2004-05-17 06:39:44 -04:00
|
|
|
|
_ _ ____ _
|
|
|
|
|
___| | | | _ \| |
|
|
|
|
|
/ __| | | | |_) | |
|
|
|
|
|
| (__| |_| | _ <| |___
|
1999-12-29 09:20:26 -05:00
|
|
|
|
\___|\___/|_| \_\_____|
|
|
|
|
|
|
2002-06-26 03:16:11 -04:00
|
|
|
|
Changelog
|
|
|
|
|
|
2007-02-19 06:53:54 -05:00
|
|
|
|
Daniel (19 February 2007)
|
2007-02-19 07:20:32 -05:00
|
|
|
|
- Shmulik Regev found a memory leak in re-used HTTPS connections, at least
|
|
|
|
|
when the multi interface was used.
|
|
|
|
|
|
2007-02-19 06:53:54 -05:00
|
|
|
|
- Robson Braga Araujo made passive FTP transfers work with SOCKS (both 4 and
|
|
|
|
|
5).
|
|
|
|
|
|
2007-02-18 18:02:42 -05:00
|
|
|
|
Daniel (18 February 2007)
|
|
|
|
|
- Jeff Pohlmeyer identified two problems: first a rather obscure problem with
|
|
|
|
|
the multi interface and connection re-use that could make a
|
|
|
|
|
curl_multi_remove_handle() ruin a pointer in another handle.
|
|
|
|
|
|
|
|
|
|
The second problem was less of an actual problem but more of minor quirk:
|
|
|
|
|
the re-using of connections wasn't properly checking if the connection was
|
|
|
|
|
marked for closure.
|
|
|
|
|
|
2007-02-16 10:37:05 -05:00
|
|
|
|
Daniel (16 February 2007)
|
|
|
|
|
- Duncan Mac-Vicar Prett and Michal Marek reported problems with resetting
|
|
|
|
|
CURLOPT_RANGE back to no range on an easy handle when using FTP.
|
|
|
|
|
|
2007-02-14 13:13:16 -05:00
|
|
|
|
Dan F (14 February 2007)
|
|
|
|
|
- Fixed curl-config --libs so it doesn't list unnecessary libraries (and
|
|
|
|
|
therefore introduce unnecessary dependencies) when it's not needed.
|
|
|
|
|
Also, don't bother adding a library path of /usr/lib
|
|
|
|
|
|
2007-02-13 16:21:44 -05:00
|
|
|
|
Daniel (13 February 2007)
|
2007-02-13 17:50:16 -05:00
|
|
|
|
- The default password for anonymous FTP connections is now changed to be
|
|
|
|
|
"ftp@example.com".
|
|
|
|
|
|
2007-02-13 16:21:44 -05:00
|
|
|
|
- Robert A. Monat made libcurl build fine with VC2005 - it doesn't have
|
|
|
|
|
gmtime_r() like the older VC versions. He also made use of some machine-
|
|
|
|
|
specific defines to differentiate the "OS" define.
|
|
|
|
|
|
2007-02-12 07:15:41 -05:00
|
|
|
|
Daniel (12 February 2007)
|
2007-02-12 17:32:37 -05:00
|
|
|
|
- Rob Crittenden added support for NSS (Network Security Service) for the
|
|
|
|
|
SSL/TLS layer. http://www.mozilla.org/projects/security/pki/nss/
|
|
|
|
|
|
|
|
|
|
This is the fourth supported library for TLS/SSL that libcurl supports!
|
|
|
|
|
|
2007-02-12 16:13:47 -05:00
|
|
|
|
- Shmulik Regev fixed so that the final CRLF of HTTP response headers are sent
|
|
|
|
|
to the debug callback.
|
|
|
|
|
|
|
|
|
|
- Shmulik Regev added CURLOPT_HTTP_CONTENT_DECODING and
|
|
|
|
|
CURLOPT_HTTP_TRANSFER_DECODING that if set to zero will disable libcurl's
|
|
|
|
|
internal decoding of content or transfer encoded content. This may be
|
|
|
|
|
preferable in cases where you use libcurl for proxy purposes or similar. The
|
|
|
|
|
command line tool got a --raw option to disable both at once.
|
2007-02-12 17:41:43 -05:00
|
|
|
|
|
|
|
|
|
- release tarballs made with maketgz will from now on have a LIBCURL_TIMESTAMP
|
|
|
|
|
define set to hold the exact date and time of when the tarball was built, as
|
|
|
|
|
a human readable string using the UTC time zone.
|
2007-02-12 16:13:47 -05:00
|
|
|
|
|
2007-02-12 07:15:41 -05:00
|
|
|
|
- Jeff Pohlmeyer fixed a flaw in curl_multi_add_handle() when adding a handle
|
|
|
|
|
that has an easy handle present in the "closure" list pending closure.
|
|
|
|
|
|
2007-02-06 11:07:15 -05:00
|
|
|
|
Daniel (6 February 2007)
|
|
|
|
|
- Regular file downloads wiht SFTP and SCP are now done using the non-blocking
|
|
|
|
|
API of libssh2, if the libssh2 headers seem to support them. This will make
|
|
|
|
|
SCP and SFTP much more responsive and better libcurl citizens when used with
|
|
|
|
|
the multi interface etc.
|
|
|
|
|
|
2007-02-05 17:51:32 -05:00
|
|
|
|
Daniel (5 February 2007)
|
|
|
|
|
- Michael Wallner added support for CURLOPT_TIMEOUT_MS and
|
|
|
|
|
CURLOPT_CONNECTTIMEOUT_MS that, as their names suggest, do the timeouts with
|
|
|
|
|
millisecond resolution. The only restriction to that is the alarm()
|
|
|
|
|
(sometimes) used to abort name resolves as that uses full seconds. I fixed
|
|
|
|
|
the FTP response timeout part of the patch.
|
|
|
|
|
|
|
|
|
|
Internally we now count and keep the timeouts in milliseconds but it also
|
|
|
|
|
means we multiply set timeouts with 1000. The effect of this is that no
|
|
|
|
|
timeout can be set to more than 2^31 milliseconds (on 32 bit systems), which
|
|
|
|
|
equals 24.86 days. We probably couldn't before either since the code did
|
|
|
|
|
*1000 on the timeout values on several places already.
|
|
|
|
|
|
2007-02-03 04:34:03 -05:00
|
|
|
|
Daniel (3 February 2007)
|
|
|
|
|
- Yang Tse fixed the cookie expiry date in several test cases that started to
|
|
|
|
|
fail since they used "1 feb 2007"...
|
|
|
|
|
|
|
|
|
|
- Manfred Schwarb reported that socks5 support was broken and help us pinpoint
|
|
|
|
|
the problem. The code now tries harder to use httproxy and proxy where
|
|
|
|
|
apppropriate, as not all proxies are HTTP...
|
|
|
|
|
|
2007-01-29 09:53:01 -05:00
|
|
|
|
Version 7.16.1 (29 January 2007)
|
|
|
|
|
|
2007-01-29 04:26:36 -05:00
|
|
|
|
Daniel (29 January 2007)
|
|
|
|
|
- Michael Wallner reported that when doing a CONNECT with a custom User-Agent
|
|
|
|
|
header, you got _two_ User-Agent headers in the CONNECT request...! Added
|
|
|
|
|
test case 287 to verify the fix.
|
|
|
|
|
|
2007-01-27 18:02:17 -05:00
|
|
|
|
Daniel (28 January 2007)
|
2007-01-28 07:58:13 -05:00
|
|
|
|
- curl_easy_reset() now resets the CA bundle path correctly.
|
|
|
|
|
|
2007-01-27 18:02:17 -05:00
|
|
|
|
- David McCreedy fixed the Curl command line tool for HTTP on non-ASCII
|
|
|
|
|
platforms.
|
|
|
|
|
|
2007-01-25 10:58:00 -05:00
|
|
|
|
Daniel (25 January 2007)
|
|
|
|
|
- Added the --libcurl [file] option to curl. Append this option to any
|
|
|
|
|
ordinary curl command line, and you will get a libcurl-using source code
|
|
|
|
|
written to the file that does the equivalent operation of what your command
|
|
|
|
|
line operation does!
|
|
|
|
|
|
2007-01-24 20:35:43 -05:00
|
|
|
|
Dan F (24 January 2007)
|
|
|
|
|
- Fixed a dangling pointer problem that prevented the http_proxy environment
|
|
|
|
|
variable from being properly used in many cases (and caused test case 63
|
|
|
|
|
to fail).
|
|
|
|
|
|
2007-01-23 17:57:42 -05:00
|
|
|
|
Daniel (23 January 2007)
|
|
|
|
|
- David McCreedy did NTLM changes mainly for non-ASCII platforms:
|
|
|
|
|
|
|
|
|
|
#1
|
|
|
|
|
There's a compilation error in http_ntlm.c if USE_NTLM2SESSION is NOT
|
|
|
|
|
defined. I noticed this while testing various configurations. Line 867 of
|
|
|
|
|
the current http_ntlm.c is a closing bracket for an if/else pair that only
|
|
|
|
|
gets compiled in if USE_NTLM2SESSION is defined. But this closing bracket
|
|
|
|
|
wasn't in an #ifdef so the code fails to compile unless USE_NTLM2SESSION was
|
|
|
|
|
defined. Lines 198 and 140 of my patch wraps that closing bracket in an
|
|
|
|
|
#ifdef USE_NTLM2SESSION.
|
|
|
|
|
|
|
|
|
|
#2
|
|
|
|
|
I noticed several picky compiler warnings when DEBUG_ME is defined. I've
|
|
|
|
|
fixed them with casting. By the way, DEBUG_ME was a huge help in
|
|
|
|
|
understanding this code.
|
|
|
|
|
|
|
|
|
|
#3
|
|
|
|
|
Hopefully the last non-ASCII conversion patch for libcurl in a while. I
|
|
|
|
|
changed the "NTLMSSP" literal to hex since this signature must always be in
|
|
|
|
|
ASCII.
|
|
|
|
|
|
|
|
|
|
Conversion code was strategically added where necessary. And the
|
|
|
|
|
Curl_base64_encode calls were changed so the binary "blobs" http_ntlm.c
|
|
|
|
|
creates are NOT translated on non-ASCII platforms.
|
|
|
|
|
|
2007-01-22 21:25:56 -05:00
|
|
|
|
Dan F (22 January 2007)
|
|
|
|
|
- Converted (most of) the test data files into genuine XML. A handful still
|
|
|
|
|
are not, due mainly to the lack of support for XML character entities
|
|
|
|
|
(e.g. & => & ). This will make it easier to validate test files using
|
|
|
|
|
tools like xmllint, as well as to edit and view them using XML tools.
|
|
|
|
|
|
2007-01-16 17:22:10 -05:00
|
|
|
|
Daniel (16 January 2007)
|
|
|
|
|
- Armel Asselin improved libcurl to behave a lot better when an easy handle
|
|
|
|
|
doing an FTP transfer is removed from a multi handle before completion. The
|
|
|
|
|
fix also fixed the "alive counter" to be correct on "premature removal" for
|
|
|
|
|
all protocols.
|
|
|
|
|
|
2007-01-16 13:33:25 -05:00
|
|
|
|
Dan F (16 January 2007)
|
|
|
|
|
- Fixed a small memory leak in tftp uploads discovered by curl's memory leak
|
|
|
|
|
detector. Also changed tftp downloads to URL-unescape the downloaded
|
|
|
|
|
file name.
|
|
|
|
|
|
2007-01-13 18:33:50 -05:00
|
|
|
|
Daniel (14 January 2007)
|
2007-01-14 09:57:51 -05:00
|
|
|
|
- David McCreedy provided libcurl changes for doing HTTP communication on
|
|
|
|
|
non-ASCII platforms. It does add some complexity, most notably with more
|
|
|
|
|
#ifdefs, but I want to see this supported added and I can't see how we can
|
|
|
|
|
add it without the extra stuff added.
