123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561 |
- _ _ ____ _
- ___| | | | _ \| |
- / __| | | | |_) | |
- | (__| |_| | _ <| |___
- \___|\___/|_| \_\_____|
- Things that could be nice to do in the future
- Things to do in project cURL. Please tell us what you think, contribute and
- send us patches that improve things!
- All bugs documented in the KNOWN_BUGS document are subject for fixing!
- 1. libcurl
- 1.2 More data sharing
- 1.3 struct lifreq
- 1.4 signal-based resolver timeouts
- 1.5 get rid of PATH_MAX
- 1.6 progress callback without doubles
- 2. libcurl - multi interface
- 2.1 More non-blocking
- 2.2 Remove easy interface internally
- 2.4 Fix HTTP Pipelining for PUT
- 3. Documentation
- 3.1 More and better
- 4. FTP
- 4.1 HOST
- 4.2 Alter passive/active on failure and retry
- 4.3 Earlier bad letter detection
- 4.4 REST for large files
- 4.5 FTP proxy support
- 4.6 ASCII support
- 5. HTTP
- 5.1 Better persistency for HTTP 1.0
- 5.2 support FF3 sqlite cookie files
- 5.3 Rearrange request header order
- 6. TELNET
- 6.1 ditch stdin
- 6.2 ditch telnet-specific select
- 6.3 feature negotiation debug data
- 6.4 send data in chunks
- 7. SSL
- 7.1 Disable specific versions
- 7.2 Provide mutex locking API
- 7.3 Evaluate SSL patches
- 7.4 Cache OpenSSL contexts
- 7.5 Export session ids
- 7.6 Provide callback for cert verification
- 7.7 Support other SSL libraries
- 7.9 improve configure --with-ssl
- 8. GnuTLS
- 8.1 SSL engine stuff
- 8.3 check connection
- 8.4 non-gcrypt
- 9. Other protocols
- 10. New protocols
- 10.1 RSYNC
- 11. Client
- 11.1 sync
- 11.2 glob posts
- 11.3 prevent file overwriting
- 11.4 simultaneous parallel transfers
- 11.5 provide formpost headers
- 11.6 url-specific options
- 11.7 metalink support
- 11.8 warning when setting an option
- 11.9 IPv6 addresses with globbing
- 12. Build
- 12.1 roffit
- 13. Test suite
- 13.1 SSL tunnel
- 13.2 nicer lacking perl message
- 13.3 more protocols supported
- 13.4 more platforms supported
- 14. Next SONAME bump
- 14.1 http-style HEAD output for ftp
- 14.2 combine error codes
- 14.3 extend CURLOPT_SOCKOPTFUNCTION prototype
- 15. Next major release
- 15.1 cleanup return codes
- 15.2 remove obsolete defines
- 15.3 size_t
- 15.4 remove several functions
- 15.5 remove CURLOPT_FAILONERROR
- 15.6 remove CURLOPT_DNS_USE_GLOBAL_CACHE
- 15.7 remove progress meter from libcurl
- 15.8 remove 'curl_httppost' from public
- ==============================================================================
- 1. libcurl
- 1.2 More data sharing
- curl_share_* functions already exist and work, and they can be extended to
- share more. For example, enable sharing of the ares channel and the
- connection cache.
- 1.3 struct lifreq
- Use 'struct lifreq' and SIOCGLIFADDR instead of 'struct ifreq' and
- SIOCGIFADDR on newer Solaris versions as they claim the latter is obsolete.
- To support ipv6 interface addresses for network interfaces properly.
- 1.4 signal-based resolver timeouts
- libcurl built without an asynchronous resolver library uses alarm() to time
- out DNS lookups. When a timeout occurs, this causes libcurl to jump from the
- signal handler back into the library with a sigsetjmp, which effectively
- causes libcurl to continue running within the signal handler. This is
- non-portable and could cause problems on some platforms. A discussion on the
- problem is available at http://curl.haxx.se/mail/lib-2008-09/0197.html
- Also, alarm() provides timeout resolution only to the nearest second. alarm
- ought to be replaced by setitimer on systems that support it.
- 1.5 get rid of PATH_MAX
- Having code use and rely on PATH_MAX is not nice:
- http://insanecoding.blogspot.com/2007/11/pathmax-simply-isnt.html
- Currently the SSH based code uses it a bit, but to remove PATH_MAX from there
- we need libssh2 to properly tell us when we pass in a too small buffer and
- its current API (as of libssh2 1.2.7) doesn't.
