9517. - The #defines names starting with TIMECOND now has CURL_ prefixes. (The old
  9518. names are still #defined too.) Pointed out by Robert Olson.
  9519. - Jacky Lam brought code that lets the name resolve function only use as much
  9520. memory as it actually needs. This only works on certain operating systems,
  9521. but is totally transparant to all users.
  9522. Daniel (19 April 2002)
  9523. - Bjorn Reese fixed pack_hostent to work properly with 64 bit pointers.
  9524. Daniel (18 April 2002)
  9525. - Sterling Hughes added code to prune old DNS cache entries, since Jacky Lam
  9526. experienced very big caches.
  9527. Daniel (17 April 2002)
  9528. - Dirk Manske patched the 301 response to work against the RFC but more like
  9529. common browsers do. If a POST get a 301 back, it'll switch to GET in the
  9530. next request (if location-following is enabled).
  9531. Daniel (16 April 2002)
  9532. - Dirk Manske posted a patch originally written by Ingo Wilken that introduced
  9533. two new CURLINFO_* values: CURLINFO_REDIRECT_TIME and
  9534. CURLINFO_REDIRECT_COUNT.
  9535. Daniel (15 April 2002)
  9536. - Jonatan Lander patched the verbose text 'Disables POST, goes with GET' to
  9537. reflect reality better, like when the first request isn't POST and when
  9538. the second isn't GET... :-)
  9539. - Craig Davison pointed out that when curl_formadd()ing a file that doesn't
  9540. exist, libcurl doesn't return error. Now, curl_easy_perform() will return
  9541. CURLE_READ_ERROR if that is the case. Test 41 was added to verify this.
  9542. Version 7.9.6
  9543. Daniel (14 April 2002)
  9544. - Dirk Manske brought a fix that makes libcurl strip off white spaces from the
  9545. beginning of cookie contents.
  9546. - Had to patch include/curl/curl.h since MSVC doesn't set the __STDC__ define.
  9547. Moonesamy pointed out the problem, Bjorn Reese the solution.
  9548. Version 7.9.6-pre5
  9549. Daniel (12 April 2002)
  9550. - Fixed the TIMER_CONNECT to be more accurate for FTP transfers. Previously
  9551. FTP transfers got the "connect done" time set after the initial FTP commands
  9552. and not directly after the TCP/IP connect as it should.
  9553. I also made the time stamp get set even if the connect itself fails, which
  9554. it didn't do previously.
  9555. - Jean-Philippe Barrette-LaPierre provided his patch that introduces
  9556. CURLOPT_DEBUGFUNCTION and CURLOPT_DEBUGDATA. They allow a program to a set a
  9557. callback to receive debug/information data. That includes headers and data
  9558. that is received and sent. CURLOPT_VERBOSE still controls it.
  9559. By default, there is an internal debugfunction that will make things look
  9560. and work as before if not changed.
  9561. Daniel (10 April 2002)
  9562. - Sebastien Willemijns found out that -x didn't use the default port number as
  9563. is documented. It does now.
  9564. - libcurl-errors.3 is a new man page attempting to document all libcurl error
  9565. codes
  9566. - Added two new error codes and changed the behaviour of two old ones
  9567. slightly:
  9568. CURLE_WRITE_ERROR
  9569. This error was returned *both* for errors that occured when writing
  9570. received data to a local file, as well as when we get problems writing data
  9571. to a remote server. CURLE_SEND_ERROR has now been added for the latter
  9572. error.
  9573. CURLE_READ_ERROR
  9574. This error was similarly returned *both* for errors when reading a local
  9575. file, as well as when getting problems when reading network data.
  9576. CURLE_RECV_ERROR has now been added for the latter error.
  9577. (Two test cases were adjusted accordingly.)
  9578. Daniel (9 April 2002)
  9579. - runtests.pl now sets the HOME variable before running curl, to prevent any
  9580. actual ~/.curlrc file to fool the tests!
  9581. Version 7.9.6-pre4
  9582. Daniel (8 April 2002)
  9583. - Michael Curtis provided new functionality for curl on some platforms. Using
  9584. the --environment option, curl will *set* a bunch of environment variables
  9585. to values. The names are the same ones as for the -w/--writeout option.
  9586. For now, this only works on the RISC OS version, as this feature relies on
  9587. both OS support and that it matches OS paradigms.
  9588. - Jacky Lam provided a fix for getting headers-only when the reply is HTTP/1.0
  9589. and 304, I edited it slightly.
  9590. Daniel (5 April 2002)
  9591. - As requested by Jay Graves, the '.curlrc' file (or _curlrc as it is called
  9592. when used in windows), is now loaded from the current directory if the HOME
  9593. environment variable isn't set (or if it is too long). I also enlarged the
  9594. array used to store the full file path in, to 512 bytes.
  9595. - Kevin Roth pointed out to me why the "19 March" change regarding -G and -I
  9596. was stupid and the change was reverted. Added test case 48 to verify the
  9597. functionality.
  9598. Version 7.9.6-pre3
  9599. Daniel (4 April 2002)
  9600. - Jonatan Lander brought a patch that makes curl/curl.h compile nicely on
  9601. pre-ISO compilers, like when using gcc -traditional.
  9602. Daniel (3 April 2002)
  9603. - Jacky Lam identified a glitch when getting headers-only, where libcurl would
  9604. "hang" 1 second in vain in the select() loop before returning back.
  9605. - Tor Arntsen brought a patch for multipart formposts. It turned out that the
  9606. "CGI_Lite Perl package" makes some bad assumptions on what letters that may
  9607. be used in boundary strings and thus curl could confuse it by including '+'
  9608. and '/'. While this is standards-compliant, we change the behavior to work
  9609. smoothly with existing software based on that package.
  9610. Daniel (2 April 2002)
  9611. - Gerhard Herre filed bug report #536238 where he pointed out a crash in
  9612. verbose FTP passive transfers for AIX.
  9613. - Clarence Gardner pointed out a minor flaw in how libcurl didn't properly
  9614. take care of all errors that SSL_read() could return.
  9615. - Jacky Lam fixed a MALLOCDEBUG problem in lib/getinfo.c
  9616. Daniel (27 March 2002)
  9617. - T. Bharath pointed out a flaw in the connection re-use function that didn't
  9618. check proxy connections properly for "deadness" before they were re-used.
  9619. - Pedro Neves found out that HTTP POSTing with --data-binary did not properly
  9620. work under Windows as the file specified wasn't read fully binary!
  9621. Daniel (25 March 2002)
  9622. - Jacky Lam brought a fix that improves treatment of cookies using identical
  9623. domains but with leading dots properly.
  9624. Daniel (22 March 2002)
  9625. - Miklos Nemeth updated the windows section of the docs/INSTALL file and the
  9626. windows makefiles.
  9627. - Jon Dillon provided us with several good-looking curl images for
  9628. promotion. View them here http://curl.haxx.se/icons.html
  9629. Daniel (20 March 2002)
  9630. - Peter Verhas found out that CRLF replacement in uploads was not working. I
  9631. fixed it, and added test case 128 that verifies the functionality.
  9632. - The list formerly known as curl-main is now named curl-users and is hosted
  9633. by sourceforge. Susbcribe to the new list, get off the old one.
  9634. Version 7.9.6-pre2
  9635. Daniel (19 March 2002)
  9636. - Made -G and -I on the same command line cause an error.
  9637. - Moved the multi.h file to the "public" include directory and made it get
  9638. included by curl.h so that no extra include files will be necessary to use
  9639. it.
  9640. Added docs and man pages for the multi interface to the release archive.
  9641. Added the three example source codes too.
  9642. Necessary steps in my campaign to sneak in the multi interface... ;-)
  9643. - Updated the year in all copyright notices in all C and H files.
  9644. Daniel (18 March 2002)
  9645. - Tomas Szepe found out that -d and -G didn't mix as they should. I broke this
  9646. in 7.9.5... Added test case 32 for this.
  9647. Version 7.9.6-pre1
  9648. Daniel (16 March 2002)
  9649. - Peter Verhas pointed out that the curl_escape and curl_unscape man pages
  9650. contained factual errors.
  9651. - Albert Choy found and corrected a problem with the verbose output when doing
  9652. PASV ftp transfers. It could make libcurl crash.
  9653. Details in bug report #530562:
  9654. http://sourceforge.net/tracker/?func=detail&atid=100976&aid=530562&group_id=976
  9655. Daniel (15 March 2002)
  9656. - Jun-ichiro itojun Hagino filed bug report #530204 that clearly pointed out
  9657. the PF_INET fix from February 19 as a not-very-good fix as it broke IPv6
  9658. capability! That patch is now reverted.
  9659. The problem with slow name lookups with getaddrinfo() on non-IPv6 enabled
  9660. hosts are instead made by first checking if the stack is IPv6-enabled and if
  9661. not, the PF_INET is used and otherwise we go with the full PF_UNSPEC.
  9662. - T. Bharath pointed out that when we return an "error" from a WRITEFUNCTION
  9663. as described in the man page, libcurl did not return the documented error
  9664. code (CURLE_WRITE_ERROR) but would instead return CURLE_READ_ERROR. This is
  9665. now corrected.
  9666. Daniel (14 March 2002)
  9667. - Setting CURLOPT_POST without setting CURLOPT_POSTFIELDS now read the POST-
  9668. data from the callback.
  9669. - The GOPHER support seems to be broken. I don't think I'll even start fixing
  9670. it until someone else finds out... :-)
  9671. Daniel (13 March 2002)
  9672. - Trying 'curl -I ftp.sunet.se' or similar did a SIZE on a silly "(nil)"
  9673. string. If such a file would be present, curl returned the size of it! Now
  9674. we prevent this.
  9675. - Curl_sendf() was fixed to deal with situation where Curl_write() would've
  9676. blocked and thus return -1.
  9677. - Setting CURLOPT_PROGRESSFUNCTION to NULL now restores the internal function.
  9678. - All CURLFORM_* options can now be used in a CURLFORM_ARRAY except the
  9679. CURLFORM_ARRAY itself. This was necessary since we couldn't expand the
  9680. CURLFORM_* list proprely and unrestricted until this was the case. It was
  9681. also a bit peculiar to users why some options could be used in an array
  9682. while others couldn't.
  9683. - Removed some silly CRLF lines that had accidentally slipped into src/main.c
  9684. Nico Baggus pointed them out to me.
  9685. Daniel (11 March 2002)
  9686. - CURLFORM_FILENAME was added. This can be set when creating a file upload
  9687. part, to set the 'filename' field to a custom value. If this isn't used,
  9688. the actually used filename will be included instead (as libcurl always has
  9689. done). curl was adjusted accordingly, and now -F accepts a 'filename=' field
  9690. too, and allows constructs such as:
  9691. -F 'name=@filename;filename=/dev/null'
  9692. and this can be combined with type= too, in a manner similar to:
  9693. -F "file=@log/test39.txt;filename=fakerfile;type=moo/foobar"
  9694. Test case 39 was added to verify this functionality.
  9695. - The struct formerly known as HttpPost is now named curl_httppost to properly
  9696. use the curl name space. I added a #define for the old name to make existing
  9697. programs compile even when this new include file is used.
  9698. Daniel (8 March 2002)
  9699. - Clifford also discovered that if the client code failed early, as when doing
  9700. "curl -O" only, it would do fclose(NULL) which caused a segmentation fault
  9701. on some systems.
  9702. - Clifford Wolf provided a patch that made --progress-bar work again.
  9703. - I closed bug report #527032 by making sure that we add a newline after a
  9704. transfer when --progress-bar has been used. Before, without the newline, it
  9705. made the subsequent text come out wrong.
  9706. Version 7.9.5
  9707. Daniel (7 March 2002)
  9708. - Added docs/KNOWN_BUGS to the release archive.
  9709. Daniel (6 March 2002)
  9710. - Kevin Roth corrected a flaw in the curl client globbing code that made it
  9711. mess up backslashes. This was most notable on windows (cygwin) machines when
  9712. using file://.
  9713. - Brad provided another fix for building outside the source-tree.
  9714. - Ralph Mitchell patched away a few compiler warnings in tests/server/sws.c
  9715. Daniel (5 March 2002)
  9716. - I noticed that the typedef in curl.h for the progress callback prototype was
  9717. wrong and thus applications that used it would not get the proper input
  9718. data. It used size_t where the implementation actually uses doubles!
  9719. I wish I could blame someone else, but this was my fault. Again.
  9720. Version 7.9.5-pre6
  9721. Daniel (4 March 2002)
  9722. - Cut off the changes done during 2001 from this changelog file and put them
  9723. in a separate file (CHANGES.2001), available from CVS of course.
  9724. - I removed the multi directory. The example sources were moved to the
  9725. docs/examples directory where they belong.
  9726. - Wrote 7 new man pages for the current functions in the new multi interface.
  9727. They're all still pretty basic, but we can use them as a start and add more
  9728. contents to them when we figure out what to write. The large amount of man
  9729. pages for libcurl now present made me decide to put them in a new separate
  9730. subdirectory in the docs directory. Named libcurl.
  9731. - Giuseppe Corbelli provided a template file for the EPM package manager, it
  9732. gets generated nicely by the configure script now.
  9733. Version 7.9.5-pre5
  9734. Daniel (1 March 2002)
  9735. - Moved the memanalyze.pl script into the tests/ dir and added it to the
  9736. release archives. It was previously only present in the CVS tree.
  9737. - Modified the February 17th Host: fix, as bug report #523718 pointed out that
  9738. it caused crashes!
  9739. - Nico Baggus added more error codes to the VMS stuff.
  9740. - Wesley Laxton brought the code that introduced the new CURLOPT_PREQUOTE
  9741. option. It is just another FTP quote option that allows the user to specify
  9742. a list of FTP commands to issue *just before* the transfer command (RETR or
  9743. STOR etc). It has turned up a few systems that really need this.
  9744. The curl command line tool can also take advantage of this by prefixing the
  9745. quote commands with a plus (+) in similar style that post transfer quote
  9746. commands are specified.
  9747. This is not yet documented. There is no test case for this yet.
  9748. Daniel (28 February 2002)
  9749. - Ralph Mitchell made some serious efforts and put a lot of sweat in setting
  9750. up scripts and things for me to be able to repeat his problems, and I
  9751. finally could. I found a problem with the header byte counter that wasn't
  9752. increased properly and thus we could return CURLE_GOT_NOTHING when we in
  9753. fact had received data.
  9754. Daniel (27 February 2002)
  9755. - I had to revert the non-space parsing cookie fix I posted to the mailing
  9756. list. Expire dates do have spaces and still need to get parsed properly!
  9757. Instead we just ignore trailing white space and it seems to work...
  9758. Daniel (26 February 2002)
  9759. - Made the cookie property 'Max-Age' work, just since we already tried to
  9760. support it, it is better to do it right. No one uses this anyway.
  9761. - The cookie parser could crash if a really weird (illegal) cookie line was
  9762. received. I also made it better discard really oddly formatted lines better.
  9763. Made the cookie jar store the second field from the left using the syntax
  9764. that Netscape and Mozilla probably like. Curl itself ignores it.
  9765. Added test case 31 for these cases.
  9766. Clay Loveless' email regarding some cookie issues started my cleanup.
  9767. - Kevin Roth pointed out that my automake fiddles broke the ability to build
  9768. outside the source-tree and I posted a patch to the mailing list that brings
  9769. this ability back.
  9770. Version 7.9.5-pre4
  9771. Daniel (25 February 2002)
  9772. - Fiddled with the automake files to make all source files in the lib
  9773. directory not have ../src in the include path, and the src sources shouldn't
  9774. have ../lib!
  9775. - All 79 test cases ran OK under Linux and Solaris using the new HTTP server
  9776. in the test suite. The new HTTP server was first donated by Georg Horn and
  9777. subsequently modified to work with the test suite. It is currently still not
  9778. portable enough to run on "all over" but this is a start and I can run all
  9779. curl tests on my machines. This is an important requirement for the upcoming
  9780. public release.
  9781. - Using -d and -I on the same command line now reports an error, as it implies
  9782. two different HTTP requests that can't be mixed.
  9783. - Jeffrey Pohlmeyer provided a patch that made the -w/--write-out option
  9784. support %{content_type} to get the content type of the recent download.
  9785. - Kevin Roth reported that pre2 and pre3 didn't compile properly on cygwin,
  9786. and this was because I used #ifdef HAVE_WINSOCK_H in lib/multi.h to figure
  9787. out if we could include winsock.h which turns out not to be a wise choice to
  9788. do on cygwin since it has the file but can't include it!
  9789. Daniel (22 February 2002)
  9790. - Added src/config-vms.h to the release archive.
  9791. - Fixed the connection timeout value again, the change from February 18 wasn't
  9792. complete.
  9793. Version 7.9.5-pre3
  9794. Daniel (21 February 2002)
  9795. - Kevin Roth and Andrés García both found out that lib/config.h.in was missing
  9796. in the pre-release archive and thus the configure script failed.
  9797. Version 7.9.5-pre2
  9798. Daniel (20 February 2002)
  9799. - Andrés García provided a solution to bug report #515228. the total time
  9800. counter was not set correctly when -I was used during some conditions (all
  9801. headers were read in one single read).
  9802. - Nico Baggus provided a huge patch with minor tweaks all over to make curl
  9803. compile nicely on VMS.
  9804. Daniel (19 February 2002)
  9805. - Rick Richardson found out that by replacing PF_UNSPEC with PF_INET in the
  9806. getaddrinfo() calls, he could speed up some name resolving calls with an
  9807. order of magnitudes on his Redhat Linux 7.2.
  9808. - Philip Gladstone found a second INADDR_NONE problem where we used long
  9809. intead of in_addr_t which caused 64bit problemos. We really shouldn't define
  9810. that on two different places.
  9811. Daniel (18 February 2002)
  9812. - Philip Gladstone found a problem in how HTTP requests were sent if the
  9813. request couldn't be sent all at once.
  9814. - Emil found and corrected a bad connection timeout comparison that made curl
  9815. use the longest of connect-timeout and timout as a timeout value, instead of
  9816. the shortest as it was supposed to!
  9817. - Aron Roberts provided updated information about LDAP URL syntax to go into
  9818. the manual as a replacement for the old references.
  9819. Daniel (17 February 2002)
  9820. - Philip Gladstone pointed out two missing include files that made curl core
  9821. dump on 64bit architectures. We need to pay more attention on these details.
  9822. It is *lethal* to for example forget the malloc() prototype, as 'int' is
  9823. 32bit and malloc() must return a 64bit pointer on these platforms.
  9824. - Giaslas Georgios fixed a problem with Host: headers on repeated requests on
  9825. the same handle using a proxy.
  9826. Daniel (8 February 2002)
  9827. - Hanno L. Kranzhoff accurately found out that disabling the Expect: header
  9828. when doing multipart formposts didn't work very well. It disabled other
  9829. parts of the request header too, resulting in a broken header. When I fixed
  9830. this, I also noticed that the Content-Type wasn't possible to disable. It is
  9831. now, even though it probably is really stupid to try to do this (because of
  9832. the boundary string that is included in the internally generated header,
  9833. used as form part separator.)
  9834. Daniel (7 February 2002)
  9835. - I moved the config*.h files from the root directory to the lib/ directory.
  9836. - I've added the new test suite HTTP server to the CVS repository, It seems to
  9837. work pretty good now, but we must make it get used by the test scripts
  9838. properly and then we need to make sure that it compiles, builds and runs on
  9839. most operating systems.
  9840. Version 7.9.5-pre1
  9841. Daniel (6 February 2002)
  9842. - Miklos Nemeth provided updated windows makefiles and INSTALL docs.
  9843. - Mr Larry Fahnoe found a problem with formposts and I managed to track down
  9844. and patch this bug. This was actually two bugs, as the posted size was also
  9845. said to be two bytes too large.
  9846. - Brent Beardsley found out and brought a correction for the
  9847. CURLINFO_CONTENT_TYPE parser that was off one byte. This was my fault, I
  9848. accidentaly broke Giaslas Georgios' patch.
  9849. Daniel (5 February 2002)
  9850. - Kevin Roth found yet another SSL download problem.
  9851. Version 7.9.4
  9852. - no changes since pre-release
  9853. Version 7.9.4-pre2
  9854. Daniel (3 February 2002)
  9855. - Eric Melville provided a few spelling corrections in the curl man page.
  9856. Daniel (1 February 2002)
  9857. - Andreas Damm corrected the unconditional use of gmtime() in getdate, it now
  9858. uses gmtime_r() on all hosts that have it.
  9859. Daniel (31 January 2002)
  9860. - An anonymous bug report identified a problem in the DNS caching which made it
  9861. sometimes allocate one byte too little to store the cache entry in. This
  9862. happened when the port number started with 1!
  9863. - Albert Chin provided a patch that improves the gethostbyname_r() configure
  9864. check on HP-UX 11.00.
  9865. Version 7.9.4-pre1
  9866. Daniel (30 January 2002)
  9867. - Georg Horn found another way the SSL reading failed due to the non-blocking
  9868. state of the sockets! I fixed.
  9869. Daniel (29 January 2002)
  9870. - Multipart formposts now send the full request properly, including the CRLF.
  9871. They were previously treated as part of the post data.
  9872. - The upload byte counter bugged.
  9873. - T. Bharath pointed out that we seed SSL on every connect, which is a time-
  9874. consuming operation that should only be needed to do once. We patched
  9875. libcurl to now only seed on the first connect when unseeded. The seeded
  9876. status is global so it'll now only happen once during a program's life time.
  9877. If the random_file or egdsocket is set, the seed will be re-made though.
  9878. - Giaslas Georgios introduced CURLINFO_CONTENT_TYPE that lets
  9879. curl_easy_getinfo() read the content-type from the previous request.
  9880. Daniel (28 January 2002)
  9881. - Kjetil Jacobsen found a way to crash curl and after much debugging, it
  9882. turned out it was a IPv4-linux only problem introduced in 7.9.3 related to
  9883. name resolving.
  9884. - Andreas Damm posted a huge patch that made the curl_getdate() function fully
  9885. reentrant!
  9886. - Steve Marx pointed out that you couldn't mix CURLOPT_CUSTOMREQUEST with
  9887. CURLOPT_POSTFIELDS. You can now!
  9888. Daniel (25 January 2002)
  9889. - Krishnendu Majumdar pointed out that the header length counter was not reset
  9890. between multiple requests on the same handle.
  9891. - Pedro Neves rightfully questioned why curl always append \r\n to the data
  9892. that is sent in HTTP POST requests. Unfortunately, this broke the test suite
  9893. as the test HTTP server is lame enough not to deal with this... :-O
  9894. - Following Location: headers when the connection didn't close didn't work as
  9895. libcurl didn't properly stop reading. This problem was added in 7.9.3 due to
  9896. the restructured internals. 'Frank' posted a bug report about this.
  9897. Daniel (24 January 2002)
  9898. - Kevin Roth very quickly spotted that we wrongly installed the example
  9899. programs that were built in the multi directory, when 'make install' was
  9900. used. :-/
  9901. Version 7.9.3
  9902. Daniel (23 January 2002)
  9903. - Andrés García found a persistancy problem when doing HTTP HEAD, that made
  9904. curl "hang" until the connection was closed by the server. This problem has
  9905. been introduced in 7.9.3 due to internal rewrites, this was not present in
  9906. 7.9.2.
  9907. Version 7.9.3-pre4
  9908. Daniel (19 January 2002)
  9909. - Antonio filed bug report #505514 and provided a fix! When doing multipart
  9910. formposts, libcurl would include an error text in the actual post if a
  9911. specified file wasn't found. This is not libcurl's job. Instead we add an
  9912. empty part.
  9913. Daniel (18 January 2002)
  9914. - Played around with stricter compiler warnings for gcc (when ./configure
  9915. --enable-debug is used) and changed some minor things to stop the warnings.
  9916. - Commented out the 'long long' and 'long double' checks in configure.in, as
  9917. we don't currently use them anyway and the code in lib/mprintf.c that use
  9918. them causes warnings.
  9919. - Saul Good and jonatan pointed out Mac OS X build problems with pre3 and how
  9920. to correct them. Two compiler warnings were removed as well.
  9921. - Andrés García fixed two minor mingw32 building problems.
  9922. Version 7.9.3-pre3
  9923. Daniel (17 January 2002)
  9924. - docs/libcurl-the-guide is a new tutorial for our libcurl programming
  9925. friends.
  9926. - Richard Archer brought back the ability to compile and build with OpenSSL
  9927. versions before 0.9.5.
  9928. [http://sourceforge.net/tracker/?func=detail&atid=100976&aid=504163&group_id=976]
  9929. - The DNS cache code didn't take the port number into account, which made it
  9930. work rather bad on IPv6-enabled hosts (especially when doing passive
  9931. FTP). Sterling fixed it.
  9932. Daniel (16 January 2002)
  9933. - Georg Horn could make a transfer time-out without error text. I found it and
  9934. corrected it.
  9935. - SSL writes didn't work, they return an uninitialized value that caused
  9936. havoc all over. Georg Horn experienced this.
  9937. - Kevin Roth patched the curl_version() function to use the proper OpenSSL
  9938. function for version information. This way, curl will report the version of
  9939. the SSL library actually running right now, not the one that had its headers
  9940. installed when libcurl was built. Mainly intersting when running with shared
  9941. OpenSSL libraries.
  9942. Version 7.9.3-pre2
  9943. Daniel (16 January 2002)
  9944. - Mofied the main transfer loop and related stuff to deal with non-blocking
  9945. sockets in the upload section. While doing this, I've now separated the
  9946. connection oriented buffers to have one for downloads and one for uploads
  9947. (as two can happen simultaneously). I also shrunk the buffers to 20K
  9948. each. As we have a scratch buffer twice the size of the upload buffer, we
  9949. arrived at 80K for buffers compared with the previous 150K.
  9950. - Added the --cc option to curl-config command as it enables so very cool
  9951. one-liners. Have a go a this one, building the simple.c example:
  9952. $ `curl-config --cc --cflags --libs` -o example simple.c
  9953. Daniel (14 January 2002)
  9954. - I made all socket reads (recv) handle EWOULDBLOCK. I hope nicely. Now we
  9955. only need to address all writes (send) too and then I'm ready for another
  9956. pre-release...
  9957. - Stoned Elipot patched the in_addr_t configure test to make it work better on
  9958. more platforms.
  9959. Daniel (9 January 2002)
  9960. - Cris Bailiff found out that filling up curl's SSL session cache caused a
  9961. crash!
  9962. - Posted the curl questionnaire on the web site. If you haven't posted your
  9963. opinions there yet, go there and do it now while it is still there:
  9964. http://curl.haxx.se/q/
  9965. - Georg Horn quickly found out that the SSL reading no longer worked as
  9966. supposed since the switch to non-blocking sockets. I've made a quick patch
  9967. (for reading only) but we should improve it even further.
  9968. Version 7.9.3-pre1
  9969. Daniel (7 January 2002)
  9970. - I made the 'bool' typedef use an "unsigned char". It makes it the same on
  9971. all platforms, no matter what the platform thinks the default format for
  9972. char is. This was noticed since we made a silly comparison involving such a
  9973. bool variable, and only one compiler/platform combination (on Debian Linux)
  9974. complained about it (that happened to have its char unsigned by default).
  9975. - Bug report #495290 identified a cookie parsing problem that was corrected.
  9976. When a Set-Cookie: line is received without a trailing semicolon, libcurl
  9977. didn't read the last "name=value" pair of the line, leading to confusions...
  9978. - Sterling committed his updated DNS cache code.
  9979. - I worked with Georg Horn and comments from Götz Babin-Ebell and switched
  9980. curl's socket operations completely over to non-blocking for the entire
  9981. operation (previously we used non-blocking only for the connection phase).
  9982. We had to do this to make the SSL connection phase timeout properly without
  9983. the use of signals. A little extra code to deal with this was added.
  9984. - T. Bharath pointed out a slightly obscure cookie engine flaw.
  9985. - Pete Su pointed out that libcurl didn't treat HTTP code 204 as it should.
  9986. 204-replies never provides a response-body. This resulted in bad persistant
  9987. behavior when 204 was received.
  9988. Daniel (5 January 2002)
  9989. - SM updated the VC++ library Makefiles for the new source files.
  9990. Daniel (4 January 2002)
  9991. - I discovered that we wrongly used inet_ntoa() (instead of inet_ntoa_r() in
  9992. two places in the source code). One happened with VERBOSE set on connects,
  9993. and the other when VERBOSE was on and krb4 over nat was used... I honestly
  9994. don't think anyone has suffered from these mistakes.
  9995. - I replaced a lot of silly occurances of printf() to instead use the more
  9996. appropriate Curl_infof() or Curl_failf(). The krb4 and telnet code were
  9997. affected.
  9998. - Philip Gladstone found a few more problems with 64-bit archs (the 64-bit
  9999. sparc on solaris 8).
  10000. - After discussions on the libcurl list with Raoul Cridlig, I just made FTP
  10001. response lines get passed to the header callback if such a one is
  10002. registered. It'll make it possible for any application to get all the
  10003. responses an FTP server sends to libcurl.
  10004. Daniel (3 January 2002)
  10005. - Sterling Hughes brought a few buckets of code. Now, libcurl will
  10006. automatically cache DNS lookups and re-use the previous results first if any
  10007. such is available. It greatly improves speed when doing many repeated
  10008. operations to the same host.
  10009. - As the test case uses --include and then --head, I had to modify src/main.c
  10010. to deal with this situation slightly better than previously. When done, we
  10011. have 100% good tests again in the main branch.
  10012. Daniel (2 January 2002)
  10013. - Made test case 25 run again in the multi-dev branch. But it seems that the
  10014. changes done on dec-20 made test case 104 cease to work (in both branches).
  10015. - Philip Gladstone pointed out a few portability problems in the source code
  10016. that didn't compile on 64-bit sparcs using Sun's native compiler.
  10017. Daniel (20 December 2001)
  10018. - Björn Stenberg caught an unpleasent (but hard-to-find) bug that could cause
  10019. libcurl to hang on transfers over proxy, when the proxy was specified with
  10020. an environment variable!
  10021. - Added code to make ftp operations treat the NO_BODY and HEADERS options
  10022. better:
  10023. NO_BODY set TRUE and HEADERS set TRUE:
  10024. Return a set of headers with file info
  10025. NO_BODY set FALSE
  10026. Transfer data as usual, HEADERS is ignored
  10027. NO_BODY set TRUE and HEADERS set FALSE
  10028. Don't transfer any data, don't return any headers. Just perform the set
  10029. of FTP commands.
  10030. Daniel (17 December 2001)
  10031. - Götz Babin-Ebell dove into the dark dungeons of the OpenSSL ENGINE stuff and
  10032. made libcurl support it! This allows libcurl to do SSL connections with the
  10033. private key stored in external hardware.
  10034. To make this good, he had to add a bunch of new library options that'll be
  10035. useful to others as well:
  10036. CURLOPT_SSLCERTTYPE set SSL cert type (PEM/DER)
  10037. CURLOPT_SSLKEY set SSL private key (file)
  10038. CURLOPT_SSLKEYTYPE: set SSL key type (PEM/DER/ENG)
  10039. CURLOPT_SSLKEYPASSWD: set the passphrase for your private key
  10040. (CURLOPT_SSLCERTPASSWD is an alias)
  10041. CURLOPT_SSLENGINE: set the name of the crypto engine
  10042. (returns CURLE_SSL_ENGINE_NOTFOUND on error)
  10043. CURLOPT_SSLENGINE_DEFAULT: set the default engine
  10044. There are two new failure codes:
  10045. CURLE_SSL_ENGINE_NOTFOUND
  10046. CURLE_SSL_ENGINE_SETFAILED
  10047. Daniel (14 December 2001)
  10048. - We have "branched" the source-tree at a few places. Checkout the CVS sources
  10049. with the 'multi-dev' label to get the latest multi interface development
  10050. tree. The idea is to only branch affected files and to restrict the branch
  10051. to the v8 multi interface development only.