|
|
|
|
|
|
2007-01-13 18:33:50 -05:00
|
|
|
|
- Setting CURLOPT_COOKIELIST to "ALL" when no cookies at all was present,
|
|
|
|
|
libcurl would crash when trying to read a NULL pointer.
|
|
|
|
|
|
|
|
|
|
Daniel (12 January 2007)
|
|
|
|
|
- Toby Peterson found a nasty bug that prevented (lib)curl from properly
|
|
|
|
|
downloading (most) things that were larger than 4GB on 32 bit systems. Matt
|
|
|
|
|
Witherspoon helped as narrow down the problem.
|
|
|
|
|
|
2007-01-05 18:11:14 -05:00
|
|
|
|
Daniel (5 January 2007)
|
|
|
|
|
- Linus Nielsen Feltzing introduced the --ftp-ssl-ccc command line option to
|
|
|
|
|
curl that uses the new CURLOPT_FTP_SSL_CCC option in libcurl. If enabled, it
|
|
|
|
|
will make libcurl shutdown SSL/TLS after the authentication is done on a
|
|
|
|
|
FTP-SSL operation.
|
|
|
|
|
|
2007-01-03 18:04:38 -05:00
|
|
|
|
Daniel (4 January 2007)
|
|
|
|
|
- David McCreedy made changes to allow base64 encoding/decoding to work on
|
|
|
|
|
non-ASCII platforms.
|
|
|
|
|
|
2007-01-03 17:18:38 -05:00
|
|
|
|
Daniel (3 January 2007)
|
|
|
|
|
- Matt Witherspoon fixed the flaw which made libcurl 7.16.0 always store
|
|
|
|
|
downloaded data in two buffers, just to be able to deal with a special HTTP
|
|
|
|
|
pipelining case. That is now only activated for pipelined transfers. In
|
|
|
|
|
Matt's case, it showed as a considerable performance difference,
|
|
|
|
|
|
2007-01-02 07:14:21 -05:00
|
|
|
|
Daniel (2 January 2007)
|
2007-01-02 17:34:56 -05:00
|
|
|
|
- Victor Snezhko helped us fix bug report #1603712
|
|
|
|
|
(http://curl.haxx.se/bug/view.cgi?id=1603712) (known bug #36) --limit-rate
|
|
|
|
|
(CURLOPT_MAX_SEND_SPEED_LARGE and CURLOPT_MAX_RECV_SPEED_LARGE) are broken
|
|
|
|
|
on Windows (since 7.16.0, but that's when they were introduced as previous
|
|
|
|
|
to that the limiting logic was made in the application only and not in the
|
|
|
|
|
library). It was actually also broken on select()-based systems (as apposed
|
|
|
|
|
to poll()) but we haven't had any such reports. We now use select(), Sleep()
|
|
|
|
|
or delay() properly to sleep a while without waiting for anything input or
|
|
|
|
|
output when the rate limiting is activated with the easy interface.
|
|
|
|
|
|
2007-01-02 07:14:21 -05:00
|
|
|
|
- Modified libcurl.pc.in to use Libs.private for the libs libcurl itself needs
|
|
|
|
|
to get built static. It has been mentioned before and was again brought to
|
|
|
|
|
our attention by Nathanael Nerode who filed debian bug report #405226
|
|
|
|
|
(http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=405226).
|
|
|
|
|
|
2006-12-29 06:32:14 -05:00
|
|
|
|
Daniel (29 December 2006)
|
|
|
|
|
- Make curl_easy_duphandle() set the magic number in the new handle.
|
|
|
|
|
|
2006-12-22 02:30:21 -05:00
|
|
|
|
Daniel (22 December 2006)
|
2006-12-22 10:04:59 -05:00
|
|
|
|
- Robert Foreman provided a prime example snippet showing how libcurl would
|
|
|
|
|
get confused and not acknowledge the 'no_proxy' variable properly once it
|
|
|
|
|
had used the proxy and you re-used the same easy handle. I made sure the
|
|
|
|
|
proxy name is properly stored in the connect struct rather than the
|
|
|
|
|
sessionhandle/easy struct.
|
|
|
|
|
|
2006-12-22 08:30:54 -05:00
|
|
|
|
- David McCreedy fixed a bad call to getsockname() that wrongly used a size_t
|
|
|
|
|
variable to point to when it should be a socklen_t.
|
|
|
|
|
|
2006-12-22 02:30:21 -05:00
|
|
|
|
- When setting a proxy with environment variables and (for example) running
|
|
|
|
|
'curl [URL]' with a URL without a protocol prefix, curl would not send a
|
|
|
|
|
correct request as it failed to add the protocol prefix.
|
|
|
|
|
|
2006-12-21 05:15:38 -05:00
|
|
|
|
Daniel (21 December 2006)
|
|
|
|
|
- Robson Braga Araujo reported bug #1618359
|
|
|
|
|
(http://curl.haxx.se/bug/view.cgi?id=1618359) and subsequently provided a
|
|
|
|
|
patch for it: when downloading 2 zero byte files in a row, curl 7.16.0
|
|
|
|
|
enters an infinite loop, while curl 7.16.1-20061218 does one additional
|
|
|
|
|
unnecessary request.
|
|
|
|
|
|
|
|
|
|
Fix: During the "Major overhaul introducing http pipelining support and
|
|
|
|
|
shared connection cache within the multi handle." change, headerbytecount
|
|
|
|
|
was moved to live in the Curl_transfer_keeper structure. But that structure
|
|
|
|
|
is reset in the Transfer method, losing the information that we had about
|
|
|
|
|
the header size. This patch moves it back to the connectdata struct.
|
|
|
|
|
|
2006-12-16 16:33:51 -05:00
|
|
|
|
Daniel (16 December 2006)
|
|
|
|
|
- Brendan Jurd provided a fix that now prevents libcurl from getting a SIGPIPE
|
|
|
|
|
during certain conditions when GnuTLS is used.
|
|
|
|
|
|
2006-12-11 04:32:58 -05:00
|
|
|
|
Daniel (11 December 2006)
|
|
|
|
|
- Alexey Simak found out that when doing FTP with the multi interface and
|
|
|
|
|
something went wrong like it got a bad response code back from the server,
|
|
|
|
|
libcurl would leak memory. Added test case 538 to verify the fix.
|
|
|
|
|
|
|
|
|
|
I also noted that the connection would get cached in that case, which
|
|
|
|
|
doesn't make sense since it cannot be re-use when the authentication has
|
|
|
|
|
failed. I fixed that issue too at the same time, and also that the path
|
|
|
|
|
would be "remembered" in vain for cases where the connection was about to
|
|
|
|
|
get closed.
|
|
|
|
|
|
2006-12-06 04:37:40 -05:00
|
|
|
|
Daniel (6 December 2006)
|
|
|
|
|
- Sebastien Willemijns reported bug #1603712
|
|
|
|
|
(http://curl.haxx.se/bug/view.cgi?id=1603712) which is about connections
|
|
|
|
|
getting cut off prematurely when --limit-rate is used. While I found no such
|
|
|
|
|
problems in my tests nor in my reading of the code, I found that the
|
|
|
|
|
--limit-rate code was severly flawed (since it was moved into the lib, since
|
|
|
|
|
7.15.5) when used with the easy interface and it didn't work as documented
|
|
|
|
|
so I reworked it somewhat and now it works for my tests.
|
|
|
|
|
|
2006-12-05 08:37:05 -05:00
|
|
|
|
Daniel (5 December 2006)
|
2006-12-05 16:40:14 -05:00
|
|
|
|
- Stefan Krause pointed out a compiler warning with a picky MSCV compiler when
|
|
|
|
|
passing a curl_off_t argument to the Curl_read_rewind() function which takes
|
|
|
|
|
an size_t argument. Curl_read_rewind() also had debug code left in it and it
|
|
|
|
|
was put in a different source file with no good reason when only used from
|
|
|
|
|
one single spot.
|
|
|
|
|
|
2006-12-05 11:04:01 -05:00
|
|
|
|
- Sh Diao reported that CURLOPT_CLOSEPOLICY doesn't work, and indeed, there is
|
|
|
|
|
no code present in the library that receives the option. Since it was not
|
|
|
|
|
possible to use, we know that no current users exist and thus we simply
|
|
|
|
|
removed it from the docs and made the code always use the default path of
|
|
|
|
|
the code.
|
|
|
|
|
|
2006-12-05 10:36:26 -05:00
|
|
|
|
- Jared Lundell filed bug report #1604956
|
|
|
|
|
(http://curl.haxx.se/bug/view.cgi?id=1604956) which identified setting
|
|
|
|
|
CURLOPT_MAXCONNECTS to zero caused libcurl to SIGSEGV. Starting now, libcurl
|
|
|
|
|
will always internally use no less than 1 entry in the connection cache.
|
|
|
|
|
|
2006-12-05 10:17:32 -05:00
|
|
|
|
- Sh Diao reported that CURLOPT_FORBID_REUSE no works, and indeed it broke in
|
|
|
|
|
the 7.16.0 release.
|
|
|
|
|
|
2006-12-05 09:57:43 -05:00
|
|
|
|
- Martin Skinner brought back bug report #1230118 to haunt us once again.
|
|
|
|
|
(http://curl.haxx.se/bug/view.cgi?id=1230118) curl_getdate() did not work
|
|
|
|
|
properly for all input dates on Windows. It was mostly seen on some TZ time
|
|
|
|
|
zones using DST. Luckily, Martin also provided a fix.
|
|
|
|
|
|
2006-12-05 08:49:29 -05:00
|
|
|
|
- Alexey Simak filed bug report #1600447
|
|
|
|
|
(http://curl.haxx.se/bug/view.cgi?id=1600447) in which he noted that active
|
|
|
|
|
FTP connections don't work with the multi interface. The problem is here
|
|
|
|
|
that the multi interface state machine has a state during which it can wait
|
|
|
|
|
for the data connection to connect, but the active connection is not done in
|
|
|
|
|
the same step in the sequence as the passive one is so it doesn't quite work
|
|
|
|
|
for active. The active FTP code still use a blocking function to allow the
|
|
|
|
|
remote server to connect.
|
|
|
|
|
|
|
|
|
|
The fix (work-around is a better word) for this problem is to set the
|
|
|
|
|
boolean prematurely that the data connection is completed, so that the "wait
|
|
|
|
|
for connect" phase ends at once.
|
|
|
|
|
|
|
|
|
|
The proper fix, left for the future, is of course to make the active FTP
|
|
|
|
|
case to act in a non-blocking way too.
|
|
|
|
|
|
2006-12-05 08:37:05 -05:00
|
|
|
|
- Matt Witherspoon fixed a problem case when the CPU load went to 100% when a
|
|
|
|
|
HTTP upload was disconnected:
|
|
|
|
|
|
|
|
|
|
"What appears to be happening is that my system (Linux 2.6.17 and 2.6.13) is
|
|
|
|
|
setting *only* POLLHUP on poll() when the conditions in my previous mail
|
|
|
|
|
occur. As you can see, select.c:Curl_select() does not check for POLLHUP. So
|
|
|
|
|
basically what was happening, is poll() was returning immediately (with
|
|
|
|
|
POLLHUP set), but when Curl_select() looked at the bits, neither POLLERR or
|
|
|
|
|
POLLOUT was set. This still caused Curl_readwrite() to be called, which
|
|
|
|
|
quickly returned. Then the transfer() loop kept continuing at full speed
|
|
|
|
|
forever."
|
|
|
|
|
|
2006-12-01 02:49:22 -05:00
|
|
|
|
Daniel (1 December 2006)
|
|
|
|
|
- Toon Verwaest reported that there are servers that send the Content-Range:
|
|
|
|
|
header in a third, not suppported by libcurl, format and we agreed that we
|
|
|
|
|
could make the parser more forgiving to accept all the three found
|
|
|
|
|
variations.