- 1.6 progress callback without doubles
- The progress callback was introduced way back in the days and the choice to
- use doubles in the arguments was possibly good at the time. Today the doubles
- only confuse users and make the amounts less precise. We should introduce
- another progress callback option that take precedence over the old one and
- have both co-exist for a forseeable time until we can remove the double-using
- one.
- 2. libcurl - multi interface
- 2.1 More non-blocking
- Make sure we don't ever loop because of non-blocking sockets returning
- EWOULDBLOCK or similar. Blocking cases include:
- - Name resolves on non-windows unless c-ares is used
- - NSS SSL connections
- - Active FTP connections
- - HTTP proxy CONNECT operations
- - SOCKS proxy handshakes
- - file:// transfers
- - TELNET transfers
- - The "DONE" operation (post transfer protocol-specific actions) for the
- protocols SFTP, SMTP, FTP. Fixing Curl_done() for this is a worthy task.
- 2.2 Remove easy interface internally
- Make curl_easy_perform() a wrapper-function that simply creates a multi
- handle, adds the easy handle to it, runs curl_multi_perform() until the
- transfer is done, then detach the easy handle, destroy the multi handle and
- return the easy handle's return code. This will thus make everything
- internally use and assume the multi interface. The select()-loop should use
- curl_multi_socket().
- 2.4 Fix HTTP Pipelining for PUT
- HTTP Pipelining can be a way to greatly enhance performance for multiple
- serial requests and currently libcurl only supports that for HEAD and GET
- requests but it should also be possible for PUT.
- 3. Documentation
- 3.1 More and better
- Exactly
- 4. FTP
- 4.1 HOST
- HOST is a suggested command in the works for a client to tell which host name
- to use, to offer FTP servers named-based virtual hosting:
- http://tools.ietf.org/html/draft-hethmon-mcmurray-ftp-hosts-11
- 4.2 Alter passive/active on failure and retry
- When trying to connect passively to a server which only supports active
- connections, libcurl returns CURLE_FTP_WEIRD_PASV_REPLY and closes the
- connection. There could be a way to fallback to an active connection (and
- vice versa). http://curl.haxx.se/bug/feature.cgi?id=1754793
- 4.3 Earlier bad letter detection
- Make the detection of (bad) %0d and %0a codes in FTP url parts earlier in the
- process to avoid doing a resolve and connect in vain.
- 4.4 REST for large files
- REST fix for servers not behaving well on >2GB requests. This should fail if
- the server doesn't set the pointer to the requested index. The tricky
- (impossible?) part is to figure out if the server did the right thing or not.
- 4.5 FTP proxy support
- Support the most common FTP proxies, Philip Newton provided a list allegedly
- from ncftp. This is not a subject without debate, and is probably not really
- suitable for libcurl. http://curl.haxx.se/mail/archive-2003-04/0126.html
- 4.6 ASCII support
- FTP ASCII transfers do not follow RFC959. They don't convert the data
- accordingly.
- 5. HTTP
- 5.1 Better persistency for HTTP 1.0
- "Better" support for persistent connections over HTTP 1.0
- http://curl.haxx.se/bug/feature.cgi?id=1089001
- 5.2 support FF3 sqlite cookie files
- Firefox 3 is changing from its former format to a a sqlite database instead.
- We should consider how (lib)curl can/should support this.
- http://curl.haxx.se/bug/feature.cgi?id=1871388
- 5.3 Rearrange request header order
- Server implementors often make an effort to detect browser and to reject
- clients it can detect to not match. One of the last details we cannot yet
- control in libcurl's HTTP requests, which also can be exploited to detect
- that libcurl is in fact used even when it tries to impersonate a browser, is
- the order of the request headers. I propose that we introduce a new option in
- which you give headers a value, and then when the HTTP request is built it
- sorts the headers based on that number. We could then have internally created
- headers use a default value so only headers that need to be moved have to be
- specified.
- 6. TELNET
- 6.1 ditch stdin
- Reading input (to send to the remote server) on stdin is a crappy solution for
- library purposes. We need to invent a good way for the application to be able
- to provide the data to send.
- 6.2 ditch telnet-specific select
- Move the telnet support's network select() loop go away and merge the code
- into the main transfer loop. Until this is done, the multi interface won't
- work for telnet.
- 6.3 feature negotiation debug data
- Add telnet feature negotiation data to the debug callback as header data.
- 6.4 send data in chunks
- Currently, telnet sends data one byte at a time. This is fine for interactive
- use, but inefficient for any other. Sent data should be sent in larger
- chunks.
- 7. SSL
- 7.1 Disable specific versions
- Provide an option that allows for disabling specific SSL versions, such as
- SSLv2 http://curl.haxx.se/bug/feature.cgi?id=1767276
- 7.2 Provide mutex locking API
- Provide a libcurl API for setting mutex callbacks in the underlying SSL
- library, so that the same application code can use mutex-locking
- independently of OpenSSL or GnutTLS being used.