  10052. *NOTE* that if we get bug reports and patches etc, we might need to apply
  10053. them in both branches!
  10054. The multi-dev branch is what we are gonna use as main branch in the future
  10055. if it turns out successful. Thus, we must maintain both now in case we need
  10056. them. The current main branch will be used if we want to release a 7.9.3 or
  10057. perhaps a 7.10 release before version 8. Which is very likely.
  10058. - Marcus Webster provided code for the new CURLFORM_CONTENTHEADER option for
  10059. curl_formadd(), that lets an application add a set of headers for that
  10060. particular part in a multipart/form-post. He also provided a section to the
  10061. man page that describes the new option.
  10062. Daniel (11 December 2001)
  10063. - Ben Greear made me aware of the fact that the Curl_failf() usage internally
  10064. was a bit sloppy with adding newlines or not to the error messages. Let's
  10065. once and for all say that they do not belong there!
  10066. - When uploading files with -T to give a local file name, and you end the URL
  10067. with a slash to have the local file name used remote too, we now no longer
  10068. use the local directory as well. Only the file part of the -T file name
  10069. will be appended to the right of the slash in the URL.
  10070. Daniel (7 December 2001)
  10071. - Michal Bonino pointed out that Digital Unix doesn't have gmtime_r so the
  10072. link failed. Added a configure check and corrected source code.
  10073. Version 7.9.2
  10074. Daniel (5 December 2001)
  10075. - Jon Travis found out that if you used libcurl and CURLOPT_UPLOAD and then
  10076. on the same handle used CURLOPT_HTTPGET it would still attempt to upload.
  10077. His suggested fix was perfect.
  10078. Daniel (4 December 2001)
  10079. - Incorporated more macos fixes and added four specific files in a new
  10080. subdirectory below src.
  10081. Daniel (3 December 2001)
  10082. - Eric Lavigne reported two problems:
  10083. First one in the curl_strnequal() function. I think this problem is rather
  10084. macos 9 specific, as most platform provides a function to use instead of the
  10085. one provided by libcurl.
  10086. A second, more important, was in the way we take care of FTP responses. The
  10087. code would read a large chunk of data and search for the end-of-response
  10088. line within that chunk. When found, it would just skip the rest of the
  10089. data. However, when the network connections are special, or perhaps the
  10090. server is, we could actually get more than one response in that chunk of
  10091. data so that when the next invoke to this function was done, the response
  10092. had already been read and thrown away. Now, we cache the data not used in
  10093. one call, as it could be useful in the subsequent call. Test case 126 was
  10094. added and the test ftp server modified, to exercise this particular case.
  10095. Version 7.9.2-pre8
  10096. Daniel (2 December 2001)
  10097. - Bug report #487825 correctly identified a problem when using a proxy and
  10098. following a redirection from HTTP to HTTPS. libcurl then re-used the same
  10099. proxy connection but without doing a proper HTTPS request.
  10100. - Fixed win32 compiling quirks.
  10101. Version 7.9.2-pre7
  10102. Daniel (30 November 2001)
  10103. - Documented --disable-epsv and CURLOPT_FTP_USE_EPSV.
  10104. Daniel (29 November 2001)
  10105. - Added --disable-epsv as an option. When used, curl won't attempt to use the
  10106. EPSV command when doing passive FTP downloads. Wrote a test case for it.
  10107. - Eric provided a few more fixes for building on Macs. He also pointed out
  10108. a flaw in the signal handler restoration code.
  10109. Daniel (28 November 2001)
  10110. - Fiddled with some Tru64 problems reported by Dimitris Sarris. They appeared
  10111. only when using VERBOSE ftp transfers. Do we use a too small buffer for
  10112. gethostbyaddr_r(), was the lack of using in_addr_t wrong or is it that the
  10113. hostent struct must be blanked before use? With Dimitris help and these
  10114. patches, the problems seem to be history.
  10115. - CURLOPT_FTP_USE_EPSV was added and can be set to FALSE to prevent libcurl
  10116. from using the EPSV command before trying the normal PASV. Heikki Korpela
  10117. pointed out that some firewalls and similar don't like the EPSV so we must
  10118. be able to shut if off to work everywhere.
  10119. - I added a configure check for 'in_addr_t' and made the ftp code use that to
  10120. receive the inet_addr() return code in. Works on Solaris and Linux at
  10121. least. The Linux man page for inet_addr() doesn't even mention in_addr_t...
  10122. - Adjusted (almost) all FTP tests to the new command sequence.
  10123. - FTP command sequence changes:
  10124. EPSV is now always attempted before PASV. It is the final touch to make IPv6
  10125. passive FTP downloads to work, but EPSV is not restricted to IPv6 but works
  10126. fine with IPv4 too on the servers that support it.
  10127. SIZE is now always issued before RETR. It makes curl know the actual
  10128. download size before the download takes place, as it makes it less important
  10129. to find the size sent in RETR responses. Many sites don't include the size
  10130. in there.
  10131. Both these changes made it necessary to change the test suite's ftp server
  10132. code, and all FTP test cases need to be checked and adjusted!
  10133. Daniel (27 November 2001)
  10134. - Hans Steegers pointed out that the telnet code read from stdout, not stdin
  10135. as it is supposed to do!
  10136. Version 7.9.2-pre6
  10137. Daniel (27 November 2001)
  10138. - Eric Lavigne's minor changes to build on MacOS before OS X were applied.
  10139. - greep at mindspring.com provided a main index.html page for our release
  10140. archive docs directory. It just links to all the existing HTML files, but
  10141. I think it may come useful to people.
  10142. - There's now some initial code to support the EPSV FTP command. That should
  10143. be used to do passive transfers IPv6-style. The code is still #if 0'ed in
  10144. lib/ftp.c as I have no IPv6 ftp server to test this with.
  10145. Daniel (26 November 2001)
  10146. - Robert Schlabbach had problems to understand how to do resumed transfers,
  10147. and I clarified the man page -C section somewhat.
  10148. Version 7.9.2-pre5
  10149. Daniel (22 November 2001)
  10150. - Andrés García helped me out to track down the roots of bug report #479537,
  10151. which was concerning curl returning the wrong error code when failing to
  10152. connect. This didn't happen on all systems, and more specificly I've so far
  10153. only seen this happen on IPv4-only Linux hosts.
  10154. - I applied the fixes for the two bugs Eric Lavigne found when doing his MacOS
  10155. port. A missing comma in arpa_telnet.h and a pretty wild write in the FTP
  10156. response reader function. The latter write is however likely to occur in our
  10157. own buffer unless very big FTP server replies (>25K) are read. I've never
  10158. seen such a reply ever, so I think this is a relatively minor risk.
  10159. Daniel (21 November 2001)
  10160. - Moonesamy provided code to prevent junk from being output when libcurl
  10161. returns an error code but no error description and that corrects how make is
  10162. run in the Makefile.dist file (that appears as root Makefile in release
  10163. archives).
  10164. - Eric Lavigne mailed me bugfixes and patches for building libcurl on MacOS
  10165. (non-X).
  10166. - Kevin Roth modified the cygwin files once again, now to build against the
  10167. shared OpenSSL DLLs.
  10168. Version 7.9.2-pre4
  10169. Daniel (20 November 2001)
  10170. - Georg Horn brought a patch that introduced CURLINFO_STARTTRANSFER_TIME,
  10171. complete with man page updates!
  10172. Daniel (19 November 2001)
  10173. - Miklos Nemeth provided details enough to update the Borland makefile
  10174. properly.
  10175. - Lars M Gustafsson found a case with a bad free(). In fact, it was so bad I'm
  10176. amazed we never saw this before!
  10177. - Kevin Roth patched the cygwin Makfile.
  10178. Daniel (16 November 2001)
  10179. - Klevtsov Vadim fixed a bug in how time-conditionals were sent when doing
  10180. HTTP.
  10181. Version 7.9.2-pre3
  10182. Daniel (14 November 2001)
  10183. - Samuel Listopad patched away the problem with SSL we got when someone call
  10184. curl_global_init() => curl_global_cleanup() => curl_global_init(). The
  10185. second init would not "take" and SSL would be unusable with curl from that
  10186. point. This doesn't change the fact that calling the functions that way is
  10187. wrong. curl_global_init() should be called exactly once and not more.
  10188. Daniel (13 November 2001)
  10189. - Fixed some minor variable type mixups in ftp.c that caused compiler warnings
  10190. on HP-UX 11.00.
  10191. - The FTP fix I did yesterday used an uninitialized variable that caused
  10192. spurious errors when doing FTP.
  10193. Version 7.9.2-pre2
  10194. Daniel (12 November 2001)
  10195. - Ricardo Cadime fell over a multiple-requests problem when first a FTP
  10196. directory fetch failed and then a second request is made after that. The
  10197. second request happened to get the FTP server response back from the
  10198. previous request, when it did its initial CWD command.
  10199. - Bjorn Reese pointed out that we could improve the time diff function to
  10200. prevent truncation a bit.
  10201. - Kai-Uwe Rommel made me aware that -p (http proxy tunnel) silly enough didn't
  10202. work for plain HTTP requests! So I made that work.
  10203. Version 7.9.2-pre1
  10204. Daniel (12 November 2001)
  10205. - Rewrote the Curl_ConnectHTTPProxyTunnel(). It should now not only work a lot
  10206. faster, it should also support such ("broken") proxies that John Lask
  10207. previously have reported problems with. His proxy sends a trailing zero byte
  10208. after the end of the (proxy-) headers. I've tested this myself and it seems
  10209. to work on a proxy the previous version also worked with...! This rewrite is
  10210. due to the problems John Lask previously experienced.
  10211. - Andrés García found out why the "current speed" meter sometimes showed 2048K
  10212. for very quick transfers. It turned out the "time diff"-function returned a
  10213. zero millisecond diff. We now always say it is at least one millisecond! In
  10214. reality, these timers very rarely have that good resolution so even though
  10215. the time diff was longer than 1 millisecond, it was reported as no diff.
  10216. - I also modified the getinfo() again when returning times, as Paul Harrington
  10217. reports that 7.9.1 only returns times with 1 second accuracy, which indeed
  10218. is wrong.
  10219. Daniel (8 November 2001)
  10220. - Marcus Webster found out that curl_formadd() could read one byte outside a
  10221. buffer boundary, which then of course could lead to a crash. Marcus also
  10222. gracefully provided a patch for this this.
  10223. - Glen Scott ran configure on his Cobalt Qube and it didn't figure out the
  10224. correct way of calling gethostbyname_r() and thus failed to resolve hosts.
  10225. This is two errors: it shouldn't continue the configure script if it finds
  10226. gethostbyname_r() but can't figure out how to use it, and it should really
  10227. figure out how to use it as it was running Linux and we know how that
  10228. works...
  10229. Daniel (7 November 2001)
  10230. - docs/VERSIONS is a new file in the archive that explains the version number
  10231. system we use in the curl project.
  10232. - Did some more fixes that now makes libcurl only ignore signals as long as
  10233. it needs to, and then restore (if any) previous signal handler again.
  10234. Daniel (6 November 2001)
  10235. - Enrik Berkhan posted bug report #478780, in which he very correctly pointed
  10236. out two bad timeout matters in libcurl: we didn't restore the sigaction
  10237. struct (the alarm handler for SIGALRM) nor did we restore the previous
  10238. alarm() timeout that could've been set by a "parent" process or similar.
  10239. - Kevin Roth made the cygwin binary get stripped before install.
  10240. Daniel (5 November 2001)
  10241. - Detlef Schmier reported that curl didn't compile using Solaris 8 with the
  10242. native cc compiler. It was due to a bad function prototype. Fixed now.
  10243. Unfortunately, I can't enable the -Wstrict-prototypes in my debug builds
  10244. though, as gcc then complains like crazy on OpenSSL include files... :-(
  10245. - John Lask provided SSL over HTTP proxy fixes. They'll need some tweaking
  10246. to work on all platforms.
  10247. - John Lask added the -1/--TLSv1 options that forces SSL into using TLS
  10248. version 1 when speaking HTTPS.
  10249. - John Lask brought a brand new VC++ makefile for the lib directory, that
  10250. works a lot better than the previous!
  10251. - Ramana Mokkapati brought some clever insights on the LDAP failures (bug
  10252. report #475407), and his suggested changes are now applied.
  10253. Version 7.9.1
  10254. Daniel (4 November 2001)
  10255. - I've added a number of new test cases the last few days. A few of them since
  10256. I got reports that hinted on problems on timeouts, so I added four tests
  10257. with timeouts for all sorts of protocols and stuff. I also came to think of
  10258. a few other error scenarios that we currently didn't test properly, so I
  10259. wrote up tests for a few of those too.
  10260. Daniel (2 November 2001)
  10261. - Replaced read() and write() with recv() and send() for socket operations
  10262. even under normal unixes.
  10263. Daniel (1 November 2001)
  10264. - When an FTP transfer was aborted due to a timeout, it wasn't really aware of
  10265. how many bytes that had been transferred and the error text always said 0
  10266. bytes. I modified this to output the actually transferred amount! :-)
  10267. - The FTP fixes in pre7 didn't compile on IPv6 enabled hosts. Does now. I also
  10268. added more comments in the lib/ftp.c source file.
  10269. - Minor updates to the FAQ, added a brand new section to the web site about
  10270. the name issue (who owns "curl"? will someone sue us? etc etc):
  10271. http://curl.haxx.se/legal/thename.html
  10272. Version 7.9.1-pre7
  10273. Daniel (31 October 2001)
  10274. - The curl_easy_getinfo() timers accidentally lost their subsecond accuracy as
  10275. the calculations used longs instead of doubles! Paul Harrington reported.
  10276. - The SSL SocketIsDead() checks weren't good enough (as expected really), so I
  10277. had to add a generic internal try-it-out system. If the request on a re-used
  10278. connection seems to fail, then we go back and get a new (fresh) connection
  10279. and re-tries the request on that instead. It kind of makes the
  10280. SocketIsDead() check obsolete, but I think it is a quicker way for those
  10281. cases where it actually discovers that the connection is dead.
  10282. - When fixing the above, I noticed that we did quite a few writes to sockets
  10283. in libcurl where we didn't check the return code (that it actually worked to
  10284. send the data). With the new "attempted request" system we must detect those
  10285. situations so I went over a bunch of functions, changed return types and
  10286. added checks for what they actually return.
  10287. Version 7.9.1-pre6
  10288. Daniel (31 October 2001)
  10289. - Paul Harrington detected a problem with persistant SSL connections. Or to be
  10290. more exact, we didn't properly detect that the connection was dead and then
  10291. a second connection would try to re-use it wrongly. The solution to this
  10292. problem is still not very clear and I'm working on it. One OpenSSL insider
  10293. said there is no way to know if the SSL connection is alive or not without
  10294. actually trying an operation.
  10295. Daniel (30 October 2001)
  10296. - If a cookie was read from a file, it could accidentally strdup() a NULL
  10297. pointer. Paul Harrington reported. [http://cvs.sourceforge.net/cgi-bin/viewcvs.cgi/curl/curl/lib/cookie.c.diff?r1=1.25&r2=1.26]
  10298. - The MANUAL file now documents -t correctly. I also fixed the -T description
  10299. in the curl.1 man page.
  10300. Daniel (29 October 2001)
  10301. - John Janssen found out that curl_formadd was missing in the libcurl.def file
  10302. and that the docs stated the wrong return type for the function.
  10303. - Andrés García found a bug with multiple files in the curl_formadd() function,
  10304. that I removed with this patch [http://cvs.sourceforge.net/cgi-bin/viewcvs.cgi/curl/curl/lib/formdata.c.diff?r1=1.25&r2=1.26].
  10305. - Kevin Roth brought another patch that moved the cygwin package files to the
  10306. packages/Win32/cygwin directory.
  10307. - A bug in the connection re-use logic made repeated requests to the same FTP
  10308. server (when using name+pasword in the URL) sometimes use more than one
  10309. connection. [http://cvs.sourceforge.net/cgi-bin/viewcvs.cgi/curl/curl/lib/url.c.diff?r1=1.166&r2=1.167]
  10310. - Moonesamy tracked down and fixed a problem with the new 7.9.1 connect
  10311. code. This corrected the error Kevin Roth reported on the 7.9.1-pre5 release
  10312. (test 19)...
  10313. [http://cvs.sourceforge.net/cgi-bin/viewcvs.cgi/curl/curl/lib/connect.c.diff?r1=1.13&r2=1.14]
  10314. Daniel (26 October 2001)
  10315. - Added test28 which verifies that "Location:"-following works even if the
  10316. contents is separated with more than one space.
  10317. Daniel (25 October 2001)
  10318. - Ramana Mokkapati pointed out that LDAP transfers would 'hang' after the
  10319. correct data has been output.
  10320. Version 7.9.1-pre5
  10321. Daniel (24 October 2001)
  10322. - T. Bharath found a memory leak in the cookie engine. When we update a cookie
  10323. that we already knew about, we lost a chunk of memory in the progress... The
  10324. brand new test case 27 now tests for this occurrence. [http://cvs.sourceforge.net/cgi-bin/viewcvs.cgi/curl/curl/lib/cookie.c.diff?r1=1.24&r2=1.25]
  10325. Daniel (23 October 2001)
  10326. - pack_hostent() didn't properly align some pointers, so at least SPARC CPUs
  10327. would core. [http://cvs.sourceforge.net/cgi-bin/viewcvs.cgi/curl/curl/lib/hostip.c.diff?r1=1.34&r2=1.35]
  10328. Daniel (22 October 2001)
  10329. - Tom Benoist reported that this SGI IRIX compiler didn't handle indented
  10330. preprocessor instructions, so they're no longer in the source code!
  10331. - Applied Kevin Roth's patches to make it easier to build cygwin packages from
  10332. the out-of-the-box curl release archives.
  10333. - I forgot to mention it below, but libcurl now closes connections that report
  10334. transfer failures. Unconditionally. This could be made more nicely in the
  10335. future if we set a flag or something that the connection is still good to be
  10336. used for the errors that know that for a fact. We have to close the
  10337. connection for the cases where we abort for example a HTTP transfer in the
  10338. middle, or otherwise we might re-use that connection later with lots of data
  10339. still being sent to us on it. [http://cvs.sourceforge.net/cgi-bin/viewcvs.cgi/curl/curl/lib/transfer.c.diff?r1=1.63&r2=1.64]
  10340. Daniel (19 October 2001)
  10341. - CURLE_GOT_NOTHING is now returned when a HTTP server doesn't return
  10342. anything, not even a header. test case 37 was added to test for this.
  10343. - T. Bharath made curl_easy_duphandle() properly clone the cookie status as
  10344. well.
  10345. Version 7.9.1-pre4
  10346. Daniel (18 October 2001)
  10347. - CURLOPT_FAILONERROR, set with "curl --fail" no longer returns an error if
  10348. the HTTP return code is below 400.
  10349. Daniel (17 October 2001)
  10350. - The test suite now kills any running test http server when you re-start the
  10351. tests.
  10352. - We had to remove 'use strict' from two perl scripts, as the cygwin
  10353. adjustments didn't play nicely otherwise for some reason. Any perl wizard
  10354. out there who can put the scrict back and still make it run good on unix and
  10355. cygwin?
  10356. - A potential memory leak pointed out to us by Yanick Pelletier was removed.
  10357. It would occur when a http file transfer fails. [http://cvs.sourceforge.net/cgi-bin/viewcvs.cgi/curl/curl/lib/transfer.c.diff?r1=1.60&r2=1.61]
  10358. - The memory debugging system should no longer display anything to stderr
  10359. if the curl_memdebug() hasn't been used to explicitly say so. This makes it
  10360. easier to use the memory debug system and switch the logging on/off.
  10361. Daniel (16 October 2001)
  10362. - Kevin Roth provided fixes for building curl nicer in cygwin environments.
  10363. Daniel (12 October 2001)
  10364. - Cleaning up the progress meter/info code. The "current speed" is now more
  10365. accurate than before as we now use the true time spent between the measures,
  10366. and not just "assuming" every-second-update like before. The output should
  10367. now also be of the same width at all times, never to show "extra" zeroes on
  10368. the right edge.
  10369. - After talking about possible Location: bugs on the mailing list, I modified
  10370. the "absolute URL" checker in lib/transfer.c to be more strict when checking
  10371. if the redirected URL is absolute.
  10372. Daniel (11 October 2001)
  10373. - Kevin Roth provided patches that make the test suite run fine on Windows
  10374. 2000 running cygwin.
  10375. Daniel (10 October 2001)
  10376. - Setting the -c or the CURLOPT_COOKIEJAR option now enables the cookie parser.
  10377. Previously -b or CURLOPT_COOKIEFILE was also required for the jar to work.
  10378. Version 7.9.1-pre3
  10379. Daniel (9 October 2001)
  10380. - Added a new option to the command line client: -0/--http1.0. It uses the new
  10381. libcurl option CURLOPT_HTTP_VERSION to request that libcurl uses HTTP 1.0
  10382. requests instead of the default version (1.1). It should only be used if you
  10383. really MUST do that because of a silly remote server.
  10384. - Renamed the 'TimeCond' typedef in curl/curl.h to use a 'curl_' prefix as
  10385. all public curl-symbols should.
  10386. - libcurl now explicitly ignores the SIGPIPE signal.
  10387. Daniel (8 October 2001)
  10388. - Kevin Roth's change to the cookie-jar comment (in the stored file) was
  10389. applied.
  10390. - Lucas Adamski's minor bug in the bind error code failf() was fixed.
  10391. Daniel (5 October 2001)
  10392. - Moonesamy fixed the Curl_connecthost() function to not give compiler errors
  10393. on a bunch of compilers, due to the argument named 'socket'.
  10394. - Moonesamy also provided updated VC++ makefiles and project files.
  10395. Version 7.9.1-pre2
  10396. Daniel (4 October 2001)
  10397. - Albert Chin provided a configure patch that makes the script detect proper
  10398. gethostbyname_r() method without actually running any code, only compiling
  10399. is necessary. This also removes the need of having a resolving 'localhost'
  10400. name.
  10401. - Found and removed memory leakage (name resolve data) in libcurl on
  10402. IPv6-enabled hosts. These could sneak through because we didn't have any
  10403. resource tracing on the IPv6-related functions. We do now.
  10404. Daniel (3 October 2001)
  10405. - Keith McGuigan patched away a (mainly Windows-) problem with the name
  10406. resolver data being kept in the static memory area, which is removed when a
  10407. thread is killed. The curl handle itself though perfectly handles being
  10408. passed between threads.
  10409. - Dirk Eddelbuettel reported an odd bug that turned out to be his proxy that
  10410. required an Authorization: header. Now, proxies are not supposed to require
  10411. that header, that is for true servers...
  10412. - I accidentally ruined Georg's curl_formadd(). Uh, bad me. Corrected now.
  10413. Version 7.9.1-pre1
  10414. Daniel (3 October 2001)
  10415. - Georg Huettenegger once again made an effort beyond the call of duty and not
  10416. only improved the curl_formadd() function, but also took care of adjusting
  10417. the curl command line client to use this new function instead of the
  10418. obsoleted curl_formparse.
  10419. Daniel (2 October 2001)
  10420. - Major fix in how libcurl does TCP connects. It now does non-blocking
  10421. connects to enable good timeouts without signals, and it now tries all IP
  10422. addresses for any given host (if it resolves more than one and the first
  10423. one(s) don't connect). Added a new source file 'connect.c' to deal with all
  10424. the TCP connect stuff.
  10425. - We now support IPv4-style IP-addresses in rfc2732-format, to better support
  10426. people writing scripts without knowing what address there is.
  10427. Daniel (28 September 2001)
  10428. - Cleanups in the FTP source code. Divided the code into even more smaller
  10429. functions and generally tried to make the differences between IPv4 and IPv6
  10430. get less noticable in the sources.
  10431. - If the remote file time is not readable/accessable/understood by libcurl,
  10432. libcurl now returns -1 in the CURLINFO_FILETIME data, not 0 as it previously
  10433. did. This should make curl not touch the file data unless there was a known
  10434. remote date when -R is used.
  10435. Daniel (27 September 2001)
  10436. - Working on getting non-blocking connects working platform independent. We
  10437. will also make curl try all IPs for a given host if the first one should
  10438. fail.
  10439. Daniel (26 September 2001)
  10440. - Kevin Roth provided a cookie example that proved the cookie jar
  10441. functionality wasn't working properly. I added test case 46 and made it
  10442. work.
  10443. Daniel (25 September 2001)
  10444. - Jörn Hartroth updated the mingw32 makefiles.
  10445. Version 7.9
  10446. Daniel (23 September 2001)
  10447. - Found and removed a 'socket leak' that would occur on IPv6 enabled hosts
  10448. when FTP RETR failed.
  10449. - Made the FTP upload tests run fine on machines with IPv6 enabled.
  10450. Version 7.9-pre8
  10451. Daniel (19 September 2001)
  10452. - Vojtech Minarik set up a special-purpose test server and provided me with
  10453. test certificates in order for me to repeat the bug reports #440068 and
  10454. #440373. It turned out we didn't check all the error codes properly. We do
  10455. now, and connecting with a unacceptable certificate will make libcurl fail
  10456. to connect with an error code returned.
  10457. - Ramana Mokkapati found a case when the Location: following code did wrong.
  10458. I wrote a test case for this (45).
  10459. Version 7.9-pre7
  10460. Daniel (17 September 2001)
  10461. - Linus Nielsen Feltzing fixed telnet for win32. It makes libcurl require
  10462. winsock 2.0.
  10463. Version 7.9-pre6
  10464. - libtool 1.4.2 is now in use!
  10465. Version 7.9-pre5
  10466. Daniel (14 September 2001)
  10467. - Added another 14 ftp tests.
  10468. Daniel (13 September 2001)
  10469. - Added curl_easy_duphandle() to the easy.h header file. It has now been
  10470. tested and proved to work in a real-world tests by T Bharath. We still need
  10471. to write up some docs for this function.
  10472. - Added four more ftp tests to the test suite.
  10473. Daniel (12 September 2001)
  10474. - CURLOPT_SSL_CIPHER_LIST was added, and the curl tool option is named
  10475. --ciphers. Use them to specify a list of ciphers to use in the SSL
  10476. connection.
  10477. - T. Bharath found a memory leak in libcurl's windows version. It turned out
  10478. to be the new duphandle() that didn't quite work yet.
  10479. Version 7.9-pre4
  10480. Daniel (11 September 2001)
  10481. - Added verbose output for SSL connections that output the server
  10482. certificate's start and expire dates. As suggested by Paul Harrington.
  10483. - Heikki Korpela found problems in the perl ftp server used for the test
  10484. suite, when he runs on on OpenBSD with perl 5.6. Some changes have been
  10485. made, but nothing really certain.
  10486. - T. Bharath has experienced problems with libcurl's stack usage on windows
  10487. and works on reducing it.
  10488. Daniel (10 September 2001)
  10489. - Cris Bailiff fixed the perl interface. It stopped working since the changed
  10490. behavior with WRITEHEADER and NULL pointers.
  10491. - The "output cookies" function could dump core if no cookies were enabled.
  10492. Daniel (7 September 2001)
  10493. - SM pointed out that the SSL code didn't compile any longer if SSL was
  10494. disabled... Also, we needed to correct the #include for the utime stuff on
  10495. windows.
  10496. Daniel (6 September 2001)
  10497. - T. Bharath pointed out a flaw in the SSL session cache code that made it
  10498. sometimes read from a NULL pointer.
  10499. Version 7.9-pre3
  10500. Daniel (3 September 2001)
  10501. - Added the -R/--remote-time option, that uses the remote file's datestamp to
  10502. set the local file's datestamp. Thus, when you get a remote file your local
  10503. file will get the same time and date. Note that this only works when you use
  10504. -o or -O.
  10505. - Installed libtool 1.4.1, libtoolized and everything.
  10506. Daniel (1 September 2001)
  10507. - Heikki Korpela pointed out that I did not ship the proper libtool stuff in
  10508. the pre-releases, even though that was my intention. libtoolize has now
  10509. been re-run.
  10510. - Heikki also patched away the bad use of 'make -C' in the test suite
  10511. makefile. make -C is not very portable and is now banned from here.
  10512. Version 7.9-pre2
  10513. Daniel (31 August 2001)
  10514. - I just made a huge internal struct rehaul, and all the big internally used
  10515. structs have been renamed, redesigned and stuff have been moved around a bit
  10516. to make the source easier to follow, more logically grouped and to hopefully
  10517. decrease future bugs. I also hope that this will make new functions to get
  10518. easier to add, and make it less likely that we have bugs left like the URL-
  10519. free bug from August 23.
  10520. Version 7.9-pre1
  10521. Daniel (29 August 2001)
  10522. - The new cookie code have enabled the brand new '-c/--cookie-jar' option. Use
  10523. that to specify the file name in which you want to have all cookies curl
  10524. knows of, dumped to. It'll be written using the netscape cookie format.
  10525. This is internally done with the new CURLOPT_COOKIEJAR option to libcurl,
  10526. which in turn dumps this information when curl_easy_cleanup() is invoked.
  10527. There might be reasons to re-consider my choice of putting it there. Perhaps
  10528. it is better placed to get done just before *_perform() is done. It is all
  10529. of course depending on how you guys want to use this feature...
  10530. - Added ftpupload.c in the source examples section, based on source code posted
  10531. by Erick Nuwendam.
  10532. Daniel (28 August 2001)
  10533. - Now running libtool CVS branch-1-4 to generate stuff. Should fix problems
  10534. on OpenBSD and hopefully on FreeBSD as well!
  10535. - Georg Huettenegger modified the curl_formadd() functionality slightly, and
  10536. added support for error code 417 when doing form post and using the Expect:
  10537. header. Great work!
  10538. - Made some tests with cached SSL session IDs, and they seem to work. There
  10539. should be a significant speed improvement in the SSL connection phase, but
  10540. in my tiny tests it just isn't possible to notice any difference. Like other
  10541. caching in libcurl, you must reuse the same handle for the caching to take
  10542. effect. SSL session ID caching is done on a per host-name and destination
  10543. port number basis.
  10544. Set verbose, and you'll get informational tests when libcurl detects and
  10545. uses a previous SSL session ID.
  10546. - Upgraded to automake 1.5 on my development/release machine.
  10547. Daniel (27 August 2001)
  10548. - Slowly started writing SSL session ID caching code
  10549. Daniel (24 August 2001)
  10550. - T. Bharath removed compiler warnings on windows and updated the MS project
  10551. files.
  10552. - Kevin Roth reported two kinds of command line constructs with the new -G that
  10553. curl didn't really deal with the way one would like.
  10554. - Tim Costello patched away a use of strcasecmp() in the SSL code. We have our
  10555. own portable version named strequal() that should be used!
  10556. - Tim also pointed out a problem in the lib/Makefile.vc6 file that made it mix
  10557. debug object modules causing confusions.
  10558. Daniel (23 August 2001)
  10559. - T. Bharath accurately found a libcurl bug that would happen when doing a
  10560. second invoke of curl_easy_perform() with a new URL when the previous invoke
  10561. followed a Location: header.
  10562. - Started the improvement work on the cookie engine:
  10563. - Now keeps cookies in the same order as the cookie file
  10564. - A write to the possibly static string was removed
  10565. - Added a function that can output all cookies
  10566. - Now supports reading multiple cookie files
  10567. - Steve Lhomme corrected a DLL naming issue in the MSVC++ project file.