|
|
|
|
|
|
2006-11-25 08:32:04 -05:00
|
|
|
|
Daniel (25 November 2006)
|
|
|
|
|
- Venkat Akella found out that libcurl did not like HTTP responses that simply
|
|
|
|
|
responded with a single status line and no headers nor body. Starting now, a
|
|
|
|
|
HTTP response on a persistent connection (i.e not set to be closed after the
|
|
|
|
|
response has been taken care of) must have Content-Length or chunked
|
|
|
|
|
encoding set, or libcurl will simply assume that there is no body.
|
|
|
|
|
|
|
|
|
|
To my horror I learned that we had no less than 57(!) test cases that did bad
|
|
|
|
|
HTTP responses like this, and even the test http server (sws) responded badly
|
|
|
|
|
when queried by the test system if it is the test system. So although the
|
|
|
|
|
actual fix for the problem was tiny, going through all the newly failing test
|
|
|
|
|
cases got really painful and boring.
|
|
|
|
|
|
2006-11-24 17:14:39 -05:00
|
|
|
|
Daniel (24 November 2006)
|
|
|
|
|
- James Housley did lots of work and introduced SFTP downloads.
|
|
|
|
|
|
2006-11-13 12:29:07 -05:00
|
|
|
|
Daniel (13 November 2006)
|
|
|
|
|
- Ron in bug #1595348 (http://curl.haxx.se/bug/view.cgi?id=1595348) pointed
|
|
|
|
|
out a stack overwrite (and the corresponding fix) on 64bit Windows when
|
|
|
|
|
dealing with HTTP chunked encoding.
|
|
|
|
|
|
2006-11-09 16:36:18 -05:00
|
|
|
|
Daniel (9 November 2006)
|
2006-11-09 16:58:28 -05:00
|
|
|
|
- Nir Soffer updated libcurl.framework.make:
|
|
|
|
|
o fix symlinks, should link to Versions, not to ./Versions
|
|
|
|
|
o indentation improvments
|
|
|
|
|
|
2006-11-09 16:54:33 -05:00
|
|
|
|
- Dmitriy Sergeyev found a SIGSEGV with his test04.c example posted on 7 Nov
|
|
|
|
|
2006. It turned out we wrongly assumed that the connection cache was present
|
|
|
|
|
when tearing down a connection.
|
|
|
|
|
|
2006-11-09 16:36:18 -05:00
|
|
|
|
- Ciprian Badescu found a SIGSEGV when doing multiple TFTP transfers using the
|
|
|
|
|
multi interface, but I could also repeat it doing multiple sequential ones
|
|
|
|
|
with the easy interface. Using Ciprian's test case, I could fix it.
|
|
|
|
|
|
2006-11-08 16:49:14 -05:00
|
|
|
|
Daniel (8 November 2006)
|
|
|
|
|
- Bradford Bruce reported that when setting CURLOPT_DEBUGFUNCTION without
|
|
|
|
|
CURLOPT_VERBOSE set to non-zero, you still got a few debug messages from the
|
|
|
|
|
SSL handshake. This is now stopped.
|
|
|
|
|
|
2006-11-07 09:07:02 -05:00
|
|
|
|
Daniel (7 November 2006)
|
|
|
|
|
- Olaf fixed a leftover problem with the CONNECT fix of his that would leave a
|
|
|
|
|
wrong error message in the error message buffer.
|
|
|
|
|
|
2006-11-03 07:43:55 -05:00
|
|
|
|
Daniel (3 November 2006)
|
|
|
|
|
- Olaf Stueben provided a patch that I edited slightly. It fixes the notorious
|
|
|
|
|
KNOWN_BUGS #25, which happens when a proxy closes the connection when
|
|
|
|
|
libcurl has sent CONNECT, as part of an authentication negotiation. Starting
|
|
|
|
|
now, libcurl will re-connect accordingly and continue the authentication as
|
|
|
|
|
it should.
|
|
|
|
|
|
2006-11-02 16:56:40 -05:00
|
|
|
|
Daniel (2 November 2006)
|
|
|
|
|
- James Housley brought support for SCP transfers, based on the libssh2 library
|
|
|
|
|
for the actual network protocol stuff.
|
|
|
|
|
|
2006-11-02 17:10:18 -05:00
|
|
|
|
Added these new curl_easy_setopt() options:
|
|
|
|
|
|
|
|
|
|
CURLOPT_SSH_AUTH_TYPES
|
|
|
|
|
CURLOPT_SSH_PUBLIC_KEYFILE
|
|
|
|
|
CURLOPT_SSH_PRIVATE_KEYFILE
|
|
|
|
|
|
2006-10-29 18:03:14 -05:00
|
|
|
|
Version 7.16.0 (30 October 2006)
|
|
|
|
|
|
2006-10-25 16:40:14 -04:00
|
|
|
|
Daniel (25 October 2006)
|
|
|
|
|
- Fixed CURLOPT_FAILONERROR to return CURLE_HTTP_RETURNED_ERROR even for the
|
|
|
|
|
case when 401 or 407 are returned, *IF* no auth credentials have been given.
|
|
|
|
|
The CURLOPT_FAILONERROR option is not possible to make fool-proof for 401
|
|
|
|
|
and 407 cases when auth credentials is given, but we've now covered this
|
|
|
|
|
somewhat more.
|
|
|
|
|
|
|
|
|
|
You might get some amounts of headers transferred before this situation is
|
|
|
|
|
detected, like for when a "100-continue" is received as a response to a
|
|
|
|
|
POST/PUT and a 401 or 407 is received immediately afterwards.
|
|
|
|
|
|
|
|
|
|
Added test 281 to verify this change.
|
|
|
|
|
|
2006-10-23 16:34:56 -04:00
|
|
|
|
Daniel (23 October 2006)
|
|
|
|
|
- Ravi Pratap provided a major update with pipelining fixes. We also no longer
|
|
|
|
|
re-use connections (for pipelining) before the name resolving is done.
|
|
|
|
|
|
2006-10-21 07:32:05 -04:00
|
|
|
|
Daniel (21 October 2006)
|
2006-10-21 07:40:04 -04:00
|
|
|
|
- Nir Soffer made the tests/libtest/Makefile.am use a proper variable for all
|
|
|
|
|
the single test applications' link and dependences, so that you easier can
|
|
|
|
|
override those from the command line when using make.
|
|
|
|
|
|
2006-10-21 07:32:05 -04:00
|
|
|
|
- Armel Asselin separated CA cert verification problems from problems with
|
|
|
|
|
reading the (local) CA cert file to let users easier pinpoint the actual
|
|
|
|
|
problem. CURLE_SSL_CACERT_BADFILE (77) is the new libcurl error code.
|
|
|
|
|
|
2006-10-18 07:13:56 -04:00
|
|
|
|
Daniel (18 October 2006)
|
|
|
|
|
- Removed the "protocol-guessing" for URLs with host names starting with FTPS
|
|
|
|
|
or TELNET since they are practically non-existant. This leaves us with only
|
|
|
|
|
three different prefixes that would assume the protocol is anything but
|
|
|
|
|
HTTP, and they are host names starting with "ftp.", "dict." or "ldap.".
|
|
|
|
|
|
|
|
|
|
Daniel (17 October 2006)
|
|
|
|
|
- Bug report #1579171 pointed out code flaws detected with "prefast", and they
|
|
|
|
|
were 1 - a too small memory clear with memset() in the threaded resolver and
|
|
|
|
|
2 - a range of potentially bad uses of the ctype family of is*() functions
|
|
|
|
|
such as isdigit(), isalnum(), isprint() and more. The latter made me switch
|
|
|
|
|
to using our own set of these functions/macros using uppercase letters, and
|
|
|
|
|
with some extra set of crazy typecasts to avoid mistakingly passing in
|
|
|
|
|
negative numbers to the underlying is*() functions.
|
|
|
|
|
|
|
|
|
|
- With Jeff Pohlmeyer's help, I fixed the expire timer when using
|
|
|
|
|
curl_multi_socket() during name resolves with c-ares and the LOW_SPEED
|
|
|
|
|
options now work fine with curl_multi_socket() as well.
|
|
|
|
|
|
2006-10-16 04:30:54 -04:00
|
|
|
|
Daniel (16 October 2006)
|
|
|
|
|
- Added a check in configure that simply tries to run a program (not when
|
|
|
|
|
cross-compiling) in order to detect problems with run-time libraries that
|
|
|
|
|
otherwise would occur when the sizeof tests for curl_off_t would run and
|
|
|
|
|
thus be much more confusing to users. The check of course should run after
|
|
|
|
|
all lib-checks are done and before any other test is used that would run an
|
|
|
|
|
executable built for testing-purposes.
|
|
|
|
|
|
2006-10-13 17:02:27 -04:00
|
|
|
|
Dan F (13 October 2006)
|
|
|
|
|
- The tagging of application/x-www-form-urlencoded POST body data sent
|
|
|
|
|
to the CURLOPT_DEBUGFUNCTION callback has been fixed (it was erroneously
|
|
|
|
|
included as part of the header). A message was also added to the
|
|
|
|
|
command line tool to show when data is being sent, enabled when
|
|
|
|
|
--verbose is used.
|
|
|
|
|
|
2006-10-12 04:36:47 -04:00
|
|
|
|
Daniel (12 October 2006)
|
2006-10-12 10:30:47 -04:00
|
|
|
|
- Starting now, adding an easy handle to a multi stack that was already added
|
|
|
|
|
to a multi stack will cause CURLM_BAD_EASY_HANDLE to get returned.
|
|
|
|
|
|
2006-10-12 04:36:47 -04:00
|
|
|
|
- Jeff Pohlmeyer has been working with the hiperfifo.c example source code,
|
|
|
|
|
and while doing so it became apparent that the current timeout system for
|
|
|
|
|
the socket API really was a bit awkward since it become quite some work to
|
|
|
|
|
be sure we have the correct timeout set.
|
|
|
|
|
|
|
|
|
|
Jeff then provided the new CURLMOPT_TIMERFUNCTION that is yet another
|
|
|
|
|
callback the app can set to get to know when the general timeout time
|
|
|
|
|
changes and thus for an application like hiperfifo.c it makes everything a
|
|
|
|
|
lot easier and nicer. There's a CURLMOPT_TIMERDATA option too of course in
|
|
|
|
|
good old libcurl tradition.
|
|
|
|
|
|
|
|
|
|
Jeff has also updated the hiperfifo.c example code to use this news.
|
|
|
|
|
|
2006-10-09 02:58:05 -04:00
|
|
|
|
Daniel (9 October 2006)
|
|
|
|
|
- Bogdan Nicula's second test case (posted Sun, 08 Oct 2006) converted to test
|
|
|
|
|
case 535 and it now runs fine. Again a problem with the pipelining code not
|
|
|
|
|
taking all possible (error) conditions into account.
|
|
|
|
|
|
2006-10-06 17:19:57 -04:00
|
|
|
|
Daniel (6 October 2006)
|
2006-10-09 02:58:05 -04:00
|
|
|
|
- Bogdan Nicula's hanging test case (posted Wed, 04 Oct 2006) was converted to
|
|
|
|
|
test case 533 and the test now runs fine.
|
2006-10-06 17:19:57 -04:00
|
|
|
|
|
2006-10-04 17:11:08 -04:00
|
|
|
|
Daniel (4 October 2006)
|
|
|
|
|
- Dmitriy Sergeyev provided an example source code that crashed CVS libcurl
|
|
|
|
|
but that worked nicely in 7.15.5. I converted it into test case 532 and
|
|
|
|
|
fixed the problem.
|
|
|
|
|
|
2006-09-30 16:31:11 -04:00
|
|
|
|
Daniel (29 September 2006)
|
|
|
|
|
- Removed a few other no-longer present options from the header file.
|
|
|
|
|
|
|
|
|
|
- Support for FTP third party transfers was removed. Here's why:
|
|
|
|
|
|
|
|
|
|
o The recent multi interface changes broke it and the design of the 3rd party
|
|
|
|
|
transfers made it very hard to fix the problems
|
|
|
|
|
o It was still blocking and thus nasty for the multi interface
|
|
|
|
|
o It was a lot of extra code for a very rarely used feature
|
|
|
|
|
o It didn't use the same code as for "plain" FTP transfers, so it didn't work
|
|
|
|
|
fine for IPv6 and it didn't properly re-use connections and more
|
|
|
|
|
o There's nobody around who's willing to work on and improve the existing
|
|
|
|
|
code
|
|
|
|
|
|
|
|
|
|
This does not mean that third party transfers are banned forever, only that
|
|
|
|
|
they need to be done better if they are to be re-added in the future.