- 7.3 Evaluate SSL patches
- Evaluate/apply Gertjan van Wingerde's SSL patches:
- http://curl.haxx.se/mail/lib-2004-03/0087.html
- 7.4 Cache OpenSSL contexts
- "Look at SSL cafile - quick traces look to me like these are done on every
- request as well, when they should only be necessary once per ssl context (or
- once per handle)". The major improvement we can rather easily do is to make
- sure we don't create and kill a new SSL "context" for every request, but
- instead make one for every connection and re-use that SSL context in the same
- style connections are re-used. It will make us use slightly more memory but
- it will libcurl do less creations and deletions of SSL contexts.
- 7.5 Export session ids
- Add an interface to libcurl that enables "session IDs" to get
- exported/imported. Cris Bailiff said: "OpenSSL has functions which can
- serialise the current SSL state to a buffer of your choice, and recover/reset
- the state from such a buffer at a later date - this is used by mod_ssl for
- apache to implement and SSL session ID cache".
- 7.6 Provide callback for cert verification
- OpenSSL supports a callback for customised verification of the peer
- certificate, but this doesn't seem to be exposed in the libcurl APIs. Could
- it be? There's so much that could be done if it were!
- 7.7 Support other SSL libraries
- Make curl's SSL layer capable of using other free SSL libraries. Such as
- MatrixSSL (http://www.matrixssl.org/).
- 7.9 improve configure --with-ssl
- make the configure --with-ssl option first check for OpenSSL, then GnuTLS,
- then NSS...
- 8. GnuTLS
- 8.1 SSL engine stuff
- Is this even possible?
- 8.3 check connection
- Add a way to check if the connection seems to be alive, to correspond to the
- SSL_peak() way we use with OpenSSL.
- 8.4 non-gcrypt
- libcurl assumes that there are gcrypt functions available when
- GnuTLS is.
- GnuTLS can be built to use libnettle instead as crypto library,
- which breaks the previously mentioned assumption
- The correct fix would be to detect which crypto layer that is in use and
- adapt our code to use that instead of blindly assuming gcrypt.
- 9. Other protocols
- 10. New protocols
- 10.1 RSYNC
- There's no RFC for protocol nor URI/URL format. An implementation should
- most probably use an existing rsync library, such as librsync.
- 11. Client
- 11.1 sync
- "curl --sync http://example.com/feed[1-100].rss" or
- "curl --sync http://example.net/{index,calendar,history}.html"
- Downloads a range or set of URLs using the remote name, but only if the
- remote file is newer than the local file. A Last-Modified HTTP date header
- should also be used to set the mod date on the downloaded file.
- 11.2 glob posts
- Globbing support for -d and -F, as in 'curl -d "name=foo[0-9]" URL'.
- This is easily scripted though.
- 11.3 prevent file overwriting
- Add an option that prevents cURL from overwriting existing local files. When
- used, and there already is an existing file with the target file name
- (either -O or -o), a number should be appended (and increased if already
- existing). So that index.html becomes first index.html.1 and then
- index.html.2 etc.
- 11.4 simultaneous parallel transfers
- The client could be told to use maximum N simultaneous parallel transfers and
- then just make sure that happens. It should of course not make more than one
- connection to the same remote host. This would require the client to use the
- multi interface. http://curl.haxx.se/bug/feature.cgi?id=1558595
- 11.5 provide formpost headers
- Extending the capabilities of the multipart formposting. How about leaving
- the ';type=foo' syntax as it is and adding an extra tag (headers) which
- works like this: curl -F "coolfiles=@fil1.txt;headers=@fil1.hdr" where
- fil1.hdr contains extra headers like
- Content-Type: text/plain; charset=KOI8-R"
- Content-Transfer-Encoding: base64
- X-User-Comment: Please don't use browser specific HTML code
- which should overwrite the program reasonable defaults (plain/text,
- 8bit...)
- 11.6 url-specific options
- Provide a way to make options bound to a specific URL among several on the
- command line. Possibly by letting ':' separate options between URLs,
- similar to this:
- curl --data foo --url url.com : \
- --url url2.com : \
- --url url3.com --data foo3
- (More details: http://curl.haxx.se/mail/archive-2004-07/0133.html)
- The example would do a POST-GET-POST combination on a single command line.
- 11.7 metalink support
- Add metalink support to curl (http://www.metalinker.org/). This is most useful
- with simultaneous parallel transfers (11.6) but not necessary.