  10568. - Split up the monster function in lib/ftp.c to use more smallish functions to
  10569. increase readability and maintainability.
  10570. Daniel (21 August 2001)
  10571. - Georg Huettenegger's big patch was applied. Now we have:
  10572. o "Expect: 100-continue" support. We will from now on send that header in
  10573. all rfc1867-posts, as that makes us abort much faster when the server
  10574. rejects our POST. Posting without the Expect: header is still possible in
  10575. the standard replace-internal-header style.
  10576. o curl_formadd() is a new formpost building function that is introduced to
  10577. replace the now deprecated curl_formparse() function. The latter function
  10578. will still hang around for a while, but the curl_formadd() is the new way
  10579. and correct way to build form posts.
  10580. o Documentation has been updated to reflect these changes
  10581. These changes are reason enough to name the next curl release 7.9...
  10582. - We now convert man pages to HTML pages and include them in the release
  10583. archive. For the pleasure of everyone without nroff within reach.
  10584. - Andrés García's suggested flushing of the progress meter output stream was
  10585. added. It should make the progress meter look better on Windows.
  10586. - Troy Engel pointed out a mistake in the configure script that made it fail
  10587. on many Red Hat boxes!
  10588. Daniel (20 August 2001)
  10589. - We need an updated libtool to make a better build environment for OpenBSD
  10590. as well as FreeBSD
  10591. Version 7.8.1
  10592. Daniel (20 August 2001)
  10593. - Brad pointed out that we ship two extra libtool files in the tarballs that
  10594. we really don't need to! Removing them makes the gz-archive about 60K
  10595. smaller!
  10596. - Albert Chin brought fixes for the configure script to detect socklen_t
  10597. properly as well as moving lots of our custom autoconf macros to
  10598. acinclude.m4.
  10599. Daniel (19 August 2001)
  10600. - Moonesamy improved his -G feature for host names only URLs...
  10601. Daniel (17 August 2001)
  10602. - Finally cleaned up the kerberos code to use Curl_ prefixes on all global
  10603. symbols and to not use global variables.
  10604. Version 7.8.1-pre6
  10605. Daniel (16 August 2001)
  10606. - S. Moonesamy added the -G option to curl, that converts the data specified
  10607. with -d to a GET request. Default action when using -d is POST. When -G is
  10608. used, the -d specified data will be appended to the URL with a '?'
  10609. separator. As suggested previously by Kevin Roth.
  10610. - curl-config --libs should now display all linker options required to link
  10611. with libcurl. It includes the path and options for libcurl itself.
  10612. curl-config --cflags displays the compiler option(s) needed to compile
  10613. source files that use libcurl functions. Basically, that sets the include
  10614. path correct.
  10615. Daniel (15 August 2001)
  10616. - Arkadiusz Miskiewicz pointed out a mistake in how IPv6-style IP-addresses
  10617. were parsed and used. (RFC2732-format)
  10618. - Bug #12733 over on php.net identified a problem in libcurl that made it core
  10619. dump if you used CURLOPT_POST without setting any data to post with
  10620. CURLOPT_POSTFIELDS! This is no longer the case. Not using CURLOPT_POSTFIELDS
  10621. now equals setting it to no data at all.
  10622. - Ramana Mokkapati reported that curl with '-w %{http_code}' didn't work
  10623. properly when used for multiple URLs on a single command line. Indeed, the
  10624. variable was not reset between the requests. This is now fixed.
  10625. - David James fixed the Borland makefile so that libcurl still compiles and
  10626. builds with that compiler.
  10627. Daniel (14 August 2001)
  10628. - Oops. I ruined Nico's socklen_t define in config-vms.h, corrected it now.
  10629. - An older item not mentioned here before: CURL_GLOBAL_WIN32 is a define for
  10630. windows users to curl_global_init(), that makes libcurl init the winsock
  10631. stuff. If libcurl is all socket stuff you do, then allowing it to fiddle
  10632. with this is a comfortable shortcut to fame.
  10633. Version 7.8.1-pre5
  10634. Daniel (14 August 2001)
  10635. - Nico Baggus provided more feedback from his VMS porting efforts and a few
  10636. minor changes were necessary.
  10637. - I modified configure.in so that --enable-debug sets more picky gcc options.
  10638. I then removed almost all the new warnings that appeared, and by doing so I
  10639. corrected the size_t-treated-as-signed problem that has been discussed on
  10640. the mailing list previously. I also removed a bunch of the just recently
  10641. added #ifdef VMS lines.
  10642. - I removed the use of a global variable in the SSL code. It was once
  10643. necessary but hasn't been needed since OpenSSL 0.9.4. The old code should
  10644. (hopefully) still work if libcurl is built against an ancient version of
  10645. OpenSSL.
  10646. Daniel (13 August 2001)
  10647. - Peter Todd posted a patch that now allows non-file rc1867-style form posts
  10648. to be larger than 4K.
  10649. Daniel (10 August 2001)
  10650. - S. Moonesamy fixed bugs for building debug and SSL lib in VC makefile
  10651. Daniel (9 August 2001)
  10652. - The redirected error stream was closed before the curl_easy_cleanup() call
  10653. was made, and when VERBOSE was enabled, the cleanup function tried to use
  10654. the stream. It could lead to a segmentation fault. Also, the stream was
  10655. closed even if we looped to get more files. Corrects Dustin Boswell's bug
  10656. report #441610
  10657. - Now generates the release configure script with autoconf 2.52
  10658. Version 7.8.1-pre4
  10659. Daniel (8 August 2001)
  10660. - curl -E uses a colon to separate a file name from a passphrase. This turned
  10661. out really bad for the windows people who wants to include a drive letter in
  10662. the file name like "c:\cert.pem". There's now a win32 work-around
  10663. implemented that tries work around that, when the colon seems to be used for
  10664. this kind of construct.
  10665. - Patrick Bihan-Faou introduced CURLOPT_SSL_VERIFYHOST, which makes curl
  10666. verify the server's CN field when talking https://. If --cacert is not used,
  10667. any failures in matching is only displayed as information (-v).
  10668. Daniel (7 August 2001)
  10669. - Wrote up nine more test cases, more or less converted from the former test
  10670. suite.
  10671. Daniel (6 August 2001)
  10672. - Heikki Korpela posted a patch that makes 'curl-config --libs' include the
  10673. directory in which libcurl itself is installed in. While this wasn't my
  10674. initial intention with this option, it makes sense and makes linking with
  10675. libcurl easier.
  10676. - Stefan Ulrich pointed out to us that other tools and libraries treat file://
  10677. URLs with only one slash after the host name slighly different than libcurl
  10678. does. Since all the others seem to agree, we better follow them.
  10679. - Nico Baggus provided us with a huge set of fixes to make curl compile and
  10680. build under OpenVMS.
  10681. Version 7.8.1-pre3
  10682. Daniel (6 August 2001)
  10683. - Jonathan Hseu noticed that you couldn't get a header callback unless you
  10684. set CURLOPT_WRITEHEADER to non-NULL, even if you didn't care about that
  10685. data. This is now fixed.
  10686. Daniel (5 August 2001)
  10687. - Sergio Ballestrero provided a patch for reading responses from NCSA httpd
  10688. 1.5.x servers, as they return really screwed up response headers when asked
  10689. for with HTTP 1.1.
  10690. - curl_escape() no longer treats already encoded characters in the input
  10691. string especially.
  10692. Daniel (3 August 2001)
  10693. - I replaced the former lib/arpa_telnet.h file with one I wrote myself, to
  10694. avoid the BSD annoucement clause of the license in the former file.
  10695. - Andrew Francis provided a new version of base64.c to work around the license
  10696. boiler plate that came with the previous one. I patched it, but the glory
  10697. should go to Andrew for his heads up.
  10698. - Tomasz Lacki noticed that when you do repeated transfers with libcurl you
  10699. couldn't always reliably change HTTP request. This has now been fixed and a
  10700. new libcurl option was added: CURLOPT_HTTPGET, that can force the HTTP
  10701. requestr (back) to GET.
  10702. - Linus Nielsen Feltzing pointed out that httpsserver.pl wasn't included in
  10703. release archives. It should be now.
  10704. Daniel (2 August 2001)
  10705. - Frank Keeney pointed out a manual mistake for certificate convertions.
  10706. - Tomasz Lacki pointed out a problem in the transfer loop that could make the
  10707. select() loop use far too much CPU.
  10708. - Pawel A. Gajda pointed out an output mistake done when using libcurl's
  10709. progress callback.
  10710. Daniel (29 June 2001)
  10711. - Naveen Noel noticed that the Borland library makefile wasn't updated.
  10712. - Nic Roets brought a fix for the certificate verification when using SSL.
  10713. Daniel (27 June 2001)
  10714. - Made the FTP tests run OK even on machines running curl IPv6-enabled.
  10715. - Troy Engel corrected some RPM package details.
  10716. Version 7.8.1-pre2
  10717. Daniel (25 June 2001)
  10718. - Björn Stenberg correctly identified a problem that occurred when downloading
  10719. several files with curl, and using resume. The first file's resume index was
  10720. then used for all files, resulting in weird results...
  10721. - Anton Kalmykov provided a fix that makes curl work with form field names
  10722. with spaces like when -F is used.
  10723. Version 7.8.1-pre1
  10724. Daniel (20 June 2001)
  10725. - Mike Bytnar provided a fine report that proved that the --with-ssl option
  10726. for configure needed tweaking. It no longer searches the default directories
  10727. for OpenSSL libs or directories when a specified path is given.
  10728. Daniel (19 June 2001)
  10729. - When an FTP transfer is cut off during transfer, curl could present a truly
  10730. garbaged error message and in worst case dump core. Thanks to detailed
  10731. reports from Shawn Poulson we nailed this.
  10732. Daniel (12 June 2001)
  10733. - Salvador Dávila provided a fix for FTP range downloads.
  10734. - Added a few more test cases from the former test suite to the new file
  10735. format. We're now at a total of 26 tests.
  10736. Daniel (11 June 2001)
  10737. - libcurl's version-info was wrong, as noted by both Domenico Andreoli and
  10738. David Odin.
  10739. Daniel (7 June 2001)
  10740. - Jörn fixed the curl_unescape duplicate entry in lib/libcurl.def
  10741. - I made SSL certificate failure messages to be more detailed.
  10742. Version 7.8
  10743. Daniel (7 June 2001)
  10744. - SDavila provided a resumed download fix.
  10745. Version 7.8-pre4
  10746. Daniel (1 June 2001)
  10747. - Sterling provided some new PHP examples.
  10748. - Changed the CVS hierarchy and the older checkout instruction does no longer
  10749. work. We moved the entire source code into a CVS module named 'curl'.
  10750. Daniel (31 May 2001)
  10751. - CURLOPT_MUTE does not exist anymore. It is still present in the include file
  10752. to not cause compiler errors for applications using it, but it isn't used
  10753. anywhere in the library.
  10754. Version 7.8-pre3
  10755. Daniel (31 May 2001)
  10756. - Once and for all fixed the _REENTRANT mess for Solaris compiles to present
  10757. less warnings.
  10758. - Sterling Hughes tirelessly points out and corrects my mistakes...! So,
  10759. curl_global_init() now lets the argument flags *SET* what parts to
  10760. init. CURL_GLOBAL_DEFAULT makes a nice default, CURL_GLOBAL_ALL inits all
  10761. known subsystems and CURL_GLOBAL_NONE inits nothing more than absolutely
  10762. necessary. Man page updated accordingly.
  10763. - Fixed the strtok.h include file as it wouldn't compile on all platforms!
  10764. Daniel (30 May 2001)
  10765. - Made libcurl by default act as if CURLOPT_MUTE and CURLOPT_NOPROGRESS were
  10766. set TRUE. Set them to FALSE to make libcurl more talkative. The *_MUTE
  10767. option is subject for complete removal...
  10768. Version 7.8-pre2
  10769. Daniel (30 May 2001)
  10770. - Cris Bailiff wrote a makefile for building Solaris packages.
  10771. - Sterling Hughes brought fixes for 'buildconf' (the build-from-CVS tool) and
  10772. we discussed and added a few CURL_GLOBAL_* flags in include/curl.h
  10773. - Kjetil Jacobsen privately announced his python interface to libcurl,
  10774. available at http://pycurl.sourceforge.net/
  10775. Daniel (29 May 2001)
  10776. - Sterling Hughes fixed a strtok() problem in libcurl. It is not a thread-
  10777. safe function. Now configure checks for a thread-safe version, and
  10778. lib/strtok.c offers one for the systems that don't come with one included!
  10779. - Mettgut Jamalla correctly pointed out that the -# progress bar was written
  10780. to stderr even though --stderr redirection was used. This is now corrected.
  10781. - I moved out the list of contributors from the curl.1 man page and made a
  10782. separate docs/THANKS file. It makes the list easier to find, and made it
  10783. easier for me to make a separate web page with that same information.
  10784. I really do want all you guys mentioned in there to feel you get the credit
  10785. you deserve.
  10786. - lib/easy.c didn't compile properly in the 7.8-pre1 due to a silly mistake
  10787. Version 7.8-pre1
  10788. Daniel (28 May 2001)
  10789. - curl-config now supports '--vernum' that outputs a plain hexadecimal version
  10790. of the libcurl version number (using 8 bits for each 3 numbers). Version
  10791. 7.7.4 appears as 070704
  10792. - Wrote man pages for curl_global_init and curl_global_cleanup...
  10793. - T. Bharath brought news about the usage of the OpenSSL interface that was
  10794. not previously taken into consideration and thus caused libcurl to leak
  10795. memory. The only somewhat sane approach to fix this dilemma, is adding two
  10796. two new functions curl_global_init() and curl_global_cleanup() that should
  10797. be called *ONCE* by the application using libcurl. The init should be done
  10798. only at startup, no matter how many threads the application is gonna use,
  10799. and the cleanup should be called when the application has finished using
  10800. libcurl completely.
  10801. *** UPGRADE NOTICE ***
  10802. If you write applications using libcurl, you really want to use the two
  10803. functions mentioned above !!!
  10804. I can't say I think this is a very beautiful solution, but as OpenSSL
  10805. insists on making lots of stuff on a "global" scope, we're forced to walk
  10806. the path they point us to.
  10807. - Moving more test cases into the new file format.
  10808. Version 7.7.4-pre3
  10809. Daniel (23 May 2001)
  10810. - Introduced a new file format for storing test cases, and thus I had to
  10811. modify all the perl test scripts and more (I added a new one). I have not
  10812. "ported" all the old test cases to the new format yet, but it'll come.
  10813. The main advantage of this new format is that all test data for each test
  10814. case is stored in a single file. It gives a better overview for each test
  10815. case and a lot less files.
  10816. - Andrés García brought a fix for the netscape/mozilla cookie file parsing
  10817. function, as it turns out it doesn't always store the path!
  10818. Daniel (22 May 2001)
  10819. - As was reported anonymously, when FAILONERROR was used, the httpcode was
  10820. not stored properly and thus wasn't possibly to read after a transfer with
  10821. the curl_easy_getinfo() function. This is now corrected.
  10822. - Installed and made use of the following tool versions:
  10823. autoconf 2.50
  10824. libtool 1.4
  10825. automake 1.4-p1
  10826. I wouldn't recommend any developer to try to generate things with older
  10827. versions than these. Building from CVS will probably more or less require
  10828. at least these versions.
  10829. As a result of this, the configure script grew to more than double its
  10830. previous size!
  10831. Arkadiusz Miskiewicz helped me by pointing out I had to remove my
  10832. acinclude.m4 file before I could get it working!
  10833. Daniel (21 May 2001)
  10834. - I made ftps:// work. Added test case 400 to the release archive, as the
  10835. first ftps:// test case. Requires stunnel.
  10836. - Also made the test cases that runs ssl tests not run if libcurl isn't built
  10837. with ssl support.
  10838. Daniel (19 May 2001)
  10839. - Made the configure not add any extra -L LDFLAGS or -I CPPFLAGS unless they
  10840. are actually needed. Albert Chin's and Domenico Andreoli's suggestions
  10841. helped out.
  10842. Version 7.7.4-pre2
  10843. Daniel (18 May 2001)
  10844. - Nicer configure-check for the OpenSSL headers, which then sets the proper
  10845. variable to have curl-config be good. (Albert Chin provided the fix)
  10846. - For systems that don't have theiw own 'strlcat()' libcurl provides its own.
  10847. It was now renamed to prevent collides with other libs. (After discussions
  10848. with Sterling Hughes and the implications this had on PHP builds.)
  10849. Daniel (17 May 2001)
  10850. - Colm Buckley posted a detailed bug report on (the debianized) 7.7.3, that
  10851. turned out to be a problem with the debian-built 7.7.3-package that
  10852. contained files from the 7.7.2 release!
  10853. - I added the CURLE_ALREADY_COMPLETE again, but with a fake value, just to
  10854. make programs that use it, not fail when compiling against this version of
  10855. libcurl.
  10856. Daniel (14 May 2001)
  10857. - Pawel A. Gajda fixed a problem with resumed transfers on re-used persistent
  10858. connections.
  10859. Version 7.7.4-pre1
  10860. Daniel (14 May 2001)
  10861. - Jun-ichiro itojun Hagino fixed FTP PORT for IPv6-enabled libcurl.
  10862. - Added the first HTTPS test to the test suite in the release archive.
  10863. Daniel (12 May 2001)
  10864. - Jukka Pihl suggested that if (lib)curl is told to verify the peer's
  10865. certificate and the peer can't be verified, it should fail and return a
  10866. proper error code. I added a brand new error code named
  10867. CURLE_SSL_PEER_CERTIFICATE for this purpose.
  10868. Daniel (11 May 2001)
  10869. - As was discussed with Frederic Lepied a while ago, I now made libcurl not
  10870. return error even though no data was transfered on upload/download resume
  10871. when the no transfer is needed. The CURLE_ALREADY_COMPLETE error was removed
  10872. from the header file to make any implemenator that uses that to be aware of
  10873. the fact that it can't be returned anymore!
  10874. - Improved general header-parsing to better allow white spaces and more.
  10875. - Rodney Simmons proved the fix I did yesterday was bad and I had to post
  10876. another one.
  10877. - Ingo Wilken patched away two redirect problems more!
  10878. Daniel (10 May 2001)
  10879. - Cris Bailiff correctly noted that the space-after-header problem with
  10880. Location: is present on several other places in the libcurl sources.
  10881. - Ingo Wilken patched away a problem libcurl had when following Location:
  10882. headers with an extra space after the colon.
  10883. - Rodney Simmons found out that multiple FTP transfers did not treat relative
  10884. directories correctly.
  10885. Daniel (9 May 2001)
  10886. - Getting an FTP file with CURLOPT_NOBODY set (or -I from the command line),
  10887. makes curl use the non-standard ftp command "SIZE". If it failed, libcurl
  10888. returned error. Starting now, it just don't output the file size instead.
  10889. Anonymous bug report.
  10890. - stunnel.pm was accidentally left out from the release archive, it is now
  10891. added (stunnel is needed to run the https-tests in the test suite)
  10892. Daniel (7 May 2001)
  10893. - Corrected two minor compiler warnings due to the FILE * to void * conversion
  10894. that I missed at two places. Jörn Hartroth brought me patches. Sander Gates
  10895. filed a bug report on this.
  10896. Version 7.7.3
  10897. Daniel (4 May 2001)
  10898. - All callback functions now take 'void *' instead of 'FILE *'. This is made
  10899. this way to make it more obvious to people that anything can be passed to
  10900. them (by using the apropriate option). After discussions with Sterling
  10901. Hughes.
  10902. Daniel (3 May 2001)
  10903. - Cris Bailiff fixed a chunked transfer encoding problem with persistent
  10904. connection that made libcurl fail if the persistent connection used mixed
  10905. chunked and non-chunked transfers.
  10906. - Cris Bailiff fixed a bad treatment of 304-replies, as they would not be
  10907. treated as content-length 0 replies but would cause a "hang" until the
  10908. server timed-out and closed the connection.
  10909. - Brad Burdick found a minor problem in the docs/examples/Makefile.am
  10910. Daniel (27 April 2001)
  10911. - Updated the INTERALS document again. It was lagging a bit. I think I made it
  10912. more easy to follow now as well.
  10913. - Brad Burdick found a problem with persistent connections when curl received
  10914. a "Content-Length: 0" header.
  10915. - Giuseppe D'Ambrosio was first out to report that TELNET doesn't work in curl
  10916. compiled/built on win32. It seems to work for unixes though!
  10917. - Dave Hamilton reported weird problems with CURL/PHP that I really can't
  10918. explain at the moment. I'm hoping on some help from the PHP crew.
  10919. Daniel (26 April 2001)
  10920. - I rewrote the FTP command response function. I had to do it to make ftps
  10921. work, as the OpenSSL read()-function didn't work the same way the normal
  10922. unix read() does, but it was also a huge performance boost. Previously the
  10923. function read one byte at a time, now it reads very large chunks, and it
  10924. makes a notable speed difference.
  10925. Daniel (25 April 2001)
  10926. - Connection re-use when not using a proxy didn't work properly for
  10927. non-default port numbers.
  10928. Daniel (24 April 2001)
  10929. - I've noticed that FTPS doesn't work. We attempt to use ssl even for the
  10930. data transfer, which causes the transfer to 'hang'... We need to fix this.
  10931. - Improved the test suite to use 'stunnel' to do HTTPS and FTPS testing on
  10932. the alredy written perl servers easily.
  10933. Daniel (23 April 2001)
  10934. - The OpenSSL version string recently modified didn't zero terminate one
  10935. of the generated strings properly, which could lead to a crash or simply
  10936. weird version string output!
  10937. Version 7.7.2
  10938. Daniel (22 April 2001)
  10939. - Rosimildo da Silva updated the Makefiles for Borland/Windows.
  10940. - Eric Rautman pointed out a problem with persistent connections that would
  10941. lead to broken Host: headers in the second HTTP request.
  10942. Daniel (20 April 2001)
  10943. - Added man pages for the curl_strequal() and curl_mprintf() families. Wrote
  10944. a 'libcurl overview' man page.
  10945. - Spell-fixed some documents.
  10946. - S. Moonesamy corrected mistakes in the man page.
  10947. - Cris Bailiff fixed the curl_slists options in the perl interface, present
  10948. separately in the Curl::easy 1.1.4 package.
  10949. Daniel (19 April 2001)
  10950. - Linus Nielsen Feltzing removed the decimals from the size variables in the
  10951. --write-out output. We hardly ever get fraction of bytes! :-)
  10952. Version 7.7.2-pre1
  10953. Daniel (19 April 2001)
  10954. - Albert Chin provided a configure patch for the AC_SYS_LARGEFILE macro.
  10955. Daniel (18 April 2001)
  10956. - Input from Michael Mealling made me add --feature to curl-config. It
  10957. displays a list of features that have been built-in in the current
  10958. libcurl. The currently available features that can be listed are: SSL, KRB4
  10959. and IPv6.
  10960. - I committed Cris and Georg's perl interface work. They've got callbacks
  10961. working and options that receives those slist pointers.
  10962. - Puneet Pawaia detected a problem with resumed downloads that use persistent
  10963. connections and I made a rather large writeup to correct this. It is
  10964. important that all session-data is stored in the connectdata struct and not
  10965. in the main struct as this previously did.
  10966. Daniel (17 April 2001)
  10967. - Frederic Lepied fixed a ftp resumed download problem and introduced a new
  10968. error code that lets applications be able to detect when a resumed download
  10969. actually didn't download anything since the whole file is already present.
  10970. Should this return OK instead?
  10971. - I added 'curl-config.in' to the root dir and configure script. Now, a
  10972. curl-config script is made when curl is built. The script can be used to
  10973. figure out compile time options used when libcurl was built, which in turn
  10974. should be options YOU should use to build applications that use libcurl.
  10975. This *-config style is not a new idea, but something that has been used
  10976. successfully in other (library based) projects.
  10977. - Phil Karn pointed out that libcurl wrongly did not always use GMT time zone
  10978. for the If-Modified-Since style headers.
  10979. - Georg Schwarz pointed out an extra needed #include file needed in src/main.c
  10980. for curl to build on Ultrix.
  10981. Daniel (11 April 2001)
  10982. - Cris Bailiff pointed out two problems that I corrected. First, libcurl's use
  10983. of the environment variable HTTP_PROXY in uppercase may become a security
  10984. hazard when people use libcurl in a server/cgi situation where the server
  10985. sets the HTTP_*-variables according to incoming headers in the HTTP
  10986. request. Thus, a "Proxy:"-header would set that environment variable!
  10987. Then, invoking curl_easy_perform() without having an URL set caused a crash.
  10988. - S. Moonesamy brought a patch that make curl use non-blocking connects on
  10989. windows when connection timeout is set, as it allows windows users to set
  10990. that timeout!
  10991. - Hirotaka Matsuyuki wrote a Ruby interface to libcurl!
  10992. - Cris Bailiff, Forrest Cahoon and Georg Horn work on the Perl interface.
  10993. - I've written a first shot at a Java interface to libcurl. Many thanks to
  10994. Daniel Marell for tirelessly answering to all my basic Java questions. It
  10995. works, but it is still very basic.
  10996. Daniel (10 April 2001)
  10997. - The progress display could get silly when doing multiple file transfers, as
  10998. it wasn't properly reset between transfers!
  10999. - Discussions with Cris Bailiff who writes a Perl interface to libcurl, made
  11000. me add CURLOPT_HEADERFUNCTION. It can be used to set a separate callback
  11001. function for writing headers. Previously you could only set a different FILE
  11002. * when headers are written from within libcurl.
  11003. Daniel (7 April 2001)
  11004. - Andrés García fixed a problem in curl_escape() and pointed out a flaw in
  11005. the curl_easy_setopt man page.
  11006. Daniel (6 April 2001)
  11007. - Adjusted the version code to properly display OpenSSL 0.9.6a. They sure
  11008. change their version define format often...
  11009. - curl_formfree() now accepts a NULL pointer without crashing!
  11010. Version 7.7.1
  11011. Daniel (3 April 2001)
  11012. - Puneet Pawaia pointed out two serious problems. Libcurl would attempt to
  11013. read bad memory during situations when an (ftp) connection attempt failed.
  11014. Also, the lib/Makefile.vc6 was corrected.
  11015. - More investigations in the Location: following code made me realize that
  11016. it was not clean enough to work transparantly with persistent and non-
  11017. persistent connections. I think I've fixed it now.
  11018. Daniel (29 March 2001)
  11019. - Georg Horn mailed me some corrections for the Curl::easy perl interface.
  11020. - Experimental ftps:// support added. It is basically FTP over SSL for the
  11021. control connection. It still makes all data transfers going over unencrypted
  11022. connections. Rainer Weikusat's ftpd-ssl server hack supports this and I used
  11023. that to verify the functionality.
  11024. Daniel (27 March 2001)
  11025. - Guenole Bescon discovered that if you set a CURLOPT_TIMEOUT and then tried
  11026. to get a file from a site and it fails, the SIGALRM would still be sent
  11027. after the timeout-time, quite inexpectedly!
  11028. - I added an ftp transfer example to docs/examples/ and I also wrote a tiny
  11029. example makefile that can be used as a start when building one of the
  11030. examples.
  11031. Version 7.7.1-beta1
  11032. Daniel (26 March 2001)
  11033. - Mohamed Lrhazi reported problems with 7.6.1 and persistent HTTP/1.0
  11034. connections (when the server replied a Connection: Keep-Alive) and this
  11035. problem was not properly dealt with in 7.7 either. A patch was posted to the
  11036. curl-and-php mailing list.
  11037. Daniel (24 March 2001)
  11038. - Colin Watson reported about a problem and brought a patch that corrected it,
  11039. which was about the man page and lines starting with a single quote (') in a
  11040. way that gnroff doesn't like.
  11041. Daniel (23 March 2001)
  11042. - Peter Bray reported correctly that the root makefile used make instead of
  11043. $(MAKE) for the test target.
  11044. - Corrected the Curl::easy perl interface to use curl_easy_setopt() and not
  11045. curl_setopt() which was removed in 7.7!
  11046. - S. Moonesamy provided updates on three documents (MANUAL, INSTALL and FAQ).
  11047. - When following a Location:, libcurl would sometimes write to the URL string
  11048. in a way it shouldn't. As the pointer is passed-in to libcurl from an
  11049. application, we can't be allowed to write to it. The particular bug report
  11050. from 'nk' that brought this up was because he had a read-only URL that then
  11051. caused a libcurl crash!
  11052. - No longer reads HEAD responses longer than to the last header. Previously,
  11053. curl would read the full reply if the connection was a "close" one.
  11054. - libcurl did re-use connections way too much. Doing "curl
  11055. http://www.{microsoft,ibm}.com" would make it re-use the connection which
  11056. made the second request return very odd results.
  11057. Daniel (22 March 2001)
  11058. - Edin Kadribasic made me aware that curl should not re-send POST requests
  11059. when following 302-redirects. I made 302 work like 303 which means curl uses
  11060. GET in the following request(s).
  11061. - libcurl now reset the "followed-location" counter on each invoke of
  11062. curl_easy_perform() as it otherwise would sum up all redirects on the same
  11063. connection and thus could reach the maxredirs counter wrongly.
  11064. - Jim Drash suggested curl_escape() should not re-encode what already looks
  11065. like an encoded sequence and I think that's a fair suggestion.
  11066. Version 7.7
  11067. Daniel (22 March 2001)
  11068. - The configure script now fails with an error message if gethostbyname_r() is
  11069. detected but it couldn't figure out how to invoke it (what amount of
  11070. arguments it is supposed to get). Reports from Andrés García made me aware
  11071. of this need.
  11072. - Talking with Jim Drash made me finally put the curl_escape and curl_unescape
  11073. functions in the curl.h include file and write man pages for them. The
  11074. escape function was modified to use the same interface as the unescape one
  11075. had.
  11076. - No bug reports at all on the latest betas. Release time coming up.
  11077. Version 7.7-beta5
  11078. Daniel (19 March 2001)
  11079. - Georg Ottinger reported problems with using -C together with -L in the sense
  11080. that the -C info got lost when it was redirected. I could not repeat this
  11081. problem on the 7.7 branch why I leave this for the moment. Test case 39 was
  11082. added to do exactly this, and it seems to do right.
  11083. - Christian Robottom Reis reported how his 7.7 beta didn't successfully do
  11084. form posts as elegantly as 7.6.1 did. Indeed, this was a flaw in the header
  11085. engine, as HTTP 1.1 has introduced a new 100 "transient" return code for PUT
  11086. and POST operations that I need to add support for. Section 8.2.3 in RFC2616
  11087. has all the details. Seems to work now!
  11088. Daniel (16 March 2001)
  11089. - After having experienced another machine break-down, we're back.
  11090. - Georg Horn's perl interface Curl::easy is now included in the curl release
  11091. archive. The perl/ directory is now present. Please help me with docs,
  11092. examples and updates you think fit.
  11093. - Made a new php/ directory in the release archive and moved the PHP examples
  11094. into a subdirectory in there. Not much PHP info yet, but I plan to. Please
  11095. help me here as well!
  11096. - Made libcurl return error if a transfer is aborted in the middle of a
  11097. "chunk". It actually enables libcurl to discover premature transfer aborts
  11098. even if the Content-Length: size is unknown.
  11099. Daniel (15 March 2001)
  11100. - Added --connect-timeout to curl, which sets the new CURLOPT_CONNECTTIMEOUT
  11101. option in libcurl. It limits the time curl is allowed to spend in the
  11102. connection phase. This differs from -m/--max-time that limits the entire
  11103. file transfer operation. Requested by Larry Fahnoe and others.