|
|
|
|
|
|
|
|
|
|
The CURLOPT_SOURCE_* options are removed from the lib and so are the --3p*
|
|
|
|
|
options from the command line tool. For this reason, I also bumped the
|
|
|
|
|
version info for the lib.
|
|
|
|
|
|
2006-09-28 17:26:06 -04:00
|
|
|
|
Daniel (28 September 2006)
|
|
|
|
|
- Reported in #1561470 (http://curl.haxx.se/bug/view.cgi?id=1561470), libcurl
|
|
|
|
|
would crash if a bad function sequence was used when shutting down after
|
|
|
|
|
using the multi interface (i.e using easy_cleanup after multi_cleanup) so
|
|
|
|
|
precautions have been added to make sure it doesn't any more - test case 529
|
|
|
|
|
was added to verify.
|
|
|
|
|
|
|
|
|
|
Daniel (27 September 2006)
|
|
|
|
|
- The URL in the cookie jar file is now changed since it was giving a 404.
|
|
|
|
|
Reported by Timothy Stone. The new URL will take the visitor to a curl web
|
|
|
|
|
site mirror with the document.
|
|
|
|
|
|
2006-09-24 06:41:00 -04:00
|
|
|
|
Daniel (24 September 2006)
|
2006-09-24 18:03:01 -04:00
|
|
|
|
- Bernard Leak fixed configure --with-gssapi-libs.
|
|
|
|
|
|
2006-09-24 06:41:00 -04:00
|
|
|
|
- Cory Nelson made libcurl use the WSAPoll() function if built for Windows
|
|
|
|
|
Vista (_WIN32_WINNT >= 0x0600)
|
|
|
|
|
|
2006-09-23 15:07:20 -04:00
|
|
|
|
Daniel (23 September 2006)
|
2006-09-23 15:37:23 -04:00
|
|
|
|
- Mike Protts added --ftp-ssl-control to make curl use FTP-SSL, but only
|
|
|
|
|
encrypt the control connection and use the data connection "plain".
|
|
|
|
|
|
2006-09-23 15:07:20 -04:00
|
|
|
|
- Dmitriy Sergeyev provided a patch that made the SOCKS[45] code work better
|
|
|
|
|
as it now will read the full data sent from servers. The SOCKS-related code
|
|
|
|
|
was also moved to the new lib/socks.c source file.
|
|
|
|
|
|
2006-09-21 16:52:58 -04:00
|
|
|
|
Daniel (21 September 2006)
|
|
|
|
|
- Added test case 531 in an attempt to repeat bug report #1561470
|
|
|
|
|
(http://curl.haxx.se/bug/view.cgi?id=1561470) that is said to crash when an
|
|
|
|
|
FTP upload fails with the multi interface. It did not, but I made a failed
|
|
|
|
|
upload still assume the control connection to be fine.
|
|
|
|
|
|
2006-09-20 17:49:41 -04:00
|
|
|
|
Daniel (20 September 2006)
|
|
|
|
|
- Armel Asselin fixed problems when you gave a proxy URL with user name and
|
|
|
|
|
empty password or no password at all. Test case 278 and 279 were added to
|
|
|
|
|
verify.
|
|
|
|
|
|
2006-09-12 07:31:34 -04:00
|
|
|
|
Daniel (12 September 2006)
|
|
|
|
|
- Added docs/examples/10-at-a-time.c by Michael Wallner
|
|
|
|
|
|
|
|
|
|
- Added docs/examples/hiperfifo.c by Jeff Pohlmeyer
|
|
|
|
|
|
2006-09-10 18:15:57 -04:00
|
|
|
|
Daniel (11 September 2006)
|
2006-09-11 13:18:18 -04:00
|
|
|
|
- Fixed my breakage from earlier today so that doing curl_easy_cleanup() on a
|
|
|
|
|
handle that is part of a multi handle first removes the handle from the
|
|
|
|
|
stack.
|
|
|
|
|
|
|
|
|
|
- Added CURLOPT_SSL_SESSIONID_CACHE and --no-sessionid to disable SSL
|
|
|
|
|
session-ID re-use on demand since there obviously are broken servers out
|
|
|
|
|
there that misbehave with session-IDs used.
|
|
|
|
|
|
2006-09-10 18:15:57 -04:00
|
|
|
|
- Jeff Pohlmeyer presented a *multi_socket()-using program that exposed a
|
|
|
|
|
problem with it (SIGSEGV-style). It clearly showed that the existing
|
|
|
|
|
socket-state and state-difference function wasn't good enough so I rewrote
|
|
|
|
|
it and could then re-run Jeff's program without any crash. The previous
|
|
|
|
|
version clearly could miss to tell the application when a handle changed
|
|
|
|
|
from using one socket to using another.
|
|
|
|
|
|
|
|
|
|
While I was at it (as I could use this as a means to track this problem
|
|
|
|
|
down), I've now added a 'magic' number to the easy handle struct that is
|
|
|
|
|
inited at curl_easy_init() time and cleared at curl_easy_cleanup() time that
|
|
|
|
|
we can use internally to detect that an easy handle seems to be fine, or at
|
|
|
|
|
least not closed or freed (freeing in debug builds fill the area with 0x13
|
|
|
|
|
bytes but in normal builds we can of course not assume any particular data
|
|
|
|
|
in the freed areas).
|
|
|
|
|
|
2006-09-08 18:17:39 -04:00
|
|
|
|
Daniel (9 September 2006)
|
2006-09-09 07:45:27 -04:00
|
|
|
|
- Michele Bini fixed how the hostname is put in NTLM packages. As servers
|
|
|
|
|
don't expect fully qualified names we need to cut them off at the first dot.
|
|
|
|
|
|
2006-09-08 18:17:39 -04:00
|
|
|
|
- Peter Sylvester cleaned up and fixed the getsockname() uses in ftp.c. Some
|
|
|
|
|
of them can be completetly removed though...
|
|
|
|
|
|
2006-09-07 17:49:20 -04:00
|
|
|
|
Daniel (6 September 2006)
|
|
|
|
|
- Ravi Pratap and I have implemented HTTP Pipelining support. Enable it for a
|
|
|
|
|
multi handle using CURLMOPT_PIPELINING and all HTTP connections done on that
|
|
|
|
|
handle will be attempted to get pipelined instead of done in parallell as
|
|
|
|
|
they are performed otherwise.
|
2006-08-30 08:10:30 -04:00
|
|
|
|
|
2006-09-07 17:49:20 -04:00
|
|
|
|
As a side-effect from this work, connections are now shared between all easy
|
|
|
|
|
handles within a multi handle, so if you use N easy handles for transfers,
|
|
|
|
|
each of them can pick up and re-use a connection that was previously used by
|
|
|
|
|
any of the handles, be it the same or one of the others.
|
|
|
|
|
|
|
|
|
|
This separation of the tight relationship between connections and easy
|
|
|
|
|
handles is most noticable when you close easy handles that have been used in
|
|
|
|
|
a multi handle and check amount of used memory or watch the debug output, as
|
|
|
|
|
there are times when libcurl will keep the easy handle around for a while
|
|
|
|
|
longer to be able to close it properly. Like for sending QUIT to close down
|
|
|
|
|
an FTP connection.
|
|
|
|
|
|
|
|
|
|
This is a major change.
|
|
|
|
|
|
2006-09-03 18:52:42 -04:00
|
|
|
|
Daniel (4 September 2006)
|
2006-09-04 02:17:55 -04:00
|
|
|
|
- Dmitry Rechkin (http://curl.haxx.se/bug/view.cgi?id=1551412) provided a
|
|
|
|
|
patch that while not fixing things very nicely, it does make the SOCKS5
|
|
|
|
|
proxy connection slightly better as it now acknowledges the timeout for
|
|
|
|
|
connection and it no longer segfaults in the case when SOCKS requires
|
|
|
|
|
authentication and you did not specify username:password.
|
2006-09-03 18:52:42 -04:00
|
|
|
|
|
2006-08-31 08:53:39 -04:00
|
|
|
|
Daniel (31 August 2006)
|
|
|
|
|
- Dmitriy Sergeyev found and fixed a multi interface flaw when using asynch
|
|
|
|
|
name resolves. It could get stuck in the wrong state.
|
|
|
|
|
|
2006-08-30 08:10:30 -04:00
|
|
|
|
Gisle (29 August 2006)
|
|
|
|
|
- Added support for other MS-DOS compilers (desides djgpp). All MS-DOS
|
|
|
|
|
compiler now uses the same config.dos file (renamed to config.h by
|
|
|
|
|
make). libcurl now builds fine using Watcom and Metaware's High-C
|
|
|
|
|
using the Watt-32 tcp/ip-stack.
|
|
|
|
|
|
2006-08-29 10:39:33 -04:00
|
|
|
|
Daniel (29 August 2006)
|
|
|
|
|
- David McCreedy added CURLOPT_SOCKOPTFUNCTION and CURLOPT_SOCKOPTDATA to
|
|
|
|
|
allow applications to set their own socket options.
|
|
|
|
|
|
2006-08-25 09:53:20 -04:00
|
|
|
|
Daniel (25 August 2006)
|
|
|
|
|
- Armel Asselin reported that the 'running_handles' counter wasn't updated
|
|
|
|
|
properly if you removed a "live" handle from a multi handle with
|
|
|
|
|
curl_multi_remove_handle().
|
|
|
|
|
|
2006-08-22 17:21:01 -04:00
|
|
|
|
Daniel (22 August 2006)
|
2006-08-22 17:23:25 -04:00
|
|
|
|
- David McCreedy fixed a remaining mistake from the August 19 TYPE change.
|
|
|
|
|
|
2006-08-22 17:21:01 -04:00
|
|
|
|
- Peter Sylvester pointed out a flaw in the AllowServerConnect() in the FTP
|
|
|
|
|
code when doing pure ipv6 EPRT connections.
|
|
|
|
|
|
2006-08-18 18:54:57 -04:00
|
|
|
|
Daniel (19 August 2006)
|
2006-08-19 17:18:36 -04:00
|
|
|
|
- Based on a patch by Armel Asselin, the FTP code no longer re-issues the TYPE
|
|
|
|
|
command on subsequent requests on a re-used connection unless it has to.
|
|
|
|
|
|
2006-08-18 19:17:33 -04:00
|
|
|
|
- Armel Asselin fixed a crash in the FTP code when using SINGLECWD mode and
|
|
|
|
|
files in the root directory.
|
|
|
|
|
|
2006-08-18 18:54:57 -04:00
|
|
|
|
- Andrew Biggs pointed out a "Expect: 100-continue" flaw where libcurl didn't
|
|
|
|
|
send the whole request at once, even though the Expect: header was disabled
|
|
|
|
|
by the application. An effect of this change is also that small (< 1024
|
|
|
|
|
bytes) POSTs are now always sent without Expect: header since we deem it
|
|
|
|
|
more costly to bother about that than the risk that we send the data in
|
|
|
|
|
vain.
|
|
|
|
|
|
2006-08-08 18:56:46 -04:00
|
|
|
|
Daniel (9 August 2006)
|
|
|
|
|
- Armel Asselin made the CURLOPT_PREQUOTE option work fine even when
|
|
|
|
|
CURLOPT_NOBODY is set true. PREQUOTE is then run roughly at the same place
|
|
|
|
|
in the command sequence as it would have run if there would've been a
|
|
|
|
|
transfer.
|
|
|
|
|
|
2006-08-08 17:12:49 -04:00
|
|
|
|
Daniel (8 August 2006)
|
2006-08-18 18:54:57 -04:00
|
|
|
|
- Fixed a flaw in the "Expect: 100-continue" treatment. If you did two POSTs
|
2006-08-08 17:12:49 -04:00
|
|
|
|
on a persistent connection and allowed the first to use that header, you
|
|
|
|
|
could not disable it for the second request.