- 11.8 warning when setting an option
- Display a warning when libcurl returns an error when setting an option.
- This can be useful to tell when support for a particular feature hasn't been
- compiled into the library.
- 11.9 IPv6 addresses with globbing
- Currently the command line client needs to get url globbing disabled (with
- -g) for it to support IPv6 numerical addresses. This is a rather silly flaw
- that should be corrected. It probably involves a smarter detection of the
- '[' and ']' letters.
- 12. Build
- 12.1 roffit
- Consider extending 'roffit' to produce decent ASCII output, and use that
- instead of (g)nroff when building src/hugehelp.c
- 13. Test suite
- 13.1 SSL tunnel
- Make our own version of stunnel for simple port forwarding to enable HTTPS
- and FTP-SSL tests without the stunnel dependency, and it could allow us to
- provide test tools built with either OpenSSL or GnuTLS
- 13.2 nicer lacking perl message
- If perl wasn't found by the configure script, don't attempt to run the tests
- but explain something nice why it doesn't.
- 13.3 more protocols supported
- Extend the test suite to include more protocols. The telnet could just do ftp
- or http operations (for which we have test servers).
- 13.4 more platforms supported
- Make the test suite work on more platforms. OpenBSD and Mac OS. Remove
- fork()s and it should become even more portable.
- 14. Next SONAME bump
- 14.1 http-style HEAD output for ftp
- #undef CURL_FTP_HTTPSTYLE_HEAD in lib/ftp.c to remove the HTTP-style headers
- from being output in NOBODY requests over ftp
- 14.2 combine error codes
- Combine some of the error codes to remove duplicates. The original
- numbering should not be changed, and the old identifiers would be
- macroed to the new ones in an CURL_NO_OLDIES section to help with
- backward compatibility.
- Candidates for removal and their replacements:
- CURLE_FILE_COULDNT_READ_FILE => CURLE_REMOTE_FILE_NOT_FOUND
- CURLE_FTP_COULDNT_RETR_FILE => CURLE_REMOTE_FILE_NOT_FOUND
- CURLE_FTP_COULDNT_USE_REST => CURLE_RANGE_ERROR
- CURLE_FUNCTION_NOT_FOUND => CURLE_FAILED_INIT
- CURLE_LDAP_INVALID_URL => CURLE_URL_MALFORMAT
- CURLE_TFTP_NOSUCHUSER => CURLE_TFTP_ILLEGAL
- CURLE_TFTP_NOTFOUND => CURLE_REMOTE_FILE_NOT_FOUND
- CURLE_TFTP_PERM => CURLE_REMOTE_ACCESS_DENIED
- 14.3 extend CURLOPT_SOCKOPTFUNCTION prototype
- The current prototype only provides 'purpose' that tells what the
- connection/socket is for, but not any protocol or similar. It makes it hard
- for applications to differentiate on TCP vs UDP and even HTTP vs FTP and
- similar.
- 15. Next major release
- 15.1 cleanup return codes
- curl_easy_cleanup() returns void, but curl_multi_cleanup() returns a
- CURLMcode. These should be changed to be the same.
- 15.2 remove obsolete defines
- remove obsolete defines from curl/curl.h
- 15.3 size_t
- make several functions use size_t instead of int in their APIs
- 15.4 remove several functions
- remove the following functions from the public API:
- curl_getenv
- curl_mprintf (and variations)
- curl_strequal
- curl_strnequal
- They will instead become curlx_ - alternatives. That makes the curl app
- still capable of using them, by building with them from source.
- These functions have no purpose anymore:
- curl_multi_socket
- curl_multi_socket_all
- 15.5 remove CURLOPT_FAILONERROR
- Remove support for CURLOPT_FAILONERROR, it has gotten too kludgy and weird
- internally. Let the app judge success or not for itself.
- 15.6 remove CURLOPT_DNS_USE_GLOBAL_CACHE
- Remove support for a global DNS cache. Anything global is silly, and we
- already offer the share interface for the same functionality but done
- "right".
- 15.7 remove progress meter from libcurl
- The internally provided progress meter output doesn't belong in the library.
- Basically no application wants it (apart from curl) but instead applications
- can and should do their own progress meters using the progress callback.
- The progress callback should then be bumped as well to get proper 64bit
- variable types passed to it instead of doubles so that big files work
- correctly.
- 15.8 remove 'curl_httppost' from public
- curl_formadd() was made to fill in a public struct, but the fact that the
- struct is public is never really used by application for their own advantage
- but instead often restricts how the form functions can or can't be modified.
- Changing them to return a private handle will benefit the implementation and
- allow us much greater freedoms while still maintining a solid API and ABI.
|