  11104. I also updated the curl.1 and curl_easy_setopt.3 man pages and removed the
  11105. item from the TODO.
  11106. Version 7.7-beta4
  11107. Daniel (14 March 2001)
  11108. - Made curl grok IPv6 with HTTP proxies and got everything to compile nicely
  11109. again when ENABLE_IPV6 is set.
  11110. I need to remake things in the test suite. I can't test the FTP parts with
  11111. curl built for IPv6 as it uses a different set of FTP commands then!
  11112. - I fell onto a bug report on php.net (posted by Lars Torben Wilson) that was
  11113. a report meant for our project. Anyway, it said the .netrc parsing didn't
  11114. work as supposed, and as I agreed with Lars, I made the netrc parser use
  11115. getpwuid() to figure out the home directory of the effective user and try
  11116. that netrc. It still uses the environment variable HOME for those that don't
  11117. have that function or if the user doesn't return valid pwd info.
  11118. - Edin Kadribaic posted a bug report where he got a crash when a fetch with
  11119. user+password in the URL followed a Location: to a second URL (absolute,
  11120. without name+password). This bug has been around for a long while and
  11121. crashes due to a read at address zero. Fixed now. Wrote test case 38, that
  11122. tests this.
  11123. - Modified the test suite's httpserver slightly to append all client request
  11124. data to its log file so that the test script now better can verify a range
  11125. of requests and not only the last one, as it did previously.
  11126. - Updated the curl man page with --random-file and --egd-file details.
  11127. Version 7.7-beta3
  11128. Daniel (14 March 2001)
  11129. - Björn Stenberg provided similar fixes as Jörn did and some additional patches
  11130. for non-SSL compiles.
  11131. - I increased the interface number for libcurl as I've removed the low level
  11132. functions from the interface. I also took this opportunity to rename the
  11133. Curl_strequal function to curl_strequal and Curl_strnequal to
  11134. curl_strnequal, as they're public libcurl functions (even if they're still
  11135. undocumented).
  11136. This will make older programs not capable of using the new libcurl with
  11137. just a drop-in replacement.
  11138. - Jörn Hartroth updated stuff for win32 compiles:
  11139. o config-win32.h was fixed for socklen_t
  11140. o lib/ssluse.c had a bad #endif placement
  11141. o lib/file.c was made to compile on win32 again
  11142. o lib/Makefile.m32 was updated with the new files
  11143. o lib/libcurl.def matches the current interface state
  11144. Daniel (13 March 2001)
  11145. - It only took an hour or so before Jörn Hartroth found a problem in the
  11146. chunked transfer-encoding. Given his fine example-site, I could easily spot
  11147. the problem and when I re-read the spec (the part I have pasted in the top
  11148. of the http_chunks.h file), I realized I had made my state-machine slightly
  11149. wrong and didn't expect/handle the trailing CRLF that comes after the data
  11150. in each chunk (and those extra two bytes sure feel wasted).
  11151. Had to modify test case 34 to match this as well.
  11152. Version 7.7-beta2
  11153. Daniel (13 March 2001)
  11154. - Added the policy stuff to the curl_easy_setopt man page for the two supported
  11155. policies.
  11156. - Implemented some support for the CURLOPT_CLOSEPOLICY option. The policies
  11157. CURLCLOSEPOLICY_LEAST_RECENTLY_USED and CURLCLOSEPOLICY_OLDEST are now
  11158. supported, and the "least recently used" is used as default if no policy
  11159. is chosen.
  11160. Daniel (12 March 2001)
  11161. - Added CURLOPT_RANDOM_FILE and CURLOPT_EGDSOCKET to libcurl for seeding the
  11162. SSL random engine. The random seeding support was also brought to the curl
  11163. client with the new options --random-file <file> and --egd-file <file>. I
  11164. need some people to really test this to know they work as supposed. Remember
  11165. that libcurl now informs (if verbose is on) if the random seed is considered
  11166. weak (HTTPS connections).
  11167. - Made the chunked transfer-encoding engine detected bad formatted data length
  11168. and return error if so (we can't possibly extract sensible data if this is
  11169. the case). Added a test case that detects this. Number 36. Now there are 60
  11170. test cases.
  11171. - Added 5 new libcurl options to curl/curl.h that can be used to control the
  11172. persistent connection support in libcurl. They're also documented (fairly
  11173. thoroughly) in the curl_easy_setopt.3 man page. Three of them are now
  11174. implemented, although not really tested at this point... Anyway, the new
  11175. implemented options are named CURLOPT_MAXCONNECTS, CURLOPT_FRESH_CONNECT,
  11176. CURLOPT_FORBID_REUSE. The ones still left to write code for are:
  11177. CURLOPT_CLOSEPOLICY and its related option CURLOPT_CLOSEFUNCTION.
  11178. - Made curl (the actual command line tool) use the new libcurl 7.7 persistent
  11179. connection support by re-using the same curl handle for every specified file
  11180. transfer and after some more test case tweaking we have 100% test case OK.
  11181. I made some test cases return HTTP/1.0 now to make sure that works as well.
  11182. - Had to add 'Connection: close' to the headers of a bunch of test cases so
  11183. that curl behaves "old-style" since the test http server doesn't do multiple
  11184. connections... Now I get 100% test case OK.
  11185. - The curl.haxx.se site, the main curl mailing list and my personal email are
  11186. all dead today due to power blackout in the area where the main servers are
  11187. located. Horrible.
  11188. - I've made persistance work over a squid HTTP proxy. I find it disturbing
  11189. that it uses headers that aren't present in any HTTP standard though
  11190. (Proxy-Connection:) and that makes me feel that I'm now on the edge of what
  11191. the standard actually defines. I need to get this code excercised on a lot
  11192. of different HTTP proxies before I feel safe.
  11193. Now I'm facing the problem with my test suite servers (both FTP and HTTP)
  11194. not supporting persistent connections and libcurl is doing them now. I have
  11195. to fix the test servers to get all the test cases do OK.
  11196. Daniel (8 March 2001)
  11197. - Guenole Bescon reported that libcurl did output errors to stderr even if
  11198. MUTE and NOPROGRESS was set. It turned out to be a bug and happens if
  11199. there's an error and no ERRORBUFFER is set. This is now corrected.
  11200. Version 7.7-beta1
  11201. Daniel (8 March 2001)
  11202. - "Transfer-Encoding: chunked" is no longer any trouble for libcurl. I've
  11203. added two source files and I've run some test downloads that look fine.
  11204. - HTTP HEAD works too, even on 1.1 servers.
  11205. Daniel (5 March 2001)
  11206. - The current 57 test cases now pass OK. It would suggest that libcurl works
  11207. using the old-style with one connection per handle. The test suite doesn't
  11208. handle multiple connections yet so there are no test cases for this.
  11209. - I patched the telnet.c heavily to not use any global variables anymore. It
  11210. should make it a lot nicer library-wise.
  11211. - The file:// support was modified slightly to use the internal connect-first-
  11212. then-do approach.
  11213. Daniel (4 March 2001)
  11214. - More bugs erased.
  11215. Version 7.7-alpha2
  11216. Daniel (4 March 2001)
  11217. - Now, there's even a basic check that a re-used connection is still alive
  11218. before it is assumed so. A few first tests have proven that libcurl will
  11219. then re-connect instead of re-use the dead connection!
  11220. Daniel (2 March 2001)
  11221. - Now they work intermixed as well. Major coolness!
  11222. - More fiddling around, my 'tiny' client I have for testing purposes now has
  11223. proved to download both FTP and HTTP with persistent connections. They do
  11224. not work intermixed yet though.
  11225. Daniel (1 March 2001)
  11226. - Wilfredo Sanchez pointed out a minor spelling mistake in a man page and that
  11227. curl_slist_append() should take a const char * as second argument. It does
  11228. now.
  11229. Daniel (22 February 2001)
  11230. - The persistent connections start to look good for HTTP. On a subsequent
  11231. request, it seems that libcurl now can pick an already existing connection
  11232. if a suitable one exists, or it opens a new one.
  11233. - Douglas R. Horner mailed me corrections to the curl_formparse() man page
  11234. that I applied.
  11235. Daniel (20 February 2001)
  11236. - Added the docs/examples/win32sockets.c file for our windows friends.
  11237. - Linus Nielsen Feltzing provided brand new TELNET functionality and
  11238. improvements:
  11239. * Negotiation is now passive. Curl does not negotiate until the peer does.
  11240. * Possibility to set negotiation options on the command line, currently only
  11241. XDISPLOC, TTYPE and NEW_ENVIRON (called NEW_ENV).
  11242. * Now sends the USER environment variable if the -u switch is used.
  11243. * Use -t to set telnet options (Linus even updated the man page, awesome!)
  11244. - Haven't done this big changes to curl for a while. Moved around a lot of
  11245. struct fields and stuff to make multiple connections get connection specific
  11246. data in separate structs so that they can co-exist in a nice way. See the
  11247. mailing lists for discussions around how this is gonna be implemented. Docs
  11248. and more will follow.
  11249. Studied the HTTP RFC to find out better how persistent connections should
  11250. work. Seems cool enough.
  11251. Daniel (19 February 2001)
  11252. - Bob Schader brought me two files that help set up a MS VC++ libcurl project
  11253. easier. He also provided me with an up-to-date libcurl.def file.
  11254. - I moved a bunch of prototypes from the public <curl/curl.h> file to the
  11255. library private urldata.h. This is because of the upcoming changes. The
  11256. low level interface is no longer being planned to become reality.
  11257. Daniel (15 February 2001)
  11258. - CURLOPT_POST is not required anymore. Just setting the POST string with
  11259. CURLOPT_POSTFIELDS will switch on the HTTP POST. Most other things in
  11260. libcurl already works this way, i.e they require only the parameter to
  11261. switch on a feature so I think this works well with the rest. Setting a NULL
  11262. string switches off the POST again.
  11263. - Excellent suggestions from Rich Gray, Rick Jones, Johan Nilsson and Bjorn
  11264. Reese helped me define a way how to incorporate persistent connections into
  11265. libcurl in a very smooth way. If done right, no change may have to be made
  11266. to older programs and they will just start using persistent connections when
  11267. applicable!
  11268. Daniel (13 February 2001)
  11269. - Changed the word 'timeouted' to 'timed out' in two different error messages.
  11270. Suggested by Larry Fahnoe.
  11271. Version 7.6.1
  11272. Daniel (9 February 2001)
  11273. - Frank Reid and Cain Hopwood provided information and research around a HTTPS
  11274. PUT/upload problem we seem to have. No solution found yet.
  11275. Daniel (8 February 2001)
  11276. - An interesting discussion is how to specify an empty password without having
  11277. curl ask for it interactively? The current implmentation takes an empty
  11278. password as a request for a password prompt. However, I still want to
  11279. support a blank user field. Thus, today if you enter "-u :" (without user
  11280. and password) curl will prompt for the password. Tricky. How would you
  11281. specify you want the prompt otherwise?
  11282. - Made the netrc parse result possible to use for other protocols than FTP and
  11283. HTTP (such as the upcoming TELNET fixes).
  11284. - The previously mentioned "MSVC++ problems" turned out to be a non-issue.
  11285. - Added a HTTP file upload code example in the docs/examples/ section on
  11286. request.
  11287. - Adjusted the FTP response fix slightly.
  11288. Version 7.6.1-pre3
  11289. Daniel (7 February 2001)
  11290. - S. Moonesamy found a flaw in the response reading function for FTP that
  11291. could make libcurl not get out of the loop properly when it should, if
  11292. libcurl got -1 returned when reading the socket.
  11293. - I found a similar mistake in http.c when using a proxy and reading the
  11294. results from the proxy connection.
  11295. Daniel (6 February 2001)
  11296. - S. Moonesamy pointed out that the VC makefile in src/ needed the libpath set
  11297. for the debug build to work.
  11298. - Daniel Gehriger stepped in to assist with the VC++ stuff Robert Weaver
  11299. brought up yesterday.
  11300. Daniel (5 February 2001)
  11301. - Jun-ichiro itojun Hagino brought a big patch that brings IPv6-awareness to
  11302. a bunch of different areas within libcurl.
  11303. - Robert Weaver told me about the problems the MS VC++ 6.0 compiler has with
  11304. the 'static' keyword on a number of libcurl functions. I might need to add a
  11305. patch that redefines static when libcurl is compiled with that compiler.
  11306. How do I know when VC++ compiles, anyone?
  11307. Daniel (4 February 2001)
  11308. - curl_getinfo() was extended with two new options:
  11309. CURLINFO_CONTENT_LENGTH_DOWNLOAD and CURLINFO_CONTENT_LENGTH_UPLOAD. They
  11310. return the full assumed content length of the transfer in the given
  11311. direction. The CURLINFO_CONTENT_LENGTH_DOWNLOAD will be the Content-Length:
  11312. size of a HTTP download. Added descriptions to the man page as well. This
  11313. was done after discussions with Bob Schader.
  11314. Daniel (3 February 2001)
  11315. - Ingo Ralf Blum provided another fix that makes curl build under the more
  11316. recent cygwin installations. It seems they've changed the preset defines to
  11317. not include WIN32 anymore.
  11318. Version 7.6.1-pre2
  11319. Daniel (31 January 2001)
  11320. - Curl_read() and curl_read() now return a ssize_t for the size, as it had to
  11321. be able to return -1. The telnet support crashed due to this and there was a
  11322. possibility to weird behavior all over. Linus Nielsen Feltzing helped me
  11323. find this.
  11324. - Added a configure.in check for a working getaddrinfo() if IPv6 is requested.
  11325. I also made the configure script feature --enable-debug which sets a couple
  11326. of compiler options when used. It assumes gcc.
  11327. Daniel (30 January 2001)
  11328. - I finally took a stab at the long-term FIXME item I've had on myself, and
  11329. now libcurl will properly work when doing a HTTP range-request that follows
  11330. a Location:. Previously that would make libcurl fail saying that the server
  11331. doesn't seem to support range requests.
  11332. Daniel (29 January 2001)
  11333. - I added a test case for the HTTP PUT resume thing (test case 33).
  11334. Version 7.6.1-pre1
  11335. Daniel (29 January 2001)
  11336. - Yet another Content-Range change. Ok now? Bob Schader checks from his end
  11337. and it works for him.
  11338. Daniel (27 January 2001)
  11339. - So the HTTP PUT resume fix wasn't good. There should appearantly be a
  11340. Content-Range header when resuming a PUT.
  11341. - I noticed I broke the download-check that verifies that a resumed HTTP
  11342. download is actually resumed. It got broke because my new 'httpreq' field
  11343. in the main curl struct. I should get slapped. I added a test case for
  11344. this now, so I won't be able to ruin this again without noticing.
  11345. - Added a test case for content-length verifying when downloading HTTP.
  11346. - Made the progress meter title say if the transfer is being transfered. It
  11347. makes the output slightly better for resumes.
  11348. - When dealing with Location: and HTTP return codes, libcurl will not attempt
  11349. to follow the spirit of RFC2616 better. It means that when POSTing to a
  11350. URL that is being following to a second place, the standard will judge on
  11351. what to do. All HTTP codes except 303 and 305 will cause curl to make a
  11352. second POST operation. 303 will make a GET and 305 is not yet supported.
  11353. I also wrote two test cases for this POST/GET/Location stuff.
  11354. Version 7.6
  11355. Daniel (26 January 2001)
  11356. - Lots of mails back and forth with Bob Schader finally made me add a small
  11357. piece of code in the HTTP engine so that HTTP upload resume works. You can
  11358. now do an operation like 'curl -T file -C <offset> <URL>' and curl will PUT
  11359. the ending part of the file starting at given offet to the specified URL.
  11360. Version 7.6-pre4
  11361. Daniel (25 January 2001)
  11362. - I took hold of Rick Jones' question why we don't use recv() and send() for
  11363. reading/writing to the sockets and I've now modified the sread() and
  11364. swrite() macros to use them instead. If nothing else, they could be tested
  11365. in the next beta-round coming right up.
  11366. - Jeff Morrow found a problem with libcurl's usage of SSL_read() and supplied
  11367. his research results in how to fix this. It turns out we have to invoke the
  11368. function several times in some cases. The same goes for the SSL_write().
  11369. I made some rather drastic changes all over libcurl to make all writes and
  11370. reads get done on one single place so that this repeated-attempts thing
  11371. would only have to be implemented at one point.
  11372. - Rick Jones spotted that the 'total time' counter really didn't measure the
  11373. total time very accurate on subsecond levels.
  11374. - Johan Nilsson pointed out the need to more clearly specify that the timeout
  11375. value you set for a download is for the *entire* download. There's currently
  11376. no option available that sets a timeout for the connection phase only.
  11377. Daniel (24 January 2001)
  11378. - Ingo Ralf Blum submitted a series of patches required to get curl to compile
  11379. properly with cygwin.
  11380. - Robert Weaver posted a fix for the win32 section of the curl_getenv() code
  11381. that corrected a potential memory leak.
  11382. - Added comments in a few files in a sudden attempt to make the sources more
  11383. easy to read and understand!
  11384. Daniel (23 January 2001)
  11385. - Added simple IPv6 detection in the configure script and made the version
  11386. string add 'ipv6' to the enable section in that case. ENABLE_IPV6 will be
  11387. set if curl is compiled with IPv6 support enabled.
  11388. - Added a parser for IPv6-style specified IP-addresses in a URL. Thus, when
  11389. IPv6 gets enabled soon, we can use URLs like '[0::1]:80'...
  11390. - Made the URL globbing in the client possible to fail silently if there's an
  11391. error in the globbing. It makes it almost intuitive, so when you don't
  11392. follow the syntax rules, globbing is simply switched off and the raw string
  11393. is used instead.
  11394. I still think we'll get problems with IPv6-style IP-addresses when we *want*
  11395. globbing on parts of the URL as the initial part of the URL will for sure
  11396. seriously confuse the globber.
  11397. Daniel (22 January 2001)
  11398. - Björn Stenberg supplied a progress meter patch that makes it look better even
  11399. during slow starts. Previously it made some silly assumptions...
  11400. - Added two FTP tests for -Q and -Q - stuff since it was being discussed on
  11401. the mailing list. Had to correct the ftpserver.pl too as it bugged slightly.
  11402. Daniel (19 January 2001)
  11403. - Made the Location: parsers deal with any-length URLs. Thus I removed the last
  11404. code that restricts the length of URLs that curl supports.
  11405. - Added a --globoff test case (#28) and it quickly identified a memory problem
  11406. in src/main.c that I took care of.
  11407. Version 7.6-pre3
  11408. Daniel (17 January 2001)
  11409. - Made the two former files lib/download.c and lib/highlevel.c become the new
  11410. lib/transfer.c which makes more sense. I also did the rename from Transfer()
  11411. to Curl_Transfer() in the other source files that use the transfer function
  11412. in the spirit of using Curl_ prefix for library-scoped global symbols.
  11413. Daniel (11 January 2001)
  11414. - Added -g/--globoff that switches OFF the URL globbing and thus enables {}[]
  11415. letters to be part of the URL. Do note that RFC2396 section 2.4.3 explicitly
  11416. mention these letters to be escaped. This was posted as a feature request by
  11417. Jorge Gutierrez and as a bug by Terry.
  11418. - Short options to curl that requires parameters can now be specified without
  11419. having the option and its parameter space separated. -ofile works as good as
  11420. -o file. -m20 is equal to -m 20. Do note that this goes for single-letter
  11421. options only, verbose --long-style options still must be separated with
  11422. space from their parameters.
  11423. Daniel (8 January 2001)
  11424. - Francis Dagenais reported that the SCO compiler still fails when compiling
  11425. curl due to that getpass_r() prototype. I've now put it around #ifndef
  11426. HAVE_GETPASS_R in an attempt to please the SCO systems.
  11427. - Made some minor corrections to get the client to cleanup properly and I made
  11428. the separator work again when getting multiple globbed URLs to stdout.
  11429. - Worked with Loic Dachary to get the make dist and make distcheck work
  11430. correctly. The 'maketgz' script is now using the automake generated 'make
  11431. dist' when creating release archives. Loic successfully made 'make rpms'
  11432. automatically build RPMs!
  11433. Loic Dachary (6 January 2001)
  11434. - Automated generation of rpm packages, no need to be root.
  11435. - make distcheck generates a proper distribution (EXTRA_DIST
  11436. in all Makefile.am modified to match FILES).
  11437. Daniel (5 January 2001)
  11438. - Huge client-side hack: now multiple URLs are supported. Any number of URLs
  11439. can be specified on the command line, and they'll all be downloaded. There
  11440. must be a corresponding -o or -O for each URL or the data will be written to
  11441. stdout. This needs more testing, time to release a 7.6-pre package.
  11442. - The krb4 support was broken in the release. Fixed now.
  11443. - Huge internal symbol rename operation. All non-static but still lib-internal
  11444. symbols should now be prefixed with 'Curl_' to prevent collisions with other
  11445. libs. All public symbols should be prefixed with 'curl_' and the rest should
  11446. be static and thus invisible to the outside world. I updated the INTERNALS
  11447. document to say this as well.
  11448. Version 7.5.2
  11449. Daniel (4 January 2001)
  11450. - As Kevin P Roth suggested, I've added text to the man page for every command
  11451. line option and what happens when you specify that option more than
  11452. once. That hasn't been exactly crystal clear before.
  11453. - Made the configure script possible to run from outside the source-tree. For
  11454. odd reasons I can't build curl properly outside though. It has to do with
  11455. curl's dependencies on libcurl...
  11456. - Cut off all older (dated 1999 and earlier) CHANGES entries from this file.
  11457. The older piece is named CHANGES.0 and is added to the CVS repository in
  11458. case anyone would need it.
  11459. - I added another file 'CVS-INFO' to the CVS. It contains information about
  11460. files in the CVS that aren't included in release archives and how to build
  11461. curl when you get the sources off CVS.
  11462. - Updated CONTRIBUTE and FAQ due to the new license.
  11463. Daniel (3 January 2001)
  11464. - Renamed README.libcurl to LIBCURL
  11465. - Changed headers in all sources files to the new dual license concept of
  11466. curl: use the MIT/X derivate license *or* MPL. The LEGAL file was updated
  11467. accordingly and the MPL 1.1 and MIT/X derivate licenses are now part of the
  11468. release archive.
  11469. Daniel (30 December 2000)
  11470. - Made all FTP commands get sent with the trailing CRLF in one single write()
  11471. as splitting them up seems to confuse at least some firewalls (FW-1 being
  11472. one major).
  11473. Daniel (19 December 2000)
  11474. - Added file desrciptor and FILE handle leak detection to the memdebug system
  11475. and thus I found and removed a file descriptor leakage in the ftp parts
  11476. that happened when you did PORTed downloads.
  11477. - Added an include <stdio.h> in <curl/curl.h> since it uses FILE *.
  11478. Daniel (12 December 2000)
  11479. - Multiple URL downloads with -O was still bugging. Not anymore I think or
  11480. hope, or at least I've tried... :-O
  11481. - Francois Petitjean fixed another -O problem
  11482. Version 7.5.1
  11483. Daniel (11 December 2000)
  11484. - Cleaned up a few of the makefiles to use unix-style newlines only. As Kevin
  11485. P Roth found out, at least one CVS client behaved wrongly when it found
  11486. different newline conventions within the same file.
  11487. - Albert Chin-A-Young corrected the LDFLAGS use in the configure script for
  11488. the SSL stuff.
  11489. Daniel (6 December 2000)
  11490. - Massimo Squillace correctly described how libcurl could use session ids when
  11491. doing SSL connections.
  11492. - James Griffiths found out that curl would crash if the file you specify with
  11493. -o is shorter than the URL! This took some hours to fully hunt down, but it
  11494. is fixed now.
  11495. Daniel (5 December 2000)
  11496. - Jaepil Kim sent us makefiles that build curl using the free windows borland
  11497. compiler. The root makefile now accepts 'make borland' to build curl with
  11498. that compiler.
  11499. - Stefan Radman pointed out that the test makefiles didn't use the PERL
  11500. variable that the configure scripts figure out. Actually, you still need
  11501. perl in the path for the test suite to run ok.
  11502. - Rich Gray found numerous portability problems:
  11503. * The SCO compiler got an error on the getpass_r() prototype in getpass.h
  11504. since the curl one differed from the SCO one
  11505. * The HPUX compiler got an error because of how curl did the sigaction
  11506. stuff and used a define HPUX doesn't have (or need).
  11507. * A few more problems remain to be researched.
  11508. - Paul Harrington experienced a core dump using https. Not much details yet.
  11509. Daniel (4 December 2000)
  11510. - Jörn Hartroth fixed a problem with multiple URLs and -o/-O.
  11511. Version 7.5
  11512. Daniel (1 December 2000)
  11513. - Craig Davison gave us his updates on the VC++ makefiles, so now curl should
  11514. build fine with the Microsoft compiler on windows too.
  11515. - Fixed the libcurl versioning so that we don't ruin old programs when
  11516. releasing new shared library interfaces.
  11517. Daniel (30 November 2000)
  11518. - Renamed docs/README.curl to docs/MANUAL to better reflect what the document
  11519. actually contains.
  11520. Daniel (29 November 2000)
  11521. - I removed a bunch of '#if 0' sections from the code. They only make things
  11522. harder to follow. After all, we do have all older versions in the CVS.
  11523. Version 7.5-pre5
  11524. Daniel (28 November 2000)
  11525. - I filled in more error codes in the man page error code list that had been
  11526. lagging.
  11527. - James Griffiths mailed me a fine patch that introduces the CURLOPT_MAXREDIRS
  11528. libcurl option. When used, it'll prevent location following more than the
  11529. set number of times. It is useful to break out of endless redirect-loops.
  11530. Daniel (27 November 2000)
  11531. - Added two test cases for file://.
  11532. Daniel (22 November 2000)
  11533. - Added the libcurl CURLOPT_FILETIME setopt, when set it tries to get the
  11534. modified time of the remote document. This is a special option since it
  11535. involves an extra set of commands on FTP servers. (Using the MDTM command
  11536. which is not in the RFC959)
  11537. curl_easy_getinfo() got a corresponding CURLINFO_FILETIME to get the time
  11538. after a transfer. It'll return a zero if CURLOPT_FILETIME wasn't used or if
  11539. the time wasn't possible to get.
  11540. --head/-I used on a FTP server will now present a 'Last-Modified:' header
  11541. if curl could get the time of the specified file.
  11542. - Added the option '--cacert [file]' to curl, which allows a specified PEM
  11543. file to be used to verify the peer's certificate when doing HTTPS
  11544. connections. This has been requested, rather recently by Hulka Bohuslav but
  11545. others have asked for it before as well.
  11546. Daniel (21 November 2000)
  11547. - Numerous fixes the test suite has brought into the daylight:
  11548. * curl_unescape() could return a too long string
  11549. * on ftp transfer failures, there could be memory leaks
  11550. * ftp CWD could use bad directory names
  11551. * memdebug now uses the mprintf() routines for better portability
  11552. * free(NULL) removed when doing resumed transfers
  11553. - Added a bunch of test cases for FTP.
  11554. - General cleanups to make less warnings with gcc -Wall -pedantic.
  11555. - I made the tests/ftpserver.pl work with the most commonly used ftp
  11556. operations. PORT, PASV, RETR, STOR, LIST, SIZE, USER, PASS all work now. Now
  11557. all I have to do is integrate the ftp server doings in the runtests.pl
  11558. script so that ftp tests can be run the same way http tests already run.
  11559. Daniel (20 November 2000)
  11560. - Made libcurl capable of dealing with any-length URLs. The former limit of
  11561. 4096 bytes was a bit annoying when people wanted to use curl to really make
  11562. life tough on a web server. Now, the command line limit is the most annoying
  11563. but that can be circumvented by using a config file.
  11564. NOTE: there is still a 4096-byte limit on URLs extracted from Location:
  11565. headers.
  11566. - Corrected the spelling of 'resolve' in two error messages.
  11567. - Alexander Kourakos posted a bug report and a patch that corrected it! It
  11568. turned out that lynx and wget support lowercase environment variable names
  11569. where curl only looked for the uppercase versions. Now curl will use the
  11570. lowercase versions if they exist, but if they don't, it'll use the uppercase
  11571. versions.
  11572. Daniel (17 November 2000)
  11573. - curl_formfree() was added. How come no one missed that one before? I ran the
  11574. test suite with the malloc debug enabled and got lots of "nice" warnings on
  11575. memory leaks. The most serious one was this. There were also leaks in the
  11576. cookie handling, and a few errors when curl failed to connect and similar
  11577. things. More tests cases were added to cover up and to verify that these
  11578. problems have been removed.
  11579. - Mucho updated config file parser (I'm dead tired of all the bug reports and
  11580. weird behaviour I get on the former one). It works slightly differently now,
  11581. although I doubt many people will notice the differences. The main
  11582. difference being that if you use options that require parameters, they must
  11583. both be specified on the same line. With this new parser, you can also
  11584. specify long options without '--' and you may separate options and
  11585. parameters with : or =. It makes a config file line could look like:
  11586. user-agent = "foobar and something"
  11587. Parameters within quotes may contain spaces. Without quotes, they're
  11588. expected to be a single non-space word.
  11589. Had to patch the command line argument parser a little to make this work.
  11590. - Added --url as an option to allow the URL to be specified this way. It makes
  11591. way nicer config files. The previous way of specifying URLs in the config
  11592. file doesn't work anymore.
  11593. Daniel (15 November 2000)
  11594. - Using certain characters in usernames or passwords for HTTP authentication
  11595. failed. This was due to the mprintf() that had a silly check for letters,
  11596. and if they weren't isprint() they weren't outputed "as-is". This caused
  11597. passwords and usernames using '§' (for example) to fail.
  11598. Version 7.4.2
  11599. Daniel (15 November 2000)
  11600. - 'tests/runtests.pl' now sorts the test cases properly when 'all' is used.
  11601. Daniel (14 November 2000)
  11602. - I fell over the draft-ietf-ftpext-mlst-12.txt Internet Draft titled
  11603. "Extensions to FTP" that contains a defined way how the ftp command SIZE
  11604. could be assumed to work.
  11605. - Laurent Papier posted a bug report about using "-C -" and FTP uploading a
  11606. file that isn't prsent on the server. The server might then return a 550 and
  11607. curl will fail. Should it instead as Laurent Papier suggests, start
  11608. uploading from the beginning as a normal upload?
  11609. Daniel (13 November 2000)
  11610. - Fixed a crash with the followlocation counter.
  11611. - While writing test cases for the test suite, I discovered an old limitation
  11612. that prevented -o and -T to be used at the same time. I removed this
  11613. immediately as this has no relevance in the current libcurl.
  11614. - Chris Faherty fixed a free-twice problem in lib/file.c
  11615. - I fixed the perl http server problem in the test suite.
  11616. Version 7.4.2 pre4
  11617. Daniel (10 November 2000)
  11618. - I've (finally) started working on the curl test suite. It is in the new
  11619. tests/ directory. It requires sh and perl. There's a TCP server in perl and
  11620. most of the other stuff running a pretty simple shell script.
  11621. I've only made four test cases so far, but it proves the system can work.
  11622. - Laurent Papier noticed that curl didn't set TYPE when doing --head checks
  11623. for sizes on FTP servers. Some servers seem to return different sizes
  11624. depending on whether ASCII or BINARY is used!
  11625. - Laurent Papier detected that if you appended a FTP upload and everything was
  11626. already uploaded, curl would hang.
  11627. - Angus Mackay's getpass_r() in lib/getpass.c is now compliant with the
  11628. getpass_r() function it seems some systems actually have.
  11629. - Venkataramana Mokkapati detected a bug in the cookie parser and corrected
  11630. it. If the cookie was set for the full host name (domain=full.host.com),
  11631. the cookie was never sent back because of a faulty length comparison between
  11632. the set domain length and the current host name.