|
|
|
|
|
|
|
|
|
|
Daniel (7 August 2006)
|
|
|
|
|
- Domenico Andreolfound a quick build error which happened because
|
|
|
|
|
src/config.h.in was not a proper duplcate of lib/config.h.in which it
|
|
|
|
|
should've been and this was due to the maketgz script not doing the cp
|
|
|
|
|
properly.
|
|
|
|
|
|
2006-08-07 02:32:35 -04:00
|
|
|
|
Version 7.15.5 (7 August 2006)
|
|
|
|
|
|
2006-08-02 14:18:47 -04:00
|
|
|
|
Daniel (2 August 2006)
|
|
|
|
|
- Mark Lentczner fixed how libcurl was not properly doing chunked encoding
|
|
|
|
|
if the header "Transfer-Encoding: chunked" was set by the application.
|
|
|
|
|
http://curl.haxx.se/bug/view.cgi?id=1531838
|
|
|
|
|
|
2006-08-01 05:39:01 -04:00
|
|
|
|
Daniel (1 August 2006)
|
|
|
|
|
- Maciej Karpiuk fixed a crash that would occur if we passed Curl_strerror()
|
|
|
|
|
an unknown error number on glibc systems.
|
|
|
|
|
http://curl.haxx.se/bug/view.cgi?id=1532289
|
|
|
|
|
|
2006-07-30 18:44:07 -04:00
|
|
|
|
Daniel (31 July 2006)
|
2006-08-01 05:39:01 -04:00
|
|
|
|
- *ALERT* curl_multi_socket() and curl_multi_socket_all() got modified
|
2006-07-30 18:44:07 -04:00
|
|
|
|
prototypes: they both now provide the number of running handles back to the
|
|
|
|
|
calling function. It makes the functions resemble the good old
|
|
|
|
|
curl_multi_perform() more and provides a nice way to know when the multi
|
|
|
|
|
handle goes empty.
|
|
|
|
|
|
|
|
|
|
ALERT2: don't use the curl_multi_socket*() functionality in anything
|
|
|
|
|
production-like until I say it's somewhat settled, as I suspect there might
|
|
|
|
|
be some further API changes before I'm done...
|
|
|
|
|
|
2006-07-27 18:35:09 -04:00
|
|
|
|
Daniel (28 July 2006)
|
|
|
|
|
- Yves Lejeune fixed so that replacing Content-Type: when doing multipart
|
|
|
|
|
formposts work exactly the way you want it (and the way you'd assume it
|
|
|
|
|
works).
|
|
|
|
|
|
2006-07-26 18:19:42 -04:00
|
|
|
|
Daniel (27 July 2006)
|
2006-07-26 19:20:47 -04:00
|
|
|
|
- David McCreedy added --ftp-ssl-reqd which makes curl *require* SSL for both
|
|
|
|
|
control and data connection, as the existing --ftp-ssl option only requests
|
|
|
|
|
it.
|
|
|
|
|
|
2006-07-26 18:19:42 -04:00
|
|
|
|
- [Hiper-related work] Added a function called curl_multi_assign() that will
|
|
|
|
|
set a private pointer added to the internal libcurl hash table for the
|
|
|
|
|
particular socket passed in to this function:
|
|
|
|
|
|
|
|
|
|
CURLMcode curl_multi_assign(CURLM *multi_handle,
|
|
|
|
|
curl_socket_t sockfd,
|
|
|
|
|
void *sockp);
|
|
|
|
|
|
|
|
|
|
'sockp' being a custom pointer set by the application to be associated with
|
|
|
|
|
this socket. The socket has to be already existing and in-use by libcurl,
|
|
|
|
|
like having already called the callback telling about its existance.
|
|
|
|
|
|
|
|
|
|
The set hashp pointer will then be passed on to the callback in upcoming
|
|
|
|
|
calls when this same socket is used (in the brand new 'socketp' argument).
|
|
|
|
|
|
2006-07-25 18:06:42 -04:00
|
|
|
|
Daniel (26 July 2006)
|
2006-07-25 18:45:21 -04:00
|
|
|
|
- Dan Nelson added the CURLOPT_FTP_ALTERNATIVE_TO_USER libcurl option and curl
|
|
|
|
|
tool option named --ftp-alternative-to-user. It provides a mean to send a
|
|
|
|
|
particular command if the normal USER/PASS approach fails.
|
|
|
|
|
|
2006-07-25 18:06:42 -04:00
|
|
|
|
- Michael Jerris added magic that builds lib/curllib.vcproj automatically for
|
|
|
|
|
newer MSVC.
|
|
|
|
|
|
2006-07-25 14:38:51 -04:00
|
|
|
|
Daniel (25 July 2006)
|
|
|
|
|
- Georg Horn made the transfer timeout error message include more details.
|
|
|
|
|
|
2006-07-20 16:04:52 -04:00
|
|
|
|
Daniel (20 July 2006)
|
|
|
|
|
- David McCreedy fixed a build error when building libcurl with HTTP disabled,
|
|
|
|
|
problem added with the curl_formget() patch.
|
|
|
|
|
|
2006-07-17 14:35:58 -04:00
|
|
|
|
Daniel (17 July 2006)
|
|
|
|
|
- Jari Sundell did some excellent research and bug tracking, figured out that
|
|
|
|
|
we did wrong and patched it: When nodes were removed from the splay tree,
|
|
|
|
|
and we didn't properly remove it from the splay tree when an easy handle was
|
|
|
|
|
removed from a multi stack and thus we could wrongly leave a node in the
|
|
|
|
|
splay tree pointing to (bad) memory.
|
|
|
|
|
|
2006-07-14 14:58:42 -04:00
|
|
|
|
Daniel (14 July 2006)
|
|
|
|
|
- David McCreedy fixed a flaw where the CRLF counter wasn't properly cleared
|
|
|
|
|
for FTP ASCII transfers.
|
|
|
|
|
|
2006-07-07 18:58:06 -04:00
|
|
|
|
Daniel (8 July 2006)
|
2006-07-08 14:52:08 -04:00
|
|
|
|
- Ates Goral pointed out that libcurl's cookie parser did case insensitive
|
|
|
|
|
string comparisons on the path which is incorrect and provided a patch that
|
|
|
|
|
fixes this. I edited test case 8 to include details that test for this.
|
|
|
|
|
|
2006-07-07 18:58:06 -04:00
|
|
|
|
- Ingmar Runge provided a source snippet that caused a crash. The reason for
|
|
|
|
|
the crash was that libcurl internally was a bit confused about who owned the
|
|
|
|
|
DNS cache at all times so if you created an easy handle that uses a shared
|
|
|
|
|
DNS cache and added that to a multi handle it would crash. Now we keep more
|
|
|
|
|
careful internal track of exactly what kind of DNS cache each easy handle
|
|
|
|
|
uses: None, Private (allocated for and used only by this single handle),
|
|
|
|
|
Shared (points to a cache held by a shared object), Global (points to the
|
|
|
|
|
global cache) or Multi (points to the cache within the multi handle that is
|
|
|
|
|
automatically shared between all easy handles that are added with private
|
|
|
|
|
caches).
|
|
|
|
|
|
2006-07-04 08:01:59 -04:00
|
|
|
|
Daniel (4 July 2006)
|
|
|
|
|
- Toshiyuki Maezawa fixed a problem where you couldn't override the
|
|
|
|
|
Proxy-Connection: header when using a proxy and not doing CONNECT.
|
2006-08-30 08:10:30 -04:00
|
|
|
|
|
2006-06-24 17:46:41 -04:00
|
|
|
|
Daniel (24 June 2006)
|
|
|
|
|
- Michael Wallner added curl_formget(), which allows an application to extract
|
|
|
|
|
(serialise) a previously built formpost (as with curl_formadd()).
|
|
|
|
|
|
2006-06-23 18:07:06 -04:00
|
|
|
|
Daniel (23 June 2006)
|
|
|
|
|
- Arve Knudsen found a flaw in curl_multi_fdset() for systems where
|
|
|
|
|
curl_socket_t is unsigned (like Windows) that could cause it to wrongly
|
|
|
|
|
return a max fd of -1.
|
|
|
|
|
|
2006-06-22 17:36:53 -04:00
|
|
|
|
Daniel (20 June 2006)
|
|
|
|
|
- Peter Silva introduced CURLOPT_MAX_SEND_SPEED_LARGE and
|
|
|
|
|
CURLOPT_MAX_RECV_SPEED_LARGE that limit tha maximum rate libcurl is allowed
|
|
|
|
|
to send or receive data. This kind of adds the the command line tool's
|
|
|
|
|
option --limit-rate to the library.
|
|
|
|
|
|
|
|
|
|
The rate limiting logic in the curl app is now removed and is instead
|
|
|
|
|
provided by libcurl itself. Transfer rate limiting will now also work for -d
|
|
|
|
|
and -F, which it didn't before.
|
|
|
|
|
|
2006-06-19 17:39:57 -04:00
|
|
|
|
Daniel (19 June 2006)
|
|
|
|
|
- Made -K on a file that couldn't be read cause a warning to be displayed.
|
|
|
|
|
|
|
|
|
|
Daniel (13 June 2006)
|
|
|
|
|
- Dan Fandrich implemented --enable-hidden-symbols configure option to enable
|
|
|
|
|
-fvisibility=hidden on gcc >= 4.0. This reduces the size of the libcurl
|
|
|
|
|
binary and speeds up dynamic linking by hiding all the internal symbols from
|
|
|
|
|
the symbol table.
|
|
|
|
|
|
2006-06-12 02:53:10 -04:00
|
|
|
|
Version 7.15.4 (12 June 2006)
|
|
|
|
|
|
2006-06-08 02:12:30 -04:00
|
|
|
|
Daniel (8 June 2006)
|
|
|
|
|
- Brian Dessent fixed the code for cygwin in three distinct ways:
|
|
|
|
|
|
|
|
|
|
The first modifies {lib,src}/setup.h to not include the winsock headers
|
|
|
|
|
under Cygwin. This fixes the reported build problem. Cygwin attempts as
|
|
|
|
|
much as possible to emulate a posix environment under Windows. This means
|
|
|
|
|
that WIN32 is *not* #defined and (to the extent possible) everything is done
|
|
|
|
|
as it would be on a *ix type system. Thus <sys/socket.h> is the proper
|
|
|
|
|
include, and even though winsock2.h is present, including it just introduces
|
|
|
|
|
a whole bunch of incompatible socket API stuff.
|
|
|
|
|
|
|
|
|
|
The second is a patch I've included in the Cygwin binary packages for a
|
|
|
|
|
while. It skips two unnecessary library checks (-lwinmm and -lgdi32). The
|
|
|
|
|
checks are innocuous and they do succeed, but they pollute LIBS with
|
|
|
|
|
unnecessary stuff which gets recorded as such in the libcurl.la file, which
|
|
|
|
|
brings them into the build of any libcurl-downstream. As far as I know
|
|
|
|
|
these libs are really only necessary for mingw, so alternatively they could
|
|
|
|
|
be designed to only run if $host matches *-*-mingw* but I took the safer
|
|
|
|
|
route of skipping them for *-*-cygwin*.
|
|
|
|
|
|
|
|
|
|
The third patch replaces all uses of the ancient and obsolete __CYGWIN32__
|
|
|
|
|
with __CYGWIN__. Ref: <http://cygwin.com/ml/cygwin/2003-09/msg01520.html>.
|
|
|
|
|
|
2006-06-07 10:14:04 -04:00
|
|
|
|
Daniel (7 June 2006)
|
|
|
|
|
- Mikael Sennerholm provided a patch that added NTLM2 session response support
|
|
|
|
|
to libcurl. The 21 NTLM test cases were again modified to comply...
|
|
|
|
|
|
2006-05-26 18:23:54 -04:00
|
|
|
|
Daniel (27 May 2006)
|
|
|
|
|
- <20>scar Morales Viv<69> updated the libcurl.framework.make file.
|
|
|
|
|
|
2006-05-25 19:04:20 -04:00
|
|
|
|
Daniel (26 May 2006)
|
|
|
|
|
- Olaf St<53>ben fixed a bug that caused Digest authentication with md5-sess to
|
|
|
|
|
fail. When using the md5-sess, the result was not Md5 encoded and Base64
|
|
|
|
|
transformed.
|
|
|
|
|
|
2006-05-24 18:46:38 -04:00
|
|
|
|
Daniel (25 May 2006)
|
|
|
|
|
- Michael Wallner provided a patch that allows "SESS" to be set with
|
|
|
|
|
CURLOPT_COOKIELIST, which then makes all session cookies get cleared.
|
|
|
|
|
|
2006-05-24 19:16:22 -04:00
|
|
|
|
Daniel (24 May 2006)
|
|
|
|
|
- Tor Arntsen made test 271 run fine again since the TFTP path fix.
|
|
|
|
|
|
|
|
|
|
Daniel (23 May 2006)
|
|
|
|
|
- Martin Michlmayr filed debian bug report #367954, but the same error also
|
|
|
|
|
showed up in the autobuilds. It seems a rather long-since introduced shell
|
|
|
|
|
script flaw in the configure script suddenly was detected by the bash
|
|
|
|
|
version in Debian Unstable. It had previously passed undetected by all
|
|
|
|
|
shells used so far...
|
|
|
|
|
|
|
|
|
|
- David McCreedy updated lib/config-tpf.h
|
|
|
|
|
|
2006-05-10 18:17:42 -04:00
|
|
|
|
Daniel (11 May 2006)
|
2006-05-24 19:16:22 -04:00
|
|
|
|
- Fixed the configure's check for old-style SSLeay headers since I fell over a
|
|
|
|
|
case with a duplicate file name (a krb4 implementation with an err.h
|
|
|
|
|
file). I converted the check to manually make sure three of the headers are
|
|
|
|
|
present before considering them fine.
|
|
|
|
|
|
2006-05-10 18:17:42 -04:00
|
|
|
|
- David McCreedy provided a fix for CURLINFO_LASTSOCKET that does extended
|
|
|
|
|
checks on the to-be-returned socket to make sure it truly seems to be alive
|
|
|
|
|
and well. For SSL connection it (only) uses OpenSSL functions.
|
|
|
|
|
|
2006-05-10 07:44:31 -04:00
|
|
|
|
Daniel (10 May 2006)
|
|
|
|
|
- Fixed DICT in two aspects:
|
|
|
|
|
|
|
|
|
|
1 - allow properly URL-escaped words, like using %20 for spaces
|
|
|
|
|
|
|
|
|
|
2 - properly escape certain letters within a word to comply to the RFC2229
|
|
|
|
|
|
2006-05-09 07:33:00 -04:00
|
|
|
|
Daniel (9 May 2006)
|
2006-05-09 08:56:35 -04:00
|
|
|
|
- Andreas Ntaflos reported a bug in libcurl.m4: When configuring my GNU
|
|
|
|
|
autotools project, which optionally (default=yes) uses libcurl on a system
|
|
|
|
|
without a (usable) libcurl installation, but not specifying
|
|
|
|
|
`--without-libcurl', configure determines correctly that no libcurl is
|
|
|
|
|
available, however, the LIBCURL variable gets expanded to `LIBCURL = -lcurl'
|
|
|
|
|
in the resulting Makefiles.
|
|
|
|
|
|
|
|
|
|
David Shaw fixed the flaw.
|
|
|
|
|
|
2006-05-09 08:43:49 -04:00
|
|
|
|
- Robson Braga Araujo fixed two problems in the recently added non-blocking SSL
|
|
|
|
|
connects. The state machine was not reset properly so that subsequent
|
|
|
|
|
connects using the same handle would fail, and there were two memory leaks.
|
|
|
|
|
|
2006-05-09 07:33:00 -04:00
|
|
|
|
- Robson Braga Araujo fixed a memory leak when you added an easy handle to a
|
|
|
|
|
multi stack and that easy handle had already been used to do one or more
|
|
|
|
|
easy interface transfers, as then the code threw away the previously used
|
|
|
|
|
DNS cache without properly freeing it.
|
|
|
|
|
|
2006-05-08 11:09:50 -04:00
|
|
|
|
Daniel (8 May 2006)
|
2006-05-09 08:43:49 -04:00
|
|
|
|
- Dan Fandrich went over the TFTP code and he pointed out and fixed numerous
|
|
|
|
|
problems:
|
|
|
|
|
|
|
|
|
|
* The received file is corrupted when a packet is lost and retransmitted
|
|
|
|
|
(this is a serious problem!)
|
|
|
|
|
|
|
|
|
|
* Transmitting a file aborts if a block is lost and retransmitted
|
|
|
|
|
|
|
|
|
|
* Data is stored in the wrong location in the buffer for uploads, so uploads
|
|
|
|
|
always fail (I don't see how it could have ever worked, but it did on x86
|
|
|
|
|
at least)
|
|
|
|
|
|
|
|
|
|
* A number of calls are made to strerror instead of Curl_strerror, making
|
|
|
|
|
the code not thread safe
|
|
|
|
|
|
|
|
|
|
* There are references to errno instead of Curl_sockerrno(), causing
|
|
|
|
|
incorrect error messages on Windows
|
|
|
|
|
|
|
|
|
|
* The file name includes a leading / which violates RFC3617. Doing something
|
|
|
|
|
similar to ftp, where two slashes after the host name means an absolute
|
|
|
|
|
reference seems a reasonable extension to fix this.
|
|
|
|
|
|
|
|
|
|
* Failures in EBCDIC conversion are not propagated up to the caller but are
|
|
|
|
|
silently ignored
|
|
|
|
|
|
2006-05-08 11:09:50 -04:00
|
|
|
|
- Fixed known bug #28. The TFTP code no longer assumes a packed struct and
|
|
|
|
|
thus works reliably on more platforms.
|
|
|
|
|
|
2006-05-04 18:39:47 -04:00
|
|
|
|
Daniel (5 May 2006)
|
|
|
|
|
- Roland Blom filed bug report #1481217
|
|
|
|
|
(http://curl.haxx.se/bug/view.cgi?id=1481217), with follow-ups by Michele
|
|
|
|
|
Bini and David Byron. libcurl previously wrongly used GetLastError() on
|
|
|
|
|
windows to get error details after socket-related function calls, when it
|
|
|
|
|
really should use WSAGetLastError() instead.
|
|
|
|
|
|
|
|
|
|
When changing to this, the former function Curl_ourerrno() is now instead
|
|
|
|
|
called Curl_sockerrno() as it is necessary to only use it to get errno from
|
|
|
|
|
socket-related functions as otherwise it won't work as intended on Windows.
|
|
|
|
|
|
2006-05-04 02:00:40 -04:00
|
|
|
|
Daniel (4 May 2006)
|
|
|
|
|
- Mark Eichin submitted bug report #1480821
|
|
|
|
|
(http://curl.haxx.se/bug/view.cgi?id=1480821) He found and identified a
|
|
|
|
|
problem with how libcurl dealt with GnuTLS and a case where gnutls returned
|
|
|
|
|
GNUTLS_E_AGAIN indicating it would block. It would then return an unexpected
|
|
|
|
|
return code, making Curl_ssl_send() confuse the upper layer - causing random
|
|
|
|
|
28 bytes trash data to get inserted in the transfered stream.
|
|
|
|
|
|
|
|
|
|
The proper fix was to make the Curl_gtls_send() function return the proper
|
|
|
|
|
return codes that the callers would expect. The Curl_ossl_send() function
|
|
|
|
|
already did this.
|
|
|
|
|
|
2006-05-02 18:48:22 -04:00
|
|
|
|
Daniel (2 May 2006)
|
2006-08-30 08:10:30 -04:00
|
|
|
|
- Added a --checkfor option to curl-config to allow users to easier
|
|
|
|
|
write for example shell scripts that test for the presence of a
|
|
|
|
|
new-enough libcurl version. If --checkfor is given a version string
|
|
|
|
|
newer than what is currently installed, curl-config will return a
|
|
|
|
|
non-zero exit code and output a string about the unfulfilled
|
2006-05-02 18:48:22 -04:00
|
|
|
|
requirement.
|
|
|
|
|
|
2006-04-26 03:40:37 -04:00
|
|
|
|
Daniel (26 April 2006)
|
|
|
|
|
- David McCreedy brought initial line end conversions when doing FTP ASCII
|
|
|
|
|
transfers. They are done on non-windows systems and translate CRLF to LF.
|
|
|
|
|
|
|
|
|
|
I modified the 15 LIST-using test cases accordingly. The downside is that now
|
|
|
|
|
we'll have even more trouble to get the tests to run on Windows since they
|
|
|
|
|
should get CRLF newlines left intact which the *nix versions don't. I figure
|
|
|
|
|
the only sane thing to do is to add some kind of [newline] macro for the test
|
|
|
|
|
case files and have them expanded to the proper native line ending when the
|
|
|
|
|
test cases are run. This is however left to implement.
|
|
|
|
|
|
2006-04-25 16:49:40 -04:00
|
|
|
|
Daniel (25 April 2006)
|
|
|
|
|
- Paul Querna fixed libcurl to better deal with deflate content encoding
|
|
|
|
|
when the stream (wrongly) lacks a proper zlib header. This seems to be the
|
|
|
|
|
case on too many actual server implementations.
|
|
|
|
|
|
2006-04-21 09:46:19 -04:00
|
|
|
|
Daniel (21 April 2006)
|
|
|
|
|
- Ale Vesely fixed CURLOPT_INTERFACE when using a hostname.
|
|
|
|
|
|
2006-04-18 19:14:30 -04:00
|
|
|
|
Daniel (19 April 2006)
|
2006-04-21 09:46:19 -04:00
|
|
|
|
- Based on previous info from Tor Arntsen, I made configure detect the Intel
|
|
|
|
|
ICC compiler to add a compiler option for it, in order for configure to
|
|
|
|
|
properly be able to detect function prototypes.
|
|
|
|
|
|
2006-04-18 19:14:30 -04:00
|
|
|
|
- Robson Braga Araujo provided a patch that makes libcurl less eager to close
|
|
|
|
|
the control connection when using FTP, for example when you remove an easy
|
|
|
|
|
handle from a multi stack.
|
|
|
|
|
|
|
|
|
|
- Applied a patch by Ates Goral and Katie Wang that corrected my bad fix
|
|
|
|
|
attempt from April 10.
|
|
|
|
|
|
2006-04-11 06:49:51 -04:00
|
|
|
|
Daniel (11 April 2006)
|
|
|
|
|
- #1468330 (http://curl.haxx.se/bug/view.cgi?id=1468330) pointed out a bad
|
|
|
|
|
typecast in the curl tool leading to a crash with (64bit?) VS2005 (at least)
|
|
|
|
|
since the struct timeval field tv_sec is an int while time_t is 64bit.
|
|
|
|
|
|
2006-04-10 17:57:45 -04:00
|
|
|
|
Daniel (10 April 2006)
|
|
|
|
|
- Ates Goral found out that if you specified both CURLOPT_CONNECTTIMEOUT and
|
|
|
|
|
CURLOPT_TIMEOUT, the _longer_ time would wrongly be used for the SSL
|
2006-04-18 19:14:30 -04:00
|
|
|
|
connection time-out!
|
2006-04-10 17:57:45 -04:00
|
|
|
|
|
|
|
|
|
- I merged my hiper patch (http://curl.haxx.se/libcurl/hiper/) into the main
|
|
|
|
|
sources. See the lib/README.multi_socket for implementation story with
|
|
|
|
|
details. Don't expect it to work fully yet. I don't intend to blow any
|
|
|
|
|
whistles or ring any bells about it until I'm more convinced it works at
|
|
|
|
|
least somewhat reliably.