  11633. Daniel (9 November 2000)
  11634. - Added a configure check for gethostbyname in -lsocket (OS/2 seems to need
  11635. it). Added a check for RSAglue/rsaref for the cases where libcrypto is found
  11636. but libssl isn't. I haven't verified this fix yet though, as I have no
  11637. system that requires those libs to build.
  11638. Version 7.4.2 pre3
  11639. Daniel (7 November 2000)
  11640. - Removed perror() outputs from getpass.c. Angus Mackay also agreed to a
  11641. slightly modified license of the getpass.c file as the prototype was changed.
  11642. Daniel (6 November 2000)
  11643. - Added possibility to set a password callback to use instead of the built-in.
  11644. They're controled with curl_easy_setopt() of course, the tags are
  11645. CURLOPT_PASSWDFUNCTION and CURLOPT_PASSWDDATA.
  11646. - Used T. Bharath's thinking and fixed the timers that showed terribly wrong
  11647. times when location: headers were followed.
  11648. - Emmanuel Tychon discovered that curl didn't really like user names only in
  11649. the URL. I corrected this and I also fixed the since long living problem
  11650. with URL encoded user names and passwords in the URLs. They should work now.
  11651. Daniel (2 November 2000)
  11652. - When I added --interface, the new error code that was added with it was
  11653. inserted in the wrong place and thus all error codes from 35 and upwards got
  11654. increased one step. This is now corrected, we're back at the previous
  11655. numbers. All new exit codes should be added at the end.
  11656. Daniel (1 November 2000)
  11657. - Added a check for signal() in the configure script so that if sigaction()
  11658. isn't present, we can use signal() instead.
  11659. - I'm having a license discussion going on privately. The issue is yet again
  11660. GPL-licensed programs that have problems with MPL. I am leaning towards
  11661. making a kind of dual-license that will solve this once and for all...
  11662. Daniel (31 October 2000)
  11663. - Added the packages/ directory. I intend to let this contain some docs and
  11664. templates on how to generate custom-format packages for various platforms.
  11665. I've now removed the RPM related curl.spec files from the archive root.
  11666. Daniel (30 October 2000)
  11667. - T. Bharath brought a set of patches that bring new functionality to
  11668. curl_easy_getinfo() and curl_easy_setopt(). Now you can request peer
  11669. certificate verification with the *setopt() CURLOPT_SSL_VERIFYPEER option
  11670. and then use the CURLOPT_CAINFO to set the certificate to verify the remote
  11671. peer against. After an such an operation with a verification request, the
  11672. *_getinfo() option CURLINFO_SSL_VERIFYRESULT will return information about
  11673. whether the verification succeeded or not.
  11674. Daniel (27 October 2000)
  11675. - Georg Horn brought us a splendid patch that solves the long-standing
  11676. annoying problem with timeouts that made curl exit with silly exit codes
  11677. (which as been commented out lately). This solution is sigaction() based and
  11678. of course then only works for unixes (and only those unixes that actually
  11679. have the sigaction() function).
  11680. Daniel (26 October 2000)
  11681. - Björn Stenberg supplied a patch that fixed the flaw mentioned by Kevin Roth
  11682. that made the password get echoed when prompted for interactively. The
  11683. getpass() function (now known as my_getpass()) was also fixed to not use any
  11684. static buffers. This also means we cannot use the "standard" getpass()
  11685. function even for those systems that have it, since it isn't thread-safe.
  11686. - Kevin Roth found out that if you'd write a config file with '-v url', the
  11687. url would not be used as "default URL" as documented, although if you wrote
  11688. it 'url -v' it worked! This has been corrected now.
  11689. - Kevin Roth's idea of using multiple -d options on the same command line was
  11690. just brilliant, and I couldn't really think of any reason why we shouldn't
  11691. support it! The append function always append '&' and then the new -d
  11692. chunk. This enables constructs like the following:
  11693. curl -d name=daniel -d age=unknown foobarsite.com
  11694. Daniel (24 October 2000)
  11695. - I fixed the lib/memdebug.c source so that it compiles on Linux and other
  11696. systems. It will be useful one day when someone else but me wants to run the
  11697. memory debugging system.
  11698. Daniel (23 October 2000)
  11699. - I modified the maketgz and configure scripts, so that the configure script
  11700. will fetch the version number from the include/curl/curl.h header files, and
  11701. then the maketgz doesn't have to rebuild the configure script when I build
  11702. release-archives.
  11703. - Björn Stenberg and Linus Nielsen correctly pointed out that curl was silly
  11704. enough to not allow @-letters in passwords when they were specified with the
  11705. -u or -U flags (CURLOPT_USERPWD and CURLOPT_PROXYUSERPWD). This also
  11706. suggests that curl probably should url-decode the password piece of an URL
  11707. so that you could pass an encoded @-letter there...
  11708. Daniel (20 October 2000)
  11709. - Yet another http server barfed on curl's request that include the port
  11710. number in the Host: header always. I now only include the port number if it
  11711. isn't the default (80 for HTTP, 443 for HTTPS). www.perl.com turned out to
  11712. run one of those nasty servers.
  11713. - The PHP4 module for curl had problems with referer that seems to have been
  11714. corrected just yesterday. (Sterling Hughes of the PHP team confirmed this)
  11715. Daniel (17 October 2000)
  11716. - Vladimir Oblomov reported that the -Y and -y options didn't work. They
  11717. didn't work for me either. This once again proves we should have that test
  11718. suite...
  11719. - I finally changed the error message libcurl returns if you try a https://
  11720. URL when the library wasn't build with SSL enabled. It will now return this
  11721. error:
  11722. "libcurl was built with SSL disabled, https: not supported!"
  11723. I really hope it will make it a bit clearer to users where the actual
  11724. problem lies.
  11725. Version 7.4.1
  11726. Daniel (16 October 2000)
  11727. - I forgot to remove some of the malloc debug defines from the makefiles in
  11728. the release archive (of course).
  11729. Version 7.4
  11730. Daniel (16 October 2000)
  11731. - The buffer overflow mentioned below was posted to bugtraq on Friday 13th.
  11732. Daniel (12 October 2000)
  11733. - Colin Robert Phipps elegantly corrected a buffer overflow. It could be used
  11734. by an evil ftp server to crash curl. I took the opportunity of replacing a
  11735. few other sprintf()s into snprintf()s as well.
  11736. Daniel (11 October 2000)
  11737. - Found some more memory leaks. This new simple memory debugger has turned out
  11738. really useful!
  11739. Version 7.4 pre6
  11740. Daniel (9 October 2000)
  11741. - Florian Koenig pointed out that the bool typedef in the curl/curl.h include
  11742. file was breaking PHP 4.0.3 compiling. The bool typedef is not used in the
  11743. public interface and was wrongly inserted in that header file.
  11744. - Jörg Hartroth corrected a minor memory leak in the src/urlglob.c stuff. It
  11745. didn't harm anyone since the memory is free()ed on exit anyway.
  11746. - Corrected the src/main.c. We use the _MPRINTF_REPLACE #define to use our
  11747. libcurl-printf() functions. This gives us snprintf() et al on all
  11748. platforms. I converted the allocated useragent string to one that uses a
  11749. local buffer.
  11750. - I've set an #if 0 section around the Content-Transfer-Encoding header
  11751. generated in lib/formdata.c. This will hopefully make curl do more
  11752. PHP-friendly multi-part posts.
  11753. Version 7.4 pre5
  11754. Daniel (9 October 2000)
  11755. - Nico Baggus found out that curl's ability to force a ASCII download when
  11756. using FTP was no longer working! I corrected this. This problem was probably
  11757. introduced when I redesigned libcurl for version 7.
  11758. - Georg Horn provided a source example that proved a memory leak in libcurl.
  11759. I added simple memory debugging facilities and now we can make libcurl log
  11760. all memory fiddling functions. An additional perl script is used to analyze
  11761. the output logfile and to match malloc()s with free()s etc. The memory leak
  11762. Georg found turned out to be the main cookie struct that cookie_cleanup()
  11763. didn't free! The perl script is named memanalyze.pl and it is available in
  11764. the CVS respository, not in the release archive.
  11765. Daniel (8 October 2000)
  11766. - Georg Horn found a GetHost() problem. It turned out it never assigned the
  11767. pointer in the third argument properly! This could make a crash, or at best
  11768. a memory leak!
  11769. Version 7.4 pre4
  11770. Daniel (6 October 2000)
  11771. - Is the -F post following the RFC 1867 spec? We had this dicussion on the
  11772. mailing list since it appears curl can't post -F form posts to a PHP
  11773. receiver... I've been in touch with the PHP developers about this.
  11774. - Domenico Andreoli found out that the long option '--proxy' wasn't working
  11775. anymore! The option parser got confused when I added the --proxytunnel for
  11776. 7.3. This was indeed a very old flaw that hasn't turned up until now...
  11777. - Jörn Hartroth provided patches, updated makefiles and two new files for DLL
  11778. stuff on win32. He also pointed out that lib source files were compiled with
  11779. -I../src which isn't only wrong but plain stupid!
  11780. - Troels Walsted Hansen fixed a problem with HTTP resume. Curl previously used
  11781. a local variable badly, that could lead to crashes.
  11782. Version 7.4 pre3
  11783. Daniel (4 October 2000)
  11784. - More docs written. The curl_easy_getinfo.3 man page is now pretty accurate,
  11785. as is the -w section in curl.1. I added two options to enable the user to
  11786. get information about the received headers' size and the size of the HTTP
  11787. request. T. Bharath requested them.
  11788. Daniel (3 October 2000)
  11789. - Corrected a sever free() before use in the new add_buffer_send()! ;-)
  11790. Version 7.4 pre2
  11791. Daniel (3 October 2000)
  11792. - Jason S. Priebe sent me patches that changed the way curl issues HTTP
  11793. requests. The entire request is now issued in one single shot. It didn't do
  11794. this previously, and it has turned out that since the common browsers do it
  11795. this way, some sites have turned out to work with browsers but not with
  11796. curl! Although this is not a client-side problem, we want to be able to
  11797. fully emulate browsers, and thus we have now adjusted the networking layer
  11798. to slightly more appear as a browser. I adjusted Jason's patch, the faults
  11799. are probably mine.
  11800. Daniel (2 October 2000)
  11801. - Anyone who ever uploaded data with curl on a slow link has noticed that the
  11802. progess meter is updated very infrequently. That is due to the large buffer
  11803. size curl is using. It reads 50Kb and sends it, updates the progress meter
  11804. and loops. 50Kb is very much on a slow link, although it is pretty neat to
  11805. use on a fast one.
  11806. I've now made an adjustment that makes curl use a 2Kb buffer for uploads to
  11807. start with. If curl's average upload speed is faster than buffer size bytes
  11808. per second, curl will increase the used buffer size up to max 50Kb. It
  11809. should make the progress meter work better.
  11810. Version 7.4 pre1
  11811. Daniel (29 September 2000)
  11812. - Ripped out the -w stuff from the library and put in the curl tool. It gets
  11813. all the relevant info from the library using the new curl_easy_getinfo()
  11814. function.
  11815. - brad at openbsd.org mailed me a patch that corrected my kerberos mistake and
  11816. removed a compiler warning from hostip.c that OpenBSD people get.
  11817. Daniel (28 September 2000)
  11818. - Of course (I should probably get punished somehow) I didn't properly correct
  11819. the #include lines for the base64 stuff in the kerberos sources in the just
  11820. released 7.3 package. They still include the *_krb.h files! Now, the error
  11821. is sooo very easy to spot and fix so I won't bother with a quick bug fix
  11822. release. I'll post a patch whenever one is needed instead. It'll be
  11823. available in the CVS in a few minutes anyway.
  11824. Version 7.3
  11825. Daniel (28 September 2000)
  11826. - Removed the base64_krb.[ch] files. They've now replaced the former
  11827. base64.[ch] files.
  11828. Daniel (26 September 2000)
  11829. - Updated some docs.
  11830. - I changed the OpenSSL fix to work with older versions as well. The posted
  11831. patch was only working with 0.9.6 and no older ones.
  11832. Version 7.3-pre8
  11833. Daniel (25 September 2000)
  11834. - Erdmut Pfeifer informed us that curl didn't build with OpenSSL 0.9.6 and
  11835. showed us what needed to get patched in order to make it build properly
  11836. again.
  11837. - Dirk Kruschewski found a bug in the cookie parser. I made an alternative
  11838. approach to the solution Dirk himself suggested. The bug made a cookie
  11839. header that didn't end with a trailing semicolon to not get parsed.
  11840. - I've marked -c and -t deprecated now. If you use any of them, curl will tell
  11841. you to use "-C -" or "-T -" instead. I don't think occupying two letters for
  11842. nearly identical functions is good use. Also, -T - kind of follows the curl
  11843. tradition of using - for stdin where a file name is expected.
  11844. Daniel (23 September 2000)
  11845. - Martin Hedenfalk provided the patch that finally made the krb4 ftp upload
  11846. work!
  11847. Daniel (21 September 2000)
  11848. - The kerberos code is not quite thread-safe yet. There are a few more globals
  11849. that need to be take care of. Let's get the upload working first!
  11850. Daniel (20 September 2000)
  11851. - Richard Prescott solved another name lookup buffer size problem. I took this
  11852. opportunity to rewrite the GetHost() function. With these large buffer
  11853. sizes, I think keeping them as local arrays quickly turn ugly. I now use
  11854. malloc() to get the buffer memory. Thanks to this, I now can realloc() to a
  11855. large buffer in case of demand (errno == ERANGE) in case a solution like
  11856. that would become necessary. I still want to avoid that kind of nastiness.
  11857. - Tried to compile and run curl on Linux for alpha and FreeBSD for alpha. Went
  11858. as smooth as it could.
  11859. - Added a docs/examples directory with two tiny example sources that show how
  11860. to use libcurl. I hope users will supply me with more useful examples
  11861. further on.
  11862. - Applied a patch by Jörn Hartroth to no longer use the word 'inteface' in the
  11863. config struct in the src/main.c file since certain compilers have that word
  11864. "reservered". I figure that is some kind of C++ decease.
  11865. - Updated the curl.1 man page with --interface and --krb4.
  11866. - Modified the base64Encode() function to work like the kerberos one, so that
  11867. I could remove the use of that. There is no need for *two* base64 encoding
  11868. functions! ;-)
  11869. Version 7.3pre5
  11870. Daniel (19 September 2000)
  11871. - The kerberos4-layer source code that is much "influenced" by the original
  11872. krb4 source code, through yafc into curl, was using quite a lot of global
  11873. variables. libcurl can't work properly with globals like that why I had to
  11874. clean up almost every function in the new security.c to make them use
  11875. connection specific variables instead of the globals. I just hope I didn't
  11876. destroy anything now... :-) configure updated, version string now reflects
  11877. krb4 built-in. It almost works now. Only uploads are still being naughty.
  11878. Version 7.3pre3
  11879. Daniel (18 September 2000)
  11880. - Martin Hedenfalk supplied a major patch that introduces krb4-ftp support to
  11881. curl. Martin is the primary author of the ftp client named yafc and he did
  11882. not hesitate to help us implement this when I asked him. Many and sincere
  11883. thanks to a splendid effort. It didn't even take many hours!
  11884. - Stephen Kick supplied a big patch that introduces the --interface flag to
  11885. the curl tool and CURLOPT_INTERFACE for libcurl. It allows you to specify an
  11886. outgoing interface to use for your request. This may not work on all
  11887. platforms. This needs testing.
  11888. - Richard Prescott noticed that curl on Tru64 unix could core dumped if the
  11889. name didn't resolve properly. This was due to the GetHost() function not
  11890. returning an error even though it failed on some platforms!
  11891. Daniel (15 September 2000)
  11892. - Updated all sorts of documents in regards to the new proxytunnel support.
  11893. Version 7.3pre2
  11894. Daniel (15 September 2000)
  11895. - Kai-Uwe Rommel pointed out a problem in the httpproxytunnel stuff for ftp.
  11896. Adjusted it. Added better info message when setting up the tunnel and the
  11897. pasv message when doing the second connect.
  11898. Version 7.3pre1
  11899. Daniel (15 September 2000)
  11900. - libcurl now allows "httpproxytunnel" to an arbitrary host and port name. The
  11901. second connection on ftp needed that.
  11902. - TheArtOfHTTPScripting was corrected all over. I both type and spell really
  11903. bad at times!
  11904. Daniel (14 September 2000)
  11905. - -p/--proxytunnel was added to 'curl'. It uses the new
  11906. CURLOPT_HTTPPROXYTUNNEL libcurl option that allows "any" protocol to tunnel
  11907. through the specified http proxy. At the moment, this should work with ftp.
  11908. Daniel (13 September 2000)
  11909. - Jochen Schaeuble found that file:// didn't work as expected. Corrected this
  11910. and mailed the patch to the mailing list.
  11911. Daniel (7 September 2000)
  11912. - I changed the #define T() in curl.h since it turned out it wasn't really
  11913. a good symbol to use (when you compiled PHP with curl as a module, that
  11914. define collided with some IMAP define or something). This was posted to the
  11915. PHP bug tracker.
  11916. - I added extern "C" stuff in two header files to better allow libcurl usage
  11917. in C++ sorces. Discussions on the libcurl list with Danny Horswell lead to
  11918. this.
  11919. Version 7.2.1
  11920. Daniel (31 August 2000)
  11921. - Albert Chin-A-Young fixed the configure script *again* and now it seems to
  11922. detect Linux name resolving properly! (heard that before?)
  11923. - Troels Walsted Hansen pointed out that downloading a file containing the
  11924. letter '+' from an ftp server didn't work. It did work from HTTP though and
  11925. the reason was my lame URL decoder.
  11926. - I happened to notice that -I didn't at all work on ftp anymore. I corrected
  11927. that.
  11928. Version 7.2
  11929. Daniel (30 August 2000)
  11930. - Understanding AIX is a hard task. I believe I'll never figure out why they
  11931. solve things so differently from the other unixes. Now, I'm left with the
  11932. AIX 4.3 run-time warnings about duplicate symbols that according to this
  11933. article (http://www.geocrawler.com/archives/3/405/1999/9/0/2593428/) is a
  11934. libtool flaw. I tried the mentioned patch, although that stops the linking
  11935. completely.
  11936. So, if I select to ignore the ld warnings there are compiler warnings that
  11937. fill the screen pretty bad when curl compiles. It turns out that if I want
  11938. to '#include <arpa/inet.h>', I can get tid of the warnings by include the
  11939. following three include files before that one:
  11940. #include <net/if_dl.h>
  11941. #include <sys/mbuf.h>
  11942. #include <netinet/if_ether.h>
  11943. Now, is it really sane to add those include files before arpa/inet.h in all
  11944. the source files that include it?
  11945. Thanks to Albert Chin-A-Young at thewrittenword.com who gave me the AIX
  11946. login to try everything on.
  11947. Daniel (24 August 2000)
  11948. - Jan Schmidt supplied us a new VC6 makefile for Windows as the previous one
  11949. was not up to date but lacked several object files.
  11950. - More work on the naming.
  11951. - Albert Chin-A-Young provided a configure-check for large file support, as
  11952. some systems seem to need that for them to work. Had to change the position
  11953. for the config.h include file in every .c file in the libcurl dir...
  11954. - As suggested on the mailing list (by Troy Engel), I did use a --data-binary
  11955. option instead of the messy way I've left described below. It seems to
  11956. work. The libcurl fix remained the same as yesterday.
  11957. Daniel (23 August 2000)
  11958. - Back on the -d stripping newlines thing. The 'plain post' thing was added
  11959. when I had no thought of that one could actually post binary data with
  11960. it. Now, I have to add this functionality in a graceful manner and I think
  11961. I've managed to come up with a way: '-d @file;binary' will thus post the
  11962. file binary, exactly as its contents are. It is implemented with a new
  11963. *setopt() option (CURLOPT_POSTFIELDSIZE) to set the postfield size, since
  11964. libcurl can't strlen() the data in these cases.
  11965. - Albert Chin-A-Young made some very serious efforts and all the name
  11966. resolving problems seem to have been sorted out now on all the platforms
  11967. that previously showed them. I'll make another release now anyday because of
  11968. this.
  11969. - The FAQ was much enhanced when it comes to the licensing issues thanks to
  11970. Bjorn Reese.
  11971. Daniel (21 August 2000)
  11972. - Rick Welykochy pointed out a problem when you use -d to post and you want to
  11973. keep the newlines, as curl strips them off as a bonus before posting...
  11974. This needs to be addressed.
  11975. Version 7.1.1
  11976. Daniel (21 August 2000)
  11977. - Got more people involved in the gethostbyname_r() mess. Caolan McNamara sent
  11978. me configure-code that turned out to be very similar to my existing tests
  11979. which only make me more sure I'm on the right path. I changed the order of
  11980. the tests slightly, as it seems that some compilers don't yell error if a
  11981. function is used with too many parameters. Thus, the first tested function
  11982. will seem ok... Let's hope more compilers think of too-few parameters as bad
  11983. manners, as we're now trying the functions in that order; fewer first. I
  11984. should also add that Lars Hecking mailed me and volunteered to run tests on
  11985. a few odd systems. Coalan is keeping his work over at
  11986. http://www.csn.ul.ie/~caolan/publink/gethostbyname_r/. Might be handy in the
  11987. future as well.
  11988. Daniel (18 August 2000)
  11989. - I noticed I hadn't increased the name lookup buffer in lib/ftp.c. I don't
  11990. think this is the reason for the continued trouble though.
  11991. Daniel (17 August 2000)
  11992. - Fred Noz corrected my stupid mistakes in the gethostbyname_r() fluff. It
  11993. should affect some AIX, Digital Unix and HPUX 10 systems.
  11994. Daniel (15 August 2000)
  11995. - Mathieu Legare compiled and build 7.1 without errors on both AIX 4.2 as well
  11996. as AIX 4.3. Now why did problems occur before?
  11997. - Fred Noz reported a -w/--write-out bug that caused it to malfunction when
  11998. used combined with multiple URL retrievales. All but the first display got
  11999. screwed up!
  12000. Daniel (11 August 2000)
  12001. - Jason Priebe and an anonymous friend found some host names the Linux version
  12002. of curl could not resolve. It turned out the buffer used to retrieve that
  12003. information was too small. Fixed. One could argue about the usefulness of
  12004. not having the slightest trace of a man page for gethostbyname_r() on my
  12005. Linux Redhat installation...
  12006. Daniel (10 August 2000)
  12007. - Balaji S Rao was first in line to note the missing possibility to replace
  12008. the Content-Type: and Content-Length: headers when doing -d posts. I added
  12009. the possibility just now. It seems some people wants to do standard posts
  12010. using custom Content-Types.
  12011. Daniel (8 August 2000)
  12012. - Mike Dowell correctly discovered that curl did not approve of URLs with no
  12013. user name but password. As in 'http://:foo@haxx.se'. I corrected this.
  12014. Version 7.1
  12015. Daniel (7 August 2000)
  12016. - My AIX 4 fix does not work. I need help from a AIX 4 hacker.
  12017. - I added my new document in the docs directory. It is aimed to become a sort
  12018. of tutorial on how to do HTTP scripting with curl.
  12019. Daniel (4 August 2000)
  12020. - Working with Rich Gray on compiling curl for lots of different platforms.
  12021. My fix for AIX 3.2 was not good enough and was slightly changed, I had to
  12022. move an include file before another, as is now described in the source.
  12023. AIX 4.2 (4.X?) has different gethostbyname_r() and gethostbyaddr_r()
  12024. functions that the configure script didn't check for and thus the compile
  12025. broke with an error. I have now changed the gethostbyname_r() check in the
  12026. configure file to support all three versions of both these functions. My
  12027. implementation that uses the AIX-style is though not yet verified and I may
  12028. get problems to fix it if it turns out to bug since I don't have access to
  12029. any system using that.
  12030. For problems like that, I made the configure script allow --disable-thread
  12031. to completely switch off the check for threadsafe versions of a few
  12032. functions and thus go with the "good old versions" that tend to work
  12033. although will break thread-safeness for libcurl. Most people won't use
  12034. libcurl for other things than curl though, and curl doesn't need a
  12035. thread-safe lib.
  12036. - Working on my big tutorial about HTTP scripting with curl.
  12037. Daniel (1 August 2000)
  12038. - Rich Gray spotted a problem in src/setup.h caused by a #define strequal()
  12039. that was just a left-over from passed times. The strequal() is now a true
  12040. function supplied by libcurl for a portable case insensitive string
  12041. comparison. I added the prototypes in include/curl.h and removed the
  12042. now obsolete #define.
  12043. - Igor Khristophorov made a fix to allow resumed download from Sun's
  12044. JavaWebServer/1.1.1. It seems that their server sends bad Content-Range
  12045. headers.
  12046. - The makefiles forced a static library build, which is bad since we now use
  12047. libtool and thus have excellent shared library support! Albert Chin-A-Young
  12048. found out.
  12049. Version 7.0.11beta
  12050. Daniel (1 August 2000)
  12051. - Albert Chin-A-Young pointed out that 'make install' did not properly create
  12052. the header include directory, why it failed to install the header files as
  12053. it should. Automake isn't really equipped to deal with subdirectories
  12054. without Makefiles in any nice way. I had to run ahead and add Makefiles in
  12055. both include and include/curl before I managed to create a top-level
  12056. makefile that succeeds in install everything properly!
  12057. - Ok, no more "features" added now. Let's just verify that there's no major
  12058. flaws added now.
  12059. Daniel (31 July 2000)
  12060. - Both Jeff Schasny and Ketil Froyn asked me how to tell curl not to send one
  12061. of those internally generated headers. They didn't settle with the blank
  12062. ones you could tell curl to use. I rewrote the header-replace stuff a
  12063. little. Now, if you replace an internal header with your own and that new
  12064. one is a blank header you will only remove the internal one and not get any
  12065. blank. I couldn't figure out any case when you want that blank header.
  12066. Daniel (29 July 2000)
  12067. - It struck me that the lib used localtime() which is not thread-safe, so now
  12068. I use localtime_r() in the systems that has it.
  12069. - I went through this entire document and removed all email addresses and left
  12070. names only. I've really made an effort to always note who brought be bug
  12071. reports or fixes, but more and more people ask me to remove the email
  12072. addresses since they become victims for spams this way. Gordon Beaton got me
  12073. working on this.
  12074. Daniel (27 July 2000)
  12075. - Jörn Hartroth found out that when you specified a HTTP proxy in an
  12076. environment variable and used -L, curl failed in the second fetch. I
  12077. corrected this problem and posted a patch to the list. No need for an extra
  12078. beta release just for this.
  12079. Version 7.0.10beta
  12080. Daniel (27 July 2000)
  12081. - So, libtool replaced two of my files with symbolic links and I forgot to add
  12082. the two new libtool files to the release archive (and they were added as
  12083. symlinks as well!) This of course lead to that the configure script failed
  12084. on 7.0.9...
  12085. Version 7.0.9beta
  12086. Daniel (25 July 2000)
  12087. - Kristian Köhntopp <kris at koehntopp.de> brought a fix that makes libcurl
  12088. libtoolified, just as we've wanted for a while now. He also made the
  12089. recently added man pages get installed properly on 'make install' and some
  12090. other nice cleanups.
  12091. - In a discussion with Eetu Ojanen it struck me that if we use curl to get a
  12092. page using a password, and that page then sends a Location: to another
  12093. server that curl follows, curl will send the user name and password to that
  12094. server as well.
  12095. Now, I'll never be able to make curl do Location: following all that perfect
  12096. and you're all sooner or later required to write a script to do several
  12097. fetches when you're doing advanced stuff, but now I've modified curl to at
  12098. least *only* send the user name and password to the original server. Which
  12099. means that if get a page from server A with a password, that forwards curl
  12100. to server B, curl won't use the password there. If server B then forwards
  12101. curl back to server A again, the password will be used again.
  12102. This is not a perfect implementation, as in a browser case it would only use
  12103. the password if the left-prefix of the first path is the same. I just think
  12104. that this fix prevents a somewhat lurky "security hole".
  12105. As a side-note in this subject: HTTP passwords are sent in cleartext and
  12106. will never be considered to be safe or secure. Use HTTPS for that.
  12107. - As discussed on the mailing list, I converted the FTP response reading
  12108. function into using select() which then allows timeouts (even under win32!)
  12109. if the command-reply session gets too slow or dies completely. I made a
  12110. default timeout on 3600 seconds unless anything else is specified, since I
  12111. don't think anyone wants to wait more than that for a single character to
  12112. get received...
  12113. - Torsten Foertsch <torsten.foertsch at gmx.net> brought a set of fixes for
  12114. the rfc1867 form posts. He introduced 'name=<file' which brings a means to
  12115. suuply very large text chunks read from the given file name. It differs from
  12116. 'name=@file' in the way that this latter thing is marked in the uploaded
  12117. contents as a file upload, while the first is just text (as in a input or
  12118. textarea field). Torsten also corrected a bug that would happen if you used
  12119. %s or similar in a -F file name.
  12120. - As discovered by Nico Baggus <Nico.Baggus at mail.ing.nl>, when transferring
  12121. files to/from FTP using type ASCII curl should not expect the transfer to be
  12122. the exact size reported by the server as the file size. Since ASCII may very
  12123. well mean that the content is translated while transfered, the final size
  12124. may very well differ. Therefor, curl now ignores the file size when doing
  12125. ASCII transfers in FTP.
  12126. Daniel (24 July 2000)
  12127. - Added CURLOPT_PROXYPORT to the curl_easy_setopt() call to allow the proxy
  12128. port number to be set separately from the proxy host name.
  12129. - Andrew <andrew at ugh.net.au> pointed out a netrc manual bug.
  12130. - The FTP transfer code now accepts a 250-code as well as the previously
  12131. accepted 226, after a successful file transfer. Mohan <mnair at
  12132. evergreen-funds.com> pointed this out.
  12133. - The check for *both* nsl and socket was never added in the v7 configure.in
  12134. when I moved the main branch. I re-added that check to configure.in. This was
  12135. discovered by Rich Gray.
  12136. - Howard, Blaise <Blaise.Howard at factiva.com> pointed out a missing free() in
  12137. curl_disconnect() which of course meant libcurl ate memory.
  12138. - Brian E. Gallew noted that the HTTP 'Host:' header curl sent did not
  12139. properly include the port number if non-default ports were used. This should
  12140. now have been fixed.
  12141. - HTTP connect errors now return errors earlier. This was most notably causing
  12142. problems when the HTTPS certificate had problems and later caused a crash.
  12143. Many thanks to Gregory Nicholls <gnicholls at level8.com> for discovering
  12144. and suggesting a fix...
  12145. Daniel (21 June 2000)
  12146. - After a "bug report" I received where the user was using both -F and -I in a
  12147. HTTP request (it severly confused the library I should add), I added some
  12148. checks to src/main.c that prevents setting more than one HTTP request
  12149. command, no matter what the user wants! ;-)
  12150. Version 7.0.8beta
  12151. Daniel (20 June 2000)
  12152. - I did a major replace in many files to use the new curl domain haxx.se
  12153. instead of the previous one.
  12154. - As Eetu Ojanen suggested, I finally took the step and now libcurl no longer
  12155. makes a POST after it has followed a location. When the initial POST has
  12156. been done, it'll turned into a GET for the further requests. This is only
  12157. interesting when using -L/--location *and* doing a POST at the same time.
  12158. While messing with this, I added another weird feature I call 'auto
  12159. referer'. If you append ';auto' to the right of a given referer string (or
  12160. only use that string as referer), libcurl will automatically set the
  12161. previoud URL as refered when it follows a Location: and gets a succeeding
  12162. document.