|
|
|
|
|
|
|
|
|
|
Daniel (7 April 2006)
|
|
|
|
|
- David McCreedy's EBCDIC and TPF changes. Three new curl_easy_setopt()
|
|
|
|
|
options (callbacks) were added:
|
|
|
|
|
|
|
|
|
|
CONV_FROM_NETWORK_FUNCTION
|
|
|
|
|
CONV_TO_NETWORK_FUNCTION
|
2006-08-30 08:10:30 -04:00
|
|
|
|
CONV_FROM_UTF8_FUNCTION
|
2006-04-10 17:57:45 -04:00
|
|
|
|
|
2006-04-05 08:35:48 -04:00
|
|
|
|
Daniel (5 April 2006)
|
|
|
|
|
- Michele Bini modified the NTLM code to work for his "weird IIS case"
|
|
|
|
|
(http://curl.haxx.se/mail/lib-2006-02/0154.html) by adding the NTLM hash
|
|
|
|
|
function in addition to the LM one and making some other adjustments in the
|
|
|
|
|
order the different parts of the data block are sent in the Type-2 reply.
|
|
|
|
|
Inspiration for this work was taken from the Firefox NTLM implementation.
|
|
|
|
|
|
|
|
|
|
I edited the existing 21(!) NTLM test cases to run fine with these news. Due
|
|
|
|
|
to the fact that we now properly include the host name in the Type-2 message
|
|
|
|
|
the test cases now only compare parts of that chunk.
|
|
|
|
|
|
2006-03-28 03:03:25 -05:00
|
|
|
|
Daniel (28 March 2006)
|
|
|
|
|
- #1451929 (http://curl.haxx.se/bug/view.cgi?id=1451929) detailed a bug that
|
|
|
|
|
occurred when asking libcurl to follow HTTP redirects and the original URL
|
|
|
|
|
had more than one question mark (?). Added test case 276 to verify.
|
|
|
|
|
|
2006-03-27 16:59:40 -05:00
|
|
|
|
Daniel (27 March 2006)
|
|
|
|
|
- David Byron found a problem multiple -d options when libcurl was built with
|
|
|
|
|
--enable-debug, as then curl used free() on memory allocated both with
|
|
|
|
|
normal malloc() and with libcurl-provided functions, when the latter MUST be
|
|
|
|
|
freed with curl_free() in debug builds.
|
|
|
|
|
|
2006-03-26 03:52:43 -05:00
|
|
|
|
Daniel (26 March 2006)
|
|
|
|
|
- Tor Arntsen figured out that TFTP was broken on a lot of systems since we
|
|
|
|
|
called bind() with a too big argument in the 3rd parameter and at least
|
|
|
|
|
Tru64, AIX and IRIX seem to be very picky about it.
|
|
|
|
|
|
2006-03-21 08:34:41 -05:00
|
|
|
|
Daniel (21 March 2006)
|
2006-03-21 17:30:03 -05:00
|
|
|
|
- David McCreedy added CURLINFO_FTP_ENTRY_PATH.
|
|
|
|
|
|
2006-03-21 16:54:44 -05:00
|
|
|
|
- Xavier Bouchoux made the SSL connection non-blocking for the multi interface
|
|
|
|
|
(when using OpenSSL).
|
|
|
|
|
|
2006-03-21 08:34:41 -05:00
|
|
|
|
- Tor Arntsen fixed the AIX Toolbox RPM spec
|
|
|
|
|
|
2006-03-20 17:25:14 -05:00
|
|
|
|
Daniel (20 March 2006)
|
2006-03-20 17:51:08 -05:00
|
|
|
|
- David McCreedy fixed libcurl to no longer ignore AUTH failures and now it
|
|
|
|
|
reacts properly according to the CURLOPT_FTP_SSL setting.
|
|
|
|
|
|
2006-03-20 17:25:14 -05:00
|
|
|
|
- Dan Fandrich fixed two TFTP problems: Fixed a bug whereby a received file
|
|
|
|
|
whose length was a multiple of 512 bytes could have random garbage
|
|
|
|
|
appended. Also, stop processing TFTP packets which are too short to be
|
|
|
|
|
legal.
|
|
|
|
|
|
|
|
|
|
- Ilja van Sprundel reported a possible crash in the curl tool when using
|
|
|
|
|
"curl hostwithoutslash -d data -G"
|
|
|
|
|
|
2006-03-20 04:03:09 -05:00
|
|
|
|
Version 7.15.3 (20 March 2006)
|
|
|
|
|
|
2006-03-20 17:25:14 -05:00
|
|
|
|
Daniel (20 March 2006)
|
|
|
|
|
- VULNERABILITY reported to us by Ulf Harnhammar.
|
|
|
|
|
|
|
|
|
|
libcurl uses the given file part of a TFTP URL in a manner that allows a
|
|
|
|
|
malicious user to overflow a heap-based memory buffer due to the lack of
|
|
|
|
|
boundary check.
|
|
|
|
|
|
|
|
|
|
This overflow happens if you pass in a URL with a TFTP protocol prefix
|
|
|
|
|
("tftp://"), using a valid host and a path part that is longer than 512
|
|
|
|
|
bytes.
|
|
|
|
|
|
|
|
|
|
The affected flaw can be triggered by a redirect, if curl/libcurl is told to
|
|
|
|
|
follow redirects and an HTTP server points the client to a tftp URL with the
|
|
|
|
|
characteristics described above.
|
|
|
|
|
|
|
|
|
|
The Common Vulnerabilities and Exposures (CVE) project has assigned the name
|
|
|
|
|
CVE-2006-1061 to this issue.
|
|
|
|
|
|
2006-03-20 02:32:50 -05:00
|
|
|
|
Daniel (16 March 2006)
|
|
|
|
|
- Tor Arntsen provided a RPM spec file for AIX Toolbox, that now is included
|
|
|
|
|
in the release archive.
|
|
|
|
|
|
|
|
|
|
Daniel (14 March 2006)
|
|
|
|
|
- David McCreedy fixed:
|
|
|
|
|
|
|
|
|
|
a bad SSL error message when OpenSSL certificates are verified fine.
|
|
|
|
|
|
|
|
|
|
a missing return code assignment in the FTP code
|
|
|
|
|
|
2006-03-07 17:28:08 -05:00
|
|
|
|
Daniel (7 March 2006)
|
2006-03-07 18:11:41 -05:00
|
|
|
|
- Markus Koetter filed debian bug report #355715 which identified a problem
|
|
|
|
|
with the multi interface and multi-part formposts. The fix from February
|
|
|
|
|
22nd could make the Curl_done() function get called twice on the same
|
|
|
|
|
connection and it was not designed for that and thus tried to call free() on
|
|
|
|
|
an already freed memory area!
|
|
|
|
|
|
2006-03-07 17:28:08 -05:00
|
|
|
|
- Peter Heuchert made sure the CURLFTPSSL_CONTROL setting for CURLOPT_FTP_SSL
|
|
|
|
|
is used properly.
|
|
|
|
|
|
2006-03-06 17:35:51 -05:00
|
|
|
|
Daniel (6 March 2006)
|
|
|
|
|
- Lots of users on Windows have reported getting the "SSL: couldn't set
|
|
|
|
|
callback" error message so I've now made the setting of that callback not be
|
|
|
|
|
as critical as before. The function is only used for additional loggging/
|
|
|
|
|
trace anyway so a failure just means slightly less data. It should still be
|
|
|
|
|
able to proceed and connect fine to the server.
|
|
|
|
|
|
2006-03-04 17:39:31 -05:00
|
|
|
|
Daniel (4 March 2006)
|
|
|
|
|
- Thomas Klausner provided a patch written by Todd Vierling in bug report
|
|
|
|
|
#1442471 that fixes a build problem on Interix.
|
|
|
|
|
|
2006-03-02 06:37:05 -05:00
|
|
|
|
Daniel (2 March 2006)
|
2006-03-03 08:09:30 -05:00
|
|
|
|
- FTP upload without a file name part in the URL now causes
|
|
|
|
|
curl_easy_perform() to return CURLE_URL_MALFORMAT. Previously it allowed the
|
|
|
|
|
upload but named the file "(nil)" (without the quotes). Test case 524
|
|
|
|
|
verifies.
|
|
|
|
|
|
2006-03-02 06:37:05 -05:00
|
|
|
|
- Added a check for getprotobyname in configure so that it'll be used, thanks
|
|
|
|
|
to Gisle Vanem's change the other day.
|
|
|
|
|
|
2006-03-02 06:41:23 -05:00
|
|
|
|
Daniel (28 February 2006)
|
|
|
|
|
- Dan Fandrich prevented curl from getting stuck in an endless loop in case we
|
|
|
|
|
are out of file handles very early in curl's code where it makes sure that
|
|
|
|
|
0, 1 and 2 aren't gonna be used by the lib for transfers.
|
|
|
|
|
|
2006-03-03 08:09:30 -05:00
|
|
|
|
Daniel (27 February 2006)
|
|
|
|
|
- Marty Kuhrt pointed out that there were two VMS-specific files missing in
|
|
|
|
|
the release archive.
|
|
|
|
|
|
2006-02-27 11:09:24 -05:00
|
|
|
|
Version 7.15.2 (27 February 2006)
|
2006-02-27 11:05:16 -05:00
|
|
|
|
|
2006-02-23 07:20:48 -05:00
|
|
|
|
Daniel (22 February 2006)
|
|
|
|
|
- Lots of work and analysis by "xbx___" in bug #1431750
|
|
|
|
|
(http://curl.haxx.se/bug/view.cgi?id=1431750) helped me identify and fix two
|
|
|
|
|
different but related bugs:
|
|
|
|
|
|
|
|
|
|
1) Removing an easy handle from a multi handle before the transfer is done
|
|
|
|
|
could leave a connection in the connection cache for that handle that is
|
|
|
|
|
in a state that isn't suitable for re-use. A subsequent re-use could then
|
|
|
|
|
read from a NULL pointer and segfault.
|
|
|
|
|
|
|
|
|
|
2) When an easy handle was removed from the multi handle, there could be an
|
|
|
|
|
outstanding c-ares DNS name resolve request. When the response arrived,
|
|
|
|
|
it caused havoc since the connection struct it "belonged" to could've
|
|
|
|
|
been freed already.
|
|
|
|
|
|
|
|
|
|
Now Curl_done() is called when an easy handle is removed from a multi handle
|
|
|
|
|
pre-maturely (that is, before the transfer was complteted). Curl_done() also
|
|
|
|
|
makes sure to cancel all (if any) outstanding c-ares requests.
|
|
|
|
|
|
2006-02-21 02:46:41 -05:00
|
|
|
|
Daniel (21 February 2006)
|
|
|
|
|
- Peter Su added support for SOCKS4 proxies. Enable this by setting the proxy
|
|
|
|
|
type to the already provided type CURLPROXY_SOCKS4.
|
|
|
|
|
|
|
|
|
|
I added a --socks4 option that works like the current --socks5 option but
|
|
|
|
|
instead use the socks4 protocol.
|
|
|
|
|
|
2006-02-19 18:16:48 -05:00
|
|
|
|
Daniel (20 February 2006)
|
|
|
|
|
- Shmulik Regev fixed an issue with multi-pass authentication and compressed
|
|
|
|
|
content when libcurl didn't honor the internal ignorebody flag.
|
|
|
|
|
|
2006-02-18 17:27:01 -05:00
|
|
|
|
Daniel (18 February 2006)
|
|
|
|
|
- Ulf H<>rnhammar fixed a format string (printf style) problem in the Negotiate
|
|
|
|
|
code. It should however not be the cause of any troubles. He also fixed a
|
|
|
|
|
few similar problems in the HTTP test server code.
|
|
|
|
|
|
2006-02-16 18:42:32 -05:00
|
|
|
|
Daniel (17 February 2006)
|
|
|
|
|
- Shmulik Regev provided a fix for the DNS cache when using short life times,
|
|
|
|
|
as previously it could be holding on to old cached entries longer than
|
|
|
|
|
requested.