  12163. - My hero Rich Gray found the very obscure FTP bug that happened to him only
  12164. when passing through a particular firewall and using the PORT command. It
  12165. turned out that PORT was the only command in the lib/ftp.c source that
  12166. didn't send a proper \r\n sequence but instead used the faulty \n which as
  12167. it seemed is supported by most major ftp servers... :-O
  12168. Version 7.0.7beta
  12169. Daniel (16 June 2000)
  12170. - I had avoided this long enough now, so I moved the alternative progress bar
  12171. stuff from the lib and added it to the client code. This is now using the
  12172. recently added progress callback and it seems to work pretty much like
  12173. before. Since it is only one progress bar and you and download and upload at
  12174. the same time, this bar shows the combined progress of both directions. This
  12175. code was just ported from the old place to this, Lars is still our saviour!
  12176. ;-) This also made the documentation more accurate since I never removed
  12177. this function from any docs! Although I now removed the CURLOPT_PROGRESSMODE
  12178. from the library since the lib has only one internal progress meter and it
  12179. will never get another. It is although likely that the internal one also
  12180. will be moved to the client code in the future (when I have other means of
  12181. getting the writeout data and move that too to the client).
  12182. - I took the opportunity to verify that standard progress meter works and I
  12183. found out it didn't get inited properly. Grrr. I corrected that as well.
  12184. Daniel (15 June 2000)
  12185. - I thought I'd better verify that the -F option still works in v7 and of
  12186. course it didn't... :-/ Anyway, I had the problems I could discover
  12187. corrected. About one month of beta testing and not a single person has used
  12188. this feature with v7?
  12189. - Björn correctly pointed out that the --progress-bar still doesn't work in
  12190. v7. Hm.
  12191. Daniel (14 June 2000)
  12192. - Tim Tassonis discovered that curl 7 didn't handle normal http POST as it
  12193. should. I corrected this.
  12194. Version 7.0.6beta
  12195. Daniel (14 June 2000)
  12196. - Björn Stenberg pointed out several problems (related to win32 compiling):
  12197. lib/strequal.c had a bad #ifdef for one of the string comparisons (win32)
  12198. src/main.c had several minor problems
  12199. lib/makefile.m32 had getpass.[co] twice
  12200. src/config-win32.h lacked the HAVE_FCNTL_H define
  12201. both config-win32.h files now only set the HAVE_UNISTD_H define if the
  12202. define MINGW32 is set, and I modified src/makefile.m32 and lib/makefile.m32
  12203. to set it.
  12204. Version 7.0.5beta
  12205. Daniel (14 June 2000)
  12206. - Applied Luong Dinh Dung's comments about a few win32 compile problems.
  12207. - Applied Björn Stenberg's suggested fix that turns the win32 stdout to
  12208. binary. It won't do it if the -B / --use-ascii option is used. That option
  12209. is now an extended version of the previous -B /--ftp--ascii. The flag was
  12210. already in use be the ldap as well so the new name fits pretty good. The
  12211. libcyrl CURLOPT_TRANSFERTEXT was also introduced as an alias to the now
  12212. obsolete CURLOPT_FTPASCII. Can't verify this fix myself as I have no win32
  12213. compiler around.
  12214. Daniel (13 June 2000)
  12215. - Luong Dinh Dung <dung at sch.bme.hu> found a problem in curl_easy_cleanup()
  12216. since it free()ed the main curl struct *twice*. This is now corrected.
  12217. Daniel (9 June 2000)
  12218. - Updated the RESOURCES file, added a README.win32 file.
  12219. Daniel (8 June 2000)
  12220. - So I finally added the progress callback to the *setopt() options and it
  12221. should work now. I don't have the energy to write any test program for it
  12222. right now.
  12223. - Made the callback function typedefs public in curl/curl.h for comfort. Just
  12224. in case anyone wanna fiddle with such pointers.
  12225. - Updated the curl_easy_setopt() man page accordingly.
  12226. Version 7.0.4beta
  12227. Daniel (2 June 2000)
  12228. - I noticed that when doing Location: following, we lost custom headers in all
  12229. but the first request.
  12230. - Removed the 'HttpPost' struct and moved the header stuff to the more generic
  12231. curl_slist.
  12232. - Added some better slist-cleanups in src/main.c
  12233. Version 7.0.3beta
  12234. Daniel (31 May 2000)
  12235. - So I discovered that I released the 7.0.2beta without it being able to
  12236. compile under Linux. gethostbyname_r() and gethostbyaddr_r() turned out to
  12237. feature a different amount of arguments on different systems so I had to add
  12238. a configure check for this and adjust the code slightly.
  12239. Version 7.0.2beta
  12240. Daniel (29 May 2000)
  12241. - Corrected the bits.* assignments when using CURLOPT options that only
  12242. toggles one of those bits.
  12243. - Applied the huge patches from David LeBlanc <dleblanc at qnx.com> that add
  12244. usage of the gethostbyname_r() and similar functions in case they're around,
  12245. since that make libcurl much better threadsafe in many systems (such as
  12246. solaris). I added the checks for these functions to the configure script.
  12247. I can't explain why, but the inet_ntoa_r() function did not appear in my
  12248. Solaris include files, I had to add my own include file for this for now.
  12249. Daniel (22 May 2000)
  12250. - Jörn Hartroth brought me fixes to make the win32 version compile properly as
  12251. well as a rename of the 'interface' field in the urldata struct, as it seems
  12252. to be reserved in some gcc versions!
  12253. - Rich Gray struck back with yet some portability reports. Data General DG/UX
  12254. needed a little fix in lib/ldap.c since it doesn't have RTLD_GLOBAL defined.
  12255. More fixes are expected as a result of Richies very helpful work.
  12256. Version 7.0.1beta
  12257. Daniel (21 May 2000)
  12258. - Updated lots of #defines, enums and variable type names in the library. No
  12259. more weird URG or URLTAG prefixes. All types and names should be curl-
  12260. prefixed to avoid name space clashes. The FLAGS-parameter to the former
  12261. curl_urlget() has been converted into a bunch of flags to use in separate
  12262. setopt calls. I'm still focusing on the easy-interface, as the curl tool is
  12263. now using that.
  12264. - Bjorn Reese has provided me with an asynchronous name resolver that I plan
  12265. to use in upcoming versions of curl to be able to gracefully timeout name
  12266. lookups.
  12267. Version 7.0beta
  12268. Daniel (18 May 2000)
  12269. - Introduced LIBCURL_VERSION_NUM to the curl.h include file to better allow
  12270. source codes to be dependent on the lib version. This define is now set to
  12271. a dexadecimal number, with 8 bits each for major number, minor number and
  12272. patch number. In other words, version 1.2.3 would make it 0x010203. It also
  12273. makes a larger number a newer version.
  12274. Daniel (17 May 2000)
  12275. - Martin Kammerhofer correctly pointed out several flaws in the FTP range
  12276. option. I corrected them.
  12277. - Removed the win32 winsock init crap from the lib to the src/main.c file
  12278. in the application instead. They can't be in the lib, especially not for
  12279. multithreaded purposes.
  12280. Daniel (16 May 2000)
  12281. - Rewrote the src/main.c source to use the new easy-interface to libcurl 7.
  12282. There is still more work to do, but the first step is now taken.
  12283. <curl/easy.h> is the include file to use.
  12284. Daniel (14 May 2000)
  12285. - FTP URLs are now treated slightly different, more according to RFC 1738.
  12286. - FTP sessions are now performed differently, with CWD commands to change
  12287. directory instead of RETR/STOR/LIST with the full path. Discussions with
  12288. Rich Gray made me notice these problems.
  12289. - Janne Johansson discovered and corrected a buffer overflow in the
  12290. src/usrglob.c file.
  12291. - I had to add a lib/strequal.c file for doing case insensitive string
  12292. compares on all platforms.
  12293. Daniel (8 May 2000):
  12294. - Been working lots on the new lib.
  12295. - Together with Rich Gray, I've tried to adjust the configure script to work
  12296. better on the NCR MP-RAS Unix.
  12297. Daniel (2 May 2000):
  12298. - Albert Chin-A-Young pointed out that I had a few too many instructions in
  12299. configure.in that didn't do any good.
  12300. Daniel (24 April 2000):
  12301. - Added a new paragraph to the FAQ about what to do when configure can't
  12302. find OpenSSL even though it is installed. Supplied by Bob Allison
  12303. Daniel (12 April 2000):
  12304. - Started messing around big-time to convert the old library interface to a
  12305. better one...
  12306. Daniel (8 April 2000):
  12307. - Made the progress bar look better for file sizes between 9999 kilobytes
  12308. and 100 megabytes. They're now displayed XX.XM.
  12309. - I also noticed that ftp fetches through HTTP proxies didn't add the user
  12310. agent string. It does now.
  12311. - Habibie <habibie at MailandNews.com> supplied a pretty good way to build RPMs
  12312. on a Linux machine. It still a) requires me to be root to do it, b) leaves
  12313. the rpm packages laying at some odd place on my disk c) doesn't work to
  12314. build the ssl version of curl since I didn't install openssl from an rpm
  12315. package so now the rpm crap thinks I don't have openssl and refuses to build
  12316. a package that depends on ssl... Did I mention I don't get along with RPM?
  12317. - Once again I received a bug report about autoconf not setting -L prior to -l
  12318. on the command line when checking for libs. In this case it made the native
  12319. cc compiler on Solaris 7 to fail the OpenSSL check. This has previously been
  12320. reported to cause problems on HP-UX and is a known flaw in autoconf 2.13. It
  12321. is a pity there's no newer release around...
  12322. Daniel (4 April 2000):
  12323. - Marco G. Salvagno supplied me with two fixes that
  12324. appearantly makes the OS/2 port work better with multiple URLs.
  12325. Daniel (2 April 2000):
  12326. - Another Location: fix. This time, when curl connected to a port and then
  12327. followed a location with an absolute URL to another port, it misbehaved.
  12328. Daniel (27 March 2000):
  12329. - H. Daphne Luong pointed out that curl was wrongly
  12330. messing up the proxy string when fetching a document through a http proxy,
  12331. which screwed up multiple fetches such as in location: followings.
  12332. Daniel (23 March 2000):
  12333. - Marco G. Salvagno corrected my badly applied patch he
  12334. actually already told me about!
  12335. - H. Daphne Luong brought me a fix that now makes curl
  12336. ignore select() errors in the download if errno is EINTR, which turns out to
  12337. happen every now and then when using libcurl multi-threaded...
  12338. Daniel (22 March 2000):
  12339. - Wham Bang supplied a couple of win32 fixes. HAVE_UNAME
  12340. was accidentally #defined in config-win32.h, which it shouldn't have been.
  12341. The HAVE_UNISTD_H is not defined when compiling with the Makefile.vc6
  12342. makefile for MS VC++.
  12343. Daniel (21 March 2000):
  12344. - I removed the AC_PROG_INSTALL macro from configure.in, since it appears that
  12345. one of the AM_* macros searches for a BSD compatible install already. Janne
  12346. Johansson made me aware of this.
  12347. Version 6.5.2
  12348. Daniel (21 March 2000):
  12349. - Paul Harrington quickly pointed out to me that 6.5.1
  12350. crashes hard. I upload 6.5.2 now as quickly as possible! The problem was
  12351. the -D adjustments in src/main.c.
  12352. Version 6.5.1
  12353. Daniel (20 March 2000):
  12354. - An anonymous post on sourceforge correctly pointed out a possible buffer
  12355. overflow in the curl_unescape() function for URL conversions. The main
  12356. problem with this bug is that the ftp download uses that function and this
  12357. single- byte overflow could lead to very odd bugs (as one reported by Janne
  12358. Johansson).
  12359. Daniel (19 March 2000):
  12360. - Marco G. Salvagno supplied me with a series of patches
  12361. that now allows curl to get compiled on OS/2. It even includes a section in
  12362. the INSTALL file. Very nice job!
  12363. Daniel (17 March 2000):
  12364. - Wham Bang supplied a patch for the lib/Makefile.vc6
  12365. file. We still need some fixes for the config-win32.h since it appears that
  12366. VC++ and mingw32 have different opinions about (at least) unistd.h's
  12367. existence.
  12368. Daniel (15 March 2000):
  12369. - I modified the -D/--dump-header workings so that it doesn't write anything
  12370. to the file until it needs to. This way, you can actually use -b and -D
  12371. on the same file if you want repeated invokes to store and read the cookies
  12372. in that one single file.
  12373. - Poked around in lots of texts. Added the BUGS file for bug reporting stuff.
  12374. Added the classic HTTP POST question to the FAQ, removed some #ifdef WIN32
  12375. stuff from the sources (they're covered by the config-win32.h now).
  12376. - Pascal Gaudette fixed a missing ldap.c problem in the
  12377. Makefile.vc6 file. He also addressed a problem in src/config-win32.h.
  12378. Daniel (14 March 2000):
  12379. - Paul Harrington pointed out that the 'http_code' variable in the -w output
  12380. was never written. I fixed it now.
  12381. - Janne Johansson reported the complaints that OpenBSD does
  12382. when getdate.c #includes malloc.h. It claims stdlib.h should be included
  12383. instead. I added #ifdef HAVE_MALLOC_H code in getdate.y and two checks in
  12384. the configure.in for malloc.h and stdlib.h.
  12385. Version 6.5
  12386. Daniel (13 March 2000):
  12387. - <curl at spam.wolvesbane.net> pointed out that the way curl sent cookies in a
  12388. single line wasn't enjoyed by IIS4.0 servers. In my view, that is not what
  12389. the standards say, but I added a white space between the name/value pairs to
  12390. perhaps make them work better.
  12391. - Added the perl check back in the configure.in again since the mkhelp.pl
  12392. script needs it!
  12393. - Made some beautifications in the curl man page.
  12394. Daniel (3 March 2000):
  12395. - Jörn helped me update the config-win32.h files with HAVE_SETVBUF and
  12396. HAVE_STRDUP.
  12397. Daniel (3 March 2000):
  12398. - Uploaded the 6.5pre2 package.
  12399. Daniel (2 March 2000):
  12400. - Removed the perl-programs from the distribution, they never made many people
  12401. happy and I'll still keep them available on the web.
  12402. - Added the -w and -N stuff to the man page. Documented the new progress meter
  12403. display in README.curl.
  12404. - Jörn Hartroth, Chris <cbayliss at csc.come> and Ulf
  12405. Möller from the openssl development team helped bringing me the details for
  12406. fixing an OpenSSL usage flaw. It became apparent when they released openssl
  12407. 0.9.5 since that barfed on curl's bad behavior (not seeding a random number
  12408. thing).
  12409. - Yet another option: -N/--no-buffer disables buffering in the output stream.
  12410. Probably most useful for very slow transfers when you really want to get
  12411. every byte curl receives within some preferred time. Andrew <tmr at gci.net>
  12412. suggested this.
  12413. - Damien Adant mailed me his fixes for making curl compile on Ultrix.
  12414. Daniel (24 February 2000):
  12415. - Applied Jörn Hartroth's fixes for config-win32.h and lib/Makefile.w32.
  12416. I should also make a note here, if nothing else to myself, that when using
  12417. the %-syntax for variables in DOS command prompts, you must use two %-
  12418. letters for each one since that is an escape letter there! Maybe I should
  12419. use another letter instead!
  12420. - Added more variables to -w:
  12421. 'http_code'
  12422. 'time_namelookup'
  12423. 'time_connect'
  12424. 'time_pretransfer'
  12425. 'url_effective'
  12426. - Made -w@filename read the syntax from a file and -w@- reads the syntax from
  12427. stdin in the good old "standard" curl way.
  12428. Daniel (22 February 2000):
  12429. - Released a 6.5pre1 version to get some test and user feedback.
  12430. Daniel (21 February 2000):
  12431. - I added the -w/--write-out flag and some variables to go with it. -w is a
  12432. single string, whatever you enter there will be written out when curl has
  12433. completed a successful request. There are some variable substitutions and
  12434. they are specified as '%{variable}' (without the quotes). Variables that
  12435. exist as of this moment are:
  12436. total_time - total transfer time in seconds (with 2 decimals)
  12437. size_download - total downloaded amount of bytes
  12438. size_upload - total uploaded amount of bytes
  12439. speed_download - the average speed of the entire download
  12440. speed_upload - the average speed of the entire upload
  12441. I will of course add more variables, but I need input on these and others.
  12442. - It struck me that the -# progress bar will be hard to just apply on the new
  12443. progress bar concept. I need some feedback on this before that'll get re-
  12444. introduced! :-/
  12445. Daniel (16 February 2000):
  12446. - Jörn Hartroth brought me some fixes for the progress meter and I continued
  12447. working on it. It seems to work for http download, http post, ftp download
  12448. and ftp upload. It should be a pretty good test it works generally good.
  12449. - Still need to add the -# progress bar into the new style progress interface.
  12450. - Gonna have a go at my new output option parameter next.
  12451. Daniel (15 February 2000):
  12452. - The progress meter stuff is slowly taking place. There's more left before it
  12453. is working ok and everything is tested, but we're reaching there. Slowly!
  12454. Daniel (11 February 2000):
  12455. - Paul Marquis fixed the config file parsing of curl to
  12456. deal with any-length lines, removing the previous limit of 4K.
  12457. - Eetu Ojanen's suggestion of supporting the @-style for -b
  12458. is implemented. Now -b@<filename> works as well as the old style. -b@- also
  12459. similarly reads the cookies from stdin.
  12460. - Reminder: -D should not write to the file until it needs to, in the same way
  12461. -o does. That would enable curl to use -b and -D on the same file...
  12462. - Ellis Pritchard made getdate.y work for MacOS X.
  12463. - Paul Harrington helped me out finding the crash in the
  12464. cookie parser. He also pointed out curl's habit of sending empty cookies to
  12465. the server.
  12466. Daniel (8 February 2000):
  12467. - Ron Zapp corrected a problem in src/urlglob.c that
  12468. prevented curl from getting compiled on sunos 4. The problem had to do
  12469. with the difference in sprintf() return code types.
  12470. - Transfer() should now be able to download and upload simultaneously. Let's
  12471. do some progress meter fixes later this week.
  12472. Daniel (31 January 2000):
  12473. - Paul Harrington found another core dump in the cookie
  12474. parser. Curl doesn't properly recognize the 'version' keyword and I think
  12475. that is what caused this. I need to refresh some specs on cookies and see
  12476. what else curl lacks to improve this a bit more once and for all.
  12477. RFC 2109 clearly specifies how cookies should be dealt with when they are
  12478. compliant with that spec. I don't think many servers are though...
  12479. - Mark W. Eichin found that while curl is uploading a form
  12480. to a web site, it doesn't read incoming data why it'll hang after a while
  12481. since the socket "pipe" becomes full.
  12482. It took me two hours to rewrite Download() and Upload() into the new
  12483. single function Transfer(). It even seems to work! More testing is required
  12484. of course... I should get the header-sending together in a kind of queue
  12485. and let them get "uploaded" in Transfer() as well.
  12486. - Zhibiao Wu pointed out a curl bug in the location: area,
  12487. although I did not get a reproducible way to do this why I have to wait
  12488. with fixing anything.
  12489. - Bob Schader suggested I should implement resume
  12490. support for the HTTP PUT operation, and as I think it is a valid suggestion
  12491. I'll work on it.
  12492. Daniel (25 January 2000):
  12493. - M Travis Obenhaus pointed out a manual mixup with -y and -Y that was
  12494. corrected.
  12495. - Jens Schleusener pointed out a problem to compile
  12496. curl on AIX 4.1.4 and gave me a solution. This problem was already fixed
  12497. by Jörn's recent #include modifications!
  12498. Daniel (19 January 2000):
  12499. - Oskar Liljeblad pointed out and corrected a problem
  12500. in the Location: following system that made curl following a location: to a
  12501. different protocol to fail.
  12502. At January 31st I re-considered this fix and the surrounding source code. I
  12503. could not really see that the patch did any difference, why I removed it
  12504. again for further research and debugging. (It disabled location: following
  12505. on server not running on default ports.)
  12506. - Jörn Hartroth brought a fix that once again
  12507. made it possible to select progress bar.
  12508. - Jörn also fixed a few include problems.
  12509. Version 6.4
  12510. Daniel (17 January 2000):
  12511. - Based on suggestions from Björn Stenberg, I made the
  12512. progress deal better with larger files and added a "Time" field which shows
  12513. the time spent on the download so far.
  12514. - I'm now using the CVS repository on sourceforge.net, which also allows web
  12515. browsing. See http://curl.haxx.nu.
  12516. Daniel (10 January 2000):
  12517. - Renumbered some enums in curl/curl.h since tag number 35 was used twice!
  12518. - Added "postquote" support to the ftp section that enables post-ftp-transfer
  12519. quote commands.
  12520. - Now made the -Q/--quote parameter recognize '-' as a prefix, which means
  12521. that command will be issued AFTER a successful ftp transfer. This can of
  12522. course be used to delete or rename a file after it has been uploaded or
  12523. downloaded. Use your imagination! ;-)
  12524. - Since I do the main development on solaris 2.6 now, I had to download and
  12525. install GNU groff to generate the hugehelp.c file. The solaris nroff cores
  12526. on the man page! So, in order to make the solaris configure script find a
  12527. better result I made gnroff get checked prior to the regular nroff.
  12528. - Added all the curl exit codes to the man page.
  12529. - Jim Gallagher properly tracked down a bug in autoconf
  12530. 2.13. The AC_CHECK_LIB() macro wrongfully uses the -l flag before the -L
  12531. flag to 'ld' which causes the HP-UX 10.20 flavour to fail on all libchecks
  12532. and therefore you can't make the configure script find the openssl libs!
  12533. Daniel (28 December 1999):
  12534. - Tim Verhoeven correctly identified that curl
  12535. doesn't support URL formatted file names when getting ftp. Now, there's a
  12536. problem with getting very weird file names off FTP servers. RFC 959 defines
  12537. that the file name syntax to use should be the same as in the native OS of
  12538. the server. Since we don't know the peer server system we currently just
  12539. translate the URL syntax into plain letters. It is still better and with
  12540. the solaris 2.6-supplied ftp server it works with spaces in the file names.
  12541. Daniel (27 December 1999):
  12542. - When curl parsed cookies straight off a remote site, it corrupted the input
  12543. data, which, if the downloaded headers were stored made very odd characters
  12544. in the saved data. Correctly identified and reported by Paul Harrington.
  12545. Daniel (13 December 1999):
  12546. - General cleanups in the library interface. There had been some bad kludges
  12547. added during times of stress and I did my best to clean them off. It was
  12548. both regarding the lib API as well as include file confusions.
  12549. Daniel (3 December 1999):
  12550. - A small --stderr bug was reported by Eetu Ojanen...
  12551. - who also brought the suggestion of extending the -X flag to ftp list as
  12552. well. So, now it is and the long option is now --request instead. It is
  12553. only for ftp list for now (and the former http stuff too of course).
  12554. Lars J. Aas (24 November 1999):
  12555. - Patched curl to compile and build under BeOS. Doesn't work yet though!
  12556. - Corrected the Makefile.am files to allow putting object files in
  12557. different directories than the sources.
  12558. Version 6.3.1
  12559. Daniel (23 November 1999):
  12560. - I've had this major disk crash. My good old trust-worthy source disk died
  12561. along with the machine that hosted it. Thank goodness most of all the
  12562. things I've done are either backed up elsewhere or stored in this CVS
  12563. server!
  12564. - Michael S. Steuer pointed out a bug in the -F handling
  12565. that made curl hang if you posted an empty variable such as '-F name='. It
  12566. was one of those old bugs that never have worked properly...
  12567. - Jason Baietto pointed out a general flaw in the HTTP
  12568. download. Curl didn't complain if it was prematurely aborted before the
  12569. entire download was completed. It does now.
  12570. Daniel (19 November 1999):
  12571. - Chris Maltby very accurately criticized the lack of
  12572. return code checks on the fwrite() calls. I did a thorough check for all
  12573. occurrences and corrected this.
  12574. Daniel (17 November 1999):
  12575. - Paul Harrington pointed out that the -m/--max-time option
  12576. doesn't work for the slow system calls like gethostbyname()... I don't have
  12577. any good fix yet, just a slightly less bad one that makes curl exit hard
  12578. when the timeout is reached.
  12579. - Bjorn Reese helped me point out a possible problem that might be the reason
  12580. why Thomas Hurst experience problems in his Amiga version.
  12581. Daniel (12 November 1999):
  12582. - I found a crash in the new cookie file parser. It crashed when you gave
  12583. a plain http header file as input...
  12584. Version 6.3
  12585. Daniel (10 November 1999):
  12586. - I kind of found out that the HTTP time-conditional GETs (-z) aren't always
  12587. respected by the web server and the document is therefore sent in whole
  12588. again, even though it doesn't match the requested condition. After reading
  12589. section 13.3.4 of RFC 2616, I think I'm doing the right thing now when I do
  12590. my own check as well. If curl thinks the condition isn't met, the transfer
  12591. is aborted prematurely (after all the headers have been received).
  12592. - After comments from Robert Linden I also rewrote some parts of the man page
  12593. to better describe how the -F works.
  12594. - Michael Anti put up a new curl download mirror in
  12595. China: http://www.pshowing.com/curl/
  12596. - I added the list of download mirrors to the README file
  12597. - I did add more explanations to the man page
  12598. Daniel (8 November 1999):
  12599. - I made the -b/--cookie option capable of reading netscape formatted cookie
  12600. files as well as normal http-header files. It should be able to
  12601. transparently figure out what kind of file it got as input.
  12602. Daniel (29 October 1999):
  12603. - Another one of Sebastiaan van Erk's ideas (that has been requested before
  12604. but I seem to have forgotten who it was), is to add support for ranges in
  12605. FTP downloads. As usual, one request is just a request, when they're two
  12606. it is a demand. I've added simple support for X-Y style fetches. X has to
  12607. be the lower number, though you may omit one of the numbers. Use the -r/
  12608. --range switch (previously HTTP-only).
  12609. - Sebastiaan van Erk suggested that curl should be
  12610. able to show the file size of a specified file. I think this is a splendid
  12611. idea and the -I flag is now working for FTP. It displays the file size in
  12612. this manner:
  12613. Content-Length: XXXX
  12614. As it resembles normal headers, and leaves us the opportunity to add more
  12615. info in that display if we can come up with more in the future! It also
  12616. makes sense since if you access ftp through a HTTP proxy, you'd get the
  12617. file size the same way.
  12618. I changed the order of the QUOTE command executions. They're now executed
  12619. just after the login and before any other command. I made this to enable
  12620. quote commands to run before the -I stuff is done too.
  12621. - I found out that -D/--dump-header and -V/--version weren't documented in
  12622. the man page.
  12623. - Many HTTP/1.1 servers do not support ranges. Don't ask me why. I did add
  12624. some text about this in the man page for the range option. The thread in
  12625. the mailing list that started this was initiated by Michael Anti.
  12626. - I get reports about nroff crashes on solaris 2.6+ when displaying the curl
  12627. man page. Switch to gnroff instead, it is reported to work(!). Adam Barclay
  12628. reported and brought the suggestion.
  12629. - In a dialogue with Johannes G. Kristinsson we came
  12630. up with the idea to let -H/--header specified headers replace the
  12631. internally generated headers, if you happened to select to add a header
  12632. that curl normally uses by itself. The advantage with this is not entirely
  12633. obvious, but in Johannes' case it means that he can use another Host: than
  12634. the one curl would set.
  12635. Daniel (27 October 1999):
  12636. - Jongki Suwandi brought a nice patch for (yet another) crash when following
  12637. a location:. This time you had to follow a https:// server's redirect to
  12638. get the core.
  12639. Version 6.2
  12640. Daniel (21 October 1999):
  12641. - I think I managed to remove the suspicious (nil) that has been seen just
  12642. before the "Host:" in HTTP requests when -v was used.
  12643. - I found out that if you followed a location: when using a proxy, without
  12644. having specified http:// in the URL, the protocol part was added once again
  12645. when moving to the next URL! (The protocol part has to be added to the
  12646. URL when going through a proxy since it has no protocol-guessing system
  12647. such as curl has.)
  12648. - Benjamin Ritcey reported a core dump under solaris 2.6
  12649. with OpenSSL 0.9.4. It turned out this was due to a bad free() in main.c
  12650. that occurred after the download was done and completed.
  12651. - Benjamin found ftp downloads to show the first line of the download meter
  12652. to get written twice, and I removed that problem. It was introduced with
  12653. the multiple URL support.
  12654. - Dan Zitter correctly pointed out that curl 6.1 and earlier versions didn't
  12655. honor RFC 2616 chapter 4 section 2, "Message Headers": "...Field names are
  12656. case-insensitive..." HTTP header parsing assumed a certain casing. Dan
  12657. also provided me with a patch that corrected this, which I took the liberty
  12658. of editing slightly.
  12659. - Dan Zitter also provided a nice patch for config.guess to better recognize
  12660. the Mac OS X
  12661. - Dan also corrected a minor problem in the lib/Makefile that caused linking
  12662. to fail on OS X.
  12663. Daniel (19 October 1999):
  12664. - Len Marinaccio came up with some problems with curl. Since Windows has a
  12665. crippled shell, it can't redirect stderr and that causes trouble. I added
  12666. --stderr today which allows the user to redirect the stderr stream to a
  12667. file or stdout.
  12668. Daniel (18 October 1999):
  12669. - The configure script now understands the '--without-ssl' flag, which now
  12670. totally disable SSL/https support. Previously it wasn't possible to force
  12671. the configure script to leave SSL alone. The previous functionality has
  12672. been retained. Troy Engel helped test this new one.
  12673. Version 6.1 (October 17 1999)
  12674. Daniel (17 October 1999):
  12675. - I ifdef'ed or commented all the zlib stuff in the sources and configure
  12676. script. It turned out we needed to mock more with zlib than I initially
  12677. thought, to make it capable of downloading compressed HTTP documents and
  12678. uncompress them on the fly. I didn't mean the zlib parts of curl to become
  12679. more than minor so this means I halt the zlib expedition for now and wait
  12680. until someone either writes the code or zlib gets updated and better
  12681. adjusted for this kind of usage. I won't get into details here, but a
  12682. short a summary is suitable:
  12683. - zlib can't automatically detect whether to use zlib or gzip
  12684. decompression methods.
  12685. - zlib is very neat for reading gzipped files from a file descriptor,
  12686. although not as nice for reading buffer-based data such as we would
  12687. want it.
  12688. - there are still some problems with the win32 version when reading from
  12689. a file descriptor if that is a socket
  12690. Daniel (14 October 1999):
  12691. - Moved the (external) include files for libcurl into a subdirectory named
  12692. curl and adjusted all #include lines to use <curl/XXXX> to maintain a
  12693. better name space and control of the headers. This has been requested.
  12694. Daniel (12 October 1999):
  12695. - I modified the 'maketgz' script to perform a 'make' too before a release
  12696. archive is put together in an attempt to make the time stamps better and
  12697. hopefully avoid the double configure-running that use to occur.
  12698. Daniel (11 October 1999):
  12699. - Applied Jörn's patches that fixes zlib for mingw32 compiles as well as
  12700. some other missing zlib #ifdef and more text on the multiple URL docs in
  12701. the man page.
  12702. Version 6.1beta
  12703. Daniel (6 October 1999):
  12704. - Douglas E. Wegscheid sent me a patch that made the exact same thing as I
  12705. just made: the -d switch is now capable of reading post data from a named
  12706. file or stdin. Use it similarly to the -F. To read the post data from a
  12707. given file:
  12708. curl -d @path/to/filename www.postsite.com
  12709. or let curl read it out from stdin:
  12710. curl -d @- www.postit.com
  12711. Jörn Hartroth (3 October 1999):
  12712. - Brought some more patches for multiple URL functionality. The MIME
  12713. separation ideas are almost scrapped now, and a custom separator is being
  12714. used instead. This is still compile-time "flagged".
  12715. Daniel
  12716. - Updated curl.1 with multiple URL info.
  12717. Daniel (30 September 1999):
  12718. - Felix von Leitner brought openssl-check fixes for configure.in to work
  12719. out-of-the-box when the openssl files are installed in the system default
  12720. dirs.
  12721. Daniel (28 September 1999)
  12722. - Added libz functionality. This should enable decompressing gzip, compress
  12723. or deflate encoding HTTP documents. It also makes curl send an accept that
  12724. it accepts that kind of encoding. Compressed contents usually shortens
  12725. download time. I *need* someone to tell me a site that uses compressed HTTP
  12726. documents so that I can test this out properly.
  12727. - As a result of the adding of zlib awareness, I changed the version string
  12728. a little. I plan to add openldap version reporting in there too.
  12729. Daniel (17 September 1999)
  12730. - Made the -F option allow stdin when specifying files. By using '-' instead
  12731. of file name, the data will be read from stdin.
  12732. Version 6.0 (September 14 1999)
  12733. Daniel (13 September 1999)
  12734. - Added -X/--http-request <request> to enable any HTTP command to be sent.
  12735. Do not that your server has to support the exact string you enter. This
  12736. should possibly a string like DELETE or TRACE.
  12737. - Applied Douglas' mingw32-fixes for the makefiles.
  12738. Daniel (10 September 1999)
  12739. - Douglas E. Wegscheid pointed out a problem. Curl didn't check the FTP
  12740. servers return code properly after the --quote commands were issued. It
  12741. took anything non 200 as an error, when all 2XX codes should be accepted as
  12742. OK.
  12743. - Sending cookies to the same site in multiple lines like curl used to do
  12744. turned out to be bad and breaking the cookie specs. Curl now sends all
  12745. cookies on a single Cookie: line. Curl is not yet RFC 2109 compliant, but I
  12746. doubt that many servers do use that syntax (yet).
  12747. Daniel (8 September 1999)
  12748. - Jörn helped me make sure it still compiles nicely with mingw32 under win32.
  12749. Daniel (7 September 1999)
  12750. - FTP upload through proxy is now turned into a HTTP PUT. Requested by
  12751. Stefan Kanthak.
  12752. - Added the ldap files to the .m32 makefile.
  12753. Daniel (3 September 1999)
  12754. - Made cookie matching work while using HTTP proxy.
  12755. Bjorn Reese (31 August 1999)
  12756. - Passed his ldap:// patch. Note that this requires the openldap shared
  12757. library to be installed and that LD_LIBRARY_PATH points to the
  12758. directory where the lib will be found when curl is run with a
  12759. ldap:// URL.
  12760. Jörn Hartroth (31 August 1999)
  12761. - Made the Mingw32 makefiles into single files.
  12762. - Made file:// work for Win32. The same code is now used for unix as well for
  12763. performance reasons.
  12764. Douglas E. Wegscheid (30 August 1999)
  12765. - Patched the Mingw32 makefiles for SSL builds.
  12766. Matthew Clarke (30 August 1999)
  12767. - Made a cool patch for configure.in to allow --with-ssl to specify the
  12768. root dir of the openssl installation, as in
  12769. ./configure --with-ssl=/usr/ssl_here
  12770. - Corrected the 'reconf' script to work better with some shells.
  12771. Jörn Hartroth (26 August 1999)
  12772. - Fixed the Mingw32 makefiles in lib/ and corrected the file.c for win32
  12773. compiles.
  12774. Version 5.11
  12775. Daniel (25 August 1999)
  12776. - John Weismiller pointed out a bug in the header-line
  12777. realloc() system in download.c.
  12778. - I added lib/file.[ch] to offer a first, simple, file:// support. It
  12779. probably won't do much good on win32 system at this point, but I see it
  12780. as a start.
  12781. - Made the release archives get a Makefile in the root dir, which can be
  12782. used to start the compiling/building process easier. I haven't really
  12783. changed any INSTALL text yet, I wanted to get some feed-back on this
  12784. first.
  12785. Daniel (17 August 1999)
  12786. - Another Location: bug. Curl didn't do proper relative locations if the
  12787. original URL had cgi-parameters that contained a slash. Nusu's page
  12788. again.
  12789. - Corrected the NO_PROXY usage. It is a list of substrings that if one of
  12790. them matches the tail of the host name it should connect to, curl should
  12791. not use a proxy to connect there. Pointed out to me by Douglas
  12792. E. Wegscheid. I also changed the README text a little regarding this.
  12793. Daniel (16 August 1999)
  12794. - Fixed a memory bug with http-servers that sent Location: to a Location:
  12795. page. Nusu's page showed this too.
  12796. - Made cookies work a lot better. Setting the same cookie name several times
  12797. used to add more cookies instead of replacing the former one which it
  12798. should've. Nusu <nus at intergorj.ro> brought me an URL that made this
  12799. painfully visible...
  12800. Troy (15 August 1999)
  12801. - Brought new .spec files as well as a patch for configure.in that lets the
  12802. configure script find the openssl files better, even when the include
  12803. files are in /usr/include/openssl
  12804. Version 5.10
  12805. Daniel (13 August 1999)
  12806. - SSL_CTX_set_default_passwd_cb() has been modified in the 0.9.4 version of
  12807. OpenSSL. Now why couldn't they simply add a *new* function instead of
  12808. modifying the parameters of an already existing function? This way, we get
  12809. a compiler warning if compiling with 0.9.4 but not with earlier. So, I had
  12810. to come up with a #if construction that deals with this...
  12811. - Made curl output the SSL version number get displayed properly with 0.9.4.
  12812. Troy (12 August 1999)
  12813. - Added MingW32 (GCC-2.95) support under Win32. The INSTALL file was also
  12814. a bit rearranged.
  12815. Daniel (12 August 1999)
  12816. - I had to copy a good <arpa/telnet.h> include file into the curl source
  12817. tree to enable the silly win32 systems to compile. The distribution rights
  12818. allows us to do that as long as the file remains unmodified.
  12819. - I corrected a few minor things that made the compiler complain when
  12820. -Wall -pedantic was used.
  12821. - I'm moving the official curl web page to http://curl.haxx.nu. I think it
  12822. will make it easier to remember as it is a lot shorter and less cryptic.
  12823. The old one still works and shows the same info.
  12824. Daniel (11 August 1999)
  12825. - Albert Chin-A-Young mailed me another correction for NROFF in the
  12826. configure.in that is supposed to be better for IRIX users.
  12827. Daniel (10 August 1999)
  12828. - Albert Chin-A-Young helped me with some stupid Makefile things, as well as
  12829. some fiddling with the getdate.c stuff that he had problems with under
  12830. HP-UX v10. getdate.y will now be compiled into getdate.c if the appropriate
  12831. yacc or bison is found by the configure script. Since this is slightly new,
  12832. we need to test the output getdate.c with win32 systems to make sure it
  12833. still compiles there.
  12834. Daniel (5 August 1999)
  12835. - I've just setup a new mailing list with the intention to keep discussions
  12836. around libcurl development in it. I mainly expect it to be for thoughts and
  12837. brainstorming around a "next generation" library, rather than nitpicking
  12838. about the current implementation or details in the current libcurl.
  12839. To join our happy bunch of future-looking geeks, enter 'subscribe
  12840. <address>' in the body of a mail and send it to
  12841. libcurl-request@listserv.fts.frontec.se. Curl bug reports, the usual curl
  12842. talk and everything else should still be kept in this mailing list. I've
  12843. started to archive this mailing list and have put the libcurl web page at
  12844. www.fts.frontec.se/~dast/libcurl/.
  12845. - Stefan Kanthak contacted me regarding a few problems in the configure
  12846. script which he discovered when trying to make curl compile and build under
  12847. Siemens SINIX-Z V5.42B2004!
  12848. - Marcus Klein very accurately informed me that src/version.h was not present
  12849. in the CVS repository. Oh, how silly...
  12850. - Linus Nielsen rewrote the telnet:// part and now curl offers limited telnet
  12851. support. If you run curl like 'curl telnet://host' you'll get all output on
  12852. the screen and curl will read input from stdin. You'll be able to login and
  12853. run commands etc, but since the output is buffered, expect to get a little
  12854. weird output.
  12855. This is still in its infancy and it might get changed. We need your
  12856. feed-back and input in how this is best done.
  12857. WIN32 NOTE: I bet we'll get problems when trying to compile the current
  12858. lib/telnet.c on win32, but I think we can sort them out in time.
  12859. - David Sanderson reported that FORCE_ALLOCA_H or HAVE_ALLOCA_H must be
  12860. defined for getdate.c to compile properly on HP-UX 11.0. I updated the
  12861. configure script to check for alloca.h which should make it.
  12862. Daniel (4 August 1999)
  12863. - I finally got to understand Marcus Klein's ftp download resume problem,
  12864. which turns out to be due to different outputs from different ftp
  12865. servers. It makes ftp download resuming a little trickier, but I've made
  12866. some modifications I really believe will work for most ftp servers and I do
  12867. hope you report if you have problems with this!
  12868. - Added text about file transfer resuming to README.curl.
  12869. Daniel (2 August 1999)
  12870. - Applied a progress-bar patch from Lars J. Aas. It offers
  12871. a new styled progress bar enabled with -#/--progress-bar.
  12872. T. Yamada <tai at imasy.or.jp> (30 July 1999)
  12873. - It breaks with segfault when 1) curl is using .netrc to obtain
  12874. username/password (option '-n'), and 2) is automatically redirected to
  12875. another location (option '-L').
  12876. There is a small bug in lib/url.c (block starting from line 641), which
  12877. tries to take out username/password from user- supplied command-line
  12878. argument ('-u' option). This block is never executed on first attempt since
  12879. CONF_USERPWD bit isn't set at first, but curl later turns it on when it
  12880. checks for CONF_NETRC bit. So when curl tries to redo everything due to
  12881. redirection, it segfaults trying to access *data->userpwd.
  12882. Version 5.9.1
  12883. Daniel (30 July 1999)
  12884. - Steve Walch pointed out that there is a memory leak in the formdata
  12885. functions. I added a FormFree() function that is now used and supposed to
  12886. correct this flaw.
  12887. - Mark Wotton reported:
  12888. 'curl -L https://www.cwa.com.au/' core dumps. I managed to cure this by
  12889. correcting the cleanup procedure. The bug seems to be gone with my OpenSSL
  12890. 0.9.2b, although still occurs when I run the ~100 years old SSLeay 0.8.0. I
  12891. don't know whether it is curl or SSLeay that is to blame for that.
  12892. - Marcus Klein:
  12893. Reported an FTP upload resume bug that I really can't repeat nor understand.
  12894. I leave it here so that it won't be forgotten.
  12895. Daniel (29 July 1999)
  12896. - Costya Shulyupin suggested support for longer URLs when following Location:
  12897. and I could only agree and fix it!
  12898. - Leigh Purdie found a problem in the upload/POST department. It turned out
  12899. that http.c accidentaly cleared the pointer instead of the byte counter
  12900. when supposed to.
  12901. - Costya Shulyupin pointed out a problem with port numbers and Location:. If
  12902. you had a server at a non-standard port that redirected to an URL using a
  12903. standard port number, curl still used that first port number.
  12904. - Ralph Beckmann pointed out a problem when using both CONF_FOLLOWLOCATION
  12905. and CONF_FAILONERROR simultaneously. Since the CONF_FAILONERROR exits on
  12906. the 302-code that the follow location header outputs it will never show any
  12907. html on location: pages. I have now made it look for >=400 codes if
  12908. CONF_FOLLOWLOCATION is set.
  12909. - 'struct slist' is now renamed to 'struct curl_slist' (as suggested by Ralph
  12910. Beckmann).
  12911. - Joshua Swink and Rick Welykochy were the first to point out to me that the
  12912. latest OpenSSL package now have moved the standard include path. It is now
  12913. in /usr/local/ssl/include/openssl and I have now modified the --enable-ssl
  12914. option for the configure script to use that as the primary path, and I
  12915. leave the former path too to work with older packages of OpenSSL too.
  12916. Daniel (9 June 1999)
  12917. - I finally understood the IRIX problem and now it seem to compile on it!
  12918. I am gonna remove those #define strcasecmp() things once and for all now.
  12919. Daniel (4 June 1999)
  12920. - I adjusted the FTP reply 227 parser to make the PASV command work better
  12921. with more ftp servers. Appearantly the Roxen Challanger server replied
  12922. something curl 5.9 could deal with! :-( Reported by Ashley Reid-Montanaro
  12923. and Mark Butler brought a solution for it.
  12924. Daniel (26 May 1999)
  12925. - Rearranged. README is new, the old one is now README.curl and I added a
  12926. README.libcurl with text I got from Ralph Beckmann.
  12927. - I also updated the INSTALL text.
  12928. Daniel (25 May 1999)
  12929. - David Jonathan Lowsky correctly pointed out that curl didn't properly deal
  12930. with form posting where the variable shouldn't have any content, as in curl
  12931. -F "form=" www.site.com. It was now fixed.
  12932. Version 5.9 (May 22 1999)
  12933. Daniel (22 May 1999)
  12934. - I've got a bug report from Aaron Scarisbrick in which he states he has some
  12935. problems with -L under FreeBSD 3.0. I have previously got another bug
  12936. report from Stefan Grether which points at an error with similar sympthoms
  12937. when using win32. I made the allocation of the new url string a bit faster
  12938. and different, don't know if it actually improves anything though...
  12939. Daniel (20 May 1999)
  12940. - Made the cookie parser deal with CRLF newlines too.
  12941. Daniel (19 May 1999)
  12942. - Download() didn't properly deal with failing return codes from the sread()
  12943. function. Adam Coyne found the problem in the win32 version, and Troy Engel
  12944. helped me out isolating it.
  12945. Daniel (16 May 1999)
  12946. - Richard Adams pointed out a bug I introduced in 5.8. --dump-header doesn't
  12947. work anymore! :-/ I fixed it now.
  12948. - After a suggestion by Joshua Swink I added -S / --show-error to force curl
  12949. to display the error message in case of an error, even if -s/--silent was
  12950. used.
  12951. Daniel (10 May 1999)
  12952. - I moved the stuff concerning HTTP, DICT and TELNET it their own source
  12953. files now. It is a beginning on my clean-up of the sources to make them
  12954. layer all those protocols better to enable more to be added easier in the
  12955. future!
  12956. - Leon Breedt sent me some files I've not put into the main curl
  12957. archive. They're for creating the Debian package thingie. He also sent me a
  12958. debian package that I've made available for download at the web page
  12959. Daniel (9 May 1999)
  12960. - Made it compile on cygwin too.
  12961. Troy Engel (7 May 1999)
  12962. - Brought a series of patches to allow curl to compile smoothly on MSVC++ 6
  12963. again!
  12964. Daniel (6 May 1999)
  12965. - I changed the #ifdef HAVE_STRFTIME placement for the -z code so that it
  12966. will be easier to discover systems that don't have that function and thus
  12967. can't use -z successfully. Made the strftime() get used if WIN32 is defined
  12968. too.
  12969. Version 5.8
  12970. Daniel (5 May 1999)
  12971. - I've had it with this autoconf/automake mess. It seems to work allright
  12972. for most people who don't have automake installed, but for those who have
  12973. there are problems all over.
  12974. I've got like five different bug reports on this only the last
  12975. week... Claudio Neves and Federico Bianchi and root <duggerj001 at
  12976. hawaii.rr.com> are some of them reporting this.
  12977. Currently, I have no really good fix since I want to use automake myself to
  12978. generate the Makefile.in files. I've found out that the @SHELL@-problems
  12979. can often be fixed by manually invoking 'automake' in the archive root
  12980. before you run ./configure... I've hacked my maketgz script now to fiddle
  12981. a bit with this and my tests seem to work better than before at least!
  12982. Daniel (4 May 1999)
  12983. - mkhelp.pl has been doing badly lately. I corrected a case problem in
  12984. the regexes.
  12985. - I've now remade the -o option to not touch the file unless it needs to.
  12986. I had to do this to make -z option really fine, since now you can make a
  12987. curl fetch and use a local copy's time when downloading to that file, as
  12988. in:
  12989. curl -z dump -o dump remote.site.com/file.html
  12990. This will only get the file if the remote one is newer than the local.
  12991. I'm aware that this alters previous behaviour a little. Some scripts out
  12992. there may depend on that the file is always touched...
  12993. - Corrected a bug in the SSLv2/v3 selection.
  12994. - Felix von Leitner requested that curl should be able to send
  12995. "If-Modified-Since" headers, which indeed is a fair idea. I implemented it
  12996. right away! Try -z <expression> where expression is a full GNU date
  12997. expression or a file name to get the date from!
  12998. Stephan Lagerholm (30 Apr 1999)
  12999. - Pointed out a problem with the src/Makefile for FreeBSD. The RM variable
  13000. isn't set and causes the make to fail.
  13001. Daniel (26 April 1999)
  13002. - Am I silly or what? Irving Wolfe pointed out to me that the curl version
  13003. number was not set properly. Hasn't been since 5.6. This was due to a bug
  13004. in my maketgz script!
  13005. David Eriksson (25 Apr 1999)
  13006. - Found a bug in cookies.c that made it crash at times.
  13007. Version 5.7.1
  13008. Doug Kaufman (23 Apr 1999)
  13009. - Brought two sunos 4 fixes. One of them being the hostip.c fix mentioned
  13010. below and the other one a correction in include/stdcheaders.h
  13011. - Added a paragraph about compiling with the US-version of openssl to the
  13012. INSTALL file.
  13013. Daniel
  13014. - New mailing list address. Info updated on the web page as well as in the
  13015. README file
  13016. Greg Onufer (20 Apr 1999)
  13017. - hostip.c didn't compile properly on SunOS 5.5.1.
  13018. It needs an #include <sys/types.h>
  13019. Version 5.7
  13020. Daniel (Apr 20 1999)
  13021. - Decided to upload a non-beta version right now!
  13022. - Made curl support any-length HTTP headers. The destination buffer is now
  13023. simply enlarged every time it turns out to be too small!
  13024. - Added the FAQ file to the archive. Still a bit smallish, but it is a
  13025. start.
  13026. Eric Thelin (15 Apr 1999)
  13027. - Made -D accept '-' instead of filename to write to stdout.
  13028. Version 5.6.3beta
  13029. Daniel (Apr 12 1999)
  13030. - Changed two #ifdef WIN32 to better #ifdef <errorcode> when connect()ing
  13031. in url.c and ftp.c. Makes cygwin32 deal with them better too. We should
  13032. try to get some decent win32-replacement there. Anyone?
  13033. - The old -3/--crlf option is now ONLY --crlf!
  13034. - I changed the "SSL fix" to a more lame one, but that doesn't remove as
  13035. much functionality. Now I've enabled the lib to select what SSL version it
  13036. should try first. Appearantly some older SSL-servers don't like when you
  13037. talk v3 with them so you need to be able to force curl to talk v2 from the
  13038. start. The fix dated April 6 and posted on the mailing list forced curl to
  13039. use v2 at all times using a modern OpenSSL version, but we don't really
  13040. want such a crippled solution.
  13041. - Marc Boucher sent me a patch that corrected a math error for the
  13042. "Curr.Speed" progress meter.
  13043. - Eric Thelin sent me a patch that enables '-K -' to read a config file from
  13044. stdin.
  13045. - I found out we didn't close the file properly before so I added it!
  13046. Daniel (Apr 9 1999)
  13047. - Yu Xin pointed out a problem with ftp download resume. It didn't work at
  13048. all! ;-O
  13049. Daniel (Apr 6 1999)
  13050. - Corrected the version string part generated for the SSL version.
  13051. - I found a way to make some other SSL page work with openssl 0.9.1+ that
  13052. previously didn't (ssleay 0.8.0 works with it though!). Trying to get
  13053. some real info from the OpenSSL guys to see how I should do to behave the
  13054. best way. SSLeay 0.8.0 shouldn't be that much in use anyway these days!
  13055. Version 5.6.2beta
  13056. Daniel (Apr 4 1999)
  13057. - Finally have curl more cookie "aware". Now read carefully. This is how
  13058. it works.
  13059. To make curl read cookies from an already existing file, in plain header-
  13060. format (like from the headers of a previous fetch) invoke curl with the
  13061. -b flag like:
  13062. curl -b file http://site/foo.html
  13063. Curl will then use all cookies it finds matching. The old style that sets
  13064. a single cookie with -b is still supported and is used if the string
  13065. following -b includes a '=' letter, as in "-b name=daniel".
  13066. To make curl read the cookies sent in combination with a location: (which
  13067. sites often do) point curl to read a non-existing file at first (i.e
  13068. to start with no existing cookies), like:
  13069. curl -b nowhere http://site/setcookieandrelocate.html
  13070. - Added a paragraph in the TODO file about the SSL problems recently
  13071. reported. Evidently, some kind of SSL-problem curl may need to address.
  13072. - Better "Location:" following.
  13073. Douglas E. Wegscheid (Tue, 30 Mar 1999)
  13074. - A subsecond display patch.
  13075. Daniel (Mar 14 1999)
  13076. - I've separated the version number of libcurl and curl now. To make
  13077. things a little easier, I decided to start the curl numbering from
  13078. 5.6 and the former version number known as "curl" is now the one
  13079. set for libcurl.
  13080. - Removed the 'enable-no-pass' from configure, I doubt anyone wanted
  13081. that.
  13082. - Made lots of tiny adjustments to compile smoothly with cygwin under
  13083. win32. It's a killer for porting this to win32, bye bye VC++! ;-)
  13084. Compiles and builds out-of-the-box now. See the new wordings in
  13085. INSTALL for details.
  13086. - Beginning experiments with downloading multiple document from a http
  13087. server while remaining connected.
  13088. Version 5.6beta
  13089. Daniel (Mar 13 1999)
  13090. - Since I've changed so much, I thought I'd just go ahead and implement the
  13091. suggestion from Douglas E. Wegscheid. -D or --dump-header is now storing
  13092. HTTP headers separately in the specified file.
  13093. - Added new text to INSTALL on what to do to build this on win32 now.
  13094. - Aaargh. I had to take a step back and prefix the shared #include files
  13095. in the sources with "../include/" to please VC++...
  13096. Daniel (Mar 12 1999)
  13097. - Split the url.c source into many tiny sources for better readability
  13098. and smaller size.
  13099. Daniel (Mar 11 1999)
  13100. - Started to change stuff for a move to make libcurl and a more separate
  13101. curl application that uses the libcurl. Made the libcurl sources into
  13102. the new lib directory while the curl application will remain in src as
  13103. before. New makefiles, adjusted configure script and so.
  13104. libcurl.a built quickly and easily. I better make a better interface to
  13105. the lib functions though.
  13106. The new root dir include/ is supposed to contain the public information
  13107. about the new libcurl. It is a little ugly so far :-)
  13108. Daniel (Mar 1 1999)
  13109. - Todd Kaufmann sent me a good link to Netscape's cookie spec as well as the
  13110. info that RFC 2109 specifies how to use them. The link is now in the
  13111. README and the RFC in the RESOURCES.
  13112. Daniel (Feb 23 1999)
  13113. - Finally made configure accept --with-ssl to look for SSL libs and includes
  13114. in the "standard" place /usr/local/ssl...
  13115. Daniel (Feb 22 1999)
  13116. - Verified that curl linked fine with OpenSSL 0.9.1c which seems to be
  13117. the most recent.
  13118. Henri Gomez (Fri Feb 5 1999)
  13119. - Sent in an updated curl-ssl.spec. I still miss the script that builds an
  13120. RPM automatically...
  13121. Version 5.5.1
  13122. Mark Butler (27 Jan 1999)
  13123. - Corrected problems in Download().
  13124. Danitel Stenberg (25 Jan 1999)
  13125. - Jeremie Petit pointed out a few flaws in the source that prevented it from
  13126. compile warning free with the native compiler under Digital Unix v4.0d.
  13127. Version 5.5
  13128. Daniel Stenberg (15 Jan 1999)
  13129. - Added Bjorns small text to the README about the DICT protocol.
  13130. Daniel Stenberg (11 Jan 1999)
  13131. - <jswink at softcom.net> reported about the win32-versioin: "Doesn't use
  13132. ALL_PROXY environment variable". Turned out to be because of the static-
  13133. buffer nature of the win32 environment variable calls!
  13134. Bjorn Reese (10 Jan 1999)
  13135. - I have attached a simple addition for the DICT protocol (RFC 2229).
  13136. It performs dictionary lookups. The output still needs to be better
  13137. formatted.
  13138. To test it try (the exact format, and more examples are described in
  13139. the RFC)
  13140. dict://dict.org/m:hello
  13141. dict://dict.org/m:hello::soundex
  13142. Vicente Garcia (10 Jan 1999)
  13143. - Corrected the progress meter for files larger than 20MB.
  13144. Daniel Stenberg (7 Jan 1999)
  13145. - Corrected the -t and -T help texts. They claimed to be FTP only.
  13146. Version 5.4
  13147. Daniel Stenberg
  13148. (7 Jan 1999)
  13149. - Irving Wolfe reported that curl -s didn't always supress the progress
  13150. reporting. It was the form post that autoamtically always switched it on
  13151. again. This is now corrected!
  13152. (4 Jan 1999)
  13153. - Andreas Kostyrka suggested I'd add PUT and he helped me out to test it. If
  13154. you use -t or -T now on a http or https server, PUT will be used for file
  13155. upload.
  13156. I removed the former use of -T with HTTP. I doubt anyone ever really used
  13157. that.
  13158. (4 Jan 1999)
  13159. - Erik Jacobsen found a width bug in the mprintf() function. I corrected it
  13160. now.
  13161. (4 Jan 1999)
  13162. - As John V. Chow pointed out to me, curl accepted very limited URL sizes. It
  13163. should now accept path parts that are up to at least 4096 bytes.
  13164. - Somehow I screwed up when applying the AIX fix from Gilbert Ramirez, so
  13165. I redid that now.
  13166. Version 5.3a (win32 only)
  13167. Troy Engel
  13168. - Corrected a win32 bug in the environment variable part.
  13169. Version 5.3
  13170. Gilbert Ramirez Jr. (21 Dec 1998)
  13171. - I have implemented the "quote" function of FTP clients. It allows you to
  13172. send arbitrary commands to the remote FTP server. I chose the -Q/--quote
  13173. command-line arguments.
  13174. You can have more than one quoted string, and curl will apply them in
  13175. order. This is what I use for my MVS upload:
  13176. curl -B --crlf -Q "site lrecl=80" -Q "site blk=8000" -T file ftp://os390/test
  13177. Curl will send the two quoted "site" commands in the proper order.
  13178. - Made it compile smoothly on AIX.
  13179. Gilbert Ramirez Jr. (18 Dec 1998)
  13180. - Brought an MVS patch: -3/--mvs, for ftp upload to the MVS ftp server.
  13181. Troy Engel (17 Dec 1998)
  13182. - Brought a correction that fixes the win32 curl bug.
  13183. Daniel Stenberg
  13184. - A bug, pointed out to me by Dr H. T. Leung, caused curl to crash on the -A
  13185. flag on certain systems. Actually, all systems should've!
  13186. - Added a few defines to make directories/file names get build nicer (with _
  13187. instead of . and \ instead of / in win32).
  13188. - steve <fisk at polar.bowdoin.edu> reported a weird bug that occured if the
  13189. ftp server response line had a parenthesis on the line before the (size)
  13190. info. I hope it works better now!
  13191. Version 5.2.1
  13192. Steven G. Johnson (Dec 14, 1998)
  13193. - Brought a fix that corrected a crash in 5.2 due to bad treatment of the
  13194. environment variables.
  13195. Version 5.2
  13196. Daniel Stenberg (Dec 14, 1998)
  13197. - Rewrote the mkhelp script and now, the mkhelp.pl script generates the
  13198. hugehelp.c file from the README *and* the man page file curl.1. By using
  13199. both files, I no longer need to have double information in both the man
  13200. page and the README as well. So, win32-users will only have the hugehelp.c
  13201. file for all info, but then, they download the plain binary most times
  13202. anyway.
  13203. - gcc2.8.1 with the -Wall flag complaints a lot on subscript has type `char'
  13204. if I don't explicitly typecast the argument to isdigit() or isspace() to
  13205. int. So I did to compile warning free with that too.
  13206. - Added checks for 'long double' and 'long long' in the configure script. I
  13207. need those for the mprintf.c source to compile well on non long long
  13208. comforming systems!
  13209. Version 5.1 (not publicly released)
  13210. Daniel Stenberg (Dec 10, 1998)
  13211. - I got a request for a pre-compiled NT Alpha version. Anyone?
  13212. - Added Lynx/CERN www lib proxy environment variable support. That means curl
  13213. now reads and understands the following environment variables:
  13214. HTTP_PROXY, HTTPS_PROXY, FTP_PROXY, GOPHER_PROXY
  13215. They should be set for protocol-specific proxies. General proxy should be
  13216. set with
  13217. ALL_PROXY
  13218. And a comma-separated list of host names that shouldn't go through any
  13219. proxy is set in (only an asterisk, '*' matches all hosts).
  13220. NO_PROXY
  13221. The usage of the -x/--proxy flag overrides the environment variables.
  13222. - Proxy can now be specified with a procotol:// prefix.
  13223. - Wrote the curl.1 man page.
  13224. - Introduced a whole new dynamic buffer system for all sprintf()s. It is
  13225. based on the *printf() package by yours truly and Bjorn Reese. Hopefully,
  13226. there aren't that many buffer overflow risks left now.
  13227. - Ah, I should mention I've compiled and built curl successfully under
  13228. solaris 2.6 with gcc now, gcc 2.7.2 won't work but 2.8.1 did ok.
  13229. Oren Tirosh (Dec 3, 1998)
  13230. - Brought two .spec files, to use when creating (Linux) Redhat style RPM
  13231. packages. They're named curl.spec and curl-ssl.spec.
  13232. Troy Engel
  13233. - Supplied the src/Makefile.vc6 for easy compiling with VC++ under Win32.
  13234. Version 5.0
  13235. Daniel Stenberg (Dec 1, 1998)
  13236. - Not a single bug report in ages.
  13237. - Corrected getpass.c and main.c to compile warning and error free with the
  13238. Win32 VC++ crap.
  13239. Version 5.0 beta 24
  13240. Daniel Stenberg (Nov 20, 1998)
  13241. HOW TO BUILD A RELEASE ARCHIVE:
  13242. * Pre-requisite software:
  13243. What To build what Reads data from
  13244. ==== ============= ===============
  13245. GNU automake Makefile.in, aclocal.m4 configure.in
  13246. GNU make(1) - " -
  13247. GNU gcc(1) - " -
  13248. GNU autoconf configure configure.in
  13249. GNU autoheader(2) config.h.in configure.in, acconfig.h
  13250. * Make sure all files that should be part of the archive are put in FILES.
  13251. * Run './maketgz' and enter version number of the new to become archive.
  13252. maketgz does:
  13253. - Enters the newly created version number in url.h.
  13254. - (If you don't have automake, this script will warn about that, but unless
  13255. you have changed the Makefile.am files, that is nothing to care about.)
  13256. If you have it, it'll run it.
  13257. - If you have autoconf, the configure.in will be edited to get the newly
  13258. created version number and autoconf will be run.
  13259. - Creates a new directory named curl-<version>. (Actually, it uses the base
  13260. name of the current directory up to the first '-'.)