|
|
|
|
|
|
2006-02-11 07:56:52 -05:00
|
|
|
|
Daniel (11 February 2006)
|
2006-02-16 18:42:32 -05:00
|
|
|
|
- Karl Moerder added the CURLOPT_CONNECT_ONLY and CURLINFO_LASTSOCKET options
|
|
|
|
|
that an app can use to let libcurl only connect to a remote host and then
|
|
|
|
|
extract the socket from libcurl. libcurl will then not attempt to do any
|
|
|
|
|
transfer at all after the connect is done.
|
2006-02-11 17:35:16 -05:00
|
|
|
|
|
2006-02-11 07:56:52 -05:00
|
|
|
|
- Kent Boortz improved the configure check for GnuTLS to properly set LIBS
|
|
|
|
|
instead of LDFLAGS.
|
|
|
|
|
|
2006-02-07 18:09:04 -05:00
|
|
|
|
Daniel (8 February 2006)
|
|
|
|
|
- Philippe Vaucher provided a brilliant piece of test code that show a problem
|
|
|
|
|
with re-used FTP connections. If the second request on the same connection
|
|
|
|
|
was set not to fetch a "body", libcurl could get confused and consider it an
|
|
|
|
|
attempt to use a dead connection and would go acting mighty strange.
|
|
|
|
|
|
2006-02-01 18:28:22 -05:00
|
|
|
|
Daniel (2 February 2006)
|
|
|
|
|
- Make --limit-rate [num] mean bytes. It used to be that but it broke in my
|
|
|
|
|
change done in November 2005.
|
|
|
|
|
|
2006-01-30 03:20:52 -05:00
|
|
|
|
Daniel (30 January 2006)
|
2006-01-30 03:24:07 -05:00
|
|
|
|
- Added CURLOPT_LOCALPORT and CURLOPT_LOCALPORTRANGE to libcurl. Set with the
|
|
|
|
|
curl tool with --local-port. Plain and simply set the range of ports to bind
|
|
|
|
|
the local end of connections to. Implemented on to popular demand.
|
|
|
|
|
|
2006-01-30 03:20:52 -05:00
|
|
|
|
- Based on an error report by Philippe Vaucher, we no longer count a retried
|
|
|
|
|
connection setup as a follow-redirect. It turns out 1) this fails when a FTP
|
|
|
|
|
connection is re-setup and 2) it does make the max-redirs counter behave
|
2006-02-07 18:09:04 -05:00
|
|
|
|
wrong.
|
2006-01-30 03:20:52 -05:00
|
|
|
|
|
2006-01-24 09:40:43 -05:00
|
|
|
|
Daniel (24 January 2006)
|
|
|
|
|
- Michal Marek provided a patch for FTP that makes libcurl continue to try
|
|
|
|
|
PASV even after EPSV returned a positive response code, if libcurl failed to
|
|
|
|
|
connect to the port number the EPSV response said. Obviously some people are
|
|
|
|
|
going through protocol-sensitive firewalls (or similar) that don't
|
|
|
|
|
understand EPSV and then they don't allow the second connection unless PASV
|
|
|
|
|
was used. This also called for a minor fix of test case 238.
|
|
|
|
|
|
2006-01-19 18:52:03 -05:00
|
|
|
|
Daniel (20 January 2006)
|
|
|
|
|
- Duane Cathey was one of our friends who reported that curl -P [IP]
|
|
|
|
|
(CURLOPT_FTPPORT) didn't work for ipv6-enabed curls if the IP wasn't a
|
|
|
|
|
"native" IP while it works fine for ipv6-disabled builds!
|
|
|
|
|
|
|
|
|
|
In the process of fixing this, I removed the support for LPRT since I can't
|
|
|
|
|
think of many reasons to keep doing it and asking on the mailing list didn't
|
|
|
|
|
reveal anyone else that could either. The code that sends EPRT and PORT is
|
|
|
|
|
now also a lot simpler than before (IMHO).
|
|
|
|
|
|
2006-01-19 17:02:46 -05:00
|
|
|
|
Daniel (19 January 2006)
|
2006-01-19 18:52:03 -05:00
|
|
|
|
- Jon Turner pointed out that doing -P [hostname] (CURLOPT_FTPPORT) with curl
|
|
|
|
|
(built ipv4-only) didn't work.
|
2006-01-19 17:02:46 -05:00
|
|
|
|
|
2006-01-18 05:00:36 -05:00
|
|
|
|
Daniel (18 January 2006)
|
|
|
|
|
- As reported in bug #1408742 (http://curl.haxx.se/bug/view.cgi?id=1408742),
|
|
|
|
|
the configure script complained about a missing "missing" script if you ran
|
|
|
|
|
configure within a path whose name included one or more spaces. This is due
|
|
|
|
|
to a flaw in automake (1.9.6 and earlier). I've now worked around it by
|
|
|
|
|
including an "overloaded" version of the AM_MISSING_HAS_RUN script that'll
|
|
|
|
|
be used instead of the one automake ships with. This kludge needs to be
|
|
|
|
|
removed once we get an automake version with this problem corrected.
|
|
|
|
|
Possibly we'll then need to convert this into a kludge depending on what
|
|
|
|
|
automake version that is used and that is gonna be painful and I don't even
|
|
|
|
|
want to think about that now...!
|
|
|
|
|
|
2006-01-18 07:17:20 -05:00
|
|
|
|
Daniel (17 January 2006)
|
|
|
|
|
- David Shaw: Here is the latest libcurl.m4 autoconf tests. It is updated with
|
|
|
|
|
the latest features and protocols that libcurl supports and has a minor fix
|
|
|
|
|
to better deal with the obscure case where someone has more than one libcurl
|
|
|
|
|
installed at the same time.
|
|
|
|
|
|
2006-01-15 18:55:53 -05:00
|
|
|
|
Daniel (16 January 2006)
|
2006-01-16 17:14:37 -05:00
|
|
|
|
- David Shaw finally removed all traces of Gopher and we are now officially
|
|
|
|
|
not supporting it. It hasn't been functioning for years anyway, so this is
|
|
|
|
|
just finally stating what already was true. And a cleanup at the same time.
|
|
|
|
|
|
2006-01-15 18:55:53 -05:00
|
|
|
|
- Bryan Henderson turned the 'initialized' variable for curl_global_init()
|
|
|
|
|
into a counter, and thus you can now do multiple curl_global_init() and you
|
|
|
|
|
are then supposed to do the same amount of calls to curl_global_cleanup().
|
|
|
|
|
Bryan has also updated the docs accordingly.
|
|
|
|
|
|
2006-01-13 07:16:16 -05:00
|
|
|
|
Daniel (13 January 2006)
|
|
|
|
|
- Andrew Benham fixed a race condition in the test suite that could cause the
|
|
|
|
|
test script to kill all processes in the current process group!
|
|
|
|
|
|
2006-01-12 07:40:04 -05:00
|
|
|
|
Daniel (12 January 2006)
|
2006-01-12 17:18:38 -05:00
|
|
|
|
- Michael Jahn:
|
|
|
|
|
|
|
|
|
|
Fixed FTP_SKIP_PASV_IP and FTP_USE_EPSV to "do right" when used on FTP thru
|
|
|
|
|
HTTP proxy.
|
|
|
|
|
|
|
|
|
|
Fixed PROXYTUNNEL to work fine when you do ftp through a proxy. It would
|
|
|
|
|
previously overwrite internal memory and cause unpredicted behaviour!
|
2006-01-12 07:40:04 -05:00
|
|
|
|
|
2006-01-10 18:08:38 -05:00
|
|
|
|
Daniel (11 January 2006)
|
|
|
|
|
- I decided to document the "secret option" here now, as I've received *NO*
|
|
|
|
|
feedback at all on my mailing list requests from November 2005:
|
2005-04-23 18:08:15 -04:00
|
|
|
|
|
2006-01-10 18:08:38 -05:00
|
|
|
|
I'm looking for feedback and comments. I added some experimental code the
|
|
|
|
|
other day, that allows a libcurl user to select what method libcurl should
|
|
|
|
|
use to reach a file on a FTP(S) server.
|
|
|
|
|
|
|
|
|
|
This functionality is available in CVS code and in recent daily snapshots.
|
|
|
|
|
|
|
|
|
|
Let me explain...
|
|
|
|
|
|
|
|
|
|
The current name for the option is CURLOPT_FTP_FILEMETHOD (--ftp-method for
|
|
|
|
|
the command line tool) and you set it to a long (there are currenly no
|
|
|
|
|
defines for the argument values, just plain numericals). You can set three
|
|
|
|
|
different "methods" that do this:
|
|
|
|
|
|
|
|
|
|
1 multicwd - like today, curl will do a single CWD operation for each path
|
|
|
|
|
part in the given URL. For deep hierarchies this means very many
|
|
|
|
|
commands. This is how RFC1738 says it should be done. This is the
|
|
|
|
|
default.
|
|
|
|
|
|
|
|
|
|
2 nocwd - no CWD at all is done, curl will do SIZE, RETR, STOR etc and give
|
|
|
|
|
a full path to the server.
|
|
|
|
|
|
|
|
|
|
3 singlecwd - make one CWD with the full target directory and then operate
|
|
|
|
|
on the file "normally".
|
|
|
|
|
|
|
|
|
|
(With the command line tool you do --ftp-method [METHOD], where [METHOD] is
|
|
|
|
|
one of "multicwd", "nocwd" or "singlecwd".)
|
|
|
|
|
|
|
|
|
|
What feedback I'm interested in:
|
|
|
|
|
|
|
|
|
|
1 - Do they work at all? Do you find servers where one of these don't work?
|
|
|
|
|
|
|
|
|
|
2 - What would proper names for the option and its arguments be, if we
|
|
|
|
|
consider this feature good enough to get included and documented in
|
|
|
|
|
upcoming releases?
|
|
|
|
|
|
|
|
|
|
3 - Should we make libcurl able to "walk through" these options in case of
|
|
|
|
|
(path related) failures, or should it fail and let the user redo any
|
|
|
|
|
possible retries?
|
|
|
|
|
|
|
|
|
|
(This option is not documented in any man page just yet since I'm not sure
|
|
|
|
|
these names will be used or if the functionality will end up exactly like
|
|
|
|
|
this. And for the same reasons we have no test cases for these yet.)
|
2005-10-04 14:15:33 -04:00
|
|
|
|
|
2006-01-10 18:03:22 -05:00
|
|
|
|
Daniel (10 January 2006)
|
|
|
|
|
- When using a bad path over FTP, as in when libcurl couldn't CWD into all
|
|
|
|
|
given subdirs, libcurl would still "remember" the full path as if it is the
|
|
|
|
|
current directory libcurl is in so that the next curl_easy_perform() would
|
|
|
|
|
get really confused if it tried the same path again - as it would not issue
|
|
|
|
|
any CWD commands at all, assuming it is already in the "proper" dir.
|
|
|
|
|
|
|
|
|
|
Starting now, a failed CWD command sets a flag that prevents the path to be
|
|
|
|
|
"remembered" after returning.
|
|
|
|
|
|
2006-01-07 17:24:16 -05:00
|
|
|
|
Daniel (7 January 2006)
|
2006-01-10 18:03:22 -05:00
|
|
|
|
- Michael Jahn fixed so that the second CONNECT when doing FTP over a HTTP
|
|
|
|
|
proxy actually used a new connection and not sent the second request on the
|
|
|
|
|
first socket!
|
2006-01-07 17:24:16 -05:00
|
|
|
|
|
2006-01-06 17:59:34 -05:00
|
|
|
|
Daniel (6 January 2006)
|
|
|
|
|
- Alexander Lazic made the buildconf run the buildconf in the ares dir if that
|
|
|
|
|
is present instead of trying to mimic that script in curl's buildconf
|
|
|
|
|
script.
|
|
|
|
|
|
2006-01-04 05:07:36 -05:00
|
|
|
|
Daniel (3 January 2006)
|
|
|
|
|
- Andres Garcia made the TFTP test server build with mingw.
|