  13261. - Copies all files mentioned in FILES to the new directory. Saving
  13262. permissions and directory structure.
  13263. - Uses tar to create an archive of it all, named curl-<version>.tar.gz
  13264. - gzips the archive
  13265. - Removes the new directory and all its contents.
  13266. * When done, you have an archive stored in your directory named
  13267. curl-<version>.tar.gz.
  13268. Done!
  13269. (1) They're required to make automake run properly.
  13270. (2) It is distributed as a part of the GNU autoconf archive.
  13271. Daniel Stenberg (Nov 18, 1998)
  13272. - I changed the TAG-system. If you ever used urlget() from this package in
  13273. another product, you need to recompile with the new headers. I did this
  13274. new stuff to better deal with different compilers and system with different
  13275. variable sizes. I think it makes it a little more portable. This proves
  13276. to compile warning free with the problematic IRIX compiler!
  13277. - Win32 compiled with a silly error. Corrected now.
  13278. - Brian Chaplin reported yet another problem in
  13279. multiline FTP responses. I've tried to correct it. I mailed him a new
  13280. version and I hope he gets back soon with positive feedback!
  13281. - Improved the 'maketgz' to create a temporary directory tree which it makes
  13282. an archive from instead of the previous renaming of the current one.
  13283. - Mailing list opened (see README).
  13284. - Made -v more verbose on the PASV section of ftp transfers. Now it tells
  13285. host name and IP of the new host (and port number). I also added a section
  13286. about PORT vs PASV in the README.
  13287. Version 5.0 beta 21
  13288. Angus Mackay (Nov 15, 1998)
  13289. - Introduced automake stuff.
  13290. Daniel Stenberg (Nov 13, 1998)
  13291. - Just made a successful GET of a document from an SSL-server using my own
  13292. private certificate for authentication! The certificate has to be in PEM
  13293. format. You do that the easiest way (although not *that* easy) by
  13294. downloading the SSLyeay PKCS#12-patch by Dr Stephen N. Henson from his site
  13295. at: http://www.drh-consultancy.demon.co.uk/. Using his tool, you can
  13296. convert any modern Netscape or (even) MSIE certificate to PEM-format. Use
  13297. it with 'curl -E <certificate:password> https://site.com'. If this isn't a
  13298. cool feature, then I don't know what cool features look like! ;-)
  13299. - Working slowly on telnet connections. #define TRY_TELNET to try it out.
  13300. (curl -u user:passwd "telnet://host.com/cat .login" is one example) I do
  13301. have problem to define how it should work. The prime purpose for this must
  13302. be to get (8bit clean) files via telnet, and it really isn't that easy to
  13303. get files this way. Still having problems with \n being converted to \r\n.
  13304. Angus Mackay (Nov 12, 1998)
  13305. - Corrected another bug in the long parameter name parser.
  13306. - Modified getpass.c (NOTE: see the special licensing in the top of that
  13307. source file).
  13308. Daniel Stenberg (Nov 12, 1998)
  13309. - We may have removed the silly warnings from url.c when compiled under IRIX.
  13310. Thanks again to Bjorn Reese and Martin Staael.
  13311. - Wrote formfind.pl which is a new perl script intended to help you find out
  13312. how a FORM submission should be done. This needs a little more work to get
  13313. really good.
  13314. Daniel Stenberg (Nov 11, 1998)
  13315. - Made the HTTP header-checker accept white spaces before the HTTP/1.? line.
  13316. Appearantly some proxies/sites add such at times (my test proxy did when I
  13317. downloaded a gopher page with it)!
  13318. - Moved the former -h to -M and made -h show the short help text instead. I
  13319. had to enable a forced help text option. Now an even shorter help text will
  13320. be presented when an unknown option and similar, is used.
  13321. - stdcheaders.h didn't work with IRIX 6.4 native cc compiler. I hope my
  13322. changes don't make other versions go nuts instead.
  13323. Daniel Stenberg (Nov 10, 1998)
  13324. - Added a weird check in the configure script to check for the silly AIX
  13325. warnings about my #define strcasecmp() stuff. I do that define to prevent
  13326. me and other contributors to accidentaly use that function name instead
  13327. of strequal()...
  13328. - I bugfixed Angus's getpass.c very little.
  13329. - Fixed the verbose flag names to getopt-style, i.e 'curl --loc' will be
  13330. sufficient instead of --location as "loc" is a unique prefix. Also, anything
  13331. after a '--' is treated as an URL. So if you do have a host with a weeeird
  13332. name you can do 'curl -- -host.com'.
  13333. - Another getopt-adjust; curl now accepts flags after the URL on the command
  13334. line. 'curl www.foo.com -O' is perfectly valid.
  13335. - Corrected the .curlrc parser so that strtok() is no longer used and I
  13336. believe it works better. Even URLs can be specified in it now.
  13337. Angus Mackay (Nov 9, 1998)
  13338. - Replaced getpass.c with a newly written one, not under GPL license
  13339. - Changed OS to a #define in config.h instead of compiler flag
  13340. - Makefile now uses -DHAVE_CONFIG_H
  13341. Daniel Stenberg (Nov 9, 1998)
  13342. - Ok, I expanded the tgz-target to update the version string on each occation
  13343. I build a release archive!
  13344. - I reacted on Angus Mackay's initiative and remade the parameter parser to
  13345. be more getopt compliant. Curl now supports "merged" flags as in
  13346. curl -lsv ftp.site.com
  13347. Do note that I had to move three short-names of the options. Parameters
  13348. that needs an additional string such as -x must be stand-alone or the
  13349. last in a merged sequence:
  13350. curl -lsx my-proxy ftp.site.com
  13351. is ok, but using the flags in a different order like '-lxs' would cause
  13352. unexpected results (as the 's' option would be skipped).
  13353. - I've changed the headers in all files that are subject to the MozPL
  13354. license, as they are supposed to look like when conforming.
  13355. - Made the configure script make the config.h. The former config.h is now
  13356. setup.h.
  13357. - The RESOURCES and TODO files have been added to the archive.
  13358. Angus Mackay (Nov 5, 1998)
  13359. - Fixed getpass.c and various configure stuff
  13360. Daniel Stenberg (Nov 3, 1998)
  13361. - Use -H/--header for custom HTTP-headers. Lets you pass on your own
  13362. specified headers to the remote server. I wouldn't recommend trying to use
  13363. a header with a defined usage according to standards. Use this flag once
  13364. for every custom header you want to add.
  13365. - Use -B/--ftp-ascii to force ftp to use ASCII mode when transfering files.
  13366. - Corrected the 'getlinks.pl' script, I accidentally left my silly proxy
  13367. usage in there! Since the introduction of the .curlrc file, it is easier to
  13368. write scripts that use curl since proxies and stuff should be in the
  13369. .curlrc file anyway.
  13370. - Introducing the new -F flag for HTTP POST. It supports multipart/form-data
  13371. which means it is gonna be possible to upload files etc through HTTP POST.
  13372. Shiraz Kanga asked for the feature and my brother,
  13373. Björn Stenberg helped me design the user
  13374. interface for this beast. This feature requires quite some docs,
  13375. since it has turned out not only quite capable, but also complicated! :-)
  13376. - A note here, since I've received mail about it. SSLeay versions prior to
  13377. 0.8 will *not* work with curl!
  13378. - Wil Langford reported a bug that occurred since curl
  13379. did not properly use CRLF when issuing ftp commands. I fixed it.
  13380. - Rearranged the order config files are read. .curlrc is now *always* read
  13381. first and before the command line flags. -K config files then act as
  13382. additional config items.
  13383. - Use -q AS THE FIRST OPTION specified to prevent .curlrc from being read.
  13384. - You can now disable a proxy by using -x "". Useful if the .curlrc file
  13385. specifies a proxy and you wanna fetch something without going through
  13386. that.
  13387. - I'm thinking of dropping the -p support. Its really not useful since ports
  13388. could (and should?) be specified as :<port> appended on the host name
  13389. instead, both in URLs and to proxy host names.
  13390. - Martin Staael reports curl -L bugs under Windows NT
  13391. (test with URL http://come.to/scsde). This bug is not present in this
  13392. version anymore.
  13393. - Added support for the weird FTP URL type= thing. You can download a file
  13394. using ASCII transfer by appending ";type=A" to the right of it. Other
  13395. available types are type=D for dir-list (NLST) and type=I for binary
  13396. transfer. I can't say I've ever seen anyone use this kind of URL though!
  13397. :-)
  13398. - Troy Engel pointed out a bug in my getenv("HOME")
  13399. usage for win32 systems. I introduce getenv.c to better cope with
  13400. this. Mr Engel helps me with the details around that...
  13401. - A little note to myself and others, I should make the win32-binary built
  13402. with SSL support...
  13403. - Ryan Nelson sent me comments about building curl
  13404. with SSL under FreeBSD. See the Makefile for details. Using the configure
  13405. script, it should work better and automatically now...
  13406. - Cleaned up in the port number mess in the source. No longer stores and uses
  13407. proxy port number separate from normal port number.
  13408. - 'configure' script working. Confirmed compiles on:
  13409. Host SSL Compiler
  13410. SunOS 5.5 no gcc
  13411. SunOS 5.5.1 yes gcc
  13412. SunOS 5.6 no cc (with gcc, it has the "gcc include files" problem)
  13413. SunOS 4.1.3 no gcc (without ANSI C headers)
  13414. SunOS 4.1.2 no gcc (native compiler failed)
  13415. Linux 2.0.18 no gcc
  13416. Linux 2.0.32 yes gcc
  13417. Linux 2.0.35 no gcc (with glibc)
  13418. IRIX 6.2 no gcc (cc compiles generate a few warnings)
  13419. IRIX 6.4 no cc (generated warnings though)
  13420. Win32 no Borland
  13421. OSF4.0 no ?
  13422. - Ooops. The 5beta (and 4.10) under win32 failed if the HOME variable wasn't
  13423. set.
  13424. - When using a proxy, curl now guesses and uses the protocol part in cases
  13425. like:
  13426. curl -x proxy:80 www.site.com
  13427. Proxies normally go nuts unless http:// is prepended to the host name, so
  13428. if curl is used like this, it guesses protocol and appends the protocol
  13429. string before passing it to the proxy. It already did this when used
  13430. without proxy.
  13431. - Better port usage with SSL through proxy now. If you specified a different
  13432. https-port when accessing through a proxy, it didn't use that number
  13433. correctly. I also rewrote the code that parses the stuff read from the
  13434. proxy when you wanna connect through it with SSL.
  13435. - Bjorn Reese helped me work around one of the compiler
  13436. warnings on IRIX native cc compiles.
  13437. Version 4.10 (Oct 26, 1998)
  13438. Daniel Stenberg
  13439. - John A. Bristor suggested a config file switch,
  13440. and since I've been having that idea kind of in the background for a long
  13441. time I rewrote the parameter parsing function a little and now I introduce
  13442. the -K/--config flag. I also made curl *always* (unless -K is used) try to
  13443. load the .curlrc file for command line parameters. The syntax for the
  13444. config file is the standard command line argument style. Details in 'curl
  13445. -h' or the README.
  13446. - I removed the -k option. Keep-alive isn't really anything anyone would
  13447. want to enable with curl anyway.
  13448. - Martin Staael helped me add the 'irix' target. Now
  13449. "make irix" should build curl successfully on non-gcc SGI machines.
  13450. - Single switches now toggle behaviours. I.e if you use -v -v the second
  13451. will switch off the verbose mode the first one enabled. This is so that
  13452. you can disable a default setting a .curlrc file enables etc.
  13453. Version 4.9 (Oct 7, 1998)
  13454. Daniel Stenberg
  13455. - Martin Staael suggested curl would support cookies.
  13456. I added -b/--cookie to enable free-text cookie data to be passed. There's
  13457. also a little blurb about general cookie stuff in the README/help text.
  13458. - dmh <dmh at jet.es> suggested HTTP resume capabilities. Although you could
  13459. manually get curl to resume HTTP documents, I made the -c resume flag work
  13460. for HTTP too (unless -r is used too, which would be very odd anyway).
  13461. - Added checklinks.pl to the archive. It is a still experimental perl script
  13462. that checks all links of a web page by using curl.
  13463. - Rearranged the archive hierarchy a little. Build the executable in the
  13464. src/ dir from now on!
  13465. - Version 4.9 and hereafter, is no longer released under the GPL license.
  13466. I have now updated the LEGAL file etc and now this is released using the
  13467. Mozilla Public License to avoid the plague known as "the GPL virus". You
  13468. must make the source available if you decide to change and/or redistribute
  13469. curl, but if you decide to use curl within something else you do not need
  13470. to offer the world the source to that too.
  13471. - Curl did not like HTTP servers that sent no headers at all on a GET
  13472. request. It is a violation of RFC2068 but appearantly some servers do
  13473. that anyway. Thanks to Gordon Beaton for the report!
  13474. - -L/--location was added after a suggestion from Martin Staael. This makes
  13475. curl ATTEMPT to follow the Location: redirect if one is present in the HTTP
  13476. headers. If -i or -I is used with this flag, you will see headers from all
  13477. sites the Location: points to. Do note that the first server can point to a
  13478. second that points to a third etc. It seems the Location: parameter (said
  13479. to be an AbsoluteURI in RFC2068) isn't always absolute.. :-/ Anyway, I've
  13480. made curl ATTEMPT to do the best it can to deal with the reality.
  13481. - Added getlinks.pl to the archive. getlinks.pl selectively downloads
  13482. files that a web page links to.
  13483. Version 4.8.4
  13484. Daniel Stenberg
  13485. - As Julian Romero Nieto reported, curl reported wrong version number.
  13486. - As Teemu Yli-Elsila pointed out, the win32 version of 4.8 (and probably all
  13487. other versions for win32) didn't work with binary files since I'm too used
  13488. to the UNIX style fopen() where binary and text don't differ...
  13489. - Ralph Beckmann brought me some changes that lets curl compile error and
  13490. warning free with -Wall -pedantic with g++. I also took the opportunity to
  13491. clean off some unused variables and similar.
  13492. - Ralph Beckmann made me aware of a really odd bug now corrected. When curl
  13493. read a set of headers from a HTTP server, divided into more than one read
  13494. and the first read showed a full line *exactly* (i.e ending with a
  13495. newline), curl did not behave well.
  13496. Version 4.8.3
  13497. Daniel Stenberg
  13498. - I was too quick to release 4.8.2 with too little testing. One of the
  13499. changes is now reverted slightly to the 4.8.1 way since 4.8.2 couldn't
  13500. upload files. I still think both problems corrected in 4.8.2 remain
  13501. corrected. Reported by Julian Romero Nieto.
  13502. Version 4.8.2
  13503. Daniel Stenberg
  13504. - Bernhard Iselborn reported two FTP protocol errors curl did. They're now
  13505. corrected. Both appeared when getting files from a MS FTP server! :-)
  13506. Version 4.8.1
  13507. Daniel Stenberg
  13508. - Added a last update of the progress meter when the transfer is done. The
  13509. final output on the screen didn't have to be the final size transfered
  13510. which made it sometimes look odd.
  13511. - Thanks to David Long I got rid of a silly bug that happened if a HTTP-page
  13512. had nothing but header. Appearantly Solaris deals with negative sizes in
  13513. fwrite() calls a lot better than Linux does... =B-]
  13514. Version 4.8 (Aug 31, 1998)
  13515. Daniel Stenberg
  13516. - Continue FTP file transfer. -c is the switch. Note that you need to
  13517. specify a file name if you wanna resume a download (you can't resume a
  13518. download sent to stdout). Resuming upload may be limited by the server
  13519. since curl is then using the non-RFC959 command SIZE to get the size of
  13520. the target file before upload begins (to figure out which offset to
  13521. use). Use -C to specify the offset yourself! -C is handy if you're doing
  13522. the output to something else but a plain file or when you just want to get
  13523. the end of a file.
  13524. - recursiveftpget.pl now features a maximum recursive level argument.
  13525. Version 4.7
  13526. Daniel Stenberg
  13527. - Added support to abort a download if the speed is below a certain amount
  13528. (speed-limit) bytes per second for a certain (speed-time) time.
  13529. - Wrote a perl script 'recursiveftpget.pl' to recursively use curl to get a
  13530. whole ftp directory tree. It is meant as an example of how curl can be
  13531. used. I agree it isn't the wisest thing to do to make a separate new
  13532. connection for each file and directory for this.
  13533. Version 4.6
  13534. Daniel Stenberg
  13535. - Added a first attempt to optionally parse the .netrc file for login user
  13536. and password. If used with http, it enables user authentication. -n is
  13537. the new switch.
  13538. - Removed the extra newlines on the default user-agent string.
  13539. - Corrected the missing ftp upload error messages when it failed without the
  13540. verbose flag set. Gary W. Swearingen found it.
  13541. - Now using alarm() to enable second-precision timeout even on the name
  13542. resolving/connecting phase. The timeout is although reset after that first
  13543. sequence. (This should be corrected.) Gary W. Swearingen reported.
  13544. - Now spells "Unknown" properly, as in "Unknown option 'z'"... :-)
  13545. - Added bug report email address in the README.
  13546. - Added a "current speed" field to the progress meter. It shows the average
  13547. speed the last 5 seconds. The other speed field shows the average speed of
  13548. the entire transfer so far.
  13549. Version 4.5.1
  13550. Linas Vepstas
  13551. - SSL through proxy fix
  13552. - Added -A to allow User-Agent: changes
  13553. Daniel Stenberg
  13554. - Made the -A work when SSL-through-proxy.
  13555. Version 4.5
  13556. Linas Vepstas
  13557. - More SSL corrections
  13558. - I've added a port to AIX.
  13559. - running SSL through a proxy causes a chunk of code to be executred twice.
  13560. one of those blocks needs to be deleted.
  13561. Daniel Stenberg
  13562. - Made -i and -I work again
  13563. Version 4.4
  13564. Linas Vepstas
  13565. - -x can now also specify proxyport when used as in 'proxyhost:proxyport'
  13566. - SSL fixes
  13567. Version 4.3
  13568. Daniel Stenberg
  13569. - Adjusted to compile under win32 (VisualC++ 5). The -P switch does not
  13570. support network interface names in win32. I couldn't figure out how!
  13571. Version 4.2
  13572. Linas Vepstas / Sampo Kellomaki
  13573. - Added SSL / SSLeay support (https://)
  13574. - Added the -T usage for HTTP POST.
  13575. Daniel Stenberg
  13576. - Bugfixed the SSL implementation.
  13577. - Made -P a lot better to use other IP addresses. It now accepts a following
  13578. parameter that can be either
  13579. interface - i.e "eth0" to specify which interface's IP address you
  13580. want to use
  13581. IP address - i.e "192.168.10.1" to specify exact IP number
  13582. host name - i.e "my.host.domain" to specify machine
  13583. "-" - (any single-letter string) to make it pick the machine's
  13584. default
  13585. - The Makefile is now ready to compile for solaris, sunos4 and linux right
  13586. out of the box.
  13587. - Better generated version string seen with 'curl -V'
  13588. Version 4.1
  13589. Daniel Stenberg
  13590. - The IP number returned by the ftp server as a reply to PASV does no longer
  13591. have to DNS resolve. In fact, no IP-number-only addresses have to anymore.
  13592. - Binds better to available port when -P is used.
  13593. - Now LISTs ./ instead of / when used as in ftp://ftp.funet.fi/. The reason
  13594. for this is that exactly that site, ftp.funet.fi, does not allow LIST /
  13595. while LIST ./ is fine. Any objections?
  13596. Version 4 (1998-03-20)
  13597. Daniel Stenberg
  13598. - I took another huge step and changed both version number and project name!
  13599. The reason for the new name is that there are just one too many programs
  13600. named urlget already and this program already can a lot more than merely
  13601. getting URLs, and the reason for the version number is that I did add the
  13602. pretty big change in -P and since I changed name I wanted to start with
  13603. something fresh!
  13604. - The --style flags are working better now.
  13605. - Listing directories with FTP often reported that the file transfer was
  13606. incomplete. Wrong assumptions were too common for directories, why no
  13607. size will be attempted to get compared on them from now on.
  13608. - Implemented the -P flag that let's the ftp control issue a PORT command
  13609. instead of the standard PASV.
  13610. - -a for appending FTP uploads works.
  13611. ***************************************************************************
  13612. Version 3.12 (14 March 1998)
  13613. Daniel Stenberg
  13614. - End-of-header tracking still lacked support for \r\n or just \n at the
  13615. end of the last header line.
  13616. Sergio Barresi
  13617. - Added PROXY authentication.
  13618. Rafael Sagula
  13619. - Fixed some little bugs.
  13620. Version 3.11
  13621. Daniel Stenberg
  13622. - The header parsing was still not correct since the 3.2 modification...
  13623. Version 3.10
  13624. Daniel Stenberg
  13625. - 3.7 and 3.9 were simultaneously developed and merged into this version.
  13626. - FTP upload did not work correctly since 3.2.
  13627. Version 3.9
  13628. Rafael Sagula
  13629. - Added the "-e <url> / --referer <url>" option where we can specify
  13630. the referer page. Obviously, this is necessary only to fool the
  13631. server, but...
  13632. Version 3.7
  13633. Daniel Stenberg
  13634. - Now checks the last error code sent from the ftp server after a file has
  13635. been received or uploaded. Wasn't done previously.
  13636. - When 'urlget <host>' is used without a 'protocol://' first in the host part,
  13637. it now checks for host names starting with ftp or gopher and if it does,
  13638. it uses that protocol by default instead of http.
  13639. Version 3.6
  13640. Daniel Stenberg
  13641. - Silly mistake made the POST bug. This has now also been tested to work with
  13642. proxy.
  13643. Version 3.5
  13644. Daniel Stenberg
  13645. - Highly inspired by Rafael Sagula's changes to the 3.1 that added an almost
  13646. functional POST, I applied his changes into this version and made them work.
  13647. (It seems POST requires the Content-Type and Content-Length headers.) It is
  13648. now usable with the -d switch.
  13649. Version 3.3 - 3.4
  13650. Passed to avoid confusions
  13651. Version 3.2
  13652. Daniel Stenberg
  13653. - Major rewrite of two crucial parts of this code: upload and download.
  13654. They are both now using a select() switch, that allows much better
  13655. progress meter and time control.
  13656. - alarm() usage removed completely
  13657. - FTP get can now list directory contents if the path ends with a slash '/'.
  13658. Urlget on a ftp-path that doesn't end with a slash means urlget will
  13659. attempt getting it as a file name.
  13660. - FTP directory view supports -l for "list-only" which lists the file names
  13661. only.
  13662. - All operations support -m for max time usage in seconds allowed.
  13663. - FTP upload now allows the size of the uploaded file to be provided, and
  13664. thus it can better check it actually uploaded the whole file. It also
  13665. makes the progress meter for uploads much better!
  13666. - Made the parameter parsing fail in cases like 'urlget -r 900' which
  13667. previously tried to connect to the host named '900'.
  13668. Version 3.1
  13669. Kjell Ericson
  13670. - Pointed out how to correct the 3 warnings in win32-compiles.
  13671. Daniel Stenberg
  13672. - Removed all calls to exit().
  13673. - Made the short help text get written to stdout instead of stderr.
  13674. - Made this file instead of keeping these comments in the source.
  13675. - Made two callback hooks, that enable external programs to use urlget()
  13676. easier and to grab the output/offer the input easier.
  13677. - It is evident that Win32-compiles are painful. I watched the output from
  13678. the Borland C++ v5 and it was awful. Just ignore all those warnings.
  13679. Version 3.0
  13680. Daniel Stenberg
  13681. - Added FTP upload capabilities. The name urlget gets a bit silly now
  13682. when we can put too... =)
  13683. - Restructured the source quite a lot.
  13684. Changed the urlget() interface. This way, we will survive changes much
  13685. better. New features can come and old can be removed without us needing
  13686. to change the interface. I've written a small explanation in urlget.h
  13687. that explains it.
  13688. - New flags include -t, -T, -O and -h. The -h text is generated by the new
  13689. mkhelp script.
  13690. Version 2.9
  13691. Remco van Hooff
  13692. - Added a fix to make it compile smoothly on Amiga using the SAS/C
  13693. compiler.
  13694. Daniel Stenberg
  13695. - Believe it or not, but the STUPID Novell web server seems to require
  13696. that the Host: keyword is used, so well I use it and I (re-introduce) the
  13697. urlget User-Agent:. I still have to check that this Host: usage works with
  13698. proxies... 'Host:' is required for HTTP/1.1 GET according to RFC2068.
  13699. Version 2.8
  13700. Rafael Sagula
  13701. - some little modifications
  13702. Version 2.7
  13703. Daniel Stenberg
  13704. - Removed the -l option and introduced the -f option instead. Now I'll
  13705. rewrite the former -l kludge in an external script that'll use urlget to
  13706. fetch multipart files like that.
  13707. - '-f' is introduced, it means Fail without output in case of HTTP server
  13708. errors (return code >=300).
  13709. - Added support for -r, ranges. Specify which part of a document you
  13710. want, and only that part is returned. Only with HTTP/1.1-servers.
  13711. - Split up the source in 3 parts. Now all pure URL functions are in
  13712. urlget.c and stuff that deals with the stand-alone program is in main.c.
  13713. - I took a few minutes and wrote an embryo of a README file to explain
  13714. a few things.
  13715. Version 2.6
  13716. Daniel Stenberg
  13717. - Made the -l (loop) thing use the new CONF_FAILONERROR which makes
  13718. urlget() return error code if non-successful. It also won't output anything
  13719. then. Now finally removed the HTTP 1.0 and error 404 dependencies.
  13720. - Added -I which uses the HEAD request to get the header only from a
  13721. http-server.
  13722. Version 2.5
  13723. Rafael Sagula
  13724. - Made the progress meter use HHH:MM:SS instead of only seconds.
  13725. Version 2.4
  13726. Daniel Stenberg
  13727. - Added progress meter. It appears when downloading > BUFFER SIZE and
  13728. mute is not selected. I found out that when downloading large files from
  13729. really really slow sites, it is desirable to know the status of the
  13730. download. Do note that some downloads are done unawaring of the size, which
  13731. makes the progress meter less thrilling ;) If the output is sent to a tty,
  13732. the progress meter is shut off.
  13733. - Increased buffer size used for reading.
  13734. - Added length checks in the user+passwd parsing.
  13735. - Made it grok user+passwd for HTTP fetches. The trick is to base64
  13736. encode the user+passwd and send an extra header line. Read chapter 11.1 in
  13737. RFC2068 for details. I added it to be used just like the ftp one. To get a
  13738. http document from a place that requires user and password, use an URL
  13739. like:
  13740. http://user:passwd@www.site.to.leach/doc.html
  13741. I also added the -u flag, since WHEN USING A PROXY YOU CAN'T SPECIFY THE
  13742. USER AND PASSWORD WITH HTTP LIKE THAT. The -u flag works for ftp too, but
  13743. not if used with proxy. To do the same as the above one, you can invoke:
  13744. urlget -u user:passwd http://www.site.to.leach/doc.html
  13745. Version 2.3
  13746. Rafael Sagula
  13747. - Added "-o" option (output file)
  13748. - Added URG_HTTP_NOT_FOUND return code.
  13749. (Daniel's note:)
  13750. Perhaps we should detect all kinds of errors and instead of writing that
  13751. custom string for the particular 404-error, use the error text we actually
  13752. get from the server. See further details in RFC2068 (HTTP 1.1
  13753. definition). The current way also relies on a HTTP/1.0 reply, which newer
  13754. servers might not do.
  13755. - Looping mode ("-l" option). It's easier to get various split files.
  13756. (Daniel's note:)
  13757. Use it like 'urlget -l 1 http://from.this.site/file%d.html', which will
  13758. make urlget to attempt to fetch all files named file1.html, file2.html etc
  13759. until no more files are found. This is only a modification of the
  13760. STAND_ALONE part, nothing in the urlget() function was modfified for this.
  13761. Daniel Stenberg
  13762. - Changed the -h to be -i instead. -h should be preserved to help use.
  13763. - Bjorn Reese indicated that Borland _might_ use '_WIN32' instead of the
  13764. VC++ WIN32 define and therefore I added a little fix for that.
  13765. Version 2.2
  13766. Johan Andersson
  13767. - The urlget function didn't set the path to url when using proxy.
  13768. - Fixed bug with IMC proxy. Now using (almost) complete GET command.
  13769. Daniel Stenberg
  13770. - Made it compile on Solaris. Had to reorganize the includes a bit.
  13771. (so Win32, Linux, SunOS 4 and Solaris 2 compile fine.)
  13772. - Made Johan's keepalive keyword optional with the -k flag (since it
  13773. makes a lot of urlgets take a lot longer time).
  13774. - Made a '-h' switch in case you want the HTTP-header in the output.
  13775. Version 2.1
  13776. Daniel Stenberg and Kjell Ericson
  13777. - Win32-compilable
  13778. - No more global variables
  13779. - Mute option (no output at all to stderr)
  13780. - Full range of return codes from urlget(), which is now written to be a
  13781. function for easy-to-use in [other] programs.
  13782. - Define STAND_ALONE to compile the stand alone urlget program
  13783. - Now compiles with gcc options -ansi -Wall -pedantic ;)
  13784. Version 2.0
  13785. - Introducing ftp GET support. The FTP URL type is recognized and used.
  13786. - Renamed the project to 'urlget'.
  13787. - Supports the user+passwd in the FTP URL (otherwise it tries anonymous
  13788. login with a weird email address as password).
  13789. Version 1.5
  13790. Daniel Stenberg
  13791. - The skip_header() crap messed it up big-time. By simply removing that
  13792. one we can all of a sudden download anything ;)
  13793. - No longer requires a trailing slash on the URLs.
  13794. - If the given URL isn't prefixed with 'http://', HTTP is assumed and
  13795. given a try!
  13796. - 'void main()' is history.
  13797. Version 1.4
  13798. Daniel Stenberg
  13799. - The gopher source used the ppath variable instead of path which could
  13800. lead to disaster.
  13801. Version 1.3
  13802. Daniel Stenberg
  13803. - Well, I added a lame text about the time it took to get the data. I also
  13804. fought against Johan to prevent his -f option (to specify a file name
  13805. that should be written instead of stdout)! =)
  13806. - Made it write 'connection refused' for that particular connect()
  13807. problem.
  13808. - Renumbered the version. Let's not make silly 1.0.X versions, this is
  13809. a plain 1.3 instead.
  13810. Version 1.2
  13811. Johan Andersson
  13812. - Discovered and fixed the problem with getting binary files. puts() is
  13813. now replaced with fwrite(). (Daniel's note: this also fixed the buffer
  13814. overwrite problem I found in the previous version.)
  13815. Rafael Sagula
  13816. - Let "-p" before "-x".
  13817. Daniel Stenberg
  13818. - Bugfixed the proxy usage. It should *NOT* use nor strip the port number
  13819. from the URL but simply pass that information to the proxy. This also
  13820. made the user/password fields possible to use in proxy [ftp-] URLs.
  13821. (like in ftp://user:password@ftp.my.site:8021/README)
  13822. Johan Andersson
  13823. - Implemented HTTP proxy support.
  13824. - Receive byte counter added.
  13825. Bjorn Reese
  13826. - Implemented URLs (and skipped the old syntax).
  13827. - Output is written to stdout, so to achieve the above example, do:
  13828. httpget http://143.54.10.6/info_logo.gif > test.gif
  13829. Version 1.1
  13830. Daniel Stenberg
  13831. - Adjusted it slightly to accept named hosts on the command line. We
  13832. wouldn't wanna use IP numbers for the rest of our lifes, would we?
  13833. Version 1.0
  13834. Rafael Sagula
  13835. - Wrote the initial httpget, which started all